The Decentralized Autonomous Organization is a venture capital firm, like Andreessen Horowitz or Kleiner Perkins. It chooses new ideas and businesses to invest in. But the DAO isn't run by rich white Silicon Valley dudes. It's run by a network of machines that operate according to the same basic principles that drive the bitcoin digital currency. If you put money into the DAO, these machines let you vote on which new ideas it should invest in. The more money you put in, the more votes you get.

By the time the deadline for investing in the DAO arrived late last month, about 10,000 people had anonymously poured more than $168 million into this new online creation. That makes it the largest crowdfunded project ever. Now, it's time for the DAO to start accepting pitches for all those anonymous people to vote on, bringing a new kind of democracy to the iconic flavor of capitalism that delivers so much modern technology.

Just one problem: So far, all the pitches are suggestions for changing the DAO.

A few hours before the investing deadline, a group of computer scientists described what they believe are fundamental flaws in the DAO, both security holes and flaws that discourage participants from voting honestly. The group called for a moratorium on pitches, and now, the DAO is effectively on hold as the community decides whether these flaws exist and how to fix them.

For sure, even some of the DAO's biggest critics say it's a wonderful idea—a way of eliminating the kind of good ol' boy network that often drives not only VC firms but so many other kinds of corporations. But like so many projects that have sprung from the ingenious, decentralized creation that is bitcoin, the DAO is still very much a work in progress, a technology run by an insular community that's still a long way from changing the world. "The DAO represents a promise and a dream," says Emin Gün Sirer, a Cornell researcher in self-organizing systems like cryptocurrencies and the "smart contracts" that underpin the DAO. He's also a co-author of the paper that laid out the flaws. "The question is: Will it be up to snuff? Will it uphold that dream?"

Trying to build companies in an entirely new way doesn't come without risk. But no one expected the DAO to raise $168 million. That's risk on an enormous scale. "This was very sloppily done and hastily done," says Patrick Murck, a lawyer and fellow at the Berkman Center for Internet & Society at Harvard University. "That's unfortunate, because there is definitely something to the idea."

Anatomy of The DAO

Yes, this is an insular community. The DAO is based on Ethereum, an online system billed as an improved version of bitcoin, and many of the prominent figures in the Ethereum community are also working on the DAO, including some of the "curators" who decide which pitches get sent to the community. What's more, the project was created by European company, Slock.it, that hopes to use it to fund a separate project involving Ethereum and "the Internet of Things." When the first real pitch comes in on the DAO, it will be from Slock.it.

But first, the community has to fix it. Sirer says the DAO's biggest problem is that it doesn't encourage honest voting on new pitches. When a pitch comes in—asking for a certain amount of funds for a particular project and promising a certain return for each community member—anyone in the community can vote yes or no, or abstain. If you've invested more money, your votes carry more weight. The trouble, Sirer and his co-authors argue, is that voting on a project also freezes funds you've put into the DAO—even if you vote no. You can't withdraw funds while a vote is in progress, and if voters approve a project, that's where your funds go, regardless of how you voted. So if you don't believe in a project, you're better off abstaining than voting no.

In theory, software developers could build any kind company in this decentralized way.

As a result, all projects are more likely to gain approval—people just won't have the incentive to vote no. "It's biased toward funding," Sirer says. "That makes the DAO a very dangerous vehicle."

Now Vlad Zamfir, one of Sirer's co-authors and a prominent member of the Ethereum community, is helping pump the brakes on the DAO. Zamfir is one of the system's curators, chosen by Slock.it engineers to "whitelist" pitches before they go before the broader community. Zamfir is calling on all curators to refrain from whitelisting until the DAO's makers solve any fundamental flaws. But fixing the DAO would have to be every bit as democratic as investing with it. And democracy is messy.

Democratic Disarray

Like bitcoin, the DAO is open source. The code runs across a network of independent machines, and anyone can change the code, provided the community agrees to the changes. A majority of the DAO's "voting power" must vote to approve a particular change, with voting power determined by how much money a voter has invested. That is part of the power of the system. "I appreciate so many people looking at this—because so much money was raised," says Christoph Jentzsch, the CEO of Slock.it and one of the original authors of the code.

About half of the $168 million came from about 70 addresses.

But that kind of collectivism can also be a real hindrance. The bitcoin project itself has experienced enormous tumult—with one prominent community member calling it "a failure"—because contributors to the code couldn't agree on the project's direction.

Jentzsch says that changes to the DAO could happen fairly quickly—that the community just needs to agree on what should happen. But Sirer believes months or even years could go by. Predicting the outcome is difficult, since no one really knows who has poured so much money into the DAO or what their motivations are. Investments arrived from about 22,500 different Internet addresses, but the same people could be using multiple address. Jentzsch guesses about 10,000 individual investors in all have contributed to the project. A few individuals seem to have an especially great interest in the project: About half of the $168 million came from around 70 addresses.

The DAO's Insecurities

But even if the DAO overcomes flaws in its structure and code, it still has other problems. Like, it might be illegal. Murck, the Harvard lawyer, says that the DAO is trading in securities and that it hasn't received proper approval from regulatory bodies like the Securities and Exchange Administration. "There is clearly a concern when it comes to securities law," he says. "I don't think the SEC would have trouble attaching liability to someone involved." That liability might not be limited to Jentzsch and the other creators of the DAO, but also extend to curators and even investors.

That doesn't bother Jentzsch. While acknowledging that he's not a lawyer, he argues that shares in the DAO are not securities. And it doesn't bother Paolo Anziano, who has invested the equivalent of $7,000 in the project. "This is technology that will change the shape of the financial process," he says.

But like the other apparent flaws in the DAO, legal uncertainty could keep this big idea from spreading. Like a lot of other self-organizing systems, the DAO just isn't that well-organized. At least, not yet.

Correction: This story orginally said that DAO token holders could not simultaneously vote on multiple projecys. They can.