A single user was able to permanently lock hundreds of digital wallet containing more than 300 million dollars worth of Ethereum. Many are considering doing a hard fork to fix it. Multi signature wallets are affected and they require multiple people to sign before moving the funds. So such wallets are more popular among companies that hold massive amount of funds. All the multi signature wallets were made by Parity which is an app for creating digital wallets with multi signature functionality.
Parity said in a blog post that the code that fixed a problem had another vulnerability that allowed a user by the name of devops199 (on Ethereum’s Github), trigger a function that turned Parity multisig wallet into a regular wallet address and made develops199 the owner. He killed this wallet’s contract that made the wallet as well as the funds stored inside it useless. There is now no way to get access to those funds.
Pastebin document has been posted that contains list of affected wallets.
A hard fork is on the paper to bring the locked funds back. It shall be kept in mind that Ethereum project is still in beta but so is most of the crypto currency ecosystem. Not many of them fully understand how it all works and how to run code on it safely. Ethereum will never be as secure as bitcoin in terms of storing value. It cannot be powerful computer DAPP network without having a massive attack surface at same time.
November 8, 2017
| Ethereum News