The DAO, a decentralized autonomous organization built on the Ethereum blockchain, has been the subject of a continued hack today that has seen the theft of over 3.5 million Ether, which was valued at more than $50 million at the time of the heist.
The DAO was created as a utopian decentralized venture capital-style smart contract, enabling individuals to gain voting shares in exchange for the virtual currency Ether. Naturally, the fund has attracted huge attention in the digital currency world, with more individuals jumping on board, raising more than $150 million worth of Ether during its crowdsale.
Early Friday morning, however, the DAO was hit by as yet unidentified attackers appearing to take advantage of a recursive calling vulnerability, draining millions of Ether into a Child DAO where the hacker(s) will gain control of the funds when it opens after 27 days unless the Ethereum community adopts a proposed soft fork which would prevent the funds from moving. Since the discovery of the hack, the value of Ethereum has dropped dramatically from trading at $21.50 to $13.35 at its lowest. Only a few days ago, Ethereum was soaring, nearing $20 for the first time.
One Ether wallet identified by members of the community as a recipient of the apparent stolen funds currently holds more than 3.5 million Ether. At a current exchange of around $14/ETH that brings the total to $47 million; however, at the pre-theft valuation of $21.50/ETH, the amount is significantly more: $79 million.
Griff Green, a spokesperson for Slock.it, said that there is a conversation with the miners to create a soft fork, which would block the Child DAO and the DAO from making any further transactions of any kind.
“After the immediate soft fork, there are discussions about preparing for a hard fork that will, on a certain block in the future create a smart contract that all the ETH in the DAO and the Child DAO will be sent to,” Griff said on the DAO Slack channel. “This smart contract will allow the holder of any DAO tokens to claim their fair share of ETH.”
Former Ethereum CCO and Slock.it founder, Stephan Tual, said on the DAO slack channel:
“In summary, a hard fork will retrieve all stolen funds from the attacker. If you have purchased DAO tokens, you will be transferred to a smart contract where you can only retrieve funds. Since no money in the DAO was ever spent, nothing was lost.”
The Known Exploit
Interestingly, five days ago, the DAO posted a blog reportedly stating that the exploit used by the hacker had been fixed. In the post, Tual said that the problem had been taken care of:
“We issued a fix immediately as part of the DAO Framework 1.1 milestone. The important takeaway from this is: as there is no ether whatsoever in the DAO’s rewards account – this is NOT an issue that is putting any DAO funds at risk today.”
It seems, however, as though the issue to fix the DAO Github did not match up with the recommendations in this blog post, choosing the non-recommended approach to deal with the issue.
Unlike other high profile hacks that were reversed in a hard fork, it seems as though the Ethereum community and the DAO holders have a bit of time to consider their options and will need to make a big decision in the next few days.
Should a hard fork be put into place that will prevent the hacker from gaining around over $50 million, which would be the equivalent of a major heist on a financial institution, or should the DAO and potentially Ethereum simply crash and burn?
The post The Ethereum Community Debates Soft Fork to Blacklist Funds in Wake of $50M DAO Heist appeared first on Bitcoin Magazine.