Ethereum & Its Little Tiny $300M Error


WHOOPS! Sorry, my bad. Seems a simple tiny little mistake in coding has frozen around $300M of the cryptocurrency ether. What’s the big deal? WHAT? $300M? Parity Technologies was fixing a previous bug that ONLY allowed $32M in ether to be stolen and they created a glitch in coding that has now frozen $300M from its owners. But hey, why worry? In tech terms the funds haven’t vanished, you just can’t get to them. Hmmmmm! Well, there goes six years of online coding school right down the drain.
(Bill Taylor/CEO)

“The lockdown affects those using multisignature wallets — which require multiple parties’ consent as an added security measure — run by Parity Technologies and deployed after July 20.

That’s when Parity fixed a previous bug that allowed $32 million in ether to be stolen. But the new coding had a vulnerability that a user on the developer forum GitHub, who goes by the handle “Devops199,” apparently accidentally exploited Monday.

According to a security alert by Parity, that user “accidentally” triggered a function that allowed him or her to become the sole “owner” of all the post-July 20 multisignature wallets. “Subsequently a user suicided the library-turned-into-wallet, wiping out the library code which in turn rendered all multi-sig contracts unusable since their logic (any state-modifying function) was inside the library.”

It other words, once Devops199 realized what happened, he or she tried to delete the wallet contract, which froze them and made them unusable — and now the real owners have no way to access the accounts.

Vice’s Motherboard put it this way: “If the story is true, it seems like Devops199 was jiggling door handles and when one door opened, they tried to close it and the whole house exploded.”

It’s still unclear how many Ethereum users are affected, or how much ether may be frozen. But Parity reportedly constitutes about 20% of the Ethereum network, and experts estimate anywhere from $100 million to $300 million in ether is locked down…”

Full Story at Marketwatch