Weekly E-mails:  Crypto Trading Strategy 5 Weeks of Onboarding Reads. Latest Airdrops (Thu 7 AM EST). Or all of it.

Dismiss   Pick Your Preference
This site uses cookies (More).

 

All about the DAO hack - #CryptoTrading

A summary of what is going on with DAO's and ETH
  .  Published  · By KarlVonBahnhof

Image: DAOs have a critical vulnerability that can probably be removed only by a hard fork.


The DAO hack simplified

Great summary can be found on erratasec blog.

It starts with an explanation of what are smart contracts (the main purpose of the Ethereum platform) actually good for.

Let’s say that we want to organize a small conference. We need 100 people to sign up and pay/deposit money, so we can rent a hotel and such. But if not enough people sign up by a certain date, then the deposits need to be refunded. With Ethereum, we can write in a JavaScript-like language to code up this contract. It’ll guarantee that everyone will get a ticket to the conference, or everyone will get their money refunded, depending on how many sign up.

The main point is, this whole redistribution of payments that, depending on a condition, might or might not be returned to the people who paid them, is supposed to be made automatic. There is supposed to be no human overseeing it or interpreting the circumstances to help someone in power decide.

Then the DAOs are explained, specifically how you leave a DAO (not just TheDAO but any DAO). The issue here is to leave you need to create your own DAO if you have invested in a project that is still ongoing. Your child DAO will receive the payout of your investment once the project is over.

When you want to leave the fund, you split from it. This includes your share of unspent Ethereum coins, but also tokens representing returns on investments you were part of, but which haven’t yet paid out. That’s why you “split” rather than “cash out”, you need your own DAO shard to track those investments until they pay out.

This DAO splitting is exactly where the hack occured

When a member exits the investment scheme, they call the function name splitDAO(). (…) The member will supply some of their own code with the transaction. Among the things that code will do is tell the DAO code how to transfer Ethereum coin. (…) [Another] issue is that Ethereum code is recursive. That means when a function is running, it may call itself a second time. The bug is that when splitDAO() is called, it will then call the recipients code to transfer Ethereum coin, after which the recipients code will call splitDAO() again before finishing. This causes the process to repeat itself, transferring more Ethereum coin, then calling splitDAO() again, which calls the hacker’s code, which calls splitDAO(), which calls the hacker’s code, and so on. The process will continue endlessly, until it drains all of TheDAO’s coin.

You can see that the bug is inherent to DAO codebase and closely related to how Ethereum platform works. If this very basic code is not altered, all future DAOs are subject to this bug.

Stolen money recovery

The only way to undo this is to rewind the blockchain to the state before the attack occured which has been seriously considered and which spooked all the non-ETH fanbois. It would undo not only the hack but also all the other transactions that occured in the meantime which means screwing over the few for the sake of an organization that is too big to fail, as the ErrataSec article points out. We know that from centralized banking.

Currently the ongoing solution to this issue implemented by the developers was one that avoids the rewind: New child whitehat DAO attacks were created with the purpose to attack the malicious DAO. The whitehad DAOs rolled out on the 21st of June while developers kept reassuring everybody the attacker cannot access the stolen funds for 27 days which is enough time to come up with a solution.

This attempt to shake off the hacker failed. Since the whitehat DAOs needed capital to run, they started accepting donations. The person behind the initial hack also donated some ETH to the whitehat DAOs and is hence a shareholder, possibly planning to drain the whitehat DAOs as well.

Meanwhile, a Cornell professor found 10 other vulnerabilities in DAO and calls for a DAO 2.0 movement.

Current Ethereum Sentiment

People on ETH trading subreddits feel that the dev team looks after them and have more confidence in ETH now than in BTC (with notoriously indecisive governance) - in spite of the fact ETH is fundamentally flawed and DAOs are subject to future fund drainings.

This goes hand in hand with the sentiment that is being created by the community voices, and that is that the DAO hack is good for Ethereum since it is only pruning, similar to the shaking out of the weak hands during a run-up, where only the most faithful will prevail.

For clarification, traders say that the weak hands are being shaken off when there is a bullish market that retraces significantly after a profit taking on a local top, forcing highly leveraged longs to market sell at a loss. That results in some more price drop where winners take it all, i.e. people with enough capital will take the advantage of - pardon my French - cheap coins and drive the price up.

It has nothing to do with pseudo-Christian faith in a leader/savior and putting money into a platform where they might be irreversibly lost while there are plenty of alternatives without this downside.

Consequently careful speculations occurred on /r/bitcoinmarkets considering manipulations from the side of wealthy ETH holders that need the ETH price to hike up to $30 once again before they cash out for good.

It is probably worth mentioning that some people are just in for the penny stock chance.

Meanwhile, officials are concerned.

####Some more reading

About the author

Written by KarlVonBahnhof

KarlVonBahnhof also on Reddit, Chris belongs to the crypto trader class of 2013. Located in the Americas most of the time, you're most likely to meet at r/BitcoinMarkets though.

 

Last added to Crypto Airdrops, Bounties & Opportunities
Name Date How to access Official URL Additional Info
DAPPT Airdrop New Opportunity LIVE until 16 July The dapp.com pre-listing airdrop that we published in June is done now and users can withdraw their airdrop rewards. Dapp.com now opened another opportunity to earn money - there is a TRX reward for trading the DAPPT token. How to get money:Sign up on PIEXGO where DAPPT is listed with code 3I2QDP. Make at least one trade on DAPPT/USDT market. PIEXGO will snapshot user holdings every hour before 15:00 (UTC +8). Users will share a total of 30,000 TRX according to proportions of their average daily DAPPT holdings. DAPPT withdrawal PIEXGO exchange
MAXUM Crypto Airdrop As available New deflationary ERC-20 token (with a token burn rate of 2% per transaction). Because the only issue there is with the token ecosystem is inflation, or whatever. Drops for classic shilling (Twitter) and Telegram join. info form
PDATA Bounty Until 7 July PDATA is seeking to increase their brand awareness and would like to reward content producers in their native language with $20 in PDATA tokens in exchange for published articles and or videos. Maximum of 20 submissions. You should fill the pre-signup form ASAP, deadlines just now. info form
Product Protocol ERC20 Airdrop Until 22 Juny 2019 Product Protocol is a opensource protocol for crowdfunding/crowdlending campaigns based on digital assets issuing. Drops up to 18 USD worth of tokens for classic social media engagement. info join
INNOU Crypto Airdrop Limited INNOU is a new digital ecosytem and complete decentralized multimedia app. During their pre-ICO/ICO they are giving away up to 120 tokens (11 USD) for easy social media tasks. The 'Join' link takes you directly to the Telegram airdrop bot. info join
FanEspo Big Competition (ERC20) Regular Fanespo is launching a new promotion contest worth $400 in FAN tokens. Details will pop up on you when you sign up on site. Overall, the eSports platform FanEspo is giving away the total of $1.6 million of tokens in contests. You need to have a FanEspo account, the tokens you get are testnet but they will be transferred into real tokens upon launch. details make acct
Ethereum Card Airdrop Until end of June 2019 The escrow service on Ethereum is giving away up to 100 ETHCD tokens (15 USD) for a signup through referral and social media joins. Sign up with email and in your dashboard click "Join Airdrop". info sign up
Lunox LNX Airdrop Until end of June 2019 A retail marketplace that for some reason uses blockchain technology. Drops ERC20 tokens for social media shilling. info form
Bethereum Photo Contest Until end June 2019 Bethereum, the betting platform on ETH, is giving away prizes in a social media campaign to the platform users who take a photo of the platform in an unexpected place, post it as a comment and hashtag it #BethereumAnywhere Twitter. The monthly prizes of 25K Bether, AND 3 grand prizes of 100K BETHER! join platform photo thread
BlockWage Airdrops + Bounties Recurring Platform for freelancers marketplace. Airdrops randomly announced via Discord, there's also the possibility of Masternodes. join web
BitForex Exchange Launch Promo Limited The new altcoin trading platform is dropping exchange tokens to new signups. You get 20 BF for your signup with code 2178778 and can earn more for referrals, limited at 30k BF. details make acct

#DEX Series - The Business Of Decentralized Trading

Blog  #exchanges   29 Jun 2019, 09:14 UTC
DEX Series, Episode 2: Copy trading
Blog  #exchanges   29 Jun 2019, 09:14 UTC
DEX Series, Episode 1: Order Execution Management