Amidst all of the buzz about the hacking of the DAO and the consequences for Ethereum, everyone seems to be missing...

Amidst all of the buzz about the hacking of the DAO and the consequences for Ethereum, everyone seems to be missing…

Reading Time: 1 minute

Amidst all of the buzz about the hacking of the DAO and the consequences for Ethereum, everyone seems to be missing the most crucial point of all.

The Ethereum Foundation stated quickly on its website that they identified and effectively froze the hacker’s account. Also, Stephan Tual (the founder of Slock.It, the group that created the DAO) said:

“All stolen funds will be retrieved from the attacker.”

Now if you change the “will” to “can” in that sentence you get an interesting and crucial new reality:

“All stolen funds can be retrieved from the attacker.”

https://blog.p2pfoundation.net/ethereumdao-hack-proves-better-banks/2016/06/18

21 comments

  1. That’s actually incredible.

  2. I found this a bit of a powder puff piece that glossed over a lot of serious issues with the Ethereum model.

  3. Gregory Esau – what are those issues?

  4. This has some actual meat on the bones, from someone more qualified to provide analysis:

    https://www.coingecko.com/buzz/21-ceo-balaji-srinivasan-3-downsides-ethereum

  5. That’s a good piece, Gregory Esau​. I guess my question though is whether it’s fair to compare these two systems, given that Ethereum is trying to do something much more complex. Much of his criticism seems to come down to that, it seems to me.

  6. What’s the minimum member of steps to buy in these days?

  7. That’s certainly true, Gideon Rosenblatt .

    My concerns, and I’m reflecting those of others with much deeper knowledge, is that given the complexity, Ethereum is not drawing from a broad enough, deep enough knowledge base. I’ll stop short of ascribing groupthink, but it’s a natural problem that arises when tackling complexity.

    The ever insightful Lee Bryant also offers up something more meaty than the Paul Hartzog piece:

    http://shiftbase.net/blog/2016/06/21/the-dao-is-not-the-tao/

    “The story has unsurprisingly attracted a lot of commentary. Wired wrote about “A $50 Million Hack Just Showed That the DAO Was All Too Human”; but my favourite is Matt Levine’s insightful analysis, which digs into the question of contractual intent versus technical execution and reminds us that the messy, imperfect and overlapping world of legal institutions that govern contract law has evolved to protect us against clever technical exploits that go against the spirit of an agreement. He also pointed out a curious aspect of the story, which is that even some participants who stand to lose money argue that any attempt to fork the DAO to rollback the transactions would be wrong and invalidate the very notion of the DAO”

    If Ethereum and other blockchain constructs are going to be a crucial part of the fabric of infrastructure for a next generation society, these technologies and their designers have to embrace the concerns and criticisms that will naturally arise.

    They also have to design for a world as it is, not as they wish it to be. If not, they will have a very, very limited impact on the world.

    All major banks, and numerous other extremely well financed institutions are creating blockchain products. That is what Ethereum is competing against, whether they like that are not. The world will wind up running on those technologies, not Ethereum, not Daos.

    Either they embrace that reality, and significantly up their game to compete in that real world, or they will become a marginalized, insignificant footnote of history.

    That’s my greater concern.

    Darius Gabriel Black , I hope the two links I posted in my comments here help indicate what sort of concerns and issues that I am seeing surfacing regarding Ethereum.

  8. Deeper issues. Using the term “hack” is also highly misleading, as this was an exploit, perfectly allowable by the code, to transfer Ether to a “child DAO”.

    This Bloomberg article does a nice job of sorting out what happened and why:

    http://www.bloomberg.com/view/articles/2016-06-17/blockchain-company-s-smart-contracts-were-dumb

    “If you invest your Ether in a smart contract, you’d better be sure that the contract says (and does) what you think it says (and does). The contract is the thing itself, and the only thing that counts; explanations and expectations might be helpful but carry no weight. It is a world of bright lines and sharp edges; you can see why it would appeal to libertarians and techno-utopians, but it might be a bit unforgiving for a wider range of investors.”

    But lets not just take that quote, out of context of a much richer piece, it must be read in its entirety.

  9. Finally:

    Ethereum meets actual legal expertise:

    https://www.linkedin.com/pulse/law-dao-evening-ethlondon-notes-jamie-burke?trk=pulse_spock-articles

    Last night five lawyers braved an Ethereum meetup here in London to discuss the legal status of DAOs and smart contracts.

    Firstly Stuart Mast (the host and a securities lawyer) did a great job to this put this panel together. I personally think it’s very important the blockchain developer community are aware of the legal implications of DAOs and smart contracts more broadly. What they choose to do with that information is entirely their prerogative but as we shall see certainly not a right.

    The event spoke directly to the fact many in the early Ethereum developer community, like the Bitcoin community, have had little direct exposure to corporate law, regulated activities and various corporate structures. And why would they?

    The most important point to highlight was claiming ignorance of various local laws, be they common or corporate, will not constitute a defence should things go wrong. Remember generally law is there to protect various stakeholders from bad actors.

  10. And as a final FWIW, while the account may be frozen, it is still very unclear as to whether that money can be recovered legally, as legally the perpetrator did not break a law, but rather executed a transaction as allowed by the DAO code.

    That person(s) may be legally entitled to those funds, and may be able to sue to ensure the funds return to the “Child DAO”.

  11. Great, great comments Gregory Esau​. You have clearly been digging into this topic quite deeply, which makes sense given your long-standing interest in distributed networks. Thanks for sharing.

  12. In general law, a Decentralized Autonomous Organization comes closest to the model of a general partnership, and will likely be treated as such in most any court of law. (see recent video with +Andreas Antonopoulos interviewing legal experts about this question.) Link starts around the 17 1/2 minute mark:

    ).

    Summary: A General Partnership implies that all members are partners and legally and morally expected to operate in the best interests of the partnership. This exploit is clearly not in the best interests of the whole, but one of self-interest.

    Ramble of observations follows:

    Watching the huge crypto-currency community response to fixing this is awe-inspiring. A collective spontaneous army proposing and refining ideas, then feeding them through the filter of consent, I think, is the most important part of this experiment.

    Should this version of the DAO (or even that of Ethereum), fail, the next version will be brimming with insights gained from lessons learned. This is the essence of the recursive anti-fragility model that is emerging.

    Replacing corruptible mediaries with distributed machine-enforced consensual rules is a far more sound way of handling transactions.

    Shared-resources have always fallen prey to individuals acting out of self-interest and contrary to the common good. This ‘Tragedy of the Commons’ has haunted the human race from the dawn of civilization. Ethereum is the boldest attempt to replace the ‘Tragedy of the Commons’ with distributed consensus mediated by machines running explicit rules. The underlying blockchain fundamentally engineers uninvited mediaries out of transactions.

    The present difficulties of Ethereum and specifically those of the decentralized applications it is capable of spawning, are simply the birth struggle of this emerging alternative. It will clean up because it is systemically more efficient, economical and ecological.

  13. Should this version of the DAO (or even that of Ethereum), fail, the next version will be brimming with insights gained from lessons learned. This is the essence of the recursive anti-fragility model that is emerging.

    The model of replacing corruptible intermediaries with distributed machine-enforced consensual rules is a far more sound way of handling transactions.

    That was more or less my take on it.

  14. Replace the EU with a DAO.

  15. For both professional and matters of personal interest, Gideon Rosenblatt , I’m finding this very fascinating. As Ted Holmes gets at, the “immune response” is very symptomatic of the community approach, which is impressive.

    As a proponent of open source systems, Ethereum , and the blockchain in general, there are still extreme limits to what these approaches to the technology can have.

    Arthur Brock writes with the necessary expertise on the limitations of the consensus oriented approach here:

    https://blog.p2pfoundation.net/arthur-brock-blockchains-major-design-flaw/2016/03/15

    Particularly, I agree with this:

    Agents not Coins:

    Instead of starting with cryptographic coins or tokens as the fundamental thing that exists, start by having the agents/people/organizations (or their signatures and account IDs) be the primary things that exist. When each person has a copy of the process needed to participate, and their records are stored with intrinsic data integrity, that enable two people to perform a transaction without requiring approval or consensus of anyone else.

    Darius Gabriel Black , I appreciate your optimism and enthusiasm for the potential of the DAO, but a “DAO” EU would be an absolute nightmare!!

  16. This is a superb bit of philosophizing, and really should be read to more fully frame what’s going on with Ethereum, Bitcoin, and the limits of “decentralization”:

    https://blog.p2pfoundation.net/why-networks-are-states-that-need-democratic-government/2016/07/03

  17. I saw that post this morning (I follow Michel both on FB and here), and my first thought was the decentralized governance, and the blockchain/DAO itself, has the potential to be an intrinsic for of governance.

    What I mean by that, is just as nuclear DNA exists within every cell (distributed), so too can we model distributed governance. That is, we can create a “DNA” of governance, that is distributed through the blockchain to every ‘cell’ (agent – human or AI).

    “Distributed governance” may be a better term for it than ‘decentralized’, as decentralization is just one attribute or property that doesn’t fully capture it’s essence.

  18. I place a lot of hope in distributed systems, Darius Gabriel Black , it’s the basis of my business, and my efforts for the next generation of society.

    Blockchain will be a part of that, but these are what I call socio-economic-technological systems, where designing such systems have to very carefully continuously bridge from old to new.

    Getting that DNA into each ‘node’ is far far trickier than it might seem. That is something I’ve come to have an enormous amount of respect for over the last decade.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Sign up here for the latest articles. You can opt out at any time.


Subscribe by email:



Or subscribe by RSS:

Subscribe-by-RSS---Orange-Background
%d bloggers like this: