This post is also available in: Español
In July 2017, Parity, an ethereum WASM and EVM client were hacked, resulting in the loss of 150,000 ETH. Though Parity deciphered the vulnerability in the code another exposure was encountered during the redeployment of the smart contract. This new vulnerability exploited by a Parity user in November 2017 froze 513,774 Ether held by 587 different accounts.
To fix this vulnerability, the Parity network came up with EIP 999. This Ethereum Improvement Proposal raised a lot of concerns, causing even Vitalik Buterin to call for a boycott of Consensus 2018, citing the “sensationalist” press of EIP-999 by Coindesk as one of his reasons. According to Parity, “This proposal is necessary because the Ethereum protocol does not allow the restoration of self-destructed contracts and there is no other simple way to enable the affected users and companies regaining access to their tokens and Ether.”
What EIP 999 is and isn’t
The Parity breach didn’t lead to the loss of funds, but rather, those funds got locked up in a library, making them inaccessible.
The EIP 999 is a proposal that only calls for the restoration of funds back to their owners and also provides a fix for the previous bug. The proposal, therefore, does not involve the movement of funds or the transfer of any money and is not a hard fork.
Community still divided
The proposal resulted in a vote on the Ethereum block explorer Etherchain. The results: a total of 639 votes were cast, 330 went against the proposal, 300 supported it, and 9 didn’t care. The voting trends, thus showed that a lot of people wouldn’t want any changes to the system.
One strong argument against this proposal is that the Parity hack wasn’t a malicious attack on the Ethereum network, but a mistake on the part of a developer, and should not be entertained at all. Proponents, however, believe that implementing the proposal will hail the Ethereum network as a platform with a ‘safety net’ that takes care of its users, as well as allow for future innovations on how to best secure the entire network.
But there are a lot of unanswered questions
Even if both sides to the argument are right, there are a lot of questions that are not answered. The fact that Ethereum network should find solutions to an issue on the platform is a good thing. Restoring locked funds to the rightful owners is also a good thing. Though these are genuine concerns raised by a lot of developers and community members, the vulnerabilities to a network’s robustness have roots in the same concerns.
Though there won’t be any code change to the Ethereum blockchain itself, the community fears that if this proposal is accepted, it would result in the future acceptance of any proposal that has to do with the recovery of locked funds. With that in mind, a lot of recovery proposals would likely follow suit, and the principle of the “code is the law”, which is very much embedded in the blockchain’s technological framework would be defeated.
The phrase “code is the law” has its part to play, and the individual developer or user has their own part to play. We can look at it this way: banks will compensate you for monetary losses that arise from their own system errors, but when it comes to monetary losses that come from the customer’s mistake, it is the customer’s responsibility and not the bank.
What is your view on the EIP 999?