DAO - Reading Assignment

Ethereum Smart Contract Security Course
#201

What is DAO?

Distributed Autonomous Organizations. A DAO is another computer code through which a set of smart contracts are connected together and function as a governance mechanism.

What function had the vulnerability?

The split function

Why was the hard fork initiated?

After the cancellation of the soft work, discussions regarding a hard fork gained momentum. According to proponents of the hard fork, the hack was too big to let go and the community should be the final decision makers. By doing so, the funds would be returned, and regulators would be kept out. The hard fork proposal was voted and accepted by majority of the Ethereum community. The hard fork was completed on 20 July and the funds were returned to the investors. Ironically, victims of the hack were able to get their funds back since the so-called immutability was not absolute.

1 Like
#202
  1. A Decentralized Autonomous Organization created by Stock.it in 2016
  2. split function
  3. The fork was done to reverse the hack and give funds back to victims
#203

1)The DAO was a decentralized autonomous organization (DAO) that was launched in 2016 on the Ethereum blockchain. After raising $150 million USD worth of ether (ETH) through a token sale, The DAO was hacked due to vulnerabilities in its code base.
The Ethereum blockchain was eventually hard forked to restore the stolen funds, but not all parties agreed with this decision, which resulted in the network splitting into two distinct blockchains: Ethereum and Ethereum Classic.

2)The hacker was able to exploit a specific Solidity vulnerability by calling the contract’s withdraw() function in a continuous loop. This is known as “reentrancy attack”.

3)The DAO hack occurred during a token sale that raised over $150 million from more than 11,000 investors. Despite concerns about vulnerabilities in The DAO’s code, an attacker exploited a bug and siphoned funds from The DAO, threatening the Ethereum network. Initially, Vitalik Buterin proposed a soft fork to blacklist the attacker, but the attacker claimed the funds were legally obtained and threatened to bribe miners to prevent the soft fork. A vulnerability in the soft fork code led to the proposal of a hard fork, which would roll back the network’s history to before the hack and return the stolen funds. This controversial move was debated, but on July 20, 2016, at block 192,000, the Ethereum hard fork was implemented.
The hard fork was initiated to mitigate the severe financial and reputational damage caused by the hack, which posed an existential threat to the nascent Ethereum network and its community.