“I accidentally e-mailed my bank ‘delete’ and they lost everybody’s accounts. I’m sorry i’m just learning banking.” (Powershift)
I spent yesterday afternoon on Twitter and /r/buttcoin, giggling. It was a popcorn overload moment for every acerbic cryptocurrency sceptic who ever thought that immutable, unfixable smart contracts were an obviously stupid idea that would continue to end in tears and massive losses, as they so often had previously.
Someone decided to access a “kill” function on various smart contracts on the public Ethereum blockchain, to see what would happen — just experimenting:
“Will i get arrested for this?” So asks a user called devops199 on parity’s developers real time public chat room, before confirming he called the “kill” transaction which wiped out the code library and froze some 500,000 eth, currently worth $150 million.
“I’m eth newbie… just learning… sending kill() destroy() to random contracts you can see my history” he publicly said.
Devops199 was researching the July 2017 vulnerability in the Parity Ethereum wallet software which had led to $30 million being stolen. Unfortunately, in following the logic of that bug, they discovered that the fix for that problem had a new bug, which they duly reported to the Parity project:
anyone can kill your contract #6995
I accidentally killed it.
I was able to make myself the owner of that contract because its uninitialized.
I made myself the owner of “0x863df6bfa4469f3ead0be8f9f2aae51c91a907b4” contract and killed it and now when i query the dependent contracts “isowner(<any_addr>)” they all return TRUE because the delegate call made to a died contract.
I believe some one might exploit.
Devops199 turned the contract at that address into a regular wallet address, then took ownership, because ownership had not been initialised. They tried to back out by sending it a “kill”, which would normally be fine … but the contract in question was a “library” function — a function designed for other programs to use — that turned out to be essential to Parity wallets. With this library function disabled, all the contracts depending on it couldn’t work any more. An accidental left-pad incident in production, where a minor function that was deleted turned out to be a dependency of much more important things.
The Parity project has a detailed post on what happened. “This means that currently no funds can be moved out of the multi-sig wallets.” The total of locked-up funds appears to be on the order of 1 million ETH, or about $300 million. Parity’s MultiSig Freeze page currently says 584 wallets are affected.
Parity was founded by Gavin Wood, who is more or less the second-lead developer of Ethereum itself, and author of the “yellow paper”, the Ethereum protocol specification. Wood also runs Polkadot, whose ICO was very successful; the Ether raised in the ICO appears to be stuck in the locked wallet.
To emphasise that point: smart contract coding is so difficult and unforgiving that even one of the primary developers of Ethereum can’t do it without losing hundreds of millions of dollars to human error.
Artist’s impression of Ethereum, Tuesday 7 November 2017.
Some crypto advocates who’ve been mainlining cryptocurrency ideology — including ones who really should know better, like Emin Gün Sirer — think that this drop in supply will obviously lead to an increase in price, because Austrian bitcoin economics holds this as an article of faith. In real economics, this isn’t how the purchasing power of money works. It might apply if Ether was a highly liquid commodity whose demand was comparable to the supply; in practice, it’s very thinly traded, the total supply is vastly greater than the demand (so hold!) and the price is pretty much made of exuberance.
Some have seriously advocated a rescue fork of Ethereum, though Vitalik Buterin remains carefully noncommittal on the idea. There is a proposal to make smart contracts and locked wallets like this recoverable, though that would require another hard fork flag day, and Ethereum is just stabilising after the last one.
Crypto advocates need to take the next logical step, and admit the possibility that irreversibility, an essential design feature of cryptocurrency blockchains, is the fatal flaw of cryptocurrency that is responsible for most cryptocurrency and smart contract disasters. Pervasive irreversibility has turned out to be a bad and stupid idea.
I just finished @davidgerard ‘s “Attack of the 50 Foot Blockchain” last night so part of me feels like this happened to provide a practical example of everything he was predicting just for my benefit. https://t.co/jCrqIJsrSD
— Justin (@OMGWTFJJJ) November 7, 2017
Did I tell you so? I do believe I spent the entirety of chapter 10 telling you so!