Ethereum, a network designed to extend blockchain technology to uses beyond crypto-currencies, has been gaining traction around the world.
Billed as “a decentralized platform that runs smart contracts…without any possibility of downtime, censorship, fraud or third party interference,” Ethereum has been enthusiastically embraced by organisations like Microsoft, IBM and Azure.
How then does the equivalent of tens of millions of dollars get stolen in one day, from an individual account?
This is the situation that those affiliated with The DAO (Decentralized Autonomous Organization) awoke to on June 17 as transactions were made from their Ethereum account to an account whose owner is unknown.
It was a timely reminder that sometimes “smart” technology acts stupidly. Bitcoin suffered a near-death experience in 2014 when the equivalent of US$450 million in bitcoins went missing after Mt. Gox declared bankruptcy. Ethereum now faces a similar moment.
Important lessons about the risks, true capabilities and need for better governance of blockchain networks unfortunately have to be learned once again.
How Ethereum and The DAO work
Started in 2014 by teenage programming prodigy Vitalik Buterin, the Ethereum network is unique for its pioneering use of “smart contracts”. Just like regular contracts, terms and conditions are developed and agreed upon by consenting parties. What makes them supposedly “smart” is that, when the conditions of the contract are met, the contracts execute automatically.
The DAO is an online, investor-directed venture capital fund built on the Ethereum blockchain network. The DAO’s goal is to collectively channel investment into new projects, similar to the way that crowdfunding works, but using Ether, the crypto-currency that underpins Ethereum. It uses specialised code (based on Ethereum’s Solidity language) to allow its members to execute automated investment decisions.
The DAO has no single leader, though there is a group of overseers who are elected by holders of special DAO tokens (which people purchase with ether). Voting rights are determined by one’s DAO token holdings.
After raising 10.7 million ether (the equivalent of US$120 million in May 2016) in an initial crowdfunding effort, one of the biggest in history, hopes were high for The DAO.
Then, on June 17, crisis struck. An unknown person or group of people funnelled out about one-third of The DAO’s ether holdings the equivalent of between US$45 million and $77 million (the value depends on whether one uses the pre- or post-incident ether market price).
Within days, the market price of ether crashed around 50%. A good deal of soul searching for both projects has been underway ever since.
Smart thieves or dumb programming?
In the fallout of the incident, much was made about how The DAO was “hacked”. Upon closer examination though, The DAO was not hacked at all. The attacker(s) used two features of The DAO’s specialised code to siphon out ether in amounts small enough to not result in the destruction of their DAO tokens.
Moreover, The DAO’s terms and conditions do not permit theft or fraud. In short, it is perfectly legitimate to do whatever a smart contract’s code permits, even if this is beyond the original intention of those who wrote the code.
Like all technologies, “smart contracts” are dual use and might be used in ways that their creators did not intend. The complexity of the technology only compounds this issue.
When considered in this context, not only is what occurred above board (though not in the spirit of The DAO), funnelling money out of The DAO’s account ironically turns out to be a feature, not a bug.
Important decisions now face the Ethereum community. The fate of the network and the equivalent of hundreds of millions of dollars hang in the balance.
Sensibly, a backstop mechanism was built into the Ethereum network for incidents such as this one. The account holding the (mis)appropriated funds (a so-called Child DAO) has been frozen for 27 days and soon the Ethereum community will hold a referendum of sorts, “voting” on what course of action to pursue. This will determine whether holders of DAO tokens will be able to recoup their lost ether, or see it remained locked in limbo forever.
Lessons for blockchain enthusiasts
This episode introduces nuance to Ethereum’s pitch on enabling applications to run “without any possibility of downtime, censorship, fraud or third party interference”. Similar claims are made by the promoters of crypto-currencies and blockchains more generally.
Smart contracts may run exactly as programmed but this does not mean that they will run as the creators intended. The DAO incident demonstrates how the complexity of these contracts is outstripping the comprehension of the people who wish to write them. This in turn introduces bugs and vulnerabilities, some of which are known, but others will only become known when something goes wrong.
While the Ethereum network’s users might be decentralised, certain features of the network are not. For instance, the decision as to what changes will be made to the code as a part of the upcoming referendum is determined by a small group of Ethereum developers. The check on this concentration of control is that 51% of nodes in the network must agree to the changes.
However, a 51% threshold is not ideal given the network’s tendencies towards centralisation. The difference between the Ethereum blockchain network vs a referendum is that the former is not “one person, one vote” it is “one node, one vote”.
For Ethereum, there is no telling how many people control how many nodes. This is because the account holders are pseudonymous. What is known is that the distribution of ether holdings is heavily skewed across accounts. At present, of a total of 440,741 accounts, the top five Ethereum accounts alone possess 25% of the total outstanding ether. Moreover, the distribution of mining is also not uniform. Three mining pools currently occupy more than 50% of Ethereum’s mining capacity. Amassing 51% of the required resources for control becomes relatively easier under such a configuration. For Bitcoin, where votes are determined by the distribution of mining, and mining is similarly distributed, the ability to game the network is even greater.
Smart contracts require smarter governance
If blockchains are to be sustainable in the long run, serious consideration of appropriate governance mechanisms is needed.
A skewed distribution of mining power and crypto-currency holdings is combined with pseudonymity of account holders and a strong incentive to game the system. This has all the makings for deceptive, unaccountable, fraudulent, and self interested decision making.
Until hard questions around governance of blockchains are asked, and solutions implemented, we should brace ourselves for more incidents like that which has befallen The DAO. At stake is not just the fate of projects like Ethereum but the future potential of blockchain technology more generally.
Author:
, Fellow for Cyber-security and Internet Governance, School of International and Public Affairs, Columbia University