Kai Sedgwick: Bad Code Has Lost $500 Million of Cryptocurrency in Under a Yearxrb security scamcoin raiblocks powh ponzi parity nano n-featured hack bug bitgrail bad-code
Cryptocurrency can be lost in a variety of ways, from hacking to forgotten passwords and failed flash drives. But in dollar terms, one of the biggest causes of crypto losses is bad code, and it’s not usually the fault of the coin’s developers. Instead, third parties, including shoddy smart contract developers and shady exchanges, are to blame for losses that have reached half a billion dollars in the last seven months.
Bitgrail Gets Railed for Dodgy Code
Last week, news.Bitcoin.com reported on the demise of Bitgrail, which contrived to lose $170 million of nano cryptocurrency. While the precise sequence of events that caused the catastrophic collapse of the exchange with the assets of thousands of customers is still being confirmed, poor code is being blamed. As reported at the time:
There are rumors that Bitgrail became insolvent following a withdrawal bug that was discovered by some users and then shared in Discord and other chat groups, causing the wallet balance to gradually diminish. One user explained: “There was a bug on Bitgrail where if you placed two orders you got double balance added to your account. You could then withdraw while the orders were up and steal the coins. You had negative balance in the end but you could just make a new account.”
In the aftermath of the incident, this theory has been bolstered by allegations that a bug was indeed responsible, and not in nano’s code, but in Bitgrail’s. One source asserted: “There was a bug, on the withdraw page. But this check was only on java-script client side, you find the js which is sending the request, then you inspect element – console, and run the java-script manually, to send a request for withdrawal of a higher amount than in your balance. Bitgrail delivered this withdrawal. How many people did this? Who knows.”
There was another bug, you could request a withdrawal to your address – from another user-id, from another user-account. That would cause the other users balance to have “missing funds” or “negative balance”. Bitgrail bomber solved this bug by manually entering the “correct” numbers in his database. This is what you get for using a PHP website coded by same skill-level as CfB of IDIOTA.
Even the Best Cryptocurrencies Aren’t Immune to Poor Code
The cryptocurrency most commonly associated with catastrophic bugs is ethereum. That’s not due to its underlying code, but on account of the smart contracts that can be built on top of the ethereum framework. First there was the DAO, which led to ethereum being forked right out the gate, and then there was the Parity bug that caused 150,000 ETH to be stolen, followed by the other Parity bug that caused $168 million of ETH to be locked up.
In the past couple of weeks, ethereum bugs have surfaced once more, albeit on a smaller scale. Proof of Weak Hands (PoWH) was a joke scamcoin which turned into an actual scamcoin after a bug led to the loss of 900 ether worth $1 million that had been sent to the contract address. The developer then disappeared after receiving death threats from investors aggrieved to discover that the joke Ponzi they were buying into was even less legitimate than it had seemed.
PoWH has since spawned a new scamcoin called ethpyramid which is for “strong hands only”. To the question “Is Ethpyramid secure?” the site responds “Yes. Our dev team put a lot of time into refining and testing this contract to make sure your tokens are safe. Internal functions of the contract are not accessible to the end user.” There’s also PoWH420, “the world’s dank autonomous and self-sustaining 420 pyramid scheme”.
Even if joke coins and their joke developers are taken out of the equation, it’s evident that cryptocurrencies are only as strong as their weakest link. While altcoins such as ethereum and nano have undoubted potential, like every other crypto they’re hostage to bugs lurking in wallets, smart contracts, and exchanges. One bad line of code is all it takes.
Do you think Bitgrail was brought down by a withdrawal bug or is there more to this story? Let us know in the comments section below.
Images courtesy of Shutterstock, and PoWH420. Katie Webster assisted with this article.
Need to calculate your bitcoin holdings? Check our tools section.
The post Bad Code Has Lost $500 Million of Cryptocurrency in Under a Year appeared first on Bitcoin News.
Original article was created by: Kai Sedgwick at news.bitcoin.comDisclaimer: This article should not be taken as, and is not intended to provide, investment advice. Please conduct your own thorough research before investing in any cryptocurrency or ICO.
One more thing you may be interested in:
Interested in Cryptocurrencies and ICO's?
Follow our telegram channel for daily cryptomarket reports!Join @cointrends
|1 hour ago||n-featured|
|4 hours ago||n-featured|
|7 hours ago||security|
|18 hours ago||security|
|1 day ago||parity|
|3 weeks ago||parity|
|2 days ago||ponzi|
|1 week ago||ponzi|
|3 days ago||hack|
|3 days ago||hack|
|1 week ago||nano|
|1 week ago||nano|
|1 week ago||raiblocks|
|1 month ago||raiblocks|
|2 weeks ago||bitgrail|
|1 month ago||bitgrail|
|3 weeks ago||bug|
|3 weeks ago||bug|
|1 month ago||xrb|
|2 months ago||xrb|
|1 month ago||scamcoin|
|3 months ago||scamcoin|
Stay on top of Altcoins and ICO trends.
Subscribe to our free Weekly Cryptomarket report
Delivered once a week, strongly to your inbox.Subscribe to our mailing list
May 22, 2018
The following opinion piece on Bitcoin Cash was written by Jonald Fyookball We’ve already discussed 3 reasons why the bitcoin project was subverted: lack of education, lack of clarity, and centralized development. Today I will proffer two more: censorship and propaganda were allowed to run...From: OP-ED
A new crypto teller machine is now operational in South Africa’s largest city, Johannesburg. The ATM, which supports several digital coins, has been installed at a supermarket in the north-western part of the city’s metro area. It is the latest addition to a growing number of terminals...From: Lubomir Tassev
Before all the Lambo memes, shady no-product ICOs, and get-rich-quick schemes invaded the scene, Bitcoin was meant to disrupt the current economic system. Today’s edition of Bitcoin in Brief showcases how that promise is starting to materialize in different fields, including the future of...From: Avi Mizrahi
ICO Round-Up: Nearly 1 in 5 Offerings Accused of Fraud, Bermuda Passes Regulations, Thai SEC Holds Hearing
A recent “analysis of 1,450 cryptocurrency offerings” published by the Wall Street Journal has claimed to have revealed “rampant plagiarism, identity theft, and promises of improbable returns.” In other ICO news, Bermuda’s parliament has passed regulations that will legitimize...From: Samuel Haig
This is a paid press release, which contains forward looking statements, and should be treated as advertising or promotional material. Bitcoin.com does not endorse nor support this product/service. Bitcoin.com is not responsible for or liable for any content, accuracy or quality within the press...From: Bitcoin.com PR
On Monday the blockchain research and development firm, Nchain, announced the acquisition of a majority stake in the Bitcoin Cash-centric startup Handcash. The Handcash platform allows users to send BCH in a contactless manner using near field communication (NFC) technology. Also read: BCH...From: Jamie Redman