Ethereum $30M hack - Bad Code Explained - Programmer explains
What did actually happen in the Ethereum Parity hack and how were the hackers able to steal $30M dollars worth of ether in this hack.
We take a look at the actual code that led to this hack and also talk about how this hack could have been prevented. If you are familiar with Solidity programming language or other programming languages this video will not be hard for you to follow.
If you are a Solidity developer I think it's extemely important for you to understand how these hacks happen. These hack really undermine the Ethereum platform and the trust in the Ethereum ecosystem and if this continues we might see an Ethereum crash.
JOIN SLACK COMMUNITY
http://slack-invite-ivan-on-tech.herokuapp.com
thank Ivan, hackers work extra hours this days .
Yes, problem is contract programmer gets one chance to get it right, Hacker gets time to look for flaws. This hack happened 6 months after the original code was released, that code was peer reviewed as well. The old ways of posting buggy code out in the field doesn't stack up when millions are at risk.
This library is global library from ETH network or is custom made library?
Anyone?
now i heard all of it, very good explenation, i learned some programming on high school and a little on university so i can understand, but you are a great teacher!
100% upvote , and i say it as a math teacher :P
Thanks for sharing! I like watching your videos now I have a better understanding.
Really impressed by your efforts in the video... @ivanli
It feels happier to follow one who is so involved in blockchain coding from the core.
This hack remind me of DAO hack, where the code ran into an infinite loop until Vitalik interrupted. Although, it couldn't be called as a hack.
Well, this hack has been a mistake from the coder side. And obviously, he can't be blamed bcoz this small bug are not detected in the existing Ethereum IDEs.
More importantly, i think that the Ethereum development platform i.e. IDE has to be more professional like the Google's Android Studio which is a world class platform (collaboration with JetBrains), Microsoft's Visual Studio, and many others.
With upcoming companies ready to merge with Ethereum, they are not actually involved in developing the IDE. And this is the most preliminary step for development of classy and non-buggy DApps.
I follow Consensys, a company developing the IDEs for Blockchain DApps programming. It is a great team of software engineers working tirelessly on making Ethereum equipped with good IDEs, which will be capable of detecting such software bugs.
Looking forward to such initiatives in the future....
Thank you! I have no programming knowledge, but I can understand!
good video, as always
Thank you for taking the time to explain.
The videos you've been posting about looking at the code in GitHub have opened my eyes. It seems you can find out a lot about these projects with just a little bit of investigation.
I am also a software developer; but I'm just getting started looking at the coding behind crypto currencies.
Very good stuff.
You make it sound so easy. Great share.
Great! Thanks for that.