- Eddie Keogh/Reuters
- Last week, a mistake by a novice hacker led to customers of Parity being unable to access the ether they had stored in their digital wallets.
- Initially, some researchers estimated that as much as $280 million worth of ether could be locked up.
- Parity now say that the official amount that’s frozen is worth around $162 million.
- The company is considering a technique that would essentially unwind the Ethereum blockchain to unfreeze the wallets.
A novice hacker’s goof that last week locked some consumers out of being able to access their stores of ether, a cryptocurrency, wasn’t as bad as initially feared.
Some 587 digital wallets have been frozen since November 6 when an unidentified user accidentally deleted the code library required to use recently-created wallets within Parity Technologies, a popular provider of them.
An official audit by Parity found exactly 513,774.16 ether was frozen as a result of the deleted code, the company said Monday. That amount of ether was worth around $162 million at press time. Some 573 wallet holders were affected by the frozen cryptocurrency.
That may not sound good, but researchers initially estimated the problem was much worse, potentially affecting as much as $280 million worth of ether. Early on, though, Parity disputed those estimates.
“This is a learning opportunity (albeit a painful one) for our company, for our collaborators and the community that stands with us,” the company said in a statement. It continued: “Moving forward we will … work together with the community to make core infrastructure more secure.”
Even though the problem wasn’t as bad as feared, some companies and individuals were hit hard. Cappasity, a startup, was using its Parity wallet for fundraising when it was frozen. The company has 3,264 ether – around $1 million worth – locked up, according to a blog post. Polkadot, a blockchain startup run by Parity’s founder Gavin Wood, was also affected by the problem.
Parity and others have suggested ‘hard fork’ to undo the hack.
Parity and the community around Ethereum, the blockchain underlying ether, haven’t agreed yet to a solution to the frozen accounts. But they’re contemplating a so-called hard fork in the blockchain.
Blockchains are digital ledgers that record everything that has ever happened involving them. Though the code required to access the wallets was deleted, the wallets themselves and the ether inside them still exist inside the Ethereum blockchain. But without the code, they can’t be accessed at this point in the ledger’s time line; some observers have compared the situation to a locked safe without a key.
A hard fork would force the digital ledger to go back in time to the moment before the critical code was deleted that led to the frozen accounts. The fork would essentially create a new, second path from that point, one in which the accounts were never frozen. Such a move is the only way to unfreeze the wallets, Martin Swende, head of security for the Ethereum Foundation, told the cryptocurrency blog ETHNews.
Technically, hard forks aren’t that difficult to do; to most users they would look like a software upgrade. But they can be controversial within blockchain communities. Some enthusiasts fear that frequent forks will compromise the integrity of and outside support for Ethereum and potentially reduce ether’s value.
The challenges of a hard fork “are more of a political than technical nature,” Swende told EthNews.
Parity is contemplating pushing for the hard fork to be included in an upcoming security update dubbed EIP156 that already enjoys widespread support.