The DAO Affair and the Future of Blockchains
Blockchain technology is easily the most interesting frontier technology when it comes to software eating the world. Other emerging technologies such as virtual reality and convolutional neural nets emerged from long, high-profile lines of technology development that have always been in the glare of the spotlights. Blockchains emerged suddenly and pseudonymously from a relatively obscure and young (starting in the early 90s) line of research. So as you'd expect, the blockchain frontier is full of surprises good and bad. In this guest newsletter, Arthur Falls and Vinay Gupta, from blockchain venture-production studio ConsenSys, walk us through an account of the DAO exploit from a couple of weeks ago, within the Ethereum ecosystem (a smart contract blockchain derived from the bitcoin blockchain). It's the sort of thing that can only happen on a radical technology frontier, and teaches us a lot about the territory we're wandering into.
The finest cartoon illustrating how the blockchain works.
1/ Let’s start by looking at the weirdest thing in the world of blockchain -- The DAO -- a once $200m VC crowdfund that has fallen on hard times.
2/ The DAO is quite a crazy instrument: Anonymous users send money into the fund, then vote on proposals for what to invest in. Sound amazing?
3/ The DAO was devastatingly hacked on the 17th of June, ⅓ of its assets were stolen, and its entire capital pool exposed to further theft (more on this later).
4/ What enabled the DAO to exist? A next generation blockchain/smart contract platform called Ethereum.
5/ Bitcoin gave us the blockchain - a synchronization mechanism in which thousands of computers agree on the balance in your Bitcoin account.
6/ Ethereum lets you build programs - smart contracts - which run on a blockchain.
7/ Because the Ethereum blockchain network is made of thousands of machines all over the world, if a fire or flood wipes out some servers, it's no big deal: everything is still there.
8/ Ethereum programs are so reliable and secure in fact that they can (in theory) be used to manage large sums of money and automate business processes.
9/ Imagine an apocalypse-proof, programmable bank vault.
10/ If the vault is properly secured, a clear set of criteria may be established for accessing its contents
11/ ... and the ability to put huge amounts of money under the control of entirely trustworthy automated systems opens doors like e-governance quite a bit wider.
12/ With regard to software bugs though, you don’t need a global catastrophe to wipe out $200 million if you accidentally left the back door of The DAO’s vault wide open.
13/ DAO stands for Distributed Autonomous Organization. There are some variations on the verbiage but it is an established blockchain concept.
14/ Distributed -- not centrally located or controlled, Autonomous -- runs on its own, Organization -- means of coordinating human behavior.
15/ “The DAO” was created by a small team, Slockit, as a funding mechanism for their Internet of Things project.
16/ A voting system controlling a funding pool is essentially what The DAO was.
17/ Better marketers than software engineers, Slockit spun enthusiasm for the DAO concept into a crowdfunding frenzy.
18/ The 28 day funding period ended with a total of about $150million in The DAO’s coffers.
19/ A subsequent rise in the value of Ether, the native cryptocurrency of the Ethereum network raised the total value held to about $220 million.
20/ There is a software development maxim: “given enough eyeballs all bugs are shallow,” and the hacker who could find a hole in The DAO’s code could in theory claim the $220 million.
22/ Vitalik Buterin, the Inventor of Ethereum quickly suggested that it might be a good idea for everyone to change their blockchains to ignore the event, effectively erasing it from history.
23/ In response the attacker stopped. As if burdened by more cash than they could carry, they waddled away, pockets bulging, leaving most of the money behind.
24/ The attack precipitated a collapse in the price of Ether. A suspiciously well-timed short position placed on a cryptocurrency exchange closed a $1 million profit in a day.
25/ Members of the Ethereum foundation began draining the funds from the now ruptured DAO in a “White Hat” attack, placing the funds in a more secure “child DAO”.
26/ An unknown assailant, possibly the same attacker, attacked the child DAO. it was master hacker vs. master hacker. The DAO Wars were on.
27/ To end these shenanigans, a piece of code designed to freeze the funds was distributed to the network operators (miners). They have frozen The DAO’s funds.
28/ Another piece of code designed to allow the stolen funds to be returned to The DAO token holders will be released for voluntary inclusion too.
29/ Lessons: Be careful when you invest. Creating computer programs to secure money is hard. $200 million is a lot of money for an honesty box, even if it has a padlock.
30/ Expect to see better considered DAO-like structures emerging in the future.
31/ This one taught the world what not to do, but at the same time gave us a glimpse of what incredible things might be possible.
33/ It’s not all avantgarde organizational structures either. These technologies have the potential to affect every industry, disrupting old structures and creating opportunity.
34/ For example, German utilities company RWE has recently partnered with Ethereum startup Transactive Grid to allow the direct sale of surplus pro-sumer generated energy to local businesses and consumers.
35/ Brazillian materials provider, BVRIO, is using a blockchain registry protocol, Regis, to track the exact makeup of their materials. Specifically preventing illegally logged timber from entering their supply chain.
36/ Provenance use cases like this are creating new premium product categories in industries where environmental and human rights abuses have occurred in the past.
37/ See what’s going on over at blockchain venture production studio Consensys Systems, and sign up to our newsletter, here
_Feel free to forward this newsletter on email and share it via the social media buttons below. You can check out the archives here. First-timers can subscribe to the newsletter here. You can set up a phone call with me via my Clarity.fm profile page. _
Check out the 20 Breaking Smart Season 1 essays for the deeper context behind this newsletter. If you're interested in bringing the Season 1 workshop to your organization, get in touch. You can follow me on Twitter @vgr
Copyright © 2016 Ribbonfarm Consulting, LLC, All rights reserved.