神刀安全网

Etherium/TheDAO hack simplified

The news in the Bitcoin world is the Ethereum/DAO hack. I thought I’d write up a simplified explanation.

What is Bitcoin?

I’m sure you know, or have an idea what Bitcoin is, but I’ll explain it again in terms that are important here.

Bitcoin is just a public ledger (the "blockchain"), of all transaction there ever was. This ledger is huge (80-gigabytes) and growing, but Moore’s Law says computers grow even faster, so that shouldn’t be a problem.

Each entry in the ledger says to move the coins received in these previous entries, and give them to this recipient. In other words:

move these coins I received there, to this guy here

In the future when that guy spends the coin in a new transaction, he’s refer back to this transaction here. That’s why it’s called a "chain" — every transaction refers to a previous one, back to the original creation of the coins.

Actually, these transactions aren’t fixed as simply moving money around. Instead, a script is used, written in  a bitcoin-specific programming language that can do things like add, multiply, and compare numbers. However, it’s not a full programming language. It can’t call functions or execute loops. It’s complex enough to do allow some creativity, such as allowing transactions to be escrowed by a third party, but it can’t do much more than that.

What are alt-coins?

After Bitcoin took off, other people started to create their own variations.

Most of these variations have offered no meaningful improvement over Bitcoin. They instead are just popular among speculators who pump and dump, hoping to buy in at a low price and sell to some fool at a higher price.

There are only two alt-coins that have actually made an improvement: ZeroCoin and Ethereum. ZeroCoin works by making transactions anonymous. Ethereum is the alt-coin that is being discussed here.

What is Ethereum?

Ethereum is a variation of Bitcoin that uses a full programming language instead of a simple scripting language. The reason for this is that Ethereum supports smart contracts .

Let’s say that we want to organize a small conference. We need 100 people to sign up and pay/deposit money, so we can rent a hotel and such. But if not enough people sign up by a certain date, then the deposits need to be refunded. Wither Ethereum, we can write in a JavaScript-like language to code up this contract. It’ll guarantee that everyone will get a ticket to the conference, or everyone will get their money refunded.

That’s a simple example. The possibilities are endless, which has got a lot of people really excited. Which, of course, makes the believers insufferable among non-believers in the system.

What is The DAO?

DAO stands for decentralized autonomous organization . It’s notionally like the example above for getting funds for a small conference, except that it includes much more. Members buy shares in the DAO, and according to the number of shares they have, can vote on things. The dreamers have the idea they’ll run entire countries this way.

There are many types of DAOs on the Ethereum blockchain, but one in particular is TheDAO , which is some sort of DAO-based mutual-fund/investment-fund. You buy in, vote on which investments the fund should make, then reap the returns.

This investment scheme has gobbled up 10% of Ethereum coins, or $100 million worth out of Ethereum’s $1 billion ecosystem.

When you want to leave the fund, you split from it. This includes your share of unspent Ethereum coins, but also tokens representing returns on investments you were part of, but which haven’t yet paid out. That’s why you "split" rather than "cash out", you need your own DAO shard to track those investments until they pay out.

How did The DAO get hacked?

When a member exits the investment scheme, they call the function name  splitDAO() . There are two issues.

The first is that the member will supply some of their own code with the transaction. Among the things that code will do is tell the DAO code how to transfer Ethereum coin. It’s a necessary feature, part of Bitcoin as well.

The second issue is that Ethereum code is recursive . That means when a function is running, it may call itself a second time.

The bug is that while splitDAO() will call the recipients code to transfer Ethereum coin, after which the recipients code will call splitDAO() before returning. This causes the process to repeat itself, transferring more Ethereum coin, then calling splitDAO() again. The process will continue endlessly, until it drains all of TheDAO’s coin.

When you  split like this, they still force you to wait 27 days before you get your Etherium coin. Thus, the hacker doesn’t actually have use of it for another month.

How can they  recover the stolen money?

They can’t — at least not without destroying the entire principle of cryptocurrancies. It’s like trying to cure cancer with a Howitzer.

One solution is to roll-back the blockchain before the theft. Of course, that means screwing over everybody who made a transaction since then. You’d be screwing people out of $1 million in order to compensate the theft of $100 million. This is, of course, the type of corrupt thinking that gets us into banking failures in the real world, as we screw over everyone else in order to protect those banks who are too big to fail.

Another solution is to update the Ethereum code to blacklist this address, or better yet, insert a magic key that will give control over those funds back to TheDAO.

The problem with changing the code is that it forks the blockchain. Transactions are added to the chain by miners — a decentralized group of people. It can include you, if you want to run mining software on your computer. Those miners who update their code to the change will be working off a different blockchain than those who don’t. The blockchain will repair itself if 51% of the miners update to the latest code (a soft-fork ), but it’ll be hopeless broken if they don’t (a hard-fork of two irreconcilable chains).

What does this all mean?

I’m a crypto-anarchist. The entire point of cryptocurrencies to get around corrupt humans. And that’s what trying to repair this problem is — corruption. It’s tacit acknowledgement that TheDAO deserves special treatment that would not be given to smaller makers of contracts that have similar recursion bugs. It’s a profound betrayal of trust that those maintaining the code would even consider helping TheDAO.

Obviously, the complexity of Ethereum is a huge security issue that will likely be repeatedly exploited in the future. This "recursion" issue demands that everybody writing contracts needs to write code extraordinarily carefully. In hindsight, it’s obvious that recursion shouldn’t have been an allowed feature, but it likely can’t be fixed now without a hard-fork . Also, in the future, we’ll likely see additional problems as dangerous as the recursion issue.

The fascinating thing now is that in the past, people hired lawyers to review complicated contracts. In the future, they’ll need to hire hackers. After a contract is signed, I’m now motivated to hire a very good hacker that will keep reading the code until they can find some hack to my advantage.

In any case, the original concept of TheDOA is useless utopian nonsense. The original Bitcoin was created by people who actually understood a lot about currency. TheDAO was created by people who are hopelessly naive about investing, who then put it in the hands of trained monkeys. This wasn’t "wisdom of the crowds", as they proposed, but "ignorance of the mob". If the hacker hadn’t put a stop to this nonsense, it would have slid into some sort of Ponzi scheme, getting its creators arrested a couple years from now.

转载本站任何文章请注明:转载至神刀安全网,谢谢神刀安全网 » Etherium/TheDAO hack simplified

分享到:更多 ()

评论 抢沙发

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址