QUADRIGA INITIATIVE
CRYPTO WATCHDOG & FRAUD RECOVERY PLATFORM
A COMMUNITY-BASED, NOT-FOR-PROFIT
$32 000 000 USD
JULY 2017
GLOBAL
PARITY
DESCRIPTION OF EVENTS
"Several years ago Gavin Wood, Ethereum cofounder and CTO established EthCore, a non-profit organization that develops software for Ethereum infrastructure, which later changed its name to Parity Technologies. One of its products is Parity, an Ethereum client that provides a web interface for the underlying Ethereum node software. It allows the user to access the basic Ether and token wallet functions, and also to interact with smart-contracts deployed on the Ethereum Blockchain. The Parity wallet is designed to integrate seamlessly with all standard tokens as well as manage Ether transfers. It is compatible with Ubuntu, OSX, Docker, and Windows. The vast array of options offered by Parity wallet made it extremely popular in the crypto community."
"What if we no longer had to route our interactions through centralised services? What if data breaches were a remnant of an old flawed infrastructure? Each piece of Parity's technology is a step towards a society run on peer-to-peer networks instead of by a handful of corporations."
"Technology developed by a team of the world’s top blockchain engineers." "60+ developers across fifteen countries. A no-bullshit culture of getting stuff done." "In general, we treat security and consensus code extremely seriously at Parity."
"The original "Foundation" multi-sig wallet code was created and audited by the Ethereum Foundation's DEV team, Parity and others from the community. It is used extensively and underwent extensive peer review."
"On Wednesday 19th July, 2017 a bug found in the multi-signature wallet ("multi-sig") code used as part of Parity Wallet software was exploited by parties unknown." "Any user with assets in a multi-sig wallet created in Parity Wallet prior to 19/07/17 23:14:56 CEST" [should] "[i]mmediately move assets contained in the multi-sig wallet to a secure address."
"As reported by the startup, the issue is the result of a bug in a specific multi-signature contract known as wallet.sol., the attacker can take over the wallet immediately and absorb all the funds." "This attack is unique in both how long the bug has remain dormant, and also in how easy it is to actually utilize the exploit."
"Th[e initWallet] method is intended to initialize the wallet using the given array of signers, number required to confirm a transaction, and the limit per day allowed to be moved before requiring a confirmation. Note the lack of a visibility modifier on the function, which defaults it to public. Thus, anybody is allowed to call this function, and can freely set the parameters to whatever they like. To an attacker, they could set the ownership to their own address, and the day limit to be high enough to siphon out all of the funds in a single transaction."
"The wallet code for “Wallet.sol” is not the same code that is actually deployed when using the multi-sig wallet feature in Parity. In reality, the actual multi-sig wallet code that is deployed is inside a different repository, called “enhanced-wallet.sol”. It is this code that contains the vulnerability that we witnessed today, and is not present in the “contracts” repository, only linked to from the Parity wiki." "This chain of events meant that the actual number of eyes that have passed over the code has reduced by a significant portion."
"The code used in Parity Wallet is a modified form of the original multi-sig wallet code. It was restructured into a lightweight "stub" contract which is deployed to the network every time a wallet is created, together with a much heavier "library" contract, containing the majority of the wallet's logic and which is deployed only once. (By splitting the code in this way, deploying a wallet is substantially cheaper in terms of gas costs.) The bug was introduced during this restructuring."
"Around 153,000 tokens were taken by hackers, according to data from Etherscan. 44,055 tokens were stolen from commerce platform Swarm City. The theft was noticed at 12:30 p.m. ET on Wednesday, according to Swarm City communications officer Matthew Carano. The stolen tokens are worth around $32.6 million at today’s price for ether." "3 multi-sig wallets were exploited from of a total of 596 vulnerable multi-sig wallets (the rest were commandeered by the White Hat Group), which themselves are a tiny fraction of Parity accounts."
"According to Parity founder and CTO Gavin Wood, at least three ether addresses have been compromised as a result of the bug." “We alerted the Ethereum Foundation and multiple developer groups immediately. Together, we were able to determine that malicious actors had exploited a flaw in the Parity Multisig code, which allowed a known party to steal over 153,000 ether from several projects including Edgeless Casino, Aeternity, and Swarm City,” Carano said in a blog post.
"Multi-sig wallets created in Parity Wallet after 19/07/17 23:14:56 CEST are secure." "The fix is the equivalent of asking the bank not to let anybody (except the bank’s staff) make changes to your account."
Writing in the Parity Gitter channel, Wood said: "There is an effort by the foundation underway to secure funds in other wallets to prevent any further compromises; they will make an announcement in their own time." "Data suggests the issue was mitigated, however, as 377,000 ethers that were potentially vulnerable to the issue were recovered by white hat hackers." "A swift response from a whitehat hacker group used the same exploit to drain many other project’s parity multisig wallets, in order to protect them from theft. This group was able to save over 377,000 ETH. Unfortunately the 44,055 ETH that was in Swarm City’s wallet is gone." "The group says they will be returning the funds to accounts that have been drained and are using the DAO rescue donations for the gas to send the ether forward."
"While there is no fool-proof means of practically ensuring software contains no bugs, Parity Technologies is committed to minimizing the chances that its software contains exploits. In response to the present exploit we will refine our development processes and CI system."
"The first and biggest change will be to ensure that any alterations to the codebase that involve live contract code (which can be generally identified through .sol files) be reviewed by Solidity experts. At present the multi-sig wallet is the only Solidity code that is user-deployable and in wide use within Parity."
"Going forward, Parity will try to arrange a bug-bounty program. Unfortunately, since Parity is a small, minimally-funded start-up, we have not the resources to do this alone."
Parity created a complex multi-signature smart contract which had a public function enabling anyone to take claim over a wallet.
Because of the complexity, this was hidden in another part of the contract which was not easy to find. Parity had no formal audit, nor bug bounty program running.
Eventually, a hacker found the function and used it to commandeer funds of multiple projects. Other funds were saved by white hat hackers.
HOW COULD THIS HAVE BEEN PREVENTED?
One of the key features that a successful multi-sig needs is simplicity, such that security can be certain. Having complexity on a multi-sig defeats the purpose.
SlowMist Hacked - SlowMist Zone (May 18)
$32 million worth of digital currency ether stolen by hackers (Jul 27)
Twitter icon (Jul 27)
update wallet library modifiers · openethereum/parity-ethereum@6b0e4f9 · GitHub (Jul 27)
"I Learn Blockchain"-XII. Ethereum Security Parity First Security Incident Vulnerability Analysis - Programmer Sought (Jul 27)
$30 Million: Ether Reported Stolen Due to Parity Wallet Breach - CoinDesk (Jul 27)
Parity Multisig Wallet Exploit Hits Swarm City Funds — Statement By The Swarm City Core Team | by Matthew Carano | Swarm City Times (Jul 27)
Address 0xb3764761e297d6f121e79c32a65829cd1ddb4d32 | Etherscan (Jul 27)
Address 0x1dba1131000664b884a1ba238464159892252d3a | Etherscan (Jul 27)
Report: Hackers Stole $32 Million in Ethereum After a Parity Breach (Jul 27)
On The Parity Multi Sig Wallet Attack (Jul 27)
Ethereum's Parity Users Lose Millions in a Multi-Sig Hack – News Bitcoin News (Jul 27)
Twitter icon (Jul 27)
Parity Multisig Wallet Hacked, or How Come? (Jul 27)
The Parity Wallet Hack Explained – OpenZeppelin blog (Jul 27)
List of Ethereum Smart Contracts Post-Mortems - Security - OpenZeppelin Community (Jun 23)
Twitter icon (Jun 23)
Twitter icon (Jun 23)
An In-Depth Look at the Parity Multisig Bug (Jun 23)
3 Famous Smart Contract Hacks You Should Know (Nov 3)
