What if there were a way to empty all the ETH held by the Maker protocol?

That’s $300 million worth of crypto right now. That’s a lot of money. Even if doing it caused the price to drop in half or even by two-thirds, it could still be well worth the attempt.

Micah Zoltu, an independent software developer who is also one of the co-authors of the original white paper for the decentralized prediction market Augur, published a blog post on Monday describing an attack on MakerDAO that, he argued, could empty all the ETH from the system. (Users lock ETH into the Maker protocol to generate loans of the dollar-pegged DAI stablecoin.)

The problem, Zoltu writes, is in how Maker is governed: “Some group of plutocrats can control how the system behaves.”

The attack would only be feasible for a few MKR whales if they wanted to act quickly. Zoltu said that 40,000 MKR would be enough if the attack had some sophistication. As of this writing, 48,400 MKR, based on the staking approach of the Maker voting system, could do it right away.

So somewhere between $20 million and $25 million in crypto would need to be deployed to do it. That’s assuming a person could accumulate MKR in a way that didn’t drive up the price, which is unlikely.

“It is worth noting that Maker Foundation could attack the system in this way right now if they wanted,” Zoltu writes. “What is worse, [venture capital firm] a16z has enough MKR on hand right now to execute the attack the patient way!”

Aside from an inside job by the parties most invested in seeing ethereum’s flagship decentralized finance (DeFi) application survive, accumulating enough MKR to carry out the attack may be a significant hurdle.

“I feel like it’d at least double the price,” Joey Krug, a partner at Pantera Capital who has been briefed on the vulnerability, said. “You could probably get a lot of whales to sell to you OTC [over-the-counter] if you were paying double market.”

On the open market, the price would “go bonkers, multiples of what it is now,” Krug said.

That’s only if the attacker had to start from zero MKR, though. So first let’s get into the attack that Zoltu describes and then circle back to the Foundation’s objections.

How it works

The Maker protocol is governed by the MKR token.

One million MKR has been minted, a sliver of that has been burned. The Maker Foundation still controls several hundred thousand, both in its treasury and in smart contracts that hold them in escrow.

One MKR sells for about $510 as of this writing. Daily turnover is quite variable but lately, there’s been about $4 million to $10 million in MKR turning over daily.

Anyone who holds MKR can put up a proposal as a smart contract on the protocol, one that can change any number of parameters. Maker uses continuous governance so that provisions can be voted to change at any time.

This is especially important right now because the system just made a major upgrade, implementing multi-collateral DAI and the DAI savings rate. This new upgrade is a whole new version of the protocol, such that there are really two kinds of DAI now and users are being asked to convert their old DAI (now called SAI) to the new.

The new system institutes some important security changes, such as a delay on how long it takes for changes voted through to go into effect and an emergency shutdown provision.

The biggest weakness allowing Zoltu’s attack is the fact that the current parameter for governance delay is zero seconds. That is, any governance provision that gets voted through goes into effect immediately.

This is something Wouter Kampmann, head of engineering at the Maker Foundation, said has been discussed in detail by the MakerDAO community, which has decided it is better to have zero delay for now while it determines which kinds of changes should be able to bypass the delay and which ones should still have a delay.

“It’s really a matter of finding that sweet spot there,” Kampmann said.

As long as it’s in place, though, Zoltu argues, the funds locked in MakerDAO are “not safu.”

In a call with CoinDesk, Kampmann said it would not be as simple as saying that all the ETH currently held as collateral by MakerDAO could just be directly moved to a wallet controlled by the attacker.

“The way permissionless, unstoppable code works is that there is certain business logic that determines the rules of how to interact with the contract – and these rules are unchangeable,” Kampmann said.

Zoltu admits it would take cleverness and planning, but at this point, readers who remember the DAO hack may be experiencing familiar chills. Your threat tolerance may vary.

The attack described by Zoltu would also need to be fairly fast. Kampmann expects that the governance delay may well be increased sometime in the first quarter, possibly in January.

Though it’s important to note that this decision is not up to him or foundation staff.

On the other hand

“You cannot just ignore the economics of it,” Kampmann said. “The problem with the model that’s set forth is really in the incentive model.”

There are a small number of whales that have enough MKR to execute this attack now, but they are extremely unlikely to do so. It would send shockwaves across ethereum and likely if they hold that much MKR, they would lose more in other assets than they would gain in stealing the ETH (which would likely drop in value too).

The best thing MKR holders who care about securing the protocol can do, according to Kampmann, is stake their MKR on votes. The more that’s staked, the more expensive this attack will be, and there is a lot of MKR on the sidelines right now.

Krug, who is well acquainted with the crypto investor class, acknowledged that MKR whales are probably well-intentioned, but he also said, “We can’t assume it for sure.”

There are over 16,000 ETH addresses with some MKR, however. If a bunch of minor whales were able to collude without warning the MakerDAO community, they might be able to assemble enough tokens without causing price movements.

The Maker Foundation said this would be very unlikely based on what’s known about MKR liquidity. That is, MKR just doesn’t move around that much. 

But Zoltu insists this is not safe enough. He said, “They [the Maker Foundation] are operating under the assumption that there are no dark pools of liquidity available to attackers. This is, kind of by definition, something one cannot know.”