Looking critically at the aftermath of the great DAO heist of 2016
June 23, 2016 Geneva / London / Hong Kong
By Gavin Smith, Chief Executive, First Global Credit
Anyone interested in cryptocurrency and innovative use of the Blockchain cannot help having heard about the most egalitarian expression of this technology, Ethereum. And anyone interested in the progress of Ether as a DIY cryptocurrency must be familiar with how Ethercoin is being used as the basis of DAOs or decentralized autonomous organizations. DAO is a method for making investment decisions where choices are made by collective agreement not by fund directors.
There already have been a few DAOs but the first one with any traction has been created by German startup, slock.it. Slock.it has members of the Ethereum project team Simon Jentzsch and Stephan Tual on its board. The DAO concept is based on a set of smart contracts that represent investment opportunities presented to the DAO ‘collective’ of investors. Along with buying tokens to the DAO comes the right to vote on which opportunities the DAO takes a position in. The view being that decisions made by consensus will be more profitable as the intelligence of all the investors is behind the selection. Investment utopic dream?
That dream turned into a nightmare last Thursday with news that of the $150m invested in the slock.it DAO at least $60m has been withdrawn by a “hacker” who exploited a vulnerability in the script that governed distributions from the DAO.
The flaw that is at the root of the DAO security problem is based on what first appears to be the strength of the Ether model with its embedded scripting language. Ether permits individuals or organizations to develop powerful smart contracts with complex behaviours. Unfortunately, this flexibility goes hand in hand with the risk that the implementation of a particular solution is not well thought through. This leaves customers of the smart contract (or in this case DAO) at risk of faulty contract implementation with weak security.
This risk has always been played down by the prime movers of the Ethereum project but the fact that the management of Slock.it is also made up of some of the core development talent of the Ether project proves that this risk is not only valid but also not easily overcome – after all, if these developers can’t get the security model right how are others supposed to?
This issue, however, pales into insignificance when compared to the much larger concern … what happens now that the hack has been discovered?
One proposed response to the hack is to roll back the Ether Blockchain – while appearing attractive at first, this route, if taken, has far reaching consequences for Etherium’s future.
Nobody condones the siphoning of funds from the DAO but it should be remembered that this project was highly experimental and participants took part in something that was largely untested with significant risks.
The strength of a public blockchain, which Ether claims to be, has always been the irreversible characteristic of any transaction. Once a transaction has been confirmed it cannot be unwound by any individual or group – this is the very strength of Bitcoin and why attempts to replicate Bitcoins’ benefit structure using private blockchains is a flawed premise – while private blockchains provide benefits of efficiency for member organisations to transact business together without holding counterparty risk, they are by nature limited in their scope, not designed to ‘include’ but exclude participants. In other words they are designed to benefit the “elite few” who run the private blockchain, for instance a select number of banks who wish to extend their cartel with greater efficiency but no benefit to the greater public.
If the Ethereum Project decides to roll back the Ethereum blockchain they simply confirm the charge that is often levelled at Ethereum – it is not a public blockchain at all but a private blockchain developed to move control of the financial industry from one set of hands into another, benefiting Vitalik Butterin and his buddies.
While many would argue that there is no harm in rolling back transactions that were a deliberate exploitation of a weakness in Slock.It’s implementation of the scripting language. You don’t have to dig too deeply to recognise the flaw in this logic.
Is the Ethereum Project going to roll back all future hacks – or just those involving members of the inner circle? What constitutes a hack? One of the proposed uses of Ether smart contracts is an exchange (say for Bitcoin) – If the smart contract incorrectly makes multiple sales at a low price which people identify and exploit – will those transactions be rolled back as well?
Perhaps a smart contract takes place between 2 organisations, one of which is inside the favoured circle of the Ethereum Project – let’s say they decide they don’t like the terms and want it rolled back – does their request get actioned while the other organization foots the bill?
What quickly becomes apparent is that once you lose the irreversible characteristic of the transaction; When it is no longer an independent network that confirms transactions you no longer have a trustless P2P network – you have crony capitalism and you are simply perpetrating the worst characteristics of the old world financial industry order.
This event represents a critical decision point in Ethereum’s evolution. Do they go down the route of a distributed P2P network with irreversible transactions (which probably means abandoning proof of stake in favour of proof of work) or do they go down the route of a private blockchain with control retained by the select few?
For our part the First Global Credit company will continue to allow holders of Ethereum to use it as collateral for stock and futures trading but, for the time being, our Smart Contract work will remain focussed on Bitcoins’ capabilities. Ethereum, for us, is still a work in progress which we will continue to monitor with interest.