WEBVTT - A 300 Million Dollar Parity Error 0:00:03.560 --> 0:00:05.320 What would you do if you made a mistake that 0:00:05.400 --> 0:00:10.400 costs people three hundred million dollars. I'm Jonathan Strickland, and 0:00:10.520 --> 0:00:19.840 this is Tech Stuff Daily. On Tuesday, November seven, a 0:00:19.880 --> 0:00:23.120 company called Parody had to break some pretty bad news 0:00:23.160 --> 0:00:26.360 to its customers. The company developed a digital wallet meant 0:00:26.400 --> 0:00:29.360 to be the secure storage location for a digital currency 0:00:29.480 --> 0:00:34.280 called ether. Ether is used by an app platform called Ethereum. 0:00:34.280 --> 0:00:37.880 Parodies news was that an effort to patch an identified 0:00:37.960 --> 0:00:43.400 vulnerability in their digital wallet solution led to a new vulnerability, 0:00:43.600 --> 0:00:49.240 one that was accidentally exploited. The vulnerability was a real 0:00:49.320 --> 0:00:52.560 doozy that allowed a single user to become the owner 0:00:52.680 --> 0:00:57.400 of every multi signature digital wallet on the Ethereum platform. 0:00:57.440 --> 0:00:59.560 This would be like waking up to discover the wallet 0:00:59.600 --> 0:01:02.520 of every person in the world had mysteriously shown up 0:01:02.560 --> 0:01:06.320 in your house. You'd have some explaining to do. In 0:01:06.360 --> 0:01:11.120 this case, the user is DevOps one nine nine. Clearly 0:01:11.160 --> 0:01:13.680 that's a handle. The Guardian, which reported on this story, 0:01:13.760 --> 0:01:16.520 didn't reveal the person's real name. It's pretty clear that 0:01:16.560 --> 0:01:19.880 whomever is behind the DevOps one nine nine handle didn't 0:01:19.959 --> 0:01:23.840 intend for this to happen. What did happen was that 0:01:23.880 --> 0:01:27.959 this developer, apparently by accident, turned the parody wallet library 0:01:28.000 --> 0:01:32.080 contract into an actual multi signature wallet and then became 0:01:32.120 --> 0:01:36.400 the owner of all the wallets. Then this developer, perhaps 0:01:36.400 --> 0:01:39.200 in a panic, when the realization dawned that this had 0:01:39.240 --> 0:01:44.000 all happened, tried to undo this mistake by deleting the code. Unfortunately, 0:01:44.080 --> 0:01:47.880 it didn't reverse the mistake. Instead, it froze all the 0:01:47.960 --> 0:01:51.800 funds in the system. The means to unfreeze the funds 0:01:51.840 --> 0:01:55.800 are located inside the code that was deleted. In other words, 0:01:55.960 --> 0:01:58.720 the developer did the equivalent of accidentally stealing all the 0:01:58.760 --> 0:02:02.279 wallets in the world, which appeared in this developer's enormous vault. 0:02:02.640 --> 0:02:04.840 Then the developer tried to fix the problem by destroying 0:02:04.840 --> 0:02:07.480 the vault. However, what happened was the vault door has 0:02:07.480 --> 0:02:10.440 now been permanently stuck shut and the money inside it 0:02:10.560 --> 0:02:14.519 is effectively lost. There is a potential, though problematic, fixed 0:02:14.560 --> 0:02:17.200 to this problem that would involve creating what is called 0:02:17.240 --> 0:02:20.400 a hard fork. To understand what this means, we need 0:02:20.440 --> 0:02:23.560 to think about block chains for a second. A block 0:02:23.639 --> 0:02:26.680 chain is a record of transactions that everyone in the 0:02:26.720 --> 0:02:31.000 system has access to, rather than a centralized database of transactions. 0:02:31.000 --> 0:02:34.200 The blockchain is distributed across the entire system. It's an 0:02:34.240 --> 0:02:38.080 integral component of the system itself. Everyone can view it 0:02:38.200 --> 0:02:42.600 and thus authenticate the transactions that have already happened. Cryptocurrencies 0:02:42.639 --> 0:02:46.079 like bitcoin use the blockchain to verify not just a transaction, 0:02:46.160 --> 0:02:49.160 but also to release more of the currency into circulation 0:02:49.200 --> 0:02:52.679 and a process called mining. Ideally, a blockchain is a 0:02:52.720 --> 0:02:56.040 steady series of blocks of data representing all the transactions 0:02:56.080 --> 0:02:58.520 that have happened with the cryptocurrency, going all the way 0:02:58.600 --> 0:03:02.000 back to the earliest pens. A hard fork is when 0:03:02.040 --> 0:03:05.720 administrators of a system make the decision to backtrack and 0:03:05.800 --> 0:03:08.880 branch off of an earlier block to start from that 0:03:08.919 --> 0:03:11.799 point forward. This is sort of like playing a video 0:03:11.840 --> 0:03:14.480 game in which you can save your progress at any time. 0:03:14.760 --> 0:03:16.919 Let's say you're playing the game and you realize you've 0:03:16.919 --> 0:03:18.959 made a choice that's leading you down a path you'd 0:03:19.000 --> 0:03:22.920 rather not take. You can't backtrack, so instead you restore 0:03:23.000 --> 0:03:25.880 a save file you made from before that fateful choice. 0:03:26.360 --> 0:03:29.280 You now can choose a different path and continue playing 0:03:29.360 --> 0:03:32.800 the game. In a way, that's what parody might be 0:03:32.840 --> 0:03:35.720 able to do with the ether that's been locked away. 0:03:35.760 --> 0:03:38.880 There's no method to reverse the mistake Devop one nine 0:03:39.000 --> 0:03:42.360 nine made, but the company could backtrack a bit and 0:03:42.400 --> 0:03:45.240 make a hard fork earlier in the chain to bypass 0:03:45.280 --> 0:03:48.680 the mistake entirely. This could mean having to turn the 0:03:48.680 --> 0:03:52.280 clock back to a point that invalidates some transactions, which 0:03:52.400 --> 0:03:55.960 is problematic. A few wallet owners might find themselves short 0:03:56.000 --> 0:03:58.320 of some currency or in possession of a bit more 0:03:58.440 --> 0:04:01.440 lucre than they should have, and it's non decision for 0:04:01.480 --> 0:04:05.080 the company alone. It would require a fifty one agreement 0:04:05.120 --> 0:04:08.480 among the currency's users. If that happens, parity will be 0:04:08.480 --> 0:04:11.800 able to effectively dial back the clock. One thing that 0:04:11.880 --> 0:04:16.040 can't be undone is the blow to cryptocurrencies reputation. Digital 0:04:16.080 --> 0:04:18.680 currency in general has been the subject of much debate. 0:04:18.960 --> 0:04:22.040 There have been a few notable problems, including hackers stealing 0:04:22.120 --> 0:04:26.480 funds through various security vulnerabilities in different digital wallet platforms. 0:04:26.880 --> 0:04:29.720 So why use a cryptocurrency at all? For one thing, 0:04:29.800 --> 0:04:33.440 the decentralized structure means the currency isn't dependent upon any 0:04:33.480 --> 0:04:38.520 government or financial institution. In theory, this isolates the currency 0:04:38.600 --> 0:04:42.880 from the fluctuations that could affect national currencies. However, in practice, 0:04:43.080 --> 0:04:47.520 the value of currencies like Bitcoin has been inconsistent. Cryptocurrency 0:04:47.640 --> 0:04:51.039 and blockchain strategies aren't going anywhere, but it's likely that 0:04:51.080 --> 0:04:53.960 there will be more scrutiny directed towards both the technology 0:04:54.000 --> 0:04:57.040 itself and the supporting tech like digital wallets in the future. 0:04:57.279 --> 0:04:59.800 This isn't a bad thing and may eventually lead to 0:04:59.839 --> 0:05:03.160 an implementation that is more secure, allowing digital currencies the 0:05:03.240 --> 0:05:06.279 chance to become more of a mainstream technology. If you'd 0:05:06.279 --> 0:05:09.520 like to learn more about cryptocurrency and all other things tech, 0:05:09.640 --> 0:05:12.560 subscribe to the tech Stuff podcast. We published the show 0:05:12.560 --> 0:05:15.080 on Wednesdays and Fridays and cover tech topics in much 0:05:15.120 --> 0:05:17.480 greater detail. I'll see you again soon.