Jay Freeman — the core developer of iOS Jailbreak and Cydia tools and founder of decentralized virtual private network solution Orchid (CRYPTO: OXT) — discovered a bug in the Ethereum (CRYPTO: ETH) scalability solution Optimism that would enable attackers to create infinite Ether.
What Happened: Freeman pointed out the vulnerability in a Thursday Twitter thread in which he also disclosed that he won a $2,000,042 bounty for its discovery.
In his post, he detailed the "Unbridled Optimism" attack that would have allowed any attacker to mint an arbitrary number of coins on any blockchain that supports the Optimism Virtual Machine.
See Also: WHAT IS LAYER 2 ON ETHEREUM?
Freeman's explanation of a hypothetical exploit notes the attacker would have to trigger the "selfdestruct" function of Optimism system's smart contract on the Ethereum main network multiple times to increase their token holdings without limitations. Optimism-based forks such as Boba and Metis were vulnerable to similar exploits.
A statement released by Optimism on Thursday confirmed the vulnerability was real, the aforementioned bug bounty was paid and the vulnerability has never been exploited. Optimism itself and forks that were vulnerable to the exploit all have fixed the bug, according to the announcement.
