区块链骗局新闻,2020年区块链骗局
请查看相关英文文档
Ⅰ What is DAO
DAO is a "decentralized autonomous organization" and a brand new way of human organization collaboration. We have several people and a shared account, which can be said to be a DAO. In a DAO, each of us has autonomy and control over our own data, which fully reflects the characteristics of "decentralization". ——Yixing
Ⅱ The new trend in 2022, what exactly is "DAO"
Can you imagine a way to organize with other people around the world without knowing each other? But the other party establishes corresponding rules and makes its own decisions autonomously, all of which are encoded on the blockchain?
The DAO is making this a reality.
Recently, some DAOs have begun to attract the attention of more traditional investors, including billionaire Mark Cuban, who calls them “ The ultimate combination of progressivism.” Venture capital firm a16z has also led multi-million dollar financings in individual DAOs and companies supporting the creation of DAOs.
With Messari predicting that DAOs will be the “next big trend” in the field, you may be wondering what exactly are DAOs?
Today, we will explain it to you.
1
That, What is DAO?
The full name of DAO is Decentralized Autonomous Corporations, which means decentralized autonomous organizations.
To understand DAO, you first need to understand the technology behind it. Most DAOs rely on blockchain technology and smart contracts, which are collections of code that run on the blockchain.
We know that in traditional organizations, there is usually a hierarchy: a formal board of directors, executives or Top management determines the structure and has the authority to make changes.
And DAO is decentralized.Meaning they are not governed by individuals or entities, the rules and governance of each DAO are encoded in smart contracts on the blockchain and cannot be changed unless voted on by DAO members. Instead of a few having the majority say, members of each DAO can vote on decisions together, usually on an equal basis.
For DAO, the blockchain can act as the backbone, maintaining the structure and rules on each chain. The birth of a DAO must have three basic elements:
DAOs are not new, but they are changing As they become more mainstream, let’s break down how they work and whether they are safe.
2
Operation and security issues of DAO
DAO requires the following elements to fully function: A set of Rules to operate, funds like tokens that the organization can use to reward its members for certain activities, and voting rights to establish operating rules. Additionally, and most importantly, a good and safe structure.
One potential problem with voting systems is that even if a security flaw is discovered in its initial code, it cannot be corrected before a majority vote. Hackers can exploit vulnerabilities in the code during the voting process.
In May 2016, German startup Slock.it launched the creatively named “The DAO” to support their decentralized version of Airbnb. At the time, the crowdfunding campaign was a huge success, raising over $150 million worth of Ethereum.
Unfortunately, there are some issues with the code they used in the DAO. Inevitably, in June 2016, hackers attacked the DAO based on these vulnerabilities. The hackers obtained 3.6 million ETH, worth approximately $50 million at the time.
This sparked a massive and contentious debate among DAO investors, with some proposing various solutions to the hacking problem and others Others are calling for the DAO to be permanently disbanded.
At that time, DAO was built onOn the Ethereum network, smart contract algorithms are used to ensure its governance structure and economic incentives. In an effort to thwart cyberattacks, the Ethereum blockchain underwent a hard fork, causing Ethereum to split into two different blockchains - today's Ethereum, where stolen funds were withdrawn and returned, and Ethereum Classic, the original blockchain The blockchain continued to operate and the hacked funds were never recovered.
This is still being called one of the largest hacks in cryptocurrency, exposing the risks of the DAO and eroding investor trust.
According to IEEE Spectrum, DAOs are vulnerable to programming errors and attack vectors. In fact, the potential ramifications of this organizational structure are likely to be numerous, and investors are concerned that they will be held liable for actions taken by the DAO as a broader organization.
3
How to use DAO today?
So far, DAO has been used in many scenarios, such as investment, charity, fundraising, lending, etc., all of which do not involve "intermediaries".
For example, a charity DAO can accept donations from people around the world, and members can decide how to use the donations; a freelance network DAO can create a contract A network of contractors who spend money on office space and software subscriptions; a venture capital DAO can create a venture fund that pools investment capital and votes to support venture capital, and the repaid money can be redistributed among DAO members.
In the past two years, due to the explosive growth of decentralized finance (DeFi), people's interest in DAO has rekindled.
What is the future of DAO? As of mid-2020, the DAO as originally envisioned has not yet been revived. Nonetheless, interest in decentralized autonomous organizations as a broader group continues to grow.
DAOs also need to overcome many potential regulatory and legal challenges, especially in the United States. There are still several unknowns about how the potential legal framework in the United States will affect DAOs and how they operate.
Although there are many lingering concerns about legality, security and structureThere are concerns and potential problems, but some analysts believe that this type of organization will eventually come to the fore and may even replace traditionally structured businesses.
Ⅲ From the perspective of technology and developers, what is DAO in the field of blockchain and what is BlockDAO
As far as the field of blockchain technology is concerned, DAO refers to distributed autonomy Organization community, BlockDAO is a blockchain technology community.
DAO is a mechanism through which we can achieve reasonable economic incentives (allocating risks/rewards) using software on the Internet. Using DAO, people can coordinate with each other on a global scale and achieve common goals without relying on trust or third parties. Blockchain technology makes this mechanism feasible.
The establishment of the BlockDAO community is in the context of the rapid development of blockchain, which faces some problems: the mainstream blockchain community is mostly media-oriented, has an impetuous mentality, focuses on currency speculation, and ignores the promotion and development of blockchain technology. Discussion: After the financing of blockchain projects, they are keen on media PR promotion, but do not develop products and build technical communities in a down-to-earth manner; there is no platform to focus on the development of blockchain technology, connect industry, academia, research and government departments, and construct a complete blockchain ecosystem; There is a lack of fair, independent and powerful third-party platforms in the industry that can objectively reflect the quality and community influence of blockchain project development.
BlockDAO is a community with the core of serving blockchain developers and projects, promoting the implementation of blockchain technology and applications.
IV What controversies and doubts has been brought about by Ethereum
There is an essential difference between Ethereum and Bitcoin. What is the difference? Bitcoin defines a monetary system, while Ethereum focuses on building a main chain (which can be understood as a highway) that allows a large number of blockchain applications to run on this highway.
From this point of view, Ethereum has a wider range of application scenarios, which is why we say that Ethereum marks the blockchain
A pure currency system in the 1.0 era. The blockchain 2.0 era realizes changes in other industries and application scenarios.
However, nothing is perfect in the world. Although Ethereum has expanded the application scope of blockchain in various industries and improved the speed of transaction processing, it also has certain controversies and doubts. .
1. The solution to Ethereum’s insufficient scalability: sharding technology and Raiden Network
The biggest problem with the underlying design of Ethereum is that Ethereum has only one chain and no Side chain means that all programs must run on this chain equally, consuming resources and causing system congestion. Just like the very popular Ethereum game "CryptoKitties" last year, when this game became popular, it once caused the Ethereum network to collapse.
Regarding the issue of improving processing power, Ethereum proposes two methods: one is sharding technology (shard), and the other is Raiden Network. Let’s introduce these two technologies respectively.
(1) Sharding technology
Ethereum founder Vitalik Buterin believes that the reason why mainstream blockchain networks such as Bitcoin process transactions very slowly is because each Miners have to process every transaction on the entire network, which is actually very inefficient. The idea of sharding technology is that a transaction does not need to be processed by all the nodes in the entire network, but only needs to be processed by some nodes (miners) in the network. Therefore, the Ethereum network is divided into many slices. At the same time, each slice can process different transactions. This will greatly improve network performance.
However, sharding technology is also somewhat controversial. We know that the important idea of blockchain technology is decentralization. Only when the entire network witnesses (processes) the same transaction does it have the highest authority. The Ethereum sharding technology is not witnessed by all nodes, but is similar to being witnessed by groups. In this way, it loses its absolute "decentralization" attribute and can only be achieved by sacrificing certain decentralization characteristics. to achieve high performance.
(2) Raiden Network
The Raiden Network uses off-chain transactions. What does it mean? What it means is: when participants using the Raiden Network transfer funds to each other, they do not need to confirm the transaction through the Ethereum main chain. Instead, they create payment channels between participants and complete it off-chain.
However, the Raiden Network is not separated from the main chain. Before establishing a payment channel, you need to use the assets on the main chain as collateral to generate a Balance Proof. Only by having a Balance Proof can you show that you can Make a transfer of the corresponding balance. When both parties to the transaction hold proof of balance, both parties can make an unlimited number of transfers off-chain through the payment channel.
Only when off-chain transactions are completed and assets need to be transferred back to the chain, the balance change information of the main chain account will be registered on the Ethereum main chain, and no matter how many transactions occur on the main chain during this period, There will be no records on it.
The Raiden Network also has a real benefit, which is that it can save you miner fees. Currently, when we conduct transactions on the Ethereum main chain, we need to consume Gas and pay miner fees. Once the transactions are moved off-chain, we can save this part of the cost.
Of course, Raiden Network is not perfect. When using the Raiden Network, you need to use assets on the main chain as collateral; these assets serve as collateral and cannot be used until the user completes off-chain transactions. This also determines that thunder and lightning transactions are only suitable for small transactions.
The above is the problem of insufficient scalability of Ethereum, and the two main solutions currently proposed: sharding technology and Raiden Network.
2. Vulnerabilities in Ethereum’s smart contracts and the infamous The Dao incident
Ethereum’s smart contracts are very powerful, but all codes will have loopholes. Ethereum Smart The biggest controversy in the contract lies in the so-called loopholes, which is a security issue. According to relevant research, of the nearly 1 million smart contracts based on Ethereum, 34,200 (about 3%) were found to contain security vulnerabilities that would allow hackers to steal ETH, freeze assets or delete contracts. For example, the notorious The Dao event.
(1) What does Dao mean?
Before introducing The Dao incident, let us first introduce what DAO is. DAO is the abbreviation of Decentralized
Autonomous Organization, which can be understood as: decentralized autonomous organization. From the perspective of Ethereum, DAO is a certain type of contract on the blockchain, or a combination of contracts, which is used to replace government review and complex intermediate procedures to achieve an efficient and decentralized trust system. Therefore, DAO is not a specific organization. In other words, there can be many DAOs and various DAOs.
(2) The infamous The Dao incident
However, when we mention DAO now, we basically refer to The DAO incident, which is the infamous incident we just mentioned. A famous hacker attack. We know that The in English means specific, and The DAO incident
refers to the specific DAO incident, because we just said that DAO is not a specific organization, there can be many DAO, all kinds of DAO.
In 2016, Slock.it, a German company specializing in "smart locks", launched on Ethereum in order to achieve decentralized physical exchange (for example: apartments, boats) DAO project. And starting from April 30, 2016, the financing window was open for 28 days.
Unexpectedly, this DAO project was very popular. It raised more than 100 million US dollars in just half a month. By the end of the entire financing period, a total of 150 million US dollars had been raised. From this, it Became the largest crowdfunding project in history. However, the good times did not last long. By June, hackers exploited loopholes in smart contracts and successfully transferred more than 3.6 million ether coins and invested them into a DAO sub-organization, which has the same structure as The DAO. As a result, the price of Ethereum dropped directly from more than 20 US dollars to below 13 US dollars at that time.
This incident shows that smart contracts do have loopholes, and once the loopholes are exploited by hackers, the consequences will be very serious. This is why many people now criticize Ethereum, saying that its smart contracts are not smart.
Regarding this problem, many foreign companies have begun to provide code audit services in order to solve the vulnerability problem of smart contracts. From a technical perspective, some teams are currently testing smart contracts. Most of these teams are led by professors from Harvard, Stanford and Yale, and some teams have obtainedInvestment from leading institutions.
In addition to the current lack of scalability and smart contract loopholes in Ethereum, the controversy over Ethereum also lies in the POS consensus mechanism it pursues, which is the proof of equity mechanism. Under the proof of equity mechanism, if The greater the number of coins and the longer they hold the coins, the more "rights" (interest) they will receive, and the opportunity to obtain accounting rights, and receive rewards for accounting. In this way, it is easy to create a "strong" The oligopoly advantage of "the stronger the economy is."
Another problem is the chaos of ICO. ICO is a common way for blockchain projects to raise funds, and we can understand it as pre-sale. The explosion of ICO projects on Ethereum has given rise to illegal activities such as fund transfers and money fraud under the banner of ICO, posing security risks to social and financial stability.
IV What does DAO mean in the blockchain?
The full name of DAO in the blockchain is "Distributed Autonomous Organization", which is a kind of blockchain-based form of organizational structure. It can operate autonomously without intervention and management through some open and fair rules. These rules often appear in the form of open source software, and anyone can become a participant in the organization by purchasing shares in the organization or by providing services.
There are many changes in the form of DAO. It can be a certain digital currency, or it can be a system or institution, such as Yidao Community, which focuses on the DAO concept.
VI How did the currency circle know about hacker attacks for the first time?
Since the advent of cryptocurrency, it has been constantly attacked by hackers, which has continuously aroused the concern of investors. Worrying, just in February this year, Japanese digital currency exchange Coincheck had five billion US dollars worth of cryptocurrency stolen; in April, the AMO blockchain was hacked on the first day it went online, and the following currency circles are here to help. :How does the blockchain respond to hacker attacks?
How does the blockchain respond to hacker attacks?
Faced with successive attacks from hackers, some exchanges appear panicked At a loss, some immediately took measures to fight back against the hackers' attacks. The most typical example is that Ethereum chose to hard fork the blockchain to get back all the Ethereum coins, effectively solving this problem.
At that time, The DAO established a crowdfunding platform based on Ethereum smart contracts, but hackers transferred Ethereum with a market value of US$50 million. Subsequently, in order to restore investor assets, the Ethereum community voted to change the Ethereum code. Therefore, Ethereum performed a hard fork at block 1,920,000, rolling back all Ethereum coins (including those owned by hackers).
Seeing this, some people may ask: What is a hard fork?
Let’s first understand why a fork occurs, mainly because of a new Block is minedLater, the blockchain system will generate a new protocol, and this protocol will be incompatible with the old protocol. A hard fork means that the new protocol will no longer allow the old protocol to continue to work. Just like Ethereum, the protocol was changed to get the funds back, so a hard fork occurred.
There are precedents, and Ethereum (ETH) and Ethereum Classic (ETC) are typical cases of hard forks. It can be seen that the blockchain can effectively ensure the security of user data and personal assets through hard forks, and respond to hacker attacks.
In addition, in addition to fighting back hacker attacks through hard forks, some exchanges have also proposed other solutions, such as blockchain scalability solutions, multi-signature technology, etc.
Blockchain scalability solution
Ethereum co-founder Vitalik Buterin proposed a blockchain scalability solution called Plasma Cash that can help transactions Resist hacker attacks. At the same time, he said: Users can exit the program through Plasma at any time during the transaction process and withdraw cash.
Therefore, even if hackers use Plasma Cash for transactions, user assets will not be lost, and even crypto exchanges may use this technology to resist hacker attacks.
Multi-signature technology
Hackers once disclosed that Coincheck did not even take some basic security measures when it was attacked. The stolen cryptocurrency is stored in an Internet-connected wallet, while the funds are stored in the hardware. This makes people worry about the wallet. How can you access your wallet more securely?
Someone A solution was proposed: multisig technology can be combined to achieve multi-signature resistance, just like multiple keys are needed to open a home. Multi-signature means that multiple keys are needed to perform a task, which can make it more difficult for hackers to obtain funds.
The above is about how the blockchain responds to hacker attacks. However, the security of the above solutions still needs to be improved. These will be further answered as the technology is updated. We will wait and see for a perfect solution.
Ⅶ Why is blockchain not a “panacea” for all economic activities?
Recently, the most eye-catching thing that has appeared frequently in major public opinion media is undoubtedly the blockchain chain.
Third, blockchain data is completely open and transparent. If anti-anonymous identity screening technology is developed in the future, a user’s information can be seen through password cracking, and some key targets Location and identification are also possible, posing threats to data security and personal privacy.
Fourth, supervision is still on the way. Decentralization means that the main body is not clear, which also brings great difficulty to supervision; especially regulators under blockchain technology will face "a huge amount" data, improving the transparency of informationIt is difficult to achieve precise supervision without standardization. In addition, the vacancies and lag in the regulatory legal system have resulted in the lack of necessary institutional norms and legal protection for blockchain applications, increasing market risks.
Obviously, blockchain technology is not a "safe" that ensures the absolute security of the financial industry and other economic activities, nor is it a "panacea" that can serve all economic activities. Whether they are companies involved in the research and development and application of blockchain technology, or investors involved in investment in blockchain-related industrial projects, they should maintain a cautious and rational attitude.
Ⅷ What is Ethereum Classic and the relationship between Ethereum and Ethereum Classic
The concept of Ethereum was born in 2013. When Vitalik Buterin (Vitalik Buterin, generally known as Buterin in the currency circle) was still working as a programmer in the Bitcoin community, he suggested to the Bitcoin core developers to develop a language for application developers to Facilitates the development of various applications. Bitcoin Core developers disagree. So Buterin decided to develop a new platform for this purpose.
V God wrote the "Ethereum White Paper" in 2013, in which he explained the goal of building a decentralized program. In 2014, development funds were obtained through crowdfunding, and the Ethereum system was developed. (A better-used digital currency trading platform "Bihui")
After its birth, a total of four hard forks have been carried out so far.
The first time is to adjust the difficulty;
The second time is to release the stable version of "Homeland";
The fourth time is to prevent distributed denial of service attacks ( DDOS) and weight loss.
There was only the third hard fork, which was forced to be carried out due to a hacker attack. This is The DAO incident.
The DAO incident
On July 30, 2015, Buterin and the Ethereum Foundation created the first smart contract platform and designed TheDAO Ethereum contract.
The DAO smart contract was officially deployed on April 30, 2016, and the world’s largest crowdfunding was completed that year, reaching an astonishing US$150 million! (As a side note, the largest crowdfunding event in time is undoubtedly the EOS crowdfunding, which reached an even more astonishing US$5 billion!)
On June 17, 2016, The DAO was attacked by hackers , hackers stole approximately US$50 million in Ethereum, and the price plummeted from US$20 to US$15, causing huge harm to Ethereum. In order to recover the losses of investors, the community finally decided to hard fork.
So, on July 20, 2016, the hard fork was successful at block height 1920000. The new chain was called Ethereum ETH, and the original chain is now Ethereum Classic ETC.
Ⅸ How to solve blockchain security issues
One of the characteristics of blockchain projects (especially public chains) is open source. Improve the project's quality through open source codeCredibility also allows more people to participate. But the openness of source code also makes it easier for attackers to attack the blockchain system. There have been many hacker attacks in the past two years. Recently, the anonymous currency Verge (XVG) has been attacked again. The attacker has locked a vulnerability in the XVG code, which allows malicious miners to add false times to blocks. After stamping, new blocks were quickly mined, and nearly US$1.75 million worth of digital currency was obtained in just a few hours. Although the attack was successfully stopped, no one can guarantee whether the attacker will attack again in the future.
Of course, blockchain developers can also take some measures
The first is to use professional code audit services,
The second is to understand safe coding standards and nip problems in the bud.
Security of cryptographic algorithms
The development of quantum computers will bring major security threats to the cryptographic systems currently used. Blockchain mainly relies on the elliptic curve public key encryption algorithm to generate digital signatures for secure transactions. Currently, the most commonly used ECDSA, RSA, DSA, etc. cannot withstand quantum attacks in theory, and there will be greater risks. More and more Researchers are beginning to focus on cryptographic algorithms that are resistant to quantum attacks.
Of course, in addition to changing the algorithm, there is another way to improve security:
Refer to Bitcoin's handling of public key addresses to reduce the potential risks caused by public key leaks. As a user, especially a Bitcoin user, the balance after each transaction is stored in a new address to ensure that the public key of the address where Bitcoin funds are stored is not leaked.
Security of consensus mechanism
The current consensus mechanisms include Proof of Work (PoW), Proof of Stake (PoS), and Delegated Proof of Stake (DPoS). , Practical Byzantine Fault Tolerance (PBFT), etc.
PoW faces 51% attack problem. Since PoW relies on computing power, when an attacker has a computing power advantage, the probability of finding a new block will be greater than that of other nodes. At this time, it has the ability to undo transactions that have already occurred. It should be noted that even in this case, the attacker can only modify his own transactions and not the transactions of other users (the attacker does not have the private keys of other users).
In PoS, an attacker can only successfully attack when he holds more than 51% of the token amount, which is more difficult than 51% of the computing power in PoW.
In PBFT, the system is safe when the malicious nodes are less than 1/3 of the total nodes. In general, any consensus mechanism has its conditions for establishment. As an attacker, you also need to consider that once the attack is successful, the value of the system will be reduced to zero., at this time the attacker does not get any other valuable rewards except destruction.
For designers of blockchain projects, they should understand the advantages and disadvantages of each consensus mechanism, so as to choose an appropriate consensus mechanism or design a new consensus mechanism according to the needs of the scenario.
Security of smart contracts
Smart contracts have the advantages of low running costs and low risks of human intervention. However, if there are problems with the design of smart contracts, it may cause greater losses. In June 2016, The DAO, Ethereum's most crowdfunded project, was attacked. Hackers obtained more than 3.5 million Ethereum coins, which later caused Ethereum to fork into ETH and ETC.
The measures proposed in this regard have two aspects:
The first is to conduct security audits of smart contracts,
The second is to follow the principles of safe development of smart contracts.
The security development principles of smart contracts include: be prepared for possible errors and ensure that the code can correctly handle bugs and vulnerabilities; release smart contracts with caution, do functional testing and security testing, and fully consider boundaries; maintain The simplicity of smart contracts; pay attention to blockchain threat intelligence and check for updates in a timely manner; be clear about the characteristics of blockchain, such as cautiously calling external contracts, etc.
Security of digital wallets
Digital wallets mainly have three security risks: First, design flaws. At the end of 2014, a serious random number problem (duplication of R values) caused users to lose hundreds of digital assets in a certain lottery. Second, digital wallets contain malicious code. Third, lost assets caused by loss or damage of computers and mobile phones.
There are four main countermeasures:
The first is to ensure the randomness of the private key;
The second is to verify the hash value before installing the software to ensure that the digital wallet software has not been tampered with ;
The third is to use a cold wallet;
The fourth is to back up the private key.
