X

Parity Hack

Tuesday greeted those invested in cryptocurrency with news that nearly $300 million dollars worth of ether, the unit of exchange on the Ethereum (ETH), had been permanently locked into dozens of digital wallets by a single user. The user, reported to be a young teenager by many sources, had allegedly done this “by accident”, and was not aware of the long term effects of what he had done really amounted to. The amount of currency lost in the economy as a result of the accident poses a bigger question: Will the currency continue with a third of its value lost, or will Ethereum essentially reset and default with a “hard fork”, a splitting of one currency into two smaller parts.

 

“Multisignature” wallets—special digital wallets which require multiple users to sign off before any type of funds are moved or transactions made—are popular among many companies for this feature, and is ultimately what became the root cause of this issue. Many of these wallets are created by Parity, a blockchain infrastructure deeply involved with primarily Ethereum. Earlier in July of this year, Parity experienced a bug in their multisignature wallets—allowing a hacker to steal nearly $32M in funds far before the ETH community was able to fight back for the funds, leaving the wallets open and vulnerable.

 

From a blog post released directly by Parity on Tuesday, the code that fixed the July bug contained yet another vulnerability. This time, the defect allowed a user known by “devops199” on GitHub to allegedly “accidentally” trigger a function that turned the contract monitoring a multitude of Parity’s multisignature wallets into a regular wallet address, and made that user the “owner” of such wallets. Following this, devops199 then proceeded to kill the wallet contract, completely eliminating and locking $300M ETH into a self-encrypted wallet, which included over $100M in recent investments from large ICOs. Parity commented that he basically “suicided” the funds inside the wallet, stating that there is no hope in ever getting it back. Following the event, devops199 appeared in the official Parity chat channel, only to state that “I’m [an Ethereum] newbie…just learning.” Another user wrote in reply “You’re famous now lol.”

 

Solutions are being investigated for how to prevent future situations similar to this, and the “hard fork” solution keeps being mentioned as a way of reversing the event, and somehow bringing back the locked funds. “At the moment, we are looking into every scenario, a hard fork is one of the options,” said a Parity spokesperson.

Devin :