Bad Code Has Lost $500 Million of Cryptocurrency in Under a Year
Cryptocurrency can be lost in a variety of ways, from hackers to forgotten passwords and defective flash drives. But in terms of dollars, one of the main causes of encryption loss is bad code, and this is usually not the fault of the developers of the piece. Instead, third parties, including smart smart contracts and shady traders, are responsible for the losses of half a billion dollars in the last seven months.
Last week, news.Bitcoin.com reported on the disappearance of Bitgrail, who managed to lose $ 170 million nano cryptocurrency. While the precise sequence of events that caused the catastrophic collapse of the exchange with the assets of thousands of customers is still confirmed, the wrong code is attributed. As reported at the time:
There are rumors that Bitgrail became insolvent as a result of a removal bug discovered by some users and then shared in Discord and other newsgroups, resulting in a gradual decrease in the balance of the portfolio. One user explained, "There was a bug on Bitgrail where, if you placed two orders, you added a double balance to your account, so you could withdraw while orders were raised and steal the coins. had a negative balance at the end but you could just create a new account. "
As a result of the incident, this theory was reinforced by allegations That a bug was actually responsible , and not in the nano code, but at Bitgrail. A source said: "There was a bug on the removal page, but this check was only on the java-script client side, you find the js sending the request, and then you inspect the – console element , and run the java script manually, to send a withdrawal request of a higher amount than in your balance.Bitgrail delivered this withdrawal.How many people did this? Who knows. "
There was another bug, you could request a withdrawal to your address – from another user ID, from another user account . This would cause other users to have "missing funds" or "negative balance". Bitgrail Bomber solved this bug by manually entering the "right" numbers into its database. That's what you get for using a PHP website coded by the same skill level as CfB's IDIOTA.
Even the best cryptocurrencies are not immune to bad codes
The cryptocurrency most commonly associated with catastrophic bugs is etheric. This is not due to its underlying code, but because of the smart contracts that can be built in addition to the ethereum framework. There was first the DAO, which led to the ethereum at the exit of the gate, then the parity bug that caused the theft of 150,000 ETH, followed by Another parity bug that has locked up 168 million ETH.
In the last two weeks, ethereal animals have resurfaced, but on a smaller scale. Proof of Weak Hands (PoWH) was a joke scamcoin that turned into a real scamcoin after a bug led to the loss of 900 ether ] worth $ 1 million was sent to the address of the contract. The developer then disappeared after receiving death threats from the wronged investors to discover that the Ponzi scheme they were buying was even less legitimate than it had appeared before. .
PoWH has since spawned a new scamcoin called ethpyramid ] which is for "At the question" Is Ethpyramid secure? ", The site responds" Yes, our development team has spent a lot of time refining and testing this contract for its own sake. Make sure your chips are safe. "The internal functions of the contract are not accessible to the end user. "There is also PoWH420 ," The Plan 420 Autonomous and Autonomous Pyramid of the World. "
Although it is obvious that the cryptocurrences are as strong as their weakest link, whereas the altcoins like ethereum and nano have an unmistakable potential, like all the other crypto they are hostage of the hiding insects in portfolios, smart contracts, and trades.A bad line of code is all that is needed.
Do you think Bitgrail was shot down by a weaning virus or is there anything else in this story? Let us know in the comments section below.
Images published with the kind permission of Shutterstock and PoWH420. Katie Webster helped with this article.