|
|
|
|
|
|
by carver
3645 days ago
|
|
|
You've nailed it. In this case, the call stack depth would halt you before TheDAO runs out of funds, though. So you end up with some multiple, say 30x, where you can put in 1 ether and drain 30 ether. There is about a month lockup period during which your seed cash and your multiplied cash is frozen. What made this particularly devastating is that there was a second bug which allowed the attacker to transfer their token that represented that first ether back to the DAO. So instead of 30x return, they could eventually drain the whole DAO (although they stopped after the discussion of a fork began). I'm largely basing my understanding off this article:
http://vessenes.com/deconstructing-thedao-attack-a-brief-cod... |
|
|