For general questions, please read our F.A.Q.
Disclaimer: Cryptomover is not a licensed financial advisor. The information presented in this piece is an opinion, and is not purported to be fact. Cryptocurrency is a volatile virtual commodity and can move quickly in any direction. Cryptomover is not responsible for any loss incurred by following this advice.


75. $160M lost on Ethereum - Explained for non developers (Published: 14th Nov, 2017)
160M USD worth of Ether being locked

The main characters of today’s story are Ethereum, Parity, bunch of ICOs such as Polkadot and Iconomi (We know Iconomi is not a recent ICO but somehow one of the biggest influenced address has its name attached) and 160 million U.S. dollars’ worth of ether.

Multi-signature wallet and background of the story
I guess most of the audience would be very familiar with normal bitcoin and Ethereum wallet where the user can sign transactions using their private key. For multi-signature wallet, as the name suggests, multiple private keys need to be provided to sign a valid transaction. By brutal force this can be done in many ways but for the Ethereum multi-sig wallet, people somehow prefer to do it through smart contracts. Parity technology is a for-profit company that aims to ‘enable businesses and organisations to capitalise on blockchain technology and benefit from the new opportunities.’ From their website, seems that the most popular product currently is their Ethereum wallet product that enables the multi-signature feature. Before digging into more details about the curent story, we need to trace 116 days back to July the 19th when the funds in all Parity supported multi-signature wallets were stolen instead of frozen. At that time, the hacker could become the only owner of a multi-signature wallet by calling the ‘initWallet’ function within that wallet contract. On November, the 6th there is another vulnerability of Parity multi-sig wallet being exposed which causes 160 million worth of ether being frozen in the contract, here I am going to explain this vulnerability.

How this happened?
In fact, this really is not ‘another’ vulnerability. This is almost the same thing happened on July the 19th all over again.  Firstly, we need to know that there are two contracts involved in the construction of a Parity multi-sig wallet. The wallet contract itself and a library contract (0x863DF6BFa4469f3ead0bE8f9F2AAE51c91A907b4) where the wallet contract will call function from.In July, the hackers found that it was possible to run ‘initWallet’ function in this library through a wallet contract to re-assign the ownership of the wallet (this should not be executable after a wallet has already been initiated and therefore, this was clearly a serious bug). After this, Parity deployed a new library contract where a modifier ‘only_uninitialized’ is attached to ‘initWallet’ function. This means that once the wallet contract is initiated, it cannot be re-initiated so that a random dude cannot re-assign the ownership.  However, the Parity team ‘forgot’ to initiate the library contract so that the status of the library contract remained uninitiated for 4 month. Until seven days ago, a random dude (0xae7168Deb525862f4FEe37d987A971b385b96952) initiated it and become the owner of it by simply running ‘initWallet’ (yes, simple as that). Even though the ‘initWallet’ did have the modifier ‘only_uninitiated’, since the library has never been initiated, this call was still successfully executed and broadcasted on the blockchain. As we can see from the transaction history of this library contract, the first transaction after its deployment was sent by the ‘destroyer’. After becoming the owner of the library, ‘0xae7168’ destroyed the contract and therefore, locked up all the fund that stored in Parity multi-sig wallet that call functions from this library contract. Ironically, the first transaction send to this library wallet is to destroy it, sigh.

Thoughts on multi-sig and Ethereum
As the destruction of the library contract is non-retrievable and all the wallet that call this library cannot be re-written (it has already become a history on the blockchain). The only way to resolve this problem seems to be another hard fork. However, no decision has been given in the past week and hard fork means brushing away hundreds and thousands of transactions during this period. Meanwhile, although much larger amount of money was affected here than the DAO hack, the percentage of ether being affected is actually much smaller. As a result, we believe a hard fork is very unlikely, even though this is would be cruel to those asset holders.

Other than hard fork, we can think of two other possible compromises to mitigate the current damage.
1. Since a decent portion of the locked funds are raised for an ICO, we do think ICO should still issue the token as they have promised because it is their responsibility to take good care of investors’ money.
2. Create a new token that is meant to have the same value of ether. This is kind of like what Bitfinex did when they lost their fund. Doing this require the entire community to agree on and admit value of such a token which is unlikely yet better than hard fork in our opinion.

Also many people blamed Ethereum for such kinds of vulnerabilities happened again and again but as I have explained, this really is such a simple mistake made by the creator to the library contract that people do not even need to be a programmer to understand it. They should either settled the ownership of the library contract along with its deployment or remove the self-destruction function within it. Blaming Ethereum is like blaming a knife manufacturer for their product being used by a murderer to kill people. 

Key Takeaways
1. Bear in mind that any operations made on Ethereum mainnet is non-retrievable and therefore any smart contract, especially those involved in custodian must to be audited extremely strictly. Even experience developer may make mistake because solidity and writing decentralized app is such a new thing that no one can claim to be an expert of.
2. Although Ethereum is a platform designed for decentralized application, currently most smart contracts in use fall into the categories of multi-sig wallet, crowd sale and token creation. However, there are platforms designed specifically for these processes and since they have taken away the ‘freedom’ (risk) of writing smart contract, the platform can possibly be safer, faster and cheaper. One of such platform is Stellar and we are going to explain how multi-sig wallet and token creation work on Stellar network in near future.
3. For those ICOs that has lost investors’ money, how can you convince your investor that you can deliver what you have promised to create while you cannot even make your own multi-sig wallet?

© 2017-2018