When Genius Failed
It was beautiful. The DAO was revolutionary. The DAO was autonomous. The DAO was code. The DAO was rewarding. The DAO was hope. The DAO read like poetry, its mission was “to blaze a new path in business organization for the betterment of its members, existing simultaneously nowhere and everywhere and operating solely with the steadfast iron will of unstoppable code
The DAOs were to be at the center of many economies going forward and intend to be at the forefront of supporting innovative and promising projects, products and services in order to become ‘The DAO’: A flexible decentralized autonomous organization leveraging the wisdom of the crowds to benefit the DAO Token Holders.
The DAO was for-profit DAO that was supposed to diligently use the “ETH under its control to create value and provide benefits to its members while collaborating and improving the decentralised ecosystem as a whole.” The DAO was an organization that consisted only of code. It was entirely based on the blockchain technology and Ethereum platform. The DAO was magic.
Back in May of 2016 The DAO has become the highest funded crowdfunding project in history: it raised almost $160M USD in about three weeks. The world was on fire. The geniuses, Stephan Tual
, Simon Jentzsch and Christoph Jentzsch, were everywhere and they were going to change the world…
Emin Gün Sirer is not your average Joe; he’s a Professor at Cornell, a co-director @ , a system builder “passionate about Dist Sys, OSes, Blockchains, NoSQL, and Bitcoin.” For the purpose of our story, he’s is also a man who, together with Dino Mark and Vlad Zamfir first discovered and identified DAO’s inherit problems, and “called for a Temporary Moratorium on The DAO.”
Only if he was listened to…
Steadfast Iron Will of Unstoppable Code: HACKED
On that fatal June 5th of 2016 Christian Reitwiessner discovered an anti-pattern in Solidity
(Ethereum programing language) which could lead to attacks on smart contracts (later described in a blog post
). And then on June 9th, Peter Vessenes wrote a blog
about Christian’s discovery. At this point the general Ethereum developer community was aware of this issue. A few days later, Maker DAO (who was also affected) hacked themselves
and syphoned their code’s funds into a safe multisig. On June 12th, Eththrowa announced he had found this same antipattern in the DAO, in the reward section of the code. The framework was promptly patched
within hours but the deployed codebase could of course not be changed this fast.
This discovery affected only the reward mechanism, which led to the infamous “no-funds-at-risk” post, as a workaround was available. We started moving forward towards an update of the DAO code , a cumbersome process which required a 2 week voting time and a majority of the token holders to vote.
For whatever reason, Christoph Jentzsch wrote, “we failed to see a similar exploit in the splitDAO function — as did everyone else, except of course for the attacker.”
On the 17th of June, the attacker withdrew around 3.5M ETH (~50M$) from the DAO and into a child DAO. Thus, started the long and difficult fight to recover the funds…
… When Genius Failed 2 entered its last phase…