We’re building the Ethereum Computer - slock.it Blog
We’re building the Ethereum Computer - slock.it Blog
Ethereum – slock.it Blog
Slock.it: Ethereum, IoT et économie collaborative ...
Explaining the Genesis Block in Ethereum
What is Ethereum 2.0? ConsenSys
Web3 is a vision, idea, and movement for a decentralized web. Web3 is free of third party intermediaries and makes it so that infrining on individual's privacy is extremely expensive. Web3 was term coined by Dr. Gavin Wood in a 2014 blog post: http://gavwood.com/web3lt.html.
Former Ethereum CCO Stephan Tual joins Slock.it Team
Christoph Jentzsch, Founder, said ”Stephan’s expertise will be critical when negotiating with our present and future integration partners. He was part of the Ethereum project since day one, has an excellent standing within the community, and his dutiful approach to relationship building is something we look forward to see flourish within Slock.it.”
Most important above all else, Ethereum has never been decentralized since its distribution (i.e. premine) & thus value of incentives depend entirely on 1 trusted party, the exact opposite of decentralization or trust minimization [1,2,3,4,5,6]. Calling themselves decentralized is literally deception of others for profit, which is by the most standard definitions called fraud. Below is an example of how this centralization manifests and the absolute lack of ethics & types of other fraud behind Ethereum: Historic account of bailout, fraud, and centralization: how Ethereum Foundation demonstrated to have full control over the ethereum blockchain beyond reasonable doubt while advertising falsely for profit Point by point summary (sources cited below):
Ethereum Foundation (EF) sell centrally pre-mined/pre-made Eth coins in ICO for centralized funding/profit while advertising "unstoppable .. exactly as programmed" code (regular cryptocurrencies are 0% premined, EF had 72m coins premined on day 0 which is ~70% of current supply)
Slock.it developers including eth co-founder create an app called DAO on it for the purposes of funding themselves even more with claims that their "code sets the terms and conditions" like no one has done before them for even more money.
DAO code has a mistake and starts giving away money to a user, vocal fraction of community is divided whether to bailout DAO investors, many unofficial polls show conflicting results with extremely low participation making it unclear whether the super majority is even aware or cares about this 3rd party issue.
EF members refuse to disclose if they are invested in the DAO after promoting it, and many are later found to have been invested in it.
EF tells exchanges there will not be a minority chain surviving, ignoring the divided community, and making it impossible to sell no-bailout version
EF makes the carbonvote the "official" vote 12 hours before the release of the client--after repeatedly claiming for weeks it had no official capacity, and after already having made support for the fork the default option in the codebase. The vote only shows 4% of possible consensus supporting bailout, 1/4 of it from one vote.
Most automated nodes and miners that run "apt-get upgrade && apt-get update" switch over even if haven't seen the announcement 12 hours prior and fork is declared a success.
No-bailout chain survives regardless despite Foundation's efforts, but Ethereum Foundation refuses to update it even if it increases in popularity or size.
Ethereum projects are forced to choose between developed chain with ICO funding, bailout, roadmap and one with no funding, no clear devs, no roadmap. Most are forced to stay with Ethereum Foundation holding central ICO funding & updates hostage.
EF sells the unsold premined coins they still own on the no-bailout chain (forked premine), thus damaging its value
EF members participate in White Hat Group (WHG), use same method used to drain DAO to drain no-bailout chain DAO and then market sell no bail-out ether on the exchanges damaging no-bailout chain value further
EF changed the properties of the security it sold and still falsely advertises "unstoppable .. exactly as written" code (despite proving it false) while profiting from all of it.
Almost all the above actions are fraud. Details and sources: Top left of the banner shows marked up graphic  of ethereum.org claims including "decentralized platform that runs smart contracts exactly as programmed without any possibility of downtime, censorship, fraud". Additionally, the third party app "the DAO" also re-iterated in their contract the similar premise that their code IS the terms and conditions [1,2]. Both DAO and Eth were sold advertised as such in their initial phases. However, the DAO was programmed in a poorly done manner  and allowed loss of the investments put into it . It was no secret members of the Ethereum Foundation (EF) were connected to the DAO often promoting it. Many were found to be invested in the DAO as time passed [1,2,3] , yet refused to disclose it when asked directly [4,5,6]. Despite the loss due to DAO contract being an issue of only minority of users, virtually all mentioned advertised properties of ethereum and the DAO were changed by the Ethereum Foundation to manually reverse the operations the smart contract ran while profiting from it. How did they do it? By exploiting and proving centralization Several centralized aspects of Ethereum were used to achieve this result:
EF controls the defaults settings in codebase to get what they want. Only 12 hours before before the release of the client they selected carbonvote the "official" vote out of many varying options (after repeatedly claiming for weeks it had no official capacity, and after already having made support for the fork the default option in the codebase). This selected poll had many issues discussed below including 96% of possible votes not showing support for EF/DAO bailout. However the 4% vote with quarter from single vote with only hours of official notice before were used as justification anyway for bailout as default setting [1,2,3,4,5,6,7]. By controlling the defaults, they easily took advantage of anyone not up to date on announcement hours earlier who automatically updated and/or the apathetic users to control the blockchain. By moving focus from what's best for majority via opt-in consensus (blockchain standard) to giving only a short window to opt-out, they can centrally manipulate the blockchain in almost any manner without enraging the majority into action [1,2]. As expected, the fork was quickly declared a success [1,2,3]. Control over codebase also allowed them to compromise those opting out by leaving them open to replay attacks, thus further damaging their value as can be seen celebrated by DAO and Eth cofounder Stephan Tual . Effectively, this was equivalent to a successful 4% attack on a blockhain or even attack by a single centralized entity (EF). The approach is easily repeatable and exact opposite of expected censorship resistance against <50% attacks, thus proving it unsecure.
EF has complete centralized ownership of the funds from 70% premine in form of eth and ICO BTC raised . This made them the only well funded core developers and thus the only choice for rapid development and fully in control of what gets updated. By choosing to address this third party contract issue, by refusing to update the old chain, they effectively held their funding and updates hostage to make sure people can't opt out without significant costs [1,2]. Additionally, with such capital, it's trivial to affect the swing vote for under-represented polls with eth or hashpower making their polling governance methods unsecure. Furthermore, once the old chain did receive an exchange and thus possible value, the old chain coins from EF premine were used to damage the value of the old chain further .
EF has name recognition as the founders, name ownership of "the real Eth" or ETH, with even a trademark . Unlike volunteer based or anonymous core teams, EF is Swiss nonprofit operating as a single entity. When a high publicity issue appeared that threatened their money, they were able to stop trade on major exchanges with a simple message [1,2].
Exchanges were deceived by the EF into belief there will be no one in dissent of the self-bailout fork (leaving the other fork without a market and 0 worth) and not prepared for people opting out of bailout [1,2,3], which was misleading due to highly uncertain polls (below). This deception allowed them to be the only chain with value following the fork, and allowed them to keep the name. Despite it all, dissent was also to exist by original chain surviving and prospering even under countless harmful actions of the EF (usually 1/3rd of Eth in number of transactions, 45-50% of marketcap at peak , and even longer chain on at least one occasion).
EF demonstrated ability and willingness to cease trade, fork, and affect entire network when a single app of their choosing fails while profiting from it . The non-democratic nature of the decision was noted by many [1,2]. Changes in properties of the ether security - securities fraud The "unstoppable" app was sending money to an unknown user. What followed was the controversial change of the advertised rules where EF stopped the app by censoring that transaction without consent and confiscated the transaction contents resulting in personal profit for EF devs and friends. The rule change that let EF and friends profit financially while harming someone else financially is very plausibly securities fraud [1,2,3,4]. Additionally, it was a clear conflict of interest in governance. The change of the rules of the security associated platform to censor or run applications based on feelings of how it should run (e.g. liked/ok or disliked/exploit) by the Ethereum Foundation (a centralized entity) broke the EF and DAO earlier statements on decentralization, lack of censorship, and explicit execution of code. While the user followed all the known rules from statements of the platform and the app, the fork rule changes were applied not to fix a bug but to undo previous actions using new rules ex post facto. The changes were retroactive and arbitrary: stopping the app and censoring the user by reverting his money transfer back to where they could take it out, subjectively justified by calling it a theft. Blockchains gain value by decentralizing trust to numerous different parties thus creating censorship resistance against minority attacks and thus security. Ethereum Foundation supported ether asset changed from decentralized, trustless, secure, censorship-resistant platform asset to (proven based on EF actions) centralized, trust-requiring, unsecure, censorable platform asset hence damaging said value. However, to this day the advertisement of the properties of the ether security has not changed, long after EF actions proved virtually every statement in them false. No safeguards were put into place to prevent a repeat as well. This makes it a case of continuous securities fraud as well. What choice did community have? Bad and worse.
Miners had no choice but to mine on the chain with the only coin that would be sold on exchanges under same name (so they can cover electricity bills and profit instead of paying for useless coins) and only chain with future upgrades [1,2]. The bailout was the default setting in codebase with only hours of notice giving it enormous advantage [1,2,3,4,5,6,7,8]. However, some managed to remain on the original despite taking financial losses with no exchange value but were still ignored. Carbonpoll declared official only hours prior suggested 94% not knowing about the issue or being apathetic, hashpoll earlier had 90% no-responses.
App developers had a choice of 2 chains - EF abandoned chain with no clear funding/devs/roadmap or certainly centralized chain with funding/updates. Most had to choose the one with known roadmap despite concerns  vs complete uncertainty but community focused on security .
The ether security holders had the properties of their platform change from known as trustless dapp platform with ico funded devs and updates to two inferior choices : (1) chain with no roadmap nor funded devs but with a nervous community around trustless security, and (2) unsecure chain with no mechanism to prevent a repeat but with update roadmap and ico funded devs. Many gave up hope taking a loss up to 65% in value. EF effectively created two new different and inferior versions of the original security.
No evidence of community support for bailout The justifications of the self-bail out forks are often in the tone of it being a democratic decision or that there was agreement from the community. The survival of the original chain both in value and transactions despite being damaged in value by the EF and even when it had no market value is a demonstration it was not an insignificant disagreement. Additionally, often several voluntary polls are referred to with ~5% eth and 12% hash turnout and single digit 4% and 9% vote of all possible votes for self-bail out fork [1,2,3] - far from majority. Historic archives of the subreddit and simple online polls during the time show much stronger opposition to bailout [1,2,3,4,5]. Issues with official poll
The low turnouts of a voluntary insignificant poll done on a little known subreddit instead of protocol level makes it statistically insignificant. EF made carbon vote the "official" vote 12 hours before the release of the client after claiming it had no official capacity and after making support for the EF-bailout fork default option in the code base [1,2,3,4,5,6]. Additionally, due to low turn out and polls could be easily manipulated for financial gain by buying eth or renting hash power momentarily just for the vote by third parties (thus breaking another earlier statement). About 1/4th of the 5% eth vote was from a single voter .
Voluntary polls are extremely susceptible to biases. Voluntary response bias strongly favors those with stronger incentives to respond and thus results in sampling bias: the profit coming from self-bailout of a minor third party app investors is far stronger incentive than voting for standard operation of a blockchain. Uncast votes from apathy or not being up to date was prevalent accounting for 90%+ mentioned above. By setting the bailout as the default setting (unlike opt-in setting used typically elsewhere) with only 12 hour warning, anyone not paying attention was tricked into supporting the bailout. Nodes can simply automate "apt-get upgrade && apt-get update" so this setting took advantage of everyone who hasn't seen official announcement only hours earlier .
Censorship resistance is often taken for granted in crypto projects as it is expected as the minimum requirement of something being called a blockchain. This expectation results in a bias from bystander effect  and diffusion of responsibility to ensure it: many assume vote for censorship resistance is a sure thing but will definitely happen by others voting. What can happen is a group expects someone else to vote and ends up in almost no one voting.
By the EF labeling the unintended execution of a contract "an exploit" and the person doing it "the attacker" alleging "theft" (which was not a universal interpretation) and stating support for the bailout, they introduced leading question bias that increases tendency to vote in a way that favored bailout. Additionally, individuals and companies had to face a social desirability bias where they were more likely to vote in a way that would feel more socially acceptable.
In summary on 2 polls selected and referenced by the EF is that there is no conclusive evidence of majority support for the bailout fork. Similar conclusions were reached by others.  Financial & value attacks Ethereum Foundation refused to work on the older chain thus damaging the older security they sold [1,2]. Ethereum Foundation took the premine from the development of the original chain, which is possible theft. Ethereum Foundation took the money of a rule following user, which is possible theft . Ethereum Foundation compromised security of the old chain by keeping it open to replay attacks hurting its value further. Ethereum Foundation damaged the value of the competing asset of the original chain using the stolen premine by selling it on exchanges  and making fun of doing so . Ethereum Foundation and closely related White Hat Group (WHG) not only took the remaining money from the DAO on their chain, but also on the original chain, and then used the funds to damage the price of the competing asset on the exchanges [1,2,3,4]. Every level of Ethereum proven to be unsecure and not trustworthy Additionally, every level of ethereum after proven centralized requires trust. And it's easily shown how each level cannot be trusted thus lowering its value:
Code: Ethereum Foundation (EF) via demonstration of centralized control stated and shown that they will decide how code should run instead of as written, so the code itself doesn't matter, and it can't be trusted to handle transactions, balances, apps.
Apps: Ethereum foundation broke the promises of a third party app called DAO that very uniquely stated code sets the terms, so eth apps cannot be trusted.
EF: Ethereum foundation also broke its own advertised statements about the platform when it censored users and stopped apps to take others money for subjective reasons. Additionally, their refusal to acknowledge conflict of interest, making a poll official only hours before pushing the update, and abusing power of defaults in the code shows so Ethereum Foundation cannot be trusted [1,2,3,4,5,6]. Additionally, centralization shown by EF makes it a weak spot for malicious actors to attack the entire platform using incentives (e.g. litigation, force, threat, pressure 1) to force them to exercise the control over the chain once again with existing precedent. There's no way to gain trust that this attack vector won't be used.
* The self-bailout fork events demonstrated centralized Ethereum Foundation has complete centralized control over every level of this blockchain: every transaction and every app. It proved that EF has capability and the will to use it to overwrite operation of any smart contract even if it serves their self interest. In other words, Eth is a proven unsecure centralized censorable trust-requiring platform that can't be trusted on any level with any aspect of operation. There are zero safeguards currently in place to prevent EF from taking advantage of their control from occurring again. Additionally this is public information making it a well known centralized weakness and, thus, a known attack vector that could be used by interested third parties, which would be nothing new . Nothing has been done to fix it and continues to be part of Ethereum's flawed premine controlled "economic forks". This subreddit is a curated collection of resources for education purposes only that would be difficult to find downvoted on biased ethereum subreddits to protect and warn people from being hurt by this fraud via investment or development on top of a nonsecure blockchain. Other notable events about Ethereum to read about:
Newcomers are mislead to think EEA uses public chain with ether (ETH), while almost all actually use independent private chains  and mostly used for "dumb money" 
Ethereum being treated by some like a secure cryptocurrency alternative, when only recently months apart it was brought down several times: by spam attack  and also accidental forks leading to reversed transactions [2,3,4] on top of being unsecure through centralization discussed above including willingness to erase attackers money (even if they are a majority) by controlling the codebase defaults and causing user activated soft forks[4,5,6]. Developers have shown willingness to put rapidly written code as defaults to force a change while compromising security, shown most obviously in the failed soft fork incident . Concerns about lack of security through centralization also appear to be ignored when even lead developer said he prefers consensus failures to criticism . And the concerns of using crypto with larger attack surface are constantly being proven true [1,2,3] including issues with its scripting language & evm itself [4,5,6]. Centralized miners (2 pools control majority of hash power) are another source of security failures soon to be followed by stake based security in Casper where worst possible distribution method of premine+ICO will help centralize control further.
Ethereum plans to add zero-knoweldge proofs with unsecure trusted set-ups. 
Ethereum advertised as answer to scalability while already suffering issues [1,2] putting app use in question  at only 4th place transaction load in crypto  and requires distant updates to address it (casper, sharding). The blockchain is showing incredible size and bandwidth bloat already orders of magnitudes higher than alternatives [5,6]. Transactions are getting lost . Most of the capacity is taken up by same accounts transmitting more eth/assets showing much lower adoption use .
EF often demonstrates willingness to make similar radical changes without requiring opt-in consensus 
SUMMARY: Ethereum is an unsecure, trust-requiring, centralized, mutable platform that runs stoppable apps and censors people Ethereum Foundation (EF) dislikes - the opposite of what it advertises itself as. Ethereum Foundation misrepresents what Ethereum is to prospective investors for increasing the value of the traded asset ETH while profiting financially. This means, by definition, Ethereum Foundation is participating in fraud by continuously misleading investors. Furthermore, the act of suddenly changing the properties of the unregistered security after the sale of the security in the initial coin offering (ICO) and/or on exchanges while profiting personally constitutes securities fraud. Additionally, Ethereum Foundation is connected to damaging the value of sold assets, damaging the value of competing assets, theft from competition, and market manipulation of competing assets for profit. Nothing has changed after historic actions proved centralization beyond reasonable doubt. Eth is still centralized, unsecure, and gains value only through fraud
This is a request that has to do with the DAO counter-attack plan as discussed in the past here and here. People from the Robin hood group have made the following proposals which are going to reach their debate period end quite soon. It would be really nice if any DTH who would like to help, vote in favour of the following proposals:
At the moment there is a lot of work regarding the HF by many developers in the Ethereum community. This plan is unrelated to the HF and is just something to have as a backup in case the HF does not happen. Your help is going to be appreciated. Edit: Chance of success Note that this move does not guarantee any money back, and should not affect any decisions on HF. As already stated many times both in the blogpost and elsewhere the counter-attack has a lot of moving parts and without an SF it's almost guaranteed that it will not return most of the funds to the DTH. This move is just to help the robin hood in case an HF does not go through. Edit3: Voting Instructions
Why Turing-complete smart contracts are doomed: "Kurt Gödel and Alan Turing both posed the same question: 'Can we find a universal procedure to prove that a mathematical theory is true or false?' They each, in their own way, answered 'NO': there exist some mathematical truths that cannot be proven."
Given a "smart contract" written in a Turing-complete language...
it is impossible to determine the semantics / behavior of that "smart contract" in advance, by mere inspection - either by a human, or even by a machine such as a theorem prover or formal reasoning tool (because such tools unfortunately only work on more-restricted languages, not on Turing-complete languages - for info on such more-restricted languages, see further below on "constructivism" and "intuitionistic logic").
The horrifying conclusion is that:
the only way to determine the semantics / behavior of a "smart contract" is "after-the-fact" - ie, by actually running it on some machine (eg, the notorious EVM) - and waiting to see what happens (eg, waiting for a hacker to "steal" tens of millions of dollars - simply because he understood the semantics / behavior of the code better than the developers did.
This all is based on a very, very deep result of mathematics (Gödel's Incompleteness Theorem, as referenced in some of the links above) - which even many mathematicians themselves had a hard time understanding and accepting. And it is also very, very common for programmers to not understand or accept this deep mathematical result. Most programmers do not understand the implications of Gödel's incompleteness theorem on Turing-complete languages As a mathematician first, and a programmer second, I can confirm from my own experience that most programmers do not understand this important mathematical history at all, and its implications - it is simply too subtle or too foreign for them to grasp. Their understanding of computing is childish, naïve, and simplistic. They simply view a computer as a marvelous machine which can execute a sequence of instructions in some language (and please note that, for them, that language usually happens to simply "come with" the machine, so they unquestionably accept whatever language that happens to be - ie, they almost never dive deeper into the subtle concepts of "language design" itself - a specialized area of theoretical computer science which few of them ever think about). Paradigms lost As we've seen, time after time, this failure of most programmers contemplate the deeper implications of "language design" has has led to the familiar litany of disasters and "learning experiences" where programmers have slowly abandoned one "programming paradigm" and moved on to the next, after learning (through bitter experience) certain hard facts and unpleasant, non-intuitive realities which initially escaped their attention when they were simply enjoying the naïve thrill of programming - such as the following:
TRY / CATCH / THROW constructs are considered harmful (they're not much better than GO TO in terms of program control flow);
callbacks in languages like node.js are considered harmful (they result in unreadable spaghetti code, which is totally obviated in more advanced functional languages with monads);
destructive update / assignment is considered harmful (when compared with immutable data structures - which are by the way essential for parallelism - and we should remember that any cryptocurrency runtime environment will by definition be parallel);
more advanced programmers are even starting see that it is considered harmful to not initially write (or, just as bad, to never even get around to writing after the fact) a specification stating "what" a program is supposed to do, before proceeding to write (or semi-automatically derive) an implementation stating "how" it should do it (cough, cough - see the "Bitcoin reference implementation" in the low-level C++ language, with which all other implementations are expected to be "100% bug compatible": this is an utter abomination and disgrace, to expect the "worldwide ledger" to run on a system which no carefully designed human-readable specification - merely an increasingly spaghetti-code-like implementation which can only be parsed by the inner priesthood of pinheads at Core/Blockstream - and trust me, this is one "worse is better" situation which they're perfectly comfortable with, because it simply cements their power even further by discouraging the rest of us from examining "their" code and contributing to "their" project) - and by the way, the Curry-Howard Isomorphism tells us that providing an implementation without a specification would be just as bad / ridiculous / meaningless / pointless as (ie, it is mathematically equivalent / isomorphic to) stating a proof without stating the theorem that is being proved.
At a minimum, we should onlynon-Turing-complete languages; and
Ideally, our toolbox should also allow providing a compact, more human-readable, high-level specification saying "what the smart contract does", and not just a lengthy, low-level machine-runnable implementation saying "how it should do it".
So, the requirements for languages for smart contracts should include: (1) Our language should be non-Turing complete - ie, it should be based instead on "Intuititionistic Logic" / "Constructivism"; (2) We should favor declarative languages (and also things like immutable data structures) - because these are the easiest to run on parallel architectures. (3) Our toolbox should support formal reasoning and verification, allowing us to mathematically prove that a low-level machine-runnable implementationsatisfies its high-level, human-readable specificationbefore we actually run it Some YouTube videos for further study There's a video discussing how declarative languages with immutable data structures (such as Haskell, which is pure functional) are a nice "fit" for parallel programming: The Future is Parallel, and the Future of Parallel is Declarative https://www.youtube.com/watch?v=hlyQjK1qjw8 There's also some videos about how Jane Street Capital has been successfully using the language OCaml (which includes functional, object-oriented, and imperative paradigms) to develop financial products: Why OCaml https://www.youtube.com/watch?v=v1CmGbOGb2I Caml Trading https://www.youtube.com/watch?v=hKcOkWzj0_s Lessons from history When I see Peter Todd writing a blog post where he embarks on informally specifying a new language for "smart contracts for Bitcoin" based on lambda calculus, it makes me shudder and recollect Greenspun's Tenth Rule, which states:
Any sufficiently complicated C or Fortran program contains an ad hoc, informally-specified, bug-ridden, slow implementation of half of Common Lisp.
The bug which the "DAO hacker" exploited was not "merely in the DAO itself" (ie, separate from Ethereum). The bug was in Ethereum's language design itself (Solidity / EVM - Ethereum Virtual Machine) - shown by the "recursive call bug discovery" divulged (and dismissed) on slock.it last week.
I'm appalled by this total lack of taking responsibility.
6 days ago Stephan Tual posted the following article No DAO funds at risk following the Ethereum smart contract ‘recursive call’ bug discovery. Reason for that was MakerDAO exploit. Weeks before multiple devs, including people from Rootstock, pointed out this fundamental flaw in the DAO contract. No action was taken. Yet now Stephan claims that the unthinkable has happened. Everyone in the dev community was aware of this, we were all just sitting and waiting until the first person exploited it. Now the community just bails them out? It is a bailout, literally. They are bailing out their own investments caused by their own stupidity. I thought the Ethereum community was better and more critical than just accepting what they push down your throats. I'm appalled and disgusted by this behavior. Unforgivable. Forking is the death of Ethereum.
Hard Fork. Liquidate. - ETH returned proportionally to DAO tokens held.
Soft Fork. Freeze. - 14% of ether becomes blocked indefinitely.
NO Fork. Do nothing. - most of 14% will likely go to attacker(s) and then perhaps on the market.
While Gavin in the video does mention some negotiation with the hacker he does not offer it as an option nor proposes anything related to it. Since the main probable motives of the attacker are: A. Financial. - He is after the money. B. Hostile. - He is after damaging the Ethereum network. C. Other. It seems feasible to try in parallel to working on the forks to make an offer to the attacker that will be hard for him to refuse in case his motive is A (Financial). If he has other motive this will probably not work. The idea posted by Adam Byrne on CoinDesk article is below: http://www.coindesk.com/ethereum-response-dao-kill/#comment-2742119606 "
Adam Byrne • 2 days ago My solution to #TheDao impasse.
Create a new (and properly vetted, this time) smart contract which will release an agreed and appropriate sum to the hacker.
For the sake of argument, let’s say $1 million, which (it could be argued) is a just reward for his ingenuity and attention to detail.
Create another smart contract (or use the same one?) to release the rest of the funds back to an escrow account (assuming that the total investment was $160 million, then $159 million will be returned).
Therefore less than one percent (0.625 percent) has been ‘lost’ to the hacker.
These losses will be spread on a pro rata basis across all the investors in The Dao.
For example, if you put in $100, you get back $99.375.
Refund the investors through yet another (properly vetted) smart contract and then close down The Dao permanently.
Advantages: Fund are unfrozen. The hacker walks away with a reward but relinquishes all claims on the rest of the funds. Everyone else walks aways with an almost full refund. MOST IMPORTANTLY: No roll back (fork) is necessary. No disastrous precedent is set and the integrity of the Ethereum blockchain is preserved. The efficacy of properly designed and vetted smart contracts is proved. We can all move forward and learn from the mistakes that were made. PS. I do realize that the hacker ‘made it away’ with ‘only’ $50 million of the total $160 million or so invested in The Dao but the precise numbers are not the most important aspect of my proposed solution. Someone else can do the exact calculations. " If attackers interest is financial it makes a financial sense to get a guaranteed 1% of a big sum then get nothing with the implementation of a fork that will also cause damage to Ethereum. I ask for a constructive discussion on this thread to try to brainstorm a possible way to offer the attacker(s) a solution to deposit all of the funds into a refund contract with the option to automatically send 1% to the attacker(s) address. This is in order to avoid implementing any kind of fork and avoid damage to ethereum eco system. This is more elegant and desirable solution if the attacker will be willing to cooperate and does not hold in his intention to hurt the ethereum community. *Disclaimer: I do not own DAO tokens. But own Ethereum.
The Ethereum development team, together with a group from the startup Slock.it, developed “The DAO,” a decentralized organization built on the Ethereum blockchain. For the first time in history, an organization whose members could track invested funds in real-time was created. The management process is carried out using automated systems. Every blockchain has to start somewhere, so there’s what’s called a genesis block at the beginning. This is the first block, and in it the creators of Ethereum were at liberty to say “To start, the following accounts all have X units of my cryptocurrency.” Any transfer of that ether on the blockchain will have originated from one of these initial accounts (or from mining). One of the annoyances of the blockchain as a decentralized platform is the sheer length of delay before a transaction gets finalized. One confirmation in the Bitcoin network takes ten minutes on average, but in reality due to statistical effects when one sends a transaction one can only expect a confirmation within ten minutes 63.2% of the time; 36.8% of the time it will take longer than ten ... About the Author. Stephan Tual is the Founder and COO of Slock.it.. Previously CCO for the Ethereum project, Stephan has three startups under his belt and brings 20 years of enterprise IT experience to the Slock.it project. Before discovering the Blockchain, Stephan held CTO positions at leading data analytics companies in London with clients including VISA Europe and BP. Slock.it UG est une entreprise allemande qui a l’ambition de fournir au monde entier la future infrastructure d’économie collaborative. Leur produit principal, l’Ordinateur Ethereum, permet à quiconque de louer l’accès à n’importe quel objet intelligent compatible et connecté tout en acceptant des paiements sans intermédiaires par le biais de contrats qui s’exécutent dans la ...
To learn more visit our website: https://slock.it Follow us on twitter @slockitproject --- Slock.it enables anyone to rent, sell or share their property with... People & Blogs; Show more ... Slock.it - Christoph Jentzsch - Duration: 23:35. Ethereum 1,795 views. 23:35. Gavin Wood presentation hack of the DAO smart contract and options Ethereum community # ... Emerging from stealth mode, ambitious German’s startup Slock.it allows anyone to directly rent, sell or share anything without middleman. Slock.it bridges th... We’re exposing how a hacker exploited a flaw to steal over $60M USD of digital currency called Ethereum. We’ll start with an overview on Ethereum, it’s use of “smart contracts”, and The ... Overall an amazing 3 months, looking forward to seeing the crowdsales of Slock.it and Digix, as well as to try Augur (the decentralized prediction market build atop of Ethereum)! Get the PDF of ...