Somewhere in Ethereum’s development office in Berlin, there is a room full of coders frantically trying to save $53 million from a thief.
On June 17, a hacker exploited a vulnerability in the Decentralized Autonomous Organization (DAO), one of the largest reserves of Ethereum, a cryptocurrency similar, but different in several key ways to the more publicized BitCoin.
If the team can’t work out a solution for how to regain possession of $53 million stolen from the Ethereum network before July 14, it’s gone forever, and the cryptocurrency’s great experiment in changing the way we exchange money probably is too. Worst of all: as of Thursday, they’ve essentially wasted half their time on a complete dead end.
Ethereum’s system, like other cryptocurrencies, relies entirely on a concept called a blockchain: a digital, unchangeable ledger, or record, of every transaction and fluctuation of the currency. But Ethereum’s blockchain was revolutionary — it was open for developers to build economic models, programs, and institutions on top of it, effectively making it an alternative to traditional modes of transferring money like banks and credit cards. Unfortunately, there was a bug: under the right circumstances, a clever hacker could empty certain escrow accounts (temporary holding tanks for money) and walk away with digital money.
The hacker’s exploit on the 17th opened a 27-day window — the thief can’t withdraw the funds and turn them into cold hard cash until July 14 because of an automatic freeze by the DAO. That gives the Ethereum community just two more weeks to secure the money and close the gap, and it’s not going very well.
The first plan, called a soft fork, was essentially to put a hold on the money making it impossible to spend. This would not return the money to its investors, but it would have bought the organization more time to figure out a better long-term plan.
At the start of this week, the proposal looked as though it would pass a vote with the currency’s investors on Thursday — until Cornell cryptographer Emin Gün Sirer published a blog post that killed the plan. Sirer discovered that the “soft fork” proposal would leave the currency open to a “denial of service” attack — essentially, the hacker could short the currency and profit off of its drop in value.
Sirer proposed a new solution called a “hard fork,” which freezes the stolen money and takes away backwards compatibility of old versions of Ethereum’s code (meaning users like the thief using a dated version would be cut off from the currency’s ecosystem).
But with only two weeks left, Ethereum’s coders have a monumental task ahead of them. And if they can’t come up with a solution, the whole cryptocurrency experiment could very well be in jeopardy. Cryptocurrencies have long been looked at as unstable, dangerous, and deeply flawed. Ethereum was a grand experiment in a new form of economic transactions, but it’s been plagued from the start by security issues and logical problems. And the massive theft and shaky, somewhat disorganized recovery attempt could be the death blow to the public’s faith in digital currencies. After all, it’s easy to easy to understand why people would be concerned about the disappearance of $53 million in a matter of two weeks with no clear solution to solve it.