The DAO Hub had an unfortunate event during the evening of June 16th as an attacker drained the DAO for 3.53 million Ether finding a bug within the smart contract code. Now the crypto-community is up in arms debating “roll backs,” hard forks, and the very foundations of smart contracts in general.
Ethereum and DAO Developers Scramble to Fix the Mess
During an eventful June 16 or what some are calling the mark of the beast day (666) Ethereum’s large side project the DAO Hub was compromised for roughly $50 million USD worth of Ether. It seems a vector was found within the smart contract code where the attacker was siphoning Ether at $1 USD per second for quite some time. Following the announcement of the attack and those listening in on the slack channel cryptocurrency markets shuddered. Ethereum took the hardest dive losing nearly 25% of its value landing at roughly $15 USD per Ether but rebounded after an announcement from Inventor Vitalik Buterin. He states in the Ethereum Foundation blog:
“A software fork has been proposed, (with NO ROLLBACK; no transactions or blocks will be “reversed”) which will make any transactions that make any calls/callcodes/delegatecalls that reduce the balance of an account with code hash (ie. the DAO and children) lead to the transaction (not just the call, the transaction) being invalid, starting from block 1760000 (precise block number subject to change up until the point the code is released), preventing the ether from being withdrawn by the attacker past the 27-day window.This will provide plenty of time for discussion of potential further steps including to give token holders the ability to recover their ether.”
However, this blog post at one time said at the very end after the “27-day window” statement that, “This will later be followed up by a hard fork which will give token holders the ability to recover their ether” said Buterin. Since this morning, that specific sentence was deleted. This is probably due to certain developers within the Ethereum space vocally against a hard fork. Ethereum developer Alex Van de Sande said this is not the case via Twitter and there was contention on that particular sentence by members of the foundation. Despite this Buterin seems to be positive about forking the code in at least a “soft” manner to help the situation and he believes the community should decide. Buterin explains:
“Miners also have a choice in this regard in the pro-fork direction: ethcore’s Parity client has implemented a pull request for the soft fork already, and miners are free to download and run it. We need more client diversity in any case; that is how we secure the network’s ongoing decentralization, not by means of a centralized individual or company or foundation unilaterally deciding to adhere or not adhere to particular political principles.”
Amidst all the fighting Stephen Tual of the Slock.it team has told Coindesk its pretty much over saying, “is definitely going to close.” But some question whether or not he even has the power to override the system. Many in the cryptocurrency community have felt bad for the DAO and Ethereum camps with people like Andreas Antonopoulos, and Balaji S. Srinivasan showed their support. Srinivasan says, “Bitcoin has had many ups and downs. Innovation is hard. Extend hand to our friends if they stumble & help them succeed. It’s nonzero sum.” Other cryptocurrency communities like the Synereo team says this attack affects us all stating in their blog:
“Despite being a major ETH and DAO holder, a part of me does not believe a rollback should be performed. We wanted “unstoppable applications”? We got them.”
No one is sure what is going to happen at the moment and Ethereum markets have lost their mojo once again hitting another low of $14 USD per Ether. Both DAO holders and ETH holders seem to be at odds on what exactly to do. One thing is for sure is this experiment wasn’t just a play-toy as it held $160 million within its code. Emin Gün Sirer, a professor at Cornell, says he warned about the risks of the DAO a while ago with his “Call for a Temporary Moratorium on The DAO.” Gün Sirer believes the days of DAO’s and smart contracts are not over, and maybe this will make projects more resilient and better tested. The Cornell professor concludes his editorial that community members called the most logical write up on the story yet saying:
“Looking Forward. Smart contracts are and remain an incredibly exciting field. We have only begun to scratch the surface. There can be no birth without pain, no initial foray into the unknown without some setback. I believe that Ethereum overall will emerge from this in a few weeks, having been made much stronger as a result. It will have a newfound direction and charter that involves a slight pivot, away from ‘let’s get DApps at all costs, let’s make front-end programmers into smart contract writers,” towards “let’s build up the science of secure, smart contracts.’And that will make everything worth it.”
What do you think about the DAO attack? Let us know in the comments below.
Images courtesy of the Slock.it blog, Ethereum blog, DAO live feed, and Pixabay