QUADRIGA INITIATIVE
CRYPTO WATCHDOG & FRAUD RECOVERY PLATFORM
A COMMUNITY-BASED, NOT-FOR-PROFIT
$280 000 000 USD
NOVEMBER 2017
GLOBAL
PARITY
DESCRIPTION OF EVENTS
"Several years ago Gavin Wood, Ethereum cofounder and CTO established EthCore, a non-profit organization that develops software for Ethereum infrastructure, which later changed its name to Parity Technologies. One of its products is Parity, an Ethereum client that provides a web interface for the underlying Ethereum node software. It allows the user to access the basic Ether and token wallet functions, and also to interact with smart-contracts deployed on the Ethereum Blockchain. The Parity wallet is designed to integrate seamlessly with all standard tokens as well as manage Ether transfers. It is compatible with Ubuntu, OSX, Docker, and Windows. The vast array of options offered by Parity wallet made it extremely popular in the crypto community."
"What if we no longer had to route our interactions through centralised services? What if data breaches were a remnant of an old flawed infrastructure? Each piece of Parity's technology is a step towards a society run on peer-to-peer networks instead of by a handful of corporations."
"Technology developed by a team of the world’s top blockchain engineers." "60+ developers across fifteen countries. A no-bullshit culture of getting stuff done." "In general, we treat security and consensus code extremely seriously at Parity."
"The original "Foundation" multi-sig wallet code was created and audited by the Ethereum Foundation's DEV team, Parity Technologies and others in the community. Many users rely on it, and it underwent extensive peer review. This body of code continues to have no known security issues. It was restructured by the Parity team into a lightweight "stub" smart contract which is deployed to the network every time a wallet is created, together with a much heavier "library" smart contract, containing the majority of the wallet's logic and which is deployed only once. While there was no formal audit, the contract had received many reviews internally and externally in the context of analyses of the July 19th exploit and the returning of the funds by the White Hat Group both before and after deployment in July."
A "new vulnerable contract [was] deployed on July 20th, one day after the original multi-sig vulnerability had been exploited and fixed."
"The company said that one person “suicided” the wallet, deleting its code and freezing all ether tokens contained within." "[A] bug that got “accidentally” triggered which resulted in freezing more than $280M worth of ETH, including $90M belonging to Parity’s Founder & Ethereum former core developer: Gavin Woods."
"On Monday November 6th 2017 02:33:47 PM UTC, a vulnerability in the “library” smart contract code, deployed as a shared component of all Parity multi-sig wallets deployed after July 20th 2017, was found by an anonymous user. The user decided to exploit this vulnerability and made himself the “owner” of the library contract. Subsequently, the user destructed this component. Since Parity multi-signature wallets depend on this component, this action blocked funds in 587 wallets holding a total amount of 513,774.16 Ether as well as additional tokens. Subsequent to destroying the library component, someone (purportedly this same user) posted under the username of “devops199” issue #6995 that prompted our investigation into this matter."
"The newly deployed contract, 0x863df6bfa4469f3ead0be8f9f2aae51c91a907b4, contains a vulnerability where its owner was uninitialized. Although, the contract is a library it was possible for devops199 to turn it into a regular multi-sig wallet since for Ethereum there is no real distinction between accounts, libraries, and contracts."
"The event occurred in two transactions, a first one to take over the library and a second one to kill the library — which was used by all multi-sig wallets created after the 20th of July."
"The coding “accident” affects all of Parity’s “multisignature wallets” — wallets that require one user to sign another’s transaction before it is added to the ethereum blockchain — which were created after July 20."
"When you are tracking all their transactions, you realize that they were deliberate... Therefore, we tend to think that it was not an accident. We suppose that this was a deliberate hacking. We believe that if the situation is not successfully resolved in the nearest future, contacting law enforcement agencies may be the right next step."
"This rather gives a lie to the idea that this was a one-off accident. Instead it looks as though devops199 was deliberately trying to break the multi-sig system and took a number of tries to do so."
"Although Parity didn’t disclose how much ether is currently frozen, French hacker Matt Suiche said in a blog post Tuesday that the code wipeout means that more than $280 million worth has been locked."
"To the best of our knowledge the funds are frozen & can't be moved anywhere. The total ETH circulating social media is speculative." "We are working on confirming the exact details and will inform the community as soon as we have them."
"We have reached out to affected users and are encouraging all those that we have not yet been able to reach to contact us community@parity.io. We recognize that the issue has, among other things, caused distress and anxiety about the future of projects and funds in our community and we are working hard to explore all feasible solutions."
"We deeply regret the situation and we are working hard on several Ethereum improvement proposals(EIPs), both contributing to previously existing ones and suggesting new ones that have the potential to unblock funds. These improvement proposals will also address general cases of blocked funds."
"There is no timeline for when such an improvement proposal could be implemented; we will follow the will of the community and go through the regular EIP process like any other protocol improvement. Parity Technologies will handle much of the development work around these proposals and work constructively with the Ethereum Foundation team and the community towards further protocol layer development. We are committed to the continued development of Ethereum."
Parity created a complex multi-signature smart contract which had a public function enabling anyone to take claim over a wallet.
Because of the complexity, this was hidden in another part of the contract which was not easy to find. Parity had no formal audit, nor bug bounty program running.
Eventually, a hacker found the function and used it to commandeer funds of multiple projects. Parity, in response released a modified version of the contract.
This version had an exploit which enabled all funds to be locked, so no one could use them. This function was then used, which locked up significant funds.
There is presently no strategy or timeline on unlocking the funds. Such would require a fork of the ethereum blockchain.
HOW COULD THIS HAVE BEEN PREVENTED?
One of the key features that a successful multi-sig needs is simplicity, such that security can be certain. Having complexity on a multi-sig defeats the purpose.
'Accidental' bug froze $280 million worth of ether in Parity wallet (Jul 27)
@stonecoldpat0 Twitter (Jul 27)
Parity Hack - 513k Ether ($154m) - Google Sheets (Jul 27)
The $280M Ethereum bug. – Comae Technologies (Jul 27)
@dguido Twitter (Jul 27)
update wallet library modifiers · openethereum/parity-ethereum@6b0e4f9 · GitHub (Jul 27)
@ParityTech Twitter (Jul 27)
"I Learn Blockchain"-XII. Ethereum Security Parity First Security Incident Vulnerability Analysis - Programmer Sought (Jul 27)
Parity Multisig Wallet Hacked, or How Come? (Jul 27)
@ParityTech Twitter (Jul 27)
Twitter icon (Jul 27)
Twitter icon (Jun 23)
List of Ethereum Smart Contracts Post-Mortems - Security - OpenZeppelin Community (Jun 23)
A Postmortem on the Parity Multi-Sig Library Self-Destruct | Parity Technologies (Jun 23)
3 Famous Smart Contract Hacks You Should Know (Nov 3)
