| - I don't think there's any definitive details yet, but it could be an instance of this attack [1]. The code behind the DAO is available here [2]. Apparently [3], there's a bug where one can recursively call `splitDAO` multiple times to extract ether from the contract if one has a split open. - Ether can go missing when it is sent to a public address which has no known corresponding private key. It's a "we can't inverse a hash" type of problem. - People lose if they're holding a long position on ETH, or have DAO which they can now no longer recoup to ETH. People gain if they're shorting ETH, or are the attacker themselves (it looks like the ETH from the dao is going to this address [4]) - Looks to be an existential threat to the DAO from where we're standing right now. I can't see any mitigations but an entire Ethereum blockchain split. [1] https://blog.slock.it/no-dao-funds-at-risk-following-the-eth... [2] https://github.com/slockit/DAO/blob/develop/DAO.sol [3] http://pastebin.com/DykumjLs [4] http://etherscan.io/address/0x304a554a310c7e546dfe434669c628... |
I looked into this a bit more, and it seems very likely that the attackers are exploiting a recursive call - from https://live.ether.camp/account/304a554a310c7e546dfe434669c6..., I can see that most of the transactions are internal, with the API reporting monotonically increasing call-depth values. It seems like there are three recursive calls involved here: one call in the DAO, a second call to transfer money to the attacker, and a third "dummy" call which appears to transfer nothing (but presumably kicks off the next recursion into the DAO).
The scary thing, to me, is that someone else could figure out the bug right now and start exploiting it - presumably, all the relevant code is open source.