Virtual Currency Platform ‘Accidentally’ Locks Away $300 Million of People’s Money
Virtual currency is a risky gambit. On one hand, its cool and seems like the next logical step on our journey toward hoverboards and flying cars. On the other hand? These currencies are never quite as safe as their Silicon Valley proponents make them out to be.
Case in point, virtual currency platform Ethereum just announced that $300 million has “accidentally” been locked away and the issue may be irreversible. Let me repeat. Ethereum users just lost $300 million of their actual money by using the digital money platform.
In order to understand how this happened we need to rewind a bit, to July of this year, when an anonymous hacker exploited a bug in the system to steal $32 million. This occurred just one week after another hacker managed to surf away with $7.4 million in Ethereum funds.
According to a security alert, fixing the bug that allowed for those hacks in July opened up users to even more vulnerabilities. These vulnerabilities were accidentally exploited by a single user, merging $300 million of funds and making this user the sole owner. The user, who goes by the name “devops199” on the programming community GitHub, tried to do the right thing, deleting the wallet containing the $300 million, otherwise known as “suiciding.”
“I’m [an Ethereum] newbie… just learning,” the Ethereum user wrote.
The only problem? This action locked the money away and, due to the decentralized nature of the Ethereum platform, made it unable to be accessed. There are no records of which users were impacted and how much money was taken. Somehow, the “Scout’s Honor” oath has not been suggested as a possibility to properly disperse the $300 million.
“We are asking for everyone to be patient until the full extent of the issue has been identified and we will communicate any necessary instructions or advice,” a spokesperson wrote. “We are advising users not to deploy any further multi-sig wallets until the issue has been resolved and to not send any Ether to wallets that have been deployed and are in use already.”
There is one possible way to fix the mistake. Users call it a “hard fork” and it involves creating an entirely new Ethereum platform and migrating the entire user base over, essentially rolling back the clock so the bug was never triggered.
Critical bug found in @ParityTech multi-sig wallets. ~500K ETH lost forever.
Should Ethereum fork again?#ethereum
— localethereum.com (@localethereum) November 7, 2017
This move is risky, however. If enough people decide to forgo the migration, the entire platform could falter. A “hard fork” was successfully maneuvered in July as part of their efforts to restore funds to users who fell victim to the multiple hacks, with Ethereum creator Vitalik Buterin saying they got “very lucky.”
On their official website, Ethereum promises the ability to digitally transfer funds “without a middle man or counterparty risk.”
Oh well. You can always invest in fake-news hating gold coins. Bury them in your back yard!
[image via Shutterstock.com]
Have a tip we should know? [email protected]