THE DAO HACK – RECAP OF WHAT HAPPENED
Before we dive into the hacking scandal, let’s refresh out memories by defining The DAO.
The DAO abbreviation stands for “decentralized autonomous organization”. It was supposed to be a digital venture capital fund.
Let’s put it this way: think of a standard company structure.
There’s a hierarchy of people that are responsible for running it.
For example, you would have all sorts of roles in such a company. These would be associates, sales people, a few managers, a regional manager, board of directors and a CEO. More or less.
Not in The DAO.
Its main purpose was to introduce a fully decentralized business model that would run on smart contracts. It would accommodate both the commercial and non-profit enterprises in a new way. The boss-less way. No singular entity would be able to control it the way companies are usually controlled.
Instead, anyone who invested in the project would have had a vote. That means that nobody could misdirect and waste investor funds. Investors themselves were voting on where the organization was headed and they would do so by agreeing on specific smart contracts to execute certain actions.
Also, the whole thing run on the Ethereum blockchain. As any other project that uses a blockchain technology, The DAO, too, was open source and transparent.
In fact, it was so transparent that quite a few code security issues were publicly talked about which brought unwanted attention.
It was a crucial month for The DAO. A paper that listed security vulnerabilities was made available to the public. It warned not to invest in the project until the issues were resolved.
That, however, didn’t stop investors from pouring cash into the project.
A GitHub developer shared his concerns on the “recursive calls”. This spiked the interest within the community and contributed to initiating the hack later on.
It was at this time that everyone started pointing out the holes in the code that could expose The DAO to a number of attacks.
June 9, 2016
The creators of the venture, Christoph and Simon Jentzsch and Stephen Tual, didn’t think much of it at the time. No immediate action was taken on their side.
The concern was followed up by a few well-known crypto bloggers. They all stressed its critical importance. Even the founder of the Blockchain Foundation, Peter Vessenes, wrote a blog post on how dangerous it was.
To my surprise, it still didn’t appear that important to the people who invented the organization.
June 12 , 2016
Stephen Tual finally admitted that the recursive call bug exists but doesn’t put investor’s money at risk.
June 14 , 2016
Some security fixes had been proposed and were awaiting approval by the members of The DAO.
June 16, 2016
Several other bloggers and even IC3 itself stressed that the raised money is in fact at risk but it didn’t cause any response from the top.
Strangely enough, at that time, some people were still investing in the project. That’s perhaps due to Stephen Tual’s statement and reassurance that the funds were safe.
June 17, 2016
The DAO is under attack.
Whilst the developers were working on other things, the hackers started draining the funds from the project.
June 17, 2016 – 8:45am GMT
Two million Ethereum tokens went missing.
A token is the means by which the value of a particular block of work has been valuated. The system releases them when both parties agree that it has been completed, or neither happens.
June 17, 2016 – 11pm GMT
The stolen amount is almost double that, and appears to have stopped increasing.
This is the Ethereum wallet address that all stolen tokens went into: https://live.ether.camp/account/304a554a310C7e546dfe434669C62820b7D83490
As much as 3.6 million Ether was unlawfully transferred into that address. That accounted for 14% of the total Ether available in the Ethereum ecosystem at the time. To put that into perspective, the stolen funds amounted to over $50 million.
Let’s stress one fact. The DAO wasn’t well thought-out from the start. All funds that were raised through the successful crowdsale ended up on a single ethereum address.
It’s like you’ve just collected $150 million within three weeks and decided to keep it on one wallet address. That’s a very bad idea.
The hackers who started draining the funds didn’t have to stop at the $50m mark at all. They could have gone all the way and suck out all of it. It’s believed that the main reason they didn’t do it is because the network split talks had begun within the community.
The thieves had realized that if they stopped at $50 million, there was a good chance that the network might not split into two and let them get away with what they already had in their address.
However, there’s a twist to the story. Because The DAO is based on the ethereum blockchain, certain rules apply when it comes to code execution of smart contracts. One of them state that nothing can change the rules outside the protocol within a smart contract.
The attackers had used this to write an open letter to The DAO members stating that they were fully eligible for the funds they had obtained because of that rule.
They even threatened a legal action. Unfortunately, it wasn’t verified whether the letter came from the hackers or it was fake, but such a letter was in fact received.
There’s one good news, though. There was a 28-day clause written in the smart contract that wouldn’t allow to convert any Ether into fiat money for the 28 days of receiving it.
During that time, the community, developers and founders were discussing what to do. The project had raised more than $150 million and 1/3 of it went to the hackers wallet. Something had to be done before it was gone for good after 28 days.
The community debated and eventually separated into three major groups. One group would call it a valid but unethical maneuver, the second one would vote for the funds to be recovered and the third opted in for shutting down The DAO altogether.
[3:09:03 AM] George Hallam [ETH] : Ping
[3:09:19 AM] Bill Shihara: Pong
[3:09:57 AM] Bill Shihara: Is the reported issue with the DAO real?
[3:10:17 AM] Vitalik Buterin: as far as we can tell yes
[3:10:33 AM] Mike Li: Where can I find the report?
[3:10:54 AM] Vitalik Buterin: https://www.reddit.com/r/ethereum/comments/4oi2ta/i_think_thedao_is_getting_drained_right_now/
[3:10:55 AM] Vitalik Buterin: active thread
[3:11:06 AM] Alex Hanin: https://thedao.slack.com/messages/general/
[3:11:07 AM] Mike Li: Thank you VB
[3:11:19 AM] Vitalik Buterin: possible mitigation strategies are:
[3:11:21 AM] Bill Shihara: Thanks. There is a lot of panic so a clear statement from the DAO and ETH team’s would be extremely helpful. At this point, people are speculating that griff’s account was hacked.
[3:11:29 AM] Vitalik Buterin: 1. seizing any stolen either that goes through exchanges
[3:11:38 AM] Vitalik Buterin: 2. there is one person who will split within 2 hours
[3:11:40 AM] Vitalik Buterin: if we can contact him
[3:11:49 AM] Vitalik Buterin: then we may be able to copy the attack and recover a large portion of it
[3:12:15 AM] *** Vitalik Buterin added Christoph Jentzsch ***
[3:13:23 AM] *** Vitalik Buterin added Stelian Balta ***
[3:14:11 AM] Bill Shihara: Has the hacker already received more than they should have via their split? If so, we’ll need to be prepared for #1.
[3:14:16 AM] Vitalik Buterin: much more
[3:14:18 AM] Vitalik Buterin: 3m+
[3:15:58 AM] Tristan D’Agosta: Is any of it safe, or could this proceed until there is nothing left?
[3:20:22 AM] *** George Hallam [ETH] added Jesse ***
[3:22:02 AM] Jesse: Hi guys. catching up on the conversation now
[3:22:51 AM] Alex Hanin: This will surely test the resilience of ETH – let’s keep faith in VB and others to mitigate this. Good luck!
[3:35:40 AM | Removed 3:37:43 AM] Shawn: This message has been removed.
[3:41:38 AM] George Hallam [ETH] : ALL EXCHANGES: please pause ether trading as soon as possible
[3:41:56 AM] Jesse: why pause trading?
[3:41:59 AM] Aurélien MENANT: done :p
[3:42:56 AM] Tristan D’Agosta: That’s a pretty serious measure, is the stolen ETH moving?
[3:42:57 AM] Alex Hanin: Can you please elaborate on this pause?
[3:42:58 AM] dino: ALL EXCHANGES EMERGENCY PAUSE TRADING RIGHT NOW
[3:43:01 AM] Vitalik Buterin: ok can you guys stop trading
[3:43:05 AM] Tristan D’Agosta: Okay
[3:43:10 AM] Bill Shihara: Stopping the trading will stop the hacker from liquidating. but that may be penalizing legit traders significantly
[3:43:11 AM] Vitalik Buterin: and deposits and withdrawals
[3:43:18 AM] dino: ALL EXCHANGES STOP WITHDRAWALS RIGHT NOW EMERGENCY
[3:43:25 AM] Tristan D’Agosta: Okay, not trading then…
[3:43:38 AM] Jesse: we can do withdrawals. haven’t heard the case for trading yet
[3:43:48 AM] Shawn: wouldn’t it be better to just pause withdrawal?
[3:43:50 AM] Tristan D’Agosta: Deposits and withdrawals frozen on Polo
[3:43:57 AM] Tristan D’Agosta: For ETH
[3:44:22 AM] George Hallam [ETH] : Does anyone have any contacts at Bitfinex?
[3:44:34 AM] George Hallam [ETH] : europe timezone based would be best
[3:44:36 AM] George Hallam [ETH] : cant reach them
[3:44:52 AM] dino: The ethereum foundation can reimburse exchange losses. Without a hard fork and rollback this damage will be permanent and the ecosystem will die.
[3:45:10 AM] Jesse: the foundation hasn’t reimbursed prior losses
[3:45:19 AM] Aurélien MENANT: can we get our 185k eth back?
[3:45:20 AM] Shawn: exchange trades are off chain anyways
[3:45:31 AM] Bill Shihara: You are considering a rollback? that’s a significant step.
[3:45:36 AM] Alex Hanin: wtf?
[3:45:38 AM] Bill Shihara: Bittrex ETH wallet is disabled.
[3:46:06 AM] Shawn: no fish without a hook in the water
[3:46:22 AM] dino: This happened with Bitcoin in 2013. Exchanges rolled back trades.
[3:46:44 AM] dino: We can also blacklist the addresses stealing the DAO ether
[3:46:46 AM] Alex Hanin: this is not happening – and I cannot get hold of my boss
[3:46:55 AM] Shawn: the concern would be that fast responding exchanges shut down and the thief goes to slow responders
[3:47:19 AM] dino: Hanin. Go to his house and wake him up
[3:47:21 AM | Edited 3:50:30 AM] Shawn: whereas if fast responding exchanges leave deposits open and only stop withdrawals the chances of catching it would be better
[3:47:32 AM] Alex Hanin: I am in the UK and he’s in Canada 🙂 gonna be hard
[3:47:45 AM] Alex Hanin: I will shut down withdrawals
[3:47:48 AM] Alex Hanin: but that’s all I can do
[3:47:57 AM] dino: Shut down everything.
[3:48:01 AM] dino: If you can.
[3:48:07 AM] Alex Hanin: what do you mean everything?
[3:48:10 AM] Jesse: lol
[3:48:17 AM] Shawn: shut the internet
[3:48:19 AM] dino: Everyone needs to contact all exchanges. Shut down trading and withdrawals
[3:48:28 AM] Alex Hanin: right
[3:50:24 AM] *** Mike Li added 荣海 施 ***
[3:53:32 AM] Bill Shihara: What can I say publicly about the ETH wallet being disabled?
[3:54:00 AM] Bill Shihara: “ETH wallet disabled at request of Ethereum Foundation” ? I don’t want to cause more panic
[3:54:01 AM] Jesse: just point to https://www.reddit.com/r/ethereum/comments/4oi2ta/i_think_thedao_is_getting_drained_right_now/
[3:54:30 AM] George Hallam [ETH] : Anyone got a contact at bitfinex?
[3:54:35 AM] dino: Tell them it is a precautionary measure until a solution is determined
[3:54:52 AM] dino: I do. I’ve been pining Phil Potter.
[3:57:06 AM] Bill Shihara: Ok. So our wallets are disabled. Have we agreed to disable trading?
[3:57:37 AM] Jesse: we’ve also disabled withdrawals. not disabling trading yet
[3:58:21 AM] dino: Trading must be disabled. It is likely a hard fork will be needed to fix the hack.
[4:00:11 AM] Tristan D’Agosta: Disabling trading is about as extreme as it gets. Why are we being asked to do this? Is it only to prevent the attacker from cashing out?
[4:00:13 AM] Alex Hanin: disabled ETH withdrawals
[4:01:00 AM] Alex Hanin: It’s going to p*ss off a lot of people that want to get rid of ETH and may lead to loss of business – I need to wait for management to agree to this
[4:01:23 AM] Alex Hanin: I cannot close ETH trading without the proper consent
[4:02:25 AM] Tristan D’Agosta: We need to know why before we do that — we may have a better way of addressing the issue
[4:02:34 AM] Shawn: ok so the argument to pause eth trading is that stopping withdrawal only shuts one exit
[4:02:58 AM | Edited 4:03:31 AM] Shawn: but there are N exits and you don’t want to close all of them, so shutting down eth trading at least allows the other exits to continue working
[4:03:20 AM] Tristan D’Agosta: Have the stolen funds moved from the address they were collecting in?
[4:03:43 AM] dino: Is poloniex on this chat?
[4:04:27 AM] Shawn: https://etherchain.org/account/0x304a554a310c7e546dfe434669c62820b7d83490
[4:04:28 AM] Tristan D’Agosta: One doesn’t just move millions of ETH through an exchange, most of it is pretty likely to be caught
[4:05:11 AM] Aurélien MENANT: I think the eth were destroyed
[4:05:23 AM] Tristan D’Agosta: Are there any internal transactions that moved the ETH? etherscan is down…
[4:05:24 AM] Alex Hanin: ok shutting down trading
[4:05:27 AM] Alex Hanin: got the go ahead
[4:05:43 AM] Tristan D’Agosta: Far more important to track the ETH than shut down trading
[4:05:55 AM] Bill Shihara: If you are considering a roll back, we also need to disable all of the ETH dependent tokens too.
[4:06:13 AM] Tristan D’Agosta: A roll back would be a good reason to freeze trading
[4:06:29 AM] Jesse: ^ agree
[4:06:35 AM] Shawn: pausing trading would just be a stop-gap
[4:06:57 AM] Bill Shihara: A roll back doesn’t need to affect trading if the Ethereum Foundation is going to make all of the exchanges whole.
[4:07:16 AM] Bill Shihara: we’ll still be able to account for every ETH traded
[4:07:25 AM] Tristan D’Agosta: It isn’t effective if you want to catch the stolen funds — it’s just a huge signal to the attacker that says “Not yet…”
[4:07:32 AM] Shawn: the key is to keep an eye out for the relevant ether
[4:07:36 AM] Aurélien MENANT: yes but what if some eth traded were deposited after the roll back?
[4:08:28 AM] Tristan D’Agosta: If there are no internal transactions that moved ETH from that address, the deposit freeze will block him cashing out for now
[4:08:35 AM | Edited 4:08:55 AM] Jesse: I haven’t heard anything from the Foundation about making exchanges “whole”. There is reputational damage to consider when meddling with the market
[4:08:46 AM] Tristan D’Agosta: If they got any to Polo, it isn’t much
[4:10:33 AM] *** Tristan D’Agosta added Craig Sellars ***
[4:11:15 AM] George Hallam [ETH] : Hi guys – more updates coming very soon from us
[4:11:31 AM] Bill Shihara: Thanks. Its 2am here.
[4:11:49 AM] Bill Shihara: So any updates you can provide that will allow me to get to bed would be great 🙂
[4:11:54 AM] George Hallam [ETH] : We are incredibly appreciative of you all pulling together on this.
[4:12:13 AM] Alex Hanin: how can you sleep – the internet is in meltdown lol
[4:12:14 AM] Aurélien MENANT: why does it always happen on Friday nights…
[4:12:21 AM] Bill Shihara: btw, I just want to clarify that this was an issue with how the DAO split function was coded and not a problem with the smart contract infrastructure in general
[4:12:46 AM | Edited 4:12:59 AM] Alex Hanin: pointing the finger will happen soon enough – right now we need to get out of this mess
[4:12:50 AM] dino: UPDATE: BITFINEX PAUSED TRADING
[4:12:58 AM] George Hallam [ETH] : Thank you Dino
[4:13:13 AM] Tristan D’Agosta: Why — is a blockchain roll back a possibility?
[4:13:28 AM] Bill Shihara: this isn’t a matter of finger pointing. I want to know if there are other tokens or other ETH derivatives that I need to take offline
[4:13:32 AM] Alex Hanin: what are the implications of a rollback if I may ask?
[4:13:40 AM] dino: Busoni, maybe. We don’t know yet. The safe path is freezing trades.
[4:13:44 AM] Tristan D’Agosta: It invalidates deposits
[4:13:47 AM] Tristan D’Agosta: Maybe is enough
[4:14:22 AM] dino: ALL EXCHANGES PLEASE PAUSE WITHDRAWALS. THE HACKERS ARW DEPOSITING ETH TO EXCHANGES TO CONVERT TO BTC AND WITHDRAW
[4:14:31 AM] *** Craig Sellars added Philip G. Potter ***
[4:14:51 AM] Craig Sellars: Dino – for clarification, Bitfinex has PAUSED WITHDRAWALS, we have not paused trading.
[4:15:08 AM] Tristan D’Agosta: Oh, for Christ’s sake
[4:15:12 AM] dino: The safe thing to do now is pause either trading and/or withdrawals
[4:15:17 AM] *** Jesse added Stephan Tual [slock.it] ***
[4:15:33 AM] dino: Vitalik is on a security call r right now with the core team to push an update asap
[4:15:37 AM] Mathias: Guys, I understand the stress you are all in at the moment.
But please keep the big picture in mind :
What we are facing is a crappy smart contract, and careless investors. This is their risk of investing without proper due diligence.
Don’t risk the reputation of Ethereum as an independent, decentralized platform because of it by taking hasty measures like hard forks or roll backs .
Doing so will create a highly dangerous precedent, giving political authorities an entry whenever required in the future!
[4:15:46 AM] Tristan D’Agosta: Do you know what block the rollback might be to?
[4:15:47 AM] Shawn: keep in mind that ether comes in, trades to btc, then leaves as btc
[4:15:59 AM] Shawn: so you might want to pause btc withdrawals too then
[4:16:04 AM] Tristan D’Agosta: No ether is coming in, that has nothing to do with trades
[4:16:08 AM] Philip G. Potter: HF that fucks exchanges is completely unaccpetable
[4:16:54 AM] Tristan D’Agosta: Has anyone frozen trades?
[4:16:55 AM] Shawn: the safe thing is to either pause trading or make sure you can filter the deposits
[4:17:02 AM] Tristan D’Agosta: …….
[4:17:14 AM] George Hallam [ETH] : It will likely be a soft fork
[4:17:16 AM] dino: Phil the alternative might be worse.
[4:17:20 AM] George Hallam [ETH] : More information coming very soon
[4:17:20 AM] Craig Sellars: Tristan, if there is a HF, you may be getting deposits on a dead chain
[4:17:27 AM] Tristan D’Agosta: Yes, deposits are frozen
[4:17:32 AM] Tristan D’Agosta: They have been for quite some time
[4:17:38 AM] Philip G. Potter: worse for whom?
[4:17:56 AM] Philip G. Potter: ETH price will go to zero if you try to change the past
[4:17:57 AM] Tristan D’Agosta: Freezing trades makes little sense unless existing deposits are going to be invalidated
[4:18:39 AM] Philip G. Potter: this is problem with DAO not ETH
[4:18:56 AM] Philip G. Potter: VERY BAD PRECEDENT TO ROLL BACK TRANSACTIUONS
[4:19:11 AM] Jesse: someone else mentioned it was a problem with Solidity
[4:19:17 AM] Mathias: Fully agree, phil
[4:19:34 AM] Tristan D’Agosta: I agree, if it’s just the DAO at fault
[4:19:42 AM] dino: Phil, March 2013 Bitcoin hard fork is precedent. Roll back was quite a few hours.
[4:20:01 AM] Tristan D’Agosta: March 2013 was a different time
[4:20:16 AM] dino: Alternative is that a hacker keeps 3 million ether. It will kill ecosystem.
[4:20:34 AM] Philip G. Potter: yes, but we didn’t have other cryptos to exchange to and withdraw
[4:20:53 AM] dino: If hacker empties 10M DAO you think Ethereum will survive?
[4:20:57 AM] Tristan D’Agosta: Is the foundation prepared to make everyone affected whole? It can cause some pretty big problems.
[4:20:58 AM] Jesse: yes
[4:21:07 AM] Tristan D’Agosta: ^ and it can be tracked
[4:21:08 AM] Aurélien MENANT: why would it kill the ecosystem?
[4:21:11 AM] Philip G. Potter: if you screw exchanges, will ETH survive
[4:21:13 AM] Philip G. Potter: >
[4:21:14 AM] Philip G. Potter: ?
[4:21:25 AM] dino: Foundation might be able to if losses are small… Please freeze trading and withdrawals
[4:21:25 AM] Tristan D’Agosta: It isn’t even just the exchanges
[4:21:38 AM] dino: Phil, sadly yes…
[4:21:42 AM] Tristan D’Agosta: Do you know what block you might roll back to?
[4:21:43 AM] Philip G. Potter: freeze trading?
[4:21:53 AM] Aurélien MENANT: there has been USD2 to 4m in eth stolen from us, and since it happened the price increased by 90%, so it doesn’t look that bad for the ecosystem
[4:21:58 AM] Philip G. Potter: fuck this coin
[4:22:27 AM] dino: Busoni I’m not sure what they are discussing in the security call right now
[4:22:45 AM] Tristan D’Agosta: That is a vital piece of information if it’s being considered
[4:23:02 AM] Jesse: waiting to hear about a rollback. until then, we’re not interfering in the market
[4:23:26 AM] Tristan D’Agosta: ^ this would be the only reason to freeze trading
[4:23:44 AM] Tristan D’Agosta: If it’s anything else, tell us, we may have a better way of dealing with it
[4:24:04 AM] Jesse: ^ happy to track funds and lock withdrawals, freeze accounts all day long
[4:24:18 AM] Philip G. Potter: yes
[4:24:33 AM] Bill Shihara: +1
[4:24:56 AM] Mathias: If there is no intrinsic problem with Ethereum (solidity), there is no reason for a rollback or fork!
[4:24:58 AM] Philip G. Potter: change history – BAD IDEA!!!!
[4:25:52 AM] dino: Phil. Did you see any suspicious eth deposits and Bitcoin withdrawals?
[4:26:08 AM] dino: If losses are small we should roll back
[4:26:16 AM] Craig Sellars: dino – we’re checking on how many deposits we got in the past four hours
[4:26:17 AM] dino: Maybe the foundation can reimbuse
[4:26:22 AM] Alex: There’ll be an update here, likely from George, as soon as there is further clarification.
[4:26:33 AM] dino: Thanks decker.
[4:27:00 AM] dino: At least everyone should pause withdrawals 100%
[4:27:10 AM] Philip G. Potter: the foundation will never reimburse
[4:27:22 AM] dino: Phil if losses small maybe.
[4:27:41 AM] Philip G. Potter: impossible to calculate
[4:27:54 AM] Philip G. Potter: therefore, impossible to be perfectly fair
[4:28:20 AM] Tristan D’Agosta: It is easy for larger exchanges to calculate it, but very difficult to reach everyone
[4:28:21 AM] Philip G. Potter: ethereum foundation reimbursement = fantasy
[4:28:40 AM] Shawn: what’s most important is to keep an eye on the movement of the stolen ETH
[4:28:42 AM] Philip G. Potter: “if it is small” is a terrible metric
[4:30:19 AM] Shawn: if people funded their accounts before the hack then there’s no harm in letting them trade
[4:30:28 AM | Edited 4:30:44 AM] Shawn: the trick is to keep an eye out for the stolen goods
[4:30:59 AM] Mathias: Vb: please keep big picture in mind!
[4:32:44 AM] Mathias: For all Ethereum related ventures, impartiality and immutability of chain is paramount!
[4:33:30 AM] Shawn: As Phil points out, it’s unfortunate that ETH holders who don’t trade DAO suffer regardless
[4:34:09 AM] Jesse: not really.. they may suffer the price drop but they still have the same amount of eth
[4:34:50 AM] Philip G. Potter: true
[4:34:54 AM] Shawn: fair enough
[4:35:26 AM] Philip G. Potter: exchanges cannot be the bagholders on this flaw
[4:35:32 AM] Shawn: It’s an inconvenience to ETH holders to get patted down because of a DAO hack, but the DAO also brought them a lot of good price action and no one complained about that
[4:35:58 AM] Philip G. Potter: trust me, it will be the END OF ETH
[4:36:08 AM] Alex Hanin: it’s a typical reaction – make people happy and you don’t hear a thing, screw something up and they’re all up in arms!
[4:36:38 AM] Tristan D’Agosta: We’re warning you before you screw it up
[4:36:42 AM] Alex Hanin: I don’t think ETH can be blamed for that – however a rollback will do more harm than good
[4:39:45 AM] Shawn: buying opportunity
[4:42:15 AM] Philip G. Potter: in ETH?
[4:42:27 AM] Philip G. Potter: not so sure about that
[4:43:07 AM] dino: Eth will not recover from a hacker who empties the DAO of 10 million ether and sells on exchanges foe the next 2 years. The price will be $0.50
[4:43:26 AM] dino: Think logically.
[4:43:40 AM] dino: Irrecoverable PR disaster
[4:44:01 AM] Mathias: Don’t agree
[4:44:34 AM] dino: Of course exchange owners won’t agree if they took losses
[4:44:50 AM] Alex Hanin: I believe ETH will survive this – without a rollback – might take a little while to recover but it will make it… DAO on the other hand…
[4:44:59 AM] Shawn: It’s even possible for a phoenix to rise from the ashes of something like the bitcoinica hack
[4:45:08 AM] Craig Sellars: Agreed with Alex.
[4:45:08 AM] dino: Ultimately The community and miners decide about rolling back with hard fork
[4:45:20 AM] Tristan D’Agosta: Traders really won’t care that much
[4:45:36 AM] Tristan D’Agosta: If a hacker has 10m, I mean
[4:45:51 AM] Philip G. Potter: correct
[4:46:03 AM] dino: Really?
[4:46:23 AM] dino: 10m eth Is a lot to dump
[4:46:23 AM] Tristan D’Agosta: Not ETH traders, no. It won’t directly affect the price much.
[4:46:33 AM] Tristan D’Agosta: You can’t dump 10m ETH without being noticed
[4:46:37 AM] Alex Hanin: I think that logically the difference is nil as the ETH has not been taken from ETH account owners
[4:46:42 AM] Philip G. Potter: but if chain gets “reorged”, then a fundamental precept of blockchains will be violated
[4:46:48 AM] Alex Hanin: even if it is being dumped, people will profit from it
[4:47:01 AM] Alex Hanin: @Phil +1
[4:47:08 AM] Tristan D’Agosta: It is much more likely to cause market panic if the blockchain is considered unreliable
[4:47:19 AM] Aurélien MENANT: agreed
[4:47:20 AM] Alex Hanin: step away from the blockchain rollback
[4:47:31 AM] Aurélien MENANT: or do a vote at least
[4:47:41 AM] dino: I think both viewpoints here are going to be hotly debated. I have no doubt exchange owners won’t want a roll back though
[4:47:47 AM] Shawn: rewriting the tape wouldn’t be great, it would be better to catch the ETH
[4:47:48 AM] Mathias: By staying true to principles, CASE FOR ETH GETS STRONGER!
[4:48:00 AM] Mathias: Don’t roll back
[4:48:06 AM] Tristan D’Agosta: I really don’t want to see DAO investors suffer, but the exchanges know their business. Perhaps there’s another way? Can the funds be seized with a hard fork?
[4:48:23 AM] Alex Hanin: not only will it hit the credibility of the blockchain concept, it will hurt exchanges real bad with all the numbers being invalidated
[4:48:45 AM] Mathias: DON’T FORK
[4:48:59 AM | Edited 4:49:04 AM] Alex Hanin: this debate sounds so similar to the Leave/Remain campaigns in the UK 🙂
[4:49:05 AM] Aurélien MENANT: hahaah
[4:49:25 AM] Mathias: 😀
[4:49:38 AM] Tristan D’Agosta: I don’t think the exchanges themselves will suffer nearly as much as individuals using the blockchain
[4:49:43 AM] dino: We can blacklist the stolen eth perhaps.
[4:49:45 AM] Alex: Tristan: The logistics are being discussed and debated. Whatever solution that is decided upon will be up to the network and miners.
[4:49:57 AM] George Hallam [ETH] : Update – it looks like the stolen Ether has been moved to a child DAO which means that is cannot be moved for at least a week. We are still not 100% sure at this stage – this is just information to keep you informed, please do not act on it yet.
[4:50:12 AM] dino: I just go in touch with Yunbi China exchange
[4:50:16 AM] dino: Brb.
[4:54:21 AM] Bill Shihara: @George that is very good news if you can confirm it. No need for a rollback.
[4:56:00 AM] Philip G. Potter: except to rollback the split – if that is possible
[4:57:08 AM] Philip G. Potter: so can we reenable withdrawals
[4:57:10 AM] Philip G. Potter: ?
[4:59:02 AM] QIU Liang: I’m here
[4:59:44 AM] Mike Li: Hey I am Mike from Yunbi, Together with me is Yunbi’s CTO and CEO Mr. Qiu
[4:59:49 AM] QIU Liang: YUNBI Exchange think ROLLBACK IS EVIL
[5:00:01 AM] Mike Li: We don’t agree rollback
[5:00:35 AM] Craig Sellars: You can’t claim immutability and then change the ledger.
[5:01:05 AM] Mike Li: Rollback will be unfair for all ETH traders on Yunbi
[5:01:14 AM] Philip G. Potter: even a serious discussion about a rollback by eth overlords IS EVIL
[5:01:51 AM] Mike Li: And will put all the loses of DAO to Yunbi users.
[5:02:31 AM] Mike Li: For an exchange, the roll back is like a disaster.
[5:02:39 AM] Mike Li: That is Yunbi’s opinion.
[5:02:44 AM] Alex Hanin: @Mike +1 – don’t rollback
[5:03:34 AM] André Horta: @Horta +1 – don’t rollback
[5:04:08 AM] JonisJon: hi all just seeing this… crap, can someone get me up to speed?
[5:04:57 AM] George Hallam [ETH] : It looks like Ether has been removed from THE DAO to a child DAO
[5:05:02 AM] George Hallam [ETH] : https://etherchain.org/account/0x304a554a310c7e546dfe434669c62820b7d83490
[5:05:23 AM] George Hallam [ETH] : Fortunately, it seems like the Ether is now trapped in there for at least a week.
[5:05:36 AM] George Hallam [ETH] : Again, we are still going over the code to get full confirmation
[5:05:40 AM] George Hallam [ETH] : blogpost coming soon
[5:05:45 AM] George Hallam [ETH] : with all the definitive info
[5:06:00 AM] Alex Hanin: Thanks George
[5:06:28 AM] Philip G. Potter: btw, if any government entity realizes that they can potentially pressure a “leaderless” DAO (or ETH for that matter) into a rollback, the consequences will be far reaching, I promise you
[5:06:32 AM] George Hallam [ETH] : Thank you all for you patience
[5:06:51 AM] George Hallam [ETH] : and input
[5:07:00 AM] Philip G. Potter: so – can we resume normal operations at Bitfinex or not?
[5:07:14 AM] George Hallam [ETH] : Please don’t act on this information yet
[5:07:20 AM] Philip G. Potter: ?
[5:07:29 AM] George Hallam [ETH] : We’re just wanting to make sure you’re up to date.
[5:07:42 AM] George Hallam [ETH] : Actionable info will be available very soon.
[5:09:04 AM] Bill Shihara: appreciate the update George. I think we all feel better that we’re not discussing a roll back anymore. 🙂
[5:09:27 AM] Mathias: @Phil : my saying… PLEASE FOLKS, TAKE THE DANGER OF GOVERNMENT PRESSURE SERIOUSLY
[5:09:38 AM] JonisJon: ok… so do we need to do anything? sorry all way behind here
[5:09:41 AM] JonisJon: for the moment nothing changes?
[5:09:47 AM] dino: Alright if eth is in the child DAO it cannot be spent for 7 days.
[5:10:24 AM] Alex Hanin: can it be “locked” or confiscated?
[5:10:29 AM] dino: We can soft fork to freeze that contract and revert the DAO contract.
[5:10:41 AM] Alex Hanin: looks more and more like someone wanted to buy cheap ETH 😐
[5:11:47 AM] dino: Yes attackers would have margin shorted DAO in large scale right before this. PLEASE ALL EXCHANGES LOOK FOR UNUSUAL SHORTING ACTIVITY directly before this happened.
[5:12:00 AM] André Horta: need to create a feature in Eth blockchain that enable foundation to lock a block.
[5:13:35 AM] dino: Bad idea because centralization.
[5:14:00 AM] dino: So, we can soft fork to revert the splits from the DAO.
[5:14:05 AM] Alex Hanin: any idea why https://etherchain.org/account/0x304a554a310c7e546dfe434669c62820b7d83490 is showing 2.4M ETH and https://live.ether.camp/account/304a554a310c7e546dfe434669c62820b7d83490 is showing 3.5M ETH
Has the attack been stopped?
[5:14:12 AM] dino: And fix the contract at the same time.
[5:14:54 AM] Craig Sellars: A soft fork with a single exclusion opens the door to blacklists
[5:15:18 AM] Craig Sellars: (Besides being a stain on the code)
[5:16:54 AM] Shawn: we could try submitting a proposal to the child dao asking for it to be returned
[5:16:55 AM] Philip G. Potter: it’s a truly terrible idea
[5:18:16 AM] Philip G. Potter: the fork, that is
[5:18:46 AM] Philip G. Potter: negotiating with the “terrorist” is this case, is far preferale
[5:18:58 AM] Philip G. Potter: preferable
[5:20:28 AM | Edited 5:20:33 AM] JonisJon: do we have any idea who this person(s) is or contact?
[5:20:48 AM] Shawn: 0x304a554a310c7e546dfe434669c62820b7d83490
[5:21:04 AM] Craig Sellars: I was wondering if the curators of the child DAO were visible, and if those addresses had been used before?
As debate finished, the decision was made.
In order to recover the stolen funds, the network would go ahead with the hard fork and split into two separate chains.
That’s how Ethereum and Ethereum Classic were created.
A part of the divided community wanted to stay with the original Ethereum (ETC), and another group of people preferred to support the other chain (ETH).
Now, a lot of people get it wrong.
It’s not the ethereum blockchain that’s at fault here. It’s The DAO itself and the loophole in its code that caused bad press for ethereum and resulted in the network split.
Poloniex was the first cryptocurrency exchange to delist the DAO tokens in September 2016. The same practice was followed by Kraken two months later.
The DAO project was officially dead.
By then, all the funds had been returned to investors due to the split.
Was the hard fork justified? Many people argue about this to this day saying that code is law and that people shouldn’t have interfered. The other group are happy that the funds were recovered and the hack was stopped for the greater good.
What do you think?
Disclaimer: if there are any content corrections to be made, please let us know here.