[Full Record] A full review of the DAO hacking incident that shocked the world

Baozou Shiguan : This article is an introduction to The DAO incident for journalists, including some basic knowledge of the technology, the whole story of the incident, potential solutions, community comments, and the subsequent impact of the incident, etc. This article can help journalists understand The DAO incident correctly, which is very important.

Translation: spring_zqy

What journalists need to know about The DAO hack

Basic Concepts

The Ethereum network is a network of computers running the Ethereum blockchain. The blockchain allows people to exchange tokens of value, called ether, a cryptocurrency that is now second only to Bitcoin in popularity. Ethereum also allows people to write inputs to the network's smart contracts - universal code that is executed on every computer on the network (currently there are more than 6,000 computers). People then run the programs by sending ether.

DAO is a decentralized autonomous organization. Its purpose is to write code for organizational rules and decision-making bodies, thereby eliminating the need for written documents and reducing the number of managers, thereby creating a decentralized management structure.

Here’s how it works:

A group of people write the smart contracts (programs) that run the organization

There is an initial fundraising phase, where people add money to buy tokens that represent ownership of the token — a process called a crowdsale, or an Initial Coin Offering (ICO) — to provide it with the resources it needs.

When the funding phase is over, the DAO begins to operate.

People then began to make suggestions to the DAO on how to use the money, and members who bought into the DAO were eligible to vote on these proposals.

One thing we need to know is that a lot of people are concerned about not making these tokens into shares - it's more like people contributing to get voting rights than ownership. In most cases, the DAO is not owned by someone - it's just a piece of software running on the Ethereum network. The original DAO was Bitcoin, which was controlled by the consensus of the core team and the network of miners. Other DAOs have been launched on the Ethereum platform.

“THE DAO” is the name of a specific DAO organization conceived by the team behind German startup Slock.it — a company focused on “smart locks” that allow people to exchange things (tickets, boats, apartments, etc.) in a decentralized version of Airbnb.

The DAO project started on April 30, 2016, with a funding window open for 28 days.

For whatever reason, The DAO became a huge hit, raising more than $100 million by May 15, and by the end of the funding period, more than 11,000 enthusiastic members had participated, raising $150 million, making it the largest crowdfunding project in history. The DAO raised far more money than its creators had expected.

It can be said that their marketing strategy was better than their execution, because during the crowdsale, there were concerns that their code was vulnerable to attacks.

After the crowdsale phase ended, most of the discussion was about solving the system flaws before starting to fund the proposed projects. In particular, Stephan, one of the founders of THE DAO,

Tual announced on June 12 that they had discovered a “recursive call vulnerability” in the software, but that there was no risk to DAO funds.

At the time, more than 50 project proposals were awaiting voting by THE DAO token holders.

It is important to reiterate that the Ethereum network has not had this kind of vulnerability before and has been operating well throughout. All network systems are subject to various attacks. The Ethereum network, which supports more than $1 billion worth of Ether (based on market capitalization), has not been hacked yet and it is also running many other smart contracts.

Everyone who writes smart contracts knows that if a system can transfer large amounts of cash, it can be attacked. This problem was recently discovered in another system called Maker DAO, but it was quickly suppressed because DAO was still in the testing phase.

Many people believe that testing and validating smart contracts will be an important part of securing the Ethereum ecosystem. You can find a number of smart contract validation services at DecentralStation.com.

Hacker Attacks

Unfortunately, while programmers were fixing this and other issues, an unknown hacker began using the method to collect Ether proceeds from THE DAO’s token sale.

On Saturday, June 18, the hacker managed to mine over 3.6 million ether and put it into a DAO sub-organization that had the same structure as THE DAO. The price of ether fell from over $20 to below $13. Many people are trying to secede from THE DAO to prevent the theft of ether, but they can't get the votes they need in the short term. Because the designers never thought the amount would be so large and all the ether was stored in a single address (which is too bad), we believe that the hacker will stop the attack after hearing about the fork proposal (see below for details). In fact, this or other similar attacks may continue at any time.

Smart contracts are intended to be independent agreements - not regulated by any external entity or jurisdiction. The code itself is the arbiter of the final transaction execution. But of course, this is also an ideal idea (i.e. crypto anarchism).

Even before the attack began, many lawyers expressed concerns about the DAO project, believing that it exceeded the limits of crowdfunding and touched upon securities laws in several countries. Lawyers also pointed out that its founders should bear any possible liability, and several lawyers also said that DAO token holders should also bear some responsibility, which they may not realize. THE DAO is in a legal and regulatory gray area.

Because the DAO sub-organization (hereinafter referred to as the "sub-DAO") has the same structure, limitations and defects as its parent organization, the Ether in this new organization cannot be withdrawn within 28 days, because 28 days is its initial financing period.

Everyone can see the ether in the child DAO - any attempt to cash it out will trigger an alert and investigation. This means that the hacker will never be able to withdraw or spend any of the ether.

It is very likely that the attacker had a large amount of Ethereum shorts when launching the attack - cashing out after the halving of the number of Ethereum. In other words, the hacker has already made money from it, so he doesn't care about the Ethereum in the child DAO.

The Ethereum Foundation could make some moves that would make the ether in the DAO invalid. That would complicate things.

Soft Fork Proposal

The DAO holds nearly 15% of all Ether, so the DAO’s problems have had a negative impact on the Ethereum network and its cryptocurrency.

It’s important to note that there are dozens of startups working on DAOs and their governance products, that many smart contracts have similar flaws, and that building complex software with smart contracts is still in its infancy. Everyone has their own share of risk for what happens next.

All eyes are now on THE DAO and the Ethereum Foundation, hoping for a solution that will get the ecosystem back on track.

To understand the following questions, you need to understand the basics of blockchain: a network of nodes enters transactions into blocks, which are then linked into a single chain that represents the "truth" of what happened. If two competing transactions are started at the same time, the network will choose one and reject the other to resolve the conflict, so that all nodes have the same copy of the entire distributed ledger.

The only way to "rewrite history" is to get more than 51% of the nodes to agree on this decision - this problem has never occurred before in Bitcoin or Ethereum. The goal of a decentralized network is that no one has the power to do this, otherwise the network itself will become untrustworthy.

On June 17, Vitalik Buterin of the Ethereum Foundation updated an important report, saying that DAO was under attack, but he had developed a solution:

Now a software fork solution has been proposed (no reversal, i.e. no transaction or block can be “reversed”) whereby any transaction that calls code or delegates calls to reduce account balances with code hash 0x7278d050619a624f84f51987149ddb439cdaadfba5966f7cfaea7ad44340a4ba (i.e. DAO and sub-DAOs) will be considered invalid…

Vitalik Buterin

Buterin specifically said that he was not talking about rewriting any blocks, he was just going to put a “switch” on the base Ethereum code to prevent any ether from leaving The DAO and its sub-DAOs.

This one-time fix (also known as a “fork”) is very effective, as it can permanently lock all the Ethereum involved in this incident into this address.

Buterin continued:

“Miners and mining pools should restore transactions to normal, wait for the soft fork code, and be ready to download and run it if they agree with the next step of the Ethereum ecosystem. DAO token holders and Ethereum users should work together and remain calm. Exchanges should feel safe after Ethereum trading is restored.”

In other words, the Ethereum code would create a blacklist to prevent bad actors from profiting from it. In this “frozen assets” scenario, Buterin called for discussions on how to help DAO token holders recover their original investment.

This seemingly harmless and potentially life-saving proposal—which would require the acceptance of a majority of Ethereum network nodes to work—has already caused a huge controversy.

The hackers responded—but were they really hackers?

I thought of the attacker as a lone man, even though I wasn't sure at all whether it was just one person or many.

What follows is quite interesting. In an open letter to THE DAO and the Ethereum community, the (alleged) attacker claims that his “reward” is legitimate and that he is prepared to take legal action if anyone tries to disregard his work. It has also been pointed out that the cryptographic signature in this message is invalid — possibly forged.

But it’s clear, and from a certain perspective, it resonates: the premise of smart contracts is that they are their own arbitrators, and no other external node can “change the rules of this transaction.”

Afterwards, the attacker said through an intermediary that he would suspend the organized theft of his property and reward miners (nodes) who did not support the soft fork proposal, saying:

“Soon we will have a smart contract that will reward miners, reward those who oppose the soft fork and mine it. A total of 1 million ether and 100 bitcoins will be shared among miners.”

Clearly, this is a complex dynamic system.

None of this information from the "attackers" has been verified, so we'll have to wait and see.

Hard Fork Proposal

Another proposal that has also sparked debate is to require miners to completely undo the theft and return all of THE DAO’s ether, which would automatically be returned to token holders, thereby ending THE DAO project.

Stephan Tual

As Stephan Tual writes in his blog…

“At 4pm local time, the consensus was that if the soft fork was used for 27 days, the attacker would not be able to recover the funds he had put into the child DAO.

A hard fork could then even recover all the ether, including the DAO's 'extra balance' and the stolen funds, back to the smart contract. This smart contract would contain a simple function: withdraw().

This way everyone who has participated in the DAO has the possibility to withdraw their funds: thanks to the support of the miners, no coins have been spent and no losses will occur.”

This has the effect of rewriting the rules by which blockchains are executed, which is something that should never be done. Do we really want to temporarily change this rule to get the Ethereum project back on track?

If we succeed, the people at Slock.it and most of the DAO token holders will be grateful to us.

Response to Soft Forks

On its own, the proposal makes sense - it's a one-time fix for a one-time problem - but many people don't see it that way.

You can see the various responses on Reddit, I tried to summarize them:

The credibility of the Internet is sacred.

Someone on Reddit said:

“It was a mistake for the Ethereum Foundation to get involved in the DAO project. I think Ethereum should provide infrastructure to select successful projects and experiments, and in turn, they need a strong foundation and be open to challenges in order to succeed. The compromise of the hard fork proposal undermines this openness and means that the DAO project will in turn affect its own infrastructure. For me, this is completely unacceptable and violates the principles of Ethereum that attracted me.”

A hard fork is a valid option, but it is intended for situations where urgent changes are needed to the Ethereum protocol itself, rather than other projects that utilize the Ethereum platform.

The Ethereum Foundation has been involved and promoted THE DAO project, this whole thing is a mistake and it will only damage people's trust in Ethereum as an infrastructure for other projects.

I hope they can correct this mistake.

Others also said:

“I made a bad decision in the first few days and I lost 20,000 ethers. Can you give me back those too? Thanks in advance!”

at last:

“Ethereum has been working as intended. I don’t think they should update the software if it works now. You can imagine the risk to your investment. If you don’t know what your investment is, you are exposed to unknown risks. Anything else would be a form of assistance from a central authority, in contrast to the crypto world. Similarly, this is why Lehman Brothers failed - because transactions are transactions, and if you change the rules for certain participants, then other participants will also want special treatment.”

The project is too big to fail

A month after Lehman Brothers, other banks were getting special treatment, and you can decide for yourself whether that was a good thing or not — it’s similar to where we are now. THE DAO is not an island.

This project is too big and it cannot have any problems. This is one of the views of the Ethereum ecosystem. You may have noticed that several people in the Ethereum Foundation are DAO token owners and advisors to THE DAO project. Even Gavin Wood, one of the original founders of Ethereum, supported this fork in his blog.

Gavin Wood

In his view, it is very likely that other large projects will need to be rescued, and the Ethereum Foundation has encountered precedents before, and may need to ask miners to rewrite history again. Obviously, this is very similar to bank bailouts: banks take a lot of risks in the hope of large returns, and when these transactions go wrong, taxpayers will "save" them (except for possible Lehman Brothers). Generally speaking, this asymmetry of risk is not a good way to incentivize market participants.

These are two extremes, but most people would lean toward one of these two options. Legal experts would do the same, not to mention taxpayers.

The above discussion assumes that we are in a vacuum, an unregulated space in crypto where the law doesn’t apply. But people are investing real money, so real laws can and will apply in this case.

In fact, all parties involved here may have legal claims, but it may take several years to resolve them in courts around the world.

Who will take the risk?

While they were careful not to create any securities and made sure people knew the risks, they could still be held liable. If DAO token holders lost their $150 million investment, there could be a class action lawsuit against the founders.

Other DAOs

Some people have used the code of The DAO smart contract to implement other DAOs without any changes. In the event of a hard fork, any DAO derivatives that use The DAO 1.0 smart contract code will have their ether seized to a refund address and distributed among DAO token holders. In this way, DAO token holders may receive more ether than they invested. This may anger those who were involved in The DAO.

People who invested money in the DAO, a derivative of the DAO 1.0 code.

Token Holders

As investors, in the absence of corporate protection, all 11,000+ DAO token holders could be considered general partners in the fund. In this case, the attacker could file a lawsuit in the DAO token holders’ respective jurisdictions, stating that they represent an entity that has frozen the attacker’s legal assets.

Exchanges

Soon after the initial crowdfunding phase ended, several cryptocurrency exchanges began trading DAO tokens. Anyone who bought DAO tokens from an exchange could potentially sue the exchange for selling a defective investment. The implications could be huge — a violation of securities laws, or simply being held liable for the profits they made from those tokens.

Given that some exchanges have a lot of cash sitting around, these exchanges will likely be the first targets.

Ethereum Foundation

The Ethereum Foundation has a lot at stake here. They want the network to be strong, to support billions of dollars of commerce, and to be the “operating system of the future.” But now they face a difficult dilemma: if they do nothing, Ethereum will take a hit that could take years to recover from; if they intervene, they’ll set a dangerous precedent that undermines the social contract they’ve established with a network of independent nodes.

They did not design the Ethereum network to act as judge and jury when one or more parties are harmed.

Miners and Nodes

The 6,000+ Ethereum nodes would likely be held accountable for any forks they vote on.

If the attacker can be seen as having gained his ether as a result of a smart contract “feature”, then he can (and has threatened to) sue any miners who want to take away what he considers to be his legal entitlement. He can also sue the Ethereum Foundation if it wrote the software that executed the fork.

On the other hand, DAO token holders can also sue nodes that do not vote for the fork, claiming that they are not doing the right thing. On the other hand, those who run nodes like money, and they may get money from the "attacker" to not fork. Government intervention is entirely possible, and it is also possible to bring major changes to the governance mechanism of the Ethereum system.

Attacker

This attacker may have made a small fortune by manipulating the market - something that is illegal in many jurisdictions. He will also have tax liabilities. Finding his identity and exposing him clearly meets the needs of the community.

There may now be enough information to identify him - it's just a matter of when.

Aftermath

It now appears that The DAO will die and DAO token holders will receive somewhere between 0-100% of the ether they invested.

Now it can be assumed that the Slock.it guys have been busy for a while, they may not be able to fund their project (I was told they have invested some of their own money into The DAO), and they have been in contact with lawyers for several months.

Vitalik can come up with a solution based on Ethereum, but the nodes have to make their own decisions. It is not clear what these nodes will choose. Many people say that "doing nothing may be the worst option." It depends on your position. No matter what you do, there may be sequelae.

There’s another wrinkle: the Ethereum Foundation is designing a new consensus mechanism called PoS (proof of stake), in which anyone who owns 14% of all ether will have significant control over the development of the blockchain.

In fact, Vitalik has asked each project to set a limit of around $10 million to control the impact of unknown errors.

It looks like there will likely be legal action. We could see a messy scenario with litigation lasting for years. Or, we could see a simpler and quicker ending where Ethereum continues to grow and the “attacker” disappears from view.

But I'd bet 5 ETH that the attacker will be found within 1-2 months. The letter and spirit of smart contracts is "smart contracts govern everything" and the rules of law don't apply - in this case, most people would like to see the trades reversed. I guess we'll probably see different rules of law applied here.

I’ll try to proceed from the facts, and I’ll now offer a simple option: What if the attacker simply bought a bunch of ether and agreed to work with The DAO’s team to return the money to all token holders and then completely decommission The DAO?

That way, the attacker will get some money, have made his point without involving lawyers, we’ll learn something in exchange, and the Ethereum Foundation can start planning for a more secure and viable future.

Summarize

I think we can see this as marking a new era for the Ethereum public blockchain.

While the agile approach of “ready, fire, aim” often works well for the development of new software, when $150 million is involved, such an approach can be dangerous.

Ethereum is marketed as a general purpose computing platform and a pioneer of new decentralized models for computing and society. We will see — perhaps sooner than we like — how these things play out in the real world.