Categories
Follow up

The 2016 DAO Hack

In more follow up from our most recent show, I’m going to explain at a high level what Nick and I were referring to in regards to the 2016 DAO hack.

A DAO is a decentralized autonomous organization. In the case of the 2016 DAO hack, the people who created it saw it is an investment fund with no central control. Anybody that put money in could have a say in which companies to invest in, and the more you invested the more weight your vote would have in the direction this decentralized “company” would go.

This was all to run on Ethereum, a network built for apps that have no central control. Vitalik Buterin is the founder of Ethereum and had the vision of building decentralized applications that would allow for a democratic financial institution that would be difficult, if not impossible, to regulate.

On April 30 2016 the now infamous DAO Stock.it deployed allowing governance by investors. All funds were pooled with people who owned tokens earning the ability to submit proposals to fund a project by using the DAO’s funds. A curator of these different proposals would examen the proposal. This curator is someone that the Ethereum community would have selected beforehand, and if the curator signed off on a proposal, then at that point investors vote on it, and if 20% say go then the DAO sends Eth to the smart contract. Any Eth gained by that proposal is given to investors.

In May 2016 there was an initial offering that required Eth owners to invest Eth in order to be an investor and in exchange earn 100 DAO tokens for each Eth supplied. Eth owners poured in their coins to the tune of $150 million USD becoming the largest crowdfunding event at that time.

The protocol had a built in way for minority “owners” to back out of a proposal they didn’t want to be a part of by removing their Eth from the DAO and going into a new DAO, or child DAO, with similar abilities and restrictions. Any owner of a token could start that process but it required 7 days of debate time.

All of this is done in code – again no regulatory body managing this. This is the spirit of DeFi, a way to invest money while circumventing traditional financial regulations. If the code is done right, then everyone has a fair chance, and no single entity has a better opportunity than anyone else, AS LONG AS THE CODE IS GOOD. That is a big if in the DeFi space.

In the case of the 2016 DAO hack, there was a bug that allowed for the Eth to be taken back before the balance would be updated. A hacker figured out a way get funds back over and over again before the code bothered to check the balance and this hacker pulled out 3.6 million Eth.

The Ethereum community had 27 days to respond because of the way that smart contract was written. They had a few different options and chose in the end to do a hard fork on July 20th. This is when Ethereum classic came to be as some people running mining machines chose to continue with the old protocols.

There are not enough participants in the Ethereum Classic community to prevent 51% attacks… And there is still plenty of money in Ethereum classic. In my opinion it is a dead project, but the only way for it to completely go down is for developers to back out, and for owners to sell their ETC and that doesn’t seem like it is going to happen. In the meantime, the protocol will continue to experience attacks.

Leave a Reply

Your email address will not be published. Required fields are marked *