Looking for Parity Ethereum client? Get it here.

Security Update

Image Parity Technologies
Powering the decentralised web
July 27, 2017 in Security, Parity Ethereum

A quick update on the status of Parity Ethereum client.

Bug Bounty

There is now a significant amount in our bug bounty programme (many thanks to all contributors). As mentioned in a previous post, critical security bugs in the latest versions of Parity, both beta and stable branches, are valid targets for bounty-collecting reports. The multi-sig wallet, in particular, should be considered a prime target for review and any significant bug will attract a large proportion of the bounty. Any bugs found should be reported to security@parity.io.

Multi-sig Wallet

Several minor changes have been made to the Parity multi-sig, mainly to enable compilation by later versions of Solidity. We understand the "white hat group" is using this code to return some of the funds they temporarily commandeered. After code reviews by many of our developers, there are no known issues. The bug bounty programme is active and we have so far had no issues reported.

Please Upgrade!

Though we try to be as thorough as a bleeding-edge software project can be, bugs sometimes creep into our codebase and, as recent events show, left unchecked these can have significant impacts in the wild. Older versions of Parity can have known bugs (generally mentioned in the release notes): if you are using Parity for anything of any significant value please do ensure that you are running the latest version to minimise the chances of any problems and establish procedures according to the value as risk.

More recent stories

November 20, 2018

Light.js: How to Build Your Dapp on a Light Client

Read More
November 09, 2018

Parity Fether alpha is here: a decentralised, light client-based wallet

Read More
October 30, 2018

Parity teams up with Zcash Foundation for Parity Zcash client

Read More

Join the discussion:

pic

Want to build the future of the web?

We're hiring »