About $300 million worth of Ether – the unit of cryptocurrency used on the Ethereum platform – from dozens of digital wallets was permanently locked up today because of one person’s mistake.
The Ether had been stored in Parity’s “multisignature” wallets when a GitHub user, “devops199,” came across a detrimental vulnerability. According to Motherboard:
According to a blog post released by Parity on Tuesday, the code that fixed the July bug contained another vulnerability. That vulnerability allowed a user known as “devops199” on GitHub, a site for developers to collaborate on open source code, to allegedly accidentally trigger a function that turned the contract governing Parity multisignature wallets into a regular wallet address and made him or her the owner. Devops199 then killed this wallet contract, or, as Parity put it, “suicided” it. This made all multisignature wallets tied to that contract instantly useless, their funds locked away with no way to access them.
If the story is true, it seems like Devops199 was jiggling door handles and when one door opened, they tried to close it and the whole house exploded.
“We are asking for everyone to be patient until the full extent of the issue has been identified and we will communicate any necessary instructions or advice,” Parity told Motherboard. “We are advising users not to deploy any further multi-sig wallets until the issue has been resolved and to not send any Ether to wallets that have been deployed and are in use already.”
One solution the Ethereum community is considering is “the possibility of a risky network split, known as a ‘hard fork,’ to fix it.”
Image: BTC Keychain
from Boing Boing https://boingboing.net/2017/11/07/one-person-permanently-locked.html