Blunder over bug in code may freeze cryptocurrency wallets forever.
An error in the code for Ethereum multi-signature (sig) wallets – and the subsequent attempts to repair it – have resulted in an estimated $300,000,000 of Ethereum being made inaccessible by anyone, possibly for ever.
Parity, the software company behind multi-sig wallets for the Ethereum crypto-currency, has been forced to reveal that while fixing a bug that let hackers steal $32m out of few multi-signature wallets, the firm had inadvertently left a second flaw in its systems that allowed one user to become the sole owner of every single multi-signature wallet it had control of.
The ‘new’ wallets were introduced into Parity’s Wallet library back in July of this year. As part of a continuous effort to find flaws and vulnerabilities in the system, the current flaw let someone hunting for bugs in the code, suddenly become the joint owner of hundreds of wallets.
The user, known only as “devops199” seems to have triggered the flaw completely by accident. Tragically for Parity and the owners of the Ethereum wallets, when the bug hunter realized what they had done, it seems like they panicked, and tried to undo the damage they had caused by deleting the code which had transferred ownership of the funds.
However, rather than returning the money, by deleting the code, devops199 instead managed to permanently freeze all the fund in the multi-signature wallets, and, at the time of writing, locked everyone out of them, seemingly forever. There is literally no way to access them, or the crypto currency within them.
devops199 did what?
The technical term for what happened, is referred to as ‘suiciding’ the code. When devops199 suicided the flawed code by deleting it, they also destroyed the only possible solution that could have been used to resurrect the wallets.
In a statement, Parity Technologies said: “We very much regret that yesterday’s incident has caused a great deal of stress and confusion amongst our users and the community as a whole, especially with all the speculation surrounding the issue. We continue to investigate the situation and are exploring all possible implications and solutions.”
Remind me, what is Ethereum again?
Ethereum is a digital crypto-currency similar in some respects to Bitcoin, in that it uses a large network of computers to verify transactions and generate new coins. At the time of writing, one Bitcoin was worth $7,202.79, and Ethereum was valued at $318.76, according to Coinbase.