<p> http://themerkle.com/wp-content/uploads/2016/06/shutterstock_344810213.jpg</p>
<p><strong>Earlier today a user under the handle of “daoattacker” came to the DAO slack channel and seemingly gave away 6.37 bitcoin. </strong> </p>
<p>I was preparing to write an article on an alleged statement from the DAO  attacker, so when I checked the slack channel the giveaway was just  ending, but everyone was posting their bitcoin address. I was not sent  any bitcoin or any other currency nor did I request through address  posting, but I asked the alleged attacker some questions. The following  has been modified only cosmetically – to add capitalization at beginning  of sentences and punctuation at the end: </p>
<p> <strong>Andrew Quentson (AQ): </strong>Hi, I was about to write an article on your alleged pastebin. How can you show you are actually the DAO hacker? </p>
<p> <strong>Daoattacker (DA)</strong>: (1) i’m not a hacker, nothing was hacked. </p>
<p>(2) i’m not “the attacker”, I’m intermediary, this is a team project </p>
<p> (3) the point of this pastebin is open dialog; soon we will have a smart  contract to reward miners who oppose the soft fork and mines the  transaction. 1 million ether + 100 btc will be shared with miners. </p>
<p> AQ: How soon? We talking hours, days? </p>
<p> DA: Sorry don’t have an exact date. Takes time to verify and make sure it is bug free :wink: </p>
<p> AQ: How can you show you are the owner of the child dao that has some 3.5 million ether I believe? </p>
<p> DA: Words don’t matter. Proof doesn’t matter. Smart contracts do. </p>
<p> DA: I saw your message in #general (Andrew Quentson asked for a summary of what was going on) </p>
<p> The 6.37 bitcoin giveaway is just a little demonstration that money  speaks, and people in crypto are here for a profit. They don’t care if  they’re being paid by “an attacker”. </p>
<p> AQ: Some suggest that a potential solution may be for you to have some  of the funds and the rest returned in return for no fork, are you in any  negotiations towards that end? </p>
<p> DA: Everything is on the table from our perspective, as long as there is no fork. </p>
<p> AQ: I think I read you say Eth is a shitcoin. Are you trying to  discredit eth, or just in for the money? As in is this attack  politically motivated or purely financial? </p>
<p> And what sort of offer would you give to Ethereum’s community? As in you’ll return the rest if you can keep… how many eth? </p>
<p> DA: The people behind ethereum are deceptive, for example everyone with a  clue (Adam Back, Gregory Maxwell) knows that there is 0% chance for  “CASPER” proof of stake to work, but yet they advertise it. </p>
<p> I don’t like ethereum, I don’t like slock.it, but that’s not the main  reason. Money talks. Even if I loved ethereum I’d still have done it.</p>
<p> And, offers will be made with smart contracts. Sorry but I can’t give  any numbers, even if I did there is no reason to believe that I’m “the  attacker” :slightly_smiling_face:</p>
<p> AQ: There is one reason, well two reasons, you’re claiming it and you  gave or claim to have given away more than six btc, but if you can  provide some sort of evidence for our readers that would be helpful.</p>
<p> DA: Those aren’t strong reasons, anyone with 6 btc could’ve done that, shorted DAO / eth and made a killing.</p>
<p> AQ: Did you short the DAO prior to the attack? </p>
<p> DA: I’m not commenting to incriminate myself haha. But markets are really just places to trade information.</p>
<p> AQ: Do you think the attackers would accept 100k, return the rest, on  a community promise to not hard-fork? Or do you think they’d be looking  at a million, what sort of scale are we speaking in your view?</p>
<p> DA: I think they’d be looking at a million. Right know they think  there is a very reasonable chance that miners, motivated by profit,  won’t fork with 1 million ether dispersed.</p>
<p> AQ: Presumably that would have to go to pool operators. Since they are known, wouldn’t they incriminate themselves? </p>
<p> DA: That’s the beauty of smart contracts and soft / hard forks…  Forking requires action, not forking is just inaction; they can be  plausibly deniable.</p>
<p> Not to mention they don’t have to accept it. Someone will get paid to  call the smart contract per block, and that call will pay the miner.</p>
<p> AQ: Is this team behind any previous attacks, particularly MT Gox, but any other exchanges as well, or is this a first?</p>
<p> And if you don’t wish to answer that, do you have any other general comments to make? </p>
<p> DA: Ok, so, that is actually a really bad question, because NO hacker  will admit to previous hacks (if they’re substantial). The only people  who admit to previous hacks are those who are lying for attention. So  that question is pretty meaningless :)</p>
<p> But I do have a general comment to make. As everyone hopefully  figured out by now, the pastebin had a signature that didn’t verify. I  was absolutely surprised by how much it caught on, but I’m glad it’s the  right message that caught on. And DAO dropped by 10% just with that  pastebin lol. So many lessons for the crypto community. </p>
<p> AQ: Since the signature does not verify, does that not make the pastebin fake?</p>
<p> DA: The pastebin is fake in the sense that it’s not a signed message  from the attacker, but that doesn’t mean the message it conveys is fake,  or, not from the attacker.</p>
<p> AQ: How exactly was the attack carried out and why has it stopped at 3.5 million?</p>
<p> DA: It’s just the recursive call attack that was already known, but  slock.it guys didn’t realize was present for splitting. In layman’s  terms: because of a feature in the DAO, it sends you ether before  deducting your balance.</p>
<p> [The exact description of the recursive attack removed due to uncertainty on whether it raises any security concerns] </p>
<p> DA: Does that make sense lol? There’s a few good articles about the  recursive call attack and those probably explains it better than I can. </p>
<p>AQ: Why has it stopped at 3.5 million?</p>
<p> DA: Vitalik was actually calling for a hard fork / rollback and he /  eth foundation seemed serious. I’m still not sure if he actually thought  he supports a hard fork, or just said it to try and get the attacker to  stop. AQ: So, the attacker just chose to stop?</p>
<p> If you wished to you can drain the rest? </p>
<p> DA: EVM wise, yes, but Ethereum’s market isn’t yet large or liquid  enough to cash out more than a few million Ether. In any case, the real  money (bitcoin) is made from shorting. When people started talking about  a hard fork, the price of DAO started to recover, people started buying  DAO because they think they’ll be bailed out. Price started falling  again after the attack stopped :D </p>
<p>AQ: Do you not think the whole digital currency space would badly  suffer if the appropriated funds of $50 million and potentially more  aren’t frozen? </p>
<p>DA: Honestly? $50 million will be fine, remember mtgox? Bitcoinica?  Pirateat40? But when more ETH is taken from the DAO, that could be a  problem. The attacker isn’t going to take anymore, honestly eth  foundation or someone else should step up, and should move the rest to  their custody. DAO investors take a 30% haircut for their lack of due  diligence. ETH is moved out of the faulty DAO without a hard fork, which  is the only way to update a contract. </p>
<p> In 2011, mtgox was hacked and lost 400,000 bitcoin. That was 6% of  all bitcoin supply at that time. Bitcoin is doing fine, isn’t it?</p>
<p> AQ: At the time everyone discarded bitcoin as not safe and easily  hackable. I believe it took some two years for it to recover. Don’t you  think the same can happen again for both Eth and Bitcoin as the  mainstream media covers the attack?</p>
<p> DA: Well the attacker won’t take the full 3.6 million eth. At least  one million will be spread out to miners, and anyone can be a miner. </p>
<p>Just speculating (because only 1 million to miners is committed), but  it makes sense to have a carrot and a stick. Carrot: return some of the  eth to the DAO to make righteous people happy. Stick: return some of  the eth to miners if they don’t fork to give monetary incentive to not  fork. So… the impact and amounts will be a lot smaller than current  estimations and ethereum will absolutely survive, and can even prosper  after a clean resolution without a fork. While a fork would irrevocably  tranish ethereum.</p>
<p>  AQ: By “some”, what numbers are we talking?</p>
<p> DA: Only number I can give is 1 million eth + 100 btc.</p>
<p> AQ: Are you involved in bitcoin or ethereum. Do you contribute code,  that sort of thing? And what sort of age bracket are you as well as what  rough geographical location. </p>
<p>AQ: And, I do have to go so is there anything else you wish to say to everyone?</p>
<p> DA: I like bitcoin, and I like breaking smart contracts :)</p>
<p> DA: That’s all I have to say. Thanks for your time :) </p>
<p> DA: Actually there is one piece of misinformation I’d like to correct.  Bitcoin has never hard forked. The value overflow incident was resolved  with a soft fork. The 2013 levelDB issue was resolved without forking  see  https://www.reddit.com/r/Bitcoin/comments/2s2utx/the_hard_fork_missile_crisis/cnlqcd1 </p>
<p>#crypto #ethereum #DAO</p>