The recent sanctions of the US government marks a new chapter in the history of Ethereum. It’s the first time that the US directly attacks a smart contract.
With their actions they have demonstrated that they know better our vulnerabilities than what we thought. But this demonstration of power can teach us how they are going to proceed in future attacks, which for sure are going to come as the Ethereum network starts taking away a big share of the financial system.
From the experience of this attack we can see that he principal point of failure in the current system is all of the non-decentralized platforms and protocols that are not required but essential to make the network work. I’m going to enumerate them and some possible solutions to the problems:
-
RPC’s: it doesn’t make sense to have a 100% decentralized system if the channel that you use to connect to it is 100% centralized. We need to start using by default in our wallets decentralized RPC’s. Unfortunately this is not easy as running a full node requires a lot of hardware requirements. Fortunately we’ll soon have light clients which will enable us to query and validate the network with little resources.
-
DNS: dapp’s must have a frontend deployed on IPFS (with a decentralized pinning service like Filecoin) accessible with a .eth domain. But this is not enough! as currently the DNS translation is done using centralized RPC’s. When light clients are available, browsers will need to use them as the default DNS resolver.
-
GitHub: I wouldn’t have ever imagined that this could pose a threat to Ethereum security but as we saw it’s a significant point of failure. All the DAPP’s code must be always accessible in a decentralized, global, searchable place, with a nice UI to interact with it. Currently there are two projects aiming at solving this problem: radicle and gitopia.
-
USDC/TETHER: we already knew this but it is good to remember the risk that this kind of stablecoins generate. Fully decentralized stablecoins don’t exist, but DAI and FRAX are a significantly better option as not 100% of its collateral comes from assets outside of the chain.
-
Metamask: there has not been any problem with it, but as a closed source software and critical part of most of the Ethereum transaction we should take it into consideration. A project aiming to solve this problem is tally, they are fully open source and they have a DAO, although their product doesn’t have as many features as Metamask yet.
-
localcryptos > Coinbase: last but not least. Even if all the previous measures are implemented correctly it is going to be of no use if the government prohibits citizens from using a dapp. Wallets should be anonymous from the first time that users get into crypto so the government can’t impose their regulations on the users, so stay anonymous and evade KYC.
And that’s all, hopefully with measures like this and more that will come we’ll be able to build a better future.
A developer.
Full article: https://medium.com/@pabloturnes/the-tornado-cash-opportunity-3a65d5f231cf
