‘So-called DAO attacker’ emerges, offers to reward miners 1 million ether + 100 bitcoins to negate fork

A user calling himself 'daoattacker' went to the DAO slack channel and distributed 6.37 bitcoins to anyone who provided a bitcoin address.

I was preparing a post about the alleged announcement from theDAO attacker, so when I checked the slack channel, the bitcoins had just been distributed, but everyone was still posting their bitcoin addresses. I did not receive any bitcoins or other digital currency, nor did I publish my bitcoin address, but I did ask the alleged attacker a few questions. The following Q&A has been edited for cosmetic purposes only:

Andrew Quentson (AQ) : Hi, I am planning to write an article about your so-called pastebin. How do you prove that you are the hacker who attacked the DAO?

Daoattacker(DA): (1) I am not a hacker and have never hacked anything. (2) I am not an 'attacker', I am just their intermediary, the DAO incident was a team effort. (3) The purpose of this pastebin is to open a dialogue; soon we will build a smart contract to reward miners who oppose the soft fork and verify the transaction with a bonus of 1 million ether + 100 bitcoin.

AQ : When? A few hours? A few days?

DA : Sorry, there is no exact date yet. They need time to verify and make sure there are no defects.

DA : I saw your message in #general (AQ asks for a summary of what's going on)

That 6.37 bitcoin distribution is just a small demonstration of how money can go anywhere and people in the cryptocurrency community are only here for the profit. They don't care if they are receiving money from 'hackers'.

AQ : Some people have proposed a solution: you could take a portion of the DAO's lost funds and return the rest to the DAO, so that the DAO doesn't need to fork again. Do you want to have this kind of negotiation to end this incident?

DA : As far as we are concerned, everything is considered as long as it does not lead to forks.

AQ : I think I saw you say that Ethereum is a shitcoin. Are you disparaging Ethereum or is this just for the money? Is the motivation for this attack political or purely monetary?

What kind of offer would you give to the Ethereum community? For example, if you give it back, how much would it be?

DA : The people behind Ethereum are all scammers, for example, every insider (Adam Back, Gregory Maxwell) knows that proof of stake has no chance of working, but they still advertise it.

I don’t like Ethereum, I don’t like slock.it, but that’s not the point. Money talks, and even if I liked Ethereum, I would still do this.

Also, the refund will be made through a smart contract. I'm sorry that I can't give a specific amount. Even if I give it, there is no reason to believe that I am 'the attacker'.

AQ : There's a reason, okay, two, you claim you are this person and you've given out or claimed to have given out over 6 bitcoins, but it would be more helpful if you could provide some evidence for our readers.

DA : These reasons are not sufficient. Anyone with 6 bitcoins can do it. Shorting DAO/Ethereum is bound to make a lot of money.

AQ : Had you shorted The DAO before this attack?

DA : I won't make comments that will frame me, but markets are really just a place to trade information.

AQ : Do you think the attacker will accept 100,000 ether and return the rest if the community promises not to hard fork? Or if the attacker wants 1 million ether, how much ether would you accept from your perspective?

DA : I think they are looking for 1 million, and now they think there is a good chance that a 1 million ETH reward will make miners consider not agreeing to the fork out of interest.

AQ : Perhaps this requires contacting the mining pool operators. Because they know they will not be implicated?

DA : That’s the beauty of smart contracts. Forking requires action, and not forking is just inaction; they can plausibly deny it.

Not to mention they don’t have to accept it. Someone will get paid for calling the smart contract of the block. This call will pay the miner.

AQ : Did the team behind the attack on TheDAO also participate in previous attacks, especially MT Gox, or other exchanges? Is this the first time they have carried out such an attack?

If you don't want to answer, do you have some other general comments?

DA : Well, actually, the question is not inappropriate because no hacker will admit to previous attacks. The only people who admit to previous attacks are those who do it for attention, so the question is pretty meaningless.

But I do have a general comment. What everyone is hoping to understand right now is this: this pastebin has an unverified signature. I'm surprised this got so much attention, but I'm glad people caught on to the right information. As this pastebin came out, the DAO price dropped 10%. This is a lesson for the crypto community.

AQ : This signature is not verified, doesn't this mean that this pastebin is fake?

DA : Strictly speaking, this pastebin is fake and not signed by the attacker, but this does not mean that the information it conveys is fake or does not come from the attacker.

AQ : How was the attack carried out? Why did the amount of lost ether stop at 3.5 million?

DA: It's just a recursive call attack, which you already know, but the slock.it people didn't realize it was for separation. In layman's terms: Because of a feature of the DAO, it can send your ether before deducting the balance.

AQ : Why did it stop at 3.5 million?

DA : Vitalik is actually calling for a hard fork/rollback and he/the Ethereum Foundation seem serious about it. But I'm still not sure if he really supports a hard fork or is just saying this to stop hackers.

AQ : So, the attacker just stopped there? Did you hope that you could suck up all the remaining ether?

DA : Ethereum market size is not very large yet and there is not enough liquidity to withdraw more than 1 million ether. In any case, the real money (bitcoin) is made by shorting. When people started talking about the hard fork, the price of DAO started to rise and people started buying DAO because they thought they would be rescued. When the attack stopped, the price fell again.

AQ : If $50 million or more is frozen, don’t you think the entire digital currency space will be hit hard by this incident?

DA : $50 million is fine, remember Mt Gox? Bitcoinica? Pirateat40? But if more ether was taken from the DAO, then this could be a problem. The attackers didn't intend to take more ether, in fact, the Ethereum Foundation or someone else should follow up and transfer the remaining ether to their custody. DAO investors lost 30% of their profits due to their lack of due diligence. Ether was transferred from the failed DAO without a hard fork.

In 2011, Mt Gox was attacked and lost 400,000 Bitcoins, which accounted for 6% of the total supply of Bitcoin at the time. Bitcoin was still fine, wasn’t it?

AQ : At the time, everyone who had given up on Bitcoin thought it was insecure and vulnerable to attack. I think it took Bitcoin two years to recover from that incident. Don’t you think the same thing will happen to Bitcoin and Ethereum?

DA: The attacker will not take all 3.6 million ether. At least 1 million will be sent to miners, and anyone can become a miner.

This is speculation (since only 1 million ether was promised to be distributed to miners), but the carrot and stick make sense. Carrot: return some ether to the DAO to make those on the side of justice happy; stick: return some ether to miners if they disagree with the fork. So the final impact and the amount of ether lost will be much less than currently estimated, and Ethereum will definitely survive. After a thorough solution (non-fork), Ethereum can even thrive again. A fork will irreversibly damage Ethereum.

AQ : Return some to the miners. How much is this 'some'?

DA : The number I can give is 1 million Ethereum + 100 Bitcoin

AQ : Are you involved in Bitcoin or Ethereum? Have you contributed to their code or anything like that? What is your age group and what is your approximate address?

AQ : Also, do you have anything to say to everyone?

DA : I love Bitcoin and I love disrupting smart contracts.

DA : That’s exactly what I wanted to say.

DA : Actually, I have a misinformation that I want to correct. Bitcoin has never had a hard fork. The value overflow incident was solved by a soft fork. The levelDB problem in 2013 was solved without a fork. See here: https://www.reddit.com/r/Bitcoin/comments/2s2utx/the_hard_fork_missile_crisis/cnlqcd1