Earlier today, Parity Technologies, the company behind the popular Ethereum Parity Wallet, issued an announcement to inform users that multi-sig wallets created after July 20 are experiencing a severe vulnerability that makes it impossible to move funds out of affected wallets.
The bug has practically left a slew of cryptocurrency enthusiasts locked out of their wallets and unable to move their funds to alternative accounts.
What is particularly troublesome is that today’s glitch stems from a software update Parity rolled out a couple of months back in order to fix another bug, which cost several ICO projects $30 million in stolen Ether coins.
According to Parity, the vulnerability was triggered by a regular user who attempted to exploit a flaw in the source code, accidentally removing crucial library code in the process.
UPDATE: A user exploited an issue and thus removed the library code, as it seems unaware of the consequences.
— Parity Technologies (@ParityTech) November 7, 2017
??? ? pic.twitter.com/lKV7Hm4rD7
— MyEtherWallet.com (@myetherwallet) November 7, 2017
Similar to the bug emergency in July, this development has affected some ICO projects.
The Polkadot ICO took the heaviest hit, holding over $92 million in Ether in a now frozen wallet. Coincidentally, Gavin Woods – better known for co-founding Ethereum and later Parity Technologies – is also the man behind Polkadot.
Ironically, a couple of weeks back Wood took to social media to express his concern that Ethereum should probably hold off its Byzantium hard fork as he suspected it might encounter bugs on the way. The scheduled hard fork eventually went without any unexpected interruptions.
As you can expect, the crypto community didn’t miss an opportunity to take a dig at Wood for not paying enough attention to his own product, letting critical bugs fly under the radar.
Meanwhile, Ethereum developer Nick Johnson has confirmed that a hard fork of Ethereum would be the only way to technically recover the money (although developers speculate it might be possible to reclaim lost Ether in the upcoming Constantinople hard fork by implementing Ethereum Improvement Proposal 156).
Until then, Parity Technologies says it is working on confirming the exact details, promising to inform the community as soon as more information is available.
If the funds can’t be retrieved – which seems like a probable outcome at present – let’s at least hope that Polkadot investors could claim their money back. Whatever the result though, this is bad publicity for Ethereum and the cryptocurrency movement as a whole. Shame on you, Parity.
Get the TNW newsletter
Get the most important tech news in your inbox each week.