Faced with the brazen heist of over $60 million worth of virtual currency, is the solution to do absolutely nothing at all?
As a massively successful hack stealing more than $60 million in Ether cryptocurrency continues with no signs of stopping, an intense debate about how—or even if—to respond to the theft is gripping the community around Ethereum, the platform behind Bitcoin’s biggest virtual currency competitor.
The attackers are stealing from the Decentralized Autonomous Organization (DAO), an application built on top of Ethereum that’s designed to transparently create binding financial agreements governed entirely by software rather than human beings.
Think of DAO as a computer-controlled investment firm that anyone can buy into and get returns, which totaled more than $100 million before the hack. At DAO’s core are “contracts,” which are also entirely covered by code, not humans. It is a vulnerability in these smart contracts that allowed the hackers to siphon a fortune from the DAO. Ethereum itself has not been hacked.
The DAO—which will shut down as a result of this attack—is such a major part of Ethereum’s economy that proposals are floating to change the currency’s code (known as “forking”) in dramatic ways to recover the funds, in what critics are calling an ill-advised “bailout” akin to the highly controversial 2008 bank bailouts in the United States that followed a global economic emergency.
The next month will be critical for the future of Ethereum, a currency that’s been hailed as Bitcoin 2.0 by some of the world’s most prominent tech companies.
Because of the way the code in question is written, Etherum’s developers and community have 27 days to decide what to do before the hackers are able to move the money and cash out.
The fight over how to respond to this heist is intense and important for the future of a currency designed at its core to be governed by transparent software and, therefore, not controlled by any human beings.
“First, there’s the potential for moral hazard,” Peter van Valkenburgh, the director of research at Coin Center, told the Daily Dot in an interview Friday morning.
“It’s sort of like the bank bailout. You have risky behavior—in this case, people writing contracts that haven’t been properly vetted for bugs,” he said. “If there’s suddenly the assumption that you’ll always be bailed out by forks down the road, you’ll be less incentivized to write code without bugs.”
A loud chorus of critics argue that Ethereum should let DAO die so that dangerous code is not rewarded.
“The other problem is the perception of centralization,” van Valkenburgh explained. “It’s the idea that something went wrong, and we’ll get the people who matter in a room to write a patch and it’ll get adopted. The ability to have a quick fix would show that certain parties could exert a lot of control, which in the future could be used for evil purposes, for control purposes, for political purposes.”
These arguments are being voiced all over social media. Critics say that although developers might be able to stop hackers from accessing the $60 million stolen so far, or even return some funds, the action could ultimately undermine Ethereum as a whole and end up costing much or all of the platform’s billion-dollar market value.
DAO bailout is a terrible idea -— Patrick Murck (@virtuallylaw) June 17, 2016
Sets bad precedent on censorship
Favors reckless insiders
Creates moral hazard
Bitcoin, the leader and most valuable cryptocurrency, has faced similar turbulence. In 2010 and 2013, significant mistakes led to changes in the software’s code.
In one respect, Ethereum’s current woes look pretty good compared to Bitcoin’s, because there is no known flaw in the code of Ethereum itself. Bitcoin had to deal with such flaws twice. Instead, it’s a flaw in an app built on top of Ethereum that has caused this catastrophe. But that can be a potentially stickier problem.
“If the Ethereum developers and miners choose to intervene, do you have training wheels on all DAO contracts?” van Valkenburgh asked.
At the center of Ethereum is the idea that there is no human intervention, that the contracts can be governed entirely by software. Some argue that such intervention would undermine the entire idea behind the currency.
But van Valkenburgh doesn’t completely buy that argument, and a lot of the Ethereum community and leadership agree.
Changes to the code of Ethereum are ultimately democratic decisions, advocates of a code fork argue.
The Ethereum developers can write new software, they can promote the new software and advocate change, but the old software will continue to exist. On the other hand, virtual currency miners and users can refuse to switch to the new version, potentially killing it with the popular “vote.” Change happens only when a majority of users agree.
That’s where democratic debate enters the picture.
Ethereum co-founder Vitalik Buterin is now loudly advocating for a change in the code “to block the attack.” Underscoring the democratic necessities of such a change, he’s encouraging miners and normal users to upgrade to software that will render the hackers unable to use the money they stole.
What’s happening now amounts to a political campaign. But the debate is far from over.
“Many others, including inside [the Etherum] Foundation, find the balance of arguments laying in the other direction,” Buterin wrote on reddit. “I will not attempt to prevent or discourage them from speaking their minds including in public forums, or even from lobbying miners to resist the soft fork. I steadfastly refuse to villify anyone who is taking the opposite side from me on this particular issue.”
The clock is ticking now, the world is watching, and the next step of the cryptocurrency experiment is unfolding under a spotlight burning hotter every day.