Lecture 14: Ethereum Governance

When contracts call other contracts, there are four major parameters, g – gas, v – value, in – in size of inputs, out – out size of outputs. The gas must come from the initial transaction, the ongoing calls to different cannot refuel the gas.

By default, all the gas is passed during the contract call and the value passed is 0.

A contract can receive money via contract.send(<money_in_wei>) only if it defines a fallback function

// This function is called with 2300 wei gas by default. This is sufficient for logging.
// Usually left blank
function () {
}
// gas 0 = 2300 wei
f.send(x) = f.value(x).gas(0)();  
The LHS and the RHS are same except for one subtle difference. If send fails it returns false, if the call on the right side fails, it throws an exception.

This has led to subtle bugs, for example, if the call f.send() is made after the stack is already 1024 levels deep then the call to send will fail. A contract not checking its return value can be in trouble.

f.send(100) is safe since it sends only 2300 gas, but f.call.value(100)() is unsafe against reentrancy attacks since it does not have a gas limit by default.

There are three ways to avoid reentrancy attacks – use contract.send, use a mutex to make all public calls non-entrant, and third, use the check-effects-interaction paradigm.

The DAO

The DAO was “the” Decentralized Autonomous Organization launched on April 30, 2016, tokens were available to buy for 27 days. By May 26, 2016, 10.1M Ether was invested in it (10% of all ether). Anyone can table an investment proposal and vote over 14 days, 20-53% was a quorum to put the money in an investment. This itself had a 53% attack, so, anyone with 53% can do whatever he wants. To prevent that 5 of 11 curators have to sign off the proposal. The only way to leave was to do a split which had 7 day signup period, everyone who signs up will leave with you, and then there is 27 day buy-in period. This suffered from a stalking attack since anyone who has majority shares can leave alongside you and get shares in the new DAO as well. The other problem was ambush voting, voting “no” locks one’s shares, so, it was best to not vote till the last moment. 3.6M Eth (5% of all Eth) was stolen via a reentrancy attack on DAO’s splitting code on June 16. July 20 was the deadline when all the forked DAOs to steal money would have been finalized. Hark fork was the only way out to save the lost funds. 81% voted in favor of the hard fork based on the polling by the Ethereum foundation. Some stayed on Ethereum classic on the old chain. Others moved to the new chain “Ethereum”.