Conflux: CREATE2 Opcode bug fixed with v2.5 security upgrade
Conflux says its security team has successfully patched the CREATE2 Opcode vulnerability with version 2.5 network upgrade.
The Conflux ( CFX ) Network announced on March 24, 2025 that a security vulnerability detected with the help of ecosystem team GraFun, has been successfully patched. GraFun reportedly identified the critical vulnerability in the CREATE2 opcode, related to the Ethereum ( ETH ) Virtual Machine, in February this year.
CREATE2 opcode, introduced in 2019 via Ethereum’s Constantinople upgrade , is an advanced feature for Ethereum and Ethereum Virtual Machine-compatible networks. It plays a key role in smart contracts, particularly in deployment predictability and flexibility. The Conflux team elaborated on this:
“In the standard Ethereum Virtual Machine, the CREATE2 opcode fails to deploy a contract if the target address already has a deployed contract, returning a null address. However, the previous implementation of Conflux allowed CREATE2 to redeploy contracts at an address with an existing contract, resetting the contract state to its initial deployment state.”
According to Conflux, the security issue is now resolved following Conflux’s version 2.5 upgrade that shipped on March 17, 2025. The flaw, the layer-1 platform noted, “allowed contract redeployment on existing addresses, impacting Gnosis Safe.”
The Conflux Network security team has assured users and ecosystem partners that the version 2.5 upgrade has fully addressed the flaw.
Conflux disclosed plans for the network upgrade on March 4, 2025, with node operators asked to update accordingly. The platform tentatively scheduled the hard fork for mid-March, with this happening at epoch 118580000.
GraFun received a total of 60,000 Conflux tokens for its role in the security upgrade, including a base bounty of 50,000 tokens for identifying the CREATE2 opcode bug. The platform also received 10,000 tokens for offering a timely report that helped prevent potential exploits and losses.
In its announcement, Conflux said all user funds are safe and that the network has EVM compatibility enhanced.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Bitget Trading Club Championship (Phase 2) – Grab a share of 50,000 BGB, up to 500 BGB per user!
Bitget Trading Club Championship (Phase 2) – Grab a share of 50,000 BGB, up to 500 BGB per user!
Subscribe to UNITE Savings and enjoy up to 15% APR
Subscribe to UNITE Savings and enjoy up to 15% APR
Trending news
MoreCrypto prices
More
