siru Posted November 7, 2017 Report Share Posted November 7, 2017 Today is not a good news day for Ethereum. A vulnerability found within a popular wallet has frozen potentially hundreds of millions of dollars of the crypto currency in a second setback in recent months. Parity Technologies, the company behind widely-used wallet service Parity, today disclosed an issue that could enable the contents of a wallet to be wiped. The issue affects multi-sig wallets -- a technology that uses the consent of multiple parties for additional security on transactions -- that were deployed after July 20. In other words, ICOs that were held since then may be impacted. It's a kicker because it is the second time in just a few months that a major Parity bug has been unearthed with potentially costly repercussions for Ethereum, which is the world's second highest-valued crypto currency with a total market cap of over $27 billion. Back in July, a vulnerability in Parity led to 150,000 ETH (then worth around $30 million) being stolen. That bug was fixed July 19 -- hence the significance of the July 20 date -- but one positive element of that first scare is that many in the Ethereum community, and particularly those who have held ICOs, backed away from the technology in favor of alternatives. Even those who did use Parity may not have opted for the multi-sig wallet. But still it is a major security issue with wider implications. Parity explained that it found the problem when one user's wallet was wiped: Following the fix for the original multi-sig issue that had been exploited on 19th of July (function visibility), a new version of the Parity Wallet library contract was deployed on 20th of July. However that code still contained another issue - it was possible to turn the Parity Wallet library contract into a regular multi-sig wallet and become an owner of it by calling the initWallet function. It would seem that issue was triggered accidentally 6th Nov 2017 02:33:47 PM +UTC and subsequently a user suicided the library-turned-into-wallet, wiping out the library code which in turn rendered all multi-sig contracts unusable since their logic (any state-modifying function) was inside the library. The issue appears to center around the fact that the Parity Wallet operates as a smart contract. Quote Link to comment Share on other sites More sharing options...
Naaperushiva Posted November 7, 2017 Report Share Posted November 7, 2017 bro......Endhi ee news Quote Link to comment Share on other sites More sharing options...
Sreeven Posted November 7, 2017 Report Share Posted November 7, 2017 Mari coinbase lo vunnavi safe a a? Quote Link to comment Share on other sites More sharing options...
princeofheaven Posted November 7, 2017 Report Share Posted November 7, 2017 2 minutes ago, Sreeven said: Mari coinbase lo vunnavi safe a a? safe ee Quote Link to comment Share on other sites More sharing options...
Briantoono Posted November 20, 2017 Report Share Posted November 20, 2017 SUBJ1 Quote Link to comment Share on other sites More sharing options...
Pitta Posted November 20, 2017 Report Share Posted November 20, 2017 Quote Link to comment Share on other sites More sharing options...
Bhai Posted November 20, 2017 Report Share Posted November 20, 2017 1 minute ago, Pitta said: Baagaindi Quote Link to comment Share on other sites More sharing options...
Pitta Posted November 20, 2017 Report Share Posted November 20, 2017 2 minutes ago, Bhai said: Baagaindi anthe Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.