Schedule a Call
a
M
Get In Touch

Technical Analysis of the $31 Million Dollar Ethereum Hack

Here’s an interesting analysis of the $31 Million Ethereum Hack. http://medium.freecodecamp.org/a-hacker-stole-31m-of-ether-how-it-happened-and-what-it-means-for-ethereum-9e5dc29e33ce From a technical standpoint, it appears as though the software developers who built the Parity wallet put in a catch all function that enables unknown functions that are payable, that send you Ether, to default to depositing the Ether. function() payable { //msg.value is […]

Here’s an interesting analysis of the $31 Million Ethereum Hack.
http://medium.freecodecamp.org/a-hacker-stole-31m-of-ether-how-it-happened-and-what-it-means-for-ethereum-9e5dc29e33ce

Ethereum Theft
From a technical standpoint, it appears as though the software developers who built the Parity wallet put in a catch all function that enables unknown functions that are payable, that send you Ether, to default to depositing the Ether.

function() payable {
  //msg.value is the amount of Ether
  if (msg.value > 0) {
    Deposit(msg.sender, msg.value);
  }
  throw;
}


In the Parity wallet, the developers took this functionality a step further, and wrote code to state if the value of the Ether is equal to 0 and the length of the msg is greater than zero, then delegate the call to the Wallet.

function() payable {
  //msg.value is the amount of Ether
  if (msg.value > 0) {
    Deposit(msg.sender, msg.value);
  }
  else if (msg.data.length > 0) {
    //if the msg data has data and msg.value is equal to 0, then delegate
    //the call to the Wallet Library's version of this function.
    _walletLibrary.delegatecall(msg.data);
  }
}


So what happened?
The thieves understood the vulnerability vector. They invoked the catch all function with the initWallet function. This call was not implemented in the contract, but was implemented in the wallet.
The initWallet function looks like the following:

function initWallet(address[/fusion_builder_column][fusion_builder_column type="1_1" background_position="left top" background_color="" border_size="" border_color="" border_style="solid" spacing="yes" background_image="" background_repeat="no-repeat" padding="" margin_top="0px" margin_bottom="0px" class="" id="" animation_type="" animation_speed="0.3" animation_direction="left" hide_on_mobile="no" center_content="no" min_height="none"][] _owners, uint _required, uint _daylimit) {
  initDaylimit(_daylimit);
  initMultiowned(_owners, _required);
}


The key piece here is the _owners. They passed in the address of the owners to the wallet. In effect, the thieves initialized the wallet so they became the owners. They drained the tokens from the wallet, and said bye bye.

Related Articles

3 Ways Gen AI and AWS can Enhance Your Business

3 Ways Gen AI and AWS can Enhance Your Business

Amazon is on the cutting edge of new technologies. They have been increasingly experimenting with AI and learning algorithms, culminating in their most recent breakthroughs in Generative AI. Developers and technology enthusiasts have access to their innovations through the tools available on AWS.

Business Owner’s Guide to DevOps Essentials

Business Owner’s Guide to DevOps Essentials

As a business owner, it’s essential to maximize workplace efficiency. DevOps is a methodology that unites various departments to achieve business goals swiftly. Maintaining a DevOps loop is essential for the health and upkeep of deployed applications.

AWS Graviton and Arm-architecture Processors

AWS Graviton and Arm-architecture Processors

AWS launched its new batch of Arm-based processors in 2018 with AWS Graviton. It is a series of server processors designed for Amazon EC2 virtual machines. The EC2 AI instances support web servers, caching fleets, distributed data centers, and containerized microservices. Arm architecture is gradually being rolled out to handle enterprise-grade utilities at scale. Graviton instances are popular for handling intense workloads in the cloud.