Ethereum Network Not Rolled Back After DAO Hack
The Ethereum (ETH) network was not really rolled back after the DAO hack, explained the project’s co-founder, Vitalik Buterin. Instead, the record was altered in the state of the DAO.
The “Surgical Intervention” Did Not Roll Back General Transactions
Innocent users did not see any of their transactions invalidated and rolled back, explained Buterin. Instead, the intervention was “surgical” and only concerned the state of the DAO coins and tokens.
The DAO hack happened in 2016 and affected the ICO smart contract. Through that faulty contract, the hacker could require the smart contract to give the deposited ETH back multiple times. In that manner, the hacker siphoned away 3.6 million ETH.
The Ethereum network was then altered to negate the results of the hack. This led to the forking of Ethereum Classic (ETC), where the coins stolen technically still belong to the hacker.
The DAO example has been talked about for years and is one of the credibility fault lines of Ethereum. The new explanation about the nature of the fix created further criticism, in which some comments saw a rollback as the fairer solution.
Immutability Matters May Affect Other Smart Contracts
In the case of Maker DAO, a recent exploit was discovered that could have allowed a hacker to steal the collateral. The exploit was fixed, but there are many other smart contracts in operation now. Most organizations try to audit and error-proof the contract, but there is still the possibility of losses.
Buterin also asked the crypto community for feedback on potential future interventions, and the response was that there should be no more bailouts.
In the interim, Ethereum-based projects have encountered multiple smart contract flaws. Perhaps the most dramatic one was the Polkadot ICO, which saw its funds frozen on the Parity multi-sig wallet. The contract was “suicided” by an amateur sending out commands and freezing hundreds of thousands of ETH. Other exploits affected Bancor with unauthorized withdrawals.
Some startups can manage their own tokens and actually roll back the exploit. Others freeze and re-issue tokens. While the Ethereum community will not approve of centralized control, it is up to separate projects to repair the damage. Some choose to control their tokens with a form of centralized issuance and freezing.