Dr. Cao Feng: Talking about blockchain from "Brexit" and "The DAO Theft" - On consensus, forks, decentralization and security

Brexit and the DAO hack

On June 23, 2016, the United Kingdom decided to leave the European Union after a referendum, which is referred to as "Brexit". Brexit has a huge impact on the entire world situation. Compared with such a newly emerged Chinese abbreviation, there is also a special term in the English system - Brexit. It is a combination of the two words British and exit. The decision to leave the European Union is based on the British referendum.

Obviously, a referendum is a way to reach a consensus. The basis of all consensus is language, whether it is Chinese or English, or Java or C++ programming languages ​​in the computer world. Six hours after the Brexit result was announced, Google released data showing that the second most popular question searched by British people was "What is the European Union", with a 24.5-fold increase in search volume. This shows that many people voted hastily when they did not know what the European Union was. After the British re-understood "what is the European Union" through search, they found that the vote they made at the beginning did not really reflect their original intentions. So, the next day, more than one million British people jointly hoped for a second referendum.

As the latest blockchain startup project, The DAO (pronounced “de dao” in Chinese) set the largest crowdfunding record in human history in May 2016. The project raised about 1 billion RMB based on the project white paper alone, which shows that everyone has extremely optimistic prospects for the blockchain project. On June 17, 2016, hackers launched an attack and exploited a vulnerability in The DAO to swallow more than 3 million ethers with a market value of 390 million RMB. The theft of The DAO has a huge impact on the global blockchain industry. After the first round of attacks, several rounds of text debates and code attacks between hackers and white hats (positive hackers) attracted widespread attention [1,2,3]. We don’t know whether The DAO project can “transform from a cocoon into a butterfly and ascend to heaven smoothly”. But this attack did keep Ethereum’s founder Vitalik busy for several days in technical discussions and suggestions on soft forks and hard forks to prevent hackers from successfully transferring the stolen ethers, which triggered a lot of doubts [4-11]. In fact, before, during, and after the crowdfunding of The DAO project, there were constant articles pointing out the design flaws in it[14] and calling for a temporary halt to the crowdfunding of the project. However, for various reasons, these warnings did not attract enough attention from The DAO project team. Therefore, there is also a view that The DAO incident reflects the greed of human nature[15] and is a theft that could have been avoided.

As the Brexit incident, which is a consensus reached by human society, continues to ferment, and the DAO attack incident in the blockchain world is also continuing [4,5,6]. The plot is full of ups and downs, and everyone can wait and see. From the process of these two seemingly unrelated events, it can be found that the discussion on "consensus and forks, centralization and decentralization" in the blockchain field has become particularly intense [7-11]. If you don't argue, you won't understand, "washing will make you healthier." This article hopes to use Brexit and The DAO to explain the differences and connections between these three.

Human consensus comes at a price

Consensus is something that seems simple, but is actually very complex and happens frequently. People do not exist alone, but have strong social characteristics and have various connections with each other. Moreover, most transactions and exchanges require communication between people, and the purpose is often to reach a consensus.

How can we reach a consensus? The first level is the consensus on language. The language people speak should be consistent, it can be Chinese, English, or any other language. The second level is the consensus on semantics. When people speak the same language, their understanding and recognition of the same language as a formal symbol should be completely consistent. Otherwise, there will be a disagreement, that is, a semantic bifurcation, which will lead to different understandings of the meaning of the same word or sentence, similar to "chicken and duck talking". The third level is the consensus on execution. When a consistent understanding is reached, people need to actually implement the conclusions reached according to this understanding. We often find that deviations are often prone to occur during the execution process. For example, a situation that was not considered before has arisen, and for this reason, a new consensus needs to be formed again.

After the Brexit referendum results were announced, many people wanted a second referendum, because they did not really understand what Brexit meant to the British. In other words, in addition to the literal meaning of Brexit, people need to have a certain degree of understanding of its meaning and impact, so that they can make actions that truly represent their own wishes and finally reach a consensus that meets everyone's wishes. Therefore, consensus is difficult to reach and differences often arise.

In the process of reaching a consensus, people need to pay a huge price. For example, the referendum on Brexit is a very time-consuming and laborious matter. First, the whole nation needs to be mobilized so that people can know about it and have a reasonable understanding of it; then, people need to be organized to vote, and then the relevant voting information needs to be collected, sorted, classified and calculated, and finally, the number of votes and the conclusion of whether to leave the EU are drawn. The seemingly simple referendum, or such a process of reaching a consensus, may cost far more than we can imagine.

Blockchain consensus is a simplification of human consensus

In the blockchain world, it is very simple to reach a basic consensus: the longest chain represents the truth, and everyone accepts it; other branches are forks and will be forgotten, as if they never existed. In fact, new forks are constantly generated during the formation of the blockchain chain. There is a competitive relationship between forks, because only the longest one can survive and be recognized by everyone. This is the survival of the fittest in the blockchain world, and it also constitutes the consensus in the blockchain world.

The opposite of consensus is called "disagreement". "Disagreement is the root of all problems, all disputes, and all wars". Therefore, Ge You invented and successfully sold the patent of the disagreement terminal in "If You Are the One". Why do disagreements arise? First, in the process of reaching a consensus, people did not reach a consensus, whether in terms of words or the connotation and extension of the words; second, after reaching a consensus, people did not really implement the conclusions generated by the consensus mechanism. In a sense, a consensus decision that has not been implemented is not a consensus in the true sense.

The programs running on each node in the blockchain network are consistent or compatible, that is, the language is consistent. Once a new block is generated, it will be synchronized to all or most nodes in real time. That is, once a consensus is reached, people need to ensure that it is strictly implemented. Only in this way can all blockchain networks always maintain consensus.

As The DAO incident fermented, people heard the word fork more and more. From a technical point of view, forks can be divided into soft forks and hard forks. Using a "hard fork" means rolling back all transactions to a certain point in time before the theft. Using a "soft fork" is equivalent to blocking all transactions from the attacker's address. In short, we use active fork technology to cause differences between good people and attackers, so that the branch of malicious transactions generated by the attacker is not recognized by the majority of (good) people.

Byzantine Generals: Centralization vs. Decentralization

Anyone who studies computer distributed systems or blockchain will talk about the "Byzantine Generals Problem". It is a classic problem that assumes that the majority of Byzantine generals are good. The generals of the Byzantine Empire must unanimously decide whether to attack a certain enemy army. The problem is that these generals are geographically separated, and there are traitors among the generals. The traitor can act arbitrarily to achieve the following goals:

(1) To deceive certain generals into taking offensive action;

(2) Facilitating a decision that not all generals agree on, such as facilitating an offensive action when the generals do not want to attack;

(3) Or confuse some generals so that they cannot make a decision. If the traitor achieves any of these goals, the attack is doomed to failure, and only a complete consensus can lead to victory.

The "Byzantine Generals' Problem" is a real problem that people often encounter in the process of reaching a consensus. As a result, people talk about centralization and decentralization. If it is a centralized solution, it is nothing more than people jointly selecting some people as generals, and then these generals discuss and vote until the supreme commander makes the final decision after considering all factors. The so-called decentralized solution is to make everyone a general, and everyone directly participates in the final decision.

It is worth noting that people often confuse distribution with decentralization, and even unilaterally believe that distribution is equivalent to decentralization. In fact, distribution can be centralized, and centralization can also be decentralized. For example, requiring all voters to go to the same place for a referendum.

Interestingly, which of the two approaches, electing representatives to make decisions or making decisions directly by all employees, will ultimately lead to better decisions? In different fields and from different perspectives, the answer is debatable.

Brexit outcomes under centralization and decentralization

Map the above problems to the field of data mining and machine learning. "All personnel" corresponds to "full sample data". "Selected representatives" corresponds to the screened "sample data". "The decision made" corresponds to the "generated model". Contrary to common sense, we will find that the data models generated based on full sample data may not necessarily have the highest quality. On the contrary, the models learned based on screened samples are more effective. The reason is simple. When using the full sample, it is inevitable to introduce some additional noise, or the full sample is sometimes not conducive to the algorithm generating a model that conforms to the actual data distribution. After removing some noise, the learned model is more accurate. This is the statistical principle why people often need to do data cleaning operations before data modeling.

This difference is particularly evident in the recent Brexit event. We can see that the differences between the north and south of the UK are very obvious. Most of Scotland and Ireland in the north strongly support staying in the EU (yellow), while most people in the south choose to leave the EU (blue). From the perspective of all British people (full sample), those who choose to leave the EU account for the majority. However, in this process, the contradiction between local characteristics and global statistics is very obvious. So, what should the final decision be? If a centralized or decentralized approach is used, the conclusions may be completely different.

Of course, we cannot deny decentralization based on this. In the field of blockchain, the main advantage of decentralization is that it supports direct "point-to-point" transactions and builds strong trust relationships with many weakly trusted nodes. In centralized solutions, the center often becomes the "bottleneck" of the entire system and the weakest link in the system that is most vulnerable to attacks. In order for the center to have sufficient processing power, throughput, security and reliability, people often need to buy very expensive equipment.

Soft and hard forks are not inconsistent with decentralization

So, what is the relationship between disagreements or forks and decentralization? There is indeed no necessary connection between the two. From the perspective of The DAO incident, the proposal for the fork was called by the Ethereum Foundation represented by Vitalik. So, people may think, "Isn't this the formation of a new center?" However, it should be noted that this call and advocacy is different from real centralization. After all, it does not mean that the entire Ethereum system needs or must operate in this way after the Ethereum Foundation made this call. In fact, whether people really conduct a soft fork or a hard fork depends on everyone involved in the construction and operation of the Ethereum network[12]. As Vitalik expressed in his public response, "I will not prevent or oppose the other party from promoting their views in public, or even lobbying miners to resist this soft fork. On this matter, I will resolutely not argue with anyone on the opposite side."

There is another discussion that people don't quite understand. During the DAO incident, there were many discussions about whether the Ethereum blockchain is the decentralized network it claims to be, and even rumors that the Ethereum blockchain has stopped. Because the emergence of Bitcoin mining machines and mining pools has made the originally decentralized Bitcoin design have computing centers. These computing centers have a huge impact on the Bitcoin network. Therefore, Ethereum hopes to make a new design that considers more decentralized means to reduce the possibility of someone designing and manufacturing Ethereum mining machines in the future. The principle it adopts is very simple, that is, the block calculation based on the Ethereum blockchain must be based on a relatively large memory. The existing mining machines that can directly perform hash calculations on the Bitcoin system cannot perform such large memory calculations. As a result, the cost of manufacturing Ethereum mining machines becomes very high, and centralized mining methods are avoided as much as possible.

Of course, we must objectively look at the comparison between the Bitcoin and Ethereum ecosystems. At present, Bitcoin still has an overwhelming advantage. From the perspective of Hash computing power, the average computing power of the current Bitcoin network is about 1,500,000TH/S, while the computing power of Ethereum is 4TH/S, a gap of 4 million times. For Bitcoin, there is a problem of over-concentration of mining pools. Some domestic experts are very optimistic about this. One fact is that the vast majority of Bitcoin mining pools are built in China. This is helpful for China to increase its influence in the Bitcoin virtual world. Of course, this is another topic.

Personally, I think that absolute centralization and absolute decentralization are both undesirable, and we need to find an appropriate balance according to specific scenarios. In particular, most of the hot blockchains now are not based on the existing blockchain design of Bitcoin. The return of Bitcoin prices is, in a sense, due to people's optimistic outlook on the prospects of blockchain technology.

The DAO's security warnings in the middle layer and application layer

Another hotly discussed topic during The DAO incident is security. All security needs to be layered. As can be seen from the figure below, in the Ethereum ecosystem, the bottom layer is the Ethereum virtual machine EVM. The middle layer is the programming language or script required to support application programming, such as Solidity, Python, Go, etc. The top layer is various applications written in languages ​​such as Solidity. For example, The DAO is an Ethereum application. This architecture is analogous to the IT ecosystem we are familiar with now. The bottom layer is the various operating systems that people are familiar with, such as Windows, Linux, UNIX, etc. For example, if it is a mobile phone ecosystem, it corresponds to Apple's IOS and Android's Android system. The middle layer is a variety of programming languages, such as Java, C++, Python, etc. The top layer is various applications, such as Taobao, WeChat, etc.

With this hierarchical division, it is easy to see where the problem actually occurred. In fact, there is no necessary connection between the theft of The DAO and Ethereum EVM. It is like, when there is a security problem when using Taobao or WeChat, such as an inexplicable crash, we cannot necessarily blame it directly on Windows or IOS. Of course, due to the vulnerabilities of the underlying system itself, it will also cause security problems in the upper-level applications. Fortunately, in the DAO incident, the security vulnerability did not appear in the underlying EVM, but a recursive call vulnerability based on the Solidity programming language. This is like a bug in the Java language, which caused the Taobao or WeChat program to crash. This security issue has nothing to do with Windows or IOS.

Conclusion

As we all know, we cannot stop the development of the automobile industry just because cars occasionally hit a few horses while driving on the road. This is the case with the progress of human society, and the same is true for the blockchain virtual world. Because we are exploring the future.

postscript

Coincidentally, I am not the only one who put Brexit and The DAO together. Everyone has talked about the same issue. This article does not go into too many technical details. I hope to give you an interpretation of "consensus, forks, decentralization and security" from a macro perspective. It is inevitable that some details have been simplified to facilitate understanding. Please criticize and correct me.

References:

1. [Full Record] A full review of the DAO hacking incident that shocked the world
2. [ChinaLedger Release] Investigation Report on TheDAO Attack
3. Summary of The DAO contract attack information
4. The DAO can be stolen; wait for the hero to come? Thoughts after the “white hat attack”
5. To Be Or Not To Be — After TheDAO Incident
6. DAO can be stolen, but it is not the right way - Now You See Me and Ethereum compete for the largest crowdfunding in history
7. The DAO attack not only threatens Ethereum, but also the R3 blockchain alliance
8. Live report from the blockchain summit: Ethereum developers: DAO itself has problems and Ethereum cannot eliminate such bugs
9. The rule of law is fundamental to saving DAO
10. Circle: TheDAO incident proves that Ethereum is still in the 'product testing phase'
11. [Digital Currency] The DAO incident, a storm on the journey of blockchain
12. DAO Wars: Miners, please choose
13. Cryptape | 2. Consensus algorithm, the engine of blockchain
14. Call for a temporary suspension of the DAO (in Chinese and English)
15. Exclusive interview with Bloq CEO Jeff Garzik: Greed is the cause of The DAO tragedy