Coding Mishap Locks up Over $200 Million in Ether in Multi-Sig Wallets

Over $200 million in Ether has been locked inside some multi-signature wallets that use the Parity service. This occurred due to a few coding mishaps.[1]

This means some Ethereum wallets that require more than one signature currently have Ether (and potentially ERC-20 Ethereum-based tokens) locked inside of them. The coins aren’t gone, they are just stuck.

All dependent multi-sig wallets that were deployed after 20th July functionally now look as follows:

contract Wallet {
    function () payable {
          Deposit(...)
    }
}

This means that currently no funds can be moved out of the multi-sig wallets.

We are analysing the situation and will release an update with further details shortly.

Parity explaining the effects of this second vulnerability and its implications.

There is a good chance this problem will be fixed, but it highlights one of the risks of crypto. That is, it is software-based and open source and things can go wrong.

In this case, the mishap was all just a result of a few mistakes.

  1. The wallets had a vulnerability (so there was a coding mistake on that end).
  2. A well intentioned amateur dev accidentally found the vulnerability accidentally… and in the process broke a bunch of multi-sig wallets that use Parity.

In other words, this wasn’t malicious, it was just a few mistakes that, intentions aside, resulted in over $200 million in frozen funds and lots of headaches.

This is extra ironic since these wallets are supposed to be more secure.

Crypto users shouldn’t think this is something that can just happen with Ethereum, this is a problem that the entire crypto space is up against.

Does something go wrong with a popular exchange/wallet, does a hard fork like Segwit2x result in lost coins due to lack of replay protection, does someone figure out how to effectively preform an attack on a major crypto? These are all real concerns.

We saw Ether lose a good bit of value after the mishap as people panicked. When MtGox lost tons of Bitcoin back in the day, people panicked and the value of BTC took a hit. Human error can be devastating in crypto… and there is no way to really predict it or totally avoid it if you want to play in the crypto space.

That said:

One good way to avoid disaster is to diversify in different coins, but as any crypto trader knows, that can be a lackluster investing strategy.

Another way to avoid disaster is to hold your crypto in cold storage in different wallets (to diversify where you keep a single coin and all your coins), but that of course has its own headaches (for example, transaction fees).

In words, there is no fool proof way to avoid the rollercoaster that is crypto if you want to go for the ride, but there are best practices like not keeping all your funds in a single place that would have generally avoided all the major mishaps so far.

TIP: There is no good reason to panic and sell-off your Ether. Especially not at a loss in my opinion. With that said, we don’t want to offer investing advice on this site. So do your own research and make your own choices.

Article Citations
  1. Security Alert 8 November 2017

Author: Thomas DeMichele

Thomas DeMichele has been working in the cryptocurrency information space since 2015 when CryptocurrencyFacts.com was created. He has contributed to MakerDAO, Alpha Bot (the number one crypto bot on Discord),...

Leave a comment

We'll never share your email with anyone else.