The Seven Sins of the DAO
A new revelation about the DAO has come in from the publication Hacking, Distributed written by researchers and cryptographers Dino Mark, Vlad Zamfir, and Emin Gün Sirer. The three have written a 13-page paper describing potential attacks to the DAO ecosystem called “A Call for a Temporary Moratorium on The DAO.” So far the DAO has raised 12.07 million Ether equivalent to $132.32 million USD at the time of writing. The DAO pre-sale is officially closed. The project has so far been the largest crowdfund to date and holds roughly 14% of the Ether in existence. The researchers from Hacking, Distributed encourage the community to temporarily prohibit activity of the DAO until the updates can be made.
Also read: Ether to Blame for Bitcoin’s Decline?
Many Eyes Are Watching The DAO. Can It Succeed With These Transgressions?
The paper describes seven identified attacks on the DAO that can cause “honest investors” quite a bit of troublesome times and could “hijack” investments. The report states, “these concerns motivate a moratorium on funding proposals to prevent losses due to poor mechanism design.” Researchers give a background explanation of the DAO and how voting processes work within the Ethereum decentralized autonomous organization. Following this, the team then goes into the seven attacks that would make the DAO fail to operate the way it supposed to. This is the very basics of each attack as the whole paper can be read here. Hacking, Distributed latest revelation explains:
“We now describe why the current implementation of The DAO fails to uphold this principle.”
‘The Affirmative Bias, and the Disincentive to Vote No’
Currently, the DAO has a strong bias to vote “Yes” the researchers detail and votes of “No“ would be suppressed quite often. Those who vote “No” would have a hard time voting this way because they would need prior information that would yield negative criteria about funding a certain project.
‘The Stalking Attack’
Splitting from the DAO to redeem Ether due to its inherent nature of using sub-contacts to perform this action can cause stalkers. Users who want to exit become the sole investor and curator and then executes the contract to retrieve the funds. Because the action of the split is public knowledge via the blockchain, a “stalker” can pursue the splitter effectively blocking the withdrawal of funds.
‘The Ambush Attack’
In the Ambush attack, a large investor uses the “Yes” bias to their advantage. The user adds a large quantity of “Yes” votes to a proposal last minute to a project that fits their needs. Attacks done in this fashion would be extremely difficult to detect says the paper and “they leave little to no time for The DAO token holders to withdraw their funds.” The researchers detail one particular “whale’ who purchased 7.7% of the DAO, and this vector could easily be manipulated by that person.
‘The Token-Value Attack’
This attack is a traditional maneuver in cryptocurrency markets where large investors use bearish shorts with their holdings to cause the tokens market value to drop significantly. Large investors can cause a panic in the market by colluding with others to sell off in bulk and then scooping up the lowered priced tokens when it reaches a bottom. This rinse and repeat maneuver can enable an individual or group the ability to significantly obtain large quantities of voting power. The paper says it gets even worse as this attack can be melded together with the stalker attack as well. Hacking, Distributed paper states:
“Worse, since the existence of the stalker attack is now well-known, the attacker need not attack any real entity, but can instead create fictitious entities who post stories of being stalked in order to sow panic among The DAO investors.”
‘The extraBalance Attack’
Another maneuver where an attacker creates “scares” in the market causing shareholders to split from the DAO so the token value increases. Because the book value increases users cannot recover any extraBalance and as more users split, the unrecovered extraBalance is added to the total, and continually bolsters the value. This attack can also be coupled with the stalking attack.
‘The Split Majority Takeover Attack’
The DAO white paper explains how a typical “majority takeover” can be deterred by the introduction of curators. Yet the researchers explain it is not entirely clear how the curators can detect this action if it was made up of “a cartel of multiple entities, proposes not just a single proposal for 100% of the funds, but multiple different proposals.” In fact, the paper says this attack may be “indistinguishable” from investments that seem appealing to the majority.
‘The Concurrent Tie-Down Attack’
The paper describes how simultaneous proposals can cause undesirables within the nature of the DAO system. By blocking voters from splitting or transferring until the end of the voting period causes “trapped voter” shares in the DAO. He/She or a group can easily have an effect on the funds of trapped voters.
“This provides an attack amplification vector, where an attacker collects votes on a proposal with a long voting period, in effect trapping the voters’ shares in The DAO. She can then issue an attacking proposal with a much shorter voting period.”
The DAO makes the critical assumption that proposals are independent and not meant to be tethered together. However, the authors of the Moratorium report say it’s quite possible for many things to be mutual and collaborative by design. The paper states, “the nature of voting on proposals in The DAO provide no way for investors to express complex, dependent preferences.” This may cause different kinds of voting behaviors within the participants of the proposals but may not necessarily be an attack.
The paper reports there are potential fixes, but it should be dealt with immediately by the curators. The authors say these potential problems could lead to significant losses in investments, and the moratorium should be prioritized right away. Hacking, Distributed researchers state, “a moratorium would give The DAO time to make critical security upgrades. We encourage the community to adopt a moratorium until The DAO can be updated.”
A Security Gaurd for the DAO?
On May 27th the Slock.it team released a PDF called the “Slock.it UG Proposal #1, DAO Security” revealing the developers believe it is necessary to hire a human to protect the DAO from attack vectors. Developers say the DAO community has shown they would rather see a community-based security working group as opposed to one that is on call. The proposal calls for the “deployment of a single, full-time expert at the helm of this cell.” The cost of this person for year-round security is 8,000 ETH, with payment disbursals on a monthly basis and the transactions will work through an Ethereum smart contract. The code for the contract is already available for public view via Github. The proposal explains the full-time security guard’s duties stating:
“This person will act as first point of contact for security disclosures: Having an official first point of contact for the channeling of security concerns will help maintain a calm, level headed way of addressing such matters, while ensuring a swift, professional reaction. He will continuously monitor, preempt and avert any potential attack vectors The DAO may face, including social, technical and economic attacks. He will also help the community with analyzing major Proposals for attacks. This will include highlighting 51% attacks, mismatched bytecode, and social engineering/collusion attacks.”
All of this news has been seen as negative news concerning the DAO, and the community has been up in arms. People are not so sure about a human watchdog when the entire project is based on code. However, the recent PDF is just a proposal and may not come to fruition. Trading begins today on many exchanges and this will add another element to the whole picture and many will watch the market take over from here. Ethereum itself has taken a significant dive in value as the token value has price dipped to $11 USD per Ether which in turn has brought the DAO crowdfund appraisal down as well. Despite all the human opinions, the future will now decide the DAOs fate and you can guarantee the whole world will be watching.
What do you think about Hacking, Distributed’s analysis? What do you think about the full-time security guard proposal? Let us know in the comments below.
Images courtesy of Pixabay, and The DAO Hub