Ethereum Core Developer: Why Ethereum Cannot Roll Back After the Bybit Incident?

CN
Odaily星球日报
Follow
6 hours ago

Original author: Tim Beiko

Original translation: GaryMa Wu Says Blockchain

Ethereum core developer Tim Beiko published a lengthy article on February 22, 2025, explaining why Ethereum cannot "rollback" to reverse a hack, such as the recent Bybit hacking incident. He provided historical context from Bitcoin and TheDAO and discussed why rollbacks are not feasible in today's Ethereum ecosystem. Wu Says has compiled and organized the original text and corresponding comments as follows:

After Bybit was hacked yesterday, some people once again asked why Ethereum cannot "rollback" the blockchain to reverse the hack.

While experienced individuals in the ecosystem almost unanimously agree that this is not feasible, it is worth explaining why this seemingly reasonable proposal is technically impossible, especially for those who are less familiar with the topic. If you are one of them, here is a simple explanation of why this is not possible.

First, understand the background of rollbacks:

The concept of "rollback" in blockchain originates from an early event in the Bitcoin blockchain. In 2010, less than two years after Bitcoin's launch, a bug in the client software resulted in the creation of 184 billion (yes, billion) bitcoins in block 74638.

To fix this issue, Satoshi released a software patch for the Bitcoin client that invalidated these transactions. This effectively "rolled back" the chain that continued to produce blocks during this period to block 74637. In less than a day, the new chain accumulated enough proof of work to become the main chain, and all the rolled-back user transactions were included in the new chain. Note that at that time, Bitcoin's mining difficulty was 10 billion times lower than it is now, and the BTCUSD price was about $0.07.

In short, this situation was unique because there was a clear protocol bug that led to the problematic transactions, which were easily identifiable due to their massive quantity. Additionally, Bitcoin's limited adoption at the time made it easy to distribute the new client version and quickly mine new chain segments.

Ethereum and TheDAO:

Ethereum's early history has a superficially similar crisis that often leads to confusion about the practicality of rollbacks. In 2016, a popular Ethereum application, TheDAO, controlled about 15% of all ETH at the time. Unfortunately, hackers discovered a vulnerability in the application code that allowed them to steal all these funds. This was clearly different from the Bitcoin situation, as the Ethereum protocol itself was functioning normally; it was the application built on Ethereum that had the issue.

Fortunately, TheDAO's developers implemented a security measure that required a one-month freeze before funds could be withdrawn from the application. This provided a unique opportunity to address the vulnerability: the application code could be changed to prevent the funds from ultimately flowing to the hackers.

Since the application itself could not do this, Ethereum protocol developers had to make changes directly in the blockchain history. This is referred to as a "non-standard state change," as the application's "state" was altered by manually updating the database rather than through valid Ethereum transactions.

In rough comparison to the aforementioned Bitcoin bug, this is akin to setting the balance of the address receiving 184 billion BTC to zero, rather than re-mining a chain that excludes those transactions.

This upgrade sparked controversy, and the Ethereum community effectively split as a result. A portion of miners refused to run the software patch and continued mining on the chain where the hack occurred, which is now known as Ethereum Classic. The chain we refer to as Ethereum today is the one that implemented this software upgrade.

Similarly, this situation was unique. The funds that were hacked in TheDAO were effectively frozen for a month, giving the community time to coordinate the software upgrade. The freezing of funds had another major advantage: the hack did not "spread." If hackers could freely move the funds, "freezing" them would lead to an endless game of cat and mouse, as the protocol is open-source, and any potential changes to freeze funds would have to be made public to the hackers, giving them enough time to move the funds elsewhere.

This leads us to the Bybit incident.

Why We Cannot Rollback Ethereum

Earlier this week, the Bybit exchange was hacked for 401,346 ETH (about $1.4 billion). The theft was caused by the custodian of the funds signing misleading transactions through a compromised multi-signature interface.

The root cause of this hack is a level above the TheDAO and Bitcoin overflow vulnerabilities. Neither the Ethereum protocol nor the underlying multi-signature application used by Bybit had issues. Instead, a compromised interface made it appear that the transaction was doing one thing while it was actually doing another.

From the perspective of the Ethereum protocol, there is nothing that can distinguish this transaction from other legitimate transactions on the network. There are no violations of protocol rules that could isolate the hacked funds by patching the issue, as was done with the Bitcoin bug.

Moreover, the funds were immediately available to the hackers. Unlike the situation with TheDAO, where the community had a month to deploy an intervention, here the hackers immediately began moving funds on-chain.

Even if we could solve the aforementioned cat-and-mouse game, the Ethereum ecosystem today is vastly different from that of 2016. DeFi and cross-chain bridges with other chains mean that any stolen funds can easily be mixed within the application network. For example, stolen funds could be exchanged on decentralized exchanges, and the resulting tokens could be used as collateral in DeFi protocols, with borrowed assets then bridged to entirely different chains.

This high degree of interconnectivity means that any non-standard state change, even if socially acceptable, would produce nearly unmanageable chain reactions. A complete "rollback," even if only part of the recent chain history is invalid, would be worse. Any settled transactions, many of which have off-chain impacts (such as exchange sales, RWA redemptions, etc.), would be reversed, but their off-chain components could not be undone.

Therefore, the conclusion is that while Bitcoin was able to "rollback" its blockchain 15 years ago, today, the interconnected nature of Ethereum and the settlement of on-chain and off-chain economic transactions make this unfeasible.

Technically, non-standard state changes on Ethereum could still be possible if funds were frozen and isolated. The last time such a change was proposed was in 2018, regarding a vulnerability in the Parity multi-signature wallet, where about 500,000 ETH was frozen (see EIP-999), but due to the controversy sparked by TheDAO incident, the community strongly opposed it.

Comment: Is it still possible to conduct a social hard fork at this stage? Zeroing out the Lazarus funds (since they are easy to trace) and making a non-standard state change to send the funds back to the Bybit address?

Reply: Technically impossible. What if we announce a hard fork, and before it takes effect, they move the funds to another address? If the hackers move the funds before the fork, the fork would be useless. Additionally, hackers could cause the entire network to freeze through malicious interactions (e.g., sending small amounts of funds to all addresses), similar to a denial-of-service (DoS) attack.

Comment: If the TheDAO hack event happened now (with funds frozen for a month, community coordination possible), do you think Ethereum governance would accept a non-standard state change again? Or has the protocol culture completely shifted to strict immutability, even in extreme cases?

Reply: Hard to say! TheDAO had about 15% of all ETH (30 times the current Bybit hack event), but the outcome was more controversial than expected. I think this is a major reason why the Parity hack event (about 500,000 ETH, funds frozen, so recoverable) was never fixed through a hard fork. To provide some perspective, TheDAO had about the equivalent value of all WETH today plus all L2 collateral (not just ETH on L2, but all L2 tokens) in staked ETH. That was the scale needed for intervention, and the ecosystem was far from as mature as it is now.

Comment: The same logic can apply to more centralized chains, like Solana, right? So, for hackers, both Solana and Ethereum are sufficiently decentralized?

Reply: Exactly. Solana might implement a hard fork faster than Ethereum, but you would still have many secondary effects and the risk of attackers moving funds before the hard fork takes effect.

Comment: If wETH were attacked, would you rollback?

Reply: I have no choice, but I think this might be the minimum scale to at least raise the topic? My point is more that comments about DAOs often make it seem like "just an application," rather than the situation where funds in WETH and all L2 layers are frozen in a recoverable manner. (i.e., the key point is the scale of the funds and whether they are easy to recover)

免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。

Share To

Related Articles

avatar
avatarOdaily星球日报
47 minutes ago
BTC has fallen below the 90,000 mark. How do various big players predict the market outlook?
avatar
avatarAiCoin研究院
2 hours ago
Bybit "Where are your crypto assets stored?" — this question has never been more urgent.
avatar
avatarOdaily星球日报
3 hours ago
Inscription: When the wind rises again, who does it stir?
avatar
avatarOdaily星球日报
3 hours ago
The Rise of Meme Coins: From Entertainment to Mainstream
avatar
avatarAiCoin信息君
3 hours ago
OKX Settles with the U.S. Department of Justice for 500 Million: Crypto Giant Resolves Regulatory Crisis
APP

X

Telegram

Facebook

Reddit

CopyLink