What financial institutions can learn from the Ethereum Parity Hack?
Authored by: Dhyan Raj, Synechron
Last week, ethereum client Parity warned of a critical bug in their wallet software after $30 million Ether was removed by a hacker. Keeping in mind the risk associated with hacks such as this event, firms must be prepared on how to avoid, and how to handle potential hacks. In the age of blockchain, it is critical to have a "crypto-suitability check." This would be similar to client investment suitability check for investment sophistication in the regular investment world, where crypto investors should have a "crypto-check" in place.
The recent Parity hack is not unique - these vulnerabilities exist in virtually every software ever developed. However, what makes this so daunting in the age of blockchain, is that unlike in a traditional centralized system where a transaction can be reverted, blockchain transactions are immutable. In a traditional centralized system, the transaction is centrally controlled and the main organization holding the database can act freely on the transaction. Conversely, in a distributed and decentralized ledger, no individual has control once the network is deployed. Because of its open source nature, even upgrading the platform to use the next version of software is quite difficult because once they release an update, they can only hope people will adopt it. Until 51% nodes upgrade their software, the network essentially will be running old software. Reaching 51% to upgrade can sometimes take months, or even years.