Developer Flags Big-Money Loophole for Stealing All the ETH in MakerDAO

Micah Zoltu, an independent software developer who is also one of the co-authors of the original white paper for the decentralized prediction market Augur, published a blog post on Monday describing an attack on MakerDAO that, he argued, could empty all the ETH from the system.

The attack would only be feasible for a few MKR whales if they wanted to act quickly.

That's assuming a person could accumulate MKR in a way that didn't drive up the price, which is unlikely.

"What is worse, a16z has enough MKR on hand right now to execute the attack the patient way!".

Aside from an inside job by the parties most invested in seeing ethereum's flagship decentralized finance application survive, accumulating enough MKR to carry out the attack may be a significant hurdle.

That's only if the attacker had to start from zero MKR, though.

Daily turnover is quite variable but lately, there's been about $4 million to $10 million in MKR turning over daily.

Anyone who holds MKR can put up a proposal as a smart contract on the protocol, one that can change any number of parameters.

It would send shockwaves across ethereum and likely if they hold that much MKR, they would lose more in other assets than they would gain in stealing the ETH.The best thing MKR holders who care about securing the protocol can do, according to Kampmann, is stake their MKR on votes.

There are over 16,000 ETH addresses with some MKR, however.