White Hat Hacker reveals important flaws in all ways and co -founders defend protocol security.

By ~
Alisa Davidson

Post: April 30, 2025 11:10 AM Update: April 30, 2025 10:50 am

By ~ cave

Edit and fact confirmation: April 30, 2025 11:10 am

Sometimes use automatic conversion plugins to improve local language experience. Automatic conversion may not be accurate, so read the original article for the exact information.

White HAT HACKEL SHABARKIN has publicly disclosed an important vulnerability of Ethereum Layer 2 network scroll through social media platform X. He argued that the problem could stop the blockchain and affect the total value lock (TVL) more than $ 100 million. Nevertheless, scrolls are known to have not solved the problem effectively.

According to PAVEL SHABARKIN, “Anyone can scroll the L2 into an indefinite Reorg, stop the chain, so that the user transaction may not be included in the block and the chain may not move forward. All funds in L2 will be frozen.”

The hacker also expressed frustration with the scroll response to this problem, and the project could not dismiss his report and participated in meaningful communication and chose silence instead. He also pointed out that IMMUNEFI, a platform for handling vulnerability reports, did not classify this problem even after requesting a reevaluation. As a result, PAVEL SHABARKIN decided to disclose his findings to raise awareness of Scroll’s lack of security expertise.

The problem reported by PAVEL SHABARKIN is that the scroll network is at risk, and the chain may be stopped free of charge to the attacker. During the attack period, the attacker can maintain the interruption without cost, so the withdrawal will potentially block it. In block production, this confusion will interfere with the necessary time, such as adding funds to avoid liquidation or updating the Oracle price, or to put user funds at a significant risk. In addition, the sequencer stops collecting transaction fees because the layer 2 user transaction cannot be included in the block. This vulnerability is especially because anyone with Internet access can cause attacks, which can be an easy -to -access threat.

In response, Scroll’s co -founder, YE Zhang, explained that the hacker’s claim is from the fundamental misunderstanding of how the protocol works. Specifically, the hacker overlooked the light CCC inspection of the sequencer before the Euclidean upgrade.

“POC is not maintained. The log doesn’t seem to show Reorgs. Light CCC already tracks Precompile Invocations and crosses these transactions without triggering Reorg.”

YE Zhang also stressed that Scroll has guaranteed protocol security, has invested more than a million dollars, and values ​​the contribution of Whitehat hackers.

Scrolls are Ether Rim Layer 2 Scaling Solutions, which uses ZK (Zero-Knowledge) rollup to improve transaction throughput, lower gas fees and preserve the security and distribution of Etherrium. By integrating the Zero-Knowedge Ethereum Virtual Machine (Zevm), the scroll ensures the entire compatibility with the existing infrastructure of Ethereum so that the developer can deploy a distributed application (DApp) without the need to modify the code.

About the author

Alisa, a dedicated reporter for MPOST, specializes in the vast areas of Cryptocurrency, Zero-ehnowedge Proofs, Investments and Web3. She provides a comprehensive coverage that captures a new trend and a keen eye on technology, providing and involving readers in a digital financial environment that constantly evolves.

More

Alisa Davidson

• 
  
  
  

Alisa, a dedicated reporter for MPOST, specializes in the vast areas of Cryptocurrency, Zero-ehnowedge Proofs, Investments and Web3. She provides a comprehensive coverage that captures a new trend and a keen eye on technology, providing and involving readers in a digital financial environment that constantly evolves.

• 
  
  
  

More