Tag: DAO

Categories
Crypto Guides

How to Audit a Smart Contract?

Introduction

Introduction

Introduction

Smart contracts are a self-executing piece of code, executable when certain predefined conditions are met. Ethereum enabled the birth of smart contracts. Since these contracts are based on blockchain technology, they cannot be changed once implemented.

Hence it is crucial to test them before deploying them accurately, and timely audits ensure the bug is fixed. In our previous articles, we have seen the DAO attack on the Ethereum platform due to which millions of dollars were lost. The Ethereum platform had to be hard forked to mitigate the loss henceforth.

Generally, audits are conducted to check for bug fixes. The audit is targeted in such a way to check for already known targets based on the experience of previous audits. Hence let us see below what kind of smart contract attacks there are.

Smart contract attacks

Race Conditions

Race conditions are a case where events don’t occur in an intended order. It is often required to call external contracts in smart contracts, and thus the possibility of race conditions is very high.

Reentrancy

This is a kind of race condition where one function is repeatedly called before the first function’s invocation is completed. This means making the first function recursive, the exact thing which happened in the DAO attack.

Transaction Ordering Dependence

This is yet another type of race condition where the manipulations can be done in terms of transaction orders. The transactions order can be manipulated and cheated at the expense of other users.

These are some of the types of smart contracts attacks. Let us see below the detailed step by step process of auditing a smart contract.

Steps to audit a smart contract

1️⃣ As in any audit process, the auditing company/group should clarify who they are and their authority to conduct the audit and procedures to be followed, if possible, from a legal perspective.

2️⃣ Audits are conducted on a deployed smart contract or a smart contract ready to be deployed in a blockchain. It is essential that a smart contract without any bugs is to be implemented.

3️⃣ A legal disclaimer, as such, the audit doesn’t provide any legal guarantee but fosters the discussion about the smart contracts bugs, if any, to fix them.

4️⃣ Attacks will be conducted as detailed above and see if they can be successfully implemented on the smart contract being audited.

5️⃣ Report the vulnerabilities and bugs if found any. Some may not seem like a potential threat right now, but they may turn out to be a serious flaw later; they have to be recognized and taken care of.

6️⃣ Contract complexity should be checked. Often complexity leads to mistakes, and the complex code should be thoroughly checked for any potential bugs.

7️⃣ Check how the contract responds to a bug or vulnerability. Contracts behavior in such times is essential to check if there will be any money loss, or the contract execution will stop showing potential issues is to be noted down.

8️⃣ All the security patches should be thoroughly updated so that all the libraries are up to date. The update should act like preventive maintenance.

The steps outlined above are very general in purpose in auditing a smart contract. Depending on the language we use for a smart contract, various steps can be followed. In any language used, these are the necessary steps one can follow before moving further with the in-depth analysis.

Categories
Crypto Guides

Some Of The High Profile Crypto Exchange Hacks You Must Know!

Introduction

Introduction

Introduction

Even though cryptocurrencies are secure, crypto exchanges are where hackers target to loot millions of dollars. No matter how big a cryptocurrency is with the hacks we have seen so far, the exchanges will inevitably be subject to hacks at some point in time. Even though it is 2020, almost ten years since the advent of bitcoin, the hacks have never been slowed down. This is why it is always advisable for the crypto investors to hold their assets in their personal wallets instead of storing them with the crypto exchange itself.

Let us look at some of the high-profile cryptocurrency hacks so far:

The Mt.Gox

Mt.Gox, a Japan-based cryptocurrency stock exchange, was the biggest and busiest of exchanges, with 70% of bitcoin transactions from all over the world was going in the platform back then in 2013-14. With cryptocurrency or cryptocurrency exchanges, there were no regulations. There were many loopholes in the company’s management, like there was no VCS, Version Control Software. The VCS mainly stores all the information of all the features, coding set up of a particular version of the software product.

Without proper VCS, we will not know what changes were made when and it would be practically impossible to go back to a particular version of the software if necessary. All the code changes were to be approved by the CEO himself, which is the biggest bottleneck. There was no testing policy; the developers develop code and deploy it without any particular testing, which is a disaster. All these underlying issues led to a massive hack amounting to $473 million worth of bitcoin in 2014, which eventually led to the closure of the exchange permanently.

The DAO Hack

Before the 2019 Hack of Ethereum classic, DAO hack was the major one in the Ethereum platform. DAO, Decentralized Autonomous Organization, is a smart contract that was supposed to revolutionize the platform. The DAO acts as a decentralized venture capital fund for all the future DAPPS getting developed in the platform. Anyone can buy DAO for some ether and gain voting rights for any proposed app developed in the platform.

If one doesn’t wish to vote any further or doesn’t want to contribute to an app they are not interested in, they can opt-out of DAO. The opting-out part is where the hackers aimed and hacked 50 million dollars in 2016. The opting-out function has been made recursive by hackers. Hence instead of returning the funds once, the system kept returning the funds until it was noticed and stopped. Due to this issue, Ethereum was hard forked into Ethereum and Ethereum Classic.

The Bitfinex Hack

The Bitfinex exchange for increasing the security and ease the transactions for the users came up with multi-sig wallets with the collaboration of Bitgo. Multi-signature wallets are such wallets that have multiple keys. One key is owned and stored by the company.  While the owner of the wallet has two keys, he may give one key to his trustworthy friend/relative, so that even he loses his key, he has a backup. Generally, the multi-signature wallets need two keys to operate.

These wallets are hot, and this additional security feature ironically led to the hack. However, there are many theories on how and why the hack happened. Bitfinex rose to limelight and gained the credibility back. $72 million worth of bitcoin was hacked due to which 20% of the value of each bitcoin was eroded.

Later we saw many hacks in different exchanges like Bithumb where $30 million worth of cryptocurrency was stolen. Coinrail was hacked for $37.2 million, BitGrail for $195 million, and Coincheck for $534 million.

Conclusion

While cryptocurrencies are no doubt safe, but one has to do their homework on the exchanges, they are transacting. Always store your cryptocurrency in your own hot/cold wallets. Crypto exchanges will always be targeted if they are doing business for very high value. They should voluntarily show the security measures they are taking to avoid any potential hack. No matter which cryptocurrencies one is trading with, due diligence on the exchange is first and foremost.

Categories
Crypto Guides

A Quick Introduction to Decentralized Autonomous Organization (DAO)

Introduction

Introduction

Introduction

The blockchain technology has been in the industry for quite a while. Cryptocurrencies were the first ones to experience the taste of blockchain technology. As years passed, many technologies were being prototyped using blockchain. Then came Decentralized Autonomous Organizations. Many blockchain geeks would already be aware of it, while the rest are still clueless about this concept though they’ve heard it. So, if you are still one of those who doesn’t understand DAO, then this article might help.

What is DAO?

The meaning of DAO lies in its name. DAO is an organization that is both decentralized and autonomous. Back then, it was only an idea but became practical with the assistance of blockchain.

As mentioned, DAOs are organizations that run in a decentralized and autonomous fashion. In other words, they operate without a centralized party that makes decisions. In fact, all the growth and profit are managed without any central authority. When it implemented via blockchain technology, they are bound to follow programmatic rules that are granted through consensus.

DAOs can, in fact, be related to mainstream companies, as both have predefined goals. However, the goals of mainstream companies can be altered and may not be enforced. But in the case of DAOs, the goals are digitally enforced, and hence no alteration is possible.

Let’s consider an example illustrated by Mike Hearn to visualize the concept of DAO. He objectified DAO to a driverless car that acts like a taxi. It charges the passengers as a rental. After the journey, the profits are used to fuel the car at the gas station. In the whole process, the car does not require any human effort to figure out what to do, as everything is programmed initially.

Key Features of DAO

The first feature is obviously the autonomous nature of DAO. This means that any outside forces cannot corrupt a deployed function. In addition, their open-source nature makes it transparent. This eliminates the doubt for a trusted third party. There are tokens of all transactions, which are used for rewarding. With the non-hierarchical structure of DAO, all the funding takes place only during development and is distributed equally.

The Reason of Existence

Apart from a predefined goal, DAOs contrast with other organizations. In the present world, every organization out there is centralized. So, the only reason for the existence of DAOs is to take advantage of a highly efficient, autonomous, and decentralized system of governance. If organizations work like the DAOs, then there would be no time wastage and effort from an intermediary to control the organization. Instead, all the work would be done by itself.

The Advantage Over Traditional Governance

Governance simply refers to the interaction between various entities based on specific rules and norms and on how they are regulated and structured. Every governance in a company follows a top-down approach. In such an approach, there arises issues and dilemmas. For example, an agent can make a decision with their own choice as a result would not affect them.

If the decision turns out to be risky for business and expensive, the one to suffer would be the principal (a higher position), not the agent from a lower position. But, with DAOs, the costs, as well as the principal-agent dilemma, would be reduced because DAOs utilize smart contracts and blockchain technology in its working.

Categories
Cryptocurrencies

What are DAOs and DACs? 

The days are long gone when bitcoin was the hype surrounding blockchain technology. The blockchain space had expanded in ways no one could have envisioned when the technology was still in infancy. One of the most exciting topics in the space right now is that of decentralized autonomous entities. 

The days are long gone when bitcoin was the hype surrounding blockchain technology. The blockchain space had expanded in ways no one could have envisioned when the technology was still in infancy. One of the most exciting topics in the space right now is that of decentralized autonomous entities. 

The days are long gone when bitcoin was the hype surrounding blockchain technology. The blockchain space had expanded in ways no one could have envisioned when the technology was still in infancy. One of the most exciting topics in the space right now is that of decentralized autonomous entities. 

Decentralized autonomous organizations (DAOs) are an entirely new phenomenon that might very well shake up the current organizational set up as we know it. This piece breaks down DAOs, together with their equally interesting subgroup known as decentralized autonomous companies (DACs). 

What are DAOs and DACs? Where do humans fit in, if at all? What does this mean for the future of the corporate space? Let’s find out.

Decentralized Organizations 

To begin to explore decentralized autonomous organizations and decentralized autonomous corporations (companies), we need to first understand the concept of decentralized organizations. A decentralized organization follows the very same concept of traditional organizations – only this time, it decentralizes it. A traditional organization features a hierarchical structure with human beings interacting with each other and running operations based on a set of rules. 

Now, a decentralized organization also features human beings interacting with each other, but this time following a protocol that is coded and enforced on the blockchain. A decentralized organization does not mean that operations are automated. Rather, decisions and operations and the direction of the organization are still determined by humans.

Concepts underlying DAOs and DACs

There are several concepts that are underlying the entire DAO and DAC model that we need to familiarize ourselves with, first. Let’s get a grasp of them below:

☑️Smart contracts: A smart contract is a contract that is self-verifying and self-enforcing when certain conditions have been met. A smart contract is much like a traditional contract but without the intermediaries like lawyers, accountants, and so on. Since a smart contract does not need third parties to oversee is execution, it’s way more economical in terms of time and costs.

☑️Autonomous agent: These are software entities that can conduct a set of operations on behalf of a user or another program. Autonomous agents are either completely autonomous or possess a certain degree of autonomy. Autonomous agents act with inspiration or understanding of the user’s wishes or desires.

☑️Internal capital: This is property belonging to an organization and which can be transferred to other parties. Internal capital can either be physical or virtual.

☑️Decentralized application: This is an application that runs on a distributed network. These applications are not controlled by any single authority, neither can they be shut down or experience downtime since they run on a distributed network of computers, thus eliminating a single point of failure. 

Decentralized Autonomous Organizations (DAOs) 

A DAO is an entity that operates purely on the internet and whose operations are autonomous, though these operations are input by humans. To understand what a DAO is, it helps to think in terms of what it is not. 

Let’s begin by looking at decentralized applications (DAs). A DAO is a DA, but with internal capital. This means that a DAO has some sort of property that has value, and it can use this property to reward certain activities or transfer that property to some external entities. A DAO also utilizes autonomous agents to carry out some activities in place of humans. 

So we can say a DAO relies on human input to kick off operations – with the operations being automated, that is, independent of human intervention. As such, a DAO can be described as being automated at the center, but having human action at the edges.

Decentralized Autonomous Companies/Corporations (DACs) 

Now we come to DACs. DACs are a subset of (DAOs). We can look at it this way: all DACs are DAOs, but not all DAOs are DACs. One standout feature of DACs is that they are profit-driven. A DAC has stakeholders who have a right to the share of profits that it generates.

What Are The Benefits Of DAOs and DACS?  

Both DAOs and DACS present with some benefits of their underlying automation-at-the-center, humans-at-edge model. 

i) A Borderless and Non-Jurisdictional Organization  

Let’s contrast this with the traditional model of organizations. These organizations possess a corporate personality, exist within a physical space, provide physical goods and services, and operations are run by paid employees. This system is subject to a ton of regulations and rules, as well as legal, accounting, and energy costs. 

A DAO can circumvent some or even all of these issues. This doesn’t mean that a DAO will be exempt from corporate laws. Regulators will most likely take this position: If it looks like a duck and quacks like a duck, it’s probably a duck. However, the very nature of a DAO will enable it to sidestep some of the issues that a traditional organization can simply not avoid. 

 ii) An Increased Sense of Ownership for Members

The traditional model of companies concentrates much of the decision-making power and money at the top. Shareholders take the biggest piece of the pie, followed by executives, then top-level management. The average employee is consigned to the very bottom of the rung. This model is not the most ideal for modern corporate space. Research shows a hierarchical structure negatively impacts employee satisfaction, job quality, loyalty, and morale. 

DAOs can solve this by providing everyone with a monetary and decision-making stake, as well as fostering feelings of belonging and ‘buy-in’. This results in more motivated employees who will dedicate the time and effort into the long-term success and thriving of an organization. 

iii) Ability to Foster New Business Relationships 

The importance of business-to-business relationships cannot be overstated. Arrangements such as joint ventures, partnerships, and so on can enable companies to work together and save resources, promote trust, and define their own market-friendly rules. The ability for this to happen in an open, transparent, and autonomous manner is a win for all parties involved.

iv) Early Preparation for the Future of Decentralized Organizations 

With the increasing recognition and adoption of blockchain and smart contracts, it’s a matter of time before businesses take it “on-chain”. In the future, contracts and online agreements that do not have some sort of smart contract functionality will be treated with suspicion because people will see it as an unwillingness to do business in a trustless environment.  

The question “what are you hiding?” will not be too off the mark. As such, on-chain based organizations will be best positioned to take advantage of the opportunities of the model as well as trailblaze the field. Also, blockchain makes things more efficient – and this will enable such companies to knock off the competition and become a source of pride for their members. 

What’s So Special About The DAO and DAC Model?   

The DAO and DAC model proposes utilizing the blockchain to automate the vast majority of internal functions, as well as external engagements. The big vision here is an ecosystem of automated, borderless organizations all running on enterprise blockchains. What is so special about this model? Why should businesses and, indeed, the world pay attention? 

Openness means total transparency in the organization’s operations. The blockchain-based way of doing things means functions such as voting, financial records and payroll management, constitutional procedures, and so on are done in a completely transparent fashion. Minority shareholders never have to worry that the majority of shareholders are partaking in dubious activities. 

Also, members are sure that there is no misappropriation of funds taking place. A blockchain-based business can also utilize a multi-signature wallet that requires every member to authorize transactions. In short, there is fairness and risks are mitigated. 

Automation through smart contracts takes everything to a new level of excitement. Employees can be assured that there are funds to reward them for their work before they can begin on projects. Employers can ascertain that employee credentials are up to the mark, and outside engagements can be arranged without the need for outsourcing.

The DAO model is blockchain-native. Decentralized applications will enable companies to utilize blockchain technology to a certain extent. But DAOs will take things to new levels by incorporating functionalities into the blockchain structure. This will lead to frictionless operations and create an environment where enterprises can reap the full benefits of blockchain.

Final Thoughts 

These organizations are not just a theoretical concept. Projects like Aragon, Bitshares, and Colony have already taken the mantle in this space. Satoshidice, an online casino, is another unexpected entity that embodies what a DAC is. With projects like these already up and running, it’s clear that we’ve barely scratched the surface of what the DAO model is truly capable of becoming. 

Categories
Crypto Guides

DASH – Everything You Should Know About This New Age Cryptocurrency

Introduction
The word “Dash” is created from Digital Cash, thus signifying it is a virtual currency in its name itself. This coin was introduced by Evan Duffield in 2014, initially

Introduction
The word “Dash” is created from Digital Cash, thus signifying it is a virtual currency in its name itself. This coin was introduced by Evan Duffield in 2014, initially

Introduction

The word “Dash” is created from Digital Cash, thus signifying it is a virtual currency in its name itself. This coin was introduced by Evan Duffield in 2014, initially naming it as Xcoin. Later it got rebranded as Darkcoin as it was being used in the dark web for illegal activities due to its inherent features. The coin finally got renamed as Dash in March 2015. Dash is significantly different from the other cryptocurrencies in the market. It is an open-source cryptocurrency run in the form of DAO – Decentralized Autonomous Organization. We ll understand what a DAO in the latter part of the article.

Objective

Dash is created by forking the bitcoin network. Evan Duffield thought the bitcoin protocol could be improvised, especially the transaction speed and the governance structure, and thus started dash as an altcoin to bitcoin. The source code for the coin was taken from the bitcoin itself. Some tweaks were made to improvise the functioning as required. The block timing, i.e., the time taken to mine a single block, is 2.5 minutes compared to 13 minutes of bitcoin, thus making it four times faster. Apart from the transaction speed, the transaction in DASH is more private than the original bitcoin protocol.

Consensus

Dash uses a combination of Proof of Work (POW) and Proof of Stake (POS) mechanisms. Primarily it uses POW using a hash function called “X11”. While POS functionalities are used to reward its miners for hosting, maintaining, and updating the blockchain. Every cryptocurrency must have nodes to perform different activities in the network, but dash has two types of nodes, masternodes and normal nodes.

Difference between masternodes and normal nodes

Nodes are nothing but computational devices in the network used to host, validate, maintain the ledger copies, and secure the system. The masternodes perform all these duties while also having the vote function for the governance of the network. Masternodes contain the complete copy of the ledger, while normal nodes can have a partial copy. Normal nodes help in mining more coins as they concentrate on only mining. To be a masternode, one should deposit an upfront sum of 1000 Dash coins with a specific set of hardware requirements like RAM, hard disk space, CPU, and network bandwidth.

Masternodes help in the special transactions that DASH has to offers. They are PrivateSend and InstaSend.

PrivateSend

PrivateSend is used if the transactions need to be untraceable. This is achieved by dividing the entire size of the transaction to the small similar size transactions and mix them before executing a transaction. This makes the transaction untraceable as the senders and receiver’s accounts are not noticeable.

InstaSend

InstaSend feature is the extraordinary feature offered by the Dash. The validation process is done by only masternodes, thus making them instantaneous in real-time. This enables real transactions using Dash and can be used with merchants.

DAO

Decentralized Autonomous Organizations are the ones that work autonomously based on the precoded set of rules during the company’s inception. The founders and shareholders make decisions based on the voting process, and hence they are very transparent. DASH is essentially a DAO.

Market Cap

Dash currently occupies 18th position in the market cap with $625 million in value. The current trading price of the dash is $68.67, with a 24-hour trading volume of $216 million.

With all these features, Dash is amongst the most distinguishable cryptocurrencies out there, which proves that real-time usage of cryptocurrencies in our day to day life is indeed possible.