Ethereum/TheDAO hack explained

Everyone have heard about Ethereum DAO hacks, but maybe its not at all simple to understand. Let’s give a try at explaning..

What is Bitcoin?

I'm sure you know, or have an idea what Bitcoin is, but I'll explain it again in terms that are important here.

Bitcoin is just a public ledger (the "blockchain"), of all transaction there ever was. This ledger is huge (80-gigabytes) and growing, but Moore's Law says computers grow even faster, so that shouldn't be a problem.

Each entry in the ledger says to move the coins received in these previous entries, and give them to this recipient. In other words:
move these coins I received there, to this guy here
In the future when that guy spends the coin in a new transaction, he'll refer back to this transaction here. That's why it's called a "chain" -- every transaction refers to a previous one, back to the original creation of the coins.

Actually, these transactions aren't fixed as simply moving money around. Instead, ascript is used, written in a bitcoin-specific programming language that can do things like add, multiply, and compare numbers. However, it's not a full programming language. It can't call functions or execute loops. It's complex enough to do allow some creativity, such as allowing transactions to be escrowed by a third party, but it can't do much more than that.

What are alt-coins?

After Bitcoin took off, other people started to create their own variations.

Most of these variations have offered no meaningful improvement over Bitcoin. They instead are just popular among speculators who pump and dump, hoping to buy in at a low price and sell to some fool at a higher price.

There are only two alt-coins that have actually made an improvement: ZeroCoin and Ethereum. ZeroCoin works by making transactions anonymous. Ethereum is the alt-coin that is being discussed here.

What is a colored coin ?

The term "Colored Coins" loosely describes a class of methods for representing and managing real world assets on top of the Bitcoin Blockchain.
While originally designed to be a currency, Bitcoin's scripting language allows to store small amounts of metadata on the blockchain, which can be used to represent asset manipulation instructions. For example, we can encode in a Bitcoin transaction that 100 units of a new asset were issued and are now credited to a given bitcoin address. A colored coins wallet can create a Bitcoin transaction that encodes sending 50 units of an asset from one address to a new address, and so on.
Real world Value is attached to those units (or "digital tokens") by the asset issuer's promise to redeem them for some goods or services. For example, a 100 seat movie theater can issue 100 units of a "watch movie X at time Y" asset and promise to redeem each unit for a right to enter a certain screening of a movie.
The advantage of using Bitcoin's blockchain as the backbone leverages Bitcoin's strengths, such as immutability, non-counterfeitability, ease of transfer, robustness and transparency thus allowing asset manipulation with unprecedented security and ease.
In principle one can represent asset manipulation data on other blockchains (e.g. Litecoin). The term "Colored Coins" is usually associated with implementations that
Use the Bitcoin blockchain (as opposed to e.g. NXT)
Do not issue an auxiliary coin (e.g. Mastercoin's MSC or counterpary's XCP)
Note that the term Colored Coins stuck from older implementations such as the EPOBC protocol where an asset was actually associated with satoshis (thus "coloring" them). Other implementations use other ways to encode assets on the blockchain, mostly using the OP_RETURN scripting code, so it is no longer the only case that individual satoshis are "colored".

What is Ethereum?

Launched in 2015, Ethereum is a decentralized software platform that enables SmartContracts and Distributed Applications (ĐApps) to be built and run without any downtime, fraud, control or interference from a third party. Ethereum is not just a platform but also a programming language (Turing complete) running on a blockchain, helping developers to build and publish distributed applications. The potential applications of Ethereum are wide ranging.

A Smart Contract is…

To put it as simply as possible, the term ‘smart contract’ can refer to any contract which is capable of executing or enforcing itself.
Smart contracts are written as programming code rather which can be run on a computer rather than in legal language on a printed document. This code can define strict rules and consequences in the same way that a traditional legal document would, stating the obligations, benefits and penalties which may be due to either party in various different circumstances. But unlike a traditional contract it can also take information as an input, process that information through the rules set out in the contract, and take any actions required of it as a result..

It is a contract that generates 10 thousand tokens to the creator of the contract, and then allows anyone with enough balance to send it to others. These tokens are the minimum tradeable unit and cannot be subdivided, but for the final users could be presented as a 100 units subdividable by 100 subunits, so owning a single token would represent having 0.01% of the total

What is The DAO?

A Decentralized autonomous organizations (“DAO”) is a new type of organization, best comparable to a digital company, but without an attached legal entity. Made from irrefutable computer code, it is operated entirely by its community, which backs its future growth by purchasing DAO tokens using ETH, the fuel of the Ethereum network.

There are many types of DAOs on the Ethereum blockchain, but one in particular isTheDAO, which is some sort of DAO-based mutual-fund/investment-fund. You buy in, vote on which investments the fund should make, then reap the returns. It looks like a big organization, but it actually just runs as bits of code and data within the Etherium blockchain.

This investment scheme has gobbled up 10% of Ethereum coins, or $100 million worth out of Ethereum's $1 billion ecosystem.

When you want to leave the fund, you split from it. This includes your share of unspent Ethereum coins, but also tokens representing returns on investments you were part of, but which haven't yet paid out. That's why you "split" rather than "cash out", you need your own DAO shard to track those investments until they pay out.

How did The DAO get hacked?

When a member exits the investment scheme, they call the function name splitDAO(). There are two issues.

The first is that the member will supply some of their own code with the transaction. Among the things that code will do is tell the DAO code how to transfer Ethereum coin. It's a necessary feature, part of Bitcoin as well.

The second issue is that Ethereum code is recursive. That means when a function is running, it may call itself a second time.

The bug is that when splitDAO() is called, it will then call the recipients code to transfer Ethereum coin, after which the recipients code will call splitDAO() again before finishing. This causes the process to repeat itself, transferring more Ethereum coin, then calling splitDAO() again, which calls the hacker's code, which calls splitDAO(), which calls the hacker's code, and so on. The process will continue endlessly, until it drains all of TheDAO's coin.

When you split like this, they still force you to wait 27 days before you get your Etherium coin. Thus, the hacker doesn't actually have use of it for another month.

How can they recover the stolen money?

They can't -- at least not without destroying the entire principle of cryptocurrencies. It's like trying to cure cancer with a Howitzer.

One solution is to roll-back the blockchain before the theft. Of course, that means screwing over everybody who made a transaction since then. You'd be screwing people out of $1 million in order to compensate the theft of $100 million. This is, of course, the type of corrupt thinking that gets us into banking failures in the real world, as we screw over everyone else in order to protect those banks who are too big to fail.

Another solution is to update the Ethereum code to blacklist this address, or better yet, insert a magic key that will give control over those funds back to TheDAO.

The problem with changing the code is that it forks the blockchain. Transactions are added to the chain by miners -- a decentralized group of people. It can include you, if you want to run mining software on your computer. Those miners who update their code to the change will be working off a different blockchain than those who don't. The blockchain will repair itself if 51% of the miners update to the latest code (a soft-fork), but it'll be hopeless broken if they don't (a hard-fork of two irreconcilable chains).
Sources:
http://avc.com/2016/06/some-thoughts-on-ethereum-and-the-dao/
http://blog.erratasec.com/2016/06/etheriumdao-hack-similfied.html#.V4kBDvnhD0Q
https://en.wikipedia.org/wiki/Decentralized_autonomous_organization
https://en.bitcoin.it/wiki/Colored_Coins
http://cryptorials.io/a-beginners-guide-to-smart-contracts/
http://blog.zorinaq.com/bitcoin-the-simplest-non-technical-explanation/