D
demo
Guest
http://hackingdistributed.com/2016/06/18/analysis-of-the-dao-exploit/
Told ya. Voting period must never expire. Polls must be permanent. Any decision must be revertable. Any hardcoded number must be voted, and be voted using numbers. The opinion of the newcomers and of the future generations must be respected.
And so it goes:
- Proposea split and wait until the voting period expires. (DAO.sol, createProposal)
- Execute the split. (DAO.sol, splitDAO)
- Let the DAO send your new DAO its share of tokens. (splitDAO -> TokenCreation.sol, createTokenProxy)
- Make sure the DAO tries to send you a reward before it updates your balance but after doing (3). (splitDAO -> withdrawRewardFor -> ManagedAccount.sol, payOut)
- While the DAO is doing (4), have it run splitDAO again with the same parameters as in (2) (payOut -> _recipient.call.value -> _recipient())
- The DAO will now send you more child tokens, and go to withdraw your reward before updating your balance. (DAO.sol, splitDAO)
- Back to (5)!
- Let the DAO update your balance. Because (7) goes back to (5), it never actually will
.
Told ya. Voting period must never expire. Polls must be permanent. Any decision must be revertable. Any hardcoded number must be voted, and be voted using numbers. The opinion of the newcomers and of the future generations must be respected.
Last edited by a moderator: