A hack that diverted millions of dollars of value from the Ethereum blockchain into a false account is being fixed by a “hard fork,” forcing the return of the funds to a replacement ‘recovery contract’ validated by users, (or “miners”), on the network. The theft and fix have raised questions about the security of a technology at the center of fintech innovation.
– Explained: What is the blockchain?
Ethereum has been hailed as a potential basis for “smart contracts,” where valuable information or documents can be exchanged automatically with full security. It can also form the basis of “decentralized autonomous organizations,” or DAOs: a set of rules that could theoretically act in the same way as a company. The hack was carried out through a malicious DAO.
#ethereum has hugely advanced the conversation on smart contracts and self-executing programs. Very positive for ecosystem.
— Jeff Garzik (@jgarzik) July 20, 2016
Commentators on Ethereum have expressed some concern that making a hard fork would do damage to the blockchain’s reputation as being unchangeable. Some even argued the hacker should keep the money. Meanwhile, banks that are experimenting with the blockchain are watching very closely, although with “interest, rather than fear”, according to CoinDesk.
The hard fork was executed through an informal vote among members of the Ethereum community, which shows how the transparency and communal nature of blockchain transactions might be more important than the now-questionable claims that blockchains are immutable.
In any case, given that blockchain adoption is still in the experimental stage for most financial institutions, incidents that led to the hard fork allow for a better understanding of blockchain vulnerabilities.
There’s some precedent for a technical protocol going awry in the early days. The protocols around e-mail, SMTP, proved open to abuse and spam when use became popular, though upgraded authentication and greylisting are fixing the issues.
Such situations are needed to address weaknesses, the only way to create more confidence. Ethereum and the blockchain concept may have needed this hack to happen right now in order for the product to mature.