OP Labs has released an update to op-batcher to mitigate a spam vector on the sequencer which could make it more expensive to transact on OP Stack chains. Sequencers are strongly recommended to update promptly.
We received an initial report of the issue from @emilianobonassi in October 2024, and worked with @conduitxyz and @base on an initial fix. In May, a research team led by Stefanos Chaliasos reported this and some related vectors, for which we assigned a Medium severity rating and issued a $20k bounty reward.
The report identified a way in which a user could take advantage of Sequencer transaction inclusion policies and throttling mechanisms. An attacker could spend considerable resources in order to raise transaction inclusion fees higher than expected levels.
The latest op-batcher release reduces the impact by introducing better and smoother throttling controllers, and mitigates other worst-case spam scenarios. The planned Jovian upgrade will introduce a per-block data-availability footprint limit and a minimum base fee to provide additional mitigation at the protocol level.
We'd like to extend our thanks to Stefanos Chaliasos and team for their well-researched reporting, and for actively collaborating with us alongside @conduitxyz, @base, @world_chain_, and @unichain during the process. Additional thanks to the Conduit team for finding the initial version of this issue last which led to last year's initial fix, as well as for coordinating early efforts and research during the report from Stefanos et al. this year.
Lastly, thanks to the @base team for contributing numerous batcher improvements, including the improved throttling controllers included in this release, as well as extensive design and implementation effort for the upcoming protocol-level improvements planned for Jovian.
5.87K
38
The content on this page is provided by third parties. Unless otherwise stated, OKX is not the author of the cited article(s) and does not claim any copyright in the materials. The content is provided for informational purposes only and does not represent the views of OKX. It is not intended to be an endorsement of any kind and should not be considered investment advice or a solicitation to buy or sell digital assets. To the extent generative AI is utilized to provide summaries or other information, such AI generated content may be inaccurate or inconsistent. Please read the linked article for more details and information. OKX is not responsible for content hosted on third party sites. Digital asset holdings, including stablecoins and NFTs, involve a high degree of risk and can fluctuate greatly. You should carefully consider whether trading or holding digital assets is suitable for you in light of your financial condition.