Skip to main content
Sign in
Parity Multisig1 decision on this page

Audit log

Every state-changing event for Parity Multisig: moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.

  1. #1publishby system:backfill
    2026-05-25 18:20:05Z
    Score: ?? (no score change)
    anchoranchored
    chain
    mainnet-betaslot 422,120,686
    sig
    3b3D6XRmpTTa…kw3wsA6pexplorer ↗
    hash
    91AVB8AmsUnv…QnxXycFBsha256 → base58
    verifying row…full verify ↗
    canonical bytes (7527 B) ▸
    {"actor":"system:backfill","investigation_id":"58e0557e-7948-47ad-82cb-c7a089154f08","kind":"publish","page_slug":"parity-multisig","published_at":"2026-05-25T18:20:05.393Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Parity Multisig","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.parity.io/blog/the-multi-sig-hack-a-postmortem/","type":"other","url":""},{"credibility":3,"name":"https://www.openzeppelin.com/news/on-the-parity-wallet-multisig-hack-405a8c12e8f7","type":"other","url":""},{"credibility":3,"name":"https://cointelegraph.com/news/parity-multisig-wallet-hacked-or-how-come","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.openzeppelin.com/news/on-the-parity-wallet-multisig-hack-405a8c12e8f7","type":"other","url":""},{"credibility":3,"name":"https://medium.com/parity-hack-trace/parity-hack-and-153-037-stolen-eth-2a7704f59f3b","type":"other","url":""},{"credibility":3,"name":"https://www.securityweek.com/hacker-steals-30-million-ethereum-parity-wallets/","type":"other","url":""},{"credibility":3,"name":"https://bitcoinmagazine.com/business/white-hats-step-save-funds-vulnerable-ether-wallets","type":"other","url":""},{"credibility":3,"name":"https://github.com/bokkypoobah/ParityMultisigRecoveryReconciliation","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://medium.com/paritytech/a-postmortem-on-the-parity-multi-sig-library-self-destruct-63daca3a4cf7","type":"other","url":""},{"credibility":3,"name":"https://www.vice.com/en/article/parity-multi-signature-wallet-vulnerability-300-million-hard-fork/","type":"other","url":""},{"credibility":3,"name":"https://news.sophos.com/en-us/2017/11/17/bug-that-deleted-300m-could-have-been-fixed-months-ago/","type":"other","url":""},{"credibility":3,"name":"https://securityaffairs.com/65413/hacking/ethereum-parity-wallet-hack.html","type":"other","url":""},{"credibility":3,"name":"https://www.vice.com/en/article/ethereum-wallet-parity-knew-about-critical-flaw-that-let-user-devops199-lock-up-millions/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://cointelegraph.com/news/eip-999-why-a-vote-to-release-parity-locked-funds-evoked-so-much-controversy","type":"other","url":""},{"credibility":3,"name":"https://bitcoinmagazine.com/business/evolving-debate-over-eip-999-can-or-should-trapped-ether-be-freed","type":"other","url":""},{"credibility":3,"name":"https://bitcoinist.com/ethereum-community-votes-330-million-parity-refund-request/","type":"other","url":""},{"credibility":3,"name":"https://bravenewcoin.com/insights/parity-tech-has-no-intention-of-splitting-ethereum-over-513000-stranded-eth","type":"other","url":""},{"credibility":3,"name":"https://www.ccn.com/330-million-eip-999-stokes-debate-over-eth-frozen-by-paritys-contract-bug/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.openzeppelin.com/news/on-the-parity-wallet-multisig-hack-405a8c12e8f7","type":"other","url":""},{"credibility":3,"name":"https://medium.com/hackernoon/what-caused-the-latest-100-million-ethereum-bug-and-a-detection-tool-for-similar-bugs-7b80f8ab7279","type":"other","url":""},{"credibility":3,"name":"https://medium.com/solidified/parity-hack-how-it-happened-and-its-aftermath-9bffb2105c0","type":"other","url":""},{"credibility":3,"name":"https://medium.com/paritytech/a-postmortem-on-the-parity-multi-sig-library-self-destruct-63daca3a4cf7","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://crypto.news/parity-wallet-hacker-begins-laundering-150k-in-ethereum-after-7-years-of-inactivity/","type":"other","url":""},{"credibility":3,"name":"https://u.today/parity-wallet-hacker-moves-9-million-in-ethereum-leaving-246-million-in-limbo","type":"other","url":""},{"credibility":3,"name":"https://cryptoslate.com/heres-how-the-parity-ethereum-hacker-is-cashing-out-his-funds/","type":"other","url":""},{"credibility":3,"name":"https://dailycoin.com/parity-wallet-hacker-launders-9m-after-seven-years-hiatus/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.proskauer.com/blog/when-smart-contracts-are-outsmarted-the-parity-wallet-freeze-and-software-liability-in-the-internet-of-value","type":"other","url":""},{"credibility":3,"name":"https://natlawreview.com/article/when-smart-contracts-are-outsmarted-parity-wallet-freeze-and-software-liability","type":"other","url":""}]}],"sources_used":[],"summary":"Parity Multisig was a multi-signature wallet implementation developed by Parity Technologies, founded by Ethereum co-founder Gavin Wood. The software suffered two catastrophic security failures in 2017: a July hack in which 153,037 ETH (approximately $30–32 million at the time) was stolen from three Ethereum project wallets via an unguarded initialization function, and a November incident in which GitHub user devops199 accidentally triggered a self-destruct on the shared library contract, permanently freezing 513,774 ETH (approximately $150–280 million at the time) across 587 wallets. The frozen funds have never been recovered, and the July 2017 attacker resumed laundering stolen ETH through the exchange eXch in May 2024 after seven years of inactivity.","timeline":[{"date":"2017-07-19","event":"Attacker exploits unguarded initWallet() function in Parity Multisig WalletLibrary, stealing 153,037 ETH (~$30-32M) from Aeternity, Swarm City, and Edgeless","source":""},{"date":"2017-07-19","event":"White Hat Group uses the same exploit to drain and rescue approximately 377,000 ETH from other vulnerable Parity wallets before additional theft occurs","source":""},{"date":"2017-07-20","event":"Parity Technologies deploys replacement WalletLibrary contract without initializing it, inadvertently leaving a new critical vulnerability","source":""},{"date":"2017-08-01","event":"GitHub issue filed recommending auto-initialization of the library contract; Parity classifies it as a convenience enhancement and does not implement the fix","source":""},{"date":"2017-11-06","event":"GitHub user devops199 calls initWallet() on the uninitialized library contract, becomes its owner, then calls kill(), permanently destroying it and freezing 513,774 ETH across 587 wallets","source":""},{"date":"2017-11-08","event":"Parity Technologies publicly announces the library self-destruct incident and begins postmortem analysis","source":""},{"date":"2017-11-15","event":"Parity publishes postmortem on the library self-destruct incident, acknowledging the prior known-but-unaddressed vulnerability","source":""},{"date":"2018-04-01","event":"Parity submits EIP-999 to the Ethereum community, proposing a protocol-level state change to restore the destroyed library contract and unfreeze 513,774 ETH (now worth ~$280-330M)","source":""},{"date":"2018-04-30","event":"Community coin-vote on EIP-999 concludes with approximately 55% voting against; proposal is rejected and frozen funds remain inaccessible","source":""},{"date":"2024-05-13","event":"July 2017 Parity hacker resumes on-chain activity after seven years of inactivity, transferring ~3,050 ETH (~$9M) to exchange eXch using multiple intermediate addresses","source":""}]},"v":1}
    Verify offline (run on your own machine)
    python -m src.verify_decision 0d114eeb-f7f9-46bd-90b1-62b81428e028
How verification works. The “Row integrity” check above is computed in your browser — your machine recomputes the SHA-256 of the canonical bytes and compares against the stored hash. No avoid.net server can fake that check. The “full verify” link goes one level deeper: your browser fetches the on-chain transaction from a Solana RPC node and confirms the same hash is in the memo. If you don’t want to trust either avoid.net or the public RPC, run the CLI verifier on your own machine — python -m src.verify_decision <event_id>.