Background: what is Ethereum?

Ethereum is a cryptocurrency (technically, a decentralized ledger/consensus system, meaning that currency is only one of the applications of this system), similar to Bitcoin. Ethereum is newer and the idea behind it is to make the decentralized consensus system more versatile, to actually make all the other applications of a blockchain easier to implement in practice.

Smart contracts?

Other applications of a blockchain can collectively be referred to as “smart contracts” – other functions that could be implemented on a blockchain, in a secure manner, besides transmission of cryptocurrency tokens. For example a smart contract can perform a reliable ownership tracking, voting or management of equity tokens in a company. Doing this in a crypto-blockchain can have potential advantages compared to the old-fashioned way: no humans to make mistakes or become corrupted in the process of enforcing the contract. (Similarly to how having a currency in a crypto-blockchain, like Bitcoin, has tons of advantages compared to regular currencies.)

Now, Bitcoin itself already supports smart contracts. It has a scripting language in the blockchain which could be programmed to perform other functions than simply transferring currency. However, Bitcoin’s possibility to implement smart contracts is somewhat limited, and in practical terms, Bitcoin has mostly been used only to transfer the currency.

Ethereum has marketed itself as being very friendly to all kinds of smart contracts, and a lot of its development and features have been geared towards making implementations of such contracts practical and viable. At the time of writing (2016), Ethereum has been gaining a lot of momentum during the recent months and it has been objectively regarded as the second most important cryptocurrency system after Bitcoin itself. The price has been around 0.02 ETH/BTC. (Although price of a cryptocurrency alone is a very bad way of judging it, due to how the emission is usually structured, and how it’s different from fiat currencies.)

What is “DAO” and “The DAO”?

“DAO” stands for “Decentralized Autonomous Organization”. It’s basically a type of application (a smart contract system) that can be deployed on the Ethereum network/blockchain. Such an application, instead of simply managing transferring of currency tokens between addresses (like plain Bitcoin does), also manages voting rights of those addresses (which can be owned by individuals or other entities), and “proposals” – specific transactions that can be added to the network, and securely voted on, by the members of this organization. (“Members” meaning simply addresses that own DAO tokens.)

Basically a “DAO” is an attempt to re-create the traditional publicly traded company on the blockchain. It recreates all the usual laws governing such companies (owners of shares have rights to vote, they receive dividends, they can appoint directors, etc…), but instead of using a law framework and a bunch of courts/judges which make up the regular legal system, a DAO uses a set of smart contracts which are cryptographically enforced on the Ethereum blockchain.

A straight-forward usage scenario of a DAO would be to do an IPO of a company, or initial funding of a startup. The public would buy the tokens, and those tokens would give them righta to vote, appoint directors and receive dividends, according to their ownership share.

Basically, “DAO” is a name of a category of Ethereum applications.

“The DAO”, on the other hand, is specifically one of such applications that have been deployed and implemented. Each deployed application has a “token name” on the Ethereum network, and this one is called “TheDAO“.

There are some other DAOs that have been deployed, but TheDAO is by far the only one that is somewhat known, and that has any traction with the investors. The total estimated invested amount is in tens of millions of USD.

If a DAO is simply a crypto-company, what is the purpose of the company TheDAO? Unfortunately it does not seem clear what the exact point is, except for investing in other startups. At this time, “TheDAO” seems to simply be the one crypto-company which has gained most traction, and the main idea driving the interest in it is the fact that it is a decentralized company in itself. The idea that all the investors will simply be voting on which startups to invest in, and based on that, the investor money will be spread out. At this time, no specific voting has been performed yet, and only a couple of proposals have been talked about, all being loosely related to the cryptocurrency-technology field. “The DAO is designed to operate like a venture capital fund empowering it members to fund ethereum projects.”

The specific creators of “TheDAO” seem to be unknown at this time.

The Hack

Potential vulnerabilities, or unintended behaviors of the code, which could be exploited by someone purposefully, can unfortunately find their way into any code, and the implementation of DAOs are no exception. The incident is an example of such a vulnerability. It seems that it is not the codebase of Ethereum itself that is to blame, but the codebase of “TheDAO” and some other DAOs, the code which has been written in the Ethereum scripting language of their blockchain transactions.

What is the nature of the hack? Basically, an unintended consequence of the exact way the “TheDAO” script was written, allows a single participant to “drain” Ethereum tokens from the collected pool of all the investor money to a separate personal pool, which “the attacker” can then use by himself.

Funny enough, the hacker seems to have published a message to the community, stating that he does not see the incident as “theft”, and completely blames the programmers of the hacked contract. The message is very amusing, with quotes of the legal contract text of DAO itself where it says that the only contract that should be regarded enforceable is the one actually programmed in the blockchain.

===== BEGIN SIGNED MESSAGE =====

To the DAO and the Ethereum community, I have carefully examined the code of The DAO and decided to participate after finding the feature where splitting is rewarded with additional ether. I have made use of this feature and have rightfully claimed 3,641,694 ether, and would like to thank the DAO for this reward. It is my understanding that the DAO code contains this feature to promote decentralization and encourage the creation of “child DAOs”. I am disappointed by those who are characterizing the use of this intentional feature as “theft”. I am making use of this explicitly coded feature as per the smart contract terms and my law firm has advised me that my action is fully compliant with United States criminal and tort law. For reference please review the terms of the DAO: “The terms of The DAO Creation are set forth in the smart contract code existing on the Ethereum blockchain at 0xbb9bc244d798123fde783fcc1c72d3bb8c189413. Nothing in this explanation of terms or in any other document or communication may modify or add any additional obligations or guarantees beyond those set forth in The DAO’s code. Any and all explanatory terms or descriptions are merely offered for educational purposes and do not supercede or modify the express terms of The DAO’s code set forth on the blockchain; to the extent you believe there to be any conflict or discrepancy between the descriptions offered here and the functionality of The DAO’s code at 0xbb9bc244d798123fde783fcc1c72d3bb8c189413, The DAO’s code controls and sets forth all terms of The DAO Creation.” A soft or hard fork would amount to seizure of my legitimate and rightful ether, claimed legally through the terms of a smart contract. Such fork would permanently and irrevocably ruin all confidence in not only Ethereum but also the in the field of smart contracts and blockchain technology. Many large Ethereum holders will dump their ether, and developers, researchers, and companies will leave Ethereum. Make no mistake: any fork, soft or hard, will further damage Ethereum and destroy its reputation and appeal. I reserve all rights to take any and all legal action against any accomplices of illegitimate theft, freezing, or seizure of my legitimate ether, and am actively working with my law firm. Those accomplices will be receiving Cease and Desist notices in the mail shortly. I hope this event becomes an valuable learning experience for the Ethereum community and wish you all the best of luck. Yours truly,

“The Attacker”

===== END SIGNED MESSAGE ===== Message Hash (Keccak): 0xaf9e302a664122389d17ee0fa4394d0c24c33236143c1f26faed97ebbd017d0e

Signature: 0x5f91152a2382b4acfdbfe8ad3c6c8cde45f73f6147d39b072c81637fe81006061603908f692dc15a1b6ead217785cf5e07fb496708d129645f3370a28922136a32

So is a smart contract really enforceable?

A lot of what the attacker writes really makes sense. TheDAO has specifically stated that the only rules that are to be considered valid are the ones embedded in the code the of contract. In fact, it is the main premise of the “smart contract”: it has been created to get the power away from the corruptible people who manage contracts in our present day society, to the code, math and cryptography, so that we could be governed by those solid things instead.

If the Ethereum society finally decides to revert the attack, and remove the tokens from “the attacker” (the nature of the code is such that they still have a couple of weeks until the tokens that have been taken can actually be used or withdrawn), and give them back to the pool of investors – well then how is that different from the current system? It would send a clear signal that math and cryptography notwithstanding, it is still up to people to enforce or delete contracts. If so, what is the reason for these smart contracts anyway?

On the other hand, if they decide to let the attacker keep his money, based on logical conclusion that he did actually act in the full accordance with the contract (the actual code of the contract) – then all the investors must also understand that such an event can easily happen in the future, and their funds sent to a DAO, no matter the good intentions of it, can hypothetically be taken by someone who is simply better at programming than the author of the contract code.