AN ESTIMATED $280m worth of Ethereum has been frozen and made inaccessible due to one person's coding error.
New code pushed out this week is said to have accidentally triggered a bug in recently-created digital wallets within Parity, according to a Parity Technologies blog post, which means that some are now locked down and inaccessible
"It was possible to turn the Parity Wallet library contract into a regular multi-sig wallet and become an owner of it by calling the initWallet function," the firm said
"It would seem that issue was triggered accidentally 6th Nov 2017 02:33:47 PM +UTC and subsequently a user suicided the library-turned-into-wallet, wiping out the library code which in turn rendered all multi-sig contracts unusable since their logic (any state-modifying function) was inside the library."
Effectively, this means that all multi-signature wallets deployed after the 20 July are (for now, at least) unusable. Parity tweeted that the funds have been frozen, rather than wiped.
Update: To the best of our knowledge the funds are frozen & can't be moved anywhere. The total ETH circulating social media is speculative.— Parity Technologies (@ParityTech) November 7, 2017
Multi-sig wallets require the consent of multiple parties before transactions can be approved. They are popular with startups and other collective groups due to their additional security, and are also a common way to store money raised through initial coin offerings (ICOs). Because of this, multi-sig wallets tend to store high amounts of virtual cash.
While the amount of money affected has not been announced, some sources estimate that it could be as much as 20 per cent of the entire Ethereum network.
Dominic Williams, founder of self-governing blockchain computer DFINITY, told us: "The Parity vulnerability was the result of an incorrectly-coded smart contract used by the Parity wallet to store tokens on the Ethereum network.
"The vulnerability made it possible for anyone to 'freeze' the tokens held by that smart contract, making them immovable. At this time, the only method we are aware of to 'unfreeze' tokens held by the vulnerable smart contract would be to create a new 'hard fork' Ethereum client that deploys a fix.
"This would require every full node on the Ethereum network to upgrade by the date of the hard fork to stay in sync, including all miners, wallets, exchanges, etc."
Williams added that a self-governing system like DFINITY would not require every node on the network to deploy a manual fix, but could update itself autonomously. µ
Breach occurred in 2016 but took two years to travel into Orbitz's view
Company even manages to make social engineering duller than it already is
Work on the 'specialist' facility is set to begin 'within weeks'
Weibo leak claims upcoming flagship will go on sale for $749