The attackers claim (assuming that's who wrote the message) that he merely took advantage of the contract as written is at first reading a plausible one. To change a contract after it has been written and executed and to try to 'undo' a done deal based on actions the contract and its context fairly explicitly ruled out prior to the execution would seem to me to be against both the letter and the spirit of the contract.
I get why everybody is upset, but this was pretty much bound to happen. Security of this kind is an all-or-nothing item, you have to get it 100% right or it might just as well not happen at all. So all this backpedaling and fixing does absolutely nothing in my view to strengthen the concept.
The only way forward would be to declare this version a total loss and to do a reboot with a better core and then to see how long that one will stand up.
Rinse and repeat until one really stands (by then confidence will likely be quite low) and accept that it could still go down at any point in the future.
A bit like the Monty Python sketch about the castle built on swampland.
Anything less will not do, either the contract is all there is or it is pointless.
Philosophically I wonder about this "the exact code defines the semantics of the DAO" clause because, well, nobody's suggesting to change the code; the fork proposals would just change how the code is interpreted.
Kind of like "this exact Java code defines the terms of the contract" but then a new version of Java makes that code behave differently...
So the clause depends not only on the Solidity code but also on the Ethereum virtual machine's interpretation of that code, and the question now is whether that interpretation is constant or mutable.
And, like, what's even the legal status of the https://daohub.org/explainer.html document? It has a list of things to which anyone who interacts with "The DAO" supposedly agrees, which seems like a typical groundless EULA and anyone who "invested" could just say "uh, I didn't agree to any of that stuff".
I'm not really making an argument, I just find it bewildering to even imagine how any of this stuff would be interpreted by lawyers.
> I just find it bewildering to even imagine how any of this stuff would be interpreted by lawyers.
Agreed, and that's essentially what we're seeing here, some kind of rough equivalent between lawywers hacking human language and programmers hacking code. A 'smart' lawyer is equivalent to a hacker, finding a loophole in the law to enforce some novel interpretation of the letter rather than the intent of the law.
Trying to do an end-run around a whole bunch of established systems all to end up with re-inventing the exact problems of those systems that you were trying to get away from in the first place, it's kind of funny.
If I understood it correctly the letter claims Ethereum wrote in the end user contract that anything ammissible by the contract is the contract. So not upholding that would be breach of contract.
Not a lawyer, but a contract requires that all parties must gain some consideration for their entry into the contract. That the blockchain enforces the proposer's "smart contract" without giving material return to the token-holders means that the proposer's claim is unenforceable in a real-life court. No consideration, no (real-world) contract, no breach if some consensus fork emerges.
same ianal disclaimer, but here's the thing, this was built for allowing anonymous contract participation, if you can't participate in a contract without agreement from all parties that'd put the whole smart contract to an end. everyone would be able to seek damages from etherium from transactions they didn't like
It doesn't matter, if that what's required the DAO is dead. After all, if it needs the courts then one of the major principles of it appears to be broken beyond repair. Which may have been the whole point of the attack.
You're missing an essential point of the whole argument. Either the DAO as it is is self-contained or it is a failure. If it needs the courts, either to enforce a contract or to try to prevent enforcing a contract then the whole thing is dead.
On which side of such a lawsuit you are is not important, the fact that the DAO can not be trusted to be complete and that there is a possibility that contracts once executed can be rolled back makes it un-viable in this incarnation.
Personally I think it was oversold, this lesson could have been learned a lot cheaper but that's easy to say after the fact. As bug bounties come this was a pretty good one, and I'd be highly surprised if it was the only flaw in the present implementation.
The attacker tried to exploit a flaw in TheDAO's code to steal its ether, not because it was designed to allow that or because that was the intent of its designers, but because he could.
Well, the Ethereum community can also do something that was neither intended nor planned for. You say that doing so would be a breach of contract. I say: Well, go ahead and sue me.
He didn't 'try', he (or she) did. And he could because it was allowed, intent or not.
> Well, the Ethereum community can also do something that was neither intended nor planned for.
Of course they can. And that will make the whole concept moot.
> You say that doing so would be a breach of contract. I say: Well, go ahead and sue me.
No-one will. But then also: no-one will ever trust the concept. It either works or it does not, you can't say it works and if it doesn't we'll fork. That's simply institutionalizing unreliability.
The attacker has - very elegantly - pointed out a major flaw in the whole thing in a way that not much else could have: in the end we all have to either trust some higher power to interpret the context in which a contract was drawn up or we will have to live by the letter of the contracts. You can't have it both ways.
I believe ethereum is dead, but I also believe that a better implementation of the idea has merits. So long term I'm optimistic but it would have been better if DAO had been a bit more conservative before taking on substantial outside involvement. Overselling something is never good.
I get why everybody is upset, but this was pretty much bound to happen. Security of this kind is an all-or-nothing item, you have to get it 100% right or it might just as well not happen at all. So all this backpedaling and fixing does absolutely nothing in my view to strengthen the concept.
The only way forward would be to declare this version a total loss and to do a reboot with a better core and then to see how long that one will stand up.
Rinse and repeat until one really stands (by then confidence will likely be quite low) and accept that it could still go down at any point in the future.
A bit like the Monty Python sketch about the castle built on swampland.
Anything less will not do, either the contract is all there is or it is pointless.