Author: timbeiko.eth Source: X, @TimBeiko Translation: Shan Oppa, Golden Finance

In After the Bybit hack, cryptocurrency commentators were asking again why Ethereum could not “roll back” the chain to reverse the attack.

While experienced ecosystem participants almost agreed that this is not feasible, it is worth analyzing why this seemingly reasonable proposal is not technically technically It is not feasible for an observer who understands it. If you are one of them, you can take this as an explanation of the "ELI5" version to help you understand why this is impossible.

Learn the concept of "rollback" first:

Blockchain "rollback" This concept stems from an early event in the Bitcoin blockchain. In 2010, Bitcoin was launched less than two years ago, and a vulnerability in the client software caused minting 184 billion Bitcoins in block 74638.

To solve this problem, Satoshi Nakamoto released a software patch that invalidated these transactions. This is equivalent to "rolling back" the chain and recovering to block 74637. In less than a day, the new chain accumulated enough proof of work and became a formal chain. All rolled-back user transactions were included in the new chain. It should be noted that Bitcoin mining difficulty was 10 billion times lower than today, while the price of BTC/USD was about $0.07.

In short, the special nature of this event is that there are obvious loopholes in the protocol itself, which leads to problematic transactions, and due to the huge transaction amount, it is easy to be Identify it. Moreover, Bitcoin was adopted at that time, and it became relatively easy to distribute new clients and quickly mine new chain segments.

Ethereum also had a seemingly similar crisis in its early history, which usually leads to people's feasibility of rollbacks Cause misunderstandings. In 2016, a popular Ethereum application—TheDAO— controlled about 15% of all ETH. Unfortunately, a hacker discovered a vulnerability in the app's code, allowing them to steal all of this money. The difference between this and the Bitcoin event is that there is no problem with the Ethereum protocol itself, and the problem lies in the applications built on Ethereum.

Luckily, the developers of TheDAO implement a security mechanism whereby the application freezes the withdrawal operation for one month before completing the withdrawal. This provides a unique opportunity to fix the vulnerability: the application can be changed. The code of the program prevents funds from eventually flowing into the hands of hackers.

Because the application itself cannot do this, developers have to directly go through the history of blockchain Changes are made in the record. This is called an "unnormal state change" because the "state" of the application is changed by manually updating the database, rather than through a valid Ethereum transaction.

To make a rough comparison with the Bitcoin vulnerability, it is similar to setting the address balance of 184 billion BTC to 0 instead of remining the chain that excludes these transactions.

This upgrade caused controversy within the Ethereum community, and the community was actually divided. Some miners refused to run software patches and continued to mine on the chain where the hackers occurred, which later became Ethereum. Ethereum Classic. The Ethereum chain now called is the one that has applied the software upgrade.

Reiterate, this incident is unique. The stolen funds of TheDAO were frozen within a month, giving the community time to coordinate the implementation of software upgrades. Another important advantage of the funds being frozen is that hackers cannot continue to move Funds. If hackers can move funds at will, then "freezing" these funds will become a cat and mouse game, because the protocol is open source and any changes that may freeze funds must be broadcast to the hackers, giving them enough time to Money transfers to other places. This leads to the Bybit event.

Earlier this week, the Bybit exchange was stolen 401,346 ETH (approximately US$1.4 billion). The theft was caused by the custodian of the funds signing a misleading exchange in a damaged multi-signal interface.

The root cause of this hacking incident is more complicated than the TheDAO event and the Bitcoin overflow vulnerability. There is no problem with the Ethereum protocol itself, and even the multi-signature application used by Bybit. Problem From a damaged interface, the transaction seems to be doing something, but actually does something else.

From the perspective of the Ethereum protocol Look, there is no way to distinguish this transaction from other legal transactions on the Internet.easy. There is no violation of protocol rules, and stolen funds can be isolated by patching issues, just like in the case of a Bitcoin vulnerability.

In addition, the hacker immediately began the transfer of funds. Unlike TheDAO incident, where the community had a month to conduct a "surgical" intervention, where hackers immediately began transferring funds on-chain.

Even if we can solve the cat and mouse game mentioned above, today's Ethereum ecosystem is very different from 2016. The ability to bridge DeFi and other chains means that any stolen funds can easily be intertwined with various applications. For example, stolen funds can be exchanged on a decentralized exchange, the resulting tokens can be used as collateral in the DeFi protocol, and the loaned assets can be transferred to a completely independent chain through bridges.

This highly interconnected state means that any abnormal state change, even if it is socially acceptable, can produce a chain reaction that is almost uncontrollable. This will be even worse if you do a "full rollback" even partially rollback the historical chain. Any completed transaction, many transactions that may involve outside Ethereum (such as sales of exchanges, redemption of real-world assets, etc.), will be revoked and the off-chain part cannot be restored.

Summary:

So, although Bitcoin was once able to "roll back 15 years ago "Its blockchain, but today, due to the interconnected nature of Ethereum and the settlement of on-chain and off-chain economic transactions, today's situation makes this rollback unfeasible.

Technically, abnormal state changes may still occur when funds are frozen and quarantined. The last time such a change was proposed in 2018, with the goal of addressing a vulnerability in Parity’s extra sign-up wallet, resulting in about 500,000 ETH being frozen (see EIP-999), a proposal that has been strongly opposed by the community, partly due to TheDAO Controversy caused by the incident.