In the position of a project owner or investor, malicious security attacks are quite possibly the worst news you could possibly receive, causing price spike inducing fear and anxious speculation. On the bright side: with every successful or failed attack there is a valuable lesson to be learned.
Perhaps the most valuable information, in this light, might come from analyzing reports of the events and resulting aftermaths of one of the most significant hacks, breaches or deceits to have struck crypto innovations in recent years.
The DAO Collapse, and Ethereum Split
The collapse of the DAO project is a notable crypto-heist: not only for the sheer volume of currency stolen but also due to the number of people affected. Another reason is that it happened on the second largest public Blockchain (at the time of writing this), Ethereum.
Mainstream publications like the NY Times heralded the event in June of 2016 as one that “Dashe[d] hopes in the world of virtual currency,” which may seem like hyperbolic soothsaying when you see consider cryptocurrencies’ trajectory since. A December 2017 editorial from a different author sums up the publications misconceptions perfectly (intentionally or not) with the title to one of their related articles, “I was wrong about Bitcoin, here’s why.”
When taken in its actual contemporary context, the sensational headline from 2016 doesn’t seem too outlandish. The immediate effect was shocking, as Ether’s market price dropped dramatically along with investor confidence in a matter of hours after the $50 odd mln was stolen by hackers.
Thankfully, in fast response to this critical situation, a hard fork was implemented. This ensured the safe return of all token-holding investors’ funds, as well as boosting long-term confidence as a result. It also inevitably split the future of the platform/currency in two: with the original assuming the name Ethereum Classic (ETC) and the newer Blockchain using the former handle ‘Ethereum’ (ETH).
This arguably caused a rivalry between investors, operators, and communities (with many, myself included, favoring the original platform due to a sense of familiarity, or perhaps loyalty).
Prevention > Cure
Mistakes such as the DAO should serve as stark lessons for future planning. ICO developers can learn a lot about the risk that bugs and security flaws pose. You can’t deny that the outcome and results from the hard-fork are impressive, and result from astute pragmatism. But as the platforms have grown so significantly over the past years (and months) the risks posed by such exposures has similarly increased.
As such: In December 2017, Slovenian mining service Nicehash suffered a loss of $60 mln of user funds stolen by one or more anonymous assailants operating together to instigate the digital heist. The company claims that security has been re-established, the CEO has left just this week, and the coming months will tell just what will become of this situation. Even more recently, following accusations of North Korean involvement in the hack of ‘Youbit,’ a South Korean exchange – a local media outlet conducted a study which exposed rudimentary security flaws across five of the country’s exchanges.
The Future: Bug Bounties, Hybrid Blockchains & Security Roadmapping
Much like the previous scenario proved exemplary in a reactive sense, a new ICO titled ‘Lina’ (launching today January 15th, 2018) has implemented preventative security strategies that are exemplary – as well as reassuring to those who are sure to benefit from their original review/rating system technology based on Ethereum Blockchain.
From a glance at their website and whitepaper, you will notice that creating a robust and safe platform is of the utmost importance to them. Their schedule outlines a clear representation of the scheduling and milestones with regards to security/technological roadmapping.
Firstly, they detail further plans for the initiation of a bug bounty program: with the prospective goal of allocating five percent of the entire project’s budget. This is a display of dedication through capital expenditure as well as a willingness to engage with and contribute to a pro-active integration of the community into the development process.
Lina takes the security and maintenance of their platform seriously because they believe that the sanctity of their content is as valuable as the financial capital that defines platforms such as Bitcoin or Monero. This is in reaction to the issues recognized by many publications regarding the lack of authenticity in user reviews recently as well as the mainstream reviews industries.