Stories
Slash Boxes
Comments

SoylentNews is people

posted by takyon on Wednesday November 15 2017, @02:12AM   Printer-friendly
from the vanishing-act dept.

Submitted via IRC for SoyCow1984

A crypto-currency collector who was locked out of his $1m Ethereum multi-signature wallet this week by a catastrophic bug in Parity's software has claimed the blunder was not an accident – it was "deliberate and fraudulent."

On Tuesday, Parity confessed all of its multi-signature Ethereum wallets – which each require multiple people to sign-off transactions – created since July 20 were "accidentally" frozen, quite possibly permanently locking folks out of their cyber-cash collections. The digital money stores contained an estimated $280m of Ethereum; 1 ETH coin is worth about $304 right now. The wallet developer blamed a single user who, apparently, inadvertently triggered a software flaw that brought the shutters down on roughly 70 crypto-purses worldwide.

[...] Cappasity has alleged the wallet freeze was no accident: someone deliberately triggered the mass lock down, we're told, and there's evidence to prove it. By studying devops199's attempts to extract and change ownership of ARToken's and Polkadot's smart contracts, it appears the user was maliciously poking around, eventually triggering the catastrophic bug in Parity's software. "Our internal investigation has demonstrated that the actions on the part of devops199 were deliberate," said Cappasity's founder Kosta Popov in a statement this week.

Source: https://www.theregister.co.uk/2017/11/10/parity_280m_ethereum_wallet_lockdown_hack/

Ethereum.

Previously: $300m in Cryptocurrency Accidentally Lost Forever Due to Bug


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by bradley13 on Wednesday November 15 2017, @09:58AM (1 child)

    by bradley13 (3053) on Wednesday November 15 2017, @09:58AM (#597236) Homepage Journal

    There was a bug (or unintended feature) that allowed this to happen. Possibly the company can be held liable for that, possibly not.

    Claiming malicious action by a hacker - even if that's true, what does it buy you? Even if you can identify the hacker, they almost certainly don't have $280 million for you to sue and collect.

    Ethereum smart contracts are a genuinely clever idea: take contracts out of the reach of human subjectivity. A contract means what it says, nothing more and nothing less. However, they are also a demonstration of the fact that it is difficult - nearly impossible - to write perfect code. And since the contracts are beyond human reach (barring a hard-fork of the entire blockchain), maybe that isn't actually a good thing for most applications.

    --
    Everyone is somebody else's weirdo.
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 5, Interesting) by citizenr on Wednesday November 15 2017, @01:17PM

    by citizenr (2737) on Wednesday November 15 2017, @01:17PM (#597268)

    There was no bug, they "forgot" to set ownership of the walled, becoming owner required 0 signatures hehe. They did it SECOND time in a row(first time July of 2017 = $30 mil stolen). devops199 claimed ownership and triggered one of the actions you can do as an owner - destruction.