|
|
|
|
|
|
by naasking
3651 days ago
|
|
|
> To be fair, ethereum has bytecode at its base- almost certainly someone will wrote a more declarative language on top of it now to help minimize the chance that unexpected calling trees can lead to unexpected behavior. The mismatch between executable code and high-level language is a known attack vector called the "full abstraction" problem. This has already been used to subvert the CLR and the JVM. If your bytecode is not inherently secure, and you permit executing arbitrary bytecode, then any language running on top that builds more sophisticated invariants that aren't enforceable via the bytecode are very likely vulnerable. |
|
|