Ethereum's new vulnerability can prevent soft forks, is a hard fork inevitable?

Since TheDAO was attacked, the Ethereum development community has been looking for ways to recover investors' lost funds. Although the Ethereum Foundation recently released a soft fork solution, as this solution was also found to have vulnerabilities, there are not many options left for the Ethereum community.

It turns out that the soft fork would blacklist addresses holding the stolen ether, thereby preventing them from making any transactions, but in fact it exposed a previously undetected attack vector.

In a post on the Ethereum Foundation blog, developer Felix Lange explained that the vulnerability would slow down mining and also prevent legitimate transactions from being processed.

Lange wrote:

“We are considering all possible options. The Ethereum community can avoid all negative outcomes by voting against the soft fork until a better solution is found.”

The DAO project was launched earlier this year as the first large-scale distributed autonomous organization (DAO) with a leaderless governance structure designed to allocate investor-contributed ether to new Ethereum projects.

Shortly after raising more than $150 million worth of Ether, The DAO suffered a vulnerability and was hacked, with nearly 3.6 million Ether transferred to a Child DAO and controlled by the attacker.

However, according to the DAO’s code rules, it is generally believed that the attacker will not be able to access the siphoned funds until July 14. However, Lange also stated in the blog:

“There are no immediate emergency measures to prevent the attacker from trading on July 14th, and further options are currently under discussion.”

Currently, Ethereum miners are voting on the soft fork patch, and the results are expected to be announced on Thursday. Once passed, the soft fork plan will be implemented.

A fork in the road

Although Langer proposed two workarounds for this soft fork vulnerability, Ethereum distributed application developer Fabian Vogelsteller was not very optimistic about this on Twitter.

Vogelsteller wrote:

“Given that soft forks are vulnerable to attack, that leaves us with only two options: a hard fork that only affects The DAO or doing nothing.”

A so-called hard fork, which essentially rolls back the ethereum blockchain to eliminate transactions, has been a hotly debated option among ethereum community members, who worry that it would undermine confidence in the network’s reliability.

Do nothing - This option is equally controversial because it would benefit the attackers who exploited The DAO code to move funds, but would come at the expense of more than 23,000 DAO token holders.