By correcting one vulnerability, the developers of Parity created another, no less dangerous, which makes them seriously question about their qualification.
Also, a special website is launched where users can check if their funds are blocked by specifying their address in the form of a request for the Ethereum Wallet. The site has statistics, from which it can be seen that as of November 9, 573 victims were registered. In total, the error has affected 584 electronic wallets.
Opinions of industry representatives:
Vitalik Buterin @VitalikButerin
"I am deliberately refraining from comment on wallet issues, except to express strong support for those working hard on writing simpler, safer wallet contracts or auditing and formally verifying security of existing ones."
Parity Technologies @ParityTech
"Update: To the best of our knowledge the funds are frozen & can't be moved anywhere. The total ETH circulating social media is speculative."
Damage assessment and affected start-ups
Judging by the list of addresses of blocked Wallets that appeared on Thursday in Gitter-Chat Parity, more than 900 000 ETH were blocked at the current exchange rate of about $ 280 mln. Some of these funds were collected during the crowedfunding campaigns (ICO).
Here are just some of the affected projects:
Polkadot, ~ 306 276 ETH, address 0x3bfc20f0b9afcace800d73d2191166ff16540258
Iconomi, 114,939 ETH, address 0x376c3e5547c68bc26240d8dcc6729fff665a4448
Musiconomi, ~ 16 475 ETH, address 0xc7cd9d874f93f2409f39a95987b3e3c738313925
It turns out that only the three largest projects lost almost 440 000 ETH, that is, almost 150 million dollars at the current rate! Even more piquancy of the situation is attached to the fact that they suffered these losses not even as a result of a hacker attack, but because of the random actions of a person who decided to practice in operations with smart contracts.
The largest project with blocked funds was the startup Polkadot, whose team is developing a protocol for exchanging information between independent blockers. The company has already commented on what happened:
"Although access to some assets was lost due to a vulnerability in Parity software, this purse contained only a portion of the Web3 Foundation's funds. Therefore, the Polkadot team will continue to work on the project according to the previously approved plan without changes. "
On this news, the Ethereum rate briefly dropped by $ 20, but by the evening of November 9, it returned to the position and rose to $ 330 per 1 ETH. The official statements or announcements about the solution of the problem with smart contracts from the company Parity has not yet followed. Developers now only analyze the situation; however, as it was already noticed earlier by Martin Swende, without hardfork it will be difficult to manage.
Given Vitalik Buterin's rather cool position, it will not be easy to achieve the second "saving" hardfare, even if included in the release of Constantinople, which will probably take place in the first months of 2018. The previous hardcore, undertaken to return funds, led to the fusion of Ethereum Classic, something similar can happen this time. In addition, the reputational costs are unnecessary for the Fund of the Etherium.