U.K.-based startup Parity Technologies is opening lines of communication with users a day after a code vulnerability locked hundreds out of their ethereum wallets.
Issued in an alert Wednesday, the provider of software for the world’s second-largest blockchain explained what went wrong and launched a website where users can check their addresses to see if their funds were affected. Parity also posted an email address for users to contact the company.
As of Wednesday afternoon, the wallet-checking website showed that 584 wallets and 573 people have been affected by the exploit. However, it’s not clear if this is a final number or if it’s simply the latest one that the company has tallied.
Parity was not immediately available for comment.
The security alert goes on to describe how a flaw in the company’s code was exploited following a patch in July that fixed a prior vulnerability:
“Unfortunately, that code contained another vulnerability which was undiscovered at the time – it was possible to turn the Parity Wallet library contract into a regular multi-sig wallet and become an owner of it by calling the
initWallet
function.”
The person who discovered the fault did so and then deleted the new wallet, Parity said, in statements that showcase the company’s “current understanding” of the incident.
As CoinDesk previously reported, the ethereum community is now seeking to understand how best to respond to the incident, given that a hard fork of the software may be necessary. No other known solutions have been put forward to restore the frozen ether to their owners, though it’s possible one could be forthcoming.
According to informal estimates, as much as $150 million worth of cryptocurrency may be currently inaccessible.
Ice cubes image via Shutterstock.