[Updates] Satoshi•Pie Ethereum multisig has been hacked

in #ethereum4 years ago (edited)

In this the post, we will keep you updated on the incident.

Contract address : 0xD0f706bF4738732145344Dc407d36b88859C3349

Incident: Breach in standard Parity multisig contract

23:02 PM local time 19 July 2017
Has been withdrawn to unknown destination all ethers and all tokens except AIR and ANT. Working on withdrawing MYS.

23:10 PM local time
According to Etherscan this hack was likely rescued by White hats

23:38 PM local time
Current estimated impact: $7 641 533 as of last clearance round

00:06 AM local time 20 July 2017
At the moment investment process has been stopped because Ethereum blockchain software is under attack. SPIES tokens are safe (issued by BitShares)

00:12 AM local time
Currently,, address MultisigExploit-WhiteHat sending transactions to (probably) new multisig contracts

00:52 AM local time
Estimation of vulnerable code based on contract version where White hats are sending values.

8 lines updated

01:00 AM local time
Parity Blog
Published new version of contract in Parity Github PR.

UPDATE (20/07/17, 00:26 CEST): Future multi-sig wallets created by versions of Parity are secure. Fix in the code is https://github.com/paritytech/parity/pull/6103 and the newly registered code is https://etherscan.io/tx/0x5f0846ccef8946d47f85715b7eea8fb69d3a9b9ef2d2b8abcf83983fb8d94f5f.

11:52 AM local time
We are waiting for the the annnouncement by White Hats Group. 2 scenarios:

  1. If they send funds back losses will be 0.8% of Satoshi•Pie (MYST token)
  2. If not losses will be 39.2% of Satoshi•Pie (all ETH and tokens except ANT and AIR)

According to our intuition, the 1 scenario is likely to happen but we cannot predict the time. We are starting to process yesterday deposits and withdrawals as they should happen before incident timestamp Jul-19-2017 06:34:46 PM +UTC.

02:44 PM local time

Damage valuation as of current valuation round:

04:03 PM local time
Official statement by (Satoshi•Fund) and Fund managers
(to be published in all official channels)

Working on vulnerability in Etheruem multisig contract

Yesterday in Jul-19-2017 06:34:46 PM first transaction hit our multisig Satoshi•Pie contract. The majority of funds was siphoned in 2 minutes (all ETH) and all ERC20 tokens except ANT, AIR, and MYST) in 1 hour. The breach led to not identified accounts. We reacted in less than 2 hours and successfully use exploit to drain remaining tokens ANT and AIR to address under our control. MYST attempts were unsuccessful. The history can be audited using Etherscan. Incident Log can be found in English and Russian

In parallel become known that withdrawn has been done by White Hats Group. Now we are waiting for refund according to this statement of WHG on Reddit. After fast investigation become clear that damage is not existential and we are able to continue operations. 2 hours ago we processed yesterday deposits and withdrawals that anyway should happen before incident timestamp.

Our strategy is the following:

  1. We are going to continue to provide best in breed blockchain asset management service.
  2. We are changing valuation cycle from 24 hours to 1 week for Satoshi•Pie product.
  3. That means that since now all withdrawals and deposits will be possible once in a week. If recovery will happen earlier we will let to withdraw on a daily basis for everybody during this transmission week.
  4. We are implementing a hard limit on deposits and withdrawals at 10 BTC for one transaction. Fewer transactions should go through the market.
  5. We consider moving Ethereum holdings (if recovered) to Zeppelin smart contract framework.
  6. If not recovered by White Hats Group in 1 week we will provide us a path for alternative recovery strategies.
  7. We are going to publish bug bounty program.

Thank you that you are with us. For those who are not happy with our service please be patient. You will be able to withdraw all your funds according to our terms.
The new version of Satoshi•Pie white paper will be published with updates soon.

00:16 AM local time 22 July 2017
Starting to audit calculations based on this announcement

01:00 PM local time 22 July 2017
We confirmed to WHG that setting parameters for deployed contracts are valid.

Now we are waiting until WHG get enough evidence from a community that all calculations are correct before deploying new contracts.

00:16 PM local time 23 July 2017
The new contract deployed by WHG has been verified

05:18 PM local time 25 July 2017
All values has been returned under SatoshiPie control. The new contract.
Until full security audit will not be finished in order to reduce risks some part of holdings will be under direct control of fund managers using this accounts:

Версия лога на русском by @litvintech на Голосе


So the whitehat hackers saved the day for you also ?

Glad those guys exist... It's noble people like that that make the Ethereum (and most non-scammy crypto platforms) amazing!

Guys, you do a great job. You reasoned very quickly. You accomplished everything professionally. I would like to see the separate article with a detailed explanation of what exactly happened, who it was, what you did, also the outcomes and further changes we may see.

Finally, I want to say thank you for being entirely client-oriented.

@hipster, русский Steemit совсем в упадке?
Все на Голос ушли?

Keep up with the good work guys!


Vitalik, we need fork of fork now ;)))))))))))))))))))))))))

Ethereum, Ethereum Classic, and Ethereum Classic Strikes Back The Forkening!

You guys still don't get what the issue was.

When are you going to update whitepaper and enable investment receiving?

"Until full security audit will not be finished" when will that be?

Take care!
I'm also on of the small investors. I remember when I invested there was a calculator (based on previous data) which showed approximate increase in 20 times (years). I.e. if I invested around $50 - it should be $1400 in a year

Then I only saw fall (because of Ethereum fall in price, and Bitcoin also was bit cheaper), I also noticed you significantly decrease Ethereum part of your portfolio after that.

Which changes do you plan to shape your portfolio? May be invest more in EOS?

Hey satoshi, what's the latest news? How much of the fund was actually stolen?

When are you restarting your fund?

The funds have been returned to satoshi.fund's controlled accounts. So no loss resulted after the incident

"We are implementing a hard limit on deposits and withdrawals at 10 BTC for one transaction. Fewer transactions should go through the market."

So is this the lower limit (so you meant 'smaller' transactions, not fewer)? What is the policy for existing investors who have less than 10btc on satoshi account?

I also have the same question

i have the same one :) Already asked in Russian, curious to get the reply.

they say in Russian, it is the upper limit.

Thank you for the continuing updates and quick actions. Great job to all.

30 Million Dollars! Wow!!

No, the loss is approximatelly 7mln$

Ну тогда ладно :=)))

18 сm - это типа коротко обо мне?

I was reading an article here:


This says that assets worth 30 million USD have been stolen and there was risk of additional 75 million dollar which have been recovered by White hat. Now does this 39.2% (mentioned in this post) of Satoshi pi holdings are part of this 75 milion dollar.

Also It says the reason for this hack is due to some faulty code in some ethereum wallets. But i was not able to find which ethereum wallets had that faulty code.

Link to our contract right in the beginning of the post.

Ok i got it now..

Now the etherium will fall below one hundred dollars?

doubt it. I've seen investors (who are clueless about the blockchain technology itself) asking: "Has Ethereum been hacked!" . I still giggle every time I recall that moment.

Really sorry to hear this @hipster Do you think you will be able to recover most of the funds. How long do you think it will take to fix this issue?

Чем сложнее крипта, тем больше в ней багов.
Так что биток наше все, а эфир еще ждем масса сюрпризов.

What does it mean for a regular user? If I use Parity and the wallet was created before 20.07, does it mean I should create another wallet and move all the funds there?

Can you provide an update? Your communication has been very poor.

Thanks Hipster for the post and update. Have been looking at getting into satoshi.fund

07/30/17: update from Satoshi Fund:
Really appreciate the handling of this situation and the resolution moving forward.

Guy, I will briefly translate you the news from https://golos.io/bitcoin/@satoshifund/evolyuciya-satoshi-pie

  1. Satoshi Fund lost $316 000 (1.51% of Portfolio)
    (244,810 of MYST = $184,940 stolen by hacker)
    $131,525 donation to WhiteHats hackers

  2. Satoshi Fund stops to register new accounts and take new funds.

  3. Token would be available to withdraw in the next 18 months (each Wednesday)

  4. 31 January 2019 Satoshi Fund will stop to exist.

  5. Till that time they plan to start new product.

  6. The monthly commission during the next 18 months will be 0.2%

It would be good if you can tell if the portfolio of existing investors will increase due to Bitcoin fork?

thanks for the article.

Congratulations @hipster! You have completed some achievement on Steemit and have been rewarded with new badge(s) :

Award for the number of upvotes

Click on any badge to view your own Board of Honor on SteemitBoard.
For more information about SteemitBoard, click here

If you no longer want to receive notifications, reply to this comment with the word STOP

By upvoting this notification, you can help all Steemit users. Learn how here!


I found you because I am investing a lot here in the form of technical knowledge, time, creativity and tech hardware as I am now a witness for Steem and I noticed that you are voting for @bitcube - but that bitcube's witness server is offline and of no use to Steem (for quite a long time as far as I can tell).
I would really appreciate if you would support me with a vote to give me a chance to show what I can do for Steem and Steemit. I have a long background in software engineering and also in running social networks.

My witness application post is here.


Hi! You might be interested in earning curation by following my trail. It does quite well. Don't worry about the manual stuff. More info in chat or discord if you are interested. Anything else I can help with, feel free to ask! Cheers!

where are you sir waiting for your new post is everything allright

So the whitehat hackers saved the day for you also ?