DAO Hacker Wanted to Destroy Ethereum Ecosystem

in #ethereum8 years ago (edited)

"Enemy Situtation" is a major component in all military planning. It requires getting into the mind of the enemy and playing out their moves based on objective facts available. While this topic has been talked to death and momentum has already seemed to take hold towards a hard fork, I hope to make a few additional observations that I haven't seen explained extensively and hopefully add to the discussion for theDAO attack and similar situations in the future.

Attacker Intent

Given that the attacker did not seek to negotiate, or even engage in verifiable communication with the Ethereum community or developers, it is safe to assume that their actions were malicious in nature. The chaos that resulted in the attacks obviously led to enormous losses in the value of Ethereum, but also in many other crypto markets, including Bitcoin. A few large shorts placed in advance would have generated tremendous gains.


Comparison of market behaviors in BTC and ETH during the attack

On the bright side, this malice makes deciding on a response much less complex. As of this writing, there is no ambiguity or grey areas as to the intent of the attacker, therefore (it appears) the Ethereum community and ecosystem are acting rationally by disregarding the attacker in the options being constructed.

Had the attacker offered terms of a negotiation, such as an 'industry standard' percentage/payment in ETH for red-teaming the contract, it would have been a much more complicated discussion. Since this isn't the case, motive and intent are far more clear.

Legitimacy

One of the most common 'anti-fork arguments' is more of a deflection. 'Since the code is law, the contract was just being executed and whatever happens should stand.' While on the surface, I agree with this sentiment, it is based on a false premise that can be objectively dismantled quickly.

For the splitDAO() function to be properly executed, the contract must 'burn' DAO tokens in order to receive any amount of ETH in exchange based on the split ratio. This specification not only acts as the basis of value for the DAO tokens, but it also acts as the accounting ledger within the contract.

If you don't burn the tokens, you don't get the ETH. This did not happen with the DAO attacker.

Since the attacker DID NOT burn the required ~364m DAO tokens in order for their contract to receive the ETH that it did, any arguments of the code behaving as expected/intended/required falls flat on its face. From a business law perspective, a contract with a gigantic material element failing to be observed and executed would simply be unenforceable and no sane judge or jury would disagree.

Simple Rebuttal: A MATERIAL ELEMENT of the contract (burning tokens to split) was intentionally ignored by a member of theDAO general partnership at the expense of the other members.

Immutability

This likelihood of a hard fork was certainly considered in advance by the attackers, at least as a contingency, which leaves two motives from my analysis: financial gain through massive shorts, and/or forced hard-fork with the desire/belief/hope that it would destroy the Ethereum ecosystem. The hard-fork, which is an expectation held by a number of people commenting on this topic, particularly those of the 'Bitcoin Maximalist' variety, will undoubtedly be tested. The market does not seem to agree with this assessment.

A hard-fork that 'erases' any connective tissues of outgoing transactions from theDAO contract address after the Creation Phase and prior to the hard-fork seems, to my novice programmer mind, to be the most elegant method of correcting the fundamental accounting error in both theDAO ledger and the Ethereum ledger.

A hard fork to change theDAO contract won't change past market fluctuations, nor should it. Attempting to correct the market is a bailout. Correcting an accounting error after the fact is something that couldn't be done in the real world prior the blockchain entered the scene.

One common argument against any fork of theDAO of 'code is the law'. I agree with this sentiment. The Ethereum ecosystem has jurisdiction over this incident and hard-forks are allowed based on the code. Coding a hard fork is just as valid of a coding argument as saying 'the code is law'.

Value Proposition

The value proposition of Bitcoin is not directly equivalent to the Ethereum value proposition. While I appreciate and agree with the reasoned arguments against a hard fork, I distrust any anti-fork arguments that do not appreciate the arguments for a fork. Based on my observations of this debate, the more vocally opposed and 'good vs. evil', the more likely that individual desires the destruction of the Ethereum ecosystem.

As many of the Ethereum developers have said, 'lets get the hard fork completed so we can get back to building things'. The sooner this happens, the sooner Bitcoin and other cryptocurrencies can benefit from increased interest in Ethereum as it was prior to this attack.

Sort:  

Interesting.. this got flagged / downvoted.

Not sure we can draw any specific conclusion about motivation - since there is little to go on. Isn't the obvious motivation of stealing millions pretty much enough on its own? Get rich quick overnight is a temptation that would have been enough to overcome the scruples of even the more dedicated fan of ethereum. If cheating once, with a fair chance of never being caught, could make you rich, many people would take it.

I am happy to see that ethereum folks - I have no involvement - were able to put aside various appeals to some vague ideological purity, and fight off the attacker. The ethereum community, like the US constitution, is not intended to be a suicide pact.

Following up on that thought, there are many lessons to be drawn about how to improve the design of any virtual currency. The Founding Fathers too created a virtual currency, that depended on a mechanism that did not require a central all-powerful rules, where the community has acted to protect itself and keep on growing.

Yes, freedom is key. But cooperation, and reasonable mechanisms of self-protection are necessary too. Valuable lessons for designing better and better mechanisms for cooperative networks that empower each of us, and empower freedom.

Great post ty.

Very well stated.

Could it be the fiat central bank behind this attack?

Theoretically speaking it is indeed possible. The presumption is somewhat plausible. However I wouldn't say it is the case. IMHO, the intended purpose for the attack was to ensure some short positions to close favourably. That's my assumption at least...

Sorry, but I disagree with part of your argument. Yes, the splitDAO() was MEANT to behave as you described but we, the investors, overlooked a flaw in the implementation. The fact that we approved the code as it is means that we accepted any flaws in its implementation, including this exploit. The hacker ran the software as-it-was-written, which is very different than how it was intended to be written.

It's important to recognize the difference.

You're ignoring my fundamental argument: the DAO tokens were not burnt and that changes the ledger of DAO Tokens vs ETH. There are currently far more tokens in existence than both the DAO contract and the Ethereum platform expect. The ledger of ETH vs DAO Tokens is unbalanced. What would happen if all the token holders tried to split? Eventually there would be DAO tokens but no ETH in the contract. Its an accounting problem as much as it is anything else. Smart contracts imply balanced ledgers of value. Without that, what value do they provide?

If the community accepted your argument, which the apparent majority does not at all, the value of these DAO tokens are truly meaningless, as are the Ethereum tokens they are tied to. Toxic assets. If the community does not enforce balanced ledgers, the Ethereum EVM ceases to be a ledger of value. Erasing the ETH disbursements that should have never occurred in the first place is the optimal solution at this point since the attacker offers no negotiation.

Great post and it's made me understand it a bit more; I'd love to hear your thoughts on the fact that the vulnerability was announced and the DAO was still launched.

CG

Glad I could help.

Well, that bothered me a bit as well.. it was announced right before the creation phase ended. It wasn't until the first splits were approved that the exploit could have been executed, so that forced the timeline.

So, it wasn't until after the creation phase started that the vulnerability was made known to the public. I would guess that is a thread to pull at, but I don't have enough information to go off of there.

Yeah seems to a noob like me, that the whole thing should have been put on hold till they were certain it had been fixed.

But what do I know, right?

CG

The irony is in the picture for the article of the Joker burning all the cash. Do we still live in an age where people believe that stealing millions of bank vault cash and destroying it has any effect at all on the economy? How quaint.

My focus was more on the Joker wanting to watch the world burn... but to your point, yes... just not me.

Correcting an accounting error after the fact is something that couldn't be done in the real world prior the blockchain entered the scene.

Unilaterally false. Correcting accounting errors happen all the time, and its difficulty does not stem from any technological barriers, it is strictly due to the fact that in the current banking system, everyone has their own ledger, and because it is decentralized (you sense the irony here?) to this level having everyone roll back changes requires a lot of coordination. It certainly can be done, and has been done. Blockchain did nothing miraculous here save from using one ledger database, and thus making widespread roll backs of transactions easier.

For the splitDAO() function to be properly executed, the contract must 'burn' DAO tokens in order to receive any amount of ETH in exchange based on the split ratio.

What part of the code or terms & conditions implies this 'must'?

Your argumentation basically boils down to this: the hard fork will be done because it can be done.

For me it looks like this: the Ethereum community is free to do whatever they want with their ledger, just as the outside world is free not to treat this ledger seriously any more.

Hey @millsdmb -- if you're going to downvote all of my comments out of visibility, at least have the spine to challenge my arguments

Margin trading.

Hi - let me invite you to ethereum 2020 community based price estimation

https://steemit.com/ethereum/@digitalplayer/ethereum-price-prediction-2020

You put forward a well reasoned argument, thank you.

lol too much text to say nothing

If you wanted the TL;DR version, I made the important words in bold.

Thanks for contributing nothing to the conversation.