The Ethereum Split: The DAO Attack (Part II)
So, in previous post we’ve touched a bit on the history of Ethereum. Also, on what triggered the split aka the DAO attack. In this post we will focus on the DAO attack as well as the aftermath. So buckle up your seat-belts and enjoy the ride!
The DAO attack
At the end of the previous post, we mentioned the exit door, which uses the split function. And two issues came up from it: 1) the fact that one has to hold their ether for 28 days before spending them and 2) one can use the function to create a “Child DAO” by splitting off from multiple DAO token holders.
Unsurprisingly, a lot of people in the Ethereum community pointed these loopholes. And unsurprisingly as well, the DAO creators assured them that this would not be a huge issue. Which it did, since it’s the cause the created the entire storm that split Ethereum.
On 17th June 2016, an attack was carried out on the DAO by exploiting this very loophole. As a result, one-third of the the DAO’s funds (approximately 3.6 million Ether) was siphoned from the primary address where it was stored. That was equivalent to USD$50 million at the time, people.
So how did they do it? Pretty straightforward, as it is. With the splitting function, one has to go through 2 steps to exit the DAO:
- Exchange the DAO tokens with the Ether they have invested
- Register the transaction in the ledger and update the internal token balance
Now what the hacker did was simply add a function that loops repeatedly so that the split function did these:
- Take the DAO tokens from the user and gave them back their Ether
- Before they could register the transaction, the function made the code go back and transfer more Ether to the hacker, for the same amount of DAO tokens.
This went on and on until the hacker collected 3.6 million Ether and stored them in a ‘Child DAO’. This ‘Child DAO’ is an address that is solely controlled by the attacker, or group of attackers.
Stay tuned for Part III of the series, the Aftermath.