Ethereum.net is a division of Berns Inc. Jeffrey Berns, CEO and owner of Berns Inc., weighs in on the DAO hack with the exact statement below:
Today, Vitalik Buterin, one of Ethereum’s co-creators, acknowledged that the much-publicized Ethereum Distributed Autonomous Organization (DAO) had been, and continues to be, the victim of a hack that is draining massive amounts of Ether from the DAO and transferring them to a “child” DAO. While this is obviously a troubling development, Buterin pointed out a critical fact that should not be ignored -- this hack only impacts the DAO, not the Ethereum blockchain. The blockchain does not have the same vulnerabilities as the DAO.
Buterin has proposed the implementation of a “soft fork” in the blockchain. This will not impact any prior transactions (i.e., nothing will be reversed) and transactions will be allowed to go forward as usual (i.e., all mining, trading and smart contracts will generally continue to function on the blockchain as they had before). However, it will prevent the hacker from having access to the Ether in the child DAO at any time in the future. To me, this is a “no-brainer.”
The developers of the DAO, including Stephan Tual, have proposed the implementation of a “hard fork” at some point after the soft fork has taken effect. This is essentially the creation of a new Ethereum blockchain that is identical to the existing Ethereum blockchain, except that all of the Ether in the child DAO is moved back to the DAO. At that point, the individuals whose Ether has been misappropriated as a result of the hack will be able to withdraw their Ether from the DAO, such that the only impact of the hack will have been that they were unable to access their Ether prior to the implementation of the hard fork.
Laissez-faire is a term often used for the proposition that governments should not interfere in the free market. In the law we often say “let the buyer beware”, which similarly means that you should do your homework, and if you chose to purchase or use a product, that is the choice you have made. There are those who believe that this principle is so strong that even most consumer wrongdoing should not be remedied. However, that is not the majority view, as most countries have developed robust consumer protections laws to compensate for unequal knowledge and bargaining power. Additionally, sociological studies have shown that the majority of humans have an innate sense of fairness and believe bad actors should not be rewarded for their bad actions.
We as a community need to decide how best to respond. We can do nothing and allow this person to steal the Ether and eventually sell it off. We can agree to a hard fork, which would take the misappropriated Ether away from the bad actor and return it to its rightful owners. Or we can do something in the middle, which is a soft fork that prevents anyone from ever using that stolen Ether. We need to approach this carefully, because whatever the course of action, there will be consequences.
As a consumer protection class action attorney, my initial thought is to return the Ether to its rightful owners. In so doing though we must confront the necessary next question -- under what circumstances do we “fix” similar wrongs in the future?
The next time a contract has exposure, as was the case with the DAO, do we evaluate whether the victims are sympathetic or not? Do we then base our decisions on the worthiness of the victims? The clear problem with doing that is that there may not always be consensus on worthiness. Are we willing to let victims suffer merely because less than 50% of the miners don’t think a certain wrong should be righted? Do we want to give miners that power? Do they even want it? I remember a law professor of mine telling my class that the “line” we all think exists between right and wrong isn’t always in the same place for each of us. Some circumstances are close to black and white -- a parent who kills their child must be punished. However, if you inject a new fact into the equation -- the child was terminally ill and in excruciating pain with nothing but a painful debilitating future? All of a sudden there is a gray area with no certainty of a clear majority. ! Bringing this back to the matter at hand, I think we need to rationally discuss what to do next and all points of view must be welcome. We have a little time because the child DAO to which the hacker is sending the DAO is set up in a fashion that prevents the hacker from withdrawing any Ether from it for approximately 27 days, but a robust conversation needs to start immediately.
Full disclosure to begin with: I am a firm believer in what Ethereum is trying to accomplish and my law firm has created a practice group to handle Virtual Currency matters. I personally have started a company to work within this ecosystem, and we recently launched Ethereum.net, the central hub for all things Ethereum. I own Ether, but not DAO tokens. Feel free to consider those facts when you are determining how much weight to give my thoughts.