The price of the ether cryptocurrency has dropped in recent hours following the discovery of a worrying vulnerability on the ethereum platform.
A code issue in the Parity wallet software has led to a large sum of money held in the cryptocurrency being “frozen”. The problem was reported on GitHub by a developer using the name devopps199 and has since been confirmed by Parity Technologies.
It is believed that this vulnerability affects anyone who has a wallet from Parity – the second most popular etherum client – that was deployed after the 20th of July and that is held with a multi-signature functionality.
This is the second major issue that has affected Parity in 2017. Earlier this year, a high-profile hacking incident led to some $30 million (around £228 million) being stolen.
In fact, the reason why the middle of July is important is that this is when the previous bug was fixed. It was corrected on the 19th of July and this new issue is present in the wallets deployed from the next day onwards.
Initial reports about this latest incident have mentioned varying figures in terms of the amount of ether currency that has been frozen. Parity makes up about a fifth of the whole network and early suggestions are that that it could be as much as $300 million (£228 million) that has been affected. Other sources put the affected figure a lot lower but others report it as being lower.
A New Hard Fork Needed?
As for the steps that are necessary to recover this frozen cash, some people think that another hard fork will be needed in order to sort it out and avoid future occurrences. However, not everyone in the ethereum network is pleased about the idea of having another hard fork.
For the time being, the advice from Parity is to not create new multi-signature wallets or to send money to existing wallets of this type. In a statement they said that they are “analysing the situation” and will provide more information “shortly”.
The problem happened on the 6th of November, when a user turned their Parity wallet library contract into a multi-signature wallet. They then cancelled it, which wiped out all of the code needed to operate multi-signature wallets.
Reports suggest that there is no risk just now of ether coins being stole or lost, as the accounts seem to be locked. However, the figures being used for the amount frozen vary widely, with some sources mentioning numbers while Parity said that the figures being bandied around are “speculative”.
Multi-sig wallets are especially popular with start-ups carrying out ICOs, as they ensure that a single employee can’t carry out transactions and send the cash raised to their own wallet.
Once word got out about this vulnerability the price of ether dropped to under $300 (£228) although the fall is perhaps less drastic than originally feared. Where the ether price goes from here probably depends upon how big the problem really is and how quickly it can be resolved by Ethereum developers.