The DAO was hacked on 17 June 2016. The Ethereum Community voted for thesoft forkproposed by the Ethereum Foundation only to abort it due to a denial of service vulnerability. A hard fork is now widely viewed as the best approach to recover the ‘stolen’ funds. The DarkDAO is subject to a 27 day holding period under the terms of the DAO Ethereum contract. This will prevent the DarkDAO from being drained until 27 days after 17 June 2016. I have not confirmed the exact moment (UTC/Zulu) at which the DarkDAO will be released from this restraint.
It is heartbreaking for me to read the posts of Lefteris Karapetsas, Christoph Jentzsch and Vitalik Buterin. This is an escalating crisis with no good solution. A coding failure has caused the Ethereum Foundation and Vitalik Buterin to spend their reputational capital in an attempt to make DAO token holders whole again. I am not an attorney, however the Slock.it team, the DAO curators, and the Ethereum Foundation members are potentially exposing themselves to personal liability with respect to the DAO.
Slock.it is a private company and their association with the DAO is perfectly justifiable. For-profit companies experiment, push the limits, are bold, and occasionally fail. That is how we advance. If Slock.it and the wider Ethereum community want to build a DAO and permit it to collect millions of ether on the Homestead release of Ethereum; it is risky, but that is OK. The Ethereum Foundation has demonstrated that it is willing to participate in the recovery of the ether sequestered in the DarkDAO by proposing,enabling and directing changes to the underlying Ethereum state transition machine.
The jury is still out on the hard fork, however it is fascinating to witness the development of specific prediction markets at fairlay and betmoose directly focused on this question. A survey where the majority were holders of ether (91.19%) and/or DAO tokens (50.1%) was published on 23 June 2016. The DAO community appears to support “a Hard or Soft fork that would retrieve Ether from the “Dark DAO” to return back to “The DAO?””. It is now crunch time. If the community wishes to move forward with a successful hard fork, time is running out. Haste nearly led to a flawed soft fork. Extreme caution will have to be exercised if the community decides to roll out a hard fork. The current hard fork (described as elegant) proposes to:
Move all funds from contracts with the code hash 7278d050619a624f84f51987149ddb439cdaadfba5966f7cfaea7ad44340a4ba to a new contract “RefundDAO” (we can loop through the proposal list in the main DAO to find all split DAOs)
replace the contract at the main DAO with a simple refund contract with only one function. This function takes one parameter (address of childDAO), to determine a combined balance of mainDAO and childDAO and then pays back ether accordingly (in order to also pay back DAO token holders who did already split)
The community has the reigns in their hands. Consequences are not always predictable. The community will decide.
Code != Law, i.e. [ is not ]
Code is Law was overstated in Code is Cruel. The inspiration for using Lawrence Lessig’s phrase comes from the overwhelming evidence that the DAO and Ethereum communities had full knowledge of the risks and benefits and had accepted to be governed by the deterministic nature of the EVM and the actual code of the DAO smart contract with all of its stated (not implied) risks as published in the DAO terms. It was a noble experiment in which the community, in a self imposed manner, opted to treat Code as Law in the form of an autonomous DAO. That apparently was not the case.
On the technical matter of Code is Law, many attorneys have commented that Code is not Law, i.e. [ != ]. Pamela Morgan and Rueben Bramanathan have elaborated on the topic. The legal status of the DAO and its participants is unclear, however the legal, regulatory and judicial community will certainly develop approaches to these novel organizations ‘governed’ by code to which future DAOs will be subject. Other than caution, regulators have expressed few opinions, but they are watching closely. The voluntary and arbitrary departure from the terms of the DAO may ironically expose individuals to personal liability and legal pursuit in possibly many jurisdictions. Under the DAO terms, no safeguard or guarantee of DAO tokens was offered. Certainly, no insurance was offered by the Ethereum Foundation. This is however what a fork offers clearly outside the published terms of the DAO and the stated goals of the Ethereum Foundation. The fact that the Ethereum Foundation was itself a crowd funded organization may force additional considerations.
Technically the fork does not alter the Ethereum Blockchain, but …
There are obvious technical differences between the Bitcoin Blockchain and the Ethereum Blockchain. What the community is proposing is technically neither a rollback of the blockchain, or a formal bailout of the DAO with newly generated ether. It is however without a doubt effectively asset seizure & asset forfeiture. The proposed changes instruct the Ethereum transition state machine to ignore select prior transactions and to replace a previously deployed faulty smart contract with a benign version as Ethereum’s present internal state is determined. In Ethereum, present state is held as balances and contracts in a ledger maintained separately from the chronologically recorded history of transactions in its blockchain. This has enormous implications and is a fundamental difference when compared to Bitcoin. Rollbacks, bailouts, and immutability in the Ethereum ecosystem are simple questions that do not address the more complex issues at hand. Changing Ethereum’s internal state without altering its blockchain should not be nonchalantly passed off as not disturbing the immutability of the Ethereum Blockchain. It is a much more complex question.
Proof of Stake must be ready to live in a cruel world
The possibility that 3.64 million ether could unjustly remain in the hands of an unscrupulous entity calls into question the prudence of the plan to transition from proof of work to proof of stake. This has profound implications for the continued evolution of the Ethereum network. This is especially important since the future scalability and performance of the network is tied to sharding and the implementation of proof of stake. Forfeiting the 3.64 million ether would effectively allow the ‘thief’ to have more votes than they ‘deserve’. This may be an important motivation for the Ethereum Foundation with respect to recovering ether from the DarkDAO. There is a valid argument in trying to preserve their development roadmap. The only question: What happens when the next hack occurs?
Smart Contract Development
Considerable effort will have to be expended to advance the art and science of Smart Contract Development. Solidity the smart contract language which compiles to the actual EVM bytecode is not entirely intuitive and is prone to producing EVM bytecode which does not behave as expected. I am sure that we will discover bugs in the EVM, but that was not the case with the DAO crisis. Serpent, Mutan and LLL are other high level smart contract programming languages which may have resulted in different bugs. What is clear is that the finished bytecode is what matters and in this case, the EVM was not faulty.
Today we are learning the hard lessons that smart contract code must behave predictably and deterministically. This requires programming tools and environments that prevent code with faulty logic from being deployed. Beyond the purely technical issues, it is my sense that a set of best practices must be developed with respect to smart contract design. These best practices must incorporate features of game theory, legal theory/practice, and software design.
Future smart contract design will need to take legal, regulatory and liability concerns into account. They must be designed to co-exist with the law and not to supercede it until the law evolves. I suspect that when smart contracts are deployed in critical applications, regulators will take great interest before deployment and will demand sound code which behaves as expected. Finally, I expect that the most important development following the failure of the DAO will be the establishment of new area of academic research, field of study, and profession dedicated to smart contract engineering cognizant of the legal, programming and game theoretical concerns surrounding smart contracts.
I doubt that smart contracts will again be let loose into the wild again with all of their potential unintended consequences. Having stated this, Ethereum is meant to be uncensorable. Anyone can deploy any smart contract they want. Collectively, I hope we will be smarter about the risks and potential mismatches between implementation and intent. Kill switches, abort switches, reset switches and escape hatches with the prudent use of variables as well as an ability to manually and/or autonomously amend the behaviour of a deployed smart contract will be necessary. A certification process for smart contract soundness is on the horizon. No municipality would allow an architect to build a bridge or a skyscraper without a structural engineer first agreeing that the design obeys the laws of physics and is not likely to fail.
There are many valid interests and views within the Ethereum community. The primary motivation for the proposed forks is to recover the ether temporarily locked in the DarkDAO with the result of making DAO token holders whole again. The planned transition of Ethereum from proof of work to proof of stake has been complicated by the DAO crisis. The Ethereum Foundation appears to be prepared to propose and enable forks intended to recover ether from the DarkDAO which may also be motivated by preserving the transition to proof of stake. The DAO smart contract bytecode, not the EVM, is responsible for this crisis. The community has demonstrated a willingness to seize assets and effectively reverse transactions in the Ethereum ecosystem.
The DAO and Ethereum are fascinating experiments. A more conservative approach to Ethereum and the deployment of smart contracts is likely prudent. There is risk in an immature system (Homestead), in a new field of science (smart contracts). We are still learning and will continue to learn. I know that the Bitcoin Community is watching carefully. How many rockets did we lose before putting our first satellite into stable orbit? It might be early for manned space travel.
It is surprising to me how effectively the DAO community has driven the narrative. At the time of writing, there were 81,641,905.19 total ether in circulation. Of that, approximately 11.6 million ether (14.2%) are caught in the DAO crisis. I am simply amazed that the fate of 14.2% of circulating ether (a percentage that will continue to shrink as new ether are mined) can steer the future of the entire Ethereum project. Ironically, perhaps the transition to proof of stake is overdue. We might have a better sense of what consensus truly is. I can not explain the relative silence of the 85% of ether holders that hold no DAO tokens. The ether(+)DAO(-) community needs to be more forceful and vocal in order to be heard and to have their interests considered, otherwise the entire narrative will continue to be driven by what is overwhelmingly the DAO community.
I think Ethereum’s smart contract platform will probably survive, however the concept of ether as a store of value must be questioned if Ethereum’s internal state can be altered by any exogenous means. History and how it determines the present can not normally be changed in the real world. To state it another way, history determines the present. Ignoring the past is usually is not an option. A fork will prove this is possible in Ethereum! The Ethereum mission statement should be re-written with a more modest set of goals. In my view, Ethereum has always been primarily a smart contract platform with a utilitarian token (ether). As a result, I have always had difficulty fully accepting ether as a store of value. I remain excited by Ethereum as a smart contract platform. Ether as a robust store of value is now less certain.
Below are snippets from the Ethereum Foundation’s home page and the DAO terms:
The terms of The DAO Creation are set forth in the smart contract code existing on the Ethereum blockchain at 0xbb9bc244d798123fde783fcc1c72d3bb8c189413. Nothing in this explanation of terms or in any other document or communication may modify or add any additional obligations or guarantees beyond those set forth in The DAO’s code. Any and all explanatory terms or descriptions are merely offered for educational purposes and do not supercede or modify the express terms of The DAO’s code set forth on the blockchain; to the extent you believe there to be any conflict or discrepancy between the descriptions offered here and the functionality of The DAO’s code at 0xbb9bc244d798123fde783fcc1c72d3bb8c189413, The DAO’s code controls and sets forth all terms of The DAO Creation.
When you click the “I Accept” button or check box presented with the terms you are agreeing that you are taking part in The DAO’s Creation under the terms set forth in The DAO’s smart contract code at your own risk.
The DAO’s smart contract code governs the Creation of DAO tokens and supercede any public statements about The DAO’s Creation made by third parties or individuals associated with The DAO, past, present and future. The software code currently available at https://github.com/slockit/dao is the sole source for the terms under which DAO tokens may be created.
The Creation of DAO tokens carries with it significant risk. Prior to Creating DAO tokens, carefully consider the exemplary and non-exhaustive list of risks set forth below and, to the extent necessary, consult a lawyer, accountant, and/or tax professionals prior to Creating DAO tokens.
Risk of Security Weaknesses in The DAO’s Software
The DAO concept is both experimental in nature and unproven. There is a risk that, as an open source project, any contributor to The DAO’s software could introduce weaknesses or bugs into the DAO software, causing the loss of DAO tokens or ETH in one or more or even all of the DAO Token Holder’s accounts.
Risk of Weakness in the DAO underlying blockchain, and/or Ethereum Network
The DAO software is itself based on an unproven platform: the Ethereum blockchain. There is a risk that, as an open source project, any contributor to the Ethereum blockchain could introduce weaknesses or bugs into the Ethereum software, causing the loss of DAO tokens or ETH in one or more or even all of the DAO Token Holder’s accounts.
Risk of unforeseen attack vectors
The field of Digital Cryptography is very new and for this reason, there is a risk of unforeseen attack both in terms of the underlying cryptographic protocol that back the functioning of the DAO as well as ‘game theory’ related vectors which have not been documented to date. Both these vectors represent a risk that could lead the loss of DAO tokens or ETH in one or more or even all of the DAO Token Holder’s accounts.
Blockchain technology and Ethereum are allowing new forms of interactions between individuals and/or companies, some of them are still to be imagined and implemented. Like with the appearance of cryptocurrencies such as Bitcoin, it is very likely that specific regulations will be set in different jurisdictions targeting blockchain technology and more specifically DAOs. These regulations may or may not be DAO friendly and some might even forbid any relationships between an individual or company and a DAO.
Consensus Ledgers, Digital Assets & Smart Contracts・Former Accenture Health & Financial Services Business Consultant・Certified Bitcoin Professional (CBP) ・MSc in Digital Currency from the University of Nicosia ・Doctor of Philosophy from the University of Oxford・Doctor of Medicine from McGill University・Bachelor of Arts from Duquesne University・Surgeon・Broad international experience in healthcare, research & industry・Strong information technology background・Proud e-Resident of Estonia・Based in Germany & USA