Ethereum was meant to get a major revamp this week. The software upgrade, which was scheduled to begin on January 16 and take a few days to complete, was supposed to introduce five new features designed to improve the blockchain network's performance and set the stage for additional future upgrades. But after third-party researchers realized one of the changes would make the network more vulnerable to hackers, the so-called "hard fork" had to be postponed at the last minute.
The decision to postpone by Ethereum's developers was not merely an inconvenience for those who want it to evolve and eventually become a blockchain-based alternative to the web. It once again highlighted how Ethereum may need to sacrifice some of its beloved "decentralization" if it is ever to achieve its ambitious mission.
Postponed again: Four of the features of the upgrade, called Constantinople, were supposed to improve the speed, efficiency, and cost of transacting on the network. The fifth, which until this week had been the most controversial, would have changed the network's economics by shrinking the cryptocurrency reward that the network's "miners" receive in return for using their computing power to secure the blockchain. This move is designed to prepare miners from a planned move away from the current method of securing the chain, which rewards computing power above all.
Constantinople has been postponed once before. It was originally slated for last November, but developers discovered a bug while testing it in October and decided to delay the upgrade until January. Things were going smoothly this time until Tuesday night, when ChainSecurity, a startup that audits smart contracts, came across another potential problem.
Unintended consequences: The ChainSecurity team discovered a dangerous unintended consequence of one of Constantinople's changes: certain smart contracts, small computer programs that are stored in Ethereum's blockchain and designed to automatically move cryptocurrency around, would now be vulnerable to a type of malicious attack called "re-entrancy." Attackers could have exploited the bugs to trigger the contracts to do things they aren't supposed to do, like send them money so they could run off with it, according to ChainSecurity cofounder Petar Tsankov. Shortly after ChainSecurity flagged this for Ethereum's developers, they decided to postpone Constantinople out of "an abundance of caution."
Though most of the community appeared to be on board with Constantinople, many miners harbored misgivings about their rewards being cut. The risk is that the change will drive many miners to quit because they will be unable to profit, and mining power will become more concentrated, says Peter Pratscher, CEO of Bitfly, a Vienna-based startup that runs Ethermine, the network's largest mining pool (Ehtermine's roughly 75,000 miners represent around a quarter of Ethereum's total mining capacity.)
It's...complicated. There are other, wider issues, beyond bugs and smaller mining rewards. With well-funded competitors like EOS emerging, many in the community feel that the Ethereum needs to develop efficient decision-making processes, particularly for highly technical decisions, without sacrificing decentralization.
In practice, though, the notions of decentralization and centralization aren't so black and white. A truly decentralized network has no single point of failure, but the phenomenon is tough to quantify, and the term tends to mean different things to different people depending on the context. Ultimately, Ethereum's goal is to build a censorship-proof version of the web that billions of people will adopt. Technical decisions are bound to get complicated as the system gets more complex, and the risk of unintended consequences will only be heightened. To pull it off, Ethereum may need to become more like a traditional organization. Perhaps a bit of centralization is unavoidable. (also see "Ethereum thinks it can change the world. It's running out of time to prove it.")
As for Constantinople, it's on hold indefinitely for now, but we are likely to learn more about the next steps after the core developers meet again on January 18.
Technology, delivered.
Discover more cutting-edge tech by signing up for our other newsletters today.
Loose Change
Fill your pockets with these newsy tidbits.
- A company called Valor is apparently attempting a "hostile takeover" of XRP, Ripple's cryptocurrency. (Axios)
- US cryptocurrency payment processor BitPay says it handled more than $1 billion worth of payments in 2018, for the second consecutive year. (CoinDesk)
- Developers in the Marshall Islands are still planning to launch a controversial national cryptocurrency this year, despite the international controversy it has sparked. (ETHNews)
- A new privacy-focused cryptocurrency called Grin has launched, and it's been estimated that $100 million has already been invested in resources for mining it. (CoinDesk)
