Hi.

Welcome to my blog. I document my adventures in travel, style, and food. Hope you have a nice stay!

Parity at centre of yet another fiasco

Parity at centre of yet another fiasco

The Etheruem client Parity finds itself in the spotlight again today following its admission that a vulnerability concerning its multi-signature contracts has been found. 

The vulnerability has essentially rendered wallets utilising its multi-sig contracts (an added form of protection that requires the authorisation of multiple users to access the wallet) dead, removing the ability to move the funds contained within. 

In somewhat farcical fashion, the vulnerability came to light through an issue that was raised on Parity's github, in which Github user and self professed 'ETH newbie' devops199 posted a frank message.

 devops199 breaks the good news

devops199 breaks the good news

Without going into too much detail, devops199 essentially acquired ownership of the smart contract and then promptly killed the contract. This destroyed the 'WalletLibrary', which the multi-sig wallet relied on for all of its functionality bar the act of depositing. This therefore renders all funds in the multi-sig wallet trapped. 

PolkaDot, a recently concluded ICO which raised $145m, has posted on Twitter that they are one of those affected:

polkadot.jpg

Parity's ongoing woes is a further reminder that secure and easy to use wallets remain one of the most important hurdles to mainstream adoption. Despite the progress made by the likes of MyEtherWallet and Ledger Wallet, basic programming errors like those committed by Parity are inexcusable with the sums of money at risk.

Why poker is relevant to trading crypto

Why poker is relevant to trading crypto

Project Spotlight: Confido

Project Spotlight: Confido

0