The DAO Hack and the Hard Fork of the Ethereum network – Part 1

DAO is short for decentralized autonomous organization. In a way, the bitcoin network is a DAO. Generally speaking, a DAO is an organization for which a group of people writes software that explains how the organization or the network will run. Then, there’s an initial funding or mining period, during which users invest their resources, be it financial or computing, into a stake in the organization. With the bitcoin network, miners keep obtaining their stake in the network by mining bitcoins. It is also possible to buy or earn bitcoins. Purchasing coins with a regular currency is fundamentally exchanging one type of resource for a different type of resource, a stake in the digital network.

The Ethereum network was funded in a different way. It was funded via an initial crowdsale. However, the principle behind a crowdsale is the same as the principle behind mining: an exchange of one resource into a different resource.

Once the funding period is over, the DAO begins its operations. People can influence the DAO by engaging in transactions. Members of the DAO can vote to approve the proposals. On the bitcoin network, this works by people sending funds directly to each other and miners including the records about the transactions into the blocks that they mine.

Mining of ethers on the Ethereum network works in the same way.

Both financial records for the organization and the rules of the operations of the organization become a part of the blockchain, which means that a DAO has all the benefits of blockchain technology and is fully transparent, decentralized and immune to fraud. A DAO is an organization that doesn’t depend on any particular state, currency or group of people. At the same time, ownership of tokens is different from owning shares in a company. No one owns a DAO. A DAO is software that doesn’t belong to anyone and runs on a decentralized blockchain network.

Most decentralized organizations that are coming into existence currently, do so on the Ethereum network because the network has functionality that allows creation of smart contracts.

The DAO (“The DAO” is a name of a certain DAO) was one of the largest-ever initial coin offerings on the Ethereum network. The DAO was a proposal for a decentralized transparent venture-capital fund by a German technology company Slock.it. The goal of the DAO was to create a new business model to organize both for-profit and non-profit organizations. To fund the development of The DAO project, its organizers ran a crowdsale. The sale started on April 30, 2016 and lasted for 28 days. At the time, the crowdsale became the biggest in the history of the Ethereum network. The creators of The DAO raised over $100 million is just two weeks and by the end of the fundraising period they have collected over $150 million in total from over 10,000 people. This was much more that the founders expected, which was one of the reasons why they have kept all the funds in just one address, which is never a good idea for such a large amount of money from such a large group of people.

During the crowdsale, several experts voiced their concerns about the security vulnerabilities of the code of The DAO. When the crowdsale ended, there have been a lot of discussions about such vulnerabilities and one of the creators of The DAO said that there was indeed a flaw in the code but no collected funds were at risk, which later turned out not to be the case.

Exploiting a vulnerability in the code, (a hacker or a group of hackers) managed to move over $3.5 million of ether tokens from The DAO into a “child DAO” that had a structure absolutely identical to The DAO, causing the price of ether drop by about 35%, from $20 to $13. Several people wanted to collect enough votes within the structure of The DAO to prevent more funds from leaving the project, but they were not able to get the votes as quickly as needed.

Because the child DAO that received the funds had the same structure as the original project, the funds had to stay within the child DAO for 28 days, which was the original funding period for The DAO. Everyone could see the funds in the child DAO, but no one, including the attackers, could withdraw them. This doesn’t mean that the attackers didn’t profit from the incident. It is quite possible that they’ve made bets on ether going down in price significantly after the hack, which was easy to predict because they were behind the hack, and made a lot of money this way.

Being the biggest crowdsale on the Ethereum platform at the time, The DAO contained about 15% of all the ether coins that existed on the platform at the time. This meant that a failure of the project would have a very negative impact on the Ethereum network and community as a whole.