Categories: CryptoNews

Parity Team Was Aware of Multisig Bug but Postponed Implementing Fix

The Parity multisignature issue involving the freezing of Ethereum funds has taken yet another major plot twist. More specifically, the Parity team has acknowledged that they could have easily prevented the freeze but failed to do so. With over 500,000 Ether still locked up in smart contracts, it is evident the company’s negligence was a big factor. How all of this will play out remains to be determined.

Parity is Partially at Fault for Frozen Funds

It is not entirely surprising to learn that the Parity team knew their multisignature implementation was vulnerable to attack. Many people had suspected as much, even though there was never any real evidence to back up such claims. In a recent

report, the team acknowledged they were aware of the issue that froze over 500,00 Ether in smart contracts. No one will be entirely surprised by this plot twist, as it was somewhat expected.

For some reason, the Parity team completely misjudged the urgency of implementing a fix to the problem affecting their smart contracts. It is a bit of a surprising disclosure from a company with so much expertise in the field. There is never a good reason not to fix a major problem right away. A lot of innocent people are paying the price for Parity’s lackluster approach to this issue. That’s not an ideal situation by any means.

The multisignature bug itself came in the form of the EDCC, which is the library contract used in some Parity wallets. A hacker successfully killed the EDCC and froze over 513,000 Ether in the process. Had the company taken a suggestion on GitHub more seriously, this issue probably never would have arose in the first place. It is always easy to declare such things after the fact, but the developers messed up royally in failing to take responsibility.

Related Post

As it turns out, a GitHub user advised Parity to call the initWallet function to prevent non-company actors from obtaining ownership of smart contracts. This implementation was eventually put on the back-burner and labeled a “convenience enhancement” rather than a “security fix”. Of course, they couldn’t have been more wrong in this regard. Ultimately, the team decided to bundle this “enhancement” with their next regular update, and we all know what happened next.

There was no real reason to postpone this implementation, though. The initWallet function could have been called at any time to remove this vulnerability as soon as it was provided by the GitHub community. Alas, the team failed to do exactly that and instead focus on what they assumed was more important. It is difficult to address all issues in the world of software, and there certainly may have been other issues that needed to be addressed as well. Still, the team could and should have handled things very differently; that much is evident.

For the time being, all of the money frozen remains locked and totally inaccessible. The Parity team says it’s still working on a solution, but there is no indication as to when these funds will be unfrozen. Rest assured this is not the last we’ll hear of this issue. It is good to see the team acknowledge they were wrong, but it’s only a Band-Aid on a broken arm right now.

JP Buntinx

JP Buntinx is a FinTech and Bitcoin enthusiast living in Belgium. His passion for finance and technology made him one of the world's leading freelance Bitcoin writers, and he aims to achieve the same level of respect in the FinTech sector.

Share
Published by
JP Buntinx

Recent Posts

Qubetics Presale Skyrockets to $7.5M as XRP and Arbitrum Lead Best Altcoins for Exponential Returns

The crypto market is always evolving, with big names like Bitcoin and Ethereum leading the…

39 mins ago

Over 300K Users Actively Mine Crypto On BlockDAG’s X1 Miner App While BNB Bulls Eye $3K; What’s XRP’s Price Target?

The crypto market is ablaze with excitement as altcoins like XRP and BNB make major…

55 mins ago

Best Crypto Presale To Buy Now: Rollblock Delivers For Holders With New License, Record Sign Ups and 7000+ Games

Rollblock is quickly becoming the best crypto presale to buy, delivering unmatched value for its…

4 hours ago

Polkadot And Uniswap Gearing For Post-Christmas Jump As Rollblock Raises $7.4 Million in Presale

While Rollblock's continues its crypto presale, with its value increasing regularly, Polkadot (DOT) and Uniswap…

5 hours ago

IntelMarkets (INTL) Receives Massive Demand From Chainlink And SUI Investors Looking To Position For The Best Bull Run Gains

As the cryptocurrency market gears up for a bull run, IntelMarkets (INTL) is attracting significant…

5 hours ago

FOMO Selling Trigger $1 Billion Liquidations as LINK & SOL Bleed Heavily; What to Do Next?

In the past, Chainlink (LINK) and Solana (SOL) have been among the most discussed altcoins…

11 hours ago