The DAO hack shows blockchain is not (yet) the holy grail

By July 18, 2016
Keywords : Fintech, Blockchain, Europe

[Inside Track] The news has hit the crypto-currency universe like a thunderbolt: a smart contract – deemed fully transparent and tamper-proof as it was protected by the much-vaunted Blockchain technology – has been hacked into.

The DAO (Decentralized Autonomous Organization) is a crowdfunding site which is underpinned by the Ethereum Blockchain, but the project promised much more, seeming to offer a model for decentralised governance of all kinds of projects. Now however it has been brought to an abrupt standstill following an incident in mid-June, in which someone exploited an error in the programming of the conditions of the smart contracts used to set up The DAO to withdraw at least $60 million worth of the crypto-currency ‘ethers’ (ETH) out of a total injected capital of $150 million worth of ETH. Nevertheless, according to The DAO rules, the crypto-funds can only be appropriated after 27 days, which gives The DAO investors a month to take action in order to get their electronic money back.

One might have imagined that the Ethereum Foundation would wish to keep a low profile in relation to the incident. However, at the present time The DAO is the biggest Ethereum-based project, accounting for close to 15% of all ETH in circulation. Saving the project is therefore critical if the currency’s exchange rate is to hold up and this particular blockchain system survive. One proposed way of solving the problem and avoiding any pecuniary losses is to alter the Ethereum code so as to blacklist the hacker’s address and reimburse The DAO by using a special key.

Hoist by its own petard?

But a brief examination of this suggestion makes clear the extent of the problem. The whole idea of smart contracts – and their great strength – is that they are supposed to replace fallible human authority by the firm authority of computer code, i.e. managing certification and compliance issues on an automated basis, in full transparency and at a low cost. This is basically the raison d’être of The DAO, whose manifesto decrees that code is law, and that it is not open to interpretation in the way laws drawn up by human beings always are. Finding a ‘fix’ in order to save the venture from ruin actually runs contrary to the whole aim of the blockchain, which is supposed to be immune to anything and anyone that might undermine it, from banks to governments.

So… what is to be done if the code contains an error, as in the present situation?
From an internal point of view – as the hacker insists – the syphoning off of The DAO funds is not an illegal act. All the hacker did was to follow the terms of the smart contract, turning the rules to his/her own advantage in an unexpected way but in full compliance with The DAO’s user conditions. S/he cannot therefore be accused of anything unlawful act. Even worse, from an external viewpoint the organisation has no legal existence. It is a uniquely virtual entity. It is therefore impossible to bring any charges whatsoever against the hacker.

That is the theory. Nevertheless, it is highly likely that such arguments could be challenged in court and that, with a little resolve, a credible lawsuit against the hacker could be mounted. However, The DAO was intentionally set up in such a way as to enable Law to operate independently of Man and the existing legal and administrative structures. Herein lies the main paradox.
A secondary paradox is to be found in the conflict of interest illustrated by the spectacle of the Foundation trying to find a solution to the (mis)appropriation of The DAO funds, when the whole credibility of its blockchain approach depends on the neutrality of the system. However, even though the attack was not directly intended to undermine Ethereum’s reliability, the organisation seems to have little choice but to take action.

Group decision not always the best?

One has to realise that we are talking here about a decentralised system. The solutions put forward by the Foundation and the well-intentioned computer hacker/computer security experts known as ‘white hats’ can therefore not be relied on. In order to modify the blockchain ‘gently’, i.e. by means of a soft fork as opposed to hard fork, a majority of the community – represented by at least 51% of the ‘mining’ power – has to approve the new blockchain configuration and agree to work with it.

Then we face the second big problem that this raises.
The people who validate the blockchain information – known as ‘miners’ – do not work for free. They receive commission on each validation. This ‘carrot’ is necessary to attract calculating power. So, in order to avoid being dispossessed by the 51%, the DAO hacker has now suggested to all the miners that they should refuse the proposed ‘corrective’ update in exchange for a commission that would be a good deal higher than that paid by Ethereum. If this ploy succeeds, the ‘attacker’ might well effectively take control of the entire network.
Fortunately, the ploy has little chance of success. Ethereum has developed a way of avoiding ‘farming’ known as the Ghost protocol, which basically provides that if ether farms exist they must be in the minority for decision-making purposes.

This stratagem then raises the question of miners’ security, which is supposed to be the very backbone of the system. This question is especially relevant in a hypothetical future where blockchains will be widespread, with users no longer just enthusiast-geeks but ordinary citizens who might be more open to corruption. So once again the human factor comes into play.

A further irony is that the defect, among many others, had already been detected and even corrected, without anyone being too concerned about the dangers involved. But the 51% rule prevented the DAO from succeeding in publishing its correction fast, thus leaving many miners out of the loop. Democracy may be the best way to run things but the other side of the coin is that the decision-making process is far longer and often more inefficient than more ‘closed’ decision-making systems.

The hacker as lawyer?

So, whatever we might say about the supposed reliability and inviolability of smart contracts they still carry risks.

This is the alarming conclusion that Bitcoin experts such as Peter Todd drew quite some time ago, and they argue that Ethereum programmers are working in far too open an environment. Writing code does not just mean knowing how to code; it also means having a deep understanding of the possibilities of the language. It is on such security grounds that the Bitcoin Script does not allow smart contracts such as Ethereum’s free and efficient contracts to be drawn up. And this clearly illustrates that smart contracts and the computer language of crypto-currencies is today still at the experimental stage.

At the end of the day one cannot simply be content with the ‘smart’ aspect of a contract and believe naively that a contract is reliable just because it is ‘on the blockchain’. With its $150 million worth of capital, The DAO is the first entity set up on a blockchain with sufficient funds to attract the attention of a looter. No investor should have entrusted funds to The DAO without first undertaking a thorough prior check. However, this type of verification is far more difficult than with a traditional contract as another person’s code is hard to read and assimilate fast.*. If in a hypothetical future we all start using the Blockchain, we will no longer be calling on a lawyer, as we would do today for a standard contract, but on a team of hackers, who will draw up the code-based contract and remedy any errors. There will also be specialist firms to manage smart contracts, and these will over time gain a certain amount of control over contract formats.

It will also still be necessary to have recourse to a legal entity in the event that something goes awry after the smart contract has been drawn up. In order to get out of a contract, one could imagine a system of crowd-validation for modifying the blockchain. However, when you look at the blockchain’s antecedents and the anti-human-intervention philosophy behind the concept, it is rather unlikely that this kind of system, with its 51% rule, as a way of dealing with a regular stream of unfair outcomes, will catch on. Even less likely as the current case has shown us just how slow and hard to implement post-publication modifications can be. It is therefore difficult to envisage that the way smart contracts are used will change the validation paradigms. The blockchain has every chance of attaining widespread use. But that does not mean it will come any closer to eliminating human corruption and venal sins. Not (yet) the holy grail, then…

* Following the reaction of @refocus to the sentence ‘But this type of verification is far more difficult than with a traditional contract as another person’s code is hard to read and assimilate fast’, we reply: Indeed this is not the most pertinent argument, given that there are both static and dynamic analysis tools in existence. However, the underlying idea is that it is very difficult, not to say impossible, to write large programmes to perfection, without any bugs or errors. There are many reasons for this, as described in this article. This issue is a huge challenge when it comes to drawing up smart contracts. For more information, a detailed explanation of this immutable and available code can be found on the blog of Gideon Greenspan, founder of Coin Services Ltd, the company behind MultiChain, an open source private blockchain solution for companies.

Legal mentions © L’Atelier BNP Paribas