| Recurring |
one_organization, multiple_organization |
(a) The software failure incident has happened again at one_organization:
- The incident involving the loss of over $300m in cryptocurrency due to a series of bugs in a digital wallet service occurred with the developer called Parity [64961].
- Parity had previously faced a bug that allowed hackers to steal $32m from multi-signature wallets, and while fixing that bug, inadvertently left a second flaw in its systems that led to the recent incident [64961].
(b) The software failure incident has happened again at multiple_organization:
- The article mentions a previous hack of an Ethereum app called the DAO resulting in $150m being stolen, which was resolved through a hard fork [64961].
- The incident involving the loss of $300m in cryptocurrency due to a bug in Parity's system is another example of a significant software failure in the cryptocurrency space [64961]. |
| Phase (Design/Operation) |
design, operation |
(a) The software failure incident in Article 64961 occurred due to a design flaw introduced during system development. Parity, the developer of the digital multi-signature wallets, inadvertently left a second flaw in its systems while fixing a bug that allowed hackers to steal $32m from a few wallets. This second flaw enabled one user to become the sole owner of every single multi-signature wallet, leading to the accidental locking up of over $300m in cryptocurrency funds [64961].
(b) The software failure incident in Article 64961 also involved operation-related factors. The user, "devops199," triggered the flaw apparently by accident during the operation of the system. Upon realizing the mistake, the user attempted to undo the damage by deleting the code that transferred ownership of the funds. However, this action resulted in permanently locking all the funds in the multisignature wallets, making them inaccessible [64961]. |
| Boundary (Internal/External) |
within_system |
(a) within_system: The software failure incident involving the loss of over $300m of cryptocurrency was primarily due to contributing factors that originated from within the system. Parity, the developer of the digital multi-signature wallets, inadvertently left a flaw in its systems while fixing a previous bug, allowing one user to become the sole owner of every multi-signature wallet. This flaw within the Parity system led to the accidental locking up of the funds, with no way to access them [64961]. |
| Nature (Human/Non-human) |
non-human_actions |
(a) The software failure incident in Article 64961 occurred due to non-human_actions. The incident was caused by a series of bugs in a popular digital wallet service, specifically in the multi-signature wallets built by Parity. These bugs allowed one user, "devops199," to accidentally take control of and lock up more than $300m of cryptocurrency without any deliberate malicious intent. The user triggered the flaw apparently by accident, leading to the funds being effectively destroyed. The company, Parity, inadvertently left a second flaw in its systems while fixing a previous bug, which ultimately resulted in the loss of the funds [64961]. |
| Dimension (Hardware/Software) |
software |
(a) The software failure incident reported in Article 64961 was primarily due to contributing factors originating in software. The incident involved a series of bugs in a popular digital wallet service called Parity, which led to the accidental loss of over $300 million in cryptocurrency. The bugs in the multi-signature wallets built by Parity allowed one user to become the sole owner of every single multi-signature wallet, resulting in the funds being effectively destroyed by accident. The user triggered the flaw by accident, which ultimately led to the funds being locked up permanently with no way to access them. The incident highlights the critical role of software vulnerabilities in causing significant financial losses and disruptions in the cryptocurrency ecosystem.
(b) The software failure incident was not directly attributed to hardware issues but rather to software vulnerabilities in the Parity wallet system. The bugs in the software allowed for unintended consequences, such as the accidental locking up of funds, rather than any hardware-related failures. The incident underscores the importance of robust software development practices and thorough testing to prevent such catastrophic failures in digital wallet services and other software systems. |
| Objective (Malicious/Non-malicious) |
non-malicious |
(a) The software failure incident in this case was non-malicious. The incident occurred due to a series of bugs in a popular digital wallet service that led to the accidental destruction of over $300m of cryptocurrency. The user triggered the flaw apparently by accident, trying to undo the damage but ending up locking all the funds in the multi-signature wallets permanently [Article 64961]. |
| Intent (Poor/Accidental Decisions) |
accidental_decisions |
The intent of the software failure incident in the reported article was primarily due to accidental decisions made by a user named "devops199" [64961]. The incident occurred when this user accidentally triggered a flaw in the Parity wallet system, leading to the unintentional locking up of over $300 million worth of cryptocurrency. The user's actions were described as accidental, as they attempted to undo the damage caused by the initial mistake but ended up permanently locking the funds in the multi-signature wallets [64961]. |
| Capability (Incompetence/Accidental) |
development_incompetence, accidental |
(a) The software failure incident in Article 64961 occurred due to development incompetence. The incident was caused by a series of bugs in a popular digital wallet service developed by Parity. Initially, a bug allowed hackers to steal $32m from multi-signature wallets. While fixing this bug, Parity inadvertently left a second flaw in its systems that allowed one user to become the sole owner of every single multi-signature wallet, resulting in the accidental destruction of more than $300m in cryptocurrency [64961]. This incident highlights the importance of professional competence in software development to prevent such catastrophic failures.
(b) Additionally, the software failure incident in Article 64961 can also be categorized as accidental. The user "devops199" triggered the flaw in the system apparently by accident while trying to undo the damage caused by the bug. The accidental action of this user led to the permanent locking up of funds in the multi-signature wallets, with no way to access them. This accidental action resulted in the loss of funds and the subsequent need for a potential hard fork to undo the damage caused unintentionally [64961]. |
| Duration |
permanent |
The software failure incident described in the article resulted in a permanent failure. The incident led to the accidental locking up of more than $300m of cryptocurrency due to a series of bugs in the Parity digital wallet service. The user triggered a flaw that made it impossible to move funds out of the multi-signature wallets, effectively destroying the funds permanently [64961]. |
| Behaviour |
value, other |
(a) crash: The software failure incident in this case did not involve a crash where the system loses state and stops performing its intended functions. Instead, the incident involved a series of bugs in a popular digital wallet service that led to the accidental locking up of over $300m in cryptocurrency [64961].
(b) omission: The incident did not involve the system omitting to perform its intended functions at an instance(s). Rather, the failure was a result of bugs in the system that allowed one user to become the sole owner of every single multi-signature wallet, leading to the funds being effectively destroyed by accident [64961].
(c) timing: The failure was not related to the system performing its intended functions too late or too early. It was a result of a flaw in the system that allowed unintended access and control over the funds stored in the digital wallets [64961].
(d) value: The software failure incident did involve the system performing its intended functions incorrectly. The bugs in the system led to the accidental locking up and effectively destroying over $300m worth of cryptocurrency stored in the multi-signature wallets [64961].
(e) byzantine: The incident did not exhibit behavior where the system behaved erroneously with inconsistent responses and interactions. The failure was primarily due to the unintended consequences of the bugs in the system that allowed one user to take control of and lock up the funds in the wallets [64961].
(f) other: The behavior of the software failure incident can be categorized as a combination of a bug leading to unintended consequences resulting in the accidental destruction of funds. The incident involved a user triggering a flaw in the system by accident, leading to the irreversible locking up of the funds in the multi-signature wallets [64961]. |