The Ethereum (ETH) network was not really rolled back after the DAO hack, explained the project’s co-founder, Vitalik Buterin. Instead, the record was altered in the state of the DAO.
The “Surgical Intervention” Did Not Roll Back General Transactions
Innocent users did not see any of their transactions invalidated and rolled back, explained Buterin. Instead, the intervention was “surgical” and only concerned the state of the DAO coins and tokens.
We haven't rolled back the chain. We've intervened in state. There's a difference; the former implies that innocent users' transactions that happened to be at the same time got rolled back with the DAO hacker, which did not happen.
— vitalik.eth (@VitalikButerin) October 28, 2019
The DAO hack happened in 2016 and affected the ICO smart contract. Through that faulty contract, the hacker could require the smart contract to give the deposited ETH back multiple times. In that manner, the hacker siphoned away 3.6 million ETH.
The Ethereum network was then altered to negate the results of the hack. This led to the forking of Ethereum Classic (ETC), where the coins stolen technically still belong to the hacker.
The DAO example has been talked about for years and is one of the credibility fault lines of Ethereum. The new explanation about the nature of the fix created further criticism, in which some comments saw a rollback as the fairer solution.
Immutability Matters May Affect Other Smart Contracts
The discussion about immutability arrives as the Ethereum network is now loaded up with multiple highly active smart contracts. The contracts for decentralized finance are especially salient, as they lock up significant funds in ETH, and soon, other assets.
In the case of Maker DAO, a recent exploit was discovered that could have allowed a hacker to steal the collateral. The exploit was fixed, but there are many other smart contracts in operation now. Most organizations try to audit and error-proof the contract, but there is still the possibility of losses.
Buterin also asked the crypto community for feedback on potential future interventions, and the response was that there should be no more bailouts.
Suppose a popular smart contract wallet that a large portion of the ETH community uses gets hacked. This could be reverted by reverting all chain activity since the hack and doing a DAO-style HF to recover the funds. How much ETH must be at stake for you to support this?
— vitalik.eth (@VitalikButerin) October 25, 2019
In the interim, Ethereum-based projects have encountered multiple smart contract flaws. Perhaps the most dramatic one was the Polkadot ICO, which saw its funds frozen on the Parity multi-sig wallet. The contract was “suicided” by an amateur sending out commands and freezing hundreds of thousands of ETH. Other exploits affected Bancor with unauthorized withdrawals.
Some startups can manage their own tokens and actually roll back the exploit. Others freeze and re-issue tokens. While the Ethereum community will not approve of centralized control, it is up to separate projects to repair the damage. Some choose to control their tokens with a form of centralized issuance and freezing.
What do you think about Ethereum’s claim to immutability? Share your thoughts in the comments section below!
Images via Shutterstock, Twitter: @VitalikButerin