Ethereum’s DAO Forking Crisis: The Bitcoin Perspective
Ethereum is in a state of crisis. “The DAO” (Decentralized Autonomous Organization), a code-based and leaderless investment vehicle that crowd-funded a record-breaking 150 million USD worth of ether, was unexpectedly drowned by an unknown hacker two weeks ago. About a third of all invested ether – some 4 percent of the total ether supply – is now sitting in a so-called “Child DAO”, waiting until it can be withdrawn in another two weeks from now.
This presents the Ethereum community with a tough choice and three* main options. First, the community can decide to “do nothing” and allow the hacker to withdraw his funds. Second, the community can deploy a soft fork to freeze any funds associated with The DAO, ensuring the attacker cannot withdraw any of it*. And third, the community can deploy a hard fork to essentially “roll back” the entire existence of The DAO on a protocol-level, take back the lost funds and give it all back to the original investors.
The DAO in no way affects Bitcoin, and the choice is fundamentally to be made by the Ethereum community. But the hack and chosen solution may draw a stark and telling contrast with Bitcoin, and the Bitcoin community. Bitcoin Magazine therefore reached out to prominent bitcoiners and asked:
“What should the Ethereum community do, and is this any different from what the Bitcoin community should do were a similar situation to arise?”
*A newly discovered vulnerability suggests that soft forking may not be an option after all, and the only choice left is that between doing nothing and hard forking. At the time of writing of this article, not all respondends where aware of this development.
Stephen Pair, BitPay co-founder and CEO
“The Ethereum community should ask themselves whether the fundamental premise of an Ethereum blockchain is flawed. Bitcoin transactions have a very specific purpose, and a payment system requires broad participation. An Internet scale naming system is another kind of database that might require a similar approach to Bitcoin. Most contracts, on the other hand, involve a limited set of parties that care about its state and execution. It's not clear to me that you need a broad participation blockchain on which to execute contracts.
As for a similar situation in Bitcoin... it's impossible for something like The DAO hack to occur in Bitcoin, because it would not be possible to write code for a DAO that is directly executed by Bitcoin miners.
Bugs in Bitcoin will occasionally cause a fork in the chain at which point miners need to reach a consensus on which path to follow. But what the Ethereum community is contemplating is a fork of the chain to bail out the users of a specific contract. The closest analogy would be the Bitcoin block chain forking because someone erroneously sent bitcoin or accidentally destroyed bitcoin. That has happened many times and no one has ever seriously suggested the Bitcoin chain should be forked as a result.”
“I must admit I've not followed the events surrounding The DAO fully, as I'm more into Bitcoin. But I think matters are even more complicated than just a choice of whether or not to fork. As I understand it, a freeze of funds would also freeze the funds of similar DAOs. And I believe more exploitable flaws have been found by now, some of which could also be attributed to Ethereum's Virtual Machine itself, rather than just an application running as a smart contract... There probably is no easy way out.
As it stands, I think Ethereum should not attempt to fix or undo The DAO. No soft forks, no hard forks, and please no blacklists. Blacklists in particular would drive credibility to zero for me.”
“Allowing The DAO to fund itself far beyond its $500,000 USD target was an expensive mistake. But the Ethereum community should do nothing, because it's not an Ethereum fault. Bugs in contracts will be quite common and we have to learn how to live with it, exactly as we live with Bitcoin thefts and hacks. If there's a space for code analysis tools preventing those contract bugs in the future, let them evolve.
As for Bitcoin, if there's ever a bug in the protocol or the reference implementation, the community should focus on resolving the bug as soon as possible, as happened with the LevelDB bug in 2013. I can even imagine blockchain rollback in a case of major security issue. But blacklisting coins or doing rollbacks because of faults not directly related to Bitcoin is unacceptable for me.”
Elizabeth Stark, Lightning co-founder
“The Ethereum community should be more cognizant of the long term dangers of censorship and intervention at the protocol level. The meta description for their site says: 'Ethereum is a decentralized platform for applications that run exactly as programmed without any chance of fraud, censorship or third-party interference.' The hard fork proposal, while well-intentioned, would interfere with the protocol to retrieve the DAO funds. This opens up a Pandora's box of other questions about why funds should be recovered in certain cases and not others, and what would happen when governments come knocking. If they go through with it, they should make it very clear that this is a one-time only fix.
A similar situation is less likely for the Bitcoin community, because we structured our protocol differently. At the core of the values of Bitcoin is to keep complex functionality out of the low level protocol, as complexity is the enemy of security.
That said, if there were an issue with an application on a Layer 2 protocol, there's no chance the Bitcoin community would support a fork that would take currency out of circulation, or modify ownership of the currency. Even considering such a move would be preposterous to many, as it's in such opposition to the community values. It would defeat the purpose of having a censorship resistant protocol and ensuring the fungibility of all coins; it would go against everything we've worked for the last 7 years to achieve.”
Manfred Karrer, Bitsquare developer
“First of all, the Ethereum community should be prepared for more trouble, and not under-estimate the 'attacker.' He seems to be very smart, and I suspect he will not give up but fight back much harder if the funds get frozen or confiscated. The failure of The DAO also questions Initial Coin Offerings. Why collect $150 million USD worth if there was no need for so much money? I also think The DAO represents an unhealthy combination of conflicts of interests for the developers, combined with a pretentious marketing campaign that suggested investors could only win.
On top of that, the Ethereum community should slow down. One argument in favor of a fork, is that a high percentage of the overall ether-supply could be in the hands of a single person, and that this would be a risk when Proof of Stake is to be introduced. But if that is indeed such a risk, it means the proposed Proof of Stake system – 'Casper' - is completely insecure. It needs to be delayed until it can deal with a hostile whales owning large swaths of ether.
Finally, regarding forks, they should do nothing. Censorship resistance is the only valid excuse for using the slow and expensive blockchain.”
“As an Ethereum-skeptic, I'm happy to report that all options available to the Ethereum community are disastrous.
The 'soft fork idea' probably wouldn't work at all: the attacker can broadcast withdrawal transactions which have multi-million dollar fees. This 'smart contract bribe' defeats the soft fork.
Similarly, the hard fork is more impractical than it may first appear. Vitalik, and the other developers, are largely powerless. Anyone can copy their GitHub commits, and so 'old-ETH' can keep up with 'new-ETH' for free. Investors have no reason to choose New over Old, because they get both for free. Meanwhile, the attacker can bribe miners, on both chains, as seen above. And at least one exchange might keep Old, or trade in both. The hard fork might create two ether sets, and the resulting chaos would likely cause Old-Eth to win... defeating the hard fork.
Were the hard fork to succeed, it would demonstrate centralization. The mixture of 'centralization' and 'anonymous e-cash' is not pretty. Key individuals may be arrested, kidnapped, or worse... and the responsible agent ('insiders') could short the market, and make off with tens of millions – tax free.
Yet, worst of all for Ethereum would be to do nothing. The DAO is, in a sense, Ethereum's debut. It was the first significant thing that Ethereum could do, that Bitcoin couldn't. It was hyped by credible people and trusted media outlets. One feature was praised above all: the ability to withdraw from the project at any time using a Child DAO (oh, the irony).
The DAO failure reveals all of these people for what they are: unqualified. And if the Ethereum team is unqualified, what does that leave, exactly? Ethereum is currently in second place – a losing position - in a winner-take-all environment. Unlike Bitcoin, it has no daily 'users'... without faith, Ethereum can't survive. And why keep the faith, if the Ethereum team can't 'solve' this problem?"
Tuur Demeester, Adamant Research editor in chief
“Mt. Gox was a system built on top of Bitcoin. Because of its poor design, 7 percent of the supply at the time was stolen – versus 4 percent of Ethereum's supply now. A hard or soft fork to return the bitcoins was never suggested. Bitcoin, as per Satoshi's writings, is conceived of as digital cash, a 'digital metal' that is as inert as gold. Users of bitcoin and gold alike are expected to understand this circumstance, and therefore understand that this great responsibility is what at the same time gives them great freedom to be in charge of their own financial futures.
Similarly, Ethereum was conceived of and promoted as ‘a system that cannot care.’ Ethereum indeed doesn't care about The DAO. It just does what it does. It seems only fair and logical that Ethereum users shouldn't be forced to care about it. In other words: no freezing or reversing of funds, and no hard or soft fork for that purpose.”
Eric Voskuil, Libbitcoin lead developer
“The people directly validating – receiving payments on an Ethereum full node - are the 'community.' This community 'should' do whatever the members prefer, realizing that lack of consensus can lead to their own loss. Distributed decision making is the definition of what 'should' be done, and there can be no alternative. If everyone in a community agrees there is no problem with a change, that is the essence of consensus.
The more interesting question is: 'How large is the actual community?' If most people defer validation to centralized systems, there is very little security against changes to the money, since these people are not part of the actual community. This will make a money unpredictable and cause people to avoid it.
Bitcoin can't be any different. Though the community is presumably larger and therefore more resistant to change.”
Thomas Voegtlin, Electrum lead developer
“I don't see how something like this could happen with Bitcoin. From an investor's perspective, the closest we had was Mt. Gox. However, the Mt. Gox failure was not caused by a technical issue with Bitcoin itself. In contrast, The DAO situation does not seem to result solely from poor programming; the programming language used to write contracts in Ethereum should have better semantics, and be amenable to formal verification.
As it turns out, a soft fork freezing The DAO funds is no longer really an option, so the only serious way to revert the DAO hack is through a hard fork. With only 15 days remaining until the DAO funds can be spent, I doubt that consensus over such a hard fork can be achieved. It takes time to write code, have it properly audited, deploy it, and let miners signal their willingness to fork. It might therefore be safer for Ethereum to not bail out the DAO.”
David Bailey, BTC Media CEO
“Ethereum should probably do nothing, though I think a soft fork would be acceptable. A hard fork - even more so than a soft fork - turns a The DAO-only problem into an existential crisis.
This situation also exposes the potential risks of having core developers with conflicts of interest... I would be very curious to know The DAO losses of the 30 to 50 individuals that make up Ethereum's inner circle.
As for Bitcoin, I don't think it would be possible to get a contentious hard fork passed considering the amount of debate we've had over a potential 2 megabyte block size limit increase. The DAO hack also validates Bitcoin's more conservative approach to development.
I think the debate is healthy as long as the Ethereum community comes out strongly against a hard fork. This would be a sign of Ethereum-maturity.”
Samson Mow, BTCC COO
“In terms of utility, cryptocurrencies and game currencies – like Diablo gold – aren't so different from each other. The key difference is that game currencies are managed by for-profit organizations that can tweak the economy, patch design flaws, and roll back when they deem necessary to protect their vested interests. Ethereum must decide what it wants to be: a cryptocurrency or a game currency.
The Ethereum community may be in a difficult position now, but I think they only have one real choice available and that is to do nothing. This is assuming that they want to be taken seriously as a viable cryptocurrency. Choosing either a hard fork or soft fork to interfere would demonstrate that Ethereum’s blockchain is very mutable and that short term interests take priority over everything else.
I really couldn't see a similar situation arising in Bitcoin simply because Bitcoin Core developers are very cautious in rolling out new functionality and test extensively. Moreover, Bitcoin Core’s ethos runs counter to the market intervention that is currently being encouraged by Ethereum developers.
Simply put: it’s hard to imagine the Core team pushing out code intended to recover their personal losses, lost in a highly experimental project they invested in, which was poorly design and untested, that also clearly was a massive conflict of interest.”