How did you lose about 5.2 billion yen in the experimental encryption currency "Ethereum"


ByYuri Samoilov

Encryption currencyPlatform centered on "Ether"Ethereum"The DAO", a self-sustained decentralized investment fund based on attacks from hackers on June 17, 2016, is about 53 million dollars (about 5.2 billion yen), which is about one-third of the funds, I was hit by. The Verge of the IT-related news site summarizes what the heck is with Ethereum · The DAO, whether the damaged account can recover funds, what was the problem this time was, and so on.

How an experimental cryptocurrency lost (and found) $ 53 million | The Verge
http://www.theverge.com/2016/6/17/11965192/ethereum-theft-dao-cryptocurrency-million-stolen-bitcoin

Ethereum is a cryptographic currency that supplements the technical defects of the virtual currency Bitcoin. In the virtual currency market size ranking of 2016, it is second to second place after Bitoin, which is No. 1, and the size of the transaction has expanded since around February 2016, in particular.

Crypto-Currency Market Capitalizations that understands the market size of Bitcoin and other virtual currencies - GIGAZINE


First of all, important to understanding Ethereum is the foundation of Bitcoin and EthereumBlock chain(Distributed ledger technology)It is a mechanism. Looking at the following article, you can imagine "What is a block chain?"

Movie that can understand "Block Chain" in 2 minutes - GIGAZINE


In traditional transactions, central administrators, such as banks and securities companies, manage transaction ledgers, and users trust banks and securities companies rather than counterparties to trade, ensuring transactions are established. On the other hand, transactions using block chains do not have centralized control, and by putting data on computers scattered throughout the world, we monitor each other and reach a reliable agreement. In the centralized system, there is a risk that the system will not function if it attacks one point where information concentrates, but in the case of the block chain it is not centralized so it is resistant to external attacks and the system is stopped It is characterized by being a very difficult mechanism to do. Also, there is no central administrator, so it is advantageous that the cost of trading will not be passed on to users.


The mechanism using cryptography and block chains was also used by Bitcoin, the virtual currency, but while Bitcoin can only do relatively simple remittances EthereumTuring completeIt has a programming language and it is possible to set and execute conditions autonomously on the block chain. The mechanism of Ethereum is not in the past and it can be said that it is still the experimental stage,Ethereum Blockchain as a ServiceWe are attracting attention from many companies and investors, including announcing.

The DAO is an investment system using Ethereum and is an independent investment fund that is similar to venture capital. In order to participate in the DAO project, Ethereum users first purchase the The DAO internal currency "DAO token" Ether. The DAO token has aspects of shares and voting rights, so that not only profits are distributed when the invested project succeeds, it is possible to vote for projects and investments. In order to demonstrate the concept of Distributed Autonomous Organization (DAO), The DAO is not a natural language contract, but rather on EthereumSmart ContractAlthough it was an attempt to build a distributed automated organization with the vulnerability of this smart contract program, this time it was hacked by the hacker. Regarding this bug, he was former chairman of the Bitcoin FoundationPeter VessenesTo researchers including Mr.Where pointed outHowever, the developers of The DAO thought that they recognized the bugs but were not fatal.


The Verge says, "It is easy to condemn developers here, but coding on building a database on the web has proven over the past few decades, but there is no precedent in coding on the block chain It is a place where it is very difficult for developers to predict what will cause problems and what will keep security security. " It's no wonder that malicious hackers find out what the developers are missing if the DAO is talking about tens of millions of dollars being collected. "This is the final stage of secure programming, you have to worry about code that developers can not fix for the next four years from hackers, and tools to solve them, too There is no document, and excellent practice method is also in searching stage. "

The DAO has a structure of a deposit period of 27 days, and as of June 21, 2016 the funds that flowed out have not yet passed to the attacker. According to The Ethereum Foundation, the accounts and outflows already outflowing funds have been identified and Vitalik Buterin, advocate of Ethereum, stated that the safety of Ethereum has not been compromised by this case On the above, in order to freeze the outflow funds and refund to the damaged account, the target block after the occurrence of hacking is invalidated by the software patch, and the funds moved to the attacker are frozenWe propose a method called "soft fork". If Ethereum user takes this method, funds will not be handed over to the attacker even after the deposit period of 27 days. However, for the soft fork, when the US government tried to invest public funds to financial institutions in the subprime shock in 2008,Moral hazardIt is said that there are also opponents for the same reason that the opinion that "

Also, even if damage could be prevented, it is true that this case greatly shaken the trust of block chain technology, which was thought to bring about a revolution in the financial industry. Until now, as a Bitcoin exchanges, "Mt.Gox (Mounting Gox)" handling more than 70% of the whole time, Bitcoin, which was supposed to be retained from the customer, was attacked by cyber attack "Bitcoin thief There are also incidents that are lost by "Hacker's attack is inescapable for encryption currency.

Trouble with MtGox applying for civil rehabilitation procedure and future Bitcoin - GIGAZINE


Unlike what happened to Mt. Gox, one case of Ethereum seems to be damaging, but the voice saying "Expansion of Ethereum will slow down due to The DAO problem" has also been raised. On the other hand, Mr. Vessenes says "Developers are calm and reliable people", and I see the speed of the project to grow faster than I should have is the essence of this one.

in Software, Posted by logq_fa