The rise of the Dark DAO
Here you can see visually what happened in the ethereum transaction network during the attack on The DAO. This blog post will be updated frequently.
Currently I’m updating the graph to reflect the insights in this analysis. Please be patient.
I have moved on to another project for the moment. I’ll be back on this in the next couple of days. Sorry — it’s all happening very fast. The graphics will be back!
Today a new force has risen: “The Dark DAO”. If you don’t know yet what this is all about, read this and this.
Now that it has turned out that The DAO was also a huge multi-million bug bounty program — here is a quick update for those who want a visual of what happened to the network in the first hours after the draining started.
Useful information
- Creator of the malicious DAO: 0x4a574510c7014e4ae985403536074abe582adfc8
- Start of the drain: 2016–06–17 03:34:48 UTC, block 1718497
- The malicious child DAO aka “The Dark DAO”:0x304a554a310c7e546dfe434669c62820b7d83490
- Malicious token holders aka “Dark token holders”.
These are the accounts that control the malicious DAO:
0xc0ee9db1a9e07ca63e4ff0d5fb6f86bf68d47b89 0xf835a0247b0063c04ef22006ebe57c5f11977cc4 - Curator of the malicious DAO and creator of the malicious proposal: 0xb656b2a9c3b2416437a811e07466ca712f5a5b5a
- The malicious proposal from which the attack was launched:
#59, aka “lonely, so lonely”, 2016–06–08 05:38:01 UTC, before the recursion call bug went public on 2016–06–10 - Voted Yes (same as the malicious token holdes):
0xc0ee9db1a9e07ca63e4ff0d5fb6f86bf68d47b89
0xf835a0247b0063c04ef22006ebe57c5f11977cc4 - Voted No:
0xca8e11c876180c9f2115fa61fe2a1a3a6f66ebaf
0x347c28ef5487b37a8e03040653a739f19b986b2d - Recipient as stated in the malicious proposal (same as curator): 0xb656b2a9c3b2416437a811e07466ca712f5a5b5a
The analysis was conducted with the help of this wonderful data source. Thank you nickjohnson!
A notice to readers
This is all happening just right now. Please don’t draw fixed conclusions too quickly. None of the accounts mentioned in this block are necessarily malicious. Also, I’m wrong sometimes. Maybe there is a mistake in the analysis. Please keep that in mind. Thank you.