Associated Incidents
The DAO Hack Explained: Unfortunate Take-off of Smart Contracts
Osman Gazi Güçlütürk Blocked Unblock Follow Following Jul 31, 2018
Logo of the DAO
Smart contracts brought distributed autonomous organizations, aka “DAO”s, to our life. A DAO is another computer code through which a set of smart contracts are connected together and function as a governance mechanism.
In this story I will explore the most famous DAO project, the DAO, and its effects on the smart contract environment. While reading the explanations, it must be borne in mind that all these discussions took place in online platforms such as GitHub and Reddit. Therefore, it is not possible to make definitive statements or give exact figures on all arguments used in these discussions.
- The Creation of the DAO
The most infamous DAO project was the DAO created by the Slock.it[1] and went live on 30 April 2016. It was a virtual venture capital fund that is governed by the investors of the DAO. The idea was the following: Funds raised from the investors, the token holders, are pooled. Token holders can become contractors by submitting proposals for funding of their project by using the DAO funds. There was a curator examination, which was just an identity verification conducted by one of curators who were selected among the respected members of the Ethereum community. Once the proposal passed the curator’s check, it would be voted on by the investors. If a proposal is approved by a quorum of 20% of all tokens,[2] the DAO automatically transfers Ether to the smart contract that represents the proposal. Any Ether generated from the proposals funded by the DAO would be returned to participating investors as rewards.
During the initial offering[3] took place in May 2016, the only requirement for being an investor was to invest Ether into the system. In exchange, participants were given DAO Tokens, 100 DAO Tokens for 1 Ether, which give voting rights to be used during the selection of projects that would be funded. The DAO raised 12.7 million Ether, which was equal to more than 150 million USD back then and became the biggest crowdfunding project until its time. However, on 16 June 2016, the DAO got hacked.
- Infamous ‘Split’ Function and the Child DAO
The governance mechanism embraced by the DAO was similar to the governance of publicly-traded joint stock corporations. Unsurprisingly, there was a possibility that the minority would be suppressed by the majority. The creators of the DAO wanted to introduce a protection for the minority: The idea was to make the minority able to retrieve their funds when a proposal they do not want to be a part of gets approved despite their objection, which was, in fact, a DAO equivalent of the appraisal right we see under the corporate law in some jurisdictions.
The creators implemented this solution as an ability of a DAO to split in two. By submitting a special form of proposal, the minority, along with other token holder who voted for this second special proposal, could take their Ether into a new DAO, which is called the child DAO but has the same abilities and it is subjected to same restrictions that of the DAO it is divided from.[4]
The split procedure can be initiated by any token holder at any time regarding their own Ether. However, once initiated, there is a schedule to be followed hardcoded in the DAO’s code according to which a split proposal must have at least 1 week (7 days) of debate time. After this 1 week, the split function can be called, and the initiator’s Ether can be moved to a new child DAO but then there is a 27 days of split creation period during which no proposal can be brought forward. And even after that, if you try to send the funds in the child DAO to an account under your own control, you need to submit a proposal and wait for 2 weeks (14 days), which is the regular proposal debating period. To sum up, once you decide to split a DAO, you need at least 48 days before getting it in an account you control.[5]
A coder found a loophole in this procedure. Once a split function is called, the code was written in a way to retrieve the Ether first and update the balance later. Additionally, it was not checking whether there was a recursive call, which is an expression used to indicate a function that calls himself. The attacker(s) managed to recursively call the split function and retrieved their funds multiple times before getting to the step where the code would check the balance. On 16 June 2016, the attacker managed to retrieve approximately 3.6 million Ether from the DAO fund abusing this loophole, which is known as a “recursive call exploit”.
- Discussions and the Hard Fork
Ethereum community noticed this abnormal transfer from the DAO fund.[6] Additionally, the following day, someone who claimed himself to be the attacker published an open letter addressed to the Ethereum community.[7] These developments were followed by an intensive debate on what needs to be done to solve this ‘problem’.