USD 50m siphoned in hack of The DAO

Automated, decentralised quasi-venture capital investment fund The DAO was hacked, with USD 50 million of Ether virtual currency siphoned elsewhere. 

The hack resulted from a critical vulnerability in The DAO’s smart contract code, allowing an attacker to manipulate the code and drain a substantial amount of Ether from The DAO’s funds. The vulnerability was related to the mechanism of splitting, which allowed token holders to exit the organisation and retrieve their Ether. Controversially, The DAO theft prompted Ethereum to do a so-called 'hard fork', in which the Ethereum network split into two as a way to restore the stolen funds. 

Launched in April 2016, The DAO was an automated quasi-venture capital investment fund with no known management structure based on a digital decentralised autonomous organisation (DAO) that operated on the Ethereum blockchain, as built by German company Slock.it. The DAO raised USD 150 million in what was then the largest crowdfunding campaign, and was seen by enthusiasts as a revolutionary way to manage organisations of all kinds.

The incident raised questions about the governance, security and of The DAO, and its regulation, as well as about the governance of decentralised autonomous organisations more broadly. 

➕ September 2016. The DAO ceased operations. 

➕ July 2017. An SEC investigation concluded: 'The automation of certain functions through this technology, ‘smart contracts’ or computer code, does not remove conduct from the purview of the U.S. federal securities laws.'

➕ February 2022. In her book The Cryptopians, journalist Laura Shin named then Singapore-based Austrian national Toby Hoenisch as responsible for The DAO hack.

Legal, regulatory 👩🏼‍⚖️

• Securities and Exchange Commission (2017). Report of Investigation Pursuant to Section 21(a) of the Securities Exchange Act of 1934: The DAO (pdf) 

Research, advocacy 🧮

• https://www.frontiersin.org/articles/10.3389/fbloc.2020.00025/full

Investigations, assessments, audits 🧐

• https://www.forbes.com/sites/laurashin/2022/02/22/exclusive-austrian-programmer-and-ex-crypto-ceo-likely-stole-11-billion-of-ether/

News, commentary, analysis 🗞️

• https://www.wired.com/2016/06/50-million-hack-just-showed-dao-human/

• https://www.coindesk.com/understanding-dao-hack-journalists

• https://www.businessinsider.com/dao-hacked-ethereum-crashing-in-value-tens-of-millions-allegedly-stolen-2016-6

• https://techcrunch.com/2016/05/16/the-tao-of-the-dao-or-how-the-autonomous-corporation-is-already-here/

• https://www.economist.com/finance-and-economics/2016/05/19/the-dao-of-accrue

• https://observer.com/2017/07/sec-dao-report-securities/

• https://medium.com/swlh/the-story-of-the-dao-its-history-and-consequences-71e6a8a551ee

• https://medium.com/@laurashin/who-hacked-the-dao-on-ethereum-heres-how-we-jumped-past-one-critical-step-60aec489a127

• https://markets.businessinsider.com/news/currencies/dao-hacker-identity-stole-11-billion-2016-ether-revealed-2022-2