Moratorium Proposed on DAO as a Security Precaution
Vlad Zamfir, a researcher for the Ethereum Foundation, has called for a temporary moratorium on The DAO in the coming weeks to assess and resolve some outstanding security issues after the crowdsale is complete. With over $120 million USD equivalent in value being raised in the crowdsale thus far, there have been numerous concerns raised over the security of funds within The DAO after the crowdsale is finished on May 28th at 9:00 GMT.
In an effort to take a prudent and thorough approach to address these concerns, Zamfir’s proposal would attempt to fix seven different attack options identified in a blog post on Hacking Distributed. An in-progress document illustrating the moratorium proposal and analysis is also available through Google Docs.
The proposal has come after two weeks of analysis including Zamfir, Dino Mark and Emin Gun Sirer where they deep-dived into the code of The DAO, seeking out potential holes in security. While a feature of The DAO’s functionality and core code is that DAO token holders can vote on proposals within The DAO, what’s clear through Zamfir’s proposal is that there’s a lot of undetermined factions of how The DAO will work once the funding phase is over which could cause confusion among members and could worsen the security threat to The DAO as a whole as well for individuals members. What the moratorium basically provides is a halting of proposals and funding events until the system has been fully upgraded.
With several high-profile cryptocurrency exchanges being hacked within recent months, there’s no doubt that the level of security needed for holders of cryptocurrencies is significant. With the The DAO tokens becoming increasingly valued and popular, there is sure to be a large amount of attention from malicious hackers who would look to exploit any possible weaknesses in the systems associated with The DAO. Whether those systems are weak in how The DAO itself operates on Ethereum or in how the tokens are exchanged through trading platforms, Zamfir and his colleagues seem to have both individual and the larger community’s interests at heart here.
There has also been talk of proposing a $1.5 million security proposal from the Slock.it team to manage the security assessments, analysis and improvements. Controversy emerging from these proposals isn’t directed so much at the content of what’s being proposed (although there are some specifics which individuals are taking issue with), but rather at the fact that curators are proposing these ideas outside of the voting mechanism built into The DAO. The argument for the proposal is that it is necessary, as a precaution, so that in the days after the closing of the crowdsale, The DAO isn’t tarnished by an attack of some sort.
There is no official end date on the moratorium at present; however, it appears that there will be many well-informed individuals working on the security issues set forth within the Ethereum community. Votes are being cast on https://dao.consider.it/ for or against the proposal.