The Ethereum community was recently faced with a game-changing decision. Experts from Deloitte’s Grid Blockchain Lab examine the route taken and what it means for the platform going forward.
Immutability exists to ensure the preservation of truth across a community. It provides an auditable proof that events have occurred exactly as prescribed and expected.
It is this predictability and assurance that is so valuable to the blockchain community and one can question whether it has been challenged by the ‘hard fork’ decision made by the Ethereum community.
The available options
When the code is the contract, obscure or unintended programme features can become the doom of a digital autonomous organisation (DAO). And that’s exactly what happened when $50m worth of Ether moved from the control of an autonomous programme operating on behalf of a large group of investors.
Something rare happened, explained Tyler Welmans, senior manager at Deloitte UK.
“The protocol, operating exactly as prescribed, deviated from what was expected and a community watched in horror as an enormous heist was played out in slow motion, with the inherent security of the Ethereum platform itself suddenly forming the greatest obstacle to any sort of restorative action.”
How would the community react to this?
The first option was to accept the incident and not react at all.
The second option was identified as ‘soft fork’, which accepts all transactions to be valid, but blocks the account holding the suspicious transactions, ensuring the unification of the network and backwards compatibility, while ignoring the attack as such.
The third option was the controversial ‘hard fork’ which creates a copy of the Ethereum blockchain, going back to the block before the suspicious transactions happened. It deletes all transactions after the specific point in time, splitting the blockchain and users irreversibly in two.
“The Ethereum community has voted and decided with 97pc for the hard fork, but was this the right decision?” asked Cillian Leonowicz, senior consulting manager at Deloitte Ireland.
The hard fork effect
The hard fork has been a taboo for bitcoin in the past. Jacob Boersma, manager at Deloitte Netherlands, said, “The decision to actually implement a hard fork was a brave one.”
People were afraid a split would cause uncertainty in the market, reduce trust in the technology and translate into a price drop. At the moment, the news and the market have calmed down and the prices have picked up for both the new Ethereum (ETH) and Ethereum Classic (ETC). [Editor’s Note: This article was originally published prior to the recent DDoS attack on Ethereum and all comments were made prior to this event.]
‘The Ethereum community has voted and decided with 97pc for the hard fork, but was this the right decision?’
– CILLIAN LEONOWICZ
The continued existence of Ethereum Classic is probably the proof that the community does have the power. As Deloitte Italy director Michele Mandelli observed, “The DAO was merely an application built on top of the Ethereum protocol, and only a minority of Ethereum users had participated in it. Part of the userbase simply didn’t care about bailing out a third-party application.
“They stuck with the original chain, thus providing incentive for miners to keep mining the original chain, splitting the network into two.”
Deloitte France consultant Etienne Waldron agreed, stating: “Although forking the Ethereum chain split the community in half and created a new, identical coin, it nonetheless showed justice towards the victims of the attack. Today, ETC’s valuation is still profitable to the attacker but, in my opinion, safely returning stolen Ether paints a better picture than ignoring the attack altogether.”
For Welmans, the hard fork represents a community consensus decision that reflects the totality of truth. “If a community consensus holds – and, on rare occasions, exerts – the power to override the human-written rules governing 99.99pc of the platform’s successful operation, then I feel assured and empowered by that, not threatened. That is not centralised control; it is exactly the opposite. We are the community.”
All Deloitte Grid Blockchain Lab experts agreed that a hard fork should always be an option for a blockchain community, because it is a fundamental property of blockchain and open-source software. As Boersma put it, “The mere possibility of a hard fork can be interpreted as a powerful argument in favour of blockchain. Not allowing the community to choose leads to centralisation, which is contradictory to what blockchain stands for and tries to establish.”
Concerns among the blockchain community
While, on the one hand, empowerment of the network creates strength, it has to be used with caution.
Information is key for sound decision-making around such a complex issue entailing unknown consequences. Deloitte Luxembourg director Thibault Chollet highlighted, “The miners cannot have all the business knowledge to take decision on a business matter whereas, in the end, they have the power to undo what has been done.”
The event raises some questions. For example, Boersma asked if this attack was a good enough reason to hard fork. Indeed, one might wonder in what other cases a hard fork would be required. For example, should there be a vote each time an exchange is hacked?
All Deloitte experts agreed that the hard fork should be used very sparingly in order for it to keep its effect. As Jens Hermann Paulsen, senior consultant at Deloitte Germany, said, “Jurisprudence every time […] does not profit its users.” We need to clarify, though, what the criteria are for opening the debate and asking the community to vote.
Chollet highlighted the emergence of other very important questions around “law and jurisdictions, trust in a global authority (composed of all the miners), administration of the blockchain and the code that runs upon it” which need to be debated.
‘Not allowing the community to choose leads to centralisation, which is contradictory to what blockchain stands for and tries to establish’
– JACOB BOERSMA
So, is hard forking a good solution for widely agreed changes?
Mandelli pointed out, “Ethereum’s case proves that consent for a hard fork exists only after the fork has occurred. Any prior vote is basically a poll. True forking only happens when users opt-in to the new network (and, sometimes, abandon the old one).
“It is very dangerous to assume that a minority fork will simply die. This can lead – and, in fact, has led – to multiple blockchains emerging from a contentious hard fork.”
One of the main lessons learned is to “thoroughly test code before you publish it on a blockchain”, advised Boersma. Specialists in independent code review can assist with this kind of testing, which becomes primordial for an open-source code, exposed to the world and impacting a chain of irreversible transactions.
This attack also shows that we should be careful with overly complex and fully autonomous code, as it is difficult to completely verify the soundness of such code. A higher degree of caution needs to be applied in the future to autonomous contracts, especially as they may be designed to harm the ecosystem by employing maliciously constructed code, or even artificial intelligence to execute decisions that violate laws and harm people.
‘By considering extreme scenarios, we test our fundamental principles’
– TYLER WELMANS
Welmans said, “Consider a DAO set up by a hostile nation state to offer bounty payments for acts of sabotage or violence against an adversary. Unlikely? Yes. Possible? Yes. By considering extreme scenarios, we test our fundamental principles.”
The post-fork environment
An interesting evolution is the post-fork coexistence of both the Ethereum and Ethereum Classic blockchains.
Arnaud Michelet, senior consultant at Deloitte Germany, said, “It will be interesting to see how the community will adjust and incentivise the more than 20pc of the users who did not yet trigger the exchange of their DAO token, to do so.”
While, currently, we have a real competition with people either being pro-ETH or pro-ETC, Waldron commented, “Having two similar chains competing one against the other creates an unhealthy environment.”
However, looking at public apps based on Ethereum, it does seem that the majority of users support the fork and are following the new chain.
Ethereum is still in its infancy. It is too early to assume that the platform is perfect and, actually, there is a good chance further substantial protocol modifications may be proposed in future as the development roadmap is advanced.
Indeed, some already foresee a switch from ‘proof of work’ (where miners exist and depend on computing power) to a ‘proof of stake’ (no miners, relies on the stake one has in the ecosystem, ie number of coins) consensus algorithm. Welmans explained that this requires a significant protocol update that will almost certainly involve a hard fork.
Not only is Ethereum still young and in its early stages, other blockchain solutions are too, and the hard fork could open the door for fundamental changes, eg to fix the bitcoin scaling issue.
At the same time, the agreement is loud and clear that this attack and the subsequent discussion should not discourage companies from researching or investing in blockchain.
The important message is that the underlying technology itself still has never been hacked successfully, and remains a secure technology for recording transactions.
The Deloitte EMEA FSI Grid Blockchain Lab is a collaboration of blockchain experts from Deloitte’s EMEA member firms.
This article from Deloitte’s Grid Blockchain Lab was originally published by Deloitte.