The Cornell computer scientist who helped identify vulnerabilities in The DAO revealed 10 new exploits in its code at an event in New York.
The statements from Emin Gün Sirer, a longstanding critic of the project, come amid broad concern over developments at The DAO, a smart contract-based funding vehicle built with ethereum that has effectively collapsed following an exploit of a vulnerability within its smart contract code.
Sirer warned that, while the vulnerability that led to the removal of tens of millions of dollars worth of the cryptocurrency ether is now well-understood, much remains to be fixed before another DAO (decentralized autonomous organization) can be launched.
The statements were the first to lay a clear path forward for how to build an organization run largely with code, and thus fulfill the original vision of The DAO.
Sirer, who is the co-director of the Initiative for Cryptocurrencies and Contracts (IC3), an academic research project focused on the technology, used the forum to lay out a detailed account of possible exploits for such projects that go all the way down to the Ethereum coding language itself.
Sirer went on to argue that the issues highlighted are relevant when looking at the question of creating similar projects in the future.
He told the crowd:
"The DAO 2.0 requires much, much more effort. It’s a much deeper field than people might think."
Vulnerabilities detailed
In the days leading up to the initial bug detection, Sirer and his colleagues published an overview of what they called a “recursive call” vulnerability that allowed the exploiter to move funds into a so-called “child DAO” that breaks off from the original DAO.
Addressing a crowd of about 70 bitcoin coders, ethereum developers, computer scientists and financial professionals at last night's event, Sirer went into detail about other possible threats.
For example, the “stalking” bug – which is currently being used to mount a counter-attack against a white-hat hack designed to move funds into a safe account – is an example of one of the vulnerabilities Sirer identified at last night’s event.
The 10 vulnerabilities Sirer discussed in detail include a "concurrent proposal trap" whereby an attacker makes an arbitrary proposal such as 'Do you believe in God?' designed to entice a high degree of response, and include long voting period during which the token used to vote becomes trapped. Then, a competing proposal could be made by the attacker after the funds have been locked up.
Another exploit, called a "majority takeover" attack, disguises a majority vote by a single party that might benefit from a successful proposal by splitting the voting power into smaller votes cast separately, for which he said there is no known defense.
Some of the exploits discussed last night were published in detail in the earlier paper. A full list, along with an account of how The DAO functions, can be found here.
"The whole point of smart contracts is to create exciting, weird financial instruments," Sirer told attendees, adding:
"This is not exciting, it’s just weird."
Tough love
In the hours leading up to yesterday’s event, Sirer engaged in an Twitter debate in which he argued that the Ethereum community should ostracize founding members of Slock.it, a Germany-based startup that wrote The DAO code and spearheaded its deployment.
At the event in New York, Sirer doubled-down on his call, naming founders Stephan Tual and Christoph Jentzsch, in particular.
But while Sirer had some harsh words for Slock.it, he said the problems extend to ethereum itself. He called The DAO a "ginormous $220m bug bounty", a criticism that extended not only to DAOs, but to ethereum’s smart contracts coding language Solidity, which he said is a work in progress.
Sirer told attendees:
"We should redesign Solidity, we should rethink what it means to write secure state machines, how we should specify them and how we should make sure that they do not mess up."
Image by Michael del Castillo for CoinDesk