Ethereum/DAO Hacked!

7 posts were merged into an existing topic: General moderation talk / interventions

Perhaps the code for Ethereum should be a part of a smart contract running on Ethereum? With a clear ‘contract’ for managing change. (Fix for recursive exploit, is recursive)…

I took the liberty of challenging Ethereum with your point https://forum.ethereum.org/discussion/7822/a-challenge-existential and they responded…

Their characterisation of the fork proposal to ‘reverse’ is flawed. The fork does not reverse, it ‘progresses’ to a third state by which stolen funds can be returned to rightful owners. That progression is not enacted by any central authority but by the consensus mechanism which is more fundamental to the platform than smart contracts themselves.

Which I suppose is as good an answer as they could give; and to which I replied

Still, to be seen in the future whether Ethereum can resist other demands for change because [insert reason here].

Interesting questions they raise by using words like stolen and rightful owners:

• who determines ownership of those funds and how?
• what is a smart contract if it can be changed by “consensus” (actually they mean majority of not consensus) among some special group?

It is a mess, they can’t deny that surely!

It is a great learning opportunity for everyone. We need to use it to understand the limits of coded “contracts” - and really should stop using that label because they are obviously not contracts if they can be modified by a majority vote among some chosen group, rather than adjudicated according to some agreed “law” (not meaning conventional law here, but something codified in advance that is used to determine outcomes rather than voting).

They have demonstrated that Ethereum smart contracts are not contracts in certain situations, and until everyone can be sure what the limits are, they can’t be considered contracts at all.

What Ethereum have shown is that this is determined by a special group, who can decide what is or isn’t owned by whom. That isn’t smart, and it isn’t a contract.

Well you say that but a large part of what is missing from cryptocurrency and related technology is the law to back it up.

One of the uses cryptocurrency could be put to, is evidencing ownership of real world objects… but the bridge from unique instance of a crypto-token to real world object can only be bridged by some authority… consensus some would say but equally law of the land could do that. If UK.law for example allowed courts to acknowledge the principal of ownership relative to crypto-tokens, then that would be a powerful reality that might encourage adoption but also would limit what is practical for the technology itself.

I wonder the point at the moment is that Ethereum is making the rules and working to their own law, rather than being limited by them - which is the way they would have it but then aren’t they in a fix. Until there is some heritage or until they adopt some legal legacy, that uncertainty may rule badly for wider adoption, especially by large business users.

I think you are going off topic until…

I wonder the point at the moment is that Ethereum is making the rules and working to their own law, rather than being limited by them - which is the way they would have it but then aren’t they in a fix.

Which is my point: if ownership decisions are by some group voting, they shouldn’t be termed contracts and are not according to pseudo law (or as I emphasised, actual law).

Creating a link between actual laws and cryptographic asset exchanges is a valid point, but not really what we’re talking about here.

The issue highlighted by TheDAO debacle is that all this talk of smart contracts, stolen ether and rightful owners is disingenuous, because that link has been explicitly removed - and ownership is in fact determined by a majority vote among this special group in certain situations. They can effectively rewrite contracts on a case by case basis through a referendum! (Topical here in UK this week ).

This puts limits on how trustable the system is, and what it can be trusted to do. Certainly the claims about code being a contract are out of the window. Nobody considered bugs in smart contracts? Really? I thought these were the brightest minds on the planet.

So far, we’ve seen one data point on where those limits are today, but we can only guess where those limits will be in future. I bet Vitalek now has nightmares in which lawyers are arguing in court whether a line in a “smart contract” is a bug or a feature .

I think it’s pretty clear: the system can be trusted to act in its own self interest.

As an ethereum miner has written in the DAOHUB forum:

A precedent needs to be set here, and this precedent is that no one must mess with the consensus of the ETH miners, the ETH community, and the code we control.

If a bad actor wants to defraud us of $500 million in value by stealing ~5% of the total ETH from everyone in the DAO then we all need to stand up and say NO.

https://forum.daohub.org/t/message-to-miners-who-think-a-hard-fork-is-not-the-way-to-go/5409

Basically, the system will work as intended, unless you try to undermine it. Don’t kick the hornet’s nest, and you’ll be fine.

Remember, Ethereum is blockchain based (controlled by distributed consensus), not SAFE based (practically 100% immutable)

Thanks - that’s clear then: anything that runs on Ethereum is owned and controlled by ether miners.

That’s one hell of a limit. Sounds more like a walled garden from Apple or Microsoft, or in the old days IBM! Shareholders and profits are king yet again.

This is some pretty interesting game theory going on here…its like some elaborate spin on the prisoner’s dilemma.

One could write a whole analysis on this sentence only. Who is “us”? Why is the person who acted in line with the DAO contract a bad actor who defrauds and steals? Why do all have stand up when the real losers are those who bought into the DAO.

As someone on Reddit wrote: think of the DAO as a giant bug tracking program. The “defrauded” money is the bounty. Why does that feel wrong? What if the DAO had never a 9 digit but only a 6 digit value. Some people would be angry but there would be no debate as if this was a problem that concerns the whole Ethereum sphere. Now, the question is why it had this value and the answer is that it was massively hyped. MANY people jumped on board. They didn´t understand the code, but they believed that this was the perfect chance to make money. To me the whole proposal sounded awesome but I didn´t jump on board particularly because I didn´t understand it and feared the obvious hype.

It´s not the “attacker” who caused the debate of a fork, but the people who hyped the contract.

That’s right - that’s how it is. Same with Bitcoin and any other blockchain I know of.

It’s not just a limit - it can also be a benefit. In this case, stolen funds can be recovered, which many people think is a good thing (I certainly do).

It’s still a long way from being a walled garden - Microsoft or Apple can set things up however they like, and change all kinds of things however they’d like to according to their hierarchy, wheras the distributed consensus of a blockchain is nothing like the chain of command in a company. Doing a hard fork without causing significant damage will always require the collaboration and a good degree of single mindedness between a massive group of stakeholders all over the world who are not under anyone’s control. This includes miners, exchanges, large holders, wallet makers and maybe others.

So, distributed consensus is a world apart from a company hierarchy, but that doesn’t make it powerless to respond to the desires of the stakeholders as long as there’s a very large degree of support for any action.

Thankfully we will have an ecosystem of all kinds of blockchains & other cryptographic consensus technologies, so for use cases when utter immutability is critical, people can use Safe, but when they want to try out a hugely experimental, flexible, possibly-buggy experiment like the DAO, they can choose a technology that has a chance of taking action in the face of unforeseen exploits.

I think you are missing the significance of what I’m saying, and of key points like the questions I posed earlier. Such as who decides who owns what in this situation - right now it is arbitrary, down to a vote, and those voters are little different to company shareholders, and just as with bitcoin or a corporation, those voting rights can be bought, or controlled by a (cryptocurrency mining) cartel. Nothing here is good. Ethereum have shot themselves in the head with this action.

I think it is quite different with ethereum.

With Bitcoin, you can roll back history with consensus, which is pretty brutal and arguably steals from those who have made legitimate exchanges in the interim. This can only be considered as a result of a catastrophic failute of the network.

You could add code in to Bitcoin to black list certain coins, but you couldn’t move them without the consent of the owner, even with a hard fork. You need the private keys to do this, not consensus.

Ethereum seems to be different from what I understand. I don’t know enough about the proposal to be certain, but it sounds like contracts can be modified to result in a different future, to essentially change the past. I assume this has to be the case, as they don’t need to roll back to essentially change the outcome of a previously defined contract.

Feel free to correct my understanding if I am wrong. I pretty much assumed that contracts would be cryptographically immutable to anyone but their owner, but surely not if such changes can be made?

Exactly, and in the foot too at the same time I think. This is a decision making process with only financially involved miners who might or might not oversee the short-, mid- and longterm financial, economical, legal, reputational, etc. consequences of their decision. Never ever have the shareholders only, decide about the future of a company, it has always been my opinion.

And although I think a hard-fork is going to be the most likely decision, and I would support that being a total outsider, at the same time I’m thinking “operating solely with the steadfast iron will of unstoppable code” my [self censured].

I’m not very knowledgeable about the technical details, but I think you are right; a hard fork in Bitcoin couldn’t change where funds are held, or the modified chain would not have a valid cryptographic proof that fits every transaction going back to the genesis block.

If it is the case, Bitcoin balances have a higher degree of immutability than Ethereum contracts (which are still in practice completely immutable unless you’re trying to rip off the stakeholders of the blockchain to the degree they will mobilise a hard fork to defend themselves, which has never happened up to now, but it is a real possibility in this case).

looks like the devs are draining the DAO…

Ha! You couldn’t make this stuff up!

Edit: …and at time of writing, TheDAOs market cap is up 10%. Are we living in the Twilight Zone?!

Here’s a pretty thorough attempt to establish the legal situation, which concludes with a summary of the options, risks, and consequences.

He suggests that the current attempts to rescue DAO investors are potentially self serving (since Ethereum Foundation members are believed to be heavily invested in TheDAO) and potentially do more damage than the MtGox solution - i.e. do nothing (half a billion dollars stolen if I recall).

The legal options all appear to be impractical, but by intervening, the Ethereum Foundation do in theory seem to make themselves potentially liable.

I think the potential lawsuit against the hard fork is pretty silly — The attacker would have to reveal himself – thus exposing himself to countersuits and possible prosecution… And his attack prevented the code from running to completion, so the “It was programmed to run this way” defense is pretty far fetched.

But it does make for interesting conversation fodder and a pretty impressive mess…

I have a long history of posts arguing that DAO’s really aren’t any better than anything else we have now. They may be useful for menial repetitive business tasks, but in most cases vision, leadership and an appetite and nose for acceptable levels of risk are what makes the economies churn.

Indeed, it was an attack, a fact disregarded by the complainers against the hard fork. It’s not actually a computer issue: a malicious person sabotaged the honest efforts of a lot of people. The “bug” is actually in the human, and not the computing, domain, and I conclude that ultimately such bugs will be fixed by justice markets (as contrasted with the fiat justice system that we have now).