$300m in cryptocurrency accidentally stolen and lost forever due to bug

[crimethink]

https://www.theguardian.com/technolo...olen-bug-ether

More than $300m of cryptocurrency has been lost after a series of bugs in a popular digital wallet service led one curious developer to accidentally take control of and then lock up the funds.

Unlike most cryptocurrency hacks, however, the money wasn’t deliberately taken: it was effectively destroyed by accident. The lost money was in the form of Ether, the tradable currency that fuels the Ethereum distributed app platform, and was kept in digital multi-signature wallets built by a developer called Parity. These wallets require more than one user to enter their key before funds can be transferred.

On Tuesday Parity revealed that, while fixing a bug that let hackers steal $32m out of few multi-signature wallets, it had inadvertently introduced a new flaw into its systems that allowed one user to become the sole owner of every single multi-signature wallet.

The user, “devops199”, triggered the flaw apparently by accident. When they realised what they had done, they attempted to undo the damage by deleting the code which had transferred ownership of the funds. Rather than returning the money, however, that simply locked all the funds in those multisignature wallets permanently, with no way to access them.

“This means that currently no funds can be moved out of the multi-sig wallets,” Parity says in a security advisory.

Effectively, a user accidentally stole hundreds of wallets simultaneously, and then set them on fire in a panic while trying to give them back.

“We are analysing the situation and will release an update with further details shortly,” Parity told users.

[Ares]

As much as it sucks having to house your own wallet due to the blockchain size, it really is the safest way to "hold" your crypto currencies. Always write down and backup the Private Key. I don't even transfer funds to a wallet until I have the private key already backed up.

[madfranks]

the money wasn’t deliberately taken: it was effectively destroyed by accident. The lost money was in the form of Ether

Well, the ether developers have an established history of hard-forking the ether chain to recover stolen money, so if this $300 million makes enough turbulence, I don't doubt they'll hard-fork the ether chain once again to insert an additional $300 million back into the victim's wallets.

Ether, unlike the spirit of bitcoin, has an aspect of centralized control to it, and those in charge have proven that they'll use it for their own advantage, which is why I have stayed away from Ether for a long time now.

[Jewboo]

As much as it sucks having to house your own wallet due to the blockchain size, it really is the safest way to "hold" your crypto currencies. Always write down and backup the Private Key. I don't even transfer funds to a wallet until I have the private key already backed up.

http://www.dvorak.org/blog/wp-conten...grope_dees.jpg https://media1.tenor.com/images/bee6...a956/tenor.gif

Depending on a physical flash or spinning drive ?

So many ways digital money can go POOF.

[sirgonzo420]

http://www.dvorak.org/blog/wp-conten...grope_dees.jpg https://media1.tenor.com/images/bee6...a956/tenor.gif

Depending on a physical flash or spinning drive ?

So many ways digital money can go POOF.

Pen and paper work too for storing bitcoin private keys.


You should know about pens and paper, right, BOOK?

[madfranks]

Pen and paper work too for storing bitcoin private keys.


You should know about pens and paper, right, BOOK?

Ha ha, I actually keep a physical printout of my wallet keys hidden where only I know where they are.

[sirgonzo420]

Well, the ether developers have an established history of hard-forking the ether chain to recover stolen money, so if this $300 million makes enough turbulence, I don't doubt they'll hard-fork the ether chain once again to insert an additional $300 million back into the victim's wallets.

Ether, unlike the spirit of bitcoin, has an aspect of centralized control to it, and those in charge have proven that they'll use it for their own advantage, which is why I have stayed away from Ether for a long time now.

Yep, and bitcoin is simple compared to ethereum, which is a strength with something being used for money (although ethereum is not designed to be money). Funny, I used to work with Vitalik, the guy who created ethereum, on bitcoin related stuff before ethereum was even created and released. The "exodus" (ethereum's genesis) had a rate of 2000 ether to 1 bitcoin. I was kind of amazed at how quickly banks and big corporations jumped onto ethereum. In my mind, Vitalik is still a 17 year old programming prodigy. I'm still shocked at how far ethereum has gone, likely in part due to people wanting to "get in early on another bitcoin".

However, ethereum, like bitcoin, but to a greater extent due to the promotion of "smart contracts", enables users to mess up very, very badly. This, like the DAO fiasco which resulted in the Ethereum Classic fork, is a similar predicament; an application using ethereum was flawed and resulted in the freezing of customer funds. Vitalik will likely "roll it back" in an update, which is the sort of reason why I am not trumpeting ethereum. Ethereum is considerably more complicated with a wiiiiide field of attack.

[EE_]

My guess is more money is being stolen from crypto accounts then the people behind cryptos will admit. Much of it will never be known unless everyone tried to cash out.

[Ares]

Yep, and bitcoin is simple compared to ethereum, which is a strength with something being used for money (although ethereum is not designed to be money). Funny, I used to work with Vitalik, the guy who created ethereum, on bitcoin related stuff before ethereum was even created and released. The "exodus" (ethereum's genesis) had a rate of 2000 ether to 1 bitcoin. I was kind of amazed at how quickly banks and big corporations jumped onto ethereum. In my mind, Vitalik is still a 17 year old programming prodigy. I'm still shocked at how far ethereum has gone, likely in part due to people wanting to "get in early on another bitcoin".

However, ethereum, like bitcoin, but to a greater extent due to the promotion of "smart contracts", enables users to mess up very, very badly. This, like the DAO fiasco which resulted in the Ethereum Classic fork, is a similar predicament; an application using ethereum was flawed and resulted in the freezing of customer funds. Vitalik will likely "roll it back" in an update, which is the sort of reason why I am not trumpeting ethereum. Ethereum is considerably more complicated with a wiiiiide field of attack.

Its kind of why I'm liking the Waves platform. It improves upon Ethereums flaws. Now whether it takes off or not, that has yet to be seen. But they've implemented a Proof of Stake algorithm and can handle with the current test Waves-NG client 5,000 transactions a minute. That many transactions would choke the ethereum network at the moment.

The thing I like most about the Waves Platform is that they have a Decentralized exchange. The funds never EVER sit in the Exchange wallet, they reside in yours and are there until you buy or sell.

[sirgonzo420]

Ha ha, I actually keep a physical printout of my wallet keys hidden where only I know where they are.

That works.

That's an old school way of handling it.

Earlier in bitcoin's life, when I was trying mostly in vain to suggest that people here avail themselves of the opportunity of obtaining very very cheap bitcoins, the only way of handling bitcoin was with individual private keys.

Now there are more convenient options.

Several improvements to the bitcoin protocol allow for some helpful things:


BIP-0032: https://github.com/bitcoin/bips/blob...0032.mediawiki
This document describes hierarchical determinstic wallets (or "HD Wallets"): wallets which can be shared partially or entirely with different systems, each with or without the ability to spend coins.


BIP-0039: https://github.com/bitcoin/bips/blob...0039.mediawiki
This BIP describes the implementation of a mnemonic code or mnemonic sentence -- a group of easy to remember words -- for the generation of deterministic wallets.

BIP-0044: https://github.com/bitcoin/bips/blob...0044.mediawiki
This BIP defines a logical hierarchy for deterministic wallets based on an algorithm described in BIP-0032 (BIP32 from now on) and purpose scheme described in BIP-0043 (BIP43 from now on).




Now one can generate a wallet with near infinite addresses/keys, represented by 12, 18, or 24 random words.

You can more effectively memorize 12 or 24 random words than a case sensitive private key, and the seed words generate as many addresses as you need.

Hardware wallets like Trezor and Ledger also exist, where you can have your 24 seed words which you keep secure, and the physical device allows you to safely spend your coins without worrying about the computer being compromised. You can also secure different cryptocurrencies on one hardware device.



https://i2.wp.com/blockonomi.com/wp-...08%2C555&ssl=1Attachment 9423