Skip to main content

Cryptocurrency wallet blunder freezes up to $280 million of Ethereum

Audio player loading…

The world of cryptocurrency can be a volatile place, and not just in terms of the value of virtual coins, as a fresh blunder with Ethereum has illustrated, leaving hundreds of millions of dollars in limbo.

An estimated $280 million (around £215 million) of the virtual currency – the exact amount is unclear at this point – has been frozen following an issue that affects multi-sig wallets with the Parity service (those are wallets designed for organizations which require more than one signature, hence the name multi-signature).

The problem occurred thanks to a vulnerability in the multi-sig wallets introduced when a new version of the Parity Wallet library contract was implemented back on July 20. Ironically, this was a fix for a previous issue affecting multi-signature wallets.

Apparently this flaw was triggered thanks to a mistake made by an unidentified code contributor.

Suicide is painful

In a ‘critical security alert’, Parity explains: “It would seem that issue was triggered accidentally 6th Nov 2017 and subsequently a user suicided the library-turned-into-wallet, wiping out the library code which in turn rendered all multi-sig contracts unusable since their logic (any state-modifying function) was inside the library.”

The upshot of this is that no funds can be withdrawn from the affected multi-sig wallets.

In yesterday’s statement, Parity notes that it is currently analyzing the situation, and will provide an update ‘shortly’; so perhaps today. And hopefully with a solution that will ease the fears of those with affected wallets.

Even if a swift and solid solution is found, these sort of incidents damage the reputation of virtual currency for obvious reasons.

Via: Engadget

Top image credit: BTC Keychain (Flickr) 

Darren is a freelancer writing news and features for TechRadar (and occasionally T3) across a broad range of computing topics including CPUs, GPUs, various other hardware, VPNs, antivirus and more. He has written about tech for the best part of three decades, and writes books in his spare time (his debut novel - 'I Know What You Did Last Supper' - was published by Hachette UK in 2013).