Stephan Tual, COO and Co-Founder of Slock.it has revealed a new Security-oriented proposal to The DAO, the plan includes the creation of a DAO Security team, a dedicated squad of experts to create and overview a security framework to protect The DAO from all kinds of attacks.
Ethereum and The DAO have gathered mainstream coverage from major outlets, increasing the public exposure of the technology, additionally, The DAO holds now more than 14% of all the ether in circulation, the stakes are high, and a failure or crash events in any of both platforms could gravely affect each other. Tual outlines it:
This is all new territory, and as we and many others have pointed out, it certainly does not come without risk. For this reason, alongside our Proposal for the development of the Universal Sharing Network and Ethereum Computer, we will also make a Proposal for the formation of a “DAO Security” group.
This proposal aims to strengthen the security of operations of The DAO, the plan includes the development of the DAO framework 1.1, including hotfixes to attack vectors uncovered by members of the community, in the last couple of months, people have submitted possible vulnerabilities for review, one of those vectors was recently outlined by Vlad Zamfir and its called ‘The Stalker Attack’, other issues and fixes are described in the DAO’s GitHub page.
Another key point of the new Slock.it proposal includes the creation of a monitoring unit comprised of 2-3 security analysts, including DAO Framework Author Christoph Jentzsch to ‘continuously monitor, pre-empt and avert any potential attack vectors The DAO may face, including social, technical and economic attacks‘.
The team will also dedicate time to research the already know attack proposals and vectors.
This will include highlighting 51% attacks, mis-matched bytecode, and social engineering/collusion attacks.
Should the proposal be accepted, the analyst team will release a monthly report to The DAO Token Holders detailing frustrated attacks, updates on The DAO security and modifications made to the framework, if any. A bug bounty program will be also established to encourage the research on the DAO’s security. A costs breakdown of these services can be found on Tual’s blog post, but the grand total accounts for 125,000 ETH.
Reactions to this new proposal haven’t been very well received by members of the Ethereum-related subreddits, with some claiming that “Slock.it have finally lost their damn minds with this proposal”, other users are more pragmatic about it, stating the need for a dedicated team to address possible security vulnerabilities on major DAOs.
Ultimately, the community isn’t going to be forced to accept such proposals, and negotiations may take place to achieve consensus.
Apple users can now download the app of The Merkle in the App Store!
If you liked this article follow us on twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin and altcoin price analysis and the latest cryptocurrency news.