Menu

Search

  |   Digital Currency

Menu

  |   Digital Currency

Search

Accidental bug activation in Parity wallet locks up user funds on Ethereum network

User funds running into millions of dollars on the Ethereum network have been reportedly frozen after a user triggered an issue in the Parity Wallet software.

A developer going by the name “devopps199” reported the security vulnerability on GitHub after “accidentally” activating it, CoinDesk reported.

In an official statement, Parity said that users with assets in a multi-sig wallet created in Parity Wallet that was deployed after 20th July were affected by this vulnerability, adding that “no funds can be moved out of the multi-sig wallets.” Earlier in July, another security bug resulted in the theft of nearly $30 million from Parity wallet.

“Following the fix for the original multi-sig issue that had been exploited on 19th of July (function visibility), a new version of the Parity Wallet library contract was deployed on 20th of July. However that code still contained another issue - it was possible to turn the Parity Wallet library contract into a regular multi-sig wallet and become an owner of it by calling the initWallet function. It would seem that issue was triggered accidentally 6th Nov 2017 02:33:47 PM +UTC and subsequently a user suicided the library-turned-into-wallet, wiping out the library code which in turn rendered all multi-sig contracts unusable since their logic (any state-modifying function) was inside the library,” Parity said.

According to reports, an estimated $280 million is now frozen.


However, in a tweet, Parity said that the total ETH circulating on social media is speculative, adding that it is analysing the situation and will release an update soon.


"The security flaw really comes from the way the smart contract system is designed," bitcoin developer Peter Todd told International Business Times. "All these contracts can break because they are all dependent on each other."

"We have been blessed with a unique ability here to self-govern our own community and assets: The community has the option here to choose to 'unstick' these funds. How amazing is that? There's no need to appeal to government or regulators, but rather, it's a bug fix. Though action will be controversial to some, they are able to self-select themselves out,” Bob Summerwill, Sweetbridge, Principle Blockchain Developer, said.

  • ET PRO
  • Market Data

Market-moving news and views, 24 hours a day >

June 20 23:50 UTC Released

JPForeign Invest JP Stock

Actual

-40.8 Bln JPY

Forecast

Previous

-108.5 Bln JPY

June 20 23:50 UTC Released

JPForeign Bond Investment

Actual

1490.4 Bln JPY

Forecast

Previous

-488.5 Bln JPY

January 31 00:00 UTC 203078203078m

ARAnnual Primary Balance*

Actual

Forecast

2016 bln ARS

Previous

Bln AR bln ARS

January 31 00:00 UTC 203078203078m

ARAnnual Primary Balance*

Actual

Forecast

2016 bln ARS

Previous

Bln AR bln ARS

January 22 19:00 UTC 214898214898m

ARTrade Balance

Actual

Forecast

Previous

-1541 %

January 31 00:00 UTC 203078203078m

ARAnnual Primary Balance*

Actual

Forecast

2016 bln ARS

Previous

Bln AR bln ARS

January 22 19:00 UTC 214898214898m

ARTrade Balance

Actual

Forecast

Previous

-1541 %

January 31 00:00 UTC 203078203078m

ARAnnual Primary Balance*

Actual

Forecast

2016 bln ARS

Previous

Bln AR bln ARS

January 31 00:00 UTC 203078203078m

ARAnnual Primary Balance*

Actual

Forecast

2016 bln ARS

Previous

Bln AR bln ARS

January 31 00:00 UTC 203078203078m

ARAnnual Primary Balance*

Actual

Forecast

2016 bln ARS

Previous

Bln AR bln ARS

Close

Welcome to EconoTimes

Sign up for daily updates for the most important
stories unfolding in the global economy.