Vitalik Buterin responds to security concerns over new Pectra upgrade

The co-founder of Ethereum, Vitalik Buterin, reminds users to rely on contracts that have been examined by teams of trusted portfolio in the middle of security problems concerning the last upgrade.

In a recent job shared on the decentralized Warpcast social media platform, Buterin responded to Ethereum (Ethn) Community concerns concerning the last upgradeEIP-7702. A user shared an instruction of X user @nftchance, which underlined the “non-viability” of the EIP-7702.

The user stressed that the portfolio blocks websites that are not suspect. However, it always allows delegations of potentially fraudulent contracts to pass, which could make users vulnerable to potential security Violations like phishing and other cyber hacks.

“In the meantime, they will allow an arbitrary delegation which can lead to a full loss of portfolio in a signature,” said the user on X.

By seeing this criticism, Vitalik Buterin gave advice on how to mitigate the risks associated with the new upgrade. He said the right way to use the EIP 7702 upgrade was to delegate audited contracts only to prevent security exploits.

“The right way to use [EIP] 7702 consists in delegating exactly a contract which is well examined by the portfolio team and the Ethereum community, and that this contract implements the remaining logic in a safe way, “said Buterin in his recent Warpcast article.

The EIP-7702 introduces a new type of transaction functionality, which allows accounts or EOAs owned externally to work temporarily as intelligent contract accounts during a single transaction. With the new feature, users can perform more advanced transactions such as gas sponsorships, lots transactions and the execution of personalized logic without having to convert EOA to intelligent contract accounts.

Once the transaction has been treated, the EOA returns to its original state, allowing complex operations without definitively modifying the structure of the account.

Although the new upgrade aims to simplify the abstraction of accounts and create more flexibility for users, many indicated how it also introduces potential security risks. For example, the attackers could exploit it by creating contracts that seem safe in normal conditions, but could hide security gaps activated in specific circumstances.

In the end, users tire of which they could be victims phishing Attack under the new upgrade if the system is deceived to delegate control to fraudulent contracts.

The Ethereum 7702 improvement proposal is one of the widest Pectra Upgrade, which was initially to be officially launched on the Mainnet Ethereum on May 7. However, according to the results From the last meeting of the developers of the Ethereum Execution Core layer, the upgrade of the Pectra client should be launched on April 21. The upgrade would add EIP-7702 for the delegated state in JSON-RPC.

Vitalik Buterin co-written EIP-7702 with Ansgar Dietrich, Matt Garnett and Sam Wilson to offer better synergy with intelligent contract capacities.