Decentralization is among the most prominent selling points of most major digital currency systems. What this means is that they are not controlled by a single entity or institution, whether they’re a government force or a central bank of some kind. In many cases, people utilize decentralization as a means to keep their transactions private and their security at a grade-A level. These are factors that are usually unattainable for conventional currencies and transactions.
With this in mind, there has been a recurring term used when discussing such subjects about decentralized systems, and that is ‘DAO.’ Now one would think that DAO is just another component in the cryptocurrency system – and in a way that is correct – however, it essentially functions as both a cautionary tale and a lingering ambition that still exists.
The impact DAO has had on cryptocurrency and its users are monumental, and though there is a great amount of infamy that surrounds it, there is a lot that can be learned from it. Not only that, but it also provides insight on a concept that holds plenty of potential; the catch is that it just needs to be carried out much more properly.
What does it mean?
The popular crypto term ‘DAO’ is an acronym for ‘Decentralized Autonomous Organization.’ It originally was a form of venture capital fund, based on open-source code and without any typical form of management structure or board of directors. In order for it to be fully decentralized, the DAO was unaffiliated with any particular nation state. Although having said that, it made use of the Ethereum network in order to function.
There is a great amount of infamy surrounding this title, but before we dive into that, let’s first look into what exactly DAO is.
Mike Hearn, a former Bitcoin contributor, came up with an interesting illustration for this particular system. Imagine a self-operating car without a driver that is cruising around town on the lookout for potential passengers. After dropping a person off, the car then uses its earned profits for a trip to a charging station and except for its original programming, the car does not need any outside assistance to aid in determining how it will carry out its mission.
Using this scenario, Hearn describes how Bitcoin could help in powering leaderless organizations 30 or more years into the future. Furthermore, Hearn’s illustration also outlined a dream case for organizations that are decentralized and autonomous (hence the name DAO), which was a concept that circulated throughout the community not too long following the release of Bitcoin in 2009. The general idea was that if Bitcoin can get rid of the need for a financial middleman, then perhaps there is a chance that companies and other organizations can one day operate without interference from hierarchical management.
To put simply, DAOs aspire to hand-code specific rules that any company would hand-code right off the bat. This could actively set aside a certain percentage of earnings for any given cause or deciding on a process by which such a rule can be modified.
In a way, the entire system can easily be compared to how a standard company functions, with the most notable difference being that the rules and guidelines of normal companies are not imposed in a digital fashion.
The aforementioned infamous situation that attempted to create such an organization occurred in 2016 and has been dubbed by many as the “DAO fiasco.” You can read more about it in one of my past articles called “How to Audit a Smart Contract,” wherein this debacle is used as a way to express the importance of verifying a smart contract. For the sake of providing efficient context for the topic of this article, here is a more condensed look at the infamous blunder that was caused by a single hacker.
The DAO was first announced at the beginning of May of 2016 by a group of Ethereum community members, which at the time was called ‘Genesis DAO.’ As Medium writer, Samuel Falkon, explains, the DAO had a creation period that allowed anyone to send Ether to a unique wallet address in exchange for DAO tokens on a scale of 1 to 100. Fortunately for the developers, “The creation period was an unexpected success as it managed to gather 12.7M Ether (worth around $150M at the time), making it the biggest crowdfund ever. At some point, when Ether was trading at $20, the total Ether from The DAO was worth over $250 million.”
The system looked as though it was off to a great start, but that optimism came to a screeching halt on June 17 later that year. On that day, a hacker discovered a loophole in the coding that gave them the ability to drain funds from the DAO. Within the first few hours of the attack, 3.6 million ETH had been stolen, which was the equivalent of $70 million at the time.
The hacker was able to conduct this attack by “asking” the smart contract (i.e. the DAO) to give the Ether back multiple times before the smart contract could even begin to update its balance. There were two primary issues that made this all possible:
- The fact that when the smart contract was created, the coders did not take into consideration the possibility of a repeated call.
- The fact that the smart contract first sent out the ETH funds and then proceeded to update the balance of the token.
The bug did not come from Ethereum itself but rather was derived from one application that had been built into Ethereum. The code that had originally been written for the DAO had flaws in its system, and the recursive call exploit was evidently one of them.
The stolen funds were returned to their respective owners as promptly as possible, but to do this, a ‘hard fork’ (a radical change that is made to a protocol that creates a divergence from the previous version of the blockchain) needed to be implemented. This was met with vitriol from the users. As Falkon puts it:
“Unsurprisingly, the hack was the beginning of the end for the DAO. The hack itself was contested by many Ethereum users, who argued that the hard fork violated the basic tenets of blockchain technology. To make matters worse, on September 5, 2016, the cryptocurrency exchange Poloniex delisted DAO tokens, with Kraken doing the same in December 2016.”
Just when it was believed that this incident would become a thing of the past and be regarded as nothing more than a misguided effort, the United States Securities and Exchange Commission (SEC) came out and released their ruling on the matter on July 25, 2017. The report had determined that the DAO had sold securities in the guise of tokens on the Ethereum blockchain, which meant that it had violated portions of U.S. securities law.
To quote the report:
“Tokens offered and sold by a “virtual” organization known as “The DAO” were securities and therefore subject to the federal securities laws. The Report confirms that issuers of the distributed ledger or blockchain technology-based securities must register offers and sales of such securities unless a valid exemption applies. Those participating in unregistered offerings also may be liable for violations of the securities laws.”
This, above all else, was what officially solidified the DAO’s catastrophic reputation.
All in all, the project failed on a spectacular level and its existence did not even make it to the one year mark. With that being said, it is a good example of what most – if not all – people have in mind when they are discussing this kind of technology.
The basic plan was for those who are participating to receive DAO tokens and then vote for which projects to finance. For selecting such projects to invest in, it was completely dependent on the ‘wisdom of the crowds.’
There are several ways in which the DAO had intended to improve on the administration of today’s organizations, including the following:
- Any person with access to the Internet could either hold DAO tokens or purchase them.
- DAO creators could establish whatever rules they voted on.
In a way, DAOs operate in a similar manner. They rely heavily on smart contracts, otherwise referred to as pre-programmed rules that describe what is permitted to happen in the system. These smart contracts can be designed and programmed to execute a wide variety of tasks, one of which includes distributing funds after a specific date or whenever a certain amount of voters come to an agreement to fund the project.
Some of those who are in support claim that it can work for an organization where any type of decision needs to be made, not just those that are associated with money. They essentially view this as a way to cryptographically ensure democracy, where stakeholders are able to vote on adding new rules, altering the rules somehow, or even expelling a member; and that is just to name a few examples.
When looking into ‘unstoppable code,’ it becomes easy to understand why the concept could pose a serious security problem. Nowadays, it is difficult to change a DAO or the smart contracts that are supporting it, once it has been released to the Ethereum blockchain. This is considered to be a good thing on account of one person or entity not being able to change the rules, however, it is also susceptible to being a massive disadvantage. If someone were to spot a bug in a functioning DAO, the developers are unable to change anything about the code.
That was the main problem with the DAO 2016 fiasco. Observers were forced to watch the attacker slowly drain the funds and they couldn’t do anything to put a stop to it. Moreover, this was “helped” by the fact that the hacker was following the rules as they had been deployed.
The lead coders working for Ethereum managed to reverse the transaction history so that the funds could be returned to their rightful owners, but that action proved itself to be a controversial decision as it resulted in a rift in the community. As is, the best way to handle a situation similar to this one has not yet been decided on and it is still up to debate.
What’s in store for the future?
The future of DAO does not hold a whole lot of promise, with there being no clear indications that the DAO as it initially was will ever be revived (as of early 2018). Be that as it may, the general interest in decentralized autonomous organizations as a broader group has seen some considerable growth as time passes.
While there exist a number of recurring concerns and potential issues in relation to the legality, the security, and the overall structure, some investors and analysts are of the belief that this particular type of organization will eventually rise up to prominence. In fact, they may end up replacing businesses that have a traditional structure.
Dash, one of the more popular digital currencies (it ranks #15 on the CoinMarketCap at the time of this writing), is a notable example of a decentralized autonomous organization due to the way in which it is controlled and the way its budgeting system is assembled. It is not out of the ordinary for one to speculate that it is only a matter of time before any additional DAOs will be introduced to the field.
As it has become abundantly clear by now, the DAO is a system that indeed holds a great amount of potential. Whether you choose to focus on the fiasco as being the reason it does not hold much water or it is a fantasy that most developers only dream of making a reality, it is difficult the deny the impact it has had on cryptocurrency.
A lot can be drawn from the 2016 failure other than the fact that its a tale of how one tiny blunder can result in the destruction of an entire up and coming system. It teaches a valuable lesson in auditing smart contracts, ensuring security, and it also – as Falkon states – “encouraged blockchain startups to come up with ways of avoiding security registration and federal regulation.”