Why the DAO attack may ultimately benefit Ethereum
Disclaimer: I am invested in Ethereum and the DAO so I am admittedly biased towards both and it’s in my best interest for them to succeed. However, the following are my thoughts on why this setback may actually make Ethereum stronger going forward.
I woke up this morning and noticed an unusual amount of notifications from both Twitter and Reddit. The DAO had been attacked. An exploit was found and executed which drained the DAO of around 2M Ether (~$50M) into a child DAO.
Many questions raced through my head. Is the DAO done? What effect will this have on the price of Ether? How will this news be perceived by the media, investors and public as a whole? My initial thoughts about how this would play out were very pessimistic. After giving it some thought, however, I have come to believe that this may not be the worst thing for Ethereum for a few reasons.
Raise awareness for smart contract security
Smart Contracts are a new frontier. Something that we are all just beginning to scratch the surface of; including gaining an understanding of the value and risks they present. In the case of the DAO that risk was around $200M. This made the DAO hack almost as high profile of an incident as Bitcoin’s MtGOX hack.
While the attack itself is unfortunate; by being so high profile it will increase the awareness of such vulnerabilities and result in greater diligence in smart contract creation. Specifically, I believe it will lead to the creation of better tooling to help avoid this in the future. A few examples that come to mind are:
- Tools to analyze the lifecycle of smart contracts
- Linters that look for known pitfalls
- Development frameworks that help ensure best practices
- Automated testing frameworks
Mistakes in the Ethereum network are recoverable
Within three hours of the attack the Core members of the Ethereum Team proposed a plan to return the lost funds. When the MtGOX hack occured on the Bitcoin network $450 million were lost with no attempt to recover those funds, as far as I am aware. This shows that the Ethereum community has the ability to not only learn from mistakes but react to correct them. Some argue that this is proof that Ethereum is not decentralized, but instead highly centralized. I believe this could not be further from the truth. Although this update will come from centralized channels, it is completely optional that the members of the community accept this new software. Furthermore, it will take a majority of the miners to install a new client in order to revert the attack on the DAO. This leads to my last point:
The Ethereum community can prove it has the ability to work together
There has already been an outpouring of support for the recovery of funds. On the other hand some members of the community believe that the contract executed as it was written and it’s the DAO member’s fault for falling victim, which is a valid argument. Regardless of the decision the majority makes, the debate is healthy and constructive.
I personally believe we should work towards reclaiming the funds lost, not only to make right the mistake but prove the ability of the network to adapt and recover. If we are able to recuperate the funds it provides evidence that even if mistakes are made on the platform the community can come together and resolve those mistakes, but only when the majority approve.
Conclusion
We are still in the early stages of recovery from this incident and how it will be resolved has yet to be determined. I support whatever decision the community comes to on this issue, because the community is what sets this platform apart. Together we are strong and this will just be a minor blip in the history of Ethereum!
