Griff Green: The DAO hack ignited Ethereum’s security industry, $200 million in unclaimed funds remain, and why crypto operates as a push tool | Unchained

Griff Green: The DAO hack ignited Ethereum’s security industry, $200 million in unclaimed funds remain, and why crypto operates as a push tool | Unchained

Lessons from the DAO hack highlight the urgent need for improved security in the Ethereum ecosystem

Listen on Unchained

Share

Add us on Google
by Editorial Team | Powered by Gloria

Key takeaways

  • The DAO hack played a crucial role in kickstarting the security industry within the Ethereum ecosystem.
  • The DAO security fund will manage unclaimed funds from the DAO hack, now valued at approximately $200 million.
  • Unique among crypto hacks, the DAO hack resulted in all affected parties recovering their funds.
  • Constructive criticism can lead to better outcomes in crypto projects if approached with an open mind.
  • Security in Ethereum and crypto needs significant improvement for user safety.
  • The DAO incident was pivotal for the development of DAOs and smart contract security in Ethereum.
  • The DAO’s design allowed for the creation of sub-DAOs, leading to the formation of hundreds after the hard fork.
  • The hard fork consolidated ETH from DAO contracts for claims, impacting its financial management.
  • Crypto operates as a push tool, contrasting with traditional banking’s pull method.
  • Claims for DAO funds are open indefinitely, ensuring long-term accessibility.
  • The DAO space is at a low point, needing better bottom-up decision-making tools.
  • Ethereum security projects and Layer 2 solutions are the primary focus of current grants.
  • The Ethereum Foundation collaborates with round operators for project funding.
  • Hot wallets are insecure and can be exploited by scammers.
  • The scamming industry is fueled by vulnerabilities in key storage, being a major cybercrime sector.

Guest intro

Griff Green is Co-Founder at Giveth, q/acc, and Unicorn.eth. One of the original DAO curators and a co-founder of the White Hat Group, he helped secure at-risk funds representing 10% of the total ETH supply during the 2016 DAO hack.

The DAO’s impact on Ethereum security

  • “The DAO played a crucial role in kickstarting the security industry in Ethereum.” – Griff Green
  • The DAO incident highlighted the need for improved security measures in the Ethereum ecosystem.
  • “The DAO security fund will focus on managing leftover funds from the DAO hack, which are now worth approximately $200 million.” – Griff Green
  • The DAO hack is unique because it resulted in all affected parties recovering their funds.
  • “I think the DAO hack is like the only hack where everyone got their money back and everyone made money on top of it just kinda crazy to me.” – Griff Green
  • Challenges and criticism can lead to better outcomes if approached with an open mind.
  • “I think if you’re open minded to advice and you know the influence of other people and you take it as constructive you end up with a better outcome.” – Griff Green
  • Security in Ethereum and crypto needs significant improvement to ensure user safety.
  • “I feel like we’ve been kinda stuck in a rut for the last six years even but not making major progress on improving security for the normal layperson to feel comfortable putting their life savings into crypto assets.” – Griff Green

The evolution of DAOs and smart contracts

  • “The DAO incident was a pivotal moment for the development of DAOs and smart contract security in Ethereum.” – Griff Green
  • The DAO was designed to allow anyone to create sub-DAOs, leading to the formation of hundreds after the hard fork.
  • “The way the DAO worked is like anyone who is in the DAO could actually spawn off a sub DAO… it formed hundreds of DAOs after it.” – Griff Green
  • The hard fork took the ETH out of every contract associated with the DAO and consolidated it for claims.
  • “When the hard fork happened it took the ETH out of every contract associated with the DAO… and put it in one place.” – Griff Green
  • The recovery effort for the DAO resulted in reclaiming a significant amount of ETH.
  • “Had child DAOs right they had split from the DAO… now there’s only about 2 ether left unclaimed.” – Griff Green
  • A significant portion of the extra balance from the DAO token sale remains unclaimed.
  • “That is by far the largest bucket this 20% of $34,400,000 ETH… about 70,000 ETH that’s unclaimed.” – Griff Green

Crypto as a push tool and its implications

  • Crypto operates as a push tool, where users send funds to contracts, rather than pulling funds like traditional banking methods.
  • “There’s something about crypto being like a push tool not a pull tool… people just push their money in the wrong places.” – Griff Green
  • The withdraw contract ensures that 100 DAO tokens will always be worth 1 ETH.
  • “It’s a contract that will forever collateralize 100 DAO tokens will always be worth 1 ETH.” – Griff Green
  • Claims for DAO funds will always be open indefinitely, ensuring that no one will miss the opportunity to claim their funds.
  • “The kind of like upshot is that for anybody who had money in the DAO… claims are open indefinitely.” – Griff Green
  • The promotion of the DAO’s claims process may lead to an increase in individuals coming forward to claim their funds.
  • “I hope that by doing this… someone will be like wait a second I had money in the DAO I need to go get that.” – Griff Green

Current challenges and future prospects for DAOs

  • The DAO space is currently at a low point, and there’s a need for better bottom-up decision-making tools.
  • “I feel like the DAO space is actually really at a low point probably the lowest… I wanna see us derive actual bottom up decision making tools.” – Griff Green
  • There will likely be several more revolutions this year, indicating a growing demand for decentralized governance tools.
  • “There were three revolutions last year… and there’s gonna be more this year.” – Griff Green
  • The focus will be on DAO-style distributions for funding security initiatives, utilizing various decision-making methods.
  • “We’re gonna focus on DAO style distributions… retro funding quadratic funding conviction voting maybe an RFP.” – Griff Green
  • The focus of our grants is primarily on Ethereum security projects and Layer 2 solutions.
  • “We’re mostly focused on Ethereum security projects… we’re really focused on Ethereum and L2s.” – Griff Green

The importance of collaboration in Ethereum’s security ecosystem

  • The Ethereum Foundation’s grants management process involves collaboration with round operators to manage project funding.
  • “We’re working directly with them to decide which projects would be eligible for the rounds.” – Griff Green
  • Seal 911 is a critical initiative for providing immediate assistance to individuals who have been hacked or phished.
  • “They are the frontline when someone gets hacked or phished and they need help you call Seal 911.” – Griff Green
  • Hot wallets are fundamentally insecure and can be exploited by scammers.
  • “Hot wallets are a bug that account that you have on Metamask or Ravi… you’re effectively fueling a huge industry of scammers.” – Griff Green
  • A systemic approach is needed to improve wallet security rather than relying on a single solution.
  • “We need an ecosystem of support… it’s not like there’s gonna be one magical solution.” – Griff Green

The human element behind scams and the need for better security

  • The scamming industry is one of the largest cybercrime industries, fueled by vulnerabilities in how keys are stored.
  • “The main thing fueling it is keys in your browser… it’s one of the largest cybercrime industry.” – Griff Green
  • Many scammers are victims themselves, often coerced into their roles.
  • “A lot of the scammers that you interact with… they’re basically enslaved in these camps.” – Griff Green
  • Walrus enables developers to encrypt data and control access, facilitating innovative applications.
  • “Walrus lets developers encrypt data with our primitive called seal… everything is enforced on chain.” – Griff Green
  • Current DAOs are primarily focused on corporate governance, which limits their potential.
  • “I was excited about building something better than governments… the current application of DAOs is mostly for corporate governance.” – Griff Green

Enhancing decision-making in DAOs through innovative tools

  • Quadratic funding and algorithmic voting tools are essential for effective decision-making in DAOs.
  • “The only tools I’ve seen come out that actually address this is quadratic funding… those are the tools that I’m really excited about.” – Griff Green
  • The future of DAOs will involve more collective decision-making with larger groups of people.
  • “I wanna see 200 500 people be decision makers and collectively come to a consensus.” – Griff Green
  • The security of funds in old contracts is risky due to outdated technology and potential vulnerabilities.
  • “The security of these funds it’s not bad but it’s a little risky for $200,000,000 to be sitting in this old contract.” – Griff Green
  • Old multisig contracts lack the infrastructure to safely manage transactions compared to newer solutions.
  • “The infrastructure around these funds is not really the old multisig doesn’t have the infrastructure that safe does.” – Griff Green

The DAO’s strategic approach to funding and collaboration

  • The DAO plans to distribute grants based on the current yield from Ether, which is projected to be around $8 million this year.
  • “Right now with the price of Ether as it is it would generate about $8,000,000 in yield this year.” – Griff Green
  • The DAO will take a cautious approach to grant distribution to avoid the mistakes of other DAOs that overspend too quickly.
  • “We’re not gonna repeat that mistake we’re gonna go slow we’re gonna get our feet under ourselves.” – Griff Green
  • The DAO aims to collaborate with the broader Ethereum ecosystem to identify and fund security initiatives.
  • “We need to be working with L2s large dapps wallets and all the entire ecosystem to figure out what these problems are.” – Griff Green
  • The role of curators in the DAO was to validate proposals and ensure the legitimacy of both the proposer and the code involved.
  • “Their role was to make sure that for anybody who made a proposal that they were who they like the connection between who they were and the proposal was like legit.” – Griff Green

Security enhancements and the role of leadership in Ethereum

  • Vitalik and Vlad remained involved in the DAO after the hack, demonstrating their commitment to the project.
  • “But Vitalik and Vlad stayed on and then so they’re they’re still OG.” – Griff Green
  • The DAO security fund will now manage claims with an expanded team of curators.
  • “The DAO security fund itself is gonna now manage those claims and we’re by doing that we’re actually gonna have seven new curators.” – Griff Green
  • Vitalik’s active involvement in the DAO shows the importance of security for Ethereum.
  • “It shows how important security is for Ethereum to have the founder be active in this.” – Griff Green
  • Ethereum is the most secure blockchain, but it still requires improvements.
  • “I think it can be I think it still needs improvements all of them do we’re not there yet.” – Griff Green

User security and the importance of operational security

  • Users should prioritize using hardware wallets for better security.
  • “For the users… buy a hardware wallet don’t store your keys on your computer… it’s worth it.” – Griff Green
  • Developers often underestimate the importance of operational security (opsec).
  • “I think probably the thing that most developers don’t appreciate the most is opsec.” – Griff Green
  • Operational security is crucial for blockchain developers and founders.
  • “Operational security is probably the most important thing that any blockchain developer could do or founder.” – Griff Green
  • Hackers can exploit vulnerabilities in code repositories to install malware.
  • “You can’t just run someone else’s code on your computer… npm just like auto installs some malware.” – Griff Green

Reputation, user experience, and the value of historical resources

  • Reputation is worth significantly more than money in the long run.
  • “I think like reputation is worth way more than money way more than money.” – Griff Green
  • The hardest part of rescuing funds is returning them to the rightful owners.
  • “You can rescue the money in a couple of seconds… the grueling hardest part is just trying to give it back to people.” – Griff Green
  • Taylor Monahan’s tool significantly improved the user experience for claiming DAO tokens.
  • “Taylor made this incredible user experience where you could click one button with your key and you would claim on etc.” – Griff Green
  • His book is considered the best resource on the early days of Ethereum and the DAO.
  • “Your book is by far the number one resource on early days Ethereum but especially the DAO.” – Griff Green
PODCAST NOTES

Griff Green: The DAO hack ignited Ethereum’s security industry, $200 million in unclaimed funds remain, and why crypto operates as a push tool | Unchained

Griff Green: The DAO hack ignited Ethereum’s security industry, $200 million in unclaimed funds remain, and why crypto operates as a push tool | Unchained

Lessons from the DAO hack highlight the urgent need for improved security in the Ethereum ecosystem

Listen on Unchained
by Editorial Team | Powered by Gloria

Share

Add us on Google

Key takeaways

  • The DAO hack played a crucial role in kickstarting the security industry within the Ethereum ecosystem.
  • The DAO security fund will manage unclaimed funds from the DAO hack, now valued at approximately $200 million.
  • Unique among crypto hacks, the DAO hack resulted in all affected parties recovering their funds.
  • Constructive criticism can lead to better outcomes in crypto projects if approached with an open mind.
  • Security in Ethereum and crypto needs significant improvement for user safety.
  • The DAO incident was pivotal for the development of DAOs and smart contract security in Ethereum.
  • The DAO’s design allowed for the creation of sub-DAOs, leading to the formation of hundreds after the hard fork.
  • The hard fork consolidated ETH from DAO contracts for claims, impacting its financial management.
  • Crypto operates as a push tool, contrasting with traditional banking’s pull method.
  • Claims for DAO funds are open indefinitely, ensuring long-term accessibility.
  • The DAO space is at a low point, needing better bottom-up decision-making tools.
  • Ethereum security projects and Layer 2 solutions are the primary focus of current grants.
  • The Ethereum Foundation collaborates with round operators for project funding.
  • Hot wallets are insecure and can be exploited by scammers.
  • The scamming industry is fueled by vulnerabilities in key storage, being a major cybercrime sector.

Guest intro

Griff Green is Co-Founder at Giveth, q/acc, and Unicorn.eth. One of the original DAO curators and a co-founder of the White Hat Group, he helped secure at-risk funds representing 10% of the total ETH supply during the 2016 DAO hack.

The DAO’s impact on Ethereum security

  • “The DAO played a crucial role in kickstarting the security industry in Ethereum.” – Griff Green
  • The DAO incident highlighted the need for improved security measures in the Ethereum ecosystem.
  • “The DAO security fund will focus on managing leftover funds from the DAO hack, which are now worth approximately $200 million.” – Griff Green
  • The DAO hack is unique because it resulted in all affected parties recovering their funds.
  • “I think the DAO hack is like the only hack where everyone got their money back and everyone made money on top of it just kinda crazy to me.” – Griff Green
  • Challenges and criticism can lead to better outcomes if approached with an open mind.
  • “I think if you’re open minded to advice and you know the influence of other people and you take it as constructive you end up with a better outcome.” – Griff Green
  • Security in Ethereum and crypto needs significant improvement to ensure user safety.
  • “I feel like we’ve been kinda stuck in a rut for the last six years even but not making major progress on improving security for the normal layperson to feel comfortable putting their life savings into crypto assets.” – Griff Green

The evolution of DAOs and smart contracts

  • “The DAO incident was a pivotal moment for the development of DAOs and smart contract security in Ethereum.” – Griff Green
  • The DAO was designed to allow anyone to create sub-DAOs, leading to the formation of hundreds after the hard fork.
  • “The way the DAO worked is like anyone who is in the DAO could actually spawn off a sub DAO… it formed hundreds of DAOs after it.” – Griff Green
  • The hard fork took the ETH out of every contract associated with the DAO and consolidated it for claims.
  • “When the hard fork happened it took the ETH out of every contract associated with the DAO… and put it in one place.” – Griff Green
  • The recovery effort for the DAO resulted in reclaiming a significant amount of ETH.
  • “Had child DAOs right they had split from the DAO… now there’s only about 2 ether left unclaimed.” – Griff Green
  • A significant portion of the extra balance from the DAO token sale remains unclaimed.
  • “That is by far the largest bucket this 20% of $34,400,000 ETH… about 70,000 ETH that’s unclaimed.” – Griff Green

Crypto as a push tool and its implications

  • Crypto operates as a push tool, where users send funds to contracts, rather than pulling funds like traditional banking methods.
  • “There’s something about crypto being like a push tool not a pull tool… people just push their money in the wrong places.” – Griff Green
  • The withdraw contract ensures that 100 DAO tokens will always be worth 1 ETH.
  • “It’s a contract that will forever collateralize 100 DAO tokens will always be worth 1 ETH.” – Griff Green
  • Claims for DAO funds will always be open indefinitely, ensuring that no one will miss the opportunity to claim their funds.
  • “The kind of like upshot is that for anybody who had money in the DAO… claims are open indefinitely.” – Griff Green
  • The promotion of the DAO’s claims process may lead to an increase in individuals coming forward to claim their funds.
  • “I hope that by doing this… someone will be like wait a second I had money in the DAO I need to go get that.” – Griff Green

Current challenges and future prospects for DAOs

  • The DAO space is currently at a low point, and there’s a need for better bottom-up decision-making tools.
  • “I feel like the DAO space is actually really at a low point probably the lowest… I wanna see us derive actual bottom up decision making tools.” – Griff Green
  • There will likely be several more revolutions this year, indicating a growing demand for decentralized governance tools.
  • “There were three revolutions last year… and there’s gonna be more this year.” – Griff Green
  • The focus will be on DAO-style distributions for funding security initiatives, utilizing various decision-making methods.
  • “We’re gonna focus on DAO style distributions… retro funding quadratic funding conviction voting maybe an RFP.” – Griff Green
  • The focus of our grants is primarily on Ethereum security projects and Layer 2 solutions.
  • “We’re mostly focused on Ethereum security projects… we’re really focused on Ethereum and L2s.” – Griff Green

The importance of collaboration in Ethereum’s security ecosystem

  • The Ethereum Foundation’s grants management process involves collaboration with round operators to manage project funding.
  • “We’re working directly with them to decide which projects would be eligible for the rounds.” – Griff Green
  • Seal 911 is a critical initiative for providing immediate assistance to individuals who have been hacked or phished.
  • “They are the frontline when someone gets hacked or phished and they need help you call Seal 911.” – Griff Green
  • Hot wallets are fundamentally insecure and can be exploited by scammers.
  • “Hot wallets are a bug that account that you have on Metamask or Ravi… you’re effectively fueling a huge industry of scammers.” – Griff Green
  • A systemic approach is needed to improve wallet security rather than relying on a single solution.
  • “We need an ecosystem of support… it’s not like there’s gonna be one magical solution.” – Griff Green

The human element behind scams and the need for better security

  • The scamming industry is one of the largest cybercrime industries, fueled by vulnerabilities in how keys are stored.
  • “The main thing fueling it is keys in your browser… it’s one of the largest cybercrime industry.” – Griff Green
  • Many scammers are victims themselves, often coerced into their roles.
  • “A lot of the scammers that you interact with… they’re basically enslaved in these camps.” – Griff Green
  • Walrus enables developers to encrypt data and control access, facilitating innovative applications.
  • “Walrus lets developers encrypt data with our primitive called seal… everything is enforced on chain.” – Griff Green
  • Current DAOs are primarily focused on corporate governance, which limits their potential.
  • “I was excited about building something better than governments… the current application of DAOs is mostly for corporate governance.” – Griff Green

Enhancing decision-making in DAOs through innovative tools

  • Quadratic funding and algorithmic voting tools are essential for effective decision-making in DAOs.
  • “The only tools I’ve seen come out that actually address this is quadratic funding… those are the tools that I’m really excited about.” – Griff Green
  • The future of DAOs will involve more collective decision-making with larger groups of people.
  • “I wanna see 200 500 people be decision makers and collectively come to a consensus.” – Griff Green
  • The security of funds in old contracts is risky due to outdated technology and potential vulnerabilities.
  • “The security of these funds it’s not bad but it’s a little risky for $200,000,000 to be sitting in this old contract.” – Griff Green
  • Old multisig contracts lack the infrastructure to safely manage transactions compared to newer solutions.
  • “The infrastructure around these funds is not really the old multisig doesn’t have the infrastructure that safe does.” – Griff Green

The DAO’s strategic approach to funding and collaboration

  • The DAO plans to distribute grants based on the current yield from Ether, which is projected to be around $8 million this year.
  • “Right now with the price of Ether as it is it would generate about $8,000,000 in yield this year.” – Griff Green
  • The DAO will take a cautious approach to grant distribution to avoid the mistakes of other DAOs that overspend too quickly.
  • “We’re not gonna repeat that mistake we’re gonna go slow we’re gonna get our feet under ourselves.” – Griff Green
  • The DAO aims to collaborate with the broader Ethereum ecosystem to identify and fund security initiatives.
  • “We need to be working with L2s large dapps wallets and all the entire ecosystem to figure out what these problems are.” – Griff Green
  • The role of curators in the DAO was to validate proposals and ensure the legitimacy of both the proposer and the code involved.
  • “Their role was to make sure that for anybody who made a proposal that they were who they like the connection between who they were and the proposal was like legit.” – Griff Green

Security enhancements and the role of leadership in Ethereum

  • Vitalik and Vlad remained involved in the DAO after the hack, demonstrating their commitment to the project.
  • “But Vitalik and Vlad stayed on and then so they’re they’re still OG.” – Griff Green
  • The DAO security fund will now manage claims with an expanded team of curators.
  • “The DAO security fund itself is gonna now manage those claims and we’re by doing that we’re actually gonna have seven new curators.” – Griff Green
  • Vitalik’s active involvement in the DAO shows the importance of security for Ethereum.
  • “It shows how important security is for Ethereum to have the founder be active in this.” – Griff Green
  • Ethereum is the most secure blockchain, but it still requires improvements.
  • “I think it can be I think it still needs improvements all of them do we’re not there yet.” – Griff Green

User security and the importance of operational security

  • Users should prioritize using hardware wallets for better security.
  • “For the users… buy a hardware wallet don’t store your keys on your computer… it’s worth it.” – Griff Green
  • Developers often underestimate the importance of operational security (opsec).
  • “I think probably the thing that most developers don’t appreciate the most is opsec.” – Griff Green
  • Operational security is crucial for blockchain developers and founders.
  • “Operational security is probably the most important thing that any blockchain developer could do or founder.” – Griff Green
  • Hackers can exploit vulnerabilities in code repositories to install malware.
  • “You can’t just run someone else’s code on your computer… npm just like auto installs some malware.” – Griff Green

Reputation, user experience, and the value of historical resources

  • Reputation is worth significantly more than money in the long run.
  • “I think like reputation is worth way more than money way more than money.” – Griff Green
  • The hardest part of rescuing funds is returning them to the rightful owners.
  • “You can rescue the money in a couple of seconds… the grueling hardest part is just trying to give it back to people.” – Griff Green
  • Taylor Monahan’s tool significantly improved the user experience for claiming DAO tokens.
  • “Taylor made this incredible user experience where you could click one button with your key and you would claim on etc.” – Griff Green
  • His book is considered the best resource on the early days of Ethereum and the DAO.
  • “Your book is by far the number one resource on early days Ethereum but especially the DAO.” – Griff Green