The Foundations Incident
FoundationsDAO Post Mortem and Incident Response, a Message to the DAOhaus community, By Dekan Brown
DAOhaus Statement
One of our DAOs had an attack to remove funds from the Treasury. It was Foundations DAO, which is a starter DAO for people to experiment and join for low tribute. It started a month or so ago with a RabbitHole campaign. Participants were able to join a DAO with 1 $HAUS, then complete the RabbitHole quest to get some badges. The first 1500 RabbitHole participants got a 1 $HAUS reward on top of the quest badges.
The campaign was more successful than we ever imagined it would be, because of this Foundations became the target of many attacks. 4000 members and $60k+ USD worth of $HAUS was in the DAO at one point. Each member tributing the equivalent of $15-$20 USD really adds up.
The Attacks
We had 30k total proposals, 26k were invalid, spam or a straight attack to steal funds. Out of those 30k, 4k were valid member proposals, tributing 1 $HAUS for 1 share. We were able to block the majority of invalid proposals but it only takes one getting through for the foundation to start collapsing.
Invalid Proposals
Over the last few days 4 proposals got through to voting, The DAO blocked 2 of them by voting them down. However, 2 made it all the way through. These proposals were requesting payment of 1000 and 1500 $HAUS, managing to drain more than half the funds from the Foundations Treasury.
Current Situation
When we discovered that invalid proposals had been voted through, we asked all members to ragequit and rescue funds from the DAOs treasury. This is the minimum member protection that allows people to exit before a proposal is executed.
We are still in the process of getting people to ragequit and recovering the remaining funds from the DAO. We created a Rescue DAO which has core DAOhaus members that we will withdraw the rest of FoundationDAO’s funds to hold for next steps directed by current Foundations Members.
The attacker withdrew the funds they were able to get and dumped them on a DEX. They did not do a good job concealing their identity but we would like to avoid a witch hunt, so we will be reaching out to them or their employer for a response.
Failure of the UI
Because of the extremely high number of proposals the front-end UI (user interface) had many issues. At some points we were getting thousands of proposals an hour, which is 100x more than what we built the UI for.
This caused the UI to be sluggish or unresponsive. We implemented a spam filter and a valid proposal policy to try to limit the excessive amount of spam/invalid proposals, but that only acted as a temporary band-aid.
The other issue of the excessive number of proposals was it was extremely hard to separate the good ones from the bad ones. To combat this we started a new page which would allow a faster review of all proposals by members, and we implemented a bot as a member of the DAO in attempt to verify good proposals and vote down invalid proposals.
Future Fixes
Experiments like this are opportunities to learn more about human incentives while improving our coordination tools. These lessons prepare us to handle similar situations better in the future.
We are already working to add better spam filtering, notifications, and handling large amounts of requests and data.
In the next version of the DAO contract we look to add further checks and balances that can be implemented by DAOs. Things like spam protection and proposal withdraw limits that help protect the communities we build and improve the DAO member experience.
Foundations Statement
I’m a DAOhaus core contributor but also a Foundations DAO member so this was an extra bummer for me. What we were able to accomplish in a short time, with relatively low stakes is pretty impressive. We knew the individual stakes were low but the risks were high. It is on the leadership (me included) that we did not act fast enough to implement some protective action.
Where else can you bring 4000 people from across the globe together to commit $15–20 USD and raise a pot of more than $50k?
This is especially sad because we were starting to get some plans of actions from the DAO. We had just begun discussing funding the development of our own product that would be collectively managed and owned by the DAO.
The attempts by the core DAOhaus team to resolve the issues and efforts by members to thwart the invalid proposals were great but not enough in the end. We were able to block the final two bad proposals, saving about 1500 $HAUS. This was due in part to fast ragequits making the treasury insolvent to those proposals.
There is still about 1300 $HAUS in the treasury and the proposal to get those funds into a protected DAO managed by the DAOhaus team. This is a good start but we need to go further.
What’s Next?
We still have about 25k in the treasury so I don’t think our mission has to end. We can use that 25k to fund an initial MVP of a product and ask for matching from the UberHAUS vault. 50k is a great start to a MVP so creating our own product is still possible.
We should ensure that all Foundations DAO members (even if they Ragequit to prevent the final 2 proposals) are represented in a new DAO. The new DAO will have more protections from this type of attack. This could include a new DAO or token or maybe both.
If people are over this experiment and do not want to be involved going forward they can still Ragequit and withdraw with some funds. The attack diluted members stake about 60% so it will be less than what was initially put in but this is always an option (and always has been).
One final note to the ragequiters, they saved our ass and saved the remaining $HAUS in the treasury. We will be putting out a POAP badge to recognize these people for their quick action.
