Market Cap: 24h Vol: BTC: BTC Dom:
Gold: S&P 500: EUR/USD: Oil (BRENT):

The DAO

The DAO refers to a specific project, one of the first large scale attempts to put the concept of a decentralized autonomous organization into practice. Built as a set of smart contracts on Ethereum and launched in April 2016, it functioned as a member directed venture fund: anyone who sent ETH to the contract received DAO tokens proportional to their contribution, and token holders could then vote on which startups and proposals the pooled capital would fund. The crowdsale ran for 28 days and pulled in more than $150 million worth of ETH, at the time the largest crowdfunding event in history and roughly 14% of all ETH in circulation.

The project's downfall came from a coding flaw rather than a governance failure. The DAO's splitDAO function sent Ether to a caller before updating that caller's internal token balance. An attacker exploited this ordering with a malicious contract whose fallback function repeatedly called back into the withdrawal logic before the balance was decremented, a pattern now known as a reentrancy attack. Over several hours in June 2016, the attacker siphoned off roughly 3.6 million ETH, about a third of the funds raised, into a child contract subject to a 28 day holding period.

That holding period gave the Ethereum community time to respond, and the debate that followed became as significant as the theft itself. One camp argued the exploit followed the contract's code exactly as written, so the outcome, however unwelcome, should stand. The other argued a bug was never the community's intent and pushed for intervention. Ethereum developers ultimately executed a hard fork that rewound the chain's state and moved the stolen funds into a refund contract. The minority that rejected the fork on "code is law" principles kept mining the original, unaltered chain, which continues today as Ethereum Classic.

The DAO hack remains a foundational case study in smart contract security. It popularized the checks-effects-interactions pattern for writing safer contracts, pushed formal auditing into standard practice, and, through a later SEC investigation into the token sale, helped shape how regulators think about classifying token offerings.