As is the norm with virtual currency, explaining what went wrong will take some doing. The cryptocurrency wallet service Parity is a multi-signature (multi-sig for short) service, meaning multiple users share a single wallet that they have all signed onto. Back in July, Parity introduced an update to their wallet to fix a bug that allowed a hacker to steal $32 million worth of ethereum.
But it seems that closing one loophole opened another, a new flaw that went undetected for three and a half months. "It would seem that issue was triggered accidentally 6th Nov 2017 and subsequently a user suicided the library-turned-into-wallet, wiping out the library code which in turn rendered all multi-sig contracts unusable since their logic (any state-modifying function) was inside the library," Parity wrote on their blog.
Put in layman's terms, the library (the memory of who signed which contract) was wiped out as a result of the flaw. This meant it became impossible to tell whose Ethereum was whose, which meant Parity's multisignature became inscrutable. This left Parity with no choice but to freeze all $280 million worth of Ethereum in their wallets.
The flaw was triggered by a Parity user who also contributed to the library, a common practice in the cryptocurrency community. It isn't clear if this was the result of malicious behavior or an honest mistake.
Parity added to the statement that they are analyzing the situation and hope to provide an update "shortly."
The most likely solution, cryptocurrency researcher at University College London Patrick McCorry told Fortune, is a hard fork. Essentially, Parity will create a new set of transaction ledgers, rebooting the currency. Ethereum underwent another hard fork back in 2016 after hackers exploited a flaw that allowed them to make off with $60 million worth of the cryptocurrency.
The good news for Ethereum is that the mistake only had a marginal impact on their bottom line. The currency dipped from $305 a unit to $290, but rebounded overnight back to $300.