With any new technology, there are bugs that lead to unintended consequences. So-called smart contracts are not immune.
Case in point is the Distributed Autonomous Organization, a virtual venture capital business that operates solely using smart contracts. Its developers coded smart contracts using Ethereum’s architecture to handle every function that normally an employee would do.
They launched on April 30, and within three weeks had approximately 11,000 investors contributing $150 million to the project.
It only took another four weeks before hackers exploited loopholes in the DAO codebase to transfer $50 million from various accounts to a separate account.
A group of white-hat hackers, which reportedly included a few Ethereum core developers, managed to secure the remaining $100 million through a little counter-hacking and deposited the virtual currency into a new account for protection.
To retrieve their existing investments, DAO miners, investors, vendors, and others voted to adopt the “hard fork” that Ethereum Foundation plans to implement on July 20, which would roll back the DAO smart contract to before the hack.
The financial services firms are whistling past the graveyard if they think that they won’t encounter similar issues when they start deploying their own smart contracts in the wild.
Hackers would have a harder time compromising a private permissioned blockchain compared to public permission-less ones like the DAO. However, hackers already cracked industry intranets that were thought to be nigh invulnerable.
The real threat is smart contracts’ immaturity as a technology. It hasn’t been around long enough to develop a track record that can be used to create best-practices or a suite of reliable testing tools. Like with anything new, there will be trial and error.
However, there is a bright spot for those running private permissioned blockchains. Their communities will be much smaller than those of public and permission-less counterpart, which make reaching consensus much easier.
Also, a private permissioned blockchain operator could require potential members to agree on a remediation process before allowing them to play in the private sandbox.
If the operators wait until after there’s an incident to develop a remediation plan, it is a good way to kill that particular blockchain.
For more on Smart Contracts
- Distributed Ledger as Corporate Intranet
- OPINION: Will Blockchain Be Nirvana ?
- Blockchain Comes Out of the Lab
NEWSLETTER SIGN UP
And receive exclusive articles on securities markets
It's been a month since we had our Women In Finance Awards in New York City at the Plaza! Take a look back tab some moments, and nominate for our upcoming awards in Mexico City and Singapore here: https://www.marketsmedia.com/category/events/
4
Citadel Securities told the SEC that trading tokenized equities should remain under existing market rules, a position that drew responses from various crypto industry groups. @ShannyBasar for @MarketsMedia:
SEC Commissioner Mark Uyeda argued that private assets belong in retirement plans, saying diversified alts can improve risk-adjusted returns and that the answer to optimal exposure “is not zero.” @ShannyBasar reporting for @MarketsMedia:
COO of the Year Award winner! 🏆
Discover how Jennifer Kaiser of Marex earned the 2025 Women in Finance COO of the Year recognition.
Related articles
-
SIFMA operations conference panel assesses the impact of technological advances and market volatility.
-
Firms that optimise their operations can better focus on their core competencies.
-
Firms should ensure a robust operational risk approach in tandem with resilience, ITRS Group says.
-
COVID-19 has boosted demand for fundamental change in treasury operations, Hazeltree's Sameer Shalaby writes.
-
The alliance with Coremont will cover front, middle and back office operations.