Definition of DAO (Decentralized Autonomous Organization)
A DAO is a Decentralized Autonomous Organization, meaning an organization run entirely using code (smart contracts) on a blockchain — with no central leadership.
It is governed by rules encoded in smart contracts, and decisions are made via community voting (typically by token holders), making it transparent, autonomous, and democratic.
The DAO (2016): First Real Implementation
- The DAO was a decentralized investment platform built on Ethereum, launched in April 2016.
- It allowed people to pool funds and vote on how to invest them.
- Managed by a smart contract, with no single owner or controller.
The DAO Attack (June 2016)
- A critical bug (called the reentrancy vulnerability) was exploited.
- The attacker was able to withdraw ETH repeatedly before the smart contract could update its internal balance.
- Loss:
3.6 million ETH ($50 million at the time). - This was not a traditional “hack” — the contract performed as coded, but had poor logic.
How the Exploit Worked (Reentrancy Bug)
- Attacker requested a withdrawal.
- Smart contract sent funds before updating internal balance.
- Attacker recalled the withdrawal function again (before update).
- This loop allowed multiple withdrawals while the contract thought only one happened.
- Smart contract ended up losing track of balances.
Aftermath: Ethereum Hard Fork
- To recover stolen funds, Ethereum developers proposed a hard fork.
- The fork reversed the hack and returned ETH to original investors.
- This violated blockchain’s core values like immutability and “code is law”.
Ethereum Split: ETH vs ETC
- Many users rejected the hard fork.
- So, Ethereum split into two chains:
- Ethereum (ETH) – continued on the forked chain
- Ethereum Classic (ETC) – continued original chain (DAO hack remained)
Lessons from DAO Attack
- Smart contracts must be formally verified and tested before deployment.
- Even small logic bugs can lead to massive financial losses.
- Emphasized need for secure programming languages like:
- Vyper – security-focused, Python-like smart contract language
- Michelson – Tezos’ functional language with formal verification
DAO – Pros and Risks
| Pros | Risks/Challenges |
|---|---|
| Full transparency (open-source) | Vulnerable to bugs in code |
| Decentralized decision-making | No emergency override |
| Global participation | Legal & regulatory uncertainties |