The DAO was one of the first decentralized autonomous organizations. It was launched in 2016 and raised $150 million USD worth of Ether. For that time it was a huge amount.
The purpose of the DAO was to be a decentralized venture capital fund. It was built on the Ethereum blockchain. Within a few months after launch, the DAO was hacked and more than $60 million worth of ETH was stolen.
To restore the funds, the Ethereum blockchain was forked. This was quite controversial at the time and resulted in Ethereum classic and Ethereum as we know it. Ethereum is the modified version and Ethereum classic, the unmodified.
The DAO Hack
The sale of the DAO tokens took about a month. During that period the tokens were locked up, meaning they couldn’t be used for transacting or trading. After that month the DAO had 11,000 investors contributing in total $150 million, making it one of the biggest crowdfunding efforts at the time.
Even during the token sale, the community had already flagged vulnerabilities in the code. The developers didn’t act upon this quickly enough and a hacker started exploiting the bug in the smart contract.
The DAO had a mechanism to split the DAO into two DAOs, basically allowing someone to make their own decentralized pool of capital for investing. In order to do this, the hacker created a proposal and initiated the p.splitData[0] function.
In order to determine how many tokens should be moved to this new DAO, the balances array is utilized. Now comes the trick:
The DAO smart contract used the TokenCreation.sol function to send the tokens. The first step of the function was sending the rewards to the newly created DAO and after it would verify the balance to see if the tokens were really sent.
The hacker now initiated again the split token, which canceled the TokenCreation.sol function and started the function again, sending new tokens, but then, before it could verify the tokens arrived, the hacker canceled again. By going through this loop over and over the hacker was able to steal $50 million worth of ETH.
The hacker stole a total of 3.64 million ETH, which was about 5% of all ETH outstanding at the time. Today’s value is about $11 billion! The hack sent the price of Ethereum crashing.
The Hacker
A few years later Laura Shin, Forbes journalist and host of ‘The Unchained Podcast’ recently launched a book in which she claims that she uncovered the hacker of the DAO.
She has quite some evidence to back up these claims and worked together with Chainalysis, a company specialized in analyzing blockchain activity to find potentially illicit actions.
The hacker converted the stolen Ethereum into Bitcoin using a centralized exchange that didn’t do KYC at that time. The hacker did that for about 3 months and gathered 288 Bitcoins.
Afterward, he sent the Bitcoins to the Wasabi wallet, where he used a mixer. This bundles all Bitcoins together, making it, in theory, not traceable where you send those Bitcoins after. It is a black box.
The proprietary technology of Chainalysis was able to trace the transactions, however. The Bitcoins were sent to four different exchanges. Laura Shin knew someone at one of the exchanges and figured out that the BTC was traded into Grin, a privacy coin.
The hacker withdrew the tokens to operate a Grin node running on a URL with a human-readable format called ‘grin.toby.ai’. Toby.ai is the alias that the hacker used for all of their social media accounts, which made the trail complete.
Laura Shin dug deeper in the node URL address and found that it also ran several Bitcoin Lightning Nodes, of which one was called TenX. Surprisingly enough, the person behind Toby.ai also happens to be the co-founder of the TenX protocol.
Toby Hoenisch founded TenX by doing an ICO that raised $80 million dollars. It aimed to launch credit and debit cards that could be used for transacting in cryptocurrencies.
Toby was an active contributor to the DAO at the time before the hack and actually flagged the vulnerabilities in the code to the developers. As described above, they failed to take proper action.
Laura Shin, Chainalysis, and other investigators into this hack are highly convinced that Toby Hoenisch is the infamous hacker. He himself denies it and told Laura Shin he would provide the evidence for that, but hasn’t yet followed up.
Is he really the hacker? We are not sure. It could be that someone else had designed this whole trail on purpose, knowing it would lead to Toby, who publicly stated he was aware of the vulnerability. Now it’s in the hands of legal experts to discern the truth and come up with a righteous judgment. But the most important thing to note — blockchain never forgets.
About Lossless
Lossless is the world’s first DeFi hack mitigation tool for token creators. Apart from our known cyber security solutions and renowned professionals, the community also plays a role. With a tangible reward system, community members are also encouraged to explore new ways to detect hacks and fraudulent transactions.
Our protocol halts counterfeit transactions through various methods of fraud identification and automatically reverses any stolen tokens back to the original owner. Our solutions to the impending problems of cyber theft within the blockchain space are thorough and applicable within many protocols.
Twitter | Telegram | Discord | Website | Whitepaper | FTX Signal
