Parity issues a Post Mortem on the Kill that Froze Millions

On the 6th of November, the Ethereum community was shaken yet again by disclosure that the Parity multisig wallet was hacked. A user was able to take over control of a number of wallets and once done, accidentally "killed" the smart contract library.

This resulted in about 513,774 ETH being frozen in the wallets and unable to be moved. No doubt an embarrassing development for Parity as there was a similar multisig wallet hack in July where parity wallet users lost close to $30m.

Yesterday, the team at Parity gave a detailed analysis into what happened in the incident and how the plan to secure their software going forward.

Early Warning Signs

Parity disclosed that there were already some suggestions to fix the vulnerable code prior to the incident. One user suggested on github that the company could consider some changes in their next update.

The user suggested that the library contract should call the initWallet function in the code. This could have prevented any outside agent from taking over ownership of the contract in question.

This was then incorporated into the constructor function but was not immediately rolled out. This was because it was viewed more as a "convenience enhancement". The team at parity would have rolled it out with one of the regular updates somewhere down the line.

Although Parity claims that the "original foundation" multi sig wallet code had no security issues, the library contract which was built by copying and modifying that code still had the original self-destruct function. This was coded in order to effectively "retire" the wallet.

This lead to the following frank assessment from the parity team:

If the contract code had not included the functionality to suicide or kill, even if someone had taken ownership, they would not have been able to do anything. The kill functionality was a remainder of the original audited contract.

Working Hard for the Future

Although they had great regret at failing to implement the fixes, they did note that the code was also created and audited the Ethereum foundation dev team. The Parity team is now working hard on a number of Ethereum Improvement Protocols (EIPs).

One of these is the previously proposed EIP156 which now could incorporate a number of changes to stave off future security concerns. Parity says that they will handle alot of the development around these particular proposals.

Apart from these EIPs, there are number of other steps that Parity is taking in order to prevent something like this happening again. One of them is to suspend the ability to deploy the multisig wallets until they are fully confident that they are safe.

They also said that they will complete a "full-stack external security audit of all existing sensitive code" as well as make use of a well thought out deployment checklist for future smart contracts. They would also want to work on other languages for smart contracts and consider increasing their bug hunting bounty.

It is indeed encouraging to see the effort that has been taken by Parity to comprehensively change procedural protocol to avoid future incidents. However, whether users will once again be comfortable to store large amounts of ETH in their wallets is another question entirely.

Featured Image via Fotolia