Back to blog

Security Alert

Severity: Critical

Product affected: Parity Wallet

Affected implementations: Parity 1.5 or later

Summary: A vulnerability in Parity Wallet's variant of the standard multi-sig contract has been found.

Affected users: Any user with assets in a multi-sig wallet created in Parity Wallet prior to 19/07/17 23:14:56 CEST.

Mitigation steps: Immediately move assets contained in the multi-sig wallet to a secure address.

UPDATE (20/07/17, 00:26 CEST): Multi-sig wallets created in Parity Wallet after 19/07/17 23:14:56 CEST are secure. (Fix in the code is https://github.com/paritytech/parity/pull/6103 and the newly registered code is https://etherscan.io/tx/0x5f0846ccef8946d47f85715b7eea8fb69d3a9b9ef2d2b8abcf83983fb8d94f5f).

Read more

  • On Classes of Stuck Ether and Potential Solutions

    A Brief History

    Since Ethereum went live two and a half years ago, users and developers have often struggled with the usability and building on this new ‘Frontier’ of development.

    The issues began almost immediately as the first users of Ethereum had to grapple with a command line interface that was extremely unforgiving of mistakes.

  • A Postmortem on the Parity Multi-Sig Library Self-Destruct

    On Monday November 6th 2017 02:33:47 PM UTC, a vulnerability in the “library” smart contract code, deployed as a shared component of all Parity multi-sig wallets deployed after July 20th 2017, was found by an anonymous user. The user decided to exploit this vulnerability and made himself the “owner” of the library contract. Subsequently, the user destructed this component.

  • Parity Technologies Multi-Sig Wallet Issue Update

    This week, as has been widely reported, a vulnerability in the Parity Wallet library contract of the standard multi-sig contract was found by an anonymous user. This user managed to gain access to the smart contract, effectively making themselves the owner of the contract.

Back to blog