The DAO is History… or is it?

Not many understand what happened with the DAO hack . This should not come as a surprise considering an average crypto holder does not have the necessary technical background to understand it. And NO, Ethereum network did not reverse any transactions, what they did is much worse.

To understand the situation it is important to have a picture of the system as a whole. For that reason I’ll start by explaining the main blockchain concepts in layman terms — the details are left out as they are not needed to understand the DAO case.

Blockchain

A Blockchain is just an ordered sequence of transactions. One slightly odd thing is that transactions don’t get added individually but rather a set of them is packed together in something we call a Block. Users around the world submit transactions to be included in the blockchain and once a new block gets added to the chain so do their transactions.

So a blockchain is nothing more than a timeline of transactions with some really cool properties:

  • It is a distributed network meaning that it’s really hard to shut it down or hack it because there is no single point of failure/attack
  • Nobody is in charge. You don’t have to trust an intermediate actor to handle your transactions, it is done by the whole network together, so you only have to trust that the majority of the network is not acting bad

For the purpose of understanding the DAO fork you don’t need to understand how blocks get created.

Transaction

By now we know that people can submit transactions to be included in a block so lets define what a transaction is.
Transaction is a transfer of value ‘X’ from wallet ‘A’ to wallet ‘B’.
We now have to ask ourselves who can submit such transactions? If anyone can submit any transaction then I’m able to submit one that takes money from your wallet and transfers it to mine. Such a world resembles a kindergarten far more than a mature financial system. We need a system around this to prevent living in such chaos.
Enter cryptography magic
Each wallet comes with a special pen that is unique to that wallet. The transaction is only valid if it is signed with the sender’s wallet(A) unique pen, thus confirming the funds can be moved to the receiver’s wallet(B). If the signature is valid then the transaction gets processed. This is the only thing that keeps us separated from the world that is broken and useless.

Robotized Wallets aka Smart Contracts

Compared to Bitcoin where a wallet can only be controlled by a user (not entirely true), Ethereum network has ability for a wallet to be controlled by computer code — we call the uploaded code a Smart Contract — that is publicly available on the blockchain for anyone to read. When the code is written and submitted to the blockchain anyone is able to interact with it and it is guaranteed that the code will be executed exactly as specified in the contract because in this world the CODE IS LAW and the network doesn’t care about human interpretation of its execution.

There are many contracts written on the Ethereum blockchain but one played a huge role in Ethereum history — The DAO contract. The contract was written by a company named Slock. started by a former Ethereum CCO Stephan Tual. For the purpose of understanding the issue, it doesn’t really matter what the code did, the important take away is that it was just one of the many contracts deployed on the Ethereum network.

The DAO Hack

On June 17th someone posted on reddit that DAO contract is getting drained.
https://www.reddit.com/r/ethereum/comments/4oi2ta/i_think_thedao_is_getting_drained_right_now/

Around 4 million Ether was drained from the DAO contract due to a recursive call bug in the contract code which amounted to roughly 150M$. It is important to keep in mind that the bug was not a part of the Ethereum network itself but rather a badly written contract that was deployed on the network, so the network itself was functioning normally. One could argue that the hacker did nothing wrong — someone claiming to be the DAO hacker made such argument in a public pastebin note

I have carefully examined the code of The DAO and decided to participate after finding the feature where splitting is rewarded with additional ether. I have made use of this feature and have rightfully claimed 3,641,694 ether, and would like to thank the DAO for this reward. It is my understanding that the DAO code contains this feature to promote decentralization and encourage the creation of “child DAOs”. I am disappointed by those who are characterizing the use of this intentional feature as “theft”. I am making use of this explicitly coded feature as per the smart contract terms

Ethereum was sold as a code is law network so nobody would ever think of forking to return the funds from a badly written contract because this breaks the code is law principle, right? After all many contracts have been hacked and nobody ever thought of forking to save people’s money — Why are we even discussing this?

Nevertheless a fork was considered by the Ethereum Foundation.

Rescuing DAO Funds — Hard Fork Implementation

A lot of people say that Ethereum reversed transactions but this is not true. So if they didn’t reverse them, what did they do? Lets take a look at the actual hard fork implementation in go-ethereum aka Geth client.

Call a function for custom state changes if the block is the DAO hard fork block — https://github.com/ethereum/go-ethereum/blob/master/core/state_processor.go

The function Process processes the block by applying its transactions if they are valid (reminder: a transaction is valid if it is signed with the sender’s special pen). We can see another condition that checks if the block is ‘the DAO fork’ block (the dao fork block has a specific position in chain-1920000) in which case it executes additional function called ‘ApplyDAOHardFork.

A list of around 100 addresses from which we take money without their consent — https://github.com/ethereum/go-ethereum/blob/master/params/dao.go
Takes the money from predefined addresses and moves it to some other account — https://github.com/ethereum/go-ethereum/blob/master/consensus/misc/dao.go

The code takes money from a list of predefined wallets and moves it to another wallet. And it does all by skipping the special pens. By altering the state directly it is possible to move money around arbitrarily without any signatures meaning the money can be moved without the owner’s consent. This is what worries me, because it puts us to the state we talked about before, a world of chaos where money can be moved without the owner’s approval.

Reversing a transaction is a horrible idea but this is just so much worse because when you reverse a transaction you can at least be sure the transaction happened in the past and was signed with the sender’s special pen. This puts a limit to what you can do — you can’t reverse something that never happened, you can only reverse actions that were already done and were approved by the network.

If you allow to bypass the cryptographic security layer it takes you back to the world where it is possible to transfer any amount from any address to any address. The ability to change the state directly is much more powerful than a simple reverse and the Ethereum Foundation showed they are capable of doing this based on a very poorly executed voting — and they knew it.

Carbon Vote

Carbon Vote was an unofficial way to express your opinion regarding the DAO fork. Each vote was weighted by the amount of Ether the address owned. Such voting needs a timestamped freeze of some sort or it can be vulnerable to the ‘move attack’ meaning a single user could vote multiple times by moving the Ether to another address. I might be wrong, but I think that the Carbon Vote was vulnerable to this attack at that point in time.

Although at first it was said the vote is unofficial it was later used to come to a conclusion that ‘The community clearly decided to hard fork’.

No. This was not a community decision and here is why

  1. 72 million Ether was premined and at the time of the DAO hack there was around 82 million in circulation. Both Ethereum Foundation and Slock had a lot of ether to vote and considering the possible legal consequences it is almost expected of them to vote for forking
  2. The distribution of coins was so bad that it makes little sense to call any voting result a community decision — the DAO fork votes confirm this as 25% of votes came from a single address
  3. People that invested in the DAO had a higher incentive to vote compared to those that didn’t. It is somewhat safe to assume that most of people who invested in the DAO contract voted for forking — its kind of a self bailout that should not be allowed
  4. Less than 6% of ether holders took part in voting — many didn’t know the voting took place or didn’t know how to vote

The results of the vote can be seen here along with the addresses that voted http://v1.carbonvote.com/

As mentioned above Carbon Vote ended in favor of Hard Fork and this seemed like a convenient excuse to use hard fork as a default option for the node clients although historically speaking clients were set defaulting to non forked version as can be read from excerpts from ethereum book

Historically Hard Forks are opt-in (ie. Bitcoin) and a non-vote is a no vote.

Ethereum Split

After the hard fork block hit the network, everyone expected the original chain to die as everyone moves to the new chain however much to everyone’s surprise the interest in the old chain with no ‘illegal’ state changes was bigger than expected — including Ethereum Foundation. The original chain with untampered history became known as Ethereum Classic (ETC) and despite all the hate it received from the community it managed to survive. Soon after the fork went live a community started forming around the old chain. Many started contributing to the open source projects on github and a separate subreddit started to attract people that felt the hard fork was a mistake.

I’ll admit that the DAO situation was not an easy choice to make and a part of me is happy the Ethereum forked as I am sure they’ve done a huge favor to a lot of irresponsible investors. In the end the DAO Hard Fork has shown us two things:

  1. They can break the ‘code is law’ rule
  2. They can ignore the special pens if they choose so

One could argue it was for greater good of the network but it quickly became a network I can’t trust.

But, but… The DAO is so 2016!

The hacks are not over and they never will be. Some believe that the DAO fork didn’t set a precedent, I think it did. Predictions that Ethereum will face problems in the future because of similar situations came true. Lately we were able to follow a public discussion and voting about restoring funds that were lost due to a bug in Parity’s multisig Smart Contract. The voting — albeit unofficial — results showed that 55% of votes were against restoring the lost funds with a total of 330 votes for ‘No’ making an average vote holding 6600 Ether suggesting a similar issue of ‘whale voting’ as was observed in the DAO case.

I personally don’t care about the voting result, but the fact that the proposal(EIP 999) was even considered shows that something has changed. Had someone opened an Ethereum Classic proposal with a similar request it would have been closed soon after and the reason would be ’the contract worked exactly as specified’. It turns out the DAO was not a single case as now a similar situation emerged that is around 8 times smaller and we are still not sure what the outcome will be. Perhaps there really were two Ethereums from the very beginning and the DAO split put the like-minded people in the same bucket.

Sometimes it’s best NOT to use your ‘illegal’ super powers or everyone will expect you to use them next time as well.

Fast forward 2 years ETC is still alive and now past the initial recovery phase. The fact that it not only survived but is doing quite well leaves me with a feeling that it has one of the most resilient communities in the cryptocurrency space. I believe it has a bright future and it is only starting its engines. It still receives some hate over the social media websites but that is mostly because people don’t really understand the case for it — it is often labeled as an attack on Ethereum by the Bitcoin maximalists. They could not be more wrong. Ethereum Classic is merely a subset of Ethereum community that takes immutability for granted. ツ

Ethereum defined a new world with its own laws and rules. Changing those retroactively to save a certain group of people should not be tolerated.

Despite the somewhat ugly history I wish both networks well and I think they can learn from each other and possibly cooperate. I’ll end with a reply to the tweet I started with

Couldn’t have said it better myself (⌐■_■)

Other DAO Related Resources

Trader describing The DAO situation
https://medium.com/@WhalePanda/ethereum-chain-of-liars-thieves-b04aaa0762cb

A funny DAO parody
https://medium.com/@WhalePanda/the-complete-story-of-ethereum-so-far-b85ba182bb35

Contracts, Code and Complexity
https://elaineou.com/2016/06/19/contracts-code-and-complexity/

Ethereum book chapter on forks
https://github.com/ethereumbook/ethereumbook/blob/3a21b603899e27427ca64fc5d3fd57af96a3cbd8/forks-history.asciidoc