The $55M Hack That Almost Brought Ethereum Down
Matthew Leising's new book "Out of the Ether" tells the history of Ethereum and the story behind the hack that almost brought the network to its knees.
Bloomberg News reporter Mathew Leising's new book, "Out of the Ether: The Amazing Story of Ethereum and the $55 Million Heist That Almost Destroyed It All", tells the story of the infamous DAO hack that almost brought down the world's second-largest blockchain.
In June 2016, a here-to-now unknown assailant (or assailants) began syphoning off funds from Ethereum's first decentralized autonomous organization, or DAO, a bit of software that functions like a corporation. Weeks earlier the DAO went live, following a $150 million crowd sale.
"[T]he DAO had a huge part to play in the early history of Ethereum," Leising writes. "It’s not overstating it to say that the DAO made Ethereum." That's because it was one of the earliest examples that Ethereum's network of computers was resilient enough to support complex applications.
See also: David Siegel – Understanding The DAO Attack
While the attack never broke Ethereum's code – it merely exploited a loophole in The DAO's smart contract – it cast doubt over the viability of a blockchain-based "world computer." It was also the beginning of Ethereum's two Ethereums.
Leising, who has been covering the crypto industry for the better half of a decade, had called out sick from work the day a hacker absconded with $55 million in stolen ETH. But he didn't let the story die. Over the past four years he has been reporting out the story told in the book, examining blockchain data, following through on cryptic tips and ultimately tracing a path towards his leading suspect.
In the excerpt below, readers find themselves in eastern Germany along with Christoph Jentzsch, one of The DAO's principle architects, who woke up to realize the project he has spent months building is being robbed "at the rate of about $8 million an hour."
A religious family man, Jentzsch takes this extemporaneous moment to reflect on the challenges that faced the DAO's creation – from securities worries that still plague token projects to the critical opinions of the early Ethereum community – before taking action. – Dan Kuhn
The town of Mittweida in the state of Saxony in Germany escaped being bombed in the Second World War. In the middle of town, old stone streets divide rows of brightly colored buildings. If you leave the town square and walk for about 10 minutes you’ll come to a quiet street with a police station; next door is a mint-green house with brown trim and shutters. On Friday, June 17, 2016, just after 8 a.m., Christoph Jentzsch lay on the beige carpet of the first-floor office inside. He tried to still his breathing, to take deep breaths, to not let the world get away from him. Thieves were inside the DAO, his creation, robbing it at the rate of about $8 million an hour.
One of the first things Christoph felt was relief: finally the DAO saga would come to an end. It had overtaken his life for the past six months.
He’d battled anxiety and depression and exhaustion; he’d neglected his wife and five kids. There had been moments when he froze at the thought of releasing the DAO code, because once it was out in the world it couldn’t be changed. There could be a bug in the software, or maybe terrorists could figure out how to use it to fund an attack he’d be power- less to stop. The pressure made him physically ill several times. He’d puked under the strain. God, please, let this be the end of all that.
But Christoph also felt a strong sense of responsibility. It shook him that he’d messed up so badly and that people were losing money because of it. He believed in the ideas underpinning DAOs. (The language gets a bit confusing here as there were other DAOs around at this point, MakerDAO among them. DAO is a generic term for the structure that smart contracts fit into, but because of its eventual size and high profile, Jentzsch’s DAO became the DAO.)
A DAO is what got him into Ethereum in the first place, the moment he realized its potential. Vitalik’s white paper had outlined a vision for how DAOs could democratize corporate structures to replace owners, employees, and investors with users who directly managed the firm’s affairs with smart contracts encoded on the blockchain. That breakthrough is what made Christoph pause his PhD studies and start working for Ethereum in 2015. And then, improbably, he built one: the biggest DAO ever built, in fact, which made it a fat target. After all the security checks, Christoph couldn’t understand why no one had found the right bug in time.
He got up from the floor of the office and went back to his IBM ThinkPad laptop. Christoph knew the cops next door couldn’t help him. No, this was his mess and he’d have to clean it up.
In one sense, if toasters and door locks were allowed to have bank accounts the DAO never would have happened.
See also: Christoph Jentzch – ‘Blessing and a Curse’: The DAO’s Developers on Blockchain in 2016
At least, that financial discrimination against appliances and hardware had stirred Christoph’s imagination when he first encountered Ethereum. Now that the cryptocurrency ether had been created, the question that plagued Christoph’s mind was: How could it best be used? Not as a straight cryptocurrency like bitcoin. Rather, ether seemed perfectly suited to be a form of micropayment for what Christoph likes to call the “economy of things.” Airbnb had become popular around this time, and when Christoph looked at the company thorough his Ethereum lens he saw nothing but a middleman to be eliminated. What if with a smart lock on your front door connected to the Ethereum blockchain, you could rent out your apartment directly to someone else? There would still be a web site like Airbnb’s to let an apartment owner find a renter, but the Ethereum version would differ in one key way: the web site would connect people peer-to-peer and there would be no Airbnb in the middle taking its 30 percent cut of the profits.Where does Airbnb’s business model account for that kind of disruption?
This is exactly the kind of simple but very powerful idea that overtakes Ethereum followers. It made me realize its potential on the day in Brooklyn [N.Y.] that Joe Lubin explained it to me. Put a similar type of lock on your car. How does Hertz feel about that? Look at Uber in this way too: it could be as easy to move in on their ride-sharing market as it was for them to take on the taxi industry.
The promise for Ethereum, in my view, is in large part intertwined with this sort of reimagination of the world wide web. If Vitalik and friends can offer an alternative Internet that is peer-to-peer – where middlemen are shunned, things cost less, and privacy and data security are taken seriously – that’s a killer combo. I would sign up for that. Yet it’s far from assured that they will pull it off. For years now, this doubt about whether Ethereum can really deliver on its promise has been in the background of all my work on it. That’s not to say anything about the thousands of people working on Ethereum as developers, entrepreneurs, and salespeople. They are all doing amazing things. But maybe it’ll turn out to be a neat diversion that captured people’s imagination for many years but ultimately came to nothing. It will have to fight for any gains it makes, that’s for sure.
Airbnb, Hertz, and Uber aren’t going to let Ethereum just roll into town and eliminate their businesses. These are global corporations with billions of dollars backing them. Then there’s the state of the actual technology. Ethereum is a long way from having the scale and robustness needed to support millions of users. Regulatory issues are another hurdle. But although the odds are long, there are plenty of people like Christoph, a theoretical physicist, who are willing to drop everything to work on Ethereum and willing to bet on the payout.
While researching his dissertation, Christoph needed to amass a cluster of computer hard drives to simulate his work on generating very long molecules.What worked better than CPUs, he learned, were graphics processing units, or GPUs, which would be faster and more efficient at crunching the data. He looked into buying a bunch of GPUs and ran straight into Bitcoin, as GPUs were the preferred hardware for Bitcoin miners. Soon he was down the rabbit hole, and then in January 2014 he came across Vitalik’s white paper.
“I was totally blown away,” Christoph said. “Now it made sense. Bitcoin was just a cryptocurrency, but this was a decentralized application platform.” The possibilities of what you could do on Ethereum seemed endless to him.
Christoph has so many kids that he can forget how many he had at a particular point in his life. But in the summer of 2014 he needed to earn some extra money – and it doesn’t matter if he had three or four children at the time. He’d seen a presentation where Ethereum cofounder Gavin Wood talked about the money Ethereum was raising in a crowd sale and that it hoped to open a Berlin office and hire C++ developers. That’s exactly what Christoph knew how to do, and Gavin soon hired him.
He became the lead tester for the blockchain protocol. Ethereum was written using three programming languages: C++, Python, and Go. These are the clients that made the blockchain work. But if they don’t talk to each other so that an action on C++ is interpreted in exactly the same way on the Go client, the whole thing breaks down. The blockchain must be sequential above all, so if there’s a breakdown it causes what’s called a fork. When there’s a fork two strings of blocks are created and it can be hard to know which string is the official transaction record. Christoph made it his job to attack the three clients to try to make them fail: to fork. He worked most closely with Vitalik, Gavin and Jeff Wilcke.
“They were all trying to pass my tests,” Christoph said.
After about 10 months working on Ethereum, Christoph wanted to take it to the next level. He’d been pondering the best use for ether and decided it would be for micropayments to Internet-connected devices. He formed slock.it with his brother Simon and Stephan Tual, who each controlled a third of the company.
At a BitDevs meetup in New York City on June 13, 2015, at the offices of venture capital firm Union Square Ventures, Christoph publicly unveiled the idea for slock.it for the first time. Joe Lubin was there that day. Christoph used his phone to connect to Ethereum and unlock a door handle he’d brought with him. This was so early in the company’s history that they called themselves EtherLock.
Christoph received warm welcomes as he went around introducing people to smart locks. The idea gained a following, and now he had to figure out how to fund its development. He soon realized that his desire to build a DAO could be fulfilled, and he began to figure out how it would work. But he not only had to figure out the mechanics of the smart contract. There were thornier issues, like would the slock.it team be legally responsible for what the DAO enabled?
They had lawyers working on this question in NewYork, Switzerland, and Germany. “They actually said, well, if you are not very attached to the project, you just write the contract and publish it, and you will later on ask to work for this company, it will be legally fine,” Christoph said. This was a mark of how decentralized the goal was here – even the people who would bring the DAO to life imagined that they’d have to ask to work for their own creation. How the heck do you do that? Easy; it’s like any other proposal to the DAO – it gets voted on by DAO token holders. Christoph and the rest of the slock.it team felt comfortable with the idea that DAO token holders would vote to fund their startup, out of courtesy to the creators of the DAO, if nothing else.
Then they had to contend with what a regulator like the [U.S. Securities and Exchange Commission] would think of the DAO. Would a DAO token be deemed a security? If so, they’d need to go through a strict registration process and provide potential investors with all sorts of information about the business plan, risks and other details meant to enhance transparency for investors.
See also: Drew Hinkes – The Law of The DAO
Their lawyers had an answer for this, too. “Even if it is a security, the formation of a company is not something you need to ask the SEC for approval,” Christoph said. “We saw the DAO creation as the formation of a company, but not with 3 founders, with 23,000 founders.”
Let’s fast-forward here for a moment and ask an interesting question. According to slock.it’s lawyers, the token sale wouldn’t be considered a security offering in part because the DAO had thousands of founders. What does that say about what Ethereum did with its ether crowdsale? Remember,these are distinct events. The Ethereum cofounders – including Gavin Wood, Vitalik, and Mihai Alisie – sold ether to the public in mid- 2014 to raise money to fund development of the Ethereum blockchain. A discrete, small group of people earned a lot of money through the Ethereum token sale. Doesn’t that imply that ether is a security? The ether sale raised $18 million; cofounders such as Joe Lubin and Anthony Di Iorio were adamant that ether was not a security, but really all they had to back that up was their own opinions and the legal opinion from a lawyer in a situation that hadn’t been vetted by a government agency like the SEC. Then the DAO comes along and slock.it’s lawyers say that if its executives are not attached to the project and everyone who buys DAO tokens is considered a founder, boom! You’re not a security. See the inconsistency? Under this logic, either a DAO token or ether is a security, but both of them can’t escape the designation.
On the U.S. front, at least, the reality is that in 2014–2015 the SEC was asleep at the switch. No one in the government was paying attention to what was going on with the nascent ICO market. The SEC wouldn’t start bringing enforcement cases until years later, and it didn’t get around to writing its opinion on the DAO until a year after it blew up. We’ll get to this a bit later in the story.
Now, back to the DAO. The people who bought DAO tokens never gave their money to Christoph or anyone at slock.it. They were in control of it the whole time and only interacted with a smart contract that exchanged their ether for DAO tokens. They could get their ether back if they wanted to.
The brightest minds in Ethereum at the time also gathered to act as a sort of fail-safe mechanism to prevent an attack against the DAO. Known as curators, group members included Vitalik, Vlad Zamfir, Alex Van de Sande, Gavin Wood, Taylor Gerring, Aeron Buchanan, and others. The group was meant to signal that the smartest people in the room had looked at the DAO and implied a type of seal of approval. The curators were exposed as nothing more than window dressing, however, after a number of security flaws were found in the DOA code.
After presenting the idea of the DAO at DevCon 1 in London in November of 2015, excitement only grew around the project. The DAO public slack channel soon boasted 5,000 members. Christoph thought if each of them bought $1,000 worth of DAO tokens they’d be dealing with $5 million. That seemed manageable.
But as the months came and went, a new concern began to gnaw at Christoph. Now that he was into the guts of writing the DAO code, he couldn’t escape its fundamental nature. Once released into the world, it was unstoppable. That was a hell of a lot of pressure to handle when the code you are writing in has only been in existence for a few months and bugs are being found in it on a seemingly constant basis.
In March of 2016, slock.it paid $10,000 for a security audit of the DAO code to the Seattle firm Deja vu Security. The company specializes in examining and testing software meant to power the IoT. Christoph went to Seattle for a week to work with the Deja vu Security team.
“I was staying in an Airbnb and feeling almost sick, like do I really want to do this? I was really nervous, what did I get into here?” Christoph said.There was still time to say no, he thought.
But Christoph couldn’t quit, not on his partners, not on his brother Simon, the CEO of slock.it. They’d maxed out their credit cards, the bank account was empty. They paid Deja vu Security out of their pockets, and Christoph knew he couldn’t keep asking for one more month for testing. Then there was the wider community, who were watching every development.
It’s important to note here that the DAO had a huge part to play in the early history of Ethereum. It’s not overstating it to say that the DAO made Ethereum. There were smaller projects here and there but nothing with the scope and ambition of what the DAO wanted to do. You can see its influence on the price of ether. As 2016 began, the only things the Ethereum community had to look forward to in terms of progress were new versions of the base layer software being released. Put another way, there wasn’t much of a catalyst for the digital currency ether to go up in value. And while work on the underlying Ethereum network was important, no one would use a network that doesn’t have applications on top of it. This is why the DAO was vital.
As the months went by in 2016, ether’s price began to rise. Aside from the network upgrades I mentioned, I can’t find any other reason than the imminent deployment of the DAO for the gain in ether value. By mid-March it traded at $15. The demand to become part of the DAO was the fuel. You first had to buy ether to then buy DAO tokens, so it’s easy to see that thousands of people were converting Bitcoin to ether to then buy DAO tokens, sending the price of ether to a record high.
Everyone was in on it. There wasn’t anything else to do with ether at the time, to be honest. That’s a big reason the DAO grew to $150 million in pure ether purchases.
Soon Christoph didn’t feel like himself anymore. The stress was winning. This wasn’t like him; he came from a large, stable family. The Jentzsch clan had lived in the Mittweida area since the 1500s. His parents have 36 grandchildren. Christoph also had a strong connection to his Mormon faith. His grandfather had brought the religion to Mittweida when he’d started the first Church of Jesus Christ of Latter-day Saints in the small town. Christoph’s wife was another calming influence on him and had supported him through the DAO roller coaster. And still he felt he was getting sucked into the chaos: he went up and down in depressive fits. Like the DAO code, it seemed unstoppable once deployed.
Griff Green was in Mittweida on the day of the attack. He woke in the spare bedroom of Christoph’s mom’s house to his smart phone blowing up with messages that the DAO was being hacked. He called Simon and Simon called Christoph.
Griff hadn’t seen Christoph is such bad shape before. Before becoming slock.it’s first employee, Griff had done Thai massage in Beverly Hills. “I didn’t have a license to do it, because you know I’m not the kind of guy to get a license,” he said. “There was this very intense moment that day when [Christoph] was like, ‘I don’t know what to do.’ He wasn’t crying, but he looked like he was on the verge and he just had to lay down. He was having kind of a panic attack.” Griff went to work on his boss and friend, giving him a massage to help calm him down.“Germans aren’t the most touchy-feely guys,” Green said.
“There were so many fears,” Griff said.“Does this destroy Ethereum? Does this destroy DAOs? What’s going to happen to all this money?”
Not a cent in the DAO belonged to Jentzsch. This was other people’s money, and for a religious, family-oriented man, a good man, that made the theft all the more troubling.
“Dealing with other people’s money fucking sucks, you know?” Griff said.
As the May 28 DAO fundraising deadline had approached, the amount of ether in the DAO just kept going up. No one could ignore the magnitude of what the DAO was becoming right in front of their eyes. The $5 million Christoph expected became a drop in the bucket and he began to freak out.
See also: Nolan Bauerle – The DAO is a New Dow
“I was really not a good husband or father at this time,” Christoph said. He lay in bed that Friday morning when the phone rang. His wife answered and then told Christoph that his brother had said something was wrong with the DAO and he needed to log on right away. In his home office Christoph checked Etherscan, the Ethereum blockchain block explorer (kind of like Google for a blockchain). He saw money leaving the DAO through the split function, which existed in case a DAO user wanted to get their money back and leave.
“In the beginning I thought, well, it’s just someone leaving the DAO,” he said. “But then it’s very weird, it’s always the same amount coming out all the time. And it was one transaction, so one transaction and many payouts. But it should be only one payout per transaction.”
Something was very wrong. He lay on the floor of his office then, trying to keep the world from slipping away. Yet he felt a mix of emotions. “There were two kinds of feelings in me,” Christoph said. “One feeling was – I felt released – because this was clearly the end of the DAO." This insane, amazing, stressful chapter in his life would finally be over. His responsibility would cease.
“On the other side, there was shock and a feeling of, I basically messed up the whole system. I need to fix this now,” he said. “I need to find out what’s going on, people are losing money. I could go to jail. This kind of fear.”
He got up off the floor and started to fight back.
Excerpted with permission of the publisher, Wiley, from "Out of the Ether" by Matthew Leising. Copyright (c) 2021 by Matthew Leising. All rights reserved. This book is available wherever books and eBooks are sold.
The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.
Learn more about Consensus 2023, CoinDesk’s longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.