Securing the Assets of Decentralized Applications using Financial Derivatives (DRAFT).

Ethereum contracts can be designed to function as fully decentralized applications called DAPPs. Many DAPPs have already been fielded, including an online marketplace, a role playing game, a prediction market, and an Internet service provider. Unfortunately, DAPPs can be hacked, and the assets they control can be stolen. A recent attack on an Ethereum decentralized application called The DAO demonstrated that smart contract bugs are more than an academic concern. Ether worth tens of millions of US dollars was extracted by an attacker from The DAO, sending the value of its tokens and the overall exchange price of ether tumbling. We present a market-based technique for insuring the ether holdings of a DAPP using futures contracts indexed by the trade price of ether for DAPP tokens. Under fairly general circumstances, our technique is capable of recovering the majority of ether lost from theft with high probability even when all of the ether holdings are stolen; and the only cost to DAPP token holders is an adjustable ether withdrawal fee. If the probability of a margin call in $d$ days is $p$ for a futures contract with 20 times leverage, then our approach will allow for the recovery of half the stolen ether with probability $p$ and a withdrawal fee of 5%. A higher withdrawal fee of 25% allows for more than 80% of the ether to be recovered with probability $p$.