Ethereum is in a state of panic after users of Ethereum software issued by Parity Technologies faced back to back updates after warnings of a testnet vulnerability. The vulnerability according to Parity’s blog could spread to the Ethereum network.
Parity is an Ethereum client from the UK, written from the ground-up for correctness-verifiability, modularisation, low-footprint, and high-performance.
It’s doing the complete opposite of why it was written!
The opening lines of the blog state the criticality:
“Summary: A consensus issue on the public test network Ropsten has revealed a consensus vulnerability that can be triggered by a malformed transaction.
In a pinned tweet on their twitter handle @ParityTech it read:
Alert: Please update your Parity Ethereum clients to 1.11.3-beta or 1.10.6-stable asap. https://t.co/QNxzv74kSF
— Parity Technologies (@ParityTech) June 6, 2018
According to the blog, if a person or organization runs Parity’s software without the upgrade, there is a risk of infecting Ethereum’s mainnet which includes Parity users such as Ethereum Classic.
Parity has time and again had issues. Last year hackers stole 150,000 Ether (ETH) from the service’s wallet. The hack was successful by removing the library code and thus froze funds in all Parity multi-sig wallets after 20 July.
Details from Github had shown it was by a user with the handle of devops199 on Github.
Parity phrased it diplomatically by stating in a blog post in May–
“We would like for our bugs to be a catalyst for more secure ethereum development.”
Image Source: “Flickr”