Multi-Sig Wallets worth $300M Mistakenly Blocked by User

As surprising and unbelievable as it sounds, it is indeed true that a single user has managed to jeopardize lives of countless individuals by permanently locking down dozens of multisignature digital wallets simply by accidentally deleting the code needed to access the wallets.

The wallets were hosted by Parity Technologies; the company admitted that the incident occurred this Tuesday and approx. 900,000 ether or $300 million worth of ether are blocked. Ether is the exchange unit for Ethereum platform. Ethereum community has concluded that the only way to get the blocked cryptocurrency unlocked is to employ the risky network split called Hard Fork.

Multisignature wallets are those that move funds only after multiple people sign off, which is why these have become quite popular in the corporate world. All the affected wallets were created after July 20 with the popular digital wallet program Parity after the company became a victim of hackers due to a bug.

In July, Parity wallets were affected by a bug, which led to stealing of $32 million in funds by hackers. Since then, to store large sums of money Parity Technologies introduced multisignature wallets, which were primarily preferred by large collective groups and cryptocurrency startups to prevent a single member from running off with the money and to keep the amount safe from hackers.

More: Developer permanently deletes 3 months of work files; blames Visual Studio Code

In its Tuesday’s blog post, Parity explained that the code used to fix the bug identified in July contained another flaw, which provided access to Github to someone using the ID devops199. Github is well-known platforms where developers come together to share open source code. The user accidentally activated a function that converted the multisignature wallets into standard wallet address while the user acquired ownership of these wallets.

The wallet contract for multisignature wallets was killed or as Parity referred to it “suicided” by the user due to which all multisignature wallets became useless, and the funds were locked permanently. Now, it is next to impossible to access them.

The user Devops199 then appeared on the Parity chat channel and wrote this message:

“I’m [an Ethereum] newbie… just learning.”

“You’re famous now lol,” another user replied.

According to Parity’s spokesperson, the company is currently trying to determine the “full extent” of this incident and will inform public about necessary advice and instructions.

“We are advising users not to deploy any further multi-sig wallets until the issue has been resolved and do not send any Ether to wallets that have been deployed and are in use already,” said the spokesperson.

“At the moment we are looking into every scenario, a hard fork is one of the options,” noted the spokesperson.

It is worth noting that after the hacking of Ethereum app DAO last year, which resulted in stealing of $50 million, Ethereum community decided to develop an entirely new version of Ethereum, one that cannot be hacked, called hard fork. But, the method was regarded as a risky one because the fork might cause serious instability if the majority of the community refuses to change to the new network.

A “newbie” deleted some code resulting in permanently locked down dozens of digital wallets containing nearly $300 million worth of ether.

Ironically, Polkadot app was also among the affected wallets. This is an Ethereum app launched by Gavin Wood, Parity’s founder, and managed to gather over $100 million in investments from Initial Coin Offerings or ICO. However, the app will continue as per the plan, revealed the spokesperson.

ICO represents a relatively new fundraising technique that is used by firms in the blockchain space where investors can exchange cryptocurrencies such as bitcoin or ether for newer currencies that are created by the company.

This is a developing story; keep checking this space for latest news on this incident.

More: How a man’ life was ruined due to a typo in IP address by Police

Waqas

Waqas Amir is a Milan-based cybersecurity journalist with a passion for covering latest happenings in cyber security and tech world. In addition to being the founder of this website, Waqas is also into gaming, reading and investigative journalism.