Over the weekend, an “attacker” commandeered 3,641,694 ether, a virtual currency worth the equivalent of US$60 million, from the DAO, which is short for “distributed autonomous organization”, a decentralized venture capital fund built on the Ethereum blockchain protocol which recently raised the largest ever amount for a crowdfunding campaign, US$117 million.
If more than half a dozen words in that sentence made any sense to you, including “and” and “the”, welcome to the brave new world of the blockchain, in which nothing is real except for the promise of a better tomorrow.
As Ethereum founder Vitalik Buterin said a couple weeks ago at a presentation in Singapore, “If the concept of Uber without the Uber, Facebook sign-in without the Facebook, banking without banks, excites you, this is the technology for you.”
For a certain kind of person, that proposition sounds very appealing indeed, even if they struggle to understand how it would actually work in practice.
The stakes are about as high as they can be. Either this is the kind of technology that completely transforms how we all interact with each other, the way the internet did in the 1990s, or it’s a virtually meaningless exercise enacted entirely in cyberspace.
Regarding this recent hack, Buterin has assured DAO investors that “even if no action is taken, the attacker will not be able to withdraw any ether at least for another ~27 days (the creation window for the child DAO). This is an issue that affects the DAO specifically; Ethereum itself is perfectly safe.”
The DAO is a leaderless venture capital fund, with no central authority doling out the money.
Meanwhile, “The Attacker” (that’s the name he’s chosen) insists that he obtained the virtual money legitimately, by exploiting a vulnerability in the code, and that he furthermore intends to pursue “legal action against any accomplices of illegitimate theft, freezing, or seizure of my legitimate ether”.
How an actual court in our physical reality will adjudicate the “seizure of my legitimate ether” is anyone’s guess.
One DAO investor, Elain Wu, is not okay with Buterin’s proposed intervention, explaining in a blog post that the hacker who exploited the network has simply exposed a vulnerability that needs to be fixed.
“I prefer that the ‘hacker’ keep whatever ether I lost. The great thing about smart contracts is the predictable risk allocation. I signed up for the risk of losing my ether. I did not sign up for third-party adjudication,” writes Wu, adding, “Blockchain contracts are not about adjudication by vote; we already have a very good solution for that in the modern court system. They’re about giving two parties the ability to trust a commitment. I want the rights and responsibilities that I signed up for.”
“If the concept of Uber without the Uber, Facebook sign-in without the Facebook, banking without banks, excites you, this is the technology for you.” – Vitalik Buterin
Crucially, Wu points out that the process of making mistakes and then responding to the mistakes is how technologies get proven out and improved in the real world.
“You don’t know the rule until you know its exceptions,” she writes. “In practice, the exceptions to the rule are the rule.”
Meanwhile, a Cornell University researcher named Philip Daian is advocating for a hard fork, insisting that the vulnerability can be fixed through a revision of the programming language on which Ethereum is based.
Steve Randy Waldman, a DAO investor who is “more intrigued than angry” at the theft, says that Ethereum “is the most interesting and ambitious widely deployed open blockchain, a parliament whose job is to enforce the behavior of social institutions and financial contracts inscribed as directly consequential computer programs rather than in human habit or legal text.”
To the casual observer, this is a tawdry drama, to the extent that it can even be comprehended.
If someone had stolen $50 million worth of Canadian Tire money or beehives, we’d get upset because at least those things are real. With Canadian Tire money, you can actually buy a barbecue or some patio furniture. And stealing beehives is truly reprehensible.
The Ethereum hack feels more like the spectacle of someone shouting, “Hey, no fair!” while playing a video game, or an episode of Survivor in which one of the contestants cheats in order to win.
Even so,watchers of the blockchain space anxiously wait to see how this latest drama resolves.
Because while most observers don’t particularly care whether or how the blockchain works in terms of building a virtual currency that might replace real-world money, it has become clear that the protocol itself has vast potential for a variety of very real applications, including banking, insurance, copyright protection, identity management, digital asset management, securities trading, private markets, and niche quasi-financial assets such as domain names.
For that reason, there has been a bewildering amount of hype relating to Ethereum, created by Vitalik Buterin, a 22-year-old Torontonian, and this very public real-world test of the blockchain is likely going to be a make-or-break moment for whether the technology lives up to the immense promise of radical transformation that its proponents say it is capable of.
“Blockchain contracts are not about adjudication by vote; we already have a very good solution for that in the modern court system. They’re about giving two parties the ability to trust a commitment. I want the rights and responsibilities that I signed up for.” – Elaine Wu
In the time between the massive apparent success of the DAO crowdfunding campaign and the hack, Buterin has been very busy making appearances in Singapore and Moscow among other places, talking to an expanding base of people interested in Ethereum.
The Monetary Authority of Singapore (MAS) has proposed the development of a Regulatory Sandbox “to carve out a safe and conducive space to experiment with FinTech solutions, and where the consequences of failure can be contained.”
Singapore is home to Digix and Otonomos, both Ethereum-based fintech start-ups.
And just a few days after Buterin’s appearance in Singapore, Ethereum announced that Microsoft would be the premiere sponsor of its Devcon2 Ethereum developer conference in Shanghai in September.
Rob Nail, the CEO of Singularity University, based in NASA’s Research Park, believes that the blockchain is “an exponential technology” which will affect “thousands, tens of thousands of applications” extending to “every possible different type of transaction”, including those “we haven’t even thought of yet”.
So the scale of Buterin’s ambition is borne out by an investment of faith by some of technology’s biggest names.
Buterin describes Ethereum as nothing less than a “world computer” or “the smartphone of Blockchains: a universal platform where, whatever you want to build, you can just build it as an ‘app’ and Ethereum users will be able to benefit from it immediately without downloading any new special software.”
While a lot of companies regard Uber as the ne plus ultra of “disruptive” technology, there haven’t been very many who have credibly decided that they’re going to disrupt Uber, not to mention Facebook and the banks.
“Because ultimately power is a zero sum game,” said Buterin recently. “And if you talk about empowering the little guy, as much as you want to couch it in flowery terminology that makes it sound fluffy and good, you are necessarily disempowering the big guy. And personally I say screw the big guy. They have enough money already.”
In a few weeks, depending on how Ethereum’s hacking drama ends, we’ll all better know whether this most promising technology amounts to something more than a promise.