Example of Smart Contract Failure: The DAO Attack – Dr. Smartcontract
In my previous post, I’ve discussed what puts a smart contract in danger.
In brief, the reason came in two.
First, the versatility of smart contract made itself open to errors using it properly. The capability of smart contract provides freedom and comfort, yet it entails concerns, too.
Second, the lack of awareness that building a smart contract is rather sophisticated, effort-needing job and, moreover, the fact that it is incorrigible once published also causes insecurity.
Today, in this post, I will describe the famous DAO Attack in a brief and easy language. This is the case where smart contract failure is responsible.
Should be an alarming example to address how smart contract security is important for blockchain business.
To understand the case of DAO Attack, we need to first understand what DAO is.
DAO stands for Decentralised Autonomous Organisation. Its goal is to digitalise the decision-making processes of an organisation by eliminating the necessity of paper works and workforces needed for them in order to achieve more de-centralised structure of governance.
Well.. Simply DAO is a blockchain based network.
The first genuine DAO is Bitcoin.
In the Bitcoin network, all agreements are made by an open source code which is self-enforced by all network actors who form majority consensus. This procedure replaces the old, high cost legal contracts.
Being an open source, the Bitcoin network is transparent and incorruptible. Because, as many blockchain supporters claim, all transactions are recorded and kept on blockchain in a secured way. Bitcoin, indeed, has achieved its eligibility as DAO proving banking can be done without banks and bankers. It has also remained secure and infallible from the attempts to attack the network since its first block was created in 2009.
However, as many of you would expect, establishing DAO like Bitcoin is very difficult.
In order to establish autonomously functioning infrastructure, DAO needs a complex layer of technologies which are managed by well-designed consensus protocols. Such protocols should be aligned with a toknised incentive mechanism based on a governance rule in order to motivate proactive participation to the network.
Then, the emergence of Ethereum has changed the paradigm of DAO by replacing hard-to-build blockchain protocol to easy-to-program smart contract.
Smart contract, as explained in my previous post and by other experts, is capable of programming and autonomously executing complex contracts.
After Ethereum smart contract, DAO has a lot become easier to establish.
In most cases, DAO follows the steps below as a launching process:
- Smart contracts are written to run the organisation
- Initial fundraising is carried out in form of crowdsale (e.g. ICO) to get resources it needs to operate
- Once funding is finished, DAO begins to operate
- Participants make proposals to DAO on how to spend money. Investors who funded are eligible to vote for which proposals to approve.
In DAO, investors do not own the organisation but they have a power to show their opinion by a vote.
Now we are ready to talk about what happened to “the DAO”.
In April 2016, based on the Ethereum network using smart contract, the DAO was launched to offer a smart lock service where people can share their own properties such as cars and flats by the German start-up Slock.it.
The DAO has raised over $150 million from 11,000 people by the end of funding period. This was the largest amount in the history of fundraising.
It seemed all promising until Stephan Tual, one of the DAO’s creators, announced a recursive call bug in its software. He claimed that there is no harm on the fund.
Indeed, there already had been voices on the vulnerability of the system. Yet, the Ethereum network had not been hacked and successfully executed lots of smart contracts supporting more than $1 billion.
It had been considered “credible” by many.
But. Things happened.
An unknown hacker attacked the system and drained out ether from the DAO.
How? The hacker claimed that he or she only followed the smart contract!
The DAO has a special function called “Child DAO” which can split the organisation in two. Child DAO is devised to prevent the minority’s opinion from being pushed by the majority.
In other words, the creators of DAO made a protection for the minority who wish to avoid wasting their asset on unagreeable decision by others. If the minority disagrees, by submitting a special form of proposal, they can put their ether into a new DAO — i.e. Child DAO — which shares the same conditions with the original DAO it is divided from.
The hacker used this child DAO function in a sneaky way. There was a loophole in the procedure of proposing the child DAO. Once there a call for split, it retrieves ether first and then updates the balance. And, there were no checks for a recursive call bug.
Yes. That recursive call bug the DAO guy claimed to be okay.
Story, then, is simple. The hacker used this recursive call to retrieve ether for multiple times to fill up the child DAO before it updates the balance.
By 18th of June, the hacker could take more than 3.6 million ether in his/her hand.
The price of ether plunged to $12 which was up to $20 during the fundraising. Huge loss.
What happened next is also important in the DAO case. But, all we need to know at this post is how it happened. In case anyone interested, below are what happened in brief:
- The Child DAO needed 27 days to be generated. Which means, the hacker couldn’t touch the money for 27 days.
- The hacker claimed that he/she only followed and leveraged what it is permitted under the code of the smart contract. In short, the hacker thinks his/her deeds are legitimate.
- The Ethereum community sought for solution and came out with three options: 1) don’t do anything, 2) soft-folk, 3) hard-folk.
- They, in the end, decided to hard-folk the Ethereum. The newly divided one is current Ethereum and the old one is Ethereum Classic.
The story tells us a simple keyword: Security.
In order to achieve security, it again needs to consider what puts smart contract in danger as mentioned earlier in this post.
The DAO case might be the worst scenario that can happen in the blockchain world. Such failure directly affects the credibility of blockchain technology.
If no one trust, try and adopt, where is the point of having new technology?
The hacker used a backdoor to ransack the DAO fund, which obviously wasn’t intended by the creators. They just didn’t check the existence of backdoor properly.
Especially when the contracts are getting more complex, it is crucial to know the possible weak points of the written code.
Since the DAO, there are lots of effort put in analysis of smart contract codes to detect loopholes.
Knowing smart contract’s versatility and its following concerns and the fact that making smart contract isn’t easy is important.
And, moreover, what is equivalently important is to double check the codes before the smart contract is fully published and executed. Correcting mistakes you didn’t even know they exist.
Such efforts in seizing security would help the blockchain system or service get more credibility adding its value as a new wave of technology.
Alrrright. Thanks everyone for reading my long, boring text!
This is it today.
In the next post I will talk about how can a smart contract be checked if it is free of error.
About me…
Powered by Scope, a high-tech blockchain smart contract audit solution, Dr. Smart contract will present all about blockchain smart contract from very basics to current security issues.
So please keep your eyes on my humble blog!
About Scope
Published at Mon, 09 Dec 2019 14:42:51 +0000
{flickr|100|campaign}
