Last active
July 19, 2017 21:57
-
-
Save tayvano/c61ee11831e2f5e535d68d2b448e382e to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
1. The newer multisig versions of the Parity multisig wallet has a vulnerability. This is ONLY FOR MULTISIG WALLETS. Specifically created in Parity Wallet > 1.5. | |
2. This is NOT for your MyEtherWallet. Do **not** run and unlock your MEW wallet. That wallet is not at risk. | |
3. This is ONLY for multisigs and only newer versions | |
4. Do not panic. Panic makes things worse. Breath. Be careful. Do not panic. | |
5. Again, if you use MyEtherWallet, you ARE NOT AT RISK | |
6. If you do have funds in the multisig contract: carefully move your funds to a new account ASAP | |
7. More info: Multisig Parity wallets Created in December 2016 or during 2017. | |
8. The vulnerability is in Parity's "enhanced" multi-sig contract | |
9. This affects Parity 1.5 and later | |
10. Parity 1.5 was released on January 19, 2017 (have you created multi-sigs in Parity since then?) | |
11. The canonical multi-sig contract used in Mist / Ethereum Wallet does NOT have this vulnerability | |
12. Etherscan will be adding functionality that will tell you if it is a vulnerable wallet as soon as possible. | |
This will be the easiest way to see if you need to move your funds. | |
** I need you all to help to *spread education and information* and NOT fear. ** | |
Because the only thing worse than the current situation is creating a panic where scammers thrive and people make mistakes. | |
##### Sources | |
https://twitter.com/myetherwallet/status/887750427483152384 | |
https://twitter.com/ParityTech/status/887747980719206401 | |
https://blog.parity.io/security-alert-high-2/ | |
Swarm City's Statement: https://press.swarm.city/parity-multisig-wallet-exploit-hits-swarm-city-funds-statement-by-the-swarm-city-core-team-d1f3929b4e4e | |
White Hat Statement: https://www.reddit.com/r/ethereum/comments/6obofq/a_modified_version_of_a_common_multisig_had_a/ | |
(other two confirmed: æternity & Edgeless) | |
[8,9,10,11]: https://www.reddit.com/r/ethereum/comments/6oalcq/important_wallets_created_with_paritys_multisig/dkfweny/ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment