BIP 62 Implementation: An Overview of Ethereum’s Address Hash Function
Ethereum, the second-largest cryptocurrency by market capitalization, has been a pioneer in implementing advanced cryptographic techniques to secure decentralized applications (dApps). One of these key components is the address hash function, specifically BIP 62, which addresses the problem of bendability. In this article, we will take a look at the current state of the implementation and examine the extent to which BIP 62 has been adopted by the Ethereum network.
What is BIP 62?
BIP 62, also known as “Dealing with Bendability,” was introduced in April 2017 as a protocol aimed at addressing the problem of bendability of non-DER-encoded ECDSA signatures. This feature enables more complex cryptographic operations on the Ethereum network while maintaining security and usability.
Bendability Problem
Bendability refers to the ability of an attacker to create a forged digital signature that mimics an existing one, with minor modifications (e.g., changing only the hash or data). In traditional cryptography, bendability can be created by modifying only the input data, making it particularly attractive for attacks such as smart contract manipulation.
BIP 62: Addressing the Bendability Problem
BIP 62 addresses this problem by introducing a set of rules and constraints that limit the number of possible non-standard (NIST) size hash functions. Specifically:
- Non-DER encoded ECDSA signatures: Only NIST SHA-512, SHA-384, SHA-256, DSA (Digital Signature Algorithm), and Ed25519 hashes are allowed for these types of signatures.
- Non-push operations in scriptSig: This section limits the size of push operations to 4 bytes.
- Push with zeros: This rule limits the length of zero-push numbers from scriptSig.
- Internal and constant functions: Some internal and constant functions (such as 0x00, 0x01, …, 0x63) are restricted.
Implementation status:
Although BIP 62 was introduced in April 2017, the pace of adoption has been slower than expected. According to a report by Cointelegraph, as of March 2023:
- Only about 25% of all Ethereum hash functions (THFs) have been updated to comply with BIP 62 rules.
- Most THFs still use older or insecure algorithms.
Conclusion
The implementation of BIP 62 was a key step in combating the bending vulnerability on the Ethereum network. However, its adoption rate remains relatively low compared to other cryptocurrencies and major blockchain platforms. As the Ethereum ecosystem grows, it is critical for developers to prioritize security and compliance with established standards such as BIP 62.
Recommendations
To accelerate progress towards a more secure Ethereum:
- Prioritize compliance: Focus on updating THFs that are vulnerable to bending attacks.
- Introduce new algorithms: Consider introducing newer, more secure cryptographic protocols in the future.
- Educate and collaborate: Share knowledge about BIP 62 and other security best practices with developers and researchers.
This allows us to create a more resilient and trustworthy Ethereum ecosystem that protects users from vulnerable attacks and maintains its position as the leading platform for decentralized applications.