The Dao Attack: Understanding What Happened

  -  
David Siegel is a blockchain strategist & speaker, founder of Kryptothiết kế.com and curator of DecentralStation.com, a place to learn about blockchain.

Bạn đang xem: The dao attack: understanding what happened

In this piece, Siegal attempts to lớn help journalists underst& the DAO attaông xã and what happened when The DAO collapsed & why he believes it’s important for the press to get the story right.

The article will be updated on Medium as the situation develops. Disclaimer:Siegal owns a small number of DAO tokens.

*

The basics

The ethereum network is a network of computers all running the ethereum blockchain. The blockchain allows people lớn exchange tokens of value, called ether, which is currently the second most popular cryptocurrency behind bitcoin. ethereum also allows people to lớn write and put on the network smart contracts – general-purpose code that executes on every computer in the network (currently over 6,000 computers). People then execute these programs by sending ether to them.

A DAO is a Decentralized Autonomous Organization. Its goal is lớn codify the rules and decisionmaking apparatus of an organization, eliminating the need for documents và people in governing, creating a structure with decentralized control.

Here’s how a DAO works:

A group of people writes the smart contracts (programs) that will run the organizationThere is an initial funding period, in which people add funds khổng lồ the DAO by purchasing tokens that represent ownership – this is called a crowdsale, or an initial coin offering (ICO) – lớn give sầu it the resources it needs.When the funding period is over, the DAO begins to lớn operate.People then can make proposals to lớn the DAO on how to spkết thúc the money, và the members who have bought in can vote lớn approve sầu these proposals.

It’s important khổng lồ understvà that great care has been taken not khổng lồ make these tokens inkhổng lồ equity shares – they are more like contributions that give people voting rights but not ownership. In most cases, a DAO is not owned by anyone – it’s just software runningon the ethereum network.

The very first DAO is bitcoin itself, which is governed by consensus amuốn its core team and its mining network.All other DAOs have been launched on the ethereum platkhung.

“The DAO” is the name of a particular DAO, conceived of & programmed by the team behind German startup Sloông chồng.it – a company building “smart locks” that let people tóm tắt their things (cars, boats, apartments) in a decentralized version of Airbnb.

The DAO launched on 30th April, năm nhâm thìn, with a 28-day funding window.

For whatever reason, The DAO was popular, raising over $100m by 15th May, and by the end of the funding period, The DAO was the largest crowdfunding in history, having raised over $150m from more than 11,000 enthusiastic members. The DAO raised far more money than its creators expected.

It can be said that the kinh doanh was better than the execution, for during the crowdsale, several people expressed concerns that the code was vulnerable to lớn attaông xã.

Once the crowdsale was over, there was much discussion of first addressing the vulnerabilities before starting lớn fund proposals. In particular, Stephan Tual, one of The DAO’s creators, announced on 12th June that a “recursive sầu Hotline bug” had been found in the software but that “no DAO funds at risk”.

At the time, more than 50 project proposals were waiting for The DAO’s token holders to vote on them.

It’s important lớn reiterate that the ethereum network has no such bugs & has been working perfectly the entire time. All networked systems are vulnerable to various kinds of attacks. The ethereum network, which supports (depending on the price) around $1bn worth of ether, has not been hacked và is continuously executing many other smart contracts.

Everyone who writes a smart contract knows that if it can move a large amount of cash it will be subject khổng lồ attaông chồng. This particular vulnerability was discovered recently in another system, called Maker DAO, và was neutralized quickly because that DAO was still in testing.

Many people feel that testing & certifying smart contracts will be an important part of keeping the ethereum ecosystem safe. You’ll find several smart-contract validation services listed at DecentralStation.com.

The DAO Hack

Unfortunately, while programmers were working on fixing this và other problems, an unknown attacker began using this approach to start draining The DAO of ether collected from the sale of its tokens.

By Saturday, 18th June, the attacker managed to lớn drain more than 3.6m ether into a “child DAO” that has the same structure as The DAO. The price of ether dropped from over $trăng tròn khổng lồ under $13.

Several people made attempts khổng lồ split The DAO to lớn prsự kiện more ether from being taken, but they couldn’t get the votes necessary in such a short time. Because the designers didn’t expect this much money, all the ether was in a single address (bad idea), và we believe sầu the attacker stopped voluntarily after hearing about the fork proposal (see below). In fact, that attack, or another similar one, could continue at any time.

Smart contracts are meant to be stand-alone agreements – not subject lớn interpretation by outside entities or jurisdictions. The code itself is meant to lớn be the ultimate arbiter of “the deal” it represents. But of course, that’s an ideacác mục (crypto-anarchist) perspective.

Even before the attaông xã, several lawyers raised concerns that The DAO overstepped its crowdfunding mandate & ran afoul of securities laws in several countries. Lawyers also pointed to its creators as potentially liable for any problems that may occur, & several expressed concern that token holders of The DAO were accepting responsibility they were likely unaware of. The DAO exists in a gray area of law and regulation.

Because the child DAO has the same structure, limitations, & vulnerabilities as the parent DAO, the ether in this newly created child DAO can’t be accessed for 28 days, as that is the initial funding period.

Everyone can see the ether in this child DAO – any attempts lớn cash it in will trigger alarms và investigations. It could be that the attacker will never get to cash or spend a single ether of it.

It’s entirely possible that the attacker had a large short position on ether at the time of the attachồng, which he or she then cashed out after ether had been cut roughly in half. The attacker may already have sầu made his money, regardless of the ether sitting in the child DAO.

There are things the Ethereum Foundation could bởi that may be able lớn nullify the ether in this DAO. That’s where things get complicated.

The Soft-Fork Proposal

The DAO contains roughly 15% of all ether, so a failure of The DAO has a negative sầu impact on the ethereum network & its cryptocurrency.

It’s worth noting that dozens of startups are working on DAO or governance products, many smart contracts have sầu similar vulnerabilities và building complex software using smart contracts is still in its infancy. Everyone involved has a stake in what happens next.

All eyes are on The DAO and the Ethereum Foundation, hoping for a resolution that allows the ecosystem to continue to lớn develop as it was before.

To underst& what happens next, you will need to understand blockchain basics: A network of nodes puts transactions into lớn blocks and blocks inlớn a single chain that represents the “truth” of what has happened. If two competing transactions happen at about the same time, the network resolves this conflict by choosing one và rejecting the other, so all nodes have sầu the exact same copy of the distributed ledger.

The only way to lớn “rewrite history” would be khổng lồ have sầu at least 51% of all nodes agree lớn such a collusion – something that has never happened in the history of bitcoin or ethereum. The goal of a decentralized network is that no one has the power to lớn vị that, or the network itself becomes untrustworthy.

On 17th June, Vitalik Buterin of the Ethereum Foundation issued a critical update, saying that the DAO was under attack và that he had worked out a solution:

A software fork has been proposed, (with NO ROLLBACK; no transactions or blocks will be “reversed”) which will make any transactions that make any calls/callcodes/delegatecalls that reduce the balance of an tài khoản with code hash0x7278d050619a624f84f51987149ddb439cdaadfba5966f7cfaea7ad44340a4tía (ie. the DAO và children) lead to lớn the transaction (not just the gọi, the transaction) being invalid …

In this, Buterin specifically states that he isn’t proposing lớn rewrite any blocks, but just to lớn install a “switch” in the basic ethereum code that prevents moving any ether out of the DAO or its children.

Effectively, this is a one-time fix (called a “fork”) for a one-time sự kiện that seals those ether into lớn that address for all time.

Buterin continued:

“Miners và mining pools should resume allowing transactions as normal, wait for the soft fork code and stand ready to lớn download and run it if they agree with this path forward for the Ethereum ecosystem. DAO token holders và ethereum users should sit tight và remain calm. Exchanges should feel safe in resuming trading ETH.”

In other words, a blacklist will be built into lớn the ethereum code to lớn keep the bad guy from claiming his prize. In this “freezing of assets” scenario, Buterin calls for a discussion of how khổng lồ help DAO token holders recover their initial investment.

This seemingly innocuous & well-meaning “Deus ex machina” proposal – which must still be adopted by a majority of ethereum network nodes to take effect – has opened a huge can of worms.

The Attacker Responds — or Does He?

I will hotline the attacker a lone male, even though I have sầu no idea if he is one.

What happened next was interesting. In an open letter to lớn The DAO & ethereum Community, the attacker supposedly claimed that his “reward” was legal and threatened to lớn take legal action against anyone who tried to invalidate his work. Several people pointed out that the cryptographic signature in this message wasn’t valid – it could be kém chất lượng.

But it’s well written, và from a certain point of view, well reasoned: The premise of smart contracts is that they are their own arbiters and that nothing outside the code can “change the rules” of the transaction.

Later, through an intermediary, the attacker claimed that he would put a stop lớn the organized “theft” of his property by rewarding miners (nodes) who don’t go along with the proposed soft fork, saying:

oon we will have a smart contract khổng lồ reward miners who oppose the soft fork & mines the transaction. 1m ETH + 100 BTC will be shared with miners.”

This is clearly a complex dynamic system.

These messages from “the attacker””cannot be verified, so we’ll have khổng lồ wait and see what happens.

The Hard-Fork Proposal

Another proposal is more aggressive sầu – to ask the miners khổng lồ completely unwind the theft và return all ether to lớn The DAO, where it can be redeemed by token holders automatically, thereby ending The DAO.

As Stephan Tual puts it in his blog …

“By 4pm local time, the consensus was that should a soft fork be deployed within 27 days, the attacker would not be able to retrieve sầu the funds he had stashed into a child DAO.

Xem thêm: Return On Equity Là Gì - Roe (Return On Equity) Là Gì

A subsequent hard fork could even return all ether, including the DAO’s ‘extraBalance’ and the stolen funds, baông xã into lớn a smart contract. That smart contract would contain a single function: withdraw().

This would make it possible for everyone who participated in the DAO to withdraw their funds: thanks khổng lồ the support of the miners, & because nothing had been spent so far, nothing would be lost.”

This has the effect of rewriting the rules by which the blockchain executes, which is supposed to lớn be impossible. Should we let that rule slide just this one time, khổng lồ put the ethereum project baông chồng on track?

The Sloông xã.it guys và most DAO tokenholders would be grateful if we did.

Responses to lớn the soft fork

Seen on its own, the proposal is reasonable. It’s a one-time fix khổng lồ a one-time problem. But many people don’t see it that way.

You can read the massive sầu response on Reddit, which I will try khổng lồ summarize:Trustworthiness of the network is sacred.

As one person on Reddit put it:

“The involvement of the ethereum foundation in the DAO has been & is a mistake. As I see it ethereum is supposed to lớn be the foundational infrastructure upon which a flurry of projects và experiments are supposed to blossom, & in order for them lớn blossom they need a foundation that is svào, & that has integrity in the face of challenges. The hard fork proposal is a compromise that ruins that integrity and signals that projects lượt thích the DAO can influence the underlying foundation lớn their own advantage. To me that is totally unacceptable và is a departure from the principles that drew me lớn ethereum.”

The hard fork is a valid option, but it should be kept for situations which require emergency modifications of the ethereum protocol itself, và not for projects that run on it.

The fact that the Ethereum Foundation has been involved in and promoted The DAO project has been an error và it only usurps the trust that people have in ethereum as a foundational infrastructure for other projects.

I hope they will correct this error.

Another one chimed in:

“I made a bad contract in the first days ETH was online and lost 2K ETH with it, can I also get it back? Thanks!”

And finally:

“Ethereum worked exactly as intended. I don’t believe sầu software should be updated when it works exactly as intended.You assume the risks of your investment. If you don’t understvà your investment, you assume unknown risk. Anything else is a bailout by a central authority, i.e. the antithesis of the crypkhổng lồ world.In a related way, this is why Lehman Brothers was allowed to fail – because the giảm giá is the giảm giá, và if you bend the rules for a particular player, all other players will want special treatment, too.”

Too Big to Fail

Just a month after Lehman Brothers, other banks did get special treatment, và you can decide for yourself whether that was a good idea – it’s quite analogous to the situation at h&. The DAO is not an islvà.

It is considered “too big to fail” from the point of view of the ethereum ecosystem. It may be noted that several people from the Ethereum Foundation are DAO token holders and also have advisory positions in The DAO. Even Gavin Wood, one of the original ethereum founders, supported the fork in a blog post.

In this view, then, it’s possible that some other large projects could need to be rescued and the Ethereum Foundation, having phối a precedent once, may once again ask miners lớn rewrite history.

The analogy to lớn the ngân hàng bailouts is remarkable: banks were able to take huge risks hoping for huge returns, và when those trades went south, the taxpayers bailed them out (except for poor Lehman Brothers). This risk asymmetry is generally thought of as a bad way to lớn incentivize market participants.

Those are the two extremes, but most people fall into one or the other.The long arm of the law, not to mention the tax man

The above discussion assumes we are operating in a vacuum, in crypto-anarchy space, where laws don’t apply. But people have invested real money & real laws can and will apply to lớn this case.

In fact, all parties here may have legitimate claims that could take years khổng lồ settle out in courts around the world.

Who’s at risk?

Even though they took great care lớn not create securities and make sure people were aware of the risks, they still may be held liable. If the DAO token holders thảm bại most of their $150m+ investment, a class-action suit against the originators seems likely.

Other DAOsSome people have taken The DAO smart contract word for word khổng lồ implement other DAOs. In the case of a hard fork, all of the ether in any DAO that uses The DAO’s 1.0 smart contracts will forfeit their ether into a refund address, to be divided aước ao DAO token holders. Thus, DAO token holders could end up getting more than they put in. This is sure to lớn anger those who have sầu put their own money inkhổng lồ their own DAOs using The DAO 1.0 code.

DAO tokenholdersAs investors, và without the protection of a corporation, all 11,000+ DAO token holders may be seen as general partners in the fund. In that case, the attacker can sue individual DAO token holders in their own trang chính jurisdictions, claiming that they represent the entity that seized his rightful property.

The ExchangesNot long after the initial funding period, several cryptocurrency exchanges began making markets in DAO tokens.

As part of the chain, anyone who bought DAO tokens from any exchange may sue the exchange for selling flawed investments. This could go very deep – to the cấp độ of securities law violations, or they could simply be liable for the profit they made on the tokens.

Given that several exchanges have plenty of cash, they could be among mỏi the first targets.

The Ethereum FoundationThe Ethereum Foundation has a lot at stake here. They want the network khổng lồ be rochồng solid, to lớn support billions of dollars worth of commerce, và lớn be “the operating system of the future”.

But now they are between a roông chồng và a hard place: if they vày nothing, the ethereum network suffers a setback that could take years khổng lồ recover from; if they intervene, they mix a dangerous precedent that erodes the social contract they mix up with their network of independent nodes.

They didn’t design the ethereum network to lớn be the judge và jury in case one or more parties are injured.

Miners andnodesThe 6,000+ full ethereum nodes may be liable for any forks they vote for.

If the attacker can be seen as having acquired his ether as a result of a “feature” of a smart contract, then he may (and has already threatened to) sue any of the miners that try khổng lồ take what he feels is rightfully his away from him. He could also sue the Ethereum Foundation if they write the software that implements the fork.

On the other hvà, DAO token holders could sue nodes that don’t vote for the fork, claiming that they aren’t doing the right thing. On the other hvà, people running nodes like money, & they may get money from “the attacker” not khổng lồ fork. It’s entirely possible that governments will step in here & try khổng lồ make big changes in the governance of the Ethereum system.

The attackerThe attacker may already have made a substantial sum via market manipulation – this is illegal in many jurisdictions. He also may have a huge tax liability. There is obviously a tremendous incentive sầu for the community lớn learn his identity và “out” hyên ổn.

There is probably enough information out there for people to figure out who he is – it may just be a matter of time before they vày.

The Aftermath

It seems at this point that The DAO will die, & that DAO token holders will get somewhere between 0% và 100% of their ether baông xã.

It’s safe to say that the Sloông chồng.it guys have sầu their hands full for a while, they may not get their project funded (I’m told they put quite a bit of their own money into The DAO), & they may be talking with lawyers for months.

The DAO is still subject to lớn another similar attack.

Vitalik can propose an ethereum-based solution, but the nodes must decide. It’s not clear which of these paths the nodes will take. Many people say that “doing nothing is perhaps the worst option”. It depends which side of various fences you’re on. There are slippery slopes everywhere.

There’s another wrinkle: The Ethereum Foundation is on traông xã to switch khổng lồ a new consensus mechanism called “proof of stake”, & in that scenario, anyone who owns 14% of all ether will have tremendous control over the future blockchain.

In fact, Vitalik has asked for projects to have a limit of $10m or so, to help contain the magnitude of unintended errors.

It’s also very likely that there will be lawsuits. We could see a total mess, with lawsuits extending for many years. Or we could see a fairly neat và tidy ending, ethereum goes on and “the attacker” never surfaces again.

Though I would bet 5 ether that the attacker will be found within a month or two. Even though the letter và the spirit of smart contracts is that “smart contracts rule,” & the rule of law doesn’t apply – in this case, most people would lượt thích khổng lồ see a do-over. I’m guessing we will see various rules of law apply.

I have sầu tried khổng lồ stichồng with the facts, và now I will offer one simple opinion: This situation will resolve itself well if the attacker will simply buy a bunch of ether, then agree khổng lồ work with The DAO people to return the money to lớn all tokenholders và dissolve sầu The DAO completely.

The attacker will have sầu made some money, made his point, no lawyers will be involved, we will all have learned a hard lesson, và the Ethereum Foundation can start planning for a safer, more resilient future.

Summary

I believe we can say that this sự kiện marks the beginning of a new era of ethereum’s public blockchain.

While the agile approach of “ready, fire, aim” generally works best with new software, it can be dangerous when $150m gets loaded into lớn the chamber.

Ethereum was billed as a general-purpose computer and the harbinger of a new decentralized Model for computing and for society. We will see, a bit sooner than we may have sầu wanted, how all this plays out in the real world.

Xem thêm: Find Jobs At Công Ty Cổ Phần Mỹ Phẩm Sài Gòn, Công Ty Cổ Phần Mỹ Phẩm Sài Gòn

Some resources:

DAOs, DACs, & More – by Vitalik Buterin

How to lớn Build a Democracy on the Blockchain – by the Ethereum Foundation

The DAO, The Fork, The Fallout – A group discussion

This post originally appearedon Medium & has been republished with the author’s permission.