DAO - Reading Assignment

1. What is DAO?

• A DAO is a distributed autonomous organizations
• The DAO project was a virtual venture capital fund that is governed by the investors of the DAO.

2. What function had the vulnerability?
   The split functiion, which allowed theh DAO to be split into a parent and child DAO. The split function allowed users to take their Ether into a new DAO.

3. Why was the hard fork initiated?

• The hack was too big to let go.
• By returning the funds regulators would be kept out.

1. The original Decentralized Autonomous Organization - a crowdfunded-VC-type fund using a set of smart contracts to govern ownership and voting rights on projects funded by the DAO
2. The “split” function that allowed minority holders to dissent and leave the DAO, thereby creating a child DAO and taking their money with them. The split function did not adjust it’s balance before withdrawal, thereby allowing a reentrancy attack.
3. To return the funds to everyone who was stolen from in the hack.

What is DAO?
Distributed Autonomous Organization, which has a decentralised governance through smart contracts.

What function had the vulnerability?
‘Split’ function - allowed the attacker to recursively call the split function and retrieved their funds multiple times before getting to the step where the code would check the balance.

Why was the hard fork initiated?
To rollback the hacker’s transaction and return the stolen funds.

1. What is DAO?
   DAO was an early created set of smart contracts to run autonomously.
2. What function had the vulnerability?
   The split() function was vulnerable.
3. Why was the hard fork initiated?
   The hard fork was done over the philosophy of code being law versus changing the code to help a clear abuse of the system.

• What is DAO?
  DOA means Distributed Autonomous Organization; it is a code where set of smart contracts are connected together and function as governance mechanism; the DAO project was a virtual venture capital fund that is governed by the investors of the DAO and the idea was: funds raised from the investors are pooled

• What function had the vulnerability?
  it was the split function; there was an option to retrieve funds when the minority did not agree with new proposals and did not want to participate; this procedure was hacked (recursive call exploit)

• Why was the hard fork initiated?
  the hack was too big to let go and the community finally agreed on a hard fork; the motivation was to return stolen funds to the users

1. A Decentralised Autonomous Organisation (DAO) is a virtual organisation governed by a collection of smart contracts. Participants’ voting rights are based on the tokens that they own.
   The DAO was an infamous project of this kind deployed on the Ethereum blockchain in 2016. Participants received tokens based on the ether they invested. These token holdings determined (i) their entitlement to vote for the projects they wanted the DAO’s pooled funds to be invested in, and also (ii) their share in the returns on these investments. If a minority group of participants disagreed with investment decisions made by the majority, then they had the right to withdraw the ether they had invested and transfer it to a child DAO, which would then operate in exactly the same way as the original DAO, but only with a proportion of the original particpants.

2. The split function had the vulnerability. After deciding to split the original DAO, and at least a week after the split procedure had been initiated, this was the function that would be called to transfer ether held in the original DAO to the new child DAO.

3. After much discussion and difference of opinion within the Ethereum community about the best way to respond to the hack and deal with its consequences, and also after plans for a soft fork were aborted, the hard fork was initiated in order to reverse all of the smart contract transactions back to the point in time just before the re-entrancy attack ocurred, and in so doing return the stolen funds to the investors in the original DAO.

1. What is DAO?
   Decentralized Autonomous Organization.
   A computer code that makes possible for smart contracts to be connected and act as a governance mechanism.
2. What function had the vulnerability?
   Split function.
3. Why was the hard fork initiated?
   Mainly to refund the victims of the hack.
   The situation developed in such a way that the hard fork was the only option left.
   Soft fork proposal failed because it would pose additional vulnerabilities, although it was initially voted by miners.
   Doing nothing and sticking to code is law failed because most of the community wanted to do something to fix the situation.

1. DAO - Distributed Autonomous Organisation, is computer code in which other smart contracts interact with as part of a democratic system to determine how a DAO should be run.
2. split function
3. In order to reverse the aftermath of the hack and as a result, return funds back to the victims.

DAO is Distributed Autonomous Organization

The vulnerability was in the Recursive call function

The hard fork was initiated to return lost funds from the DAO Hack.

1. What is DAO?
   a decentralized investment fund
2. What function had the vulnerability?
   split
3. Why was the hard fork initiated?
   to retrieve the stolen funds.

Q1. What is DAO?
DAO is decentralized or distributed autonomous organisation which is a set of connected smart contracts. DAO is governed by voting of investors in the DAO who are issued tokens according to their investments (for e.g. 100 tokens for 1 ether for DAO created by Slock.it).

Q2. What function had the vulnerability?
Split function in the DAO code had the vulnerability. The DAO allowed creation of child DAO if the minority did not agree with the majority proposal. The Child DAO could use the Split function to withdraw their funds from the DAO pool.

The loophole in the split function code was that it allowed to retrieve funds first and then update the balance later. It also did not check for recursive function calls to retrieve funds. This vulnerability enabled attacker to recursively retrieve funds before the balance could be updated.

Q3. Why was the hard fork initiated?
Initially the ethereum community voted for soft fork to eliminate the child DAO and making its transactions invalid. However the move was discarded as it posed further security flaws.

Majority of the ethereum community agreed that something must be done to recover lost funds and returned to the investors. This resulted in hard fork on the ethereum blockchain.

1. Decentralized Autonomous Organization is a computer code through which a set of smart contracts are connected together and function as a governance mechanism.

2. Split()

3. After attack, to refund the money to the victims

1. Distributed autonomous organization
2. Split function allows to withdraw funds several times before update the actual balance.
3. Hard fork was the solution to recover stolen funds from the exploited split function by a hacker.

1. What is DAO?
   Decentralised or Distributed Autonomous Organisation (DAO) is virtual venture capital fund that is governed by the investors of the DAO.
2. What function had the vulnerability?
   In split function which allows user to refund their ether from DAO to cDAO.
3. Why was the hard fork initiated?
   After debate Ethereum community split in to two, new version was called Ethereum and old Ethereum Classic and all transactions took place until the fork was still valid. This was solution to give back the funds.

1. DAO is another computer code through which a set of smart contracts are connected together and function as a governance mechanism.

2. split function

3. It was initiated to restore funds to their owners.

1. What is DAO?
   Decentralized autonomous organization.

2. What function had the vulnerability?
   splitDAO() function.

3. Why was the hard fork initiated?
   Because the soft-fork had DOS risks associated with it and the majority of the Ethereum community then voted for the hard-fork to get the lost ETH back.

1. What is DAO?

DAO stand for distributed autonomous organizations and is another computer code through which a set of smart contracts are connected together and function as a governance mechanism distributed autonomous organizations. The idea of the DOA from Slock.it was, that funds raised from the investors (i.e. the token holders) are pooled. Token holders can become contractors by submitting proposals for funding of their project by using the DAO funds. Any Ether generated from the proposals funded by the DAO would be returned to participating investors as rewards.

2. What function had the vulnerability?

The infamous split function had the vulnerability. The attacker(s) managed to recursively call the split function and retrieved their funds multiple times before getting to the step where the code would check the balance.

3. Why was the hard fork initiated?

On 22 June, a voting started on biggest mining pools regarding a response to the hack. First the majority agreed on a soft-fork, but due to additional security flaws it would pose this solution was discarded. Then they proposed a hard fork, which then was voted and accepted by majority of the Ethereum community. The Ethereum hard fork did not prevent all participants from following the old main branch, so the old branch continued to run and was then renamed “Ethereum Classic” as the original name “Ethereum” was adopted by the majority of participants for the new branch.

1. What is DAO?
   The DAO is a smart contract on ethereum at the beginning of the Ethereum network. It was a decentralized organisation with a decentralized governance enabled by the smart contract.

2. What function had the vulnerability?
   The function was a split procedure which enabled users to migrate their tokens to another DAO contract. The split function had a callback, which was a function called on the child contract. The state (the balance) of the DAO contract was only altered after the callback. This callback was thus making a loop, basically calling itself, each time transfering funds, thus draining the ethers locked in the contract.

3. Why was the hard fork initiated?
   Because it was concluded that human intervention was necessary. The fork was basically a huge undo button triggered by the nodes.

1. What is DAO?
   Decentralized autonomous organization (organization governed by code).
2. What function had the vulnerability?
   Split function
3. Why was the hard fork initiated?
   To return lost funds