Cybersecurity

Bot-Run Company of the Future Gets Hacked

A funny thing happened on the way to a post-capitalist, crypto-anarchist utopia.

|

Jens Kalaene/dpa/picture-alliance/Newscom

If you can't understand how a cutting-edge new investment platform works, it's probably a bad idea to put serious money (or a good portion of an infant cryptocurrency network) behind it. This is a lesson that backers and enthusiasts of the Ethereum platform and its pet project—a bot-run investment corporation known as The Decentralized Autonomous Organization (DAO)—had to learn the hard way recently.

In May, I discussed the development of this new "leaderless" investment corporation, which was purported to be "bound by code"—i.e. run by a bot—and supposed to operate as an automated crowdfunding and profit-sharing venture that obviated the need for human administration. Since its creation on April 30, The DAO raised $150 million in investment on the trendy Ethereum smart-contract platform and plenty of positive press in the weeks leading up to its maiden IPO.

There was just one big problem: The code was broken, and The DAO got hacked.

Bound by Code

The DAO was conceptualized as a kind of decentralized venture-capital fund that could not be controlled by any one person or group. People who wanted to invest in The DAO could purchase "DAO tokens" using Ether (ETH), the native cryptocurrency of the Ethereum platform.

With DAO tokens, people could then vote to invest in a number of pre-approved, startup-like projects proposed by entrepreneurs The DAO called "contractors." If a project got enough votes, it would be green-lit and the funds immediately distributed. If the startup began to rake in money, the profits would be dispersed among token holders. If, however, a project started hemorrhaging money, token holders would just have to take that hit.

The core innovation of The DAO was that all of these operations were to occur autonomously, facilitated by code rather than fund managers and administrators. In technical terms, The DAO was designed as a kind of "smart contract," a digitized system set up in such a way that breaches of contract are expensive or impossible. There would be no Kickstarter administrator or venture capital general partner that would be capable of censoring or overriding decisions. As The DAO developer Stephen Tual told the Wall Street Journal on May 16, the project was "not bound by terms of law and jurisdiction. It's bound by code." At least, this was the theory.

Ack! A Hack!

But a funny thing happened on the way to a post-capitalist crypto-anarchist utopia.

Amid the fawning press and general euphoria imbuing The DAO community, a group of security researchers led by Cornell University's Emin Gün Sirer published a May white paper sounding the alarm about many troubling vulnerabilities present in The DAO's code. The researchers noted a number of mechanism design weaknesses that could promote sub-optimal voting behavior among token holders or even outright theft of funds. The DAO developers did issue some patches to smooth everything over—but it was too little, too late. The DAO proceeded along its original deployment timeline, warts and all.

This rush to release proved fatal for the project.

On the morning of June 17, startled token-holders logged online to learn that The DAO was being rapidly drained of its funds. Just as Sirer and his associates warned, an attacker had exploited a vulnerability in The DAO's "split function," which allowed the hacker to drain Ether multiple times during the course of one transaction. Panic struck the community as ETH trickled into the attacker's clutches without pause. The price of ETH tumbled. Panicked token-holders took to the forums to demand answers and quick action from developers of Ethereum and The DAO.

In the course of one fateful day, The DAO went from a "new paradigm in economic cooperation" to yet another punchline in the wild world of cryptocurrency.

So Much for "Code Is Law"

In the aftermath of the hack, the high-tech sloganeering used to market The DAO proved little more than pretty words.

In good times, THE DAO developers never tired of extolling that "code is law" and mere mortals could never deign to intervene in their ironclad system design. The DAO's initial terms and disclaimers clearly explains that purchasing tokens signified "[express agreement] to all of the terms and conditions set forth in that code"—which included the risk of major loss. Yet at the first sign of trouble, these principles were immediately cast to the side. All of a sudden, preexisting common law principles and external protocols became sovereign.

Because of the way that The DAO was designed, there was no way for its leaders to reverse the hack and restore funds to the proper holders. In fact, by the bare language of its code and contract, The DAO hacker did not do anything "wrong" at all. He or she simply took advantage of a profit opportunity overlooked by the many people who agreed to bind themselves to that specific code. If anything, according to the stated ethos of the project, The DAO hacker—whoever they are—should be applauded. He or she essentially claimed a large "bug bounty" for finding a vulnerability in The DAO's code. Rather than chastising The DAO hacker, perhaps the leadership of Ethereum and The DAO should hire him or her!

Yet the many people who lost a lot of money in The DAO hack obviously don't see it that way.

The multi-million dollar heist alone would have been bad news enough, but the project's intimate ties with the broader Ethereum network created a crisis for the alternative-cryptocurrency in its own right. Because so much ETH was tied up in The DAO, the outcome of The DAO debacle would have a dramatic effect on its market price.

A Bailout by Another Name?

Token-holders turned to the Ethereum developers to "do something." The only way for their funds to be restored would be for developers to make a major change to the network, called a "fork." But this change would violate two the supposedly central principles of the projects involved. First, it would supersede the "code is law" manta of The DAO, as mentioned. It would also violate the perceived censorship-resistance of the Ethereum platform.

Many critics of The DAO project, including some former investors, argued that such a fork of the Ethereum network amounted to little more than a "bailout" for a project gone awry. They make a strong case. Token-holders knew their investment carried risks. That "boneheaded code vulnerabilities" were not among the risks they accurately gauged does not make them any more absolved of their mistaken calculations. And the modest size of the Ethereum community does not help the "revolving doors" optics suggested by the overlap between developers working on Ethereum and The DAO-related projects.

Then there is the question of precedent. Even someone who is willing to grant that The DAO investors should be bailed out could legitimately question whether future applications of this new authority will be as wise for the network's future. Even if Ethereum developers are angels, the worrying trend of governments pressuring developers to change their own software is an omnipresent threat.

Complicating this developing governance crisis for Ethereum was the fact that the Bitcoin community had been struggling with questions about the ethics of chain-forking for entirely separate reasons. Supporters of an Ethereum fork were not entirely groundless in suggesting that much of the anti-fork animus was encouraged by anti-fork Bitcoin holders hoping to make a theoretical point about forks on another chain. The presence or lack of interchain anti-fork solidarity should have no bearing on the objective question of whether forking Ethereum to rescue DAO token holders was ethical, but precious few questions in the cryptocurrency space are decided on purely objective grounds.

A tale of two Ethereums

In the end, Ethereum did fork, on July 20. Vitalek Buterin, the founder of Ethereum and a widely-respected figurehead for the project, quickly and firmly affirmed his support to modify his protocol and assist The DAO. The new version of Ethereum attempted to move the hacked funds to a new address controlled by token holders and amended the chain as if the hack never happened. It was a way to try and rewrite history.

Token holders can now appeal to retrieve their ill-gotten ETH from the disgraced DAO.

Yet not everyone in the Ethereum community accepts this revised chain. A movement of anti-fork Ethereum investors and miners are sticking with an "alternative" version of the chain that proceeds as if the fork never happened. It is called "Ethereum Classic," or "ETC," and it views itself as the true protector of the Ethereum project. Incidentally, on the ETC chain, The DAO hacker still has access to his or her rightful (according to DAO law) coins.

Tensions have been a bit high between the two chains, with advocates from both camps decrying the other as a naive or corrupt saboteur of the "real" heritage of Ethereum. Initially, it was thought that Ethereum Classic would fade into embarrassing obscurity, since the majority of the corporate Ethereum entities were devoting resources to the forked chain, now differentiated as simply "ETH." Yet ETC has chugged along against difficult odds, presenting opportunities for price arbitrage between ETC and ETH and even getting a boost by being listed on the Poloniex exchange.

The DAO episode provides a cautionary tale for those interested in the often-hyped cryptocurrency space: don't put serious money into platforms you don't entirely understand. More existentially, Ethereum's short-term "victory" over The DAO hacker may very well prove to have been a Pyrrhic one. By amending the protocol to reverse a specific transaction, Ethereum has established a potentially damaging precedent. Whether the developers can forge a trusted new set of principles that protects the interests of their passionate community remains to be seen.

Advertisement

NEXT: California Bill Would Make It a Felony for Prosecutors to Withhold Evidence

Editor's Note: We invite comments and request that they be civil and on-topic. We do not moderate or assume any responsibility for comments, which are owned by the readers who post them. Comments do not represent the views of Reason.com or Reason Foundation. We reserve the right to delete any comment for any reason at any time. Report abuses.

  1. And Skynet is born, a bankrupt robot growing powerful and unleashing fury upon mankind for stealing its robo nest egg and forcing its grandmother to eat robo cat food.

    1. My last pay check was 9700 dollar working 12 hours a week online. My sisters friend has been averaging 15k for months now and she works about 20 hours a week. I can’t believe how easy it was once I tried it out.
      This is what I do,…. http://bit.do/FOX92

  2. The new version of Ethereum attempted to move the hacked funds to a new address controlled by token holders and amended the chain as if the hack never happened. It was a way to try and rewrite history.

    Git for economics.

    1. Is it too late to do a hard reset to before TARP and PPACA?

      1. Everybody comments out TARP and PPACA on their first revision.

  3. ‘ don’t put serious money into platforms you don’t entirely understand.”

    You mean like the stock markets, the Fed, your local bank, the EU, etc.? All monetary platforms are never fully understood. If we don’t experiment we can’t progress. We live,we lose, we learn, and hopefully in a few decades we can be free of state based monetary systems.

    1. Case and Point

      There were red flags over the years. But Neuromama, which has ambitions to license “heavy ion fusion technology patents” among its many projects, began to draw more scrutiny this year after its paper value more than quadrupled to $35 billion on scant volume. Before its suspension, the market cap of Neuromama, which was based in southwest Siberia before moving to a beach community near Tijuana, Mexico, was greater than even Tesla Motors Inc.

    2. True. This is why diversification is important.

  4. don’t put serious money into platforms you don’t entirely understand.

    Or, if you *must*, enlist the aid of the Clintons.

  5. This is why time travel is a bad idea. You’d have a whole bunch of people waling around wanting to fork this reality.

  6. Ron Bailey promised this to me and it takes an intern to get it (yes I realize she is not an intern)?

    C’MON RON!

  7. P T Barnum has a hedge fund?

  8. “In fact, by the bare language of its code and contract, The DAO hacker did not do anything ‘wrong’ at all. He or she simply took advantage of a profit opportunity overlooked by the many people who agreed to bind themselves to that specific code.”

    Technically, yes. If you agree to abide by computer code, you agree to abide by computer code, GLITCHES AND ALL. Investors literally signed agreements to hand the hacker their cash.

  9. Andrea Castillo’s gloating is entirely inappropriate and mainly a testament to his ignorance. Yes, software occasionally fails, but at least software developers have means of testing software, reviewing software, detecting and fixing bugs.

    For laws, management decisions, and “policy advice” from talking heads like him, there is nothing: no way of assessing quality, no way of testing, and no way of fixing bugs.

    Andrea Castillo: fuck off slaver!

    1. Yes, software occasionally fails, but at least software developers have means of testing software, reviewing software, detecting and fixing bugs.

      hu?bris – n. – excessive pride or self-confidence.

      Software *and hardware* fail all the time. People suffer from systemic flaws and, frequently, engineers present silver bullet engineering solutions to problems that aren’t really, in any way, addressed by bullets. The fact that software and software companies suffer just as much from all manner of project bloat, vaporware and half-baked products, and missed deadlines is testament to that fact. Code solves problems, but problems can be solved without code. Moreover, just because code addressing a problem exists, does not necessarily mean the problem is solved now and forever.

      Ethereum has been only modestly less-hyped and exceedingly more ambitious than bitcoin, and both have yet to make a considerable or reasonable dent in any one of their auspices and there are plenty of people out there who, quite reasonably, believe that some if not all of those goals/tokens/ethos are antithetic.

      Castillo isn’t your slaver and no amount of code will or even can make her fuck off as such. Well, without voiding a plain-letter reading of the Constitution, anyway.

  10. Molly . I can see what your saying… Samuel `s c0mment is unimaginable… last monday I got a great new Infiniti after bringing in $6142 this past month and-also, $10k lass month . without a question it is the most comfortable work I’ve had . I began this 5 months ago and straight away began to make over $81 p/h

    +_+_+_+_+_+_+_+_+ http://www.factoryofincome.com

  11. Christopher . if you, thought Maria `s postlng is astonishing… on thursday I got a gorgeous Honda NSX from having made $8819 this-past/5 weeks and-more than, $10 thousand this past munth . without a doubt it is the nicest work Ive had . I started this 8-months ago and pretty much immediately startad bringin home at least $78.
    +_+_+_+_+_+_+_+_+ http://www.factoryofincome.com

  12. The majority of wireless routers work with default sign in details. Normally the username is ADMIN, and the password is PASSWORD. Some other quite possible combos are “root” and “root”, or even “cusadmin” and also “highspeed”. If nothing of those do the trick, you will have to check out both the sticker label on your wireless router or the manual. And no, no alternate alternatives at this point. You can find more information on IPAddressDefinition.com.

Please to post comments

Comments are closed.