Offchain Labs publicly discloses two serious vulnerabilities in OP Stack fraud proofs

According to BlockBeats, on April 26, according to official news, Arbitrum R&D team Offchain Labs announced that on March 22, the team disclosed to the OP Labs team two serious security vulnerabilities found on the Optimism testnet. These vulnerabilities exist in the Optimism fraud proof system deployed by OP Labs. Offchain Labs provided the OP Labs team with demonstration exploit code for attack. On March 25, OP Labs confirmed the validity of the two issues. The two parties coordinated the time of vulnerability disclosure. OP Labs asked Offchain Labs not to disclose these vulnerabilities publicly until the vulnerabilities are resolved. Late yesterday (April 25), the Optimism testnet was updated, and today Offchain Labs disclosed these vulnerabilities for the first time. These vulnerabilities allow malicious parties to force the OP Stack fraud proof mechanism to accept fraudulent chain history, or prevent the OP Stack fraud proof mechanism from accepting the correct chain history. These problems stem from defects in the OP fraud proof design in handling timers.