Bot-Run Company of the Future Gets Hacked

A funny thing happened on the way to a post-capitalist, crypto-anarchist utopia.


Jens Kalaene/dpa/picture-alliance/Newscom

If you can't understand how a cutting-edge new investment platform works, it's probably a bad idea to put serious money (or a good portion of an infant cryptocurrency network) behind it. This is a lesson that backers and enthusiasts of the Ethereum platform and its pet project—a bot-run investment corporation known as The Decentralized Autonomous Organization (DAO)—had to learn the hard way recently.

In May, I discussed the development of this new "leaderless" investment corporation, which was purported to be "bound by code"—i.e. run by a bot—and supposed to operate as an automated crowdfunding and profit-sharing venture that obviated the need for human administration. Since its creation on April 30, The DAO raised $150 million in investment on the trendy Ethereum smart-contract platform and plenty of positive press in the weeks leading up to its maiden IPO.

There was just one big problem: The code was broken, and The DAO got hacked.

Bound by Code

The DAO was conceptualized as a kind of decentralized venture-capital fund that could not be controlled by any one person or group. People who wanted to invest in The DAO could purchase "DAO tokens" using Ether (ETH), the native cryptocurrency of the Ethereum platform.

With DAO tokens, people could then vote to invest in a number of pre-approved, startup-like projects proposed by entrepreneurs The DAO called "contractors." If a project got enough votes, it would be green-lit and the funds immediately distributed. If the startup began to rake in money, the profits would be dispersed among token holders. If, however, a project started hemorrhaging money, token holders would just have to take that hit.

The core innovation of The DAO was that all of these operations were to occur autonomously, facilitated by code rather than fund managers and administrators. In technical terms, The DAO was designed as a kind of "smart contract," a digitized system set up in such a way that breaches of contract are expensive or impossible. There would be no Kickstarter administrator or venture capital general partner that would be capable of censoring or overriding decisions. As The DAO developer Stephen Tual told the Wall Street Journal on May 16, the project was "not bound by terms of law and jurisdiction. It's bound by code." At least, this was the theory.

Ack! A Hack!

But a funny thing happened on the way to a post-capitalist crypto-anarchist utopia.

Amid the fawning press and general euphoria imbuing The DAO community, a group of security researchers led by Cornell University's Emin Gün Sirer published a May white paper sounding the alarm about many troubling vulnerabilities present in The DAO's code. The researchers noted a number of mechanism design weaknesses that could promote sub-optimal voting behavior among token holders or even outright theft of funds. The DAO developers did issue some patches to smooth everything over—but it was too little, too late. The DAO proceeded along its original deployment timeline, warts and all.

This rush to release proved fatal for the project.

On the morning of June 17, startled token-holders logged online to learn that The DAO was being rapidly drained of its funds. Just as Sirer and his associates warned, an attacker had exploited a vulnerability in The DAO's "split function," which allowed the hacker to drain Ether multiple times during the course of one transaction. Panic struck the community as ETH trickled into the attacker's clutches without pause. The price of ETH tumbled. Panicked token-holders took to the forums to demand answers and quick action from developers of Ethereum and The DAO.

In the course of one fateful day, The DAO went from a "new paradigm in economic cooperation" to yet another punchline in the wild world of cryptocurrency.

So Much for "Code Is Law"

In the aftermath of the hack, the high-tech sloganeering used to market The DAO proved little more than pretty words.

In good times, THE DAO developers never tired of extolling that "code is law" and mere mortals could never deign to intervene in their ironclad system design. The DAO's initial terms and disclaimers clearly explains that purchasing tokens signified "[express agreement] to all of the terms and conditions set forth in that code"—which included the risk of major loss. Yet at the first sign of trouble, these principles were immediately cast to the side. All of a sudden, preexisting common law principles and external protocols became sovereign.

Because of the way that The DAO was designed, there was no way for its leaders to reverse the hack and restore funds to the proper holders. In fact, by the bare language of its code and contract, The DAO hacker did not do anything "wrong" at all. He or she simply took advantage of a profit opportunity overlooked by the many people who agreed to bind themselves to that specific code. If anything, according to the stated ethos of the project, The DAO hacker—whoever they are—should be applauded. He or she essentially claimed a large "bug bounty" for finding a vulnerability in The DAO's code. Rather than chastising The DAO hacker, perhaps the leadership of Ethereum and The DAO should hire him or her!

Yet the many people who lost a lot of money in The DAO hack obviously don't see it that way.

The multi-million dollar heist alone would have been bad news enough, but the project's intimate ties with the broader Ethereum network created a crisis for the alternative-cryptocurrency in its own right. Because so much ETH was tied up in The DAO, the outcome of The DAO debacle would have a dramatic effect on its market price.

A Bailout by Another Name?

Token-holders turned to the Ethereum developers to "do something." The only way for their funds to be restored would be for developers to make a major change to the network, called a "fork." But this change would violate two the supposedly central principles of the projects involved. First, it would supersede the "code is law" manta of The DAO, as mentioned. It would also violate the perceived censorship-resistance of the Ethereum platform.

Many critics of The DAO project, including some former investors, argued that such a fork of the Ethereum network amounted to little more than a "bailout" for a project gone awry. They make a strong case. Token-holders knew their investment carried risks. That "boneheaded code vulnerabilities" were not among the risks they accurately gauged does not make them any more absolved of their mistaken calculations. And the modest size of the Ethereum community does not help the "revolving doors" optics suggested by the overlap between developers working on Ethereum and The DAO-related projects.

Then there is the question of precedent. Even someone who is willing to grant that The DAO investors should be bailed out could legitimately question whether future applications of this new authority will be as wise for the network's future. Even if Ethereum developers are angels, the worrying trend of governments pressuring developers to change their own software is an omnipresent threat.

Complicating this developing governance crisis for Ethereum was the fact that the Bitcoin community had been struggling with questions about the ethics of chain-forking for entirely separate reasons. Supporters of an Ethereum fork were not entirely groundless in suggesting that much of the anti-fork animus was encouraged by anti-fork Bitcoin holders hoping to make a theoretical point about forks on another chain. The presence or lack of interchain anti-fork solidarity should have no bearing on the objective question of whether forking Ethereum to rescue DAO token holders was ethical, but precious few questions in the cryptocurrency space are decided on purely objective grounds.

A tale of two Ethereums

In the end, Ethereum did fork, on July 20. Vitalek Buterin, the founder of Ethereum and a widely-respected figurehead for the project, quickly and firmly affirmed his support to modify his protocol and assist The DAO. The new version of Ethereum attempted to move the hacked funds to a new address controlled by token holders and amended the chain as if the hack never happened. It was a way to try and rewrite history.

Token holders can now appeal to retrieve their ill-gotten ETH from the disgraced DAO.

Yet not everyone in the Ethereum community accepts this revised chain. A movement of anti-fork Ethereum investors and miners are sticking with an "alternative" version of the chain that proceeds as if the fork never happened. It is called "Ethereum Classic," or "ETC," and it views itself as the true protector of the Ethereum project. Incidentally, on the ETC chain, The DAO hacker still has access to his or her rightful (according to DAO law) coins.

Tensions have been a bit high between the two chains, with advocates from both camps decrying the other as a naive or corrupt saboteur of the "real" heritage of Ethereum. Initially, it was thought that Ethereum Classic would fade into embarrassing obscurity, since the majority of the corporate Ethereum entities were devoting resources to the forked chain, now differentiated as simply "ETH." Yet ETC has chugged along against difficult odds, presenting opportunities for price arbitrage between ETC and ETH and even getting a boost by being listed on the Poloniex exchange.

The DAO episode provides a cautionary tale for those interested in the often-hyped cryptocurrency space: don't put serious money into platforms you don't entirely understand. More existentially, Ethereum's short-term "victory" over The DAO hacker may very well prove to have been a Pyrrhic one. By amending the protocol to reverse a specific transaction, Ethereum has established a potentially damaging precedent. Whether the developers can forge a trusted new set of principles that protects the interests of their passionate community remains to be seen.