Ethereum

The DAO Vulnerability Could Be a Problem for Other Projects, According to Cornell Professor

The DAO Vulnerability Could Be a Problem for Other Projects, According to Cornell Professor

Longtime cryptocurrency evangelists will no doubt be familiar with ”The DAO”, a project built on the Ethereum blockchain which was founded and backed by the German startup ”Slock.it“.

The DAO was hacked in 2016 after raising more than $150 million in crowdfunding – at the time raising the most funds in an ICO ever – when attackers exploited a bug in its software.

Now, more than two years after this infamous DAO attack, co-director at the cryptocurrency research institute IC3 and a professor of computer science at Cornell University, is raising red flags regarding the potential of more attacks akin to the ”The DAO” hack.

Ledger Nano S - The secure hardware wallet

More specifically, Professor Emin Gün Sirer, notes that he has observed various smart contracts that are potentially susceptible to a so-called ”reentrancy attack”, which would allow the attacker to drain Ethereum from a specific payment channel.

”BTW, I’ve seen other contracts like this one that implicitly trust the ERC-20 tokens issued on top of their platform not to perform reentrant calls. I’m sure this isn’t the last episode of this bug,” Sirer tweeted yesterday.

Furthermore, Sirer’s remarks came off the heels of adult entertainment venture SpankChain, which partially runs on Ethereum smart contracts, was hacked in an attack where the hackers made away with nearly $40,000 worth of crypto.

The SpankChain attack was additionally similar to the one that led to the collapse of The DAO.

However, it should be noted that the hacking attack that The DAO was significantly larger. The DAO was worth a whopping $150 million prior to the attack, at a time when the total market capitalization for Ethereum as a whole was less than a comparatively meager $2 billion.

Furthermore, The Dao held almost 15% of the entire Ethereum supply when the attack occurred, which saw the attacker make away with 3.6 million Ethereum – which today translates to a massive $815 millions worth of cryptocurrency.

Although several attempts to recover the lost funds were undertaken, they ultimately proved unsuccessful, and the price of Ethereum dropped to a price of $6 in the period following the hacking attack. This can be seen against the backdrop of the current Ethereum price, which is close to $230.

It would, therefore, seem that the latest SpankBank attack is a far cry from the original The DAO attack – however, Sirer’s comments should certainly be a cause for concern, in order to bring attention to potential vulnerabilities and prevent future hacks.

Image Source: “Flickr”

Ledger Nano S - The secure hardware wallet

Rasmus Pihl is a writer for Toshi Times by day and an avid follower of the cryptocurrency industry by night. Rasmus holds a Bachelor’s Degree in Marketing from the Gothenburg School of Business, Economics, and Law and runs a Swedish marketing consulting firm. Moreover, when he isn’t writing for Toshi Times, traveling, working or changing the world in some other capacity, Rasmus is more than likely caught up in postgraduate studies.