Ethereum
$94.94 3.01%
ETH · 71w

Look into @ParityTech Multisig Wallet bug, a message left by the first exploiter and the race of 15 exploiters

A look into Parity’s Multisig Wallet bug affecting >$100 million in ether and tokens

Many outlets have already examined the bug e.g. here, here, here and video here. But we will touch on some stuffs which had not been widely presented such as how the bug was not as obvious to the coder, how to track the wallets with events, a message left by the first exploiter and time line of 15 exploiters racing against time.

Constructor

The bug was introduced when the coder was updating the contract to gather all the common functions into a library so that each new wallet can be deployed at 70% cheaper.

Code (in Solidity) before update:

// constructor is given number of sigs required to do protected "onlymanyowners" transactions// as well as the selection of addresses capable of confirming them.function multiowned(address[] _owners, uint _required) { m_numOwners = _owners.length + 1; m_owners[1] = uint(msg.sender); m_ownerIndex[uint(msg.sender)] = 1; for (uint i = 0; i < _owners.length; ++i) { m_owners[2 + i] = uint(_owners[i]); m_ownerIndex[uint(_owners[i])] = 2 + i; } m_required = _required;}

Code after update:

// constructor is given number of sigs required to do protected "onlymanyowners" transactions// as well as the selection of addresses capable of confirming them.function initMultiowned(address[] _owners, uint _required) { m_numOwners = _owners.length + 1; m_owners[1] = uint(msg.sender); m_ownerIndex[uint(msg.sender)] = 1; for (uint i = 0; i < _owners.length; ++i) { m_owners[2 + i] = uint(_owners[i]); m_ownerIndex[uint(_owners[i])] = 2 + i; } m_required = _required;}

Wait, only the function name is different! Before the update, the function name multiowned is the same as the contract name, this would mean that the function is a constructor and will only be called once, when the contract is created. After the update, the function name has been changed to initMultiowned and the contract name has been ch...

Continue on medium.com
Recent news