DAO May Be Dead After $60 Million Theft

/dao-may-be-dead-after-40million-theft

  • DAO May Be Dead After $60 Million Theft
    http://spectrum.ieee.org/tech-talk/computing/networks/dao-may-be-dead-after-40million-theft

    By midday, the attacker had stolen over 3 million Ether (Ethereum’s native currency), which at the time was worth more than 60 million U.S. dollars.

    [...]

    The DAO software gives token holders the ability to take their contributions and split from the larger group into their own identical DAOs. Once the split occurs, the person who created the new DAO has full control over what happens to the tokens, and after 27 days he or she is free to sell the tokens on an exchange to recoup the investment. People who choose this route should be able to leave with only as many tokens as they rightfully own. But late last night, someone found a way to split off with more than their fair share. According to sources, the hacker who did this now controls a satellite DAO that contains 100 times the amount of tokens that he initially invested

    Already, Ethereum developers are proposing ways to fix the situation. The easiest, and least controversial solution is for the network to adopt a new version of the Ethereum software that blacklists the address holding the hacker’s stolen funds, making it impossible for him to cash out on the heist.

    [...]

    There is no telling yet whether The DAO will survive this hack. But the theft has undeniably harmed the reputation of decentralized financial instruments and the Ethereum project in general. Since Ethereum went live in the spring of 2015, developers have rushed to build autonomously functioning services on the platform. It is now becoming apparent that properly implementing these applications requires expertise in both coding and game theory.

    La ligne de code : la force et la faiblesse d’Ethereum. Les conséquences d’un bug fortuit (sans donc parler de fonctionnalités malveillantes) peuvent être considérables... On pourra relire cet article de Stéphane Bortzmeyer :
    http://www.bortzmeyer.org/valider-contrats-ethereum.html

    #Bug_(informatique) #Decentralized_autonomous_organization #Ethereum #Faille_informatique #Piratage_informatique #The_DAO_(organization)