Distributed Networks Institute
Parity Multisig Wallet Bug Locks 513k ETH
Summary
On November 6, 2017, a user named devops199 accidentally triggered a sequence of actions that led to the compromise of the Parity Multisig WalletLibrary contract. By mistakenly executing the initWallet function followed by the kill function, the WalletLibrary contract was removed from the blockchain. As a result, approximately 513k ETH became locked and inaccessible in the affected contracts. The funds were not stolen but remained frozen, highlighting the need for better security measures in decentralized applications and smart contracts.
Attackers
The unintentional actions of GitHub user devops199 resulted in the locking of the funds. Address that performed disruptive transaction:
Losses
An estimated 513k ETH, equivalent to roughly $154 million USD, became inaccessible. Full list of affected wallets with locked assets was published on GitHub.
Timeline
- July 20, 2017 4:39 PM UTC: The WalletLibrary contract was deployed.
- November 6, 2017 2:33 PM UTC: Devops199 sent a transaction to WalletLibrary, calling the
initWalletmethod, which made 0xae7168deb525862f4fee37d987a971b385b96952 the sole owner. - November 6, 2017 3:25 PM UTC: Devops199 sent another transaction to WalletLibrary, calling the
killmethod. - November 6, 2017 3:54 PM UTC: Devops199 documented the transactions by creating an issue on the Parity’s GitHub.
- November 6, 2017 7:51 PM UTC: Parity issued a warning on Twitter, stating that they were investigating the issue.
- November 15, 2017: In a post-mortem report, Parity Technologies detailed efforts to resolve issues, including developing Ethereum Improvement Proposals (EIPs), conducting a security audit, and temporarily halting multi-sig wallet deployment.
Security Failure Causes
- Smart Contract Vulnerability: The WalletLibrary contract had a shared state that was globally available to all Parity Multisig Wallets that hardcoded its address. The WalletLibrary contract’s internal state, particularly the
m_numOwnersvariable, was uninitialized after deployment, allowing anyone to call methods that were guarded by theonly_uninitializedmodifier. This vulnerability remained undetected for a period of 110 days since the contract was deployed. - Inadequate Auditing: The WalletLibrary code, which was hastily patched following the previous protocol issues, wasn’t thoroughly audited.