BREAKING: The Biggest Canadian Coin Exchange - QuadrigaCX -- loses 67,000 $ETH !! Due to Coding Error - Funds Locked in an Executable Contract Now!

in #cryptocurrency8 years ago (edited)
A coding error accidentally locked away a YUGE pile of Ethereum in an executable distributed code contract (EDCC), hitting the profits of Canadian crypto currency exchange QuadrigaCX - but not its customers.


Today on June 2, 2017, the largest Canadian exchange QuadrigaCX explained an irregularity for the process of sweeping the incoming Ether to the company's exchange.

QCX took full blame for the issues and mistake, & has promised that there's been no impact on account funding. In a reddit post, the company's official account stated:

"all withdrawals, including Ether, are being processed as per usual and client balances are unaffected." (Source at end of article)


As per data compiled by one reddit user - (source below) this bug has trapped 67,316.2838 Ether (approximately $14.8 million) in the SafeConditionalHFTransfer of the governing EDCC. QuadrigaCX's official statement explains that the mistake happened after a Geth upgrade. Older protocols of Geth, had made allowances for optional prefixes of 0x on Hex values, whilst the upgrade made the prefix mandatory. QuadrigaCX stated:

"Our code didn't prefix the Hex string with 0x and when we upgraded Geth from 1.5.3 to 1.5.9 on the 24th of May, the SHA3 function call failed and our sweeper process then called the contract with an invalid data payload resulting in the ETH becoming trapped."


QuadrigaCX stated that while the problem has negatively impacted the company's profits, a fix may come in the form of Ethereum Improvement Proposal 156, a small code piece that could be changed to give a solution to the issue of contracts holding ETH with no way to move them.

QuadrigaCX must now find a way to be content with this very pricy lesson:

Always. Validate. Inputs.


Related Reddit sources of info:

--

https://www.reddit.com/r/ethereum/comments/6ettq5/statement_on_quadrigacx_ether_contract_error/

--

https://www.reddit.com/r/ethereum/comments/6eruqb/if_your_exchange_is_related_to/diczqn0/





If you liked this blog post - please Resteem it and share good content with others!

--

Some of my recent blogs:

--

https://steemit.com/steemitcampfire/@barrydutton/steemit-weekend-camp-fire-series-weekend-5-we-are-steemit-family-come-visit-around-the-fire-with-your-family-every-weekend

https://steemit.com/bitcoin/@barrydutton/video-just-released-andreas-antonopoulous-bitcoin-and-blockchain-in-norway-or-crypto-101-46-mins-super-practical-resource-here

https://steemit.com/life/@barrydutton/bilderberg-updates-for-day-2-gathered-in-one-place-for-you-globalist-elite-bilderberg-group-yearly-meeting-this-year-again-in

https://steemit.com/cryptocurrency/@barrydutton/breaking-the-biggest-canadian-coin-exchange-quadrigacx-loses-67-000-usdeth-due-to-coding-error-funds-locked-in-an-executable


If you feel my posts are undervalued or you want to donate to tip me - I would appreciate it very much.

Bitcoin (BTC) - 18J6RRuzX4V7b2CDbx7tWZYNBLkkGWsvWX

DASH - XgZvsvSZgPkNbmGbRhc3S1Pt2JAc7QHwiS

PIVX - DA3azxQqJiX9t7EviuacpamfNhMi2zGAUh

Monero (XMR) - d8ecb02c09f70ec10504b59b96bc1f488af28b05933893dfd1f55b113e23fbff

Ethereum (ETH) - 0x3Ad69Ff057C9533ca667B2d7E3E557F5eeFd4477

Ethereum Classic (ETC) - 0x5ab2b08d4ce8d454eb9d1ecc65c6d8b0c5f9784c

LiteCoin (LTC) - LKdsnvSXk9JW99EiNicFMGKc1FXiBo9tUE

Stratis (STRAT) - SNsJp6v1jXvKWy4XcXSXfNQ9zhSJJppJgv

Synereo (AMP) - 1KnrL6wFHaT4gjJ2YJ5f6WmKTDJNsaBS8s

Expanse (EXP) - 0x819b9cce8630ab638198eabfd7496786c20d629a

ZCash (ZEC) - t1aCPEYELkGaf3GtgGTiCEDo7XfPm4QEwmL


Please note -- I will have limited internet access for awhile -- so PLEASE do not be upset that I cannot reply right away, or to everyone. I am dealing with some changes, and will have limited time online and will be happy if I get a few blog posts up a week.


Sort:  

Sounds like a case for governance in eos

Good to know that Vitalik has a stake in EOS via Fenbushi to help you make it bulletproof from as many angels as possible ;-)

What's this now lol? What is Fenbushi??

One of EOS partners: http://fenbushi.vc and Vitalik Buterin is a partner with Fenbushi

I am still trying to learn about EOS and part of that is simply because you are connected to the project.

There is just SO much info every day man, and when you are not FROM this space but IN the space - every day is so much learning as the DOGE meme would likely say.

You raise a good .... actually great point.

I have been messaging Canadians today personally to raise awareness of this issue.

It is nice to hear from you Dan!

I hope you are doing well my man.

Heyyy Dan! :) Nice to see you around here, and happy to share I've heard sooo much positive feedback about EOS after Consensys. Keep doing what you do!

I google quadrigacx and this post was the second google result. I knew about this 67,000 ETH mistake. It seems like and unfathomable one.

I just think it was so cool that this link is already the second best result. It blows my mind. It explains the views on that post too I guess.

This is insane! Great to see you always getting out the breaking news @barrydutton :)

As per my other comments here, in the post, this is not good news, overall, on several levels.

Nice to hear from you dude.

Definitely bad stuff, no doubt about it! And thanks, I've been around, just all over the place, there is so much to see and interact with here, I lose the time most days. Great to see you pumping out such good info Barry, always a pleasure stopping by here, I need to do it more often :)

I had not heard from you in a couple mths and do not see your posts, just the odd reply to someone, I figured it was part of the Boycott Barry program some like to do LOL

Dan (Larimer) replied to something I wrote here in this thread last nite, I mentioned same to him.... there is just so... much.....info every day.

LOL man, not at all! I've been busier than ever here in Steemit. Consistently posting everyday, commenting all around too. I finally just picked the Twitter sharing back up, I gotta get some of your stuff in the queue there. It just gets to be so busy with all this info everywhere as you said. Cryptos are a wild animal and on top of that, I'm into alot of the travel, food and lifestyle posts, so that is always brimming with new stuff too.

I'm trying to dial in a great mix of it all, and not get burned out, but so far so good, I just hit 2 months officially on Steemit yesterday and I see this being the place to be for a while to come. I'm not going anywhere brother, ping me from time to time, sometimes that's all that's needed :) Have a great Saturday man!

Thanks man, I do believe you have been super busy and building a base of support by all accounts.

You are valuable for sure brother, thanks again for stopping by!

Yeah busy for sure, and I see you have been too :) Thanks for those kind words Barry. There is just so much happening and so many awesome people here and not enough hours in the day to enjoy/interact & engage with them all.

That is well said, I cannot add any more and feel bad I cannot interact with more people and it is true..... the busier your own blog gets, the more it takes to simply manage it and that takes away from other contacts on here you would like to do.

Hahaha

I gave that a full power UV for ya, good stuff

LOL!!

Are there release notes associated with each Geth release and, if so, did they make it clear that the 1.5.9 release would mandate the 0x hexadecimal prefix?

Not being anywhere near an ETH or smart contract expert, I'm wondering whether this is truly a knock against Ethereum, Geth, and/or the GO programming language?

Similar to how the Mt. Gox fiasco wasn't truly a knock against the Bitcoin protocol or its blockchain.

Or how, a centralized online wallet or exchange that gets hacked or otherwise does some bone-headed thing isn't necessarily a knock against the cryptocurrency that may be affected by it.

I know there are smart Steemians here that will chime in about this ...

You made several very good points here my friend.

So you're saying, they are adopting the Steemit model and locking in value? Sounds to me like just another reason to be long on ETH.

A coding error locked it up.

You sure it wasn't a human error? I thought code was law?

Do you know what happened to split ETH into ETC???

If not, look that fork up!!!

I know about the fork. I am joking around but it doesn't change the fact that, people losing coin, having coin locked up, burning them, isn't going to change the fact that it benefits investors so long as ETH presents options for companies to avoid litigation fees and have self executable contracts in the eventual future and companies piggybacking on the blockchain and creating mobile apps. I admit I haven't looked too far into the news on this, when you say it was a coding error though from what I understand it has to be a human error in the coding considering that with ETH the two human parties supposedly can put in standards to bypass the code...so what...they just didn't do that correctly?

Human error.

SUMMARY: ETH is still a legit investment.

That's where I got my first bit of ETH and BTC!!!!

And you are right, think of the other messes there that can easily happen if this did!

Theyre from Vancouver they were probably stoned.

LOL.

Fair enough.

I was out there for mission tip/extended vacation totalling 25 weeks on the road in the 2006 spring and summer, it is nice out there!

I listen to the Jays every game pretty much, the post game show is just wrapping up right.......now!!!

Fortunately, it has not affected its customers! Bought my first Bitcoin at Quadriga.CX. I quickly transfered my funds from the site to my wallet exactly so to avoid this kind of situation. All in all, the transactions went relatively smoothly. I once posted about the experience and my first step in cryptos:

https://steemit.com/bitcoin/@heroic15397/from-crypto-ignoramus-to-finally-buying-my-first-bitcoin-and-steem

Crazy that an exchange of that size could commit an error of that caliber!

It is truly unbelievable and think of other things here that can happen.

That's where I got my first bit of BTC and ETH!!!

LOL,

Funny comment, I appreciate it lol

I can just imagine the poor soul who had to deliver the news: Um, hey team, so you know how we went live with the update... yeah, so we kinda locked up a bit of ETH... yeah, like 67,000...

Yes, it would have been a heck of a memo......