DAO - Reading Assignment

1. DAO act as governance for ICO
2. The split function
3. Because The soft fork was canceled then Vitalik and others want to send ether back to the victims

What is DAO?

Decentralized Autonomous Organization

What function had the vulnerability?
A function that had improper code arrangement.order,
// checks
// interactions
// effects

instead of

// checks
//effects
//interactions… this is common throughout programming, if your code is out of order it will throw errors or have unexploited vulnerabilities… unfortunately for DAO, it was an expensive mistake.

Why was the hard fork initiated?

Not everybody agreed to restoring funds to the victims

1.- Descentralized Autonomous Organization

2.- The split function

3.- To refund the loss, revert the hack.

1. A DAO is a Decentralized Autonomous Organization. In this case it was meant as a crowd funding organization run by smart contracts. Members of the DAO (i.e. those that bought DAO tokens for ETH and thus had a claim) voted on proposals brought forward by the community as to whether funds would be granted for these proposals. If a 20% majority voted for a proposal funds would be automatically transfered to the project.

2. Should a voter not be satisfied with what the majority was voting on, he could withdraw his funds into a Child DAO, which he controlled and could vote on himself. The vulnerability that lead to the downfall of the DAO lay within this withdraw function.

3. To repay the stolen ETH to the community.

1. Decentralized Autonomous Organisation: DAOs mimick the idea of the governing body of the classic company model with the major difference being that (most) decision procedures, rather than taken by humans, are processed by running code recorded in smart contracts.
2. THE DAO was implemented including a minority protection scheme that allowed for minority stakeholders to retrieve their funds at any time by initiating the split function (allowing to fork the original code and move funds to the forked child DAO). The split function included the vulnerability, namely the possibility for a hacker to run a re-entrancy attack, by calling a recurring function (fall back function) without assuring that the state would record the change prior to repeating withdrawal of funds.
3. It enabled to cater to the majority of the community’s preferences to fix the DAO hack, mainly:

• return funds to the victims
• re-instate the before situation prior to the hack, mainly make the hack undone. While this resulted in the hack being “removed” from the blockchain, it also triggered many controversies as to the immutability of public blockchains, among other the creation of the Ethereum classic fork. Overall the public reputation argument of Ethereum seemed to have been an important criteria.
• keep regulators away and avoid further scrutiny of the DAO hack

What is DAO?
Answer: Decentralized autonomous organization
What function had the vulnerability?
Answer: recursive calling
Why was the hard fork initiated?
Answer: it would help to overwrite history and restore the stolen ether

What is DAO?

DAO stands for Distributed Autonomous Organization. In this case it was a particular DAO, on of the first. It was more or less an investment fund run by voting of token holders.

What function had the vulnerability?

The split function.

Why was the hard fork initiated?

Initially a soft fork was proposed but that was cancelled due to additional security flaws it could pose. To retrieve the funds of the victims a hard fork was initiated.

1. What is DAO?
   In general a Distributed Autonomous Organization - a series of smart contracts representing a virtual organization. Its token holders can vote on various proposals. Approved proposals transfer funds to another “contractor” smart contract which aims to eventually reward the DAO from its endeavors made possible by the original funds.
   DAO was also the name of the infamous Dao in the 2016 Dao hack which ultimately led to the Ethereum hard fork.
2. What function had the vulnerability?
   A feature whereby unsatisfied minority token holders (of an approved proposal that they disagreed with) could withdraw their funds into a forked/split child DAO had a reentrancy attack vulnerability. This allowed funds to be drained by the attacker.
3. Why was the hard fork initiated?
   In the end the proposed soft fork had an additional flaw so they had to go for hard fork in the end and basically rewrite the blockchain history

1. Distributed autonomous organizations

2. the s

3. return lost funds (that’s really interesting how they had planned this)

1.) Decentralized/Distributed Autonomous Organisation
the Dao: virtual venture capital fund
2.) The split function. Ether was retrieved before the balance was adjusted
3.) After the Soft Forks cancellation the community got to vote and the decision fell on the hard fork. The Hack was too big to let go.

1. The Decentralized Autonomous Organization. The DAO is a DAO.
2. The split function. It didn’t follow the CEI rule (checks-Effects-Interactions) and was therefore open to a recursive reentrency attack.
3. Because apparently code is only law until you like the outcome. (khmm).
   To reinburse (original) owners of the ‘misplaced’ funds, which were transfered to the child DAO during the attack. Really people. If we start questioning all ‘transactions’ we can go back and rearrange dirt in the ground in Summeria because of some unjust wars against the Assirians. The whole point of immutability is to affirm that reality exists and isn’t just a figment of our imaginations, not just in the natural world, but in the social as well. But… it’s nice to know that ETH is one upset majority miner vote away from ‘from each according to his need, to each according to his ability’… but that’s reality as well… code if you will.

What is DAO?

Distributed Autonomous Organizations

What function had the vulnerability?

Once a split function is called, the code was written in a way to retrieve the Ether first and update the balance later. Additionally, it was not checking whether there was a recursive call, which is an expression used to indicate a function that calls himself. The attacker(s) managed to recursively call the split function and retrieved their funds multiple times before getting to the step where the code would check the balance.

Why was the hard fork initiated?

Because it was voted on, and accepted, after the soft-fork additional security flaws were exposed.

Reading Assignment: DAO (Answers);

1. computer code though which a set of smart contract are connected and function as a governance.

2.The split function and childDAO

3. To refund the the money to investors and regulators kept out.

1.What is DAO?
It is Decentralized Autonomous Organization. DAO is computer code through which a set of smart contracts are connected together and function as a governance mechanism.

2.What function had the vulnerability?
Split function. A coder found a loophole in this procedure. Once a split function is called, the code was written in a way to retrieve the Ether first and update the balance later.

3.Why was the hard fork initiated?
To overwrite the history and restore the stolen ethers. This would reverse the all transactions happened after the starting point of the work.

1. What is DAO?
   DAO stands for decentralised autonomous organisation. In this example DAO is a famous example of one of the first instances of this kind of organisation, that got hacked and caused Ethereum to hard fork.
2. What function had the vulnerability?
   the split function.
3. Why was the hard fork initiated?
   Three options were considered - do nothing, soft fork or hard fork. Initially, it was decided to do a soft fork, but once it became clear that this would introduce other security issues, the decision was changed to doing a hard fork. The hard fork made it possible to reverse the hackers actions and return people’s funds to them.

What is DAO?

• set of smart contracts serving as a governance mechanism

What function had the vulnerability?

• The split function of the DAO

Why was the hard fork initiated?

• Due to additional security flaws the soft fork proposal poses and to return the funds of the investors and keeping out regulators to what had happened.

Decentralized Autonomous(?) Organization

it was a split DAO function - Ivan called it refund()

Soft Fork got the majority votes, but then it turned out it had additional security flaws. Since they were running out of time (48 days for attacker to completely be able to use the funds in the Child DAO), they went with Hard Fork and revert all transactions after the hack.

1. A Decentralized Autonomous Organization - a set of smart contracts that function as a governance mechanism
2. The split function.
3. To reverse the hack and return the funds to original owners.

1. What is DAO?
   A decentralised autonomous organisation. Where share/token holders have voting rights, similar to regular companies.

2. What function had the vulnerability?
   The split DAO function and the child DAO creation.

3. Why was the hard fork initiated?
   A majority of the Ethereum community voted to hard fork the blockchain as the ‘hack’ was too large to let go.

1. What is DAO?

DAO stands for “Decentralized Autonomous Organization”. It was known for its smart contracts and operation in 2016 and the hack related to it.

2. What function had the vulnerability?

The DAO split function

3. Why was the hard fork initiated?

Earlier soft fork failed and the community saw hard fork as alternative solution.