DAO - Reading Assignment

• What is DAO?
  Distributed Autonomous Organization
• What function had the vulnerability?
  The split function which creates the Child DAO
• Why was the hard fork initiated?
  To reverse the transaction and give the victims back their ETH

1. What is DAO?
   Decentralized
   Autonomous
   Organisation
   A set of smart contracts connected together to create a governance mechanism

2. What function had the vulnerability?
   The split function which allowed to create a child DAO in case a minority did disagree with the votes of the majority.

3. Why was the hard fork initiated?
   To revert the transaction return the funds back to the victims of the hack.

1. What is DAO?

• Decentralized autonomous organization. Or, in this context, it is one specific organization called “DAO”.

2. What function had the vulnerability?

• It was the Split function which was made to allow a minority to withdraw funds and create another DAO.

3. Why was the hard fork initiated?

• Soft fork was considered insecure and was discarded.
• Most of the community, but not all, voted for a hard fork. The forked Ethereum is ETH.
• The ones disagreeing with the hard fork kept on mining and developing the Ethereum blockchain as it was, thus creating Ethereum Classic ETC.

1. DAO stands for digital autonomous organization and is a collection of smart contracts that are connected together and function as a system of governance. The DAO was a DAO project by Slock.it which got infamously hacked due to a reentrancy attack.

2. The split function, which allowed a minority to withdraw their funds from the DAO and create a child DAO.

3. A hard-fork to overwrite the transaction history and return the stolen Ether was initiated because the initially decided-upon soft fork was discarded due to additional security flaws. Proponents of a hard fork argued that the hack was too big to just let go of and a hard fork proposal was approved by the majority of the Ethereum community.

1. DAO was a venture capital fund. Investors exchanged ETH with token of the DAO and those tokens fund projects if they got enough votes from the token-holders.

2. The vulnerable function was the “Split” function which was intended to enable minority investors of the DAO to get a refund if they disagree with a vote.

3. There were no easy way out of this problem, doing nothing was rejected by the majority, a soft fork seems to be the way but turning out dangerous so the hard fork solution was chosen as the last resort

Hi everyone,

There is a good book by journalist Camila Russo that describes in details the sequence of events of the DAO hack. It’s gripping
https://www.amazon.com/Infinite-Machine-Crypto-hackers-Building-Internet-ebook/dp/B07X8HS2WC
Chapter 20 - The DAO wars

1. What is DAO?

“TheDAO” was a smart contract designed to automate a project funding organisation. It was developed by Slock.it and went live in May 2016.

2. What function had the vulnerability?

The function with the vulnerability was the Split function. This function was designed to create a child DAO in the situation where a member did not agree with the projects funded. This function contained code to transfer funds from the parent to the child DAO. This code did not follow the check-effects-interaction pattern and suffered from re-entrancy vulnerability.

3. Why was the hard fork initiated?

The hard fork was initiated after all other avenues had been explored (do nothing or do a soft fork). A hard fork allowed the Ethereum blockchain to discard all blocks since the hack had happened and therefore restore a state of the blockchain in such a way that investors get back their funds.

1. A decentralized Autonomous Organization. It is smart contract that takes in funds in exchange for voting rights and is managed by the code.
2. The split function that allowed users the right to split the DAO if the organization was changed to a state they didn’t agree with. It sent funds a child DAO and that split function did not follow Check, Effect, Interaction which allowed the hacker to use a recursive call exploit to drain the DAO.
3. Although a soft fork was voted for it was deemed to have security flaws and was therefor abandoned. The hard fork was then done to prevent the hacker being able to transfer the funds.

1. Distributed Autonomous Organization (fundraiser for projects basically)
2. withdrawal to the Child DAO (“split”) (funds were sent before balances were updated)
3. Because the community thought it’s fair to give back the ETH

1. What is DAO?
   DAO was a decentralized application platform which had a computer program DAO based on Ethereum block chain that was designed to regulate smart contracts.
2. What function had the vulnerability?
   Split function had a vulnerability where the token holder could fork a new DAO and could get the funds from original DAO in some preprogrammed time gap.
3. Why was the hard fork initiated?
   Primarily due to the fact that the amount involved in hack was too much to ignore and do nothing, the soft fork resulted in more hacks and had some flaws, so the decision was made to do a hard fork.

What is DAO?

• Decentralized Autonomous Organisation

What function had the vulnerability?

• a split function had “checks-interactions-effects” instead of “checks-effects-interactions”

Why was the hard fork initiated?

• the majority of the community wanted a soft fork and that was decided, but there were other security flaws so it was discarded and the hard fork gained momentum.

1. DAO is Decentralized Autonomous Organization.
2. The split function - that gave funds to a child organization - had this vulnerability.
3. The hard fork was initiated because not everybody agreed to restore the funds to the victims.

1. What is DAO?

Decentralized Autonomous Organization.

2. What function had the vulnerability?

a split function

3. Why was the hard fork initiated?

not everybody agreed to restore the funds to the victims.

1. A decentralized autonomous organization
2. split function
3. To refund the victims of the DAO hack

1. DAO stands for “distributed autonomous organization” : a set of smart contracts that connect together and act as a governance system for some pre-defined purpose.

2. The “split” function, which allows minority voters to split off from the original DAO and make their own child DAO with different proposals, contained the vulnerability.

3. Initially the majority agreed on a soft fork, but it was found to have even more security vulnerabilities than its predecessor. After that, the community decided something should be done and they decided to return the victims’ funds, thereby initiating a hard fork.

Answers

1. DAO is either a collection of smart contract connected together that would act as a virtual organization, or is The DAO, a specific project that was trying to develop this idea.

2. “Refund function” from Original DAO to Child DAO had the vulnerability. The problem was in the code itself, because first this function would transfer token, and only later it would record the transaction modifying the state variable. An attacker found this malicious behavior and drained funds for a value of 3.6 million ETH.

3. The community was split among who believed that the code is law, claiming the immutability that distinguish block chain itself as technology; who wanted a soft fork, without having a chain-split but working for refund the victims and eventually who pretended an hard work, in which they could refunded the victims by reverting the transaction and splitting into 2 different chains. At first glance it seemed that soft fork would win, but there were posed additional security flaws and in the end community voted for the hard fork.

1. DAO is Distributed Autonomous Organization. that is a smart contract for a decentralized governance

It was possible to create a new DAO, which is called the child DAO but has the same abilities and it is subjected to the same restrictions that of the DAO it is divided from.
3.
It was created in order to revert stolen Ether transactions.

1. Decentralised Autonomous Organisation

2. The split function towards the child DAO

3. To get back the money

1. What is DAO?

DAO stands for Decentralized Autonomous Organization

2. What function had the vulnerability?

The split function was unsafe and open to re-entry attacks.

3. Why was the hard fork initiated?

To payback the victims of the hack. This lead to a split in the ETH community as well, as one side decided to keep mining the “old” blockchain, now known as Ethereum Classic.

1. What is DAO?
2. What function had the vulnerability?
3. Why was the hard fork initiated?

Answers:

1 - A DAO is another computer code through which a set of smart contracts are connected together and function as a governance mechanism.
2 - Split function
3 - They were running out of time, and the proposed soft fork didn’t work. When they initialized the hard fork, the funds have been returned to the inverstors.

1. Decentralised Autonomous Organisation (DAO) that relies on multiple smart contracts to interoperate and function as a governance mechanism.

2. Split function

3. The initial proposal was to use a soft fork to destroy the child DAO therefore not validating the stolen Eth. However, security flaws led to a change in decision to opt for the hard fork. The hard fork meant that all the stolen eth could be returned to the community and a new version of truth could be implemented.