When $90m of that is Core Developer’s money, a second “Greatest Assumable Disaster” is tolerable?
Systemic design flaw “Anyone can delete a critical smart contract component (library)”
is diminished to just being a “bug” and “young technology” – rather than a cheap copy of PoW.
So there will be three (3) Ethereums soon: ETC, ETH, and ETxx
“unfreezing” funds in three to six months (!) Largest Roll-Back EVER. — TJACK
Earlier this year, Parity Technologies seemingly lost about $150 million worth of Ethereum (513,774.16 Ether) when a user of its wallet accidentally deleted a code library that made Parity’s wallets work. At least 1 million in ETH became frozen — and about $90 million of those were actually from Parity co-founder and Ethereum core developer Gavin Wood’s token sale for its Pokadot blockchain technology. The money may not be lost forever, though.
Today at TechCrunch Disrupt Berlin, Woods and Parity CEO and co-founder Jutta Steiner retraced their story of what happened. “A library that governs the logic of the wallets that people use had a bug, which was due to a delicate refactoring at the time when the tools weren’t yet that developed,” Steiner said, arguing it’s a symptom of the technology still being young at the time. “We hadn’t figured out how to deal with bugs.”
As TechCrunch editor-at-large Mike Butcher noted, though, the bug that caused this freeze was actually known and had been reported long before it caused this issue. Steiner didn’t disagree, but noted that this issue wasn’t reported as a critical security flaw at the time. “It sounded like a nice-to-have update,” she said.
Steiner, however, said that she is confident that a fix for this issue, which could unfreeze the money, may happen when the next scheduled update goes live in the next four to six months.
How upset is Woods about this? It doesn’t seem like he’s too fazed by it. “It’s a long-term savings account for us right now,” he quipped. But while the two might have sounded nonchalant on stage about the issue, it’s clearly a sensitive subject for both Parity and Polkadot.
It’s still extremely early days for these technologies, and as Butcher noted, we’re in the ‘moon-landing’ phase of this brand new industry.
All’s Well That Ends Well? Parity Hopes to Unlock ‘Killed’ Ethereum
Embattled wallet Parity’s co-founders have said the Ethereum ‘missing’ since a codebase delete could return “within the next four to six months.”
In an interview with TechCrunch Editor At Large Mike Butcher, Gavin Wood and Jutta Steiner confirmed they hoped scheduled upgrades to the platform would enable the funds to be recovered.
Since a Parity developer “accidentally killed it” last month by cutting off access to ETH now worth $150 mln, confusion has reigned as to how and even if they will ever be spendable again.
“It’s more of a long-term savings account for us now,” Wood stated dryly after Steiner announced the new roadmap for recovery.
Going into more detail, Steiner said the vulnerability which led to the funds disappearing was known to developers. Due to the manner in which the discoverer told the team, however, the issue did not appear to look like a “security flaw.”
“It sounded like a nice-to-have upgrade,” she explained.
While Wood remained unfazed, Steiner was less settled as Parity looks to cap a year which saw two major disasters.
Previously, a hack saw sympathetic community ‘white hat’ hackers rally to drain user wallets to protect them from further theft. The operation secured ETH at the time worth $85 mln.
[Ethereum No III: The Next Fork – 11 DEC 2017]
As much as people try to make it a “Parity Problem” – while it was their library,
the real problem is an Ethereum design issue, when you can delete libraries,
upon which hundreds, if not thousands of contracts rely.
Planned six months after it happened? Manual Hard Forks are the greatest assumable accident
for any Blockchain-ish infrastructure (should mean instant death, as it has been compromised).
System Forks are good and part of the design. And Ethereum is not Blockchain in the least! — TJACK
11 DEC 2017
Parity Technologies has published an update on its efforts to reclaim funds lost in a high-profile coding error that occurred on ethereum last month.
In a blog post published today, the U.K.-based company published the results of its research into the issue, suggesting as many as four such protocol changes are currently under review as possible fixes, all of which would require changes to the ethereum software all users run. At the time, $160 million-worth of the cryptocurrency ether became inaccessible to their owners.
Given the stakes, Parity sought to galvanize community support for a plan to “rescue” the funds in the post, appealing to those who run the software for the change.
While acknowledging a decision would ultimately be up to the community, Parity said its preferred fix would be made via protocol changes to the ethereum virtual machine (EVM). According to the blog post, this would be a “functional enhancement to the platform” that would both restore the lost funds and protect against similar cases in future
The company wrote:
“No one should be under any illusion that unlocking these stuck funds would be anything other than a rescue operation – and would only be possible with a hard fork.”
The company’s positioning of the news also sought to stress the idea that the company can’t act unilaterally to recover the funds. A sign of the early stages of the process, it has also yet to document the idea as an ethereum improvement proposal (EIP), the official code patches for the platform.
As previously detailed by CoinDesk, EVM protocol changes are a contentious solution.
Speaking at the time, the idea was criticized by ethereum developer Nick Johnston, who said it would “change an important invariant” in the EVM, potentially leading to “unexpected bugs, even in already-deployed contracts.”
The post documents two other potential fixes, including an amendment to the existing ethereum improvement protocol, EIP 156, and an “address specific” Parity fund rescue.
In the time since the fund freeze, the Parity debate has triggered discussions reminiscent of the DAO hack of last year, in which hard fork contention spawned a competing cryptocurrency named ethereum classic (now valued at $1.7 billion), though on a smaller scale.
The Parity blog post concludes:
“It is our hope that the community would get behind a rescue of these funds to help all the users that we can.”
[… meaning “community, please agree all to this upgrade / fix, so we do not have THREE Ethereums if only a part of the current ETH string agrees — TJACK]
[16 DEC 2017 — $275m in Ethereum remain lost]
Parity Technologies suggested today it may not continue to pursue changes to the ethereum blockchain’s software as a way to reclaim hundreds of millions in inaccessible customer funds.
The development comes days after the company outlined four ethereum protocol changes that would restore access to the $275 million in ether frozen last month due to a vulnerability in the software. The four options, detailed in a blog post, entailed varying changes to the ethereum’s software – specifically, the ethereum virtual machine (EVM) which translates smart contract commands in code.
Speaking at an ethereum developer meeting today on the subject, Parity spokesperson Afri Schoedon acknowledged that its suggested paths for unlocking the funds were perhaps unsuccessful in achieving a critical mass needed for its ideas to be coded, proposed and accepted on the network.
“Actually, I don’t want to talk about it, except that one point is that Parity doesn’t want to follow up on the proposals, because we see the feedback was clear and loud.”
The comment came after Hudson Jameson, the Ethereum Foundation’s communications lead, asked Schoeden about the proposals as part of the meeting’s agenda.
In a follow-up conversation, Schoeden, who speaks on behalf of Parity at developer meetings and on public forums, told CoinDesk: “We are not putting any more effort in improving these proposals.”
Parity Technologies has yet to make an official statement about its next steps, but shortly after today’s developer meeting, the company tweeted that it will be reviewing its options following the response to its blog post.
The post received harsh criticism not only from ethereum users, but also developers of the open-source network. In a Dec. 11 blog post, ethereum core developer Nick Johnson warned that the code changes could result in dangerous and unpredictable outcomes.
“Because of the risks and the level of uncertainty surrounding them, I personally can’t recommend any of the four variants of this proposal for adoption,” he wrote.