A Smart Contract with the Devil (by Adam Krellenstein and Pinku Surana, Symbiont)
08.16.2016Since its launch as the first public platform for smart contracts, Ethereum has released new software at a breakneck pace, gained wide adoption and mindshare, and skyrocketed in price. But as a consequence of design decisions favoring popularity and rapid development over security and stability, it has opened itself up to terrible exploits and thefts that have resulted in great financial loss to its users. None of the problems, however, are inherent in smart contract technology; rather, they are issues of specific to this implementation.
The DAO, the posterchild for the potential of the Ethereum platform, is a decentralized autonomous organization designed as a democratic investment fund. It holds 14% of all Ether in its account, at its peak valued at $220mm, which it spends precisely according to the rules of its code. A few weeks ago, a subtle bug in the way that The DAO smart contract allows for the creation of “child” investment funds was exploited. The attacker, whose identity is unknown, was able to drain The DAO of more than $50 million over the course of a few days.
During the attack, the Ethereum protocol allowed for no way to stop the hacker, either by cutting off his access to the network, fixing the problem with a software update, or disabling any of the buggy code. Instead, the Ethereum community decided to permanently alter the core Ethereum protocol so as to invalidate the buggy contract and return the lost funds. Because of disagreements about the appropriateness of this decision, the Ethereum blockchain has “forked” into two competing chains, which now co-exist: one that made the protocol alteration and one that did not.
The root cause of this attack wasn’t just carelessness on the part of the authors of The DAO (though they did fail to respond properly to vulnerability disclosures). Rather, it was limitations of the Ethereum platform, where trade-offs were made in the name of removing all barriers to entry. In particular, the developers of Ethereum designed their smart contract language first-and-foremost to appeal to casual web developers, and deployed it on a public network of anonymous cryptocurrency holders, outside the purview of any regulatory bodies.
Other uses of smart contract technology, namely deployments in a private, regulated, commercial settings, are dramatically easier and safer than use in a public, extralegal, cryptocurrency platforms. Additionally, systems purpose-built for specific use-cases, rather than general-purpose like Ethereum’s, may be made more secure due to their limited scope. While the Ethereum community struggles to improve the security of their public network, private distributed ledgers can be used to dramatically improve existing business processes in a robust and secure fashion.
Whatever happens with The DAO attack, it says nothing about the viability, or the promise, of blockchain technology in general. With any exciting, new technology, there are false starts and dead ends. It’s a testament to the power of smart contract technology that such a thing as The DAO could ever have been created in the first place, but there are no shortcuts in the engineering of powerful new computer systems that are also robust and secure.