Monday marked the eight-year anniversary of the infamous “DAO attack,” which was perhaps the most significant hack, if not the first, in the cryptocurrency industry. This laid the foundation for many regulatory interpretations of the industry through the Security and Exchange Commission’s “DAO Report.” Ethereum ETH
+4.30%
Community autonomy (via hard fork).
“It was a defining moment for Ethereum,” Gabriel Shapiro, cryptocurrency law expert and founder of the MetaLeX protocol, told The Block. “Other chains haven’t really been tested similarly, or when they have been tested they haven’t responded in a way that solidifies the community and instead divided it.”
Simply put, the DAO attack of June 17, 2016 helped establish what Ethereum co-founder Vitalik Buterin envisions as a “social layer” for Ethereum. Collective group of network participants A person who supports and defines the priorities of the network. This manifested itself in the decision to hardfork the blockchain, a required, backwards-incompatible update, to recover approximately 4 million stolen ether (ETH), worth about $50 million at the time.
How the Attack Happened
DAO, the first version of a decentralized autonomous organization, was conceived and set up by the team at German smart contract startup Slock.it as a new way to invest in cryptocurrency startups.
More than $150 million in Ethereum was raised, and more than 50 projects were expected to receive funding from this decentralized investment vehicle, controlled by a smart contract owned by none of its 11,000 backers. By the end of the 28-day window to invest in the project, the DAO controlled approximately 15% of all circulating ETH. The attack itself reduced the price of ETH from $20 to $13 and created a wave of cynicism.
Until its failure, the DAO represented that Ethereum’s highest ideals could be encoded into a viable project and signaled a coming wave of innovation.
The irony is that the vulnerabilities that ultimately brought down the DAO were well known and about to be fixed. Several coders who independently audited the code found the following issues: “recursive call” Smart contracts may run out of funds. A potential fix was proposed on June 14, just three days before the attack, but developers failed to implement it in time.
By June 18, the attacker, whom author Laura Shin claimed was TenX’s former CEO Toby Hoenisch, had siphoned off nearly a third of the project’s funds into accounts he controlled. During the two-day attack, the Ethereum community considered ways to mitigate the damage and stop the exploit.
ideological struggle
On the day of the attack, Vitalik Buterin suggested a potential solution that could help alleviate those fears. In what could be described as a one-time fix for a one-time event, Buterin proposed a “soft fork” update to the Ethereum code that would maintain records on the blockchain while essentially blocking attackers from accessing their funds.
But on the other side of the debate were people like Slock. This is Stephan Tual. Ethereum chain hard fork To recover all stolen funds.
Attacker’s own third view open letter, he argued that the attack itself was valid because he simply used the code as written. He wrote that any attempt to roll back the chain or suspend funds would be “theft” of his property and “change” the protocol rules.
Both proposals for a soft fork or an Ethereum hard fork, to some extent, challenged the idea of blockchain immutability, but presented different interests. While Buterin’s plan, and by extension the Ethereum Foundation, essentially privileged the protocol over users, the hard fork was an attempt to fully reward early adopters of the new network.
In other words, serious questions have been raised about whether decentralized apps should be bailed out at the expense of their founding community spirit. But there were also pragmatic arguments, considering that Ethereum was still finding its footing at the time and an attack of this scale could derail the project.
Finally, on July 20, 2016, a hard fork proposal was submitted to ETH holders and passed with 85% of the votes. Ethereum will return to the state it was in before the DAO attack. This was the first time this situation had occurred and challenged the idea that code should determine how blockchain networks are governed.
“The DAO hack is important because it exposes suppressed truths about blockchain immutability. In extreme situations, if there is enough consensus, the social layer can ultimately overturn the technical layer,” Paul Dylan-Ennis, a lecturer at University College Dublin, told The Block.
Lex Sokolin, partner at Generative Ventures and former chief economist at Consensys, said in response to the DAO attack that “the technology is still a tool to be used by the community,” emphasizing that it is “subject to user demand and tribal consensus.” This point was refuted.
Legal and regulatory consequences
As a first-of-its-kind operation, The DAO was operating in a gray area at best. Everything changed after the attack. About a year after Ethereum’s hard fork, the U.S. Securities and Exchange Commission (SEC) issued a report, now colloquially known as the “DAO Report”, finding that crowdsales violated securities laws.
Although the agency took no enforcement action at the time, this report became the basis for much of the SEC’s interpretation of ICOs and token launches. For example, SEC Commissioner Hester Peirce said: said At the time, the DAO report’s analysis pushed back the chances of passage of specific cryptocurrency legislation by about a decade by giving the securities watchdog broad powers to oversee the industry.
“The DAO attack was very instrumental in shaping Gensler’s (and SEC Chairman Gary’s) belief that there was a need for securities regulation of cryptocurrencies,” University of Kentucky law professor Brian Frye told The Block.
It’s still echoing
Sokolin noted that given that “a product without a community is dead,” it makes sense for decisions about how the blockchain ecosystem will develop to be in the hands of the community. A core tenet of the industry is “permissionless,” that is, the ability for anyone to access or fork the system. Ultimately, a successful project is one that is adopted.
“Another evolution of this is the vampire attack attempts from Uniswap/SushiSwap and the early days of DeFi. The ability to fork a protocol as an economic protest rather than a moral protest turns it into a repeatable playbook,” Sokolin added. Sushi noted that it started out as an alternative version of Uniswap with governance tokens that empower the community.
Likewise, JokeRace founder David Phelps said the response to the DAO attack helped prove that code is not always law in cryptocurrency. He said Celestia’s “focus on data availability blockchain is: social agreement” And the rebuilding of the platform Eigenlayer “Intersubjectivity” These are two ways to allow the community to decide how the platform is developed.
However, not everyone is happy with the current situation. Perennial Crypto Twitter gadfly Gwart argued that the only true way to understand where the opinions of the community lie is to see where they invest. “A lot of people don’t really agree with the whole premise of social classes,” he said. “Even if it exists objectively.”
It is certainly debatable whether Ethereum should ultimately be governed by code or by the community. Either way, the DAO attack raised questions.
Disclaimer: The Block is an independent media outlet delivering news, research and data. As of November 2023, Foresight Ventures is a majority investor in The Block. Foresight Ventures invests in other companies in the cryptocurrency space. Cryptocurrency exchange Bitget is an anchor LP of Foresight Ventures. The Block continues to operate independently to provide objective, impactful and timely information about the cryptocurrency industry. Below are our current financial disclosures.
© 2023 The Block. All rights reserved. This article is provided for informational purposes only. It is not provided or intended to be used as legal, tax, investment, financial or other advice.