The (not so) DAO

Ethereum is a peer to peer smart contract system. A smart contract allows you to encode human collaboration in software.

Although Ethereum is inspired by Bitcoin, it’s run completely differently. Bitcoin has mysterious origins and authors. From time to time people try to control the project or claim that they invented it, but it appears to be run through chaos.

Ethereum on the other hand was crowd-funded through preselling the Ether currency ($34 million). The developers and maintainers are known and direct the progress of the project. They are well funded, organized and have a road map.

The project has been moving very quickly. TheDao went online just a few months ago. TheDao is a smart contract that runs on the Ethereum network. By sending Ether to it you receive tokens that allow you to vote on proposals that move money to new contracts or people. Anyone can make proposals. You can also cash out your initial investment by splitting TheDao.

TheDao went on to raise over $100 million in Ether. This morning someone found a way to initiate a transfer of this money to themselves through a recursive split. This has been called a hack or an attack.

Ethereum and TheDao emphasize that these contracts are code and that there doesn’t have to be a leader or manager to make them work. However, this experiment is showing it’s challenges.

TheDao is code. The attacker found a loophole in the code. He didn’t have to steel anything, break any laws or take someones password. His use of the code wasn’t expected by the authors. However that’s the whole point of TheDao. It’s supposed to be able to do things that the authors didn’t intend.

This case is pretty extreme. Nobody knew that it would be possible to liquidate the contract like this. Ethereum creator Vitalik Buterin is rolling out some software that specifically acknowledges TheDao and prevents the ‘theft’. TheDao is too big to fail and has been bailed out. If it was a smaller contract nobody would have done anything.

This episode shows the centralization of the Ethereum project and weaknesses in smart contacts.

Good smart contracts are extremely difficult to write (read TheDao whitepaper to see what I mean). Furthermore every contact is public and open to attacks. Small contacts in the future will not be bailed out.

Let’s contrast with traditional contracts. Sometimes there is a misunderstanding. In this case people have to work it out together. There might be legal action other professionals might get involved to sort everything out. Essentially there is lots of human effort trying to determine the intention of the contact. Fairness and compromise is attempted.

In the case of smart contacts the misunderstanding can occur with anyone on the network. As these loopholes and misunderstandings are found they are exploited through the network. The liability and risk of a smart contract is amplified. There is no way to reason with them.

The solution here is trust and time. We are going to get better at writing smart contracts. As they run on the network and show success and predictability then those contacts will be trusted. Hopefully we will have a common set of trusted contracts that take care of the most useful types of agreements. Along the way there is going to be lots of drama and failure. The emergence of smart contracts is going to take time.