Ethereum Security Lead: Hard Fork Required to Release Frozen Parity Funds

smahedglass
8 November 2017

A resolution has yet to be found for yesterday’s Parity hack which saw up to $150 million frozen across the ethereum platform.

However, speaking to CoinDesk, Martin Holst Swende, head of security for the Ethereum Foundation, confirmed that a hard fork of the ethereum blockchain will be required to free up the funds.

Holst Swende said:

“There’s unfortunately no way to recreate the code without a hard fork. Any solution which makes the locked funds accessible requires a hard fork.”

This means that ethereum would need to undergo an emergency upgrade, akin to The DAO blockchain rewrite that occurred last year, should it want users to be able to reclaim the lost millions.

A sudden upgrade of this type is a highly contentious issue, as it would not be limited to Parity alone, but would need to occur universally across the ethereum platform.

Yesterday, a smart contract developer claiming to be new to ethereum, “accidentally” deleted the code library that corresponds to the affected Parity wallets, rendering the software useless.

Parity developer Afri Schoedon told CoinDesk “there is no easy fix” for the exploit, and developers are currently working towards proposals to release the frozen funds.

Holst Swende said that, to date, the primary difficulties surrounding the fix “are more of a political than technical nature.” The security lead has already proposed a potential fix, which would involve recreating the Parity code without the wallet exploit, he told CoinDesk, adding, “I’d like to see this spearheaded by the affected parties, not the foundation.”

UK-based Parity Technologies, which develops the wallet, is separate to the Ethereum Foundation, the non-profit behind Geth, the most popular ethereum client.

Going forward, Holst Swende said the team will work towards “constructing one or several proposals,” then work together as a community to select the best solution.

As the frozen funds cannot be removed, “there is no hard time limit,” he continued, “so the governance process can in my opinion move along without rushing anything.”

To date, developers are pointing to an ethereum improvement protocol (EIP) that could be deployed to solve the issue. Opened by ethereum founder Vitalik Buterin last year, the EIP, which allows the reclaiming of ether (ETH) from stuck accounts, would still require an unplanned hard fork in order to activate.

Speaking on Twitter this morning, Buterin publicly declined comment on the recent exploit, stating: “I am deliberately refraining from comment on wallet issues, except to express strong support for those working hard on writing simpler, safer wallet contracts or auditing and formally verifying security of existing ones.”

Smashed glass image via Shutterstock