Parity Technologies Hack Update: $156.4M Frozen, No Solution In Sightbr>
Parity Technologies has updated news on its frozen wallets, claiming 587 wallets containing 513,774.16 ether have been blocked, a total worth $156,433,956.24 based on Saturday’s single-coin pricing.
The company has been reaching out to owners of the affected wallets, but, as yet, has not found a solution to unblocking the wallets and freeing the frozen funds. “We are endeavouring to find a solution as soon as possible,” said Jutta Steiner, the company founder, in a statement. The situation was also called “a learning opportunity” for the company, “albeit a painful one.”
Parity claimed a “user” managed to access a smart contract, thereby making them the owner of it. They then “made the unfortunate move to ‘suicide’ the smart contract underlying the multi-sig wallet, which affected the other wallets. The company claims the funds remain in the wallets, though frozen.
Parity added that it has reached out the community for help, and will institute what it terms a “broadly accepted” solution. Some analysts have indicated that a new fork in the ethereum blockchain may have to be created to unblock the funds, but the Parity statement did not address that prospect.
The hack is the biggest disaster in cryptocurrency history, and certainly will put into question the future of Parity Technologies at the last, and ethereum at the worst.
Parity disclosed the issue earlier this week in a blog post, admitting a flaw in its multi-sig wallets could cause the contents to be wiped. The wallets use multiple party consents as an additional security measure, but the flaw evidently exists in all wallets created after July 20 of this year. Partity claimed it discovered the problem when one user’s wallet was wiped.
Any ICOs held since the July 20 date may be impacted. Companies that stored the funds in the frozen wallets cannot draw on those reserves.
The flaw is the second suffered by Parity in the last four months. A July theft of more than 150,000 ETH caused by another flaw was allegedly resolved on July 19, or one day before the current vulnerability issue.
If the $150 million proves to be lost, the incident would be far worse than the previous biggest ethereum hack, the notorious DAO incident of 2016.
The DAO, a decentralized, open source code, was a blockchain that sought to back ethereum projects. It was crowdfunded in May, 2016, and at the time, was the largest crowdfunding campaign in history.
However, in June of 2016, a vulnerability in the code exploited by hackers allowed them to take one-third of the DAO’s reserves, an estimated $50 million. The cure was an ethereum hard fork to restore funds, splitting ethereum into two camps, with the original called Ethereum Classic.
Martin Holst Swende, the head of security for the Ethereum Foundation, said in a published report that any resolution to the problem requires a hard fork, as there is no way to recreate the code and make the funds accessible without that tactic. Such an upgrade would require changes across the ethereum blockchain.
Meanwhile, companies with frozen funds are in limbo, unable to access funds raised for development and operations.