What is The Dao (DAO) in simple terms? The continuation is available only to members.
TheDAO project was based on the Ethereum cryptocurrency blockchain, so each owner of DAO tokens who bought them for Ethereum has the opportunity to vote for a project that will attract investors. All funds that are involved in this project are located in the Ether cryptocurrency. Over the entire history of this project, about 150 million dollars in ether equivalent have been raised.
what happened withtheDAO?
From the first day of its work, the DAO project became very popular both among investors and among people who wanted to realize their ideas, but they did not have the funds for this. During the first months of work, the project raised $50 million, but but but…. But the attackers managed to find a bug in the code and broke it, whereby they stole $50 million worth of ether. This event prevented the DAO from reaching its potential, and divided the Ethereum community into two parts. Indeed, in order to return funds to contributors, the developers of the DAO project had to take an unprecedented step - to make a hard fork. After that, the process of returning all the funds back began, and the project could not develop, although the prospects for it were drawn oh-so. By the way, it was because of the hard fork that the world received two cryptocurrencies with similar names Ethereum and Ethereum Classic, read more about this here.
What's happenedCharityDAO?
After launching and hacking the DAO, the developers realized that the world needed a similar project, and decided to make a project similar to the DAO, called Charity DAO. Charity DAO is a more narrow-profile project, because it is aimed exclusively at charity. Nowadays, most people don't donate to charities because they don't trust them. Charity DAO can help with this, because, like in the DAO, people will not distribute funds manually, this will be entrusted to the Charity DAO program code. We hope that the developers will be able to eliminate the possibility of this network being hacked and it will help many people.
The editors of our blog are looking forward to the launch of a new DAO project, because there are a lot of people in the world who simply need our support. If in the world of cryptocurrencies, there are still concepts that you cannot understand, then write them in the comments, and we will make a description of them, in simple words. Bitbetnews was with you, see you on our pages.
On May 28, the largest crowdsale in history was completed, which was organized by the decentralized automated organization DAO, an investment platform without a management center. The platform has raised over $132 million.
The organization accepted investments in the form of ether - the "crypto-fuel" of the Ethereum platform. During the last 4 days of attracting investments, the price of one hundred DAO tokens remained at the same level of 1.5 ETH. Initially, the declared price of one hundred tokens was equal to 1 ETH, but then it gradually changed during the ten-day growth period, which started on the fifteenth day of the crowdsale.
During the 28 days of the crowdsale, the creation of the DAO platform as such took place, according to the website, because this is how its financial base is formed. The tokens that the user receives in exchange for his ether are issued here and now, and their number is not limited by anything (in total, more than 1,172 million of them were created during the sale). However, from May 28, at the end of the investment attraction period, the number of DAO tokens will remain unchanged. No mining, unlike bitcoin or other digital currencies (including ether), DAO does not imply.
The success of the crowdsale generated a strong reaction in the cryptocurrency community. For a month, specialized media closely followed the investment rise of the DAO. Due to the rapid growth, especially in the first period (over 100 million dollars were collected in the first two weeks), the weight of the organization in the Ethereum ecosystem has increased dramatically: in total there are about 80 million ether in the world, the company has collected more than 11 million so far - it turns out, more 1/8 of all reserves of this cryptocurrency are now held by the DAO. Due to the popularity of the project, the price of ether has also risen: since the end of April by May 22, it has almost doubled and exceeded 0.03 bitcoin, although by now it has fallen again to 0.024 bitcoin.
However, many users do not agree with the very term "crowdsale" in relation to this case. Wikipedia flared up about whether the DAO can be considered a "crowdsale record holder." This is not a project or an enterprise, writes one of the users, but a pool of funds without a special purpose, so this word is unacceptable here. Rather, a DAO share can be compared to an initial public offering, writes another.
The DAO (although, emphasizing its exclusivity, the organization calls itself The DAO) offers an innovative way for investment funds to make decisions. Drawing parallels with politics, one could call it direct democracy with elements of a property qualification. Each participant (that is, each owner of tokens) has the right to vote as part of voting for a particular project. But the weight of this vote depends on how many tokens the participant owns.
Depending on the amount of ether that is required for a particular project, 20% of the community and above should participate in voting on it. The draft is debated for two weeks, followed by a vote in which the draft is either rejected or accepted. In the latter case, the DAO may provide funding either at a time or in stages, in parts over a certain period. This decision, like all others, is not made by any body, but decentralized.
The organization intends to give preference primarily to projects related to the Internet of Things and the distributed economy, but it is not at all going to be limited to these areas. Any innovative proposal can be submitted to DAO members for consideration.
After the project is implemented, DAO plans to use its results (which is very likely if the projects are aimed at developing blockchain technology and related areas), as well as receive monetary rewards for the investments made. This money in the future should partly go to the development of the DAO, and partly return to investors. The platform, however, allows investing in projects that do not promise profit, for example, in charity.
To make sure that a particular project proposal comes from a specific person or organization, the DAO has a curator figure. Currently, this function is performed by several prominent representatives of the Ethereum community, starting with the founder of the platform, Vitalik Buterin. However, the organization emphasizes that having a curator position does not lead to centralization. The curator does not decide which project to accept or reject; the curator, in addition, can always be removed by voting.
The DAO also provides a mechanism against the so-called "tyranny of the majority". What if someone buys 51% of the organization's tokens and then votes to transfer all the funds to their account? Theoretically, such a situation cannot be ruled out. In this case, a "fork" will occur - the organization will be divided into two new ones. A minority will form a new decentralized autonomous organization, and everyone will keep their money. The same mechanism, by the way, will work in case of an insoluble conflict around the figure of the curator.
This mechanism implements the principle of "subjectivocracy" (subjectivocracy), Buterin for cryptoeconomics in general. In case of disagreement on important issues, the developer writes, the block chain is divided in two, and everyone is adjacent to the option that is closer to him. According to the founder of Ethereum, "subjectivocracy" in general may become the preferred form of government - in the future, of course, when almost all resources will become digital. In the meantime, he proposes to confine himself to cryptoeconomics.
In its "manifesto", the DAO proclaimed, among other things, the principles of democracy and decentralization. However, the idea of decentralization that underlies blockchain technology as such can contain not only advantages, but also dangers. Collective management of the funds of the fund may not be effective, argues in a recent article by cryptocurrency information publication BitScan. Unlike a qualified manager, an ordinary user may not have experience, not understand digital finance and not understand the general situation in the fund. He may not be able to analyze the history of the fund in order to make a decision based on this.
That is why the DAO (and this particular organization, and other decentralized organizations of this type) may ultimately lose out to decentralized conglomerates (DCs), the article refers to the opinion of Larry Christopher Bates, a blockchain specialist and DC entrepreneur. DC is a group of companies working in symbiosis and having common goals, but without a parent company. Decentralization takes place, but it does not go below a certain level: there are quite centralized enterprises within the conglomerate. From Bates' point of view, it is structures like DC (rather than DAO) that offer the optimal balance of democracy and professionalism at the moment.
Be that as it may, this Saturday the DAO will become fully operational. The Gatecoin and Bittrex exchanges have already announced their readiness to trade the organization's tokens. The experimental nature of the enterprise is obvious, and given its scale, failure can turn into a real disaster in the market; but maybe the DAO will be another victory for the principle of decentralization.
Andrey Levich
(Eng. Crowd - crowd, Funding - financing) - a method of attracting investments for a project.
The most famous progenitor crowdfunding- American. More than 10 million people have supported projects on Kickstarter. The service Indiegogo is also popular in the world. In Russia, there are several analogues: Planet and Boomstarter.
Here is a link to my Boomstarter project: Japan Reality Show Business. In 40 days I was able to collect 202,034 rubles. It wasn't easy. Here are some tips to help you with your campaign.
1) Create value
Your project should be useful to you, your environment and other people. Think about how your product will change our lives for the better? One of the most popular areas of crowdfunding is Technology. The guys create holders for flash drives, desktop air conditioners, keys with a GPS tracker. Absolutely everything that appears in a bright head.
In my case with the Japanese trip, it was more difficult to convey value to others. I had to prove that this is not just a vacation.
2) Make an honest video
The video in the title of your project is one of the decisive factors. Many sponsors of your project will be satisfied with a short video presentation, where you honestly tell what you have in mind.
Here is my video:
3) Set reasonable numbers
Once a brilliant idea pops into your head, you'll want to wager a decent amount to raise. Only now more than 90% of projects do not collect the required amount.
I recommend clearly describing the minimum budget: what you need money for and how much. Let the audience know that if successful, you will continue to raise money and add additional bonuses. For example, in the production of clothing, such a bonus can be a new color or an additional model.
Remember a simple thing: if you do not collect the entire amount, you will receive NOTHING. All money will be returned back to your sponsors on the cards.
4) Choose smart incentives
As an incentive to sponsors, you can give a product that you create with the money raised. Usually production takes 1-5 months after the end of the campaign.
If you have an intangible product, as in my case, you can give symbolic gifts. I sent UniFashion sweatshirts, postcards from Japan. I also gave a video message from the Japanese and the opportunity to participate in my press conference.
Don't stop at banal t-shirts - come up with the most daring things!
5) Don't Expect Miracle Support
When I first started my project, the Boomstarter manager said that he would post an announcement in the company group and suggest media contacts. I relaxed and thought that the money would flow like water. The project is incredibly important! 🙂
They didn't run. The repost did absolutely nothing. 0 rubles. The media was not interested in the zero project. It was necessary to work. Every day I sent messages to newspapers and online publications. Every day I got rejected. This is the reality of crowdfunding.
Get ready for everyone to kick you in the ass
Keep talking - that's the key!
6) Make a Fundraising Plan
But the plan is working! After all, this is mathematics. Divide your amount by the number of days and you get the amount that should be collected daily. In my case, 200,000 rubles / 40 days = 5,000 rubles daily.
In addition to the monetary plan, set the number of successful media partnerships. They wrote in 10 newspapers - 1 published. 0.1 conversion is just awesome!
On June 17, 2016, an unknown attacker transferred about a third of the DAO project funds to his accounts. The attack continued for several hours. During this time, he managed to capture more than 3.6 million ethers - an amount equivalent to about 50 million dollars.
What is DAO
When we are talking about DAO, confusion is inevitable. In addition to the DAO project (The DAO), which fell victim to the attack, there is also simply DAO - a term that refers to distributed autonomous organizations (Distributed Autonomous Organization). Such organizations differ from ordinary ones in much the same way that smart contracts differ from traditional ones: in both cases, people remain behind the scenes. The structure, goals and internal processes of such an organization are determined not by its managers and employees, but by the program code.
The most obvious example of distributed autonomous organizations is the cryptocurrencies themselves. They belong to no one and are subject to no one. Thousands of people are involved in their activities, but they do not control Bitcoin or Ethereum. Nobody controls. The device and the principle of operation of the cryptocurrency do not depend on people, but on its protocol. People just follow him.
All these qualities fully describe the ill-fated DAO project. It was supposed to become something like a cryptocurrency "Kickstarter" - transparent, decentralized and sacredly honoring the will of each participant. The project was conceived and implemented in the German startup Slock.it, which develops electronic door locks. Its founders hoped to find investments for their ideas with the help of the DAO.
From a technical point of view, the DAO project is an Ethereum smart contract. And this is a very difficult contract. It describes all aspects of the functioning of this organization. After the creation of the DAO, the stage of initial capital accumulation follows - 27 days, during which anyone can buy the organization's tokens and become its full member. Then the work begins: those who wish to submit their ideas to the public, and token holders vote. Winners receive funding. And voting, and financing, and the distribution of profits occurs automatically.
The DAO project token sale began on April 30, 2016. After 27 days, they were purchased by more than 11 thousand people. As a result, a huge amount was concentrated under the control of a single smart contract - more than $ 150 million. No one has ever collected such money with the help of crowdfunding.
Slock.it certainly did not expect such a development of events, but by that time their expectations and plans no longer played a role. The fate of $150 million now depended not on them, but on the contract code.
Distributed autonomous robbery
Just three weeks after the opening of the DAO, members of the Ethereum community looked at the millions of dollars floating away from them in bewilderment and could not do anything. Money that could not belong to him went to the account of the organization of one of the participants in the project. At the same time, there was nothing to complain about. Ethereum worked exactly as it should. The DAO project code did exactly what it was supposed to do. Everything was correct, except for the result.
The cause of the leak was found almost immediately. The organizer of the attack noticed an interesting feature of the splitDAO function, designed to leave the DAO project. She creates a subsidiary, sends the founder's share to its account, and only then, at the very end, updates the balance. If you recursively call the same function again, while the balance is not recalculated, nothing will prevent it from resending the money already spent to the child DAO.
The recursive splitting process continues until it hits the technical limitations of Ethereum. As a result, 20-30 times more funds are transferred than it should be. Another bug in the withdrawRewardFor function allows you to repeat this trick for as long as it takes. The organizer of the attack did it hundreds of times.
Here you need to be aware of all the madness of what is happening. This is no ordinary robbery. Strictly speaking, this is not a robbery at all. And this is not a repeat of Mt. gox. Then it was gone more money, but in this case, the interest is not in money. The organization affected by this incident is so unusual that both the problem and its solutions have an absolutely fantastic coloring.
The DAO project has no servers that can be turned off. He has no bank accounts to freeze. It does not even have an owner who will be responsible. On the balance sheet is $150 million, run by a crazed program in a language similar to JavaScript. She is convinced that this money should be sent to the attacker - and sends, sends, sends.
The Ethereum machinery ensures that smart contracts are not violated. It does not guarantee that they are free of errors. Moreover, the very concept of "mistake" is alien to his logic. For Ethereum, what is more important is what is allowed and what is prohibited. And this entirely defines the code of the contract. The DAO contract code, albeit unintentionally, allows you to pump out other people's millions. Therefore, from the point of view of Ethereum, the actions of the organizer of the attack are perfectly legal.
Thousands of mining nodes executing the erroneous contract automatically verify every transaction it initiates. They see that everything is correct, everything is legal, all conditions are met. As a result, other people's money goes to the organizer of the attack, and information about this is irreversibly stored in the blockchain. It is impossible to return them without the consent of the new owner.
This is the first autonomous distributed crime. One uncontrolled program deceives another, and the third checks the legitimacy, following its own, not at all human logic, and counts money. People would like to intervene, but there is no place for them here.
No exit
If we were talking about a regular program and a regular hack, then the tactics would be clear. First you need to fix the vulnerability. Lost money can not be returned, but at least the rest will be safe. Then you should by any means bring him out from under the blow.
But a smart contract is not a simple program. A smart contract is a contract, and contracts cannot be just taken and changed. They are concluded in order to fix the terms of the transaction and the obligations of the parties once and for all. They are immutable - that's the whole point. Correction or cancellation of an erroneous contract can be achieved through the courts, but in Ethereum this is understandably impossible.
Neither Ethereum nor the DAO contract itself provide a mechanism that would allow the contract code to be updated. It is impossible to transfer a project from one version of the program to another and save its internal state. This, among other things, means the inevitable loss of the contents of the extraBalance variable. The DAO project has several million dollars written on it.
DAO participants can leave the project at any time and take their share with them. In the midst of the attack, many tried to take advantage of this opportunity and found that in the current situation it was no good. The fact is that money from a DAO account cannot be converted into Ether directly. First, they will be transferred to the child organization using the same splitDAO function that was used in the attack. This is long and also pointless, because the newborn DAO is controlled by the same vulnerable code. They took money from the parent DAO - they will take it away from them too.
How less money remained in DAO accounts, the more obvious it became that there was no easy way out. A mistake in the contract cannot be corrected - at least quickly and without loss. Money cannot be saved either - in any case, quickly and without loss. The created system is not adapted for either one or the other.
What to do next? The founders of the DAO project called on their supporters to break the system. They have published a code whose mass execution will overload the Ethereum network. DDoS will not stop an attack on the DAO, but it will slow it down and give it time to find a solution.
Extraordinary measures
A few hours later, the creator of Ethereum, Vitalik Buterin, intervened. Through the official cryptocurrency blog, Buterin proposed a so-called soft fork. software Ethereum and block the stolen money.
Continued available to members only
Option 1. Join the "site" community to read all the materials on the site
Community membership for specified period will give you access to ALL Hacker materials, increase your personal cumulative discount and allow you to accumulate a professional Xakep Score rating!
On June 17, 2016, perhaps the largest attack in the history of the crypto industry took place - due to an error in the code, The DAO, a promising and very popular project at that time, lost more than $60 million.
ForkLog magazine decided to remember this date and try to analyze what this event led to.
A little background
At the dawn of the ICO, that is, only about a year ago - on May 28, 2016, the sale of the tokens of the decentralized investment management project The DAO, which was founded by the Slock.it startup team, ended.
For the time being, The DAO was doing very well: the community fell in love with the project, and Vitalik Buterin stood behind it with a mountain, and the crowdsale was, to put it mildly, successful - they collected more than 12 million ETH, which at that time was about 165 million dollars ( today - more than 4.3 billion dollars!).
“Over the past 24 hours, The DAO has grown in value by almost 16% against USD ($0.158) and more than 5% against ETH (0.000228).” (For reference: Bitcoin then cost $695).
Something went wrong…
However, just a week before the collapse of The DAO, the editors of our magazine published several entertaining materials that directly talked about the possible vulnerabilities of the project. This is also the co-founder and COO of the startup Slock.it, who was just creating investment fund The DAO.
In a conversation with Tual a year ago, ForkLog was interested in how justified the community's fears about possible attacks on the project. Evaluating the content of this text now, we can say that the Slock.it team was not serious about possible vulnerabilities, and even about an honest conversation about them.
“I am calm about the future of The DAO. All the events that have happened have made it the biggest crowdfunded project in history, and in fact the biggest ever. venture project. The DAO will enable companies to emerge that would otherwise never exist,” Stéphane Tual said on July 10, 2016.
At the same time, GitHub users and project contributors raised the alarm about the . To solve this problem, Stefan Tual himself, who the very next day published a link to the fix and announced a series of software upgrades. Tual called this vulnerability a "recursive call" - it was she who led the DAO project to collapse.
Recursive call and crash of The DAO
And at about noon it became known what the reason was sharp drop token prices: $50 million stolen.
The market began to panic. The founders of The DAO, Vitalik Buterin, and Ethereum fell under the hot hand. Many crypto experts and community members buried these projects right in the same grave. The culmination of an extensive discussion around what happened was the epic appearance of The DAO directly attacking.
Imagine that after a bank robbery, during the proceedings between the police and crying depositors, a masked man suddenly appears and says: “Calm down, guys! This is my doing, but everything is legal. This is approximately what happened, however, in the online space: the attacker, in which he not only did not admit guilt, but also threatened with court if he was deprived of the “loot”.
“I took a close look at the DAO code and decided to participate after I found a feature that rewards splits with extra ethers when run. I enabled this feature and legally received 3,641,694 Ether. I want to thank the DAO for this award. (…) I reserve the right to take any and all possible legal action against any accomplices in the illegal theft, freezing or seizure of my legally obtained ETH tokens, and I continue to actively work with my law firm. All of these accomplices will soon receive appropriate notifications to their postal addresses. I hope this event will be a valuable experience for the Ethereum community, to whom I wish all the best,” the letter said.
However, later experts recognized this letter as worthy of entering the history of cryptocurrencies. Nevertheless, the point in this matter has not yet been set. Perhaps in the future we will learn amazing and unknown details of what happened on June 17, 2016.
Returning to the attack, it must be recalled that the theft was committed precisely because of a vulnerability called "- it allowed the endless withdrawal of funds from The DAO and transferring them to a child DAO by repeatedly splitting the DAO, re-collecting ETH within a single transaction.
However, the window for creating a child DAO was exactly 27 days, and funds from the wallet could not be withdrawn all this time. The community began to look for ways to "restore justice" and eventually settled on Vitalik Buterin in every sense.
Consolation results
A year later, it is safe to say that the attack on The DAO did not destroy anything but The DAO itself, and gave the community, around which a small but influential community gathered. The DAO hack, on the contrary, showed that the cryptocurrency world is quite resilient to such shocks, even in its infancy, which was a year ago.
I would like to note that at the very beginning of the huge boom that began after the failure of The DAO, a material called . Now these lessons can be called the foundations of a successful choice of ICO as an investment. They have not lost their relevance even now, so they can be quoted in full.
- Analyze ICO carefully. It is important to understand what you are buying and for what purpose. Greed and the pursuit of quick profit sooner or later lead to financial losses. Of course, even the most disastrous cryptocurrency projects in the medium term can have enormous speculative potential. And if that's what you're counting on as an investor, don't invest more money than you're willing to lose.
- Delayed release is better than unsafe code. The developers of The DAO, apparently, did not expect this financial success, and this made the project attractive not only for investors, but also for attackers. However, nothing prevented the project from being frozen for some time, limiting the ability to work with the main contract. And only after conducting thorough testing with the support of the community and experts in blockchain and security, launch the main functionality of the project. What we have encountered in reality is the unacceptable negligence of programmers. As a result, the reputation of individual developers has suffered, if not completely, then very much.
- There are lions here. Idealism and good intentions, with which the cryptocurrency community is overflowing, intoxicate and distract from the real state of affairs. While the number of new cryptocurrencies and projects is growing almost exponentially, it's time to turn to history stock markets not to repeat the mistakes of the past.
- Emotions and panic never lead to a constructive solution to a problem.
Read about what happened after the attack on The DAO in the ForkLog material, which will be published on July 20, the anniversary of the Ethereum hard fork.