Saturday, June 18, 2016

DAO vulnerability -- Ethereum

Yesterday someone exploited the so called "DAO vulnerability" to steal some 3 Mio. Ether. This incidence, of course, led to a panic attack by many people trading Ether, which resulted in Ether prices plummeting. This article by The Verge even titled "How an experimental cryptocurrency lost (and found) $53 million". So here is the catch: the author of this article, and in the same vein everyone else already summoning the death of the "Ethereum cryptocurrency", actually miss the point about Ethereum. Ethereum is not a cryptocurrency, but "... a decentralized platform that runs smart contracts: applications that run exactly as programmed without any possibility of downtime, censorship, fraud or third party interference." The execution of these smart contracts is fueled by Ether, but Ether is not a cryptocurrency, like bitcoin. It was never thought to be yet-another cryptocurrency. So don't blame the project, if you lost "real" money yesterday. Ether is not there to be traded in the first place, it's a commodity, to be used in the Ethereum network. And to be sure: Buterin nicely explains that the attack is not a bug in Ethereum itself, but a mistake in the code powering the DAO project. As it seems, a common bug, though.

So, what will happen? Well, I think the Ethereum community learned a valuable lesson. The attack might foster the creation of long-awaited "best-practices" for smart-contracts, maybe even projects to "security check" your own smart-contract code. Learning the hard way is often the only way to learn. In this sense: no, the project certainly is not dead -- quite the opposite, it might never have been more alive.

No comments:

Post a Comment