DAO - Reading Assignment

1. Dao stands for distributed autonomous organizations. It function as a governance mechanism.

2. Split function had the vulnerability. The code was written in a way that user gets Ether first and then update the user’s balance.

3. Hard fork was initiated to return the lost funds.

1. Dao is a Decentralized Autonomous Organization, it is an open source blockchain protocol that is governed by set of rules, created by its members, that automatically execute certain actions without the need for intermediaries.

2. It was the split() function where the attacker(s) managed to recursively called and retrieved their funds multiple times before getting to the step where the code would check the balance, in other words the split function had the re-entrency problem.

3. The hard fork was initiated so that the lost funds will be return to the victims of the hack, there was also other options like the soft fork but it didn’t materialized since later on they also found out that there will be additional security flaws it would pose, so therefore they don’t have any choice left but to do the hard fork in order to bring back to the victims the said stolen funds.

1. Decentralised Autonomous Organisation
2. Split Function
3. To return funds to the Investors and to keep regulators at bay.

What is DAO?

• A DAO is a “Decentralized autonomous organization”
• The DAO created by the Slock.it was a virtual venture capital fund that is governed by the investors of the DAO. The idea was the following: Funds raised from the investors, the token holders, are pooled.

What function had the vulnerability?

• The Split Function, the code was written in a way to retrieve the Ether first and update the balance later.

Why was the hard fork initiated?

• After the cancellation of the soft work, discussions regarding a hard fork gained momentum. According to proponents of the hard fork, the hack was too big to let go and the community should be the final decision makers.

1. What is DAO?
   DAO stands for distributed autonomous orgranizations, which is a set of smart contracts connected together to form and function as a governance mechanism.

2. What function had the vulnerability?
   The split function.

3. Why was the hard fork initiated?
   Because soft fork was discarded due to additional security flaws it posed and with hard fork, the funds would be returned and regulators were kept out.

• What is DAO?
  Distributed Autonomous Organization
• What function had the vulnerability?
  function that split the Dao to a child Dao
• Why was the hard fork initiated?
  because others solution are discarded and the soft fort was cancelled , and the community

What is DAO?

DAO was a project created by Slock.it which went live on 30 April, 2016 and was hacked 16 June, 2016

• The project was a virtual venture capital fund which was governed by the investors (token holders).
• The initial offering happened in May 2016 and the only requirement to be an investor was to invest Ether into the system.
• It raised 12.7 million Ether, which at the time was more than 150 million USD

The project itself was a DAO - distributed/decentralized autonomous organization which is computer code through which a set of smart contracts are connected together and function as a governance mechanism.

What function had the vulnerability?

The split function had the vulnerability known as a recursive call exploit.
The code was not checking whether the function could call itself.

ie. recursively call the split function and retrieve funds multiple times before having to update balance.

Why was the hard fork initiated?

The hard fork was initiated because the soft fork (voting started 22 June, 2016 scheduled to activate 30 June, 2016) which was majority agreed upon had additional security flaws. The hard fork proposal was voted and accepted by majority of the Ethereum community.

The hard fork was completed 20 July 2016 and funds were returned to investors.

As a result, victims of the hack got their funds back since the immutability was not absolute. The hard fork led to the main branch continuing as Ethereum and the old branch as Ethereum Classic.

1. What is DAO?
2. What function had the vulnerability?
3. Why was the hard fork initiated?

1. a decentralized autonomous organization, where decisions are made through voting weighted by the amount of tokens held. The DAO was the first DAO project on Ethereum.
2. the split function that allowed any token holder to initiate the creation of a child DAO, which withdraws funds from the parent DAO
3. to rollback the network state to before the hack

1. DAO was a project created by Slock.it to act as a venture capital fund controlled and governed by token holders. Token holders would vote on project proposals and any proposal that received support from at least 20% of the outstanding tokens would be approved and granted funding.
2. The function that had the vulnerability was the split function. The split function allowed the creation of a child DAO to act as a protection for the minority token holders in the event of a dispute over approved projects.
3. The hard fork was initiated to return the stolen funds to the victims but not everyone agreed which resulted in the split of Ethereum from Ethereum Classic.

1. What is DAO? Decentralized autonomous organization - code that connects a series of smart contracts where decisions are made based on equity of investment.

2. What function had the vulnerability? The split function.

3. Why was the hard fork initiated? The community was going to use the ‘soft fork’ first but identified risks. As a result, they had to use the hard fork to correct the situation and return funds to the victims.

What is DAO?

A DAO is a Decentralised Autonomous Organisation, which is effectively a distributed organisation which is governed by smart contracts.
Members of a DAO hold the DAO tokens - similar to how they would shares in a company. These tokens provide them with voting rights on making democratic decisions.

In the case where a minority is unhappy with the decisions and progression of the DAO, they can fork to make a child DAO. This child DAO is governed by a handful of coded rules set out by the consensus DAO, but with changes in which they believe make it superior to the consensus DAO.

What function had the vulnerability?

The infamous The DAO hack was exploited through the Split Function where a Child DAO is effectively forked from the consensus DAO. The Ethereum of the members who wish to join the child DAO receive their funds from the consensus DAO as a refund and those members can carry on with the child DAO.

By disrupting the control flow of the Split function, the attacker was able to call multiple transfers to the child DAO before the state updated the balance.

Why was the hard fork initiated?

There were huge losses involved in The DAO hack. The Ethereum community debated whether to pursue the fundamental Code is Law philosophy, or to either soft or hard fork the Ethereum blockchain to save investors from losing their funds.

The debate involved several factors in which both sides of the argument had legitimate ideas, however many people in the Ethereum community including Vitalik Buterin pushed for a hard fork.

The code-is-law principal had been fundamental to the success of Ethereum and blockchain thus far. Decentralised networks depended on immutability to provide a trustless environment of ‘UnStOpPaBLe gLObAL cOMpUTinG’ .
Breaking this principle could have easily undermined the movement and destroyed confidence in the technology as a whole.

Yet you had a significant handful of early adopters being burnt of no action was made. Leaving the chain ‘as is’ would leave a bad taste in many of their mouths and this could have also been the beginning of the end for Ethereum.

The original consensus network continued as Ethereum Classic (ETC) while Ethereum (ETH) rolled back the chain to before The DAO hack and retrieved the investors Ethereum.

Whether this was the right move is still up for debate. Ethereum has continued on to become an absolute powerhouse, however this decision continues to divide passionate members in the blockchain community.

1. What is DAO?
   –A decentralized autonomous organization, where token holders could vote on proposals for funding new projects and the DAO’s funds would be given to those projects once voting was complete. Minority voters who disagreed were able to “split” the DAO and create “child DAOs”, where they could later create proposals of their own and vote in the same way.
2. What function had the vulnerability?
   –The split function, which didn’t update the refund allowance of a user until after the transfer to a child DAO was completed, which opened the door for a re-entrency attack.
3. Why was the hard fork initiated?
   –Because while the minority of Ethereum users agreed that nothing should be done (“code is law”), the majority were in favor of a soft fork–which got cancelled due to security issues. The hard fork was the majority opinion after the soft fork was scrapped. The hard fork re-wrote the blockchain so that the hack never happened, and it refunded all the users of The DAO.

I couldn’t open the article so went for other sources…

1. What is DAO?
DAO stands for Decentralized Autonomous Organization is a blockchain-based cooperative that is collectively owned by its members, with rules set and executed through code. While The DAO was an early iteration of DAO governance, decentralized autonomous models remain highly influential in blockchain-related use, particularly amonst DeFi.
From:*
https://www.gemini.com/cryptopedia/the-dao-hack-makerdao#section-what-is-a-dao

2. What function had the vulnerability?
splitDAO()
The basic idea is to propose a split. Execute the split. When the DAO goes to withdraw the reward, the function is called to execute a split before that withdrawal finishes. The function will start running without updating the balance, and it transfers tokens from the parent DAO to the child DAO. Basically the attacker uses this to transfer more tokens than they should be able to into their child DAO.
From:
https://hackingdistributed.com/2016/06/18/analysis-of-the-dao-exploit/

3. Why was the hard fork initiated?
Ethereum Classic came to be after members of the Ethereum community implemented a time-sensitive hard fork (“DAO Hard Fork”). On 20th July 2016, at a block height of 1.92 million, Ethereum introduced an irregular state change via a hard fork in an effort to return approximately 3.6 million ether that had been taken from a smart contract known as The DAO. Almost everyone agreed that the ether taken had been stolen and that leaving it all in the hands of the thief would be of significant detriment to the development of the Ethereum ecosystem as well as the platform itself.
From:*
https://fullstacks.org/materials/ethereumbook/16_appdx-forks-history.html

1. What is DAO?
   Decentralized Autonomous Organization: a collection of smart contracts which function together as a governance mechanism.

2. What function had the vulnerability?
   splitDAO() - which was very well capable of allowing the attacker to withdraw funds multiple times than he was entitled to.

3. Why was the hard fork initiated?
   The hard fork was initiated in reaction to hack as it was too big to let go. Hard fork caused the restoration of stolen ethers.
   Before this solution, the soft fork was approved by the majority, but it was discarded later due to security concerns.

1. What is DAO?
   Distributed autonomous organizations. It can express both the project and the general term. Set of smart contracts are connected and function as a governance mechanism.

2. What function had the vulnerability?
   Split function

3. Why was the hard fork initiated?
   At first majority voted for soft-fork, however it was not succesful. So afterwards majority voted for hard-fork, even though it could harm the integrity and immutability of blockchain.

1. What is DAO?
   A DAO stands for Distributed Autonomous Organisation which is theoretically a bunch of smart contracts governed by an entity/group of people. In this DAO people can participate as long as they have the tokens for it and with these tokens they can vote for a proposal and move the DAO to their own personal/financial preferences.

2. What function had the vulnerability?
   There was a problem in the split function which meant that if you were against a proposal you could split the original DAO and make a child DAO. This helped the minority against the majority but this also implemented some risks as shown now. The hacker\attacker found a loophole in the contract where this person could drain the parent contract from all of the ether init.

3. Why was the hard fork initiated?
   They did a hard fork because then they could reverse all the transactions that was being done and start the chain from a new good/updated block. They chose to do a hard fork over a soft fork because

1. What is DAO?

A DAO (Decentralized Autonomous Organization) is a computer code through which a set of smart contracts are connected together and function as a governance mechanism.

2. What function had the vulnerability?

According to this article the split function had the vulnerability.

3. Why was the hard fork initiated?

It was initiated to return all stolen Ether to the investors.

DAO - Reading Assignment

1. A DAO is a collection of smart contracts that act as a virtual entity where control over its functionality is handled by token holders who can vote on, implement and make different changes to the entity. Essentially granting governance over the operations of the protocol by voting.

2. The Split function contained “recursive call exploit”.

3. The Split function had a schedule, giving the developers 27 days before the hacker would be able to make a proposal to move the funds, this triggered the community to make a decision about how to proceed with recovering the stolen funds.

1. What is DAO?A DAO is another computer code through which a set of smart contracts are connected together and function as a governance mechanism.

2. What function had the vulnerability? Split function

3.Why was the hard fork initiated?To rollback the hacker’s transaction and return the stolen funds.

Answers

1. A Decentralize Autonomous Organization is a collection of smart contracts which users that own more tokens/shares have more influence to vote/govern.

2. The function that contained the vulnerability was the spilt function.

3. The hard fork was initiated because it retrieved the stolen funds from the DAO hack.