Why Ethereum should fork

User avatar
Steve Sokolowski
Posts: 3361
Joined: Wed Aug 27, 2014 3:27 pm
Location: State College, PA
Contact:

Why Ethereum should fork

Postby Steve Sokolowski » Wed Jun 22, 2016 5:34 pm

There have been many happenings in cryptocurrency lately, but because they came at a time when we were just finishing the implementation of significant upgrades to our services, I have not had enough time to write about them here. In the next few weeks, I plan to discuss the recent revelations about Craig Wright, how we detected and penalized "low luck" miners, and another review of my predictions of the impending bitcoin crash and Ethereum rise. For now, however, I think that the most important, and also the most interesting, issue at stake is the proposed Ethereum hard fork to revert the DAO theft. In this article, I will explain why I believe that it is critical for the Ethereum community to rally around the fork. While there are many reasons the fork should be supported, some of the most compelling include human decency, setting a precedent, avoiding the poisoning of the network, eliminating government interference, and not repeating bitcoin's mistakes.

To begin, human decency is an important concept that one finds largely absent in online discussion forums. In fact, one of the seminal causes of the bitcoin crisis that is going to lead to its impending crash is a simple inability for key figures like Michael Marquadt, Gregory Maxwell, and Peter Todd to treat their opponents with respect and dignity. When leaders act the way that Marquadt, Maxwell, and Todd do, it sets a tone that others follow. As a result, many bitcoin users have become accustomed to ignoring the effects on individual people that result from their decisions.

Yet, despite what these people say, the consequences to actual human beings and their lives from the DAO theft loom large. Some detractors argue the technicality that the DAO's "code" is canonical, and therefore anyone is welcome to do anything with the DAO's money as long as their actions conform to the code. The idea that what happened is not a theft is ludicrous. Someone stole money from 20,000 people and kept it from himself. Few people, if anybody, who invested in the DAO did so with the intention that the DAO should be a race to see who can empty it first. Everyone understood that the DAO was created with the purpose of investing money in Proposals that were anticipated to earn a return. That's what the website said, that's what the marketing portrayed, and that's what its Curators intended. A survey of reasonable people would show that almost everyone sees through the false argument that the attacker simply "used the code."

How much money was stolen? It was about $80m; by contrast, the Antwerp Diamond Heist, the largest in history, resulted in $100m in stolen diamonds and gold. It is important to keep in mind the scale of the disaster - the theft of the DAO funds ranks within the top thefts of all time. It is not an acceptable argument to blame the victims and suggest that it was their faults for investing in the DAO. The DAO did not fail because of the inherent risk of the crowd investing in the wrong projects and going bankrupt; it failed because someone stole its money.

If no action is taken, then up to 20,000 lives will be different, and some of them will still be recovering 30 years from now. In 2050, there may be someone who could have retired five years prior, but who will still be working because people failed to take action on the DAO attack decades before. Given the large sample size, there is almost certainly a child who will not get the opportunity to go to college and will therefore suffer a lifelong setback if miners do not act. This isn't some game with numbers on a whiteboard. There are real people with real lives at stake, and the decision of miners in the next few weeks will determine whether they get some of their value back or whether a worthless scumbag wastes their futures.

I don't believe that a hard fork will destroy Ethereum or cryptocurrency as many do. However, it is important to note that justice in this instance is more important than the future of smart contracts. Even if it were known that there would never be a smart contract again, we as human beings still have a moral imperative to not allow such behavior to stand.

The idea of not allowing the theft to stand brings me to a second reason that an Ethereum fork is required: to set a precedent. An argument provided by those opposed to the fork states that refunding DAO investors would set a negative precedent that any transaction can be reverted in a blockchain. But this argument again, goes overboard. Nobody is proposing, whether now or in the future, to revert non-theft transactions, which is indeed undesirable. Furthermore, while in principle it could be argued that one should revert very small thefts, no reasonable person believes that this fork will lead to the daily forks necessary to revert every theft that has ever occurred on any coin. Instead, the rational and reasonable conclusion is that a precedent would be set that when a large theft of a significant portion of a network's coins occurs, that theft should be forked away.

But while everyone is focusing on the "revert" precedent, nobody seems to be drawing attention to the other precedent that will be set here: whether scams of this magnitude are allowed to stand or not. It is equally true that if no action is taken, then a precedent will have been set that anyone may perform any attack, no matter how immoral, and miners are to stand by and take no action.

Consider, however, what will happen if the fork does occur. The precedent for thefts then becomes: "if you attack this network and steal people's money, you will have taken a large risk and won't earn anything for your trouble." This is a very advantageous promise for a network to make. First, it significantly reduces the motivation for hackers to attack in the first place. Suppose that an attacker has 1000 hours to devote to either cracking the next DAO, or trying to find a vulnerability that obtains Satoshi's private key. He knows that even if he cracks the new DAO, miners are likely to band together and make him come out with nothing. So he will instead attack the bitcoin network, where he can keep his gains (or not perform an attack at all).

Few seem to recognize that a network that takes stands against big attacks is more valuable to businesses. If I had a choice between two networks to use for launching a new wallet service, which would I choose? I could secure my millions of coins on the Ethereum network, knowing that if a hacker tries to steal it the hackers will likely earn nothing, or I can use the bitcoin network, where the prevailing view is "Oops! Your bad!" And even if I think nobody would care enough to do anything about my theft on Ethereum, I still know that the attacker is less likely to steal in the first place. This is why the network's taking a stand against huge attacks, in the limited manner that is actually being discussed (not in the portrayed "someone will revert my transaction of 5 ether" manner that nobody is actually seriously considering), is a significant benefit to the network.

A third reason to fork Ethereum is the consequences to the future of the platform of not doing so. Some are worried about the attacker attempting to sell all his Ethereum and crashing the market, but thousands of bots are watching that address and everyone will be notified immediately if the money moves to an exchange. The attacker would be identified immediately if he ever attempts to sell or make a purchase. Instead, the real worry is the damage that could be caused by the attacker attempting to "poison wallets."

The criminals behind this attack have shown that they obviously aren't acting rationally, as if the they were, they would have stolen the money, shorted the market, and disappeared. Instead, they continue to stick around and go after child DAOs. Given that they aren't acting rationally, and they can't actually spend the money themselves, they could decide to poison the entire Ethereum network by sending a few ether to every address and contract. Since there is no way for recipients to refuse incoming transactions in any known cryptocurrency, everyone who owns Ethereum could find themselves having to deal with these tainted coins. Someone claiming to be the attacker (who signed with the wrong key) said he would do this, so the idea is obviously out there. This could be a network-ending event that must be prevented.

If I were to receive such stolen coins in my wallet, I would have to decide what to do with them. As do most people, I want no association whatsoever with the criminals, and I can see three options. I could leave them in my wallet and never spend them, with the intent of plausible deniability, but the claim is undermined because almost all clients report balances and I couldn't argue I missed the balance when I next spend my other coins. I could send them back to the attacker, but that could bring my address to his attention, causing him to send more back; or police could think that I was associated with the attacker because I sent money back to him.

The problem with these two options is that they record an acknowledgement that you received the coins. For businesses, this is deadly - recall that New York, for example, defines a "money transmitter" who must obtain expensive licenses as one who "receives" and "transmits" money. We own a business (a mining pool) that receives no money but transmits it. Now, the business has received money and could be in huge legal trouble because it is now an unwanted "money transmitter" for someone who could be involved in the drug trade.

In the end, I think that the best solution in the absence of a hard or soft fork would be for the community to set up a "shared burn" contract, which everyone (including the police) knows is a place that has been agreed for people to record their intent to dispose of the unwanted coins. I would burn DAO coins sent to our business in this way. Note that since gas cost is not computed until after a transaction amount is provided, victims will have to waste their own money getting rid of these coins. The attacker could be especially malicious if he repeatedly sent more coins to addresses after the previous coins were burnt, wasting even more time and making it appear as if the victim is more culpable. He could inflict maximum pain by targeting businesses that must avoid an association with him at all costs, to the point where they must cease operations with Ethereum.

The attacker has something unique. Someone who owns a lot of coins and bought them legitimately is unlikely to waste them because they can be spent on other things. But the attacker's coins are worthless for any reason except for performing more attacks. He can't spend them, but he can write a contract that wastes so much CPU power that people uninstall their Ethereum nodes, bankrupts businesses with compliance costs, wastes people's gas with small change, or fills up blocks with spam for a year to come. There is exactly zero ability for the attacker to do anything other than cause catastrophe when his coins are available.

There are two, somewhat more minor, arguments for forking Ethereum. One of them is to avoid government investigations by bureaucratic agencies. Even if miners are willing to allow the theft to go unchallenged, the SEC and FBI certainly will not. They will devote significant resources to investigating the DAO and Ethereum, create unfavorable regulations, and tie up Buterin, other Curators, and Ethereum developers with interviews and legal problems. The government interference would set back development significantly as time and money is devoted to lawyers and lawsuits. The attacker, while certainly a target, will not receive most of the scrutiny. The way in which taxpayer dollars are spent on demonizing the technology, rather than pursuing the criminals, has been repeatedly proven in many previous cases like the Cryptsy theft, where Cryptsy was immediately reprimanded for a lack of licensing but there is no news at all of any action against the perpetrators.

A final reason for supporting a fork is that a new approach to cryptocurrency is needed. Bitcoin has failed (although the naïve investors in the current bubble may trick people who don't actually use the network into believing otherwise) because Gavin Andresen resigned and created a leadership vacuum that persists to this day. The lack of leadership has resulted in warring factions who do not trust each other and censorship that does not allow for even the most basic discussion to work out their differences. Events have shown that having nobody in charge does not work. Ethereum has taken a different path, with an honest man as a leader who miners can remove if necessary in the future.

People in places like /r/bitcoinmarkets express incredulity about why Ethereum is quickly recovering, given that smart contracts are supposedly "broken." But even if contracts were broken (which they are not), they fail to recognize that the reason Ethereum has skyrocketed in value is because the Ethereum community works together and solves problem, while bitcoin has been infiltrated with unreasonable people. As I said months ago, people aren't buying Ethereum for the contracts; they're buying it because it has solved the blocksize problem, and they are confident that someone will be able to make a decision to fix whatever problem shows up next. Ethereum should not be influenced in its decisionmaking by bitcoin precedents or what people in the bitcoin community believe, because what they are doing obviously isn't working and adhering to bitcoin principles is going to lead to the same problems that are killing bitcoin.

In conclusion, plans for an Ethereum fork should be supported by everyone interested in the future of cryptocurrency, whether they were directly affected by the DAO theft or not. Ethereum should not allow bitcoin principles to influence its decisionmaking, lest they make the same mistakes. Government agencies will have nothing to investigate if the theft is reverted and nobody lost any money. Supporting a fork avoids the dangerous possibility of the attacker poisoning the entire network with these stolen coins and forcing out businesses who must avoid the liability of becoming money transmitters. Supporting a fork sets a precedent that hackers will not be allowed to succeed in large-scale attacks, incentivizing criminals to go elsewhere.

But most importantly, the community has a moral imperative to take action in favor of the victims of this attack. The money must be returned to the victims to allow them to invest it in another DAO, pay their rent, or to raise their kids. Sometimes there are more important issues at stake than abstract principles of whether code is correct, and the consequences to real people by doing nothing are unacceptable. I will be upgrading all of our nodes to support the fork, and all of my miners will work towards it. I hope that everyone will join me in standing up for the victims, showing attackers that their actions will not be tolerated, and demonstrating that the community and leadership of Ethereum, unlike those of bitcoin, is able to respond effectively to any crisis that is thrown its way.
Last edited by Steve Sokolowski on Wed Jun 22, 2016 6:57 pm, edited 2 times in total.
OldPaul
Posts: 3
Joined: Fri Apr 15, 2016 2:54 am

Re: Why Ethereum should fork

Postby OldPaul » Wed Jun 22, 2016 6:40 pm

I fully support your call for the Hard Fork, and appreciate your complex insight on the situation: thank you for sharing !
Some1notu
Posts: 62
Joined: Tue Oct 06, 2015 7:48 am

Re: Why Ethereum should fork

Postby Some1notu » Wed Jun 22, 2016 10:08 pm

Much of your thinking is flawed on several levels. First off is your Johnny Do-gooder help the "victim" non-sense. Those people invested in something without due diligence. Ethereum is NOT compromised and is working as intended, it is the lamely written DAO contracts implementation that is the cause. ETH has not, read this carefully, has NOT, I repeat HAS NOT been compromised.

Your argument to hard fork ETH makes as much sense as people saying guns are to blame in Orlando, instead of the criminal that did it. A hard fork completely dooms ETH. Your rather insane thought that some transactions should be forked is simply flawed, and that is being extremely kind. It is actually idiotic. Who, in a DECENTRALIZED system, decides what transactions are arbitrarily forked? So we admit it isn't really decentralized, but still what parameters justify a fork? Does it have to be 100 ETH, or 1 million ETH, or .00000001 ETH? Simply stupid idea. The bleeding heart liberal crap about kids not being able to go to college was as left wing as a thought can be. Don't blame the parent for making bad decisions, blame us if we don't help. I'm shocked you didn't throw in an attack on "assault" weapon while you were at it.

Saying that the DAO has no fault is obviously the most clueless statement you have ever uttered. The DAO screwed up and you want to try and convince people that ETH is to blame and should somehow come to the rescue. The "victims" of TheDao must be saved! The insanity of that knows no bounds.

Lost respect for you just broke my BS9000 meter.
User avatar
Steve Sokolowski
Posts: 3361
Joined: Wed Aug 27, 2014 3:27 pm
Location: State College, PA
Contact:

Re: Why Ethereum should fork

Postby Steve Sokolowski » Wed Jun 22, 2016 11:27 pm

Some1notu wrote:Much of your thinking is flawed on several levels. First off is your Johnny Do-gooder help the "victim" non-sense. Those people invested in something without due diligence. Ethereum is NOT compromised and is working as intended, it is the lamely written DAO contracts implementation that is the cause. ETH has not, read this carefully, has NOT, I repeat HAS NOT been compromised.

Your argument to hard fork ETH makes as much sense as people saying guns are to blame in Orlando, instead of the criminal that did it. A hard fork completely dooms ETH. Your rather insane thought that some transactions should be forked is simply flawed, and that is being extremely kind. It is actually idiotic. Who, in a DECENTRALIZED system, decides what transactions are arbitrarily forked? So we admit it isn't really decentralized, but still what parameters justify a fork? Does it have to be 100 ETH, or 1 million ETH, or .00000001 ETH? Simply stupid idea. The bleeding heart liberal crap about kids not being able to go to college was as left wing as a thought can be. Don't blame the parent for making bad decisions, blame us if we don't help. I'm shocked you didn't throw in an attack on "assault" weapon while you were at it.

Saying that the DAO has no fault is obviously the most clueless statement you have ever uttered. The DAO screwed up and you want to try and convince people that ETH is to blame and should somehow come to the rescue. The "victims" of TheDao must be saved! The insanity of that knows no bounds.

Lost respect for you just broke my BS9000 meter.


I think I need to make it clear that in this post, I am proposing that the cryptocurrency community should be taking a different approach than it has up to this point. Bitcoin is failing because it is not catering to its users. The blocksize issue is one example, but another example is that banks are developing "private blockchains" for this reason: that they want immutability up to a point. Businesses want some recourse to be available in an emergency situation like this and they need to know that someone is willing to take action to take their investment.

I'm proposing that Ethereum needs to take a different approach from bitcoin, because bitcoin's ideals are not working. The idea of perfect immutability is flawed. The idea of having no leader at all able to propose action is flawed. It's time to try something different because bitcoin is going nowhere and a new approach is needed.
Some1notu
Posts: 62
Joined: Tue Oct 06, 2015 7:48 am

Re: Why Ethereum should fork

Postby Some1notu » Thu Jun 23, 2016 12:14 am

The topic of your diatribe is forking Ethereum, so why keep referencing bitcoin? They are not the same.

To me personally your reaction and comments are knee-jerk reactions to an obvious bad situation. But the point has to be made the the bad situation is NOT in ETH , but in DAO code...........and none of that involves bitcoin, which you are trying to lock into the same convo.

You also have to face the fact that someone used current published vetted code to make a profit. Was the code perfect? Obviously not. Is exploiting the flaw a crime? Is a pump and dump a crime? Both are using the "system" to their advantage. I'll give you an analogy on the "theft".........Paycoin was quickly found to be a total scam, yet people watched the prices freefall and bought in and lost their asses. Who is at fault? Garza? Or the dumbasses buying in? Similar dumbasses bought into DAO. Is that the fault of ETH? Or the hacker? Or the buyer?

It is HIGHLY unlikely the DAO hacker will get a cent out of his ETH, but probably made a killing in the ETH market. I'm not the hackers fanboy but realize he actually did the crypto-world a service by exposing the flaw. Do-gooders want to waste time trying to block/burn the ETH taken and get all warm and fuzzy feeling if that occurs, but the main lesson was invaluable. It exposed serious flaws in the DAO contract implementation that could have cost the community BILLIONS of dollars. IMHO, suck it up buttercup and let the "hacker" get his ETH. Lesson learned and adjustments made.

IMHO make code adjustments to prevent future attacks and DAO investors should enjoy the haircut as a lesson learned. All of the FUD over him having a large stake in play is ridiculous. If his ETH is useable and has value, he is not going to do shit to devalue it. But the most important thing to come of this is that ETH isn't seen to be happy to arbitrarily reverse transactions.
kibbl3
Posts: 1
Joined: Thu Jun 23, 2016 2:33 am

Re: Why Ethereum should fork

Postby kibbl3 » Thu Jun 23, 2016 2:49 am

But while everyone is focusing on the "revert" precedent, nobody seems to be drawing attention to the other precedent that will be set here: whether scams of this magnitude are allowed to stand or not.


I think this is a critical point. Setting a precedent that smart contracts are buyer beware no matter how extreme the circumstances would be a likely insurmountable barrier to mainstream adoption. If Vitalik and security audits were unable to spot the security flaw, then this is not an appropriate level of due diligence to expect from the broader community/ecosystem.
gillepils
Posts: 1
Joined: Thu Jun 23, 2016 2:55 am

Re: Why Ethereum should fork

Postby gillepils » Thu Jun 23, 2016 3:14 am

I do sympathize with your concerns, but there are some flaws in your arguments.

First of all: what is the criterion that will be used in the future to decide if a fork can be executed? A 'substantion amount' of money that got stolen is no definition. Substantial for who? If all my fortune is in Ether, let's say I own 10.000 Ether and half of it is stolen. For me this would qualify as a substantial amount of money but will a fork be done? In the whole of the commumity this is probably not a substantial amount. So you will introduce a new division in the community... those that possess enough ehter to be backed by the option to fork and the poor from who can be stolen cause their interests are to low for the community.

Furthermore you state that after a fork government agencies will not have to look into the theft... As I understand the thief already contacted a lawyer to pritect his interests, cause he only executed a contract. This way the government agencies will become involved anyhow. Besides the hack, American government agencies recently stated that the want to look deeper into the cryptocurrency world to see how it can be regulated.

Who is online

Users browsing this forum: No registered users and 1 guest