The Daily Chain
No Result
View All Result
  • News
    • All News
    • Assets
    • Bitcoin
    • Business
    • Editor’s Picks
    • Technology
  • Markets
    • Market Updates
    • Live Cryptocurrency Market Prices
    • Press Release
  • Features
    • Articles
    • Opinion
    • Interviews
    • Quiz
  • Education
    • Blockchain
    • Trading
    • Investing
    • Safety
  • Media
    • Video
    • Podcasts
  • Reviews
  • Asset List
  • News
    • All News
    • Assets
    • Bitcoin
    • Business
    • Editor’s Picks
    • Technology
  • Markets
    • Market Updates
    • Live Cryptocurrency Market Prices
    • Press Release
  • Features
    • Articles
    • Opinion
    • Interviews
    • Quiz
  • Education
    • Blockchain
    • Trading
    • Investing
    • Safety
  • Media
    • Video
    • Podcasts
  • Reviews
  • Asset List
No Result
View All Result
The Daily Chain
No Result
View All Result
Home All News

Warning! Possible but Expensive Attack Could Cost Maker $340M in ETH

Wayne Jones by Wayne Jones
10th December 2019
3 min read
0
Warning! Possible but Expensive Attack Could Cost Maker $340M in ETH
0
SHARES
0
VIEWS
FacebookTwitterLinkedinTelegramEmailWhatsapp

A co-author of Augur’s original white paper gave a detailed analysis of how a wealthy hacker could turn $20M (40,000 MKR) into $340M in only 15 seconds. Micah Zoltu, a software developer who works independently now, warned that Maker funds are not safe in the ETH blockchain.

The analysis shows how it is possible to steal all the collateral in Maker DAO (MKR), the protocol behind both DAI and SAI cryptocurrencies. A good part of other assets from Maker integrated systems such as Uniswap and Compound are also vulnerable to the attacks. 

All these systems are designed to benefit from each other, and their connections make them share a protocol weak-point. 

Zoltu claims that Maker knew the problem existed even before they released the Maker DAO v2 or the Multi-collateral DAI or McDAI. This newer version was supposed to contain “emergency shutdown and governance delay” safeguards to prevent these kinds of attacks, but the company did not include them. 

The Maker DAO Mother Load Defenders Work with a Zero seconds Response Time against Attacks

 Maker DAO, the DAI protocol, has in its reserves $340M in ETH, in both the first and second releases which are governed by a class of wealthy holders. This group poses the first threat to the system because they can control how the entire system behaves and are rich enough to launch a wealthy attack.

The governance uses a system where users stake 80,000 MKR on the contract they want to control the system. The contract with the most staked MKR known as the executive contract is given the control.

This means for the user to start doing what they want, they must stake a starting amount of $41M. To ward off malicious contract users, the system executes a delay between the time a new contract is chosen, and before it starts to make changes.

According to the report, the delay window can be used by anyone with enough MKR to trigger a global settlement of the entire system and shut it down before the new contract has any time to react.

A malicious user with an executive contract programmed to steal all the collateral would have to wait for the delay window and hope the defense mechanisms do not get triggered. The problem is, according to Zoltu, “the Maker Foundation has decided that appropriate value for this governance delay is zero.” This is the weak point because it gives defenders no time at all to defend the system against wealthy and malicious attackers.

Anyone on the Network Poses a Threat

A quick enough hacker can use this window of opportunity to rob all the DAI in Uniswap and all the ETH liquidity in the DAI/ETH pair. The same can be done for Compound and semi-decentralized exchanges on the network.

Zoltu states that Maker Foundation could even attack the system themselves if they wanted to, as they have more than enough amount of MKR to launch executive contracts:

“What should scare you here is that this isn’t #DeFi, this is #CeFi, but instead of only one person being able to steal all your money (the bank), the bank or any of a number of large individual shareholders, or a group of smaller shareholders could decide to steal all of your money at any time.”

Such an Attack Would Cripple the Whole Network

If such an attack occurred, everyone in the CPD/Vault would be completely wiped out, and DAI prices will plummet to the bottom, followed by a zero MKR value. Ethereum would also take a beating since this would be a failed development in its ecosystem. 

Even with the unlikely event that Maker would be able to get back on its feet after such an event, Maker expressly stated that this is not worth them giving up instantaneous governance control to protect against attack.

The general outline of their defense procedure looks like a longer version of ‘winging it,’ which is ironic for developers that have some of the most difficult code in the blockchain industry. 

Tags: ETHMaker DaoNetwork Attack
ShareTweetShareShareSendSend
Wayne Jones

Wayne Jones

Wayne is a Blockchain enthusiast and expert in crypto trading. Currently, I cover trendy issues on digital currencies.

Related Posts

Capital Manager: ETH Price Will Double Once Bulls Takes Out $1,400
All News

Capital Manager: ETH Price Will Double Once Bulls Takes Out $1,400

15th January 2021
Scam-Elon musk-Crypto
All News

Scammers Make upwards of $580,000 From Elon Musk Scheme

15th January 2021
Indian Hacker Steals $1.2M in BTC and Accesses the Government Website
All News

Indian Hacker Steals $1.2M in BTC and Accesses the Government Website

15th January 2021
Over $2bln of ETH is now staked in Ethereum 2.0
All News

Reports suggests some exchanges are running low on ETH

15th January 2021
Paxos Adopts Chainlink Oracles to Expand Their DeFi Market
All News

Paxos Adopts Chainlink Oracles to Expand Their DeFi Market

15th January 2021
Ledger-Data breach
All News

Ledger Customer receive Threatening Emails after information of 20,000 more Leaked

15th January 2021
Next Post
wom-artwork

WOM Protocol's Authentication Method: The Future of Marketing?

Bitmain

Will Bitmain CEO be able to ‘Save The Ship’ with this New Strategy?

Please login to join discussion
  • All News
  • Editor's Picks

Capital Manager: ETH Price Will Double Once Bulls Takes Out $1,400

Scammers Make upwards of $580,000 From Elon Musk Scheme

Indian Hacker Steals $1.2M in BTC and Accesses the Government Website

Polkastarter Primed for 2021

Reports suggests some exchanges are running low on ETH

Join our newsletter!

Enter your email to receive our newsletter.


Don’t worry, we don’t spam
ADVERTISEMENT

Popular Posts

  • Ripple Targets 10 Million Customers With New Strategic Partnership

    Ripple Targets 10 Million Customers With New Strategic Partnership

    0 shares
    Share 0 Tweet 0
  • First Signs of Bitcoin Panic Shows as Whales Profit from Correction

    0 shares
    Share 0 Tweet 0
  • Genitals for bitcoin – Hackers take control of Smart Chastity Cages and demand Bitcoin Ransom

    0 shares
    Share 0 Tweet 0
  • Capital Manager: ETH Price Will Double Once Bulls Takes Out $1,400

    0 shares
    Share 0 Tweet 0
  • Bitcoin Makes Swift 20 Percent Recovery as Banks Prepare to Post Major Losses

    0 shares
    Share 0 Tweet 0

Market Updates

Capital Manager: ETH Price Will Double Once Bulls Takes Out $1,400

Capital Manager: ETH Price Will Double Once Bulls Takes Out $1,400

15th January 2021
The Current BTC Uptrend is the Second Most Powerful in History

The Current BTC Uptrend is the Second Most Powerful in History

8th January 2021
Breaking: Bitcoin Bulls Finally Breach $40k As Parabolic Rally Gains Pace

Breaking: Bitcoin Bulls Finally Breach $40k As Parabolic Rally Gains Pace

7th January 2021

Media

hashoshi-alts (2)

Altcoin Season Picks / Projects with Huge Potential

9th September 2020
cardano-ADA

Hashoshi: Cardano Shelley is live… but what’s next is WAY BIGGER

19th August 2020
hashoshi-alts

Hashoshi: Low Cap Alts you need to be watching in 2020

5th August 2020
fomohunt-podcast

FomoHunt Podcast – Joe Vezz & Jon Farjo: Tracking Social Sentiment Waves with Lunar Crush

30th July 2020
ethereum-hashoshi

Hashoshi: Ethereum 2.0, Chainlink, Bitcoin Price, and more!

27th July 2020
fomohunt-podcast

FomoHunt Podcast – Joe Roets: Behind the scenes of “Open source money”

24th July 2020
The Daily Chain

The Daily Chain is a news platform and educational hub founded in January 2019. We are dedicated to providing unique and informative daily content across all facets of the blockchain and cryptocurrency industry whether it be news, opinion pieces, technical analysis, reviews, interviews, podcasts and more.

LEARN MORE »

Recent Posts

  • Capital Manager: ETH Price Will Double Once Bulls Takes Out $1,400
  • Scammers Make upwards of $580,000 From Elon Musk Scheme
  • Indian Hacker Steals $1.2M in BTC and Accesses the Government Website
  • Polkastarter Primed for 2021

Information

  • About
  • Contact
  • Site notice
  • Risk Warning
  • Privacy Policy

Categories

  • News
  • Markets
  • Features
  • Education
  • Media
  • Reviews

TheDailyChain © 2020. The Home of Digital Assets

No Result
View All Result
  • News
    • All News
    • Assets
    • Bitcoin
    • Business
    • Editor’s Picks
    • Technology
  • Markets
    • Market Updates
    • Live Cryptocurrency Market Prices
    • Press Release
  • Features
    • Articles
    • Opinion
    • Interviews
    • Quiz
  • Education
    • Blockchain
    • Trading
    • Investing
    • Safety
  • Media
    • Video
    • Podcasts
  • Reviews
  • Asset List

TheDailyChain © 2020. The Home of Digital Assets

At The Daily Chain, we are committed to protecting the personal data of our audience.
In light of the General Data Protection Regulation, we are asking our audience in Europe to consent to the use of cookies by The Daily Chain and its partners to continue to our site. These cookies are used to personalize your user experience (content and ads) and support and improve the site. Please click “I Agree, Continue to Site” below to consent to the use of this technology and continue to TheDailyChain.com. Visit our Privacy Statement to learn more. Cookie settingsAgree, continue to site
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are as essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled

Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.

bitcoin
Bitcoin (BTC) $ 36,744.00 3.92%
ethereum
Ethereum (ETH) $ 1,187.36 3.24%
tether
Tether (USDT) $ 1.00 0.83%
polkadot
Polkadot (DOT) $ 14.92 5.49%
ripple
XRP (XRP) $ 0.280827 3.42%
cardano
Cardano (ADA) $ 0.315533 1.12%
litecoin
Litecoin (LTC) $ 143.09 4.37%
bitcoin-cash
Bitcoin Cash (BCH) $ 489.21 3.45%
chainlink
Chainlink (LINK) $ 22.12 20.48%
stellar
Stellar (XLM) $ 0.285825 3.45%
Newsletter

Join our newsletter!

Enter your email to receive our newsletter.

Don't worry, we don't spam