Ethereum Parity wallet has another major bug, and the multi-signature vulnerability may have caused hundreds of millions of dollars in funds to be frozen

An undisclosed amount of Ethereum network user funds has been frozen due to a bug in the Ethereum Parity wallet software.

The security vulnerability that caused the freeze was discovered yesterday in Ethereum's second-largest client by a developer named "devopps199," who reported the vulnerability on GitHub.

Parity wallets that use Parity's "multi-signature" feature since July 20 are affected by this vulnerability. According to the rules of multi-signature, more than one key will be required to initiate and broadcast a transaction.

It is unclear how many wallets have deployed multisig during this period, and how many are currently frozen. According to EtherNodes.org, Parity wallets account for approximately 20% of the Ethereum network - early indications are that up to $100 million in ETH may be currently unavailable at this time.

This vulnerability follows issues with the Parity wallet earlier this year, when it was hacked and $30 million worth of ETH was stolen.

Although Parity reportedly fixed that bug, another issue still existed, leading to today’s vulnerability. In a conversation with Coindesk, the devops said he was still new to smart contracts and was looking at the logic of the previous attack when he discovered this vulnerability.

However, the process of figuring out how to recover these frozen funds is not simple at the moment.

Some developers have begun speculating that a hard fork is the only way to fix the problem . But because hard forks are a controversial upgrade mechanism — especially in the case of Ethereum — some in the community are “rejecting” the upgrade.

Meanwhile, Parity has released a statement warning users to avoid creating new multi-signature wallets.

“We recommend that users do not deploy any multisig wallets until this issue is fixed, and do not send any ETH to wallets that have already deployed and are using multisig.”

The statement concluded:

“Parity would like to assure everyone that we are analyzing the situation and we will release more details soon.”

Babbitt Information will continue to pay attention to the subsequent developments of this incident.