New to Bitcoin? Make sure you read the things you need to know about the Bitcoin Market in Canada. We've put all you need in this updated post!

Comments

  • testmantestman Member Plus
    Shit I just this: https://www.reddit.com/r/BitcoinCA/comments/6esvv5/quadrigacx_did_you_just_lose_17_million_cad/

    I hope they didn't lose 17 million usd. They are honestly the best exchange in Canada. Following....
    I am he as you are he as you are me, and we are all together. See how they run like pigs from a gun, see how they fly.
  • CoinGuyCoinGuy Administrator
    I see the firestorm on this and the issues some are having, I think Quadrigacx will be open and honest about this, eventuallly, but they have lots of fires to put out. I am willing to give them the benefit of the doubt as historically they've been rock solid.
  • CoinGuyCoinGuy Administrator
    @justdude and all, in case you missed it comment from Quadrigacx on Reddit

    Earlier this week, we noticed an irregularity with regards to the sweeping process of incoming Ether to the exchange. The usual process involved sweeping the ether into a ETH/ETC splitter contract, before forwarding the ether to our hot wallet. Due to an issue when we upgraded from Geth 1.5.3 to 1.5.9, this contract failed to execute the hot wallet transfer for a few days in May. As a result, a significant sum of Ether has effectively been trapped in the splitter contract. The issue that caused this situation has since been resolved.

    Technical Explanation

    In order to call a function in an Ethereum contract, we need to work out its signature. For that we take the HEX form of the function name and feed it to Web3 SHA3. The Web3 SHA3 implementation requires the Hex value to be prefixed with 0x - optional until Geth 1.5.6.

    Our code didn't prefix the Hex string with 0x and when we upgraded Geth from 1.5.3 to 1.5.9 on the 24th of May, the SHA3 function call failed and our sweeper process then called the contract with an invalid data payload resulting in the ETH becoming trapped.

    As far as recoverability is concerned, EIP 156 (https://github.com/ethereum/EIPs/issues/156) could be amended to cover the situation where a contract holds funds and has no ability to move them.

    Impact

    While this issue poses a setback to QuadrigaCX, and has unfortunately eaten into our profits substantially, it will have no impact on account funding or withdrawals and will have no impact on the day to day operation of the exchange.

    All withdrawals, including Ether, are being processed as per usual and client balances are unaffected.
  • BruceWayneBruceWayne Member Plus
    All I can say is "wow. Just, wow." I mean I do A LOT of programming in this area I also have insane checks and balances because I know that a catastrophic failure is always somewhere in the weeds. Even when I think I can handle 99.999% of situations I'm still uncovering moments where a bot just sold 20 BTC worth of something when it shouldn't have, and I lucked out because that was actually the best move it could have made. I'm getting into XRP markets right now as well as coding lots into the RCL features which is also written in Javascript. But I mean coming from a Python/C/C++/C# background I keep looking at these infrastructures and keep thinking "why is what is being sold as a racing car and handles a massive amount capital running on Toyota Corolla that is Javascript. It's like building your entire business model on your first bike with it's training-wheels still attached."

    I mean yes. This is the wild west and people will dump tons of money down anyone's throat as long as it gets to market fast. This is very much like 1999 which I remember quite vividly because I was just about to graduate from high-school and dropped out for a well-paying job just before it all collapsed. When I see stuff like this I keep thinking there are far too many people dumping money down this project and they're hiring anyone who can do a basic script to be the foundation of what they're doing. From a development side, I fucking feel for the guy who wrote that function. It's like doing a massive misplay which might not gain attention, but it was during the Stanley Cup finals. Anyone and everyone will do a postmortem.
Sign In or Register to comment.