“The DAO” was a particular DAO that took the form of an investment company implemented as a smart contract on the Ethereum blockchain. Investors were allowed to contribute Ether to The DAO during an investment period. The money raised was to be invested in blockchain-related startup companies, with any and all profits earned being distributed back to the investors in accordance with the terms of the smart contract. Companies would submit proposals for funding to a group of “curators” for the DAO. Once approved by the curators (leading individuals within The DAO), investors would be allowed to vote on the funding proposals to determine which investments would be made. The process for voting and funding was all specified within the programming of The DAO smart contract. Finally, investors were allowed an “Exit door,” which would allow investors to leave with their initial investments after a 28-day waiting period.
Although the smart contract that implemented these provisions was complicated, the DAO explicitly stated that the smart contract itself was the controlling legal authority, and any other written descriptions or human readable documents were merely for educational purpose. These human-readable documents were not to “supersede or modify the express terms” of the code found on the blockchain. In other words, for The DAO, the code was the law.
Investors reaction to the DAO announcement greatly exceeded expectations. During the growth face of the organization, over $150 million in Ether was contributed to The DAO. By one estimation, at one point 14% of all Ether was invested in The DAO, and the value of that investment exceeded $250 million.
Unfortunately, there was a problem with the coding of the exit door. The program steps that returned funds to the requesting inventor were executed before the internal balance for that account was updated. A nefarious individual exploited this weakness by creating a recursive call for the exit door refund. Using this hack, the same DAO token was used to request a refund of Ether multiple times in a row, with each new refund triggering another refund request without the internal balance ever being updated. Within a few hours, $70 million worth of Ether had been extracted from The DAO. For some reason, the hacker then stopped extracting Ether even though no solution to the bug had been implemented.
The organizers of The DAO identified the problem, but the code provided no way to stop the distribution of the $70 million after the 28-day waiting period has expired. The immutability which was at the heart of the Ethereum blockchain prevented any simple solution. Eventually, a proposal was made to create a “hard fork” in the blockchain. This proposal was submitted to all owners of Ether on the blockchain and was adopted by a large majority of the voters. The hard fork essentially rolled back time to a moment before the exploit, and then changed the terms of The DAO smart contract. The DAO was to be terminated, and the only process allowed by the new contract was a return of Ether to those who invested in The DAO.
This hard fork was extremely controversial. Many argued that the “code was law,” regardless of the consequences. If the blockchain could be rolled-back for this, it was no longer immutable and no longer worthy of trust. The dissenters created the “Ethereum Classic” blockchain, which essentially took over the Ethereum blockchain without the roll-back. No change was made to the blockchain, and Ethereum Classic kept moving forward. After the 28-day waiting period, the hacker received millions of dollars’ worth of Classic Ether.