The DAO Hard Fork, and the Negotiation that Couldn’t Happen

I want it to be clear that I am not speaking on the behalf of the Ethereum Foundation. The point of this post is not to address the handling of the DAO fork, but to share why I believe the hard fork is the right choice.

Why we should reverse the DAO heist

The Ethereum community should reverse the DAO heist, and return the ether invested to the DAO token holders (and the extraBalance to the DAO token purchasers) in order to mitigate negative externalities of the DAO heist.

“an externality is the cost or benefit that affects a party who did not choose to incur that cost or benefit.” — Wikipedia

I am thinking, for example, about externalities arising from legal and regulatory precedents.

Why a hard fork is the only reasonable way to reverse the heist

The soft fork failed, and the counterattack is not very promising

A soft fork that censors DAO attackers was attempted, but it was discovered to have a fundamental DoS vulnerability before it was triggered.

Without a soft fork, the counterattack effort is not at all guaranteed to succeed.

The complication of negotiation

Negotiating is the optimal solution, if it leads to nearly all of the funds being returned. A counterattack that potentially leads to the funds moving back and forth forever could let us negotiate for the return of only some of the funds. Without a fork, therefore, we are not in a good place to negotiate with the attacker. Given that the soft fork has failed, only the credible possibility of a hard fork can put us in a strong position.

Negotiating with the attacker(s?) is complicated somewhat by multiple other attacks, which possibly are conducted by different attackers. While at least some of them may be willing to negotiate, any negotiation that leads to the return of funds will take at a long time.

The tight hard fork timeline

Unfortunately, the implementation of a hard fork solution becomes more complex after July 21st. After this date, the attacker will be able to move ether into splits of the darkDAO, requiring that every hf implementation dynamically produce the same list of child and grandchild DAOs to be affected by the fork.

I’ve spoken to many of the developers implementing the hard fork and they have all unanimously agreed that this additional complexity puts safety of the fork at significant risk by making it harder to test and audit. The simplicity of the hard fork implementation is important for ensuring that it does not have bugs. Delaying the hard fork to allow a chance for a negotiation increases the odds that the hard fork will fail. There’s also a possibility that the negotiation will fail, and that the more complex hard fork will not be ready in time to revert the heist. Negotiating is therefore not worth the risk, and hard forking is the only sensible option.

Mitigating the costs and risks of hard forks

Hard forks come with certain costs and risks. These costs and risks are why we should consider other alternatives before hard forking. When we do hard forks, we have to work hard to mitigate these costs and risks.

  • Hard forks can have bugs.

This risk can be mitigated with test-ing, audits, bug bounties, and code simplicity.

  • Hard forks have high coordination costs.

This cost will probably increase over time, and can be reduced with effective, transparent, active communications.

This cost can be reduced through persuasion, good manners, and active, honest listening.

This can be prevented by a culture that does not adopt forks without sufficiently decentralized consensus between users, developers, miners and ether holders.

This can be mitigated by clear signaling that interventions-by-fork are the exception, rather than the rule.

My philosophy of forking

I support forks that upgrade the protocol (such as Casper and Sharding). These can reduce latency, and improve the usability, security and scalability of Ethereum.

I also firmly advocate forks that intervene with the state of the consensus and are the most feasible way to prevent or reverse harm caused to third parties. These can be in two categories, due to unintended behaviour of benign applications, and due to intended behaviour of malicious, unethical, or evil applications.

Why? Well, I believe that ethics is independent of decentralization. Any moral obligation that exist for an individual hosting an application platform on their private server, I believe, is also an obligation of a decentralized community hosting an application platform on their decentralized server. I think the reversibility of the negative externalities caused by the DAO heist creates an ethical duty to rescue.

Disclosure of DAO token holdings

At the time of writing I own two DAO tokens. I did not purchase any DAO tokens during the DAO’s creation phase. I attempted to trade DAO tokens in the meantime, and was very unprofitable.