Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
1. The newer multisig versions of the Parity multisig wallet has a vulnerability. This is ONLY FOR MULTISIG WALLETS. Specifically created in Parity Wallet > 1.5.
2. This is NOT for your MyEtherWallet. Do **not** run and unlock your MEW wallet. That wallet is not at risk.
3. This is ONLY for multisigs and only newer versions
4. Do not panic. Panic makes things worse. Breath. Be careful. Do not panic.
5. Again, if you use MyEtherWallet, you ARE NOT AT RISK
6. If you do have funds in the multisig contract: carefully move your funds to a new account ASAP
7. More info: Multisig Parity wallets Created in December 2016 or during 2017.
8. The vulnerability is in Parity's "enhanced" multi-sig contract
9. This affects Parity 1.5 and later
10. Parity 1.5 was released on January 19, 2017 (have you created multi-sigs in Parity since then?)
11. The canonical multi-sig contract used in Mist / Ethereum Wallet does NOT have this vulnerability
12. Etherscan will be adding functionality that will tell you if it is a vulnerable wallet as soon as possible.
This will be the easiest way to see if you need to move your funds.
** I need you all to help to *spread education and information* and NOT fear. **
Because the only thing worse than the current situation is creating a panic where scammers thrive and people make mistakes.
##### Sources
https://twitter.com/myetherwallet/status/887750427483152384
https://twitter.com/ParityTech/status/887747980719206401
https://blog.parity.io/security-alert-high-2/
Swarm City's Statement: https://press.swarm.city/parity-multisig-wallet-exploit-hits-swarm-city-funds-statement-by-the-swarm-city-core-team-d1f3929b4e4e
White Hat Statement: https://www.reddit.com/r/ethereum/comments/6obofq/a_modified_version_of_a_common_multisig_had_a/
(other two confirmed: æternity & Edgeless)
[8,9,10,11]: https://www.reddit.com/r/ethereum/comments/6oalcq/important_wallets_created_with_paritys_multisig/dkfweny/
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.