Today, a successful and potentially devastating attack was carried out against the Ethereum network. The attack is a work of a genius, so much so that we are tempted to believe that it was just an unlucky coincidence, because nobody is that smart. It is a combination of multiple software bugs, but also social engineering on multiple levels.
The overture was the hacking of a popular virtual organization, The DAO. A significant portion of all the existing Ethers were stolen. This is bad in itself, but poses no threat to the Ethereum network as such. A temporary drop in exchange rate was to be expected, but nothing fatal. If anything, it could have been beneficial, teaching us a good lesson in prudence. However the attack set far bigger things in motion, perhaps unknowingly to the attacker himself.
The Ethereum community was in turmoil. With so many people involved in The DAO itself, and even more fearing a loss of trust in the whole Ethereum platform, people demanded action. Prominents of the Ethereum Foundation were quick to please the crowd, and promise the money to be taken back. The course of the discussion was all set. Soft or hard, when, should we give the Ethers back or burn them, and at what exchange rate? These were the questions, doubtful voices descended.
The hack, despite being a small tremor, started the avalanche of bad memes. For The DAO token holders, admitting recklessness and losing a lot of money was not an acceptable thought. Its developers downright risked losing their respect and reputation for life. Some of the Ethereum developers were endorsing The DAO. This further reinforced the notion that proper care was taken, and it is really not the software’s, nor the investors’ fault. But this leads us to an inconvenient realization. If innocent people can be screwed over, the infrastructure is not safe enough. And if a large number of people leaves the game, Ether might lose a lot of its value. Not to mention it might perish, making everyone involved a loser. This, again, could not happen. Reality can not be this way. Reality must be rewound, and we all need to forget about this.
The meme avalanche was the attack that I’m referring to in the title. It threatened the network in the last few weeks. As more and more minds were captured, the impossible started to seem possible. We were promised that the network is designed to prevent any interference with it. Anyone attempting to bribe or coerce miners, is doomed not only to fail, but also to lose money. It is very unlikely that anyone can coordinate an attack of the necessary scale, so went the theory. However, this assumption breaks down if we consider the possibility of large scale entanglement in human behavior. Unfortunately, human beings are known to be prone to unconditional alignment with group behavior. This was put to a test today.
Today, the Ethereum blockchain was split to a hacked one and a safe one. The hacked one is a result of a software “error” deliberately put in it by programmers, downloaded by miners, all of them infected with malicious memes. As the network is dependent on human action, and humans were possible to hack, thus the network was hacked, no matter how safe its design was. As of now, the safe chain seems to be essentially dead. The attack was successful, and the Ethereum network has been diverted. Today we have learned again that there is no protection against dangerous memes. We need to meet these memes head on, there is no other way out.