A critical bug has been detected in the Parity Technologies’ software in a testing environment used by one of the software crucial to the operation of the world’s second-largest blockchain.
On 5th June, UK-based Parity Technologies has revealed in a blog post that the issue has caused the software to fall out of sync, which means other software would not be able to recognize the transactions which are made through the affected software. The vulnerability was found on the testnet, which could also be exploited on the mainnet. In the past few months, Parity Technologies has faced several similar security issues, bringing the company under increased scrutiny.
Parity technologies have urged its users to update their software to the newly patched version to avoid any issue in future. Mining pool BitFly and several other companies have tweeted that they have updated their software to stay away from vulnerabilities. The users have not faced any problem yet, and this was just a notice to prevent future issues.
According to Wei Tang, a Parity developer, the bug was linked to a piece of code from the Ethereum improvement proposal (EIP) 86. Ethereum’s upgrade was formally planned last year but was postponed due to complexities. The team which is implementing the EIP 86 has failed to notice the three lines of code that led to vulnerability issues in the software. If we believe publically available data, the bug could have impacted around 30% of the Ethereum network. But the issue was resolved before it reached the nodes operating the live Ethereum blockchain.
Companies which are operating on Ethereum have been updating their software to avoid issues. Though the users have not faced any issues till now, it could impact any blockchain that runs on Parity’s software. Ethereum Classic (ETC) users can also face the problem.