I hear you, but I think you meant “auditability”.

You’ll notice that if the transferFrom call fails the contract throws. This is fine. The isError code will be set. However, if the transferFrom succeeds and the msg.sender.send fails an event will have been written during thetransferFrom call. However, the ether will not have been sent.

That’s not true: the `throw` will roll back the current call and all calls it already made, so the event will not be emitted.

In other words, the balance in The DAO will say the account has no tokens, but the end user will not have gotten his/her ether. The contract will throw, the state of The DAO will have been changed, but no log message will record that information. Worse — incorrect information will have been provided.

This is saying something different, but for the reason outlined above, it’s also not the case: the `transferFrom` call will be rolled back by the `throw`.