An Ethereum "Newbie" Accidentally Destroyed 600K Ethers

trustnodes.com/2017/11/07/exclusive-parity-hacker-claims-ethereum-newbie-interview

techcrunch.com/2017/11/07/a-major-vulnerability-has-frozen-hundreds-of-millions-of-dollars-of-ethereum/?ncid=mobilenavtrend

Other urls found in this thread:

paritytech.io/blog/security-alert.html
gitter.im/paritytech/parity?at=5a01cb3232e080696e764ac5
etherscan.io/address/0x98c63b7b319dfbdf3d811530f2ab9dfe4983af9d
gist.github.com/banteg/f61d256d12158b8c344d7889266f43b5
twitter.com/SFWRedditGifs

I hope he claims the 117 ETH bug bounty.

Keksimus Maximus

HOW WILL ETHFAGS
EVER
RECOVER

Lmao.

Welp, looks like I'll be buying some more ETH when it drops down to $160 because of this.

>neutron star hands

>I accidently Ethereum

isnt that almost 1% of the supply? pump it

...

eth got hacked by a 14yo hacker

this is just sad

could he have drained the accounts?

what happend? can i get a quick rundown

Maybe he was a Nazi hacker!!!

kek so ETH now has an even lower supply.

Thanks.

Random kid sends kill() and destroy() commands to Ethereum contracts and fucks shit up

Now hundreds of millions worth of Ethereum are bricked for people who used multi-sig parity wallets

hahahah that would be icing on top of the cake

please PLEASE TELL ME HE GETS THE 117 ETH BUG BOUNTY

nice :D

will push the price up.
the hack has nothign to do with ETH
the wallet just sucks

Holy shit just imagine some poor lil Pajeet programmer from India typing shit into his computer from some small hut with some dial up internet and this happens

Its like you fucking decided to develop a "my first website" and brought down half of the internet

lol
the absolute state of eth

This is good for ETH.
Less circulating supply means higher price.

kek

Wait, so did this guy fuck up his own contracts?
Or is there some vulnerability that lets you lock down other people's shit?

You remember init wallet or whatever from a few months ago? The one that let you take control of other parity wallets?

It's the same thing but they never fixed it for parity multisig wallets which are basically contracts.

paritytech.io/blog/security-alert.html

Who the fuck uses multisig wallets

Time for another hard fork!

Source of these chats please?

>Parity's "multi-signature wallet" (designed for shared ownership) can be deployed by anyone, and relies on the already deployed "wallet library" that is the subject of today's dumpster fire. The wallet library has the "make a new wallet" function in it. devops199 called that function directly, instead of from a new wallet. The library turned itself into a wallet with devops199 as the owner. The owner of a wallet can "suicide" the wallet, which is what he did next.

So basically:

>14 yo hacker accidentally turns multisig library into a wallet
>Proceeds to use a suicide function on the "wallet" thereby deleting the library.

Topkek

>multisig wallets
I'm a newfag, what is the purpose of these wallets?

It's for companies like ICO's so it takes multiple people at once to access the funds. Basically like turning 2 keys at once to open the bank vault.

gitter.im/paritytech/parity?at=5a01cb3232e080696e764ac5

This is fucking hilarious

TFW, this means that ETH fags can't sell and volume can never drop below that number of ethereum. :D Will buy now.

I'll laugh my fucking ass off if Link funds were in a parity multisig.

so... It's that easy to steal a multimillionaire shared wallet?

etherscan.io/address/0x98c63b7b319dfbdf3d811530f2ab9dfe4983af9d

This is the main chainlink wallet with 35% of supply, how do we know if it's affected?

jesus fuck a legend was born

We dont.

We laugh our assses off as Rory explains that all the Link not in circulation was in parity multisigs and so were the ICO funds.

Maybe Vitalik will throw a tantrum and cry to the exchanges to stop Eth trading.

>like he did last time

Thats not a multisig wallet

It looks like these are all the wallets affected:
gist.github.com/banteg/f61d256d12158b8c344d7889266f43b5

>Random kid sends kill() and destroy() commands to Ethereum contracts and fucks shit up
but why
and why was some random asshole able to even send those commands and have them executed

kekerino, a fucking autistic kid brought down the second largest crypto currency
>crypto is the future

An autistic kid created the second biggest crypto. It's like pottery.

SELL SELL SELL

look at this retarded shit ETH has be doing this for weeks.

>ethereum takes a hit to total supply
>retards sell even though their eth is now worth more by virtue of less of it existing
???

>eth is the world's computer guys!
>people does "delete system32" mistakes
shocking

Ummm he paid for the gas so he losted money on this hack lol how you going to shut down eth and lose money like really?

>eth is now worth more by virtue of less of it existing

Less than one percent.

Oy vey!!

>wake me up
Wake me up inside
>i can't wake up

SKELLY YOU FUCKED US

I'd like to eat at Wojak's.
What's their best dish?

Try the AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

Consider the following:

Let's say that there's a new coin in the market, which has a decent number of users and monetary value (let's say ~100$ each)

One day, someone finds a bug in the implementation: every time a new block is mined, there's a 0.05% chance that 1% of the wallets disappear.

Do you think that the value of that each coin increases due to the fact that there are less coins?

I'm pretty sure that the whole bug makes the intrinsic value of the coin decrease.

I know that this is not what's going on with ETH right now, but it seems valid to me that people might not want to invest in a coin that forks every other month.

Sounds lovely, I'm gonna try it this weekend.

No and no.

Not "basically the same thing". This kid killed the contracts he didnt steal anything.

This is actually on Parity. They designed a shit wallet. Bitcoin didn’t fork over Gox, Ethereum shouldn’t fork over this.

There is a fork scheduled (Constantinople), maybe they’ll just holy shit crypto. FUCK.

>how is that possible that you "accidentally" called kill?
>this is how "white hacker" should act:
>1) found vuln.
>2) contact the Parity team
>3) Parity team writes "please withdraw all funds" without any explanation of vuln.
>4) People have time to withdraw funds...
>You called initWallet and then kill "accidentally"? I WILL NEVER BELIEVE THAT. that requires TWO method calls. I think that you knew what you will do next...

these kids are adorable

parity is a third party wallet. ethereum didnt get hacked you dumb fuck.

>Vulnerability costing millions of dollars shows once again the idea of a programmable blockchain is iffy
>Hard fork will likely happen, reminding everyone ethereum is not immutable, but human consensus subject to the same pitfalls as current democracies

Bullish for normies but worrying long-term

ETH is such a horrible, horrible mess.

>coin that forks every other month
Oh you meant bitcoin?

third party glitch
>ETHERESUUMS FEGS BTFO
???

doesn't sound that hard if you have enough knowledge to use a method call but not enough information to understand why that might be bad

Yeah ETH can hardly be any more pathetic and lifeless than it has been for months anyway. So this is all no big deal, really.

is he /ourguy/?

My sides are in orbit

Wow. That fag knew what he was doin. Anyone who believes his "im a noob pls" story is an idiot. Hope one of those millionaires put a hit on him

Nah, I buy his story that he didn't know what he was doing. He was probably trying to copy the parity hack from the summer, not fully understanding how it worked.

>millionaires
not any more

there no way this guy isn't trolling
he knows exactly what he's doing

this is why Money Belly > Money Skelly

you ETH fags would be better off putting your shekels into LINK after today's debacle.

>b-but it was just a third party wallet guys!

You braindead faggots don't get it. This is a big deal because it exposes the fact that the nature of smart contracts makes ETH a horrifically terrible choice as a long term store of value.

Most people with a brain knew this already, but 90% of ETH holders are normies who got into crypto a week ago.

Ethereum Cash !

So from the articles I'm reading, this kid was able to convert a multi-sig wallet into a standard wallet that he owned... then he suicided it.

Assuming he had not suicided it, would he actually have had access to the ~$300 million in funds?

I hold no ETH at all so I'm a total brainlet on how their shit works.

no i dont think so
he had ownership of the contract address but no access to the funds

>multi-sig parity wallets

Anyone else having deja vu?

> want to hire

Shouldn't the price be going up? The remaining, accessible, ETH just became scarcer.

Well, it's not ETH itself that's at fault but yet again shitty solidity implementation correct?

No, destroying it was the only thing he could do. And that's what he gloriously did.

its the trump curse, get out now boys.

Maybe he was shorting ETH x100 though

What a little faggot how long till he gets doxxd?

I own a website. With like 20 human visitors a day. And I get thousands of attacks each month from every silly angle you can imagine.

Yeah, just like bitcoin got hacked during the Mt. Gox attack.

Fuck off with that bullshit, it's no different than an exchange getting hacked. People trusted a third party to put their money in a vault secured by shitty code, and they got got screwed.

blame it on a 3rd party all you want, but people will be using 3rd party wallets.
It's disturbing that $180 Million worth of crypto can just vanish in an instant.

>tfw this will not only kill ETH but every erc-20 token
so glad i hopped on the ETP train

if i was this kid i would be suing for defamation

i would be so proud if i killed this shitty multisig contract and i would laugh in all their faces too

why are these stupid icos loading all their cash into one spot? arent there other multisig options? fucking goons deserve it 100%

yeah but wallet software is already time tested. its these clowns putting money into experimental shit like "multi sig wallets".

i cant believe people are still loading huge amounts of money into contracts.

Is EtherDelta safe?

EtherDelta also uses smart contract to handle exchanges between coins. Is there any problem with EtherDelta's code?

nah bro, we good. I already checked

>will I get arrested for this

Give me your address and I'll test it

Nah hes not, he had control over the wallet then set it to kill he could transfer the funds

>People trusted a third party to put their money in a vault secured by shitty code,
>and they got got screwed.
TWICE

>mfw I was called an hysterical soccer mom for pointing out people won't trust their money to someone so blasé about security
>mwf I have no face because of vindication