Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
The DAO
Attack
Pablo Fernández Burgueño
Abanlex
@Pablofb_en
The DAO attack
 ‘The DAO’ has been
hacked.
 The code of The DAO was
the only contract
 The code has a
vulnerability.
 ...
Ethereum & Smart Contracts
 Ethereum  Network
 6,000 computers running ethereum blockchain
 It allows people:
 To exc...
DAO  Decentralised
Autonomous Organization
 Non hierarchical
 For profit vehicle
 Based on a smart contract
 Code = C...
How a DAO works
 Smart contract (software)
 Can run an organization
 It has to be uploaded to the blockchain
 Initial ...
Tokens – Share capital
 Tokens are not equity shares
 Tokens are contributions to the DAO
 Tokens give people voting ri...
The DAO
 The DAO
 Name of a particular DAO
 Conceived of and programmed by Slock.it
 Launched on 30th April, 2016
 So...
The DAO’s vulnerabilities
 Code vulnerable, as every software
 Secure code  X %
 Unsecure code (or weakness)  Y %
 K...
The Weakness
 Weakness:
 Function Split proposal = reward + update
 Purpose of this function: split because someone
 d...
The Attack
 The attack started by Saturday, 18th June
 The attacker creates a split proposal loop
 Reward + no update +...
Solutions to the hack
 Possible solutions to the hack:
 Hard-fork of Ethereum: to rollback the Ethereum Blockchain to
a ...
Was an attack or an intelligent
hack?
 Attack (or intelligent hack?)
 The attacker explode the weakness
 He drained ETH...
Which law rules The DAO
 Law and jurisdiction for the case of an attack:
 Iraq law? US law? Spanish law? French law?
 T...
@Pablofb_en
Lets think about the solutions
 Solution to DAO attack
 Not to do anything
 To call Vitalik and to ask him to fix it
 ...
Attacker answer*
 Attacker answer:
 The attacker published a note* on Twitter about the
attack.
 Hard fork
 He could n...
The attacker letter
 ===== BEGIN SIGNED MESSAGE =====
To the DAO and the Ethereum community,
 I have carefully examined ...
The attacker letter
 I am disappointed by those who are characterizing the use of
this intentional feature as "theft". I ...
The attacker letter
 Nothing in this explanation of terms or in any other
document or communication may modify or add any...
The attacker letter
 to the extent you believe there to be any conflict or
discrepancy between the descriptions offered h...
The attacker letter
 A soft or hard fork would amount to seizure of my legitimate
and rightful ether, claimed legally thr...
The attacker letter
 I reserve all rights to take any and all legal action against any
accomplices of illegitimate theft,...
Who’s the bad guy?
 The attacker (Is he/she a good or bad hacker?)
 He analysed the back door or weakness
 He verified ...
Pablo Fernández Burgueño
@Pablofb_en
www.pablofb.com
Abanlex
www.Abanlex.com
@Pablofb_en
Upcoming SlideShare
Loading in …5
×

The DAO attack - Ethereum

911 views

Published on

Description of The DAO Attack from a technical and a legal perspective. What a DAO is, Smart contracts, transactions, the attack and more.

Published in: Law
  • Be the first to comment

The DAO attack - Ethereum

  1. 1. The DAO Attack Pablo Fernández Burgueño Abanlex @Pablofb_en
  2. 2. The DAO attack  ‘The DAO’ has been hacked.  The code of The DAO was the only contract  The code has a vulnerability.  The hacker has drained more than 3 millions ethers.  The amount is between $45-60 millions. @Pablofb_en
  3. 3. Ethereum & Smart Contracts  Ethereum  Network  6,000 computers running ethereum blockchain  It allows people:  To exchange tokens of value (ethers)  To write an published Smart Contracts  Smart Contracts  Where are they? In the network  How to put them there? Writing the code in the “data” space of a specific transaction  How to execute them? By sending ethers to them @Pablofb_en
  4. 4. DAO  Decentralised Autonomous Organization  Non hierarchical  For profit vehicle  Based on a smart contract  Code = Contract law  “The code is the law”  Stands alone  Self-executing  Subject to no human interference @Pablofb_en
  5. 5. How a DAO works  Smart contract (software)  Can run an organization  It has to be uploaded to the blockchain  Initial funding period (Crowdsale or ICO):  People purchase tokens  Each token represent ownership  The DAO begins to operate:  People can make proposals to the DAO on how to spend the money  Members can vote to approve these proposals @Pablofb_en
  6. 6. Tokens – Share capital  Tokens are not equity shares  Tokens are contributions to the DAO  Tokens give people voting rights  Each token can be exchange into ethers  Ether  cryptocurrency from the Ethereum Network  1 Ether similar to 1 bitcoin  1 Ether = $21 @Pablofb_en
  7. 7. The DAO  The DAO  Name of a particular DAO  Conceived of and programmed by Slock.it  Launched on 30th April, 2016  Society binding rules (contract)  code  Code based on Ethereum’s rules  Code can work only on the Ethereum Network  Code  Program = Possible vulnerabilities  Funded: $150MM (more than 11,000 members) @Pablofb_en
  8. 8. The DAO’s vulnerabilities  Code vulnerable, as every software  Secure code  X %  Unsecure code (or weakness)  Y %  Known vulnerabilities  Some of them were published on forums  Vulnerability: "recursive call bug" 12th June Stephan Tual one of The DAO’s creators "no DAO funds at risk“, said Stephan Tual. @Pablofb_en
  9. 9. The Weakness  Weakness:  Function Split proposal = reward + update  Purpose of this function: split because someone  doesn’t agree with a proposal  wishes to withdraw funds  This part of the code wasn’t prepared for a race condition: 2 or more simultaneously operations  Some of the code was audited, some not:  Some code review happened on github.  The problematic code wasn't audited.  Consequence: Distrust in the smart contract code @Pablofb_en
  10. 10. The Attack  The attack started by Saturday, 18th June  The attacker creates a split proposal loop  Reward + no update + reward + no update + …  The attacker  drained more than 3.6MM ether into a “child DAO”  stopped voluntarily  FAIL: All the ether was in a single DAO’s address  That attack, or another, could continue at any time. @Pablofb_en
  11. 11. Solutions to the hack  Possible solutions to the hack:  Hard-fork of Ethereum: to rollback the Ethereum Blockchain to a time before the attack.  Soft-fork: By censoring or ignoring instances of the address of ‘the attacker,’ a soft-fork could be used to reclaim the lost funds.  Nothing: The funds could remain lost.  Two legal problems  1st Problem  Is the code a legal contract?  2nd problem  no law can be easily applied @Pablofb_en
  12. 12. Was an attack or an intelligent hack?  Attack (or intelligent hack?)  The attacker explode the weakness  He drained ETH 3.6 MM (millions) $45-60MM  Is this against law?  Which law?  Remember that The DAO:  is based in a freedom idea  is constituted on ethers (international cryptocurrencies)  Has, as partners, thousands of unidentified members  The partners are from all over the world @Pablofb_en
  13. 13. Which law rules The DAO  Law and jurisdiction for the case of an attack:  Iraq law? US law? Spanish law? French law?  Terms & Conditions Predefined law (ab initio) Possibly against Ethereum’s freedom standards  Free of cost clause creator  3rd private (anonymous or not) decision from an arbitrator  DAO members decisions  legal uncertainty @Pablofb_en
  14. 14. @Pablofb_en
  15. 15. Lets think about the solutions  Solution to DAO attack  Not to do anything  To call Vitalik and to ask him to fix it  How to fix the weakness:  Soft fork  freeze assets Freeze contract with specific hash code Blacklist transactions to the eyes of the minors  Vote: majority consensus Not to do anything Hard fork  forfeit assets (not a bailout but a seizure) @Pablofb_en
  16. 16. Attacker answer*  Attacker answer:  The attacker published a note* on Twitter about the attack.  Hard fork  He could not use what he legally has  He will pursue the case and demand his rights in courts  No to do anything decision:  He will reward miners with ETH 1 MM ($12m) * It is not sure yet that it was the actual attacker the one who published the note. @Pablofb_en
  17. 17. The attacker letter  ===== BEGIN SIGNED MESSAGE ===== To the DAO and the Ethereum community,  I have carefully examined the code of The DAO and decided to participate after finding the feature where splitting is rewarded with additional ether. I have made use of this feature and have rightfully claimed 3,641,694 ether, and would like to thank the DAO for this reward. It is my understanding that the DAO code contains this feature to promote decentralization and encourage the creation of "child DAOs". @Pablofb_en
  18. 18. The attacker letter  I am disappointed by those who are characterizing the use of this intentional feature as "theft". I am making use of this explicitly coded feature as per the smart contract terms and my law firm has advised me that my action is fully compliant with United States criminal and tort law. For reference please review the terms of the DAO:  "The terms of The DAO Creation are set forth in the smart contract code existing on the Ethereum blockchain at 0xbb9bc244d798123fde783fcc1c72d3bb8c189413. @Pablofb_en
  19. 19. The attacker letter  Nothing in this explanation of terms or in any other document or communication may modify or add any additional obligations or guarantees beyond those set forth in The DAO’s code. Any and all explanatory terms or descriptions are merely offered for educational purposes and do not supercede or modify the express terms of The DAO’s code set forth on the blockchain; @Pablofb_en
  20. 20. The attacker letter  to the extent you believe there to be any conflict or discrepancy between the descriptions offered here and the functionality of The DAO’s code at 0xbb9bc244d798123fde783fcc1c72d3bb8c189413, The DAO’s code controls and sets forth all terms of The DAO Creation." @Pablofb_en
  21. 21. The attacker letter  A soft or hard fork would amount to seizure of my legitimate and rightful ether, claimed legally through the terms of a smart contract. Such fork would permanently and irrevocably ruin all confidence in not only Ethereum but also the in the field of smart contracts and blockchain technology. Many large Ethereum holders will dump their ether, and developers, researchers, and companies will leave Ethereum. Make no mistake: any fork, soft or hard, will further damage Ethereum and destroy its reputation and appeal. @Pablofb_en
  22. 22. The attacker letter  I reserve all rights to take any and all legal action against any accomplices of illegitimate theft, freezing, or seizure of my legitimate ether, and am actively working with my law firm. Those accomplices will be receiving Cease and Desist notices in the mail shortly.  I hope this event becomes an valuable learning experience for the Ethereum community and wish you all the best of luck.  Yours truly, "The Attacker" ===== END SIGNED MESSAGE ===== @Pablofb_en
  23. 23. Who’s the bad guy?  The attacker (Is he/she a good or bad hacker?)  He analysed the back door or weakness  He verified that exploding the weakness  wasn’t against the code.  Wasn’t against the private law.  Who is liable for any problems that may occur?  The DAO creators for the bug?  The token holders for accepting the risk?  The exploder fulfill the contract?  What do you think about the forks? Is it fair to go against the one who fulfil the contract? @Pablofb_en
  24. 24. Pablo Fernández Burgueño @Pablofb_en www.pablofb.com Abanlex www.Abanlex.com @Pablofb_en

×