Up until it collapsed, The DAO represented the highest technological achievement – and the coming wave of innovation – that the Ethereum blockchain has enabled.
The smart contract and blockchain were interlinked ideas. In Vitalik Buterin’s early writings detailing the network of computers that would become Ethereum, the world’s second largest by blockchain by market cap but largest by developer activity, he put forward the idea of fully decentralized, autonomous corporations or organizations (or, DACs and DAOs).
The DAO, which got that name for being the first encoded version of the concept, was the proving ground that the disruptive world of venture capitalism could itself be disrupted. Approximately $150 million in ether was contributed to the project, and more than 50 projects were teed up to possibly be funded by a smart contract that no one person owned.
Then it was attacked. On a Friday morning in June 2016, a still-anonymous hacker (or hackers) exploited a vulnerability in the code and confiscated tens of millions of dollars in cryptocurrency. Copycats soon followed. Investors withdrew their funds, a “dark DAO” was spun up to protect the remaining and a serious debate raged over when it might be appropriate to hard fork or roll back events on a blockchain.
Four years after The DAO hack, Matthew Leising, a veteran Bloomberg News reporter, is unsure of what it all meant. The obvious lessons around market exuberance and security went mostly unheeded, as evidenced by the ICO bubble that popped years ago and rise of DeFi today.
“It goes back to the vision Vitalik laid out for a decentralized platform where people could do whatever they want,” Leising said. “When you give people that flexibility and creative license, you’re going to get crazy projects.”
In his latest book, “Out of the Ether: The Amazing Story of Ethereum and the $55 Million Heist That Almost Destroyed It All,” Leising traces the events leading up to and following the pivotal moment (excerpt here). CoinDesk caught up with him to discuss The DAO’s legacy and what Leising thinks will come next in blockchain.
What do you think the most lasting legacy of the DAO hack has been?
I think it had a short living effect. At the time, I think people realized that the smart contract should have been capped, that it shouldn’t have been allowed to grow to $150 million in ether, especially for being so new. Ethereum was only a year old at that time. There should have been some emergency stop button or safety hatch, to some way take control if anything went wrong.
I love the idea of decentralized governance, but when you’re writing in a language like Solidity, which was also less than a year old, you have to have a failsafe. Especially considering the amount of bugs that were already found in The DAO before the hack.
When you’re dealing with other people’s money – you have to be careful. I wish I could say these lessons were learned, I don’t think they have. I think we’re seeing the same mistakes made in DeFi now. The money sloshing around is just insane. It’s even worse in some respects, with people announcing they haven’t audited the code.
At least with The DAO they did security audits, but there were still problems. When you compile in a language like Solidity, you’re going to have problems. There needs to be much more vetting when these projects come out so real people don’t lose money.
This seems like it gets to the fundamental enthusiasm in crypto. People are attracted to risk and volatility.
You definitely can’t cap enthusiasm, and I don’t think you’d want to. It goes back to the vision Vitalik laid out for a decentralized platform where people could do whatever they want. When you give people that flexibility and creative license, you’re going to get crazy projects. The only thing you can do about it is to not participate.
I think interesting things are being done to address this issue. Fabian Vogelsteller is exploring “reversible ICOs.” He’s the guy that wrote the ERC-20 code that allowed for ICOs, and is now trying to address that. He’s created a fundraising mechanism that allows people to pull their money out whenever they want. So it’s not like you dump ETH in a pool and the dev team can go out and buy lambos.
I’d trust someone like Fabian over some anonymous guy like Sushi Chef. These are questions you have to ask. Who are the people behind the project? Are they known quantities? Have they been in Ethereum for a while or are they coming out of the woodwork?
Read More: Did Ethereum Learn Anything From the $55M DAO Attack?