5 years after the DAO crisis and the Ethereum hard fork for
A smart contract vulnerability in a private DAO fund was caused first by a tens of millions of dollars’ worth of crypto leak (to date, billions of dollars) and then by a hard fork of the blockchain network, the second largest Ethereum. You can find numerous articles investigating these events, including a wiki page. Although the goal here is to finish, let’s remember what happened 5 years ago.
DAO is a startup that operates an investment fund in Ether (ETH) and acts as a smart contract on Ethereum. The DAO is the proper name the founders chose to refer to the general concept of a decentralized autonomous organization or DAO. The foundation has stated from the start that it is working under the terms of their smart contract, which is nothing more than the code of a program deployed on the blockchain. Your website has no legal terms, but has a notice that proclaims the predominance of machine code over any human readable text for the interpretation of that code.
Even so, The DAO became famous for a bug in their program that allowed an unknown user to spend a third of their money. The loss of 3.6 million ethers was worth about $ 60 million then, or about $ 7.3 billion today. Due to the negative impact and high public pressure (the fund has more than ten thousand investors) that Ethereum has been exposed to, the network leaders decided to introduce a retrospective hard fork on their blockchain.
As a result of the fork, funds in The DAO have been moved to a recovery address as if the leak had never occurred. This enables the users of the fund to reclaim their investment. There are those who oppose the hard fork and so the opponents continue to use the original Ethereum blockchain and call it Ethereum Classic (ETC). It still works to this day with a real blockchain on which Unknown has exhausted funds.
One of the big debates centered around the question: Was it a theft? The US Securities and Exchange Commission investigated the incident and published its report. Although they did not make it the main question, their report included the words “steal” and “attacker” as if it was a standard candidate. To date there has been no criminal investigation, at least the authorities have not dealt with it properly.
Interestingly, shortly after this behavior, strangers (let’s call them more neutral, not an “attacker”) posted an anonymous letter saying they did not believe it was wrongdoing or any kind of violation of any law or condition on the country DAO site on the popularity of smart contracts. In fact, many commenters have supported the conclusion that Unknown did nothing wrong, as they exploit a legitimate function of the code, exist objectively, and are even known to developers, as surveys show.
Takeaways
Regardless of who did it, the case still has a lot of unanswered questions that are much broader than thought and much more difficult, if not more speculative. These questions need to be addressed by philosophers, governments, and the blockchain community to move forward.
The incident showed the world how vulnerable smart contracts can be, challenging the entire concept of “Code is Law” (American legal scholar Larry Lessig coined the concept. This concept was much earlier than the invention of the blockchain). It also shows how retrospective activity can occur on the blockchain if the majority prefer it, although the widely referenced characteristic of the blockchain remains unchanged.
What is its purpose when historically alternative fork sets are possible? Are all values of the technology multiplied by zero? What if this is not a disadvantage but an advantage that we should learn to do the right thing? Let’s go further: what if we encountered a new phenomenon in law and governance? Should draw in parallel to find the answer?
- Parallels to governance and law. Laws passed democratically (e.g. by elected legislators) reflect majority consensus. Usually the minority have to stick to it. You can’t break the law. If code is law and blockchain is a “regulation” in which that law is written and executed as a smart contract, what is a hard fork? Is it disobedience? No way. Blockchain feedback and hard forks are always a viable option. A hard fork is a legal way (from the point of view of the Code) for the minority to protect their interests and separate themselves from the majority if the ledger is changed or other undesirable changes occur. Hard forks and repercussions are not violations or malicious behavior – they are normal with this technology.
- At the same time out of business. Ethereum itself can be thought of as a kind of business, i.e. miners train and validate blocks and receive income. If so, how did the business crash come about? A department cannot be separated from the company simply by the will of such a department. However, this can be based on the decision of the shareholders or the competent authorities (e.g. courts). A distinction is usually made in companies between administrative and production functions, for example shareholders and factories. So who is the miner: the government or the producer?
- Parallel to criminal and judicial law runs. Opinions are conflicting as to whether strangers have committed a crime or have legally exploited an undeclared opportunity in the Code. The DAO never introduced terms and conditions in human language, claiming that the smart contract defines the terms. Therefore, there is no formal contract in the traditional sense so that we can define a violation. Any human word describing this code would be someone’s interpretation. Those who did not consider it a crime stressed that “no one reported the trespassing”. Bad design of smart contracts does not protect the funds. Users are free to act at their own discretion while there is no prohibition law. People are not punished for drinking from a stream when there is no sign of private property. Hence, contract law and private law did not protect it. Interestingly, the SEC used the words “hacker” and “steal” in its report, but no criminal investigation was found in the government reports.
- In parallel by a mass law. If that’s a crime, then what’s a tough fork? Is that the law of mass? Stealing “back” is not a legitimate way to get justice and return property. In a civilized society, it is also classified as a crime. That’s why there are police, public prosecutors, courts and police. Is it a phenomenon of the new blockchain justice based on a certain form of digital democracy?
- Parallel to anarchy. What if it’s not a crime or an act of justice? Possibly it is a pure form of market competition in which there is no government or state power. Then there is a word that describes this and that is anarchy, which can be defined as “the state of a freely established society with no government or governing body,” or in this case the electronic money mode.
All of these questions remain unexplored. This will ensure the development of better public policy regarding blockchain technology and a better strategy for future DAOs.
Oleksii Konashevych is a doctorate. Member of the International Joint Doctoral Degree Program in Law, Science and Technology, which is funded by the EU government. Oleksii has partnered with RMIT University’s Blockchain Innovation Center to explore the use of blockchain technology for e-governance and e-democracy. He also worked on encryption of real estate titles, digital IDs, public registrations and electronic voting. Oleksii co-authored the legislation on e-petitions in Ukraine, worked with the country’s presidential administration, and headed the NGO e-Democracy Group from 2014 to 2016. In 2019, Oleksii participated in the drafting of a bill to combat money laundering and tax problems with cryptocurrency investments in Ukraine.
.
.