quadricacx costly code error

Today, June 2, 2017, Canadian crypto exchange QuadrigaCX provided an explanation for an irregularity regarding the process of sweeping incoming Ether to the exchange.

The exchange took full responsibility for this error and has ensured that there has been no impact on account funding. In a reddit post, the company's official account reported that "all withdrawals, including Ether, are being processed as per usual and client balances are unaffected."

According to data compiled by one redditor, the bug has trapped 67,316.2838 Ether (approximately $14.8 million) in the SafeConditionalHFTransfer of the governing EDCC. QuadrigaCX's official announcement explains that the error occurred after a Geth upgrade. Older Geth protocols had allowed for an optional prefix of 0x on Hex values, while the upgrade made the prefix mandatory. QuadrigaCX said:

"Our code didn't prefix the Hex string with 0x and when we upgraded Geth from 1.5.3 to 1.5.9 on the 24th of May, the SHA3 function call failed and our sweeper process then called the contract with an invalid data payload resulting in the ETH becoming trapped."

QuadrigaCX mentioned that while the setback may hurt its bottom line, a fix might come in the form of Ethereum Improvement Proposal 156, a piece of code that could be amended to provide a solution to the issue of contracts holding ETH without a way to move them.

In the meantime, QuadrigaCX must remain content with having learned a very expensive lesson: always validate inputs.

Jeremy Nation is a writer living in Los Angeles with interests in technology, human rights, and cuisine. He is a full time staff writer for ETHNews and holds value in Ether.
ETHNews is commited to its Editorial Policy
Like what you read? Follow us on to receive the latest on QuadrigaCX, Hex value or other Ethereum wallets and exchanges news.
   

Subscribe to our Newsletter

* indicates required
Email Address *
First Name
Last Name
Country
News Categories of Interest