Gavin Wood on how $60M hack of DAO happened and what to do next | Dutch Blockchain Conference
On June 20th Gavin Wood gave a presentation on the hack of the DAO smart contract.
In this interview afterwarts he described how the hack of the smart contract, unrelated to Ethereum, happend and what the options are of the community in the next 30 days. He starts talking about DAO at 4m.30s
Also take a look at his public presentation at dutchblockchainconference.com where he outlines in detail what the options are. • Video
Background
On June 18th an attacker began exploiting a vulnerability in the code of The DAO to siphon off invested funds using a bug that went unnoticed because smart contract coding is such a new discipline, which was even missed by a professional security audit performed prior to launch. Luckily the design of The DAO has resulted in these funds being temporarily stuck in child replicas. Nonetheless, without action the attacker will eventually secure a very large amount of ETH.
Gavin's proposal in text is here
docs.google.com/document/d/10...
Пікірлер: 140
I love the Dutch way of asking straight forward questions. These guys made lots of money that's for sure :)
Wow the way Gavin can break things down at such a concise and easy to understand fashion, especially the analogies and such
Outstanding job from the interviewer, great answers from Gav.
@msevans770
3 жыл бұрын
@Mike Uehlein made it better tbh
@skoto8219
3 жыл бұрын
@Mike Uehlein He's still in top 99% of interviewers in terms of understanding crypto. I think when he asked the question: "Why would you write a contract in code? Shouldn't everybody be able to read these contracts?" - he knew this was a misguided question. But it was a question that his audience might ask. They both did great here.
@wagminagmishagmiragmihagmi4341
3 жыл бұрын
The interviewer is smarter lol
2016: "for me it was always about getting [Ethereum] out into the open and seeing it used." 2020: "We were thinking Ethereum 2.0 needed to be in development by 2016 and it was clear that wasn't going to happen" 2018: "Polkadot is the biggest bet in this ecosystem against blockchain maximalism.... which can become problematic because it creates barriers to entry." ----- Dr. Wood is a champion of the people and for now seems resistant to the influence of money and power that often go hand in hand with blockchain company founders. He has my full support as long as he continues to be
Gav completely gains my respect with this interview. He is hands down the most honest person in Ethereum.
@topshot2219
8 жыл бұрын
"Most honest". Shall we rank the the entire community - 14,000 plus - in descending order please? I like Gavin.
@BitcoinLitecoin
8 жыл бұрын
Now, the "attacker" has offered 1,000,000 ETH to the miners if they don't go along with the fork. I just uploaded a video about this new development...
@Cryptonomics7
7 жыл бұрын
link?
@groverasylum9626
7 жыл бұрын
"The most honest person in Ethereum" = the least stupid asshat that is worthless
@groverasylum9626
7 жыл бұрын
honestly you are a fucking idiot if you put money into this scammy train wreck. hope you cashed out
And that's how Ethereum Classic was born.
Very informative interview. Good to see our Dutch newsreaders invest some time in groundbreaking technology! I have great faith in Gavin. He is showing extraordinary integrity, especially how he answers the questions on money-making.
@Trazynn
8 жыл бұрын
I'm incredibly impressed at Roelof's in depth knowledge on crypto. He cuts straight to the core of these issues.
I wonder if people will have to hire programmers before signing a contract, in a similar way people hire lawyers today.
@NoSkillDwnload
7 жыл бұрын
Not have to, you can upload whatever contract you want. but it might have flaws, you may want to hire a security consultant :)
@boulevarda.aladetoyinbo4773
4 жыл бұрын
How so? Your question makes zero sense. Why'd people hire programmers before they sign a contract the same way that they hire a lawyer to draft and sign a contract today? Let me tell you the future; even contract lawyers have nothing to fear, as programmers would still need lawyers to help them get a hold of clear legal terms for technical specifications, which they'll code into the smart contract.
@minnesnowda2510
6 ай бұрын
No smart contracts are a joke. You are better off using a paper and a pen, then hand over cash.
Yes, he's hands down honest but he skirted around the ''did you make a lot of money?'' question..... He is there for a number of reasons and to make a lot of money is one of them!!
The interviewer is fantastic!!! Great questions! He made Gavin think about his answers
what coin to invest?? eth or etc classic or dao??
The contract is the code. That says it all. It's unfortunate for those that lost money, but there was an upside and a downside (risk) that was already priced in. Had they made a profit, there would not have been a fork to take that profit away from them.
Enjoyed this interview. Gavin seemed a little too evasive/diplomatic, even at the end. Good question about the divide between smart contracts and human readable contracts. There has to be trust in the system for the foreseeable future. Very very few investors in ethereum or DAO are computer literate at the level necessary to understand the contract they are getting into. They'll buy from any scammer that sounds good, any good salesman could make a killing in ethereum right now.
@rickyj1
8 жыл бұрын
Of course, he's smart, avoiding to disclose his wealth.
The DAO's lousy programming by no means impugns Ethereum. Obviously, there were no stringent code reviews,or white hat stress testing.....what a cockup.
@carlhopkinson
8 жыл бұрын
Also, they did not have ANY FAILSAFE monitoring or automatic shutdown on fault detection.
I remember watching this a year back and contemplating investing... Never again
What a great interview!... the man ask clever questions to gavin. The rest is history !!!
Good analogy website/internet == DAO/Ethereum
Gavin Wood is Genius and Polkadot will be Huge 💥
Every stake holder in the cryptocurrency world should have empathy on the DAO hack.I think the DAO ,and other smart contracts should charge investors a small refundable insurance fee ,(not insurance premium) ,which Will be returned to the investor if no calamity such as financial loss happened at the end of the contract cycle.
How can there be a guarantee that Ethereum smart contracts will be coded securely? What if they are designed to be malicious from the very start? We certainly don't want another epic failure of The DAO proportions. As an investor I am concerned about the implicit and explicit lack of oversight and moreover eroded market confidence resulting from the recent situation with The DAO. I am especially worried about the recently established pattern of possibly continuous Ethereum Foundation interference. I was among the first to invest in The DAO putting 100 ETH in it. I even made an overall 30% profit when today I sold my 10,000 DAO tokens on Poloniex. Even though I had a positive outcome my goal was to be a part of something revolutionary and to help usher a new era of crowd funding for future killer commercial Ethereum apps. The DAO hack stalled that goal and without serious future planning and oversight I don't see Ethereum growing up. It is all currently a 100% speculation market and it has been so for the past 2 years.
Gav is good at this... calm and controlled.
@tenmozek
6 жыл бұрын
yes he is .. at deception that is
why etc classic been introduced?
Power interviewer digging for the drama at the end there.
The time has come for smart insurance based which must be programmed to refund premium if nothing goes wrong.This should serve as backup for any smart contract.
Nice interview Gavin. Just add validation templates or controls for your contracts.
11:17 Is he saying the $60M could be treated like a bug bounty? Whoever found the mistake did help the network get better...
hmmmm,,, is it possible a large government entity/institution is holding the other side of ETH "contract" or trade. Cause this hadn't been capped then EthUSD would spike up pass $22 USD per coins.
Great interview, and especially the interviewer "pinpointing" that human accepting the contract reads source, but it is machine code that is executed. The flaw is in Solidity
@sinnersaintx1
8 жыл бұрын
So your saying the code was right but the evm exicuted it wrong?
@thorvaldaagaard2097
8 жыл бұрын
+sinnersaintx1 nope the translator from source to machinecode was wrong
@topshot2219
8 жыл бұрын
Haven't hear that theory before. Elaborate? Aware of Call vulnerability
@thorvaldaagaard2097
8 жыл бұрын
The code for the DAO is written in source. That source is readable by human. That is translated into bytecode. The code is of many regarded as the contract. The problem is that as here there is a change of the meaning of the contract in this translation. Only very few in the world are at that point able to understand the contract. So my point is the written source code is the contract.You could compare it to a legal contract translated to another languageAs an example please read this www.joeykrug.com/home/a-serpent-send-exploitI am willing to discuss that the programmer should have know the translator better, but he had one of the Solidity creators as advicer
@topshot2219
8 жыл бұрын
Thanks Thorvald "am willing to discuss that the programmer should have know the translator better" Well that's just the essence of programming. Having one's intent reflected in the compiled code. If not it's a called a bug. In this case as far as I understand there is no bug in the compiler other than the vulnerability of the Call operation pdaian.com/blog/chasing-the-dao-attackers-wake/ Without compiler errors knowing the translator (compiler), is the same thing as knowing the language. It has been pointed out that the send() function should have been used rather than call. On the balance, I believe it's on the Dapp
Really good interview.
Hey it's that guy from RTL4 news. Awesome.
@BitcoinLitecoin
8 жыл бұрын
What's his name? He's very good...
@Trazynn
8 жыл бұрын
Roelof Hemmen
I sort of lost sleep about this last night. I was thinking that Ethereum has the ability to get rid of so many sluggish, expensive laywers. AT the same time though it seems like very talented programmers will become the new lawyer role to review code and carefully define the rules. Until a number of contracts have been in place for years and the community gets used to getting the bugs out of the contracts it would seem folly to engage in anything with this amount of money on the line without incredibly trustworthy and talented programmers.
the contract is the code buddy!
Did you make a lot of money? "I made hundreds of millions, but others made billions..."
@BitcoinLitecoin
8 жыл бұрын
How do you know only 12 million ETH went to the developers and the foundation? Could that number be higher? Why or Why not?
@AnselLindner
8 жыл бұрын
+Bitcoin Litecoin it was a premine. They could have invested separately, but it's known how much was designated for the foundation in the premine.
@GhostNifty
7 жыл бұрын
plese send me the money plese contact me bro pmayya26@gmail.com
"Under the Mass Line, direct interaction between the state and society is necessary to identify public interests and to get public input in decision-making, as Hsu, Tsai, and Chang document. Once decisions are made, however, there is little room for further disagreement."
6:06 - the brown man reflects how im feeling about ethereum right now
The DAO was attacked again. $820,000 was taken this time.
The point of Ethereum is that it is a trustless substrate for contracts in which there is no need for a trusted 3rd party to execute the contract. The 3rd party is the smart contract itself.
A smart contract value in prediction market is that the criteria for determining an outcome are clearly defined and unchangeable.
No contracts are written down in plain language. They are written by lawyers for lawyers in legalize. Have you read your mortgage contract?
Woods logic is scary, it´s logical, but leaves out the humans...
watch out for $PDOG!!! bsc will launch soon!
good interviewer
@bassdewd
6 жыл бұрын
Poor interviewer to be honest. He doesn't seem to understand a lot of the concepts. I guess it is more representative of the general population and gets an simple explanation.
@baatar
5 жыл бұрын
@@bassdewd He did his job well. He was not supposed to do the interview as someone literate in computer science; he was supposed to approach Ethereum as an average everyday user.
@bassdewd
5 жыл бұрын
@@baatar The intended average day user of ethereum is a developer, not a money hungry invester.
@baatar
5 жыл бұрын
bassdewd no, the average every day user will be a regular person who uses dApps. If Ethereum is only meant for developers, the platform will fail.
@bassdewd
5 жыл бұрын
Users of dapps don't need to know how Ethereum works. That's like taking apart a computer in front of computer users so they see how it works. It's not relevant information for them.
what ended up happening with this hack. did everyone just let it be?
@scroogemcduck1462
3 жыл бұрын
Ethereum split into 2, Ethereum and Ethereum Classic. On Ethereum the investors got their funds back, on Ethereum classic the attacker kept the funds. All users and smart contract developers then had to decide which of the chains to support, if not both. Ethereum Classic didn't get any user or developers and has faded into obscurity.
No code is perfect...so there WILL be another hack, it's just a matter of time. What then? What's the point?
Ether has to be the best ever name for a currency. It just makes sense.
This is why Blockchain is necessary. The record of smart contracts transactions makes a full automatic code questionable by government officials. This is only one reason for Bitcoin. Even if there are some governments who wish to keep their printers. bbrrrrr
ironisch dat er op de achtergrond een logo hangt van een bank.
Very good interview. Yes the problem is the code & smart contract.... very good insight in the interview. Gavin was double talking in certain aspects to questions... and side stepping a bit.. but overall good interview. The integrity of the DAO is what made the issue... shit on a plate basically.
Wow I didn't expect to be blown away in 2021 on crypto; but here we are
All programs have bugs. It's idiotic to think that this won't happen again. Until they can provide formal proof of correctness they'll never have a secure smart contract.
Every bitcoin investor is just smiling at the price of bitcoin at this point because it was strong and indeed valuable enough to generate a good ROI. More people are becoming millionaires taking advantage of the current dip and we thank bitcoin for that
@lobozjane8397
3 жыл бұрын
I agree with you man I always look forward to dump it so I can really buy some more truly it has come to stay
@kylesmith6708
3 жыл бұрын
What is actually the idea behind this bitcoin investment, because all I do is buy when it falls and sell when it goes high
We need lawyer bots to audit the security audit. But to think we are safe from hackers who are just as smart as the originators is foolhardy. Also, I don't like the fact of Ethereum's attitude: Use at your own risk. They will never be on the hook for malfeasance.. Outside governance is coming though.
Well put. Fork and you will destroy your currency!
@williamgras5598
8 жыл бұрын
Explanation?
It gives me a vibe that gavin does not give a crap about what is going on with ethereum and Dao ! Very Sad. I thought these founders did not have pre mined shares but after reading comments I am losing my fain in ethereum !
I feel ether could be recovered if the black hackers-child-DAO could be digitally convinced to pay another smart grand child DAO while blocking it from registering the contract before sending the ether.its like repeating what the hacker did in order to drain his own child DAO.We must not run away from smart contracts.
$4800 can ride :)
If only Gavin knew ETH would hit $4k in 5 years
@MasterChicken.
3 жыл бұрын
and it will die off in dis bear market now, i will invest in solana at the end of bear
Sounds like easy to scam ppl using a flawed contract? How do you discern what is a good contract or not?
so if u "digitally sign" a smart contract and it flaws by default both parties are in a loss or the losing party .the community judge weather you get your loss back .he justified stealing by saying if the community say keep the money the hacker can keep it 😂
Ethereum proves its a shit system again. It can steal your eth from your wallet and says its transaction fees. Happened to me.
Anyone out there gullible enough to fall for this craze should hear the following motto "A fool and their money are soon parted" Maybe more hackers will strip these investors dry and then this Etherum craze will die out.
@playman5587
7 жыл бұрын
non are more foolish than those who use the quotes of others instead of making there own
Is everybody at Ethereum so skinny?
These people only focusing on the money disgust me, Ethereum is so much more but this guy keeps talking about losing money and how much money Gav made..
I wish Ethereum had failed then and there. Now, we're just building on towards a greater disaster.
After watching this, you would have to be crazy to invest in this crypto currency. He’s obviously dodging questions. We’re talking about a program that is suppose to make trust irrelevant. He sounds just like the US government trying to convince us that the dollar isn’t the same as Monopoly money.
@ulsd
7 жыл бұрын
S Honey what are you talking about? eth is build on trust, if there is no trust people would not use it.
The interviewer has no idea what he's talking about
@putinstea
6 жыл бұрын
He's just there to ask questions
I dont trust DAO! The creater of IT, is not to trust! Change all 3 owner! They are scammer ! Check profile and see who they realy are! Im mr Agartha! I have worked with Btc seens 2009
alot of uuumms and aaahhs very suspicious character...
J'ai perdu mon emploi il y a deux semaines alors je suis allé en ligne à la recherche d'un professionnel pour m'aider à gérer mes métiers et à me faire des bénéfices.Je suis donc tombé sur Competentfund.com .Ils m'ont encouragé et ont promis de faire de son mieux pour assurer un investissement réussi et il fait, je suis heureux d'être l'un de ses clients, il est à coup sûr le meilleur trader / gestionnaire de compte.
BSV ( the real bitcoin) already had all this before these chancers and compulsive meddlers messed around with BTC. BSV the only coin/chain that scales.
My decision is not to invest in this high-tech game of internet pyramid games. For when you start talking about layers like on a pyramid. It is made to sound just like it keeps getting layers on top of layers. It just so happen someone decided to fly the coop knowing the pyramid wasn't being designed properly, or was it???
Crypto guys with all these millions and I have yet to see one with a good hair cut.