How was Ethereum stolen by hackers

1.

There is an essential difference between Ethereum and bitcoin. What is the difference? Bitcoin defines a set of currency system, while Ethereum focuses on building a main chain (which can be understood as a road) to allow a large number of blockchain applications to run on this road

from this point of view, Ethereum's application scenarios are more extensive, which is why we say that Ethereum marks a simple monetary system in the era of blockchain

1.0, and a transformation to other instries and application scenarios in the era of blockchain 2.0

however, there is no perfect thing in the world. Although Ethereum has expanded the application scope of blockchain in all walks of life and improved the speed of transaction processing, it also has some disputes and doubts

first, the solution to the lack of scalability of Ethereum: slicing technology and lightning network

the bottom design of Ethereum, the biggest problem is that Ethereum has only one chain and no side chain, which means that all programs have to run on this chain equally, consuming resources and causing system congestion. Just like last year's very popular Ethereum game "encryption cat", when this game was very popular, it once caused Ethereum network paralysis

to improve the processing capacity, Ethereum proposes two ways: shard and lightning network. Let's introce these two technologies respectively

(1) fragmentation technology

vitalik buterin, founder of Ethereum, believes that the reason why mainstream blockchain networks such as bitcoin process transactions very slowly is that every miner has to process every transaction in the whole network, which is actually very inefficient. The idea of fragmentation technology is: a transaction does not need to be processed by all nodes in the whole network, as long as some nodes (miners) in the network are allowed to process it. Therefore, Ethereum network is divided into many pieces. At the same time, each piece can handle different transactions. In this way, the network performance will be greatly improved

however, the slicing technology is also controversial. As we all know, the important idea of blockchain technology is decentralization. Only when the whole network witnesses (processes) the same transaction can it have the highest authority. The Ethereum slicing technology is similar to the group witness, not all nodes witness together. In this way, it will lose the absolute "decentralization" attribute, and can only achieve the purpose of high performance by sacrificing certain characteristics of decentralization

(2) lightning network

lightning network uses the way of transaction under the chain. What does that mean? It means: when the participants of lightning network transfer money to each other, they do not need to confirm the transaction through the main chain of Ethereum, but create a payment channel between the participants and complete it under the chain

however, lightning network is not separated from the main chain. Before establishing a payment channel, you need to use the assets on the main chain as collateral to generate a balance proof, which indicates that you can transfer the corresponding balance. In the case that both parties of the transaction hold the balance certificate, both parties can make unlimited number of transfers under the chain through the payment channel

only when the off chain transaction is completed and the assets need to be transferred back to the chain, the balance change information of the main chain account will be registered on the Ethereum main chain, and no matter how many transactions occur ring this period, there will be no record on the main chain

another real benefit of lightning network is that it can save the cost of miners for you. At present, when we trade on the main chain of Ethereum, we need to consume gas and pay for miners. Once we move the transaction to the lower chain, we can save this part of the cost

Of course, lightning network is not perfect. When using the lightning network, the assets on the main chain should be used as collateral; And this part of assets as collateral can not be used before the user completes the transaction under the chain. This also determines that lightning trading is only suitable for small transactions

the above is the problem of insufficient scalability of Ethereum, as well as the two main solutions: fragmentation technology and lightning network

Second, there are loopholes in Ethereum's smart contract and the infamous Dao event

Ethereum's smart contract is very powerful, but there are loopholes in any code. The biggest controversy of Ethereum's smart contract lies in the so-called loopholes, that is, security issues. According to relevant research, 34200 (about 3%) of the nearly 1 million smart contracts based on Ethereum contain security vulnerabilities, which will allow hackers to steal eth, freeze assets or delete contracts, such as the infamous Dao incident

(1) what does Dao mean

before introcing the Dao event, let's first introce what Dao is. Dao is the abbreviation of decentralized

autonomous organization, which can be understood as decentralized autonomous organization. From the perspective of Ethereum, Dao is a kind of contract or a combination of contracts on the blockchain, which is used to replace the government's review and complex intermediate proceres, so as to achieve an efficient and decentralized trust system. Therefore, Dao is not a specific organization, that is to say, there can be many Dao, all kinds of Dao

(2) the infamous Dao event

however, when we talk about Dao now, we basically refer to the Dao event, that is, the infamous hacker attack event we just mentioned. As we know, the English word "the" refers to "the Dao event". The Dao event

refers to "the Dao event", because we just said that Dao is not a specific organization, there can be many Dao, all kinds of Dao

in 2016, slock.it, a German company focusing on "smart locks", launched the Dao project on Ethereum in order to realize decentralized physical exchange (such as apartments and ships). Since April 30, 2016, the financing window has been open for 28 days

unexpectedly, this Dao project is very popular. It raised more than US $100 million in just half a month. By the end of the whole financing period, it raised a total of US $150 million. Therefore, it has become the largest crowdfunding project in history. However, it didn't last long. In June, hackers took advantage of the loopholes in the smart contract to successfully transfer more than 3.6 million Ethernet coins and put them into a Dao sub organization, which has the same structure as the Dao. At that time, the price of Ethernet currency fell directly from more than $20 to less than $13

this event shows that there are loopholes in smart contracts, and once the loopholes are exploited by hackers, the consequences will be very serious. This is why many people criticize Ethereum and say that its smart contract is not smart

to solve this problem, many foreign companies begin to provide code audit services in order to solve the vulnerability problem of smart contract. From a technical point of view, some teams are currently testing smart contracts. Most of these teams are led by professors from Harvard, Stanford and Yale, and some of them have obtained investment from leading institutions

in addition to the problems of insufficient expansibility and loopholes in smart contracts, the controversy over Ethereum lies in the POS consensus mechanism it pursues, that is, the proof of equity mechanism. Under the proof of equity mechanism, if anyone holds more money and holds it for a longer time, he will get more "rights" (interests) and have the opportunity to get bookkeeping power, Bookkeeping can also be rewarded. In this way, it is easy to create the oligarchic advantage of "the stronger the stronger"

Another problem is the chaos of ICO. ICO is a common way to raise funds for blockchain projects, which we can understand as pre-sale. The outbreak of ICO projects on Ethereum has caused illegal activities such as fund allocation and money fraud under the banner of ICO, which has caused security risks to social and financial stability

2. 1. What is the ether classic<

etc (Ethereum Classic) is a bifurcated currency that Ethereum hard bifurcates after 1920000 blocks, and its function is very similar to Ethereum. Etc adheres to the concept of decentralization and supports the consensus mechanism of blockchain guarantee. Etc firmly believes that once the blockchain starts to run, its development direction will not be controlled by any central team, but will be determined by the consensus of the people participating in the whole network and the consensus of the computing power of the whole network

the Ethereum blockchain hard branching in July 2016 aims to transfer the Dao funds stolen by hackers to an account controlled by investors, and let the old transaction records be forgotten by history. Most Ethereum developers are involved in the reversal, as are exchanges, startups and other members of the ecosystem. A few days later, the project returned to normal. But not everyone wants to forget the old record. As a result, a small number of miners continued to use the original blockchain as a protest. They described the hard fork as a capital withdrawal for the abandoned project of the Dao. So Ethereum classic (etc) was born

2. Detailed parameters

Chinese Name: Ethereum classic English Name: Ethereum classic English abbreviation: etc

developer: Ethereum Classic team core algorithm: ethash consensus proof: POW

release date: 2016 / 7 / 20 block time: About 15-17 seconds / block

total currency: fixed at 210 million, up to 230 million, Every 5 million blocks decelerate by 20%, and the first proction rection is expected to be in December 2017

main features: independent cryptocurrency

3. I met a hacker
there is no way to find out the theft, just like where the blackmail virus is and who blackmailed it is still a mystery
the nature of bitcoin is that it cannot solve cases
bitcoin (bitcoin: bitcoin) was originally a kind of network virtual currency, which can buy real-life goods. It is characterized by decentralization, anonymity, and can only be used in the digital world. It does not belong to any country or financial institution, and is not subject to geographical restrictions. It can be exchanged anywhere in the world. Therefore, it is used as a money laundering tool by some criminals.

4.

at present, the vast majority of digital currency transactions are concted in exchanges. Among the numerous exchanges, bitfinex, binance, okex and so on are well-known

However, bitcoin and other digital currencies, as decentralized assets, have to be traded in a centralized exchange, which seems to have hidden contradictions and dangers

1. Problems and challenges of stock exchanges=“ https://iknow-pic.cdn.bcebos.com/fd039245d688d43fdf16c83b761ed21b0ff43bbf ">

in February 2014, Mt. GOx, the world's largest bitcoin exchange at that time, was stolen 850000 bitcoins, and the price of bitcoin suffered a" cliff "crash on that day. Later, it was revealed that Mt. GOx was in fact a thief, and only 7000 bitcoins were actually stolen

in August 2016, bitfinex, the largest U.S. dollar bitcoin trading platform, suffered a security vulnerability, resulting in the theft of 120000 bitcoins, which was worth $65 million at that time. If converted into the price in December 2017, it would be worth nearly $2 billion

on December 19, 2017, South Korea's youbit exchange was attacked by hackers and lost 4000 bitcoins, and the exchange declared bankruptcy

on December 21, 2017, the Ukrainian liqui exchange was stolen 60000 bitcoins, and the unit price of bitcoin plummeted by US $2000

in 2018, such a drama will only continue

in addition to the threat of hackers, traditional exchanges also have some inherent shortcomings, such as lack of supervision and inefficiency. The security of the exchange for investors can only rely on its own credit, and the cost of running is very low. The stock exchange is regulated at the national level, but there is no such sword of Damocles on the top of the digital currency exchange. Moreover, in an exchange, the same order can only be submitted to one exchange. After the user places an order, the funds used for the transaction will be frozen and can only wait for the completion or cancellation of the transaction. These are undoubtedly inefficient

All in all, the problems of exchanges are the problems of centralization

2. Decentralization of exchanges=“ https://iknow-pic.cdn.bcebos.com/86d6277f9e2f070889a173c9e224b899a801f257 ">

(1) the progress of the exchange itself

the upgrade of security means is various. At present, the best use is cold wallet, that is, to keep the digital currency in the offline U disk. At the end of 2017, when the YouTube exchange was attacked, 75% of its assets were withdrawn into the cold purse in time to avoid greater losses. However, it seems to be a helpless way to protect the online assets by offline means. Of course, there should be many other methods, which will not be repeated here

(2) the representative of cross ledger transaction is ripple network, and the operating company is ripple labs, which is a semi centralized system. Ripple is a decentralized clearing agreement. In order to solve the high cost and delay of inter-bank clearing, its base currency is XRP. Ripple network can connect all kinds of assets, such as US dollar, RMB, Japanese yen, bitcoin, etc. to its own network. In this system, U.S. dollars or bitcoin can be converted into reborn currency, and then reborn currency can circulate freely in the network, just as a highway is built between various assets. Due to the support of major banking institutions, the reborn currency achieved nearly 300 times growth in 2017

(3) decentralized exchange

some teams try to use blockchain technology to build a decentralized exchange. This kind of decentralized exchange, to some extent, is an extension of cross ledger trading

bitshares is the most representative of early rising projects. It builds a blockchain development platform with servers scattered all over the world. Even if some of them are attacked, the system will not collapse. Anyone can transfer money and borrow money freely on this platform, and can also quickly build a centralized exchange based on this platform. In order to ensure stable value, bitstocks also require three times of digital assets as collateral. At present, bitstocks are running fairly well

later, with the development of Ethereum and smart contract, the x x protocol came into being. This is an open protocol running in the Ethereum blockchain and a decentralized exchange in the Ethereum ecosystem. The agreement has attracted many investors. At present, it has completed financing and started to build open source software tools and infrastructure. Of course, there are many competitors. Ether Delta, IDEX and oasis DEX are trying to provide similar functions. Moreover, it is a smart contract system based on Ethereum, which only supports erc20 token. If other smart contract public chains start to rise, the demand will be reced

in addition, there are some teams that are entering, such as the domestic road seal agreement, looping (LRC) in English. They adopted a design similar to the X protocol, and also introced a fast payment function similar to the lightning network. It is characterized by trying to match multiple exchanges, the user's order can be broadcast to multiple exchanges, and completed by different exchanges. Moreover, the user can still use the account funds after placing an order, and the user's behavior of transferring part or all of the funds is equivalent to partial or total cancellation. To some extent, it improves the breadth and timeliness of the transaction. However, this system seems to have damaged the "power" of the existing exchanges. Whether we can persuade everyone to play together will be a difficult problem

At present, there is still a long way to go for the construction of decentralized exchange. In 3-5 years, traditional exchange will still be the main battlefield of digital currency

However, in the future, it is worth looking forward to let the decentralized digital currency get rid of the shackles of centralization

5. At present, there is an unpopular way to use bug to get your character into the wall, so that you won't be attacked by monsters, but you can't get out. If you insist on going to three-layer mining, the best way is to form a team to go down mining together

6. I don't know where the landlord said that he was attacked by hackers, but it's not impossible. Although blockchain is very popular at present, there is no absolute security for anything, even bitcoin

7. 1. The Ministry of public security has a special department to catch hackers
2. The internet police can use the IP address to track down

IP proxy can slow down the tracking time
but it's not that everything can't be found
hacker is a Chinese word, all derived from English hacker. With the emergence of grey pigeon, grey pigeon has become a hacker technology to control other people's computers in the name of hacker, so there are "hacker" and & quot; Hacker & quot; Separate families
in 2012, the movie "hacker" proced by the program center of the film channel has also begun to use the word "hacker", which shows the convergence of Chinese usage habits. In fact, the meaning of hacker (or hacker) can not be completely translated into English, which is the difference formed in the development of Chinese and English vocabulary. The term hacker originally refers to computer experts who are enthusiastic about computer technology and have high level, especially programmers. It is graally divided into white hat, gray hat, black hat and so on. Black hat is actually cracker. In media reports, the term "hacker" often refers to those software crackers, while the opposite of "black hat" is "white hat".

8. The security of public Wi Fi is generally poor. A simple password can not prevent hackers from invading. The most common ways are as follows:

1. Hackers can forge a transfer station between devices and routes through internal and external attack software

2. Use the mechanism of Intranet broadcast to monitor Internet traffic, so as to find your browsing records

3. Forge Wi Fi broadcast, For example, set SSID as a common public Wi Fi. When you connect, the device may be implanted with Trojan horse or spyware
please accept!

9. Network hackers steal other people's mobile phone information, mainly to defraud some of your friends.