NOTE: This podcast episode was recorded on Monday, June 20
The crypto currency world was recently rocked by the “hack” of The DAO, which resulted in a theft of millions of dollars. The DAO (which stands for Decentralized Autonomous Organization) is essentially an experimental startup fund built on the Ethereum blockchain where investment decisions would be made based on community consensus rather than a centralized panel of executives. The DAO became the the 2nd largest crowdfunding campaign to date when it raised over $90 million USD worth of Ether in May 2016, creating a lot of hype in the Ethereum and crypto communities and attracting investors from all over the world. Many people were excited by the unique project and believed in it, and many others invested in hopes of capitalizing on the growing blockchain technology market.
The DAO Attack: What Happened
On Friday night of June 17 2016, a post on The DAO Slack channel alerted the community that an attacker was draining funds from The DAO into a sub-contract, or a “Child DAO” within the fund. This was a result of a known bug in the system. In a short amount of time, more than 2 million Ether (worth around $40 million USD at the time of attack) was taken. At the time of this writing, over 7 million Ether has been drained. Because of the way The DAO was coded, the funds would be on hold in the “Child DAO” for a set period before they can be released or traded. Even if the attacker can be stopped or funds returned to the rightful owners, as it stands now, The DAO is dead.
Although Ethereum developers quickly stated that the exploit was in The DAO and not in Ethereum itself, and that Ether not held in The DAO was safe, the price of Ether tumbled almost in half following the attack. Many people panicked and jumped ship.
The Ethereum and The DAO developer community mobilized quickly and proposed several possible solutions to try to stop the attacker, and discussed the options for reversing the transaction. One of the solutions proposed was a “soft fork” in the Ethereum blockchain, an alteration which would effectively freeze the attacker’s account. This was proposed to be followed by a “hard fork“, a permanent alteration of the blockchain which would reverse the attacker’s transaction and return the funds to the original DAO investors.
A lot of this happened quite transparently – for example, in The DAO Slack channel, parts of which are open to the public. Even several of the private chats between developers and exchange owners were posted publicly.
This wasn’t just any attack. Many people instantly considered this as a pivotal event in blockchain history for several reasons discussed below. The event generated a heated debate not only on what can be done, but on what should be done. Many took to Reddit, Twitter, and Medium to voice their opinions.
Conflict of Interest: Ethereum, The DAO, The Investors
There is a lot of overlap between the developers of Ethereum and those behind The DAO. In addition, it was the same people who were some of the biggest and most vocal investors in The DAO. These factors created a conflict of interest.
When certain Ethereum and DAO developers proposed the fork, some claimed that they were doing so out of self interest in order to save their investment or credibility, rather than doing what is best for the blockchain or the community. This is a valid argument, but a more important point is that proposing a fork, or even writing the code for it, does not force anyone to use it. It is still up to the community of miners to decide whether to use the new code or not.
This is exactly what a decentralized system looks like – anyone can propose a solution, and then the community votes whether to adopt it or not.
Several people presented the argument that forking the Ethereum blockchain now will set a precedent that governments or other centralized entities may pressure the community to fork again in the future.
However, if a fork is technically possible now, it will still be technically possible in the future. Whether we set the precedent now has no difference.
Moreover, as the blockchain community grows, it may become harder to reach 51% consensus required to adopt a fork in the future. Taking the opportunity to fix bugs in the code now, while it’s still early in the game and we can do something about it, may not be a bad thing.
Fixing bugs happens with all code in the early days. The fact that The DAO grew too fast too soon and raised millions of dollars doesn’t change the fact that the code didn’t operate as intended (or so we can assume at least).
“Code as Law” and “Operated Entirely by Members”
Much of the early discussion ended up being of technical nature – after all, The DAO advertised itself as an organization where “code is law”, and “contracts are immutable and autonomous” and function without possible intervention of third parties.
Several days before this happened, several blog posts went up warning of this vulnerability in The DAO code. The team behind The DAO knew of this vulnerability, but did not (or were not able to) fix it by the time the attacker got to it. This gave many people ammunition to point fingers at the creators of The DAO and claim that because they didn’t fix the bug, they should take the fall for the situation (and take all the investors down with them).
The text on The DAO website reads:
“The DAO is borne from immutable, unstoppable, and irrefutable computer code, operated entirely by its members.”
To many people, altering the blockchain via any fork, soft or hard, is against the ethos of The DAO and Ethereum and undermines the credibility of both. Some people even went as far as to say that not only The DAO, but the whole of Ethereum would not survive if they decided to fork. Several vocal community members suggested that the attacker should be allowed get away with the drained funds because he did something that the contract explicitly permitted.
Although this is an extreme view (one that I don’t hold personally), this is a sentiment that was heard loudly, especially in the first 24 hours following the attack. It is not clear if this was the view of the majority or a small but vocal minority. Since then, many more people came out with arguments why a fork or another fix would be preferable to doing nothing.
There is much more to this situation than technicalities or upholding “code as law”. The second part of the statement on The DAO website does read that it is operated entirely by its members. Ultimately, it is the community that decides what happens. If the code is buggy or results in unwanted consequences, the community can come together and decide to change the code.
As many experienced programmers came out and said, there is no such thing as code without bugs. Code is written by humans, who are inherently imperfect. And code is used by humans, who may seek to find and exploit any loopholes or bugs to their advantage. Just because they can do so, doesn’t mean the community should let them.
It’s the same with any other codification of behaviour – criminal law, for example. The recent wave of patent trolling in the United States is an example of law gone awry. It’s an unintended but legal exploit. But just because it is legal to sue someone for infringing on your bullsh*t patent on the correct way to use WIFI, doesn’t mean it’s the ethical thing to do.
Law can become outdated or can be discovered to be imperfect, and should be updated. It’s the same with code. The decentralization and codification of laws can allow for quick revisions based on consensus which could make a democratic organization more agile than traditional systems. But taking humans out of a decentralized system and letting immutable, autonomous code run the show is dangerous.
As Vitalik pointed out in his blog post, suppose you create a super intelligent AI that is given the task to eradicate cancer. The AI maps the whole human genome and identifies what causes cancer. But then it comes to the conclusion that the most effective way to eliminate cancer is simply to eliminate all humans. Humanity goes extinct.
Even if you program the stipulation that the AI has to eliminate all cancer without harming any human, the AI could decide to simply go and cryogenically freeze all humans. It isn’t technically harming them, but it is effectively eliminating all cancer for the time being.
Adopting “code as law that can never be changed” and taking all human decisions out of the equation can potentially lead to much worse situations that the loss of millions of dollars.
Ethics and World-Centric Solutions
Ultimately, we need to be thinking of world-centric solutions: What is the best option for all present & future humans in using the blockchain technology in a safer and more ethical way? The answer for what we need to do as a community becomes a lot more clear when we look at it from this perspective.
Crypto anarchists may dislike the idea of bringing ethics into this, but if the Ethereum blockchain is to become the “world computer” like the founders intended, it has to be ethical, safe, and practical enough to be used by the average person.
Yes, The DAO may have been poorly programmed and may have been a risky investment for those who put their money into it. But if the community does nothing now, it may seriously deter the average person from using Ethereum or the blockchain in the future.
And finally, we mustn’t forget to have empathy. Not necessarily for the creators of The DAO, or even for its investors – but for each other as human beings. Techno-purity should not trump social responsibility.
As one of Ethereum developers Vlad Zamfir puts it:
Decentralization without decentralized social responsibility is terrifying
— Vlad Zamfir (@VladZamfir) June 20, 2016
This is a pivotal time in the blockchain history when the community needs to decide who Ethereum is for. As another person said:
For the sake of disclosure: we did not invest in The DAO, but do use both Bitcoin and Ether.
Listen to the full podcast discussion by using the player at the top of this page.
In This Episode of Future Thinkers Podcast:
- The DAO attack – what happened
- The future of Ethereum
- The fork and other proposed solutions
- The arguments from different sides of the discussion
- Codifying ethics – can it be done?
- What decentralized systems are really about
- Who Ethereum is for
- The humanist side of the argument
- Conflict resolution and responsibility
Related Podcast Episodes:
Vitalik Buterin interview on Ethereum and the decentralized future (FTP016)
Vinay Gupta interview on Ethereum and techno-social systems (FTP018)
Bitcoin and decentralized platforms (FTP010)
Mentioned & Recommended Books:
More From Future Thinkers:
- Ethereum and The Decentralized Future with Vitalik Buterin (FTP016)
- Our 5-part Interview with Vinay Gupta on Techno-Social Systems and Enlightenment (FTP018, 19, 26, 27, 28)
- Blockchain – Building Blocks For a New Society with Vince Meens (FTP033)
- What Happens When We Give People Basic Income? with Scott Santens (FTP031)