Expert: The DAO Was Exploited, Not Hacked, Ethereum Should Do Nothing
Covertress, founder of Krypton, says that in order to keep credibility, Ethereum should do nothing about the DAO ‘hack.’
Since the June 17 attack on The DAO, there have been several opinions as to what should be the best action to be taken by the owners of Ethereum. Covertress, founder of Krypton, offers Cointelegraph her analysis of the attack and its fallout. Her conclusion ran against many opinions: in order to keep credibility, Ethereum should do nothing.
On Friday a $60 million theft occurred in The DAO, an automated venture capital fund and side code to the Ethereum Blockchain. The smart contract code in question worked as programmed.
In what has been characterized as ‘living the movie as it happens,’ the ‘DAO hack’ has not only affected investors but has also raised fundamental questions of exactly how Blockchains should operate.
The DAO was merely exploited
Covertress clarifies that what occurred was not a 'hack,' but merely an exploit, a way of making the code behave in an unexpected fashion. She also makes reference to William Mougayar’s description of ‘a thief with access to an open door.’
Another example mentioned by Covertress was Andreas Antonopoulos’ assertion in ‘Mastering Bitcoin': Not if you first signed a contract that said ‘the door determines all terms of access and ownership’ before leaving it open.
The whole plot revolves around the smart contract code which allowed ETH funds invested in The DAO to be diverted into a ‘child DAO.’ A scenario that is well explained by Philip Daian in his report, ‘Chasing the DAO Attacker’s Wake.
Covertress explains that to fix the prevailing DAO attack problem, three solutions have been proposed:
- Hard-fork: A hard-fork of Ethereum could be employed to rollback the Ethereum Blockchain to a time before ‘the attack.’
- Soft-fork: By censoring or ignoring instances of the address of ‘the attacker,’ a soft-fork could be used to reclaim the lost funds.
- An expensive lesson: Nothing could be done and the funds could remain lost.
In options 1 and 2, Covertress says that Ethereum must convince a majority of miners to go along with the proposed fix by downloading and running the modified code used when they process transactions.
A bitter pill that may have to be swallowed
Covertress concluded by saying:
“Though Ethereum has not decided which route to take, most stakeholders believe they know how this movie will end. Unless it does nothing and allows the funds to remain diverted, Ethereum will suffer a loss of credibility by effectively bailing out DAO investors and reversing what was billed as unstoppable code. And that sounds too much like the bank bailouts that Blockchain technology was in part designed to guard against. Where's Superman when we need him?”
By the way, Ethereum has chosen option 2, a soft-fork. The proposed solution is to freeze all the transactions trying to move any funds from the DAO or the child DAOs.
“Mr. Smith: You think this story's gonna have a happy ending?
Mrs. Smith: Happy endings are just stories that haven't ended yet.
Mr. & Mrs. Smith (2005).”