Minimize DAO - was it possible to avoid it?

The DAO: collapse and how they could have been avoided

11 Feb, 2020 David Kemp

The DAO project has gathered a lot of attention in the spring of 2016. But in June it was attacked on a large scale. An error in the code led to the fact that more than $ 50 million was stolen from the accounts. What are the main reasons for the failure?

Development of the DAO

The Project became the founder of a startup in the blockchain-investment management of TAO. At the end of May 2016, the ICO was completed. The crypto community, which enjoyed the favor of Vitaly Buterin, has welcomed the project with open arms. During crowd sale was collected more than 12 million Ethereum, which corresponds to 165 million dollars.

For some time before the hack, the value of the DAO to the dollar increased by almost 16%, and by more than 5% to Ethereum. Some experts warned about the vulnerabilities of the project. Unfortunately, the team did not take seriously their words; they did not even openly acknowledged the possibility of hacking.

Stefan Tual, who served as chief operating officer, then stated: "I'm not worried about the future of the DAO. It is now the largest crowdfunding-funded project in history. Thanks to this startup, there will be enterprises that would not have a chance to exist without it."

At the same time, members of the DAO and GitHub expressed strong feelings about the "terrible attack of wallet contracts." Stefan Tual personally supervised the solution of this problem. Immediately after that, he reported a series of SOFTWARE updates and provided a link to the fix. The vulnerability has been dubbed a "recursive call." Because of her, DAO was eventually eliminated.

The collapse of the DAO: how it all happened 

On June 17, 2016, The DAO wallets were attacked. The kidnappers stole $ 50 million. This instantly caused panic in the market. Criticism fell not only on The DAO, but also on Vitaly Buterin and his Ethereum platform. Numerous community members and cryptocurrency experts kept all projects in one place. The climax of the discussion was the epic appeal of the man who attacked the system. He sent an open letter in which he threatened to go to court if the stolen tokens will be taken away from him.

The attacker wrote: "I spent a lot of time studying the DAO code and decided to get involved.I have discovered a function that when being triggered, provides a reward with additional Ethereum coins for separation. With its help, I quite legally received 3.6 million ETH. Thank you DAO for such an award. If my legally earned coins are illegally frozen, seized or stolen, I will use available legal methods against the initiators of these actions. I wish the Ethereum project all the best; I hope that what happened will serve as a valuable experience for you."

"Recursive call" is enabled by dividing the DAO to endlessly withdraw the coins and to receive Ethereum coins again and again during the same single transaction.

How to avoid collapse when participating in ICO 

  • Carefully research the ICO before participating in it. Greed and desire to earn big money quickly often turn into losses. In the article "What are tokens?" you will be able to learn more about this asset.
  • It is better to postpone the release than to work with unprotected code. The owners of the DAO were certainly inspired by financial success. As a result, the project attracted the attention of both investors and those wishing to get rich quickly. But you could just freeze it for a while. All details to test run new features.
  • Not to succumb to emotions and panic. Sobriety of mind will help to maintain sanity. Developers could not succumb to the general mood, and look for constructive solutions to problems. 

The DAO had tremendous potential to achieve tremendous success. Unfortunately, insufficient risk analysis led to the fact that the developers did not analyze the threat and missed the attack. Although this project turned out to be unprofitable, history knows many successful blockchain startups. Why not try to invest in promising projects, given the mistakes and experience of the DAO?