In a test environment, which is used by Paity, a critical error was detected and fixed. This is reported by Coindesk.
As noted by representatives of Parity Technologies, when the software was launched, synchronization hasn't started, as a result other network participants could not recognize their transactions. The vulnerability was found in the testnet, but there was a possibility of its spread to the entire network Ethereum.
Parity urged all users to update the software to a new revised version.
It is assumed that the bug could affect about 30% of the participants of the Ethereum network, which use software from Parity. Representatives of the company claim that it was patched before reaching the node of Ethereum's network. However, network members had to update the software to eliminate the vulnerability.
Several companies, including the Bitfly Mining Pool, have already said they updated their software to a new version (1.10.6-stable or 1.11.3-beta), but the bug can still complicate the work of the blockchain with the Parity software, including for Ethereum Сlassic (ETC ) users.
The bug is related to a part of the code from EIP 86.
We missed a conditional check in our code that caused full node Parity to accept a block containing invalid transactions.
EIP 86 was planned to be used to update Ethereum last year, in particular for integration into the "account abstraction" blockchain system, which will allow transactions without the sender's signature. A full update was postponed due to its complexity, but its code was added to the Parity client.