Script of my talk at EDCON 2018, Toronto, below. Recordings can be found here.
In 2014 when I started to work for the Ethereum Foundation, I was excited to join a movement full of opportunities to change the world for the better. Heading security for the foundation, it was clear there would be challenges. And while I’m even more convinced that we desperately need the tools we’re building for a better web, the past year in particular was full of challenges. It’s clear there is more work ahead.
We’re early pioneers…
We started Parity Technologies in 2015 with the goal to build the fastest and most secure software and tools for Ethereum and the decentral web. This was before there was mainstream interest in blockchain and Ethereum. We were excited to pioneer technologies that enabled others to explore these promising ideas, and we were committed to writing the best open source software we could and offering it to the community free of charge.
We’ve accomplished a lot in a couple of years:
We started with a clean slate Rust implementation today over 427,317 lines of code. We
- Improved mining support
- Introduced state snapshotting and warp sync
- Optimised for disk footprint
- Created UI with a secure separated signing UI
- Included Dapp Hosting ….
- … and integrated the Ethereum Foundation multi-sig wallet
Over the course of 2016, a healthy, somewhat public competition with the Geth team had unfolded over performance, speed, and resilience that proved to be particularly beneficial to the ecosystem. Attention grew rapidly and so did the value at stake — much faster than anyone had anticipated.
In early 2017, gas cost became more and more of an issue for users. We did what back then seemed to be a sensible modification to improve gas costs for our users: We optimised the Ethereum Foundation multi-sig wallet into a library/stub deployment model, a library holding the general functionality, and proxy low-cost wallets that would be deployed each team a user created a new wallet.
What at first appeared to be a simple and straightforward upgrade resulted in two bugs, which led to 3 projects being drained of large proportions of their funds and 587 multisig wallet users who lost access to their ether in November last year.
While Parity does not own any of the affected wallets, to know that our users are still unable to access their funds as a result of an error in our code is an immense burden.
We are sorry and we remain committed to helping all those impacted by bugs and hacks find a path towards regaining access to their ether, whenever possible.
We are early pioneers in a new industry where software is money and where one oversight can freeze millions of dollars of our users’ funds — the very users we all work so hard to support. Determining a long term governance model is not an easy feat, but time well spent.
While 2017 has changed us, it hasn’t changed our vision for a decentral web and tech for a more open and equal society.
While 2017 has changed us, it hasn’t changed our vision for a decentral web and tech for a more open and equal society. And we are busy building a bunch of different products across the stack, amongst other things:
- Light Client, a fast and secure client for low-performant devices
- Parity Bridge, a scaling solution for DApps
- Secret Store, a distributed key generator that also stores keys to enable permissioning
- Private Transactions, encrypted smart contracts where the code and state are viewable only by permissioned validators.
- Parity Mobile Signer, a mobile hardware wallet for securely signing transactions
- oo7 Bonds, a library that makes it easy to build reactive DApps in Javascript.
- p-Wasm, a low-level Web Assembly library for creating smart contracts with Rust
- Pluggable consensus, allowing different consensus mechanisms
- Kovan testnet, a Proof-of-Authority network that supports Wasm and Parity
- Libp2p, the Rust implementation of the libp2p networking stack
- Substrate, a foundation for safely experimenting with new ideas on sharding, encryption, and governance
- Polkadot, a heterogeneous multi-chain protocol to power a decentralised web.
And then of course our client implementations
- Parity Bitcoin supporting various bitcoin networks
… and
… for the best Ethereum experience out there. :-)
One remark: We recently made a fundamental decision to split Parity Wallet from Parity Ethereum client. Parity Wallet (also known as the “Parity UI”) is now disabled in the node by default. There will be a stand-alone electron wallet that we hope will be maintained by the community. Maciej will speak about it at he UX workshop after Edcon I believe.
Learning from our mistakes
Making mistakes has changed us. We have refocused our development work and retired the multi-sig wallet, among other things. Where we have to use smart contracts (such as for our bridges), we have completely revamped how we write smart contracts, starting from scratch with everything we have done and will do in the future. We have more rigorous testing, deployment processes, and stringent third-party audit requirements in place. We are employing best practices and tools as proposed by the community and our auditing partner, Trail of Bits. But as long as there is no long term funding plan in place, we will always rely on external resources for further code reviews.
A case for fund recovery
While we’ve been revamping security processes from the ground up, we’ve also have been trying to figure out a solution to restore multisig users’ access to their funds. We believe that those in the community who have stuck ether, either through the wallet freeze or, for example, issues such as those listed in EIP-156, have a case for attempting to recover the property.
While we’d love to operate in an error-free system, the reality is that humans will make errors in code, code reviews won’t catch everything, and hacks will happen. Let’s remember that Ethereum is the first decentralised application platform and we’re just figuring it all out.
In general, there seems to be broad support for fund recovery mechanism going back as far as EIP 156. There is a strong need for more information what this could mean and we need to do a better job at providing this information.
We are 100% committed to our users
The last year has been intense — for everyone. Personally, I was holding a 4 week old baby in my arms when writing the wallet post-mortem in November.
Since then and over the course of the last months the debate has evolved and it has uncovered numerous important issues. It helped us all come to a better understanding of the underlying arguments.
The debate has also clearly shown the importance of a governance process that can respond to contentious issues such as ASIC resistance, supply caps, and contract restorations. I am hopeful that we are on a good way to creating and defining a governance process for the best Ethereum made by humans for humans. The last 6 months have advanced a tough conversation, and we’re encouraged by the thoughtful discourse.
I believe that one of the main reasons why blockchain has received so much attention is this fundamental hope that we will be able to create a new systems without the corruption and other flawed aspects of the status quo. And there is a lot of concern for the same reason to get it right this time make the right decisions.
Thank you to the many people who have made meaningful contributions to this evolving discussion and persevering in the social media debate in particular.
Thank you also to everyone involved in Ethereum’s security and vulnerability response group including the white hat group.
Let us make clear: we have no intention to harm what we have built. We plan to continue to work with our users and the community to find a path forward. We have all dedicated a great deal of time and effort to developing the Ethereum ecosystem. And there is a lot more work ahead.
We believe Ethereum is an important piece of the decentralised web infrastructure and continue to be committed to the vision of an open, scalable, and safe web today and in the future.
Thank you,
Jutta Steiner
Co-Founder and CEO, Parity Technologies