According to Conflux, the security team has successfully completed a Create2 OpCode vulnerability with a Version 2.5 network upgrade.
On March 24, 2025, the Conflux (CFX) network announced that a security vulnerability detected with the help of the ecosystem team Grafun had been successfully patched. Grafun reportedly identified a critical vulnerability in Create2 Opcode related to Ethereum (ETH) virtual machines in February this year.
Introducing in 2019 via Ethereum’s Constantinople Upgrade, Create2 Opcode is an advanced feature of Ethereum and Ethereum Virtual Machine compatible networks. It plays an important role in smart contracts, especially flexibility, especially in deployment predictability and flexibility. The Conflux team explained this in detail:
“In standard Ethereum Virtual Machines, if the target address already has a contract that has been deployed, create2 Opcode will fail to deploy the contract and return a null address. However, with previous implementations of Conflux, Create2 was able to relocate the contract with the existing contract, allowing the contract state to be reset to the initial deployment state.”
You might like it too: Ethereum devs finds hot fixes for Sepolia’s Petra upgrade bug
According to Conflux, the security issue was resolved following the version 2.5 upgrade of Conflux, which was shipped on March 17, 2025. The Layer-1 platform states that “relocation of contracts affecting GNOSIS SAFE is permitted.”
The Conflux Network Security team has assured users and ecosystem partners that the version 2.5 upgrade is fully addressing the defect.
Conflux disclosed its network upgrade plans on March 4, 2025, and was asked by the node operator to update accordingly. The platform tentatively scheduled a mid-March hard fork, which took place at Epoch 118580000.
Grafun received a total of 60,000 Conflux tokens for roles in security upgrades, including a base bounty of 50,000 tokens to identify Create2 OpCode bugs. The platform also received 10,000 tokens to provide timely reports that will help prevent potential exploits and losses.
In its announcement, Conflux said that all user funds are safe and that the network is improving EVM compatibility.
You might like it too: Vichin shuts down by Israeli regulators and hits with a $460,000 fine
Discover more from Earlybirds Invest
Subscribe to get the latest posts sent to your email.
