In part 1 of this blog, we examined some of the underlying concepts that make cryptocurrencies work. Specifically, we explored the premise of immutability, which is a requirement for a decentralised currency that users can trust. We saw how immutability is guaranteed by a shared consensus between users and developers – trying to change the specification to undermine the rules that govern a currency will inevitably split the user base. Splitting the user base effectively splits the currency, resulting in what is known as a fork.
In some cases, however, the user base of a cryptocoin might not be significantly split by a fork. For example, if a major change – even one that undermines the premise of immutability – is unanimously upheld by users and developers, it might pass without fracturing the currency. The superficial reaction to this might be “so what”? If the entire community changes their mind about the specification, how is this any different from a more mundane update?
The truth is that a cryptocurrency lives and dies by the integrity of its ledger. The promise of decentralisation is that users do not need to trust a fallible third party because the system is trustworthy. Undermine the system, and you undermine the integrity of the currency itself.
The DAO ‘hack’ of 2016 is a perfect case study in the fragility of immutability. Since it was instituted, the DAO has run relatively smoothly – in fact, it was surprisingly successful. Despite beginning as a small project by a small team, it managed to raise $160m in a 28-day funding period – making it the most successful crowdfunding project in history.
Unfortunately, the DAO’s codebase contained a critical flaw known as a recursive calling vulnerability. In simple terms, there was some code that looked something like this:
IF there is enough money in the pool:
award the requested funds
reduce the amount of money left in the pool
When this function is called, it checks if there is enough money in the pool to satisfy the request. If there is, it grants the funds and then reduces the amount of money left in the pool. However, because the funds are granted before the total remaining is reduced, it is possible to call the function again and again in rapid succession. If you do this, some of those calls will occur after the funds have been awarded but before the remaining funds have been reduced. If you do this enough times, you will be able to effectively award yourself money that you do not have.
The precise nature of the attack has interesting implications. Although it was described as a theft, it is not a ‘hack’ in the traditional information security sense. It is an exploit in the sense of “exploiting the stock market” rather than “exploiting a vulnerability”. The developers who created the DAO did not anticipate their code being used in this way, but at no point were the rules of the DAO violated. That fundamental premise – that both Ethereum and the DAO are objective agents whose actions are determined only “by the code” – was not broken.
This is best illustrated by analogy with another virtual currency. Say you go to a coffee shop and purchase a coffee. This coffee shop has a reward scheme, which you participate in. When you pay for your coffee, the person behind the counter adds 100 points to your card. However, they also give you a receipt. This receipt says “This drink would have been worth 100 points if you had a loyalty card!”, along with a code you can use to get those 100 points if you register. So, you register a new card with the code. Now you have gained a total of 200 points – but you only bought a single 100-point cup of coffee. Is this morally a grey area? Absolutely. But if it doesn’t break the coffee shop’s terms of service, no wrongdoing has occurred.
This presents us with a dilemma. If you reverse the attack, everyone gets their money back – but the attack was only possible because of a loophole in the rules you created. These rules were supposed to be immune to interference of any kind – is “good” interference inherently better than “bad” interference? Who decides which is which? Undoing the results is not simply a matter of fixing the code so it does not happen in future. What you are effectively saying is that Ethereum is immutable only if it behaves in a way that is amenable to you. This is the argument that created a divide within the Ethereum community, effectively splitting its supporters into two ideological camps.
The goal of a decentralised network is for no one to have the power to do exactly what was proposed in Ethereum. When more than half of nodes agree to collude so that they can “rewrite” history, it’s known as a 51% attack. The hard fork that was proposed to “fix” the DAO problem would potentially harm other users of Ethereum by taking funds from other DAOs and awarding it to the DAO token holders – which has invited comparisons with the bailout of big banks.
Ultimately, the community elected to support a hard fork. This was not a smooth process: there was a great deal of dissent and debate within the community, and the overall sense is that neither side is happy with the result. The reasoning behind the fork is that an attacker should not be rewarded for stealing money, and that a hard fork is driven by the community.
Somewhat predictably, this has caused a schism between those eager to recoup their losses and those more invested in the principles that underpin the cryptocurrency. A new cryptocurrency named Ethereum Classic has formed as a result, using the old, immutable ledger. As described in the previous part, this split has the effect of weakening both currencies. This is especially true as Ethereum Classic does not seem to be a splinter currency destined to die out. It has held its own, becoming the 6th highest coin per capitalisation and even attracting interest from large organisations like Microsoft. For better or worse, Ethereum has a new younger sister.
The aftermath of the Ethereum fork is likely to be significant; the currency is now in a sustained bear trend, and it’s probable that this instability will affect the market in other ways, increasing the pressure to sell and the overall uncertainty of the currency and its users.
More generally interesting are the overarching implications for all cryptocurrency. As virtual, digital constructs, cryptocurrencies have no rules except the ones we make for them. The premise of immutability is cryptographically sound (though there are some problems with implementation), but the integrity of that immutability is another matter entirely.
The lesson we should take away from this is that we shouldn’t assume that something is free from politics or outside interference simply because it is dictated by code. At the end of the day, Ethereum – like all cryptocurrencies – exists as part of a free market. It is used, developed and maintained by human beings. For as long as this is the case, there will always be an inherent fragility to it.