What are DAOs? A Backstory & Introduction to Decentralized Organizations
Aug 03, 2021
Last updated on Aug 03, 2021
DAOs are challenging everything we know about business, investment, competition, and cooperation. They are making it easier than ever for people to not just come together, but work together. From decentralized venture funds to digital art curators, DAOs are ushering in a new world of organizational structures, and everyone’s invited.
A DAO, or decentralized autonomous organization, is somewhere between a social club, a venture fund, and a traditional corporation. In true blockchain fashion, DAOs are replacing centralized authorities with collective decision making. The result is a new kind of business model, where power and value are spread throughout the entire organization.
To understand the inner workings of DAOs, as well as their problems and potential, let’s look at the inspiring climb and sharp downfall of the world’s very first DAO - The DAO.
The first DAO to ever exist was called, well, The DAO.
The DAO was actually born from slock.it - an IoT company making blockchain-enabled door locks in the early 2010s. Seeing how effective initial coin offerings (ICOs) were at crowdfunding, slock.it decided to issue a token of their own. As a company already working in the blockchain space, it made sense. But this was beyond the scope of a simple crowdfunding campaign — slock.it envisioned an organization that could be created and managed by all of its members. Slock.it didn’t just want to sell tokens to raise money, they wanted to give the holders of those tokens voting power.
Stake and Governance
This was a giant leap at the time, but member governance is a pillar of any DAO today. DAO members receive tokens which represent both their financial stake in the organization as well as their ability to vote. DAOs have all but removed the top down hierarchies of legacy corporations, and replaced them with a flattened hierarchical structure where members make decisions as a collective.
Some DAOs use a “1 token = 1 vote” method, where members have voting power proportional to their financial stake. Other DAOs utilize a “1 person = 1 vote” method, giving every member equal voting power regardless of their share of tokens.
Both of these systems have their pros and cons, and there are plenty of DAOs experimenting with governance methods that fall somewhere in between these extremes. Regardless of exactly how a DAO tackles governance, the fact that members have a say in the organization at all is quite a departure from today’s standard business model.
Unlike outside shareholders of traditional corporations, only DAO members get to control their organization and profit from the value that they create. In other words, DAO members are both the employees and the investors.
Treasure & Pirates
To put it lightly, slock.it’s ICO went pretty well. On April 30, 2016, the DAO token sale began. Over the following four weeks, The DAO raised around 12 million ETH, equalling about $150 million at the time. As thousands of individuals purchased tokens and joined The DAO, securing governance in the process, slock.it officially became just one part of a much larger organization. They no longer had control over the DAO that they had created. Instead, control was distributed amongst all of the token holders.
The funds from the token sale went into a treasury, which was collectively governed by The DAO. Technically, a DAO’s treasury is locked into a smart contract. This smart contract is a software program that lives on the blockchain and executes once a certain criteria is met. No single DAO member can make changes to the smart contract or withdraw its funds on their own, as these types of actions always require a group vote. This process helps ensure that the decisions made by a DAO are in the best interest of as many of its members as possible.
By locking their treasury into a smart contract, The DAO removed the need to manually safeguard and approve the use of their funds. And because this was all happening on the blockchain, everything was public. Nobody had to simply trust that the funds were safe - they could see for themselves at any time.
This eliminated the possibility of funds being misused or stolen. At least, that was the idea.
The DAO Attack
In early June of 2016, as millions of dollars sat in The DAO’s treasury waiting to be invested, a bug was discovered in its code. The DAO promptly began working to fix this, but implementing an update to the DAO’s code required a two week voting window to take place.
On June 17, before the bug could be fixed, a hacker discovered a way to exploit it. Without getting too deep into the technical weeds, there were two lines of code in The DAO’s smart contract that were written in the wrong order. The first line allowed a DAO member to take some of their own funds out of the treasury. The second line updated the treasury to reflect the new balance. Essentially, these were backwards.
Because of this oversight, the hacker was able to recall their funds from The DAO’s treasury, and before the treasury updated its balance to reflect this, the hacker was able to recall those funds again….and again…and again.
By the time The DAO was able to stop the bleeding, the hacker had drained about 3.5 million ETH from the treasury, equalling roughly $50 million at the time. Thankfully, they were only able to move funds from the DAO treasury into a child DAO - essentially an offshoot of The DAO. This child DAO was subject to a 28 day lockup period before the funds could be transferred elsewhere, like the hacker’s personal account.
With 28 days on the clock, The DAO began searching for a solution.
Code Is Law?
The DAO hack brought a certain phrase under the microscope - code is law. This was coined by Lawrence Lessig in 1999, suggesting that in a largely computer-run world, computer code may hold the same legal weight as any other law. Taken to the extreme, code is law means that anything permitted by a program’s code is fair game. If we look at The DAO attack through this lens, there was no attack. There was no hacker. Someone simply executed the code in a way that nobody else had thought to do.
As you can probably imagine, this idea became a point of contention not just within The DAO but the Ethereum community as a whole.
Some members of The DAO, along with a portion of the Ethereum community, considered performing a hard fork. This event would have created a new version of the Ethereum blockchain where the hack never really happened. The blockchain would effectively be rolled back, and The DAO’s funds would be returned to its members. The case for this is easy to see - Ethereum was a young, growing technology and this attack was terrible PR. The hard fork was seen as a way to restore faith in the tech, as well as help those whose funds had been lost.
However, rolling back the blockchain would have gone against one of the technology’s core attributes - immutability. Part of the reason blockchains are considered secure is because their history cannot be altered. Once a transaction takes place, that’s it. Nobody can go back and rewrite a transaction or remove an entry. At least, not without over 50% of the network agreeing to do so. For those who believed that code was indeed law, this hard fork would have undermined the very foundation of blockchain, doing even more damage to Ethereum’s reputation than the hack itself.
After a few weeks of intense discussion, though, the Ethereum community voted to move forward with the hard fork. On July 20, at block 1,920,000, the hard fork became active as the majority of Ethereum’s miners and nodes moved to the new chain. All of the funds that had been lost, along with the remainder of The DAO’s treasury, were returned to its members. The DAO was no more. This decision, while still controversial, highlighted the importance of maintaining a balance between automated processes and human intervention.
In the early days of DAOs, part of the vision was to largely replace people with automatic processes in the form of code. This is still evident in the name itself - decentralized autonomous organization - but that’s a bit of a misnomer. While smart contracts can help make DAOs more efficient by automating menial and administrative tasks, The DAO attack showed us that the actions of humans still take center stage in any organization. When it came down to it, the robotic decision making of the DAO’s smart contract was sidestepped for a more human approach.
To be fair, the code is law part of the Ethereum community that did not want to undergo the hard fork continues to live on. Today, that blockchain network is Ethereum Classic (ETC). While it initially received more support than anticipated following the hard fork, it has nowhere near the support of the forked version of Ethereum today. The numbers speak for themselves. As of August, 2021, ETH has a market cap of $290 billion and serves as the foundation for thousands of dapps and layer 2 protocols. In stark contrast, ETC’s market cap is closer to $6 billion, and there are very few developers actively building on it.
In the wake of The DAO fiasco, Ethereum co-founder Gavin Wood gave a presentation on the hack at the Dutch Blockchain Conference. During his speech, he told the crowd this - “At the end of the day, it’s a community that stays in consensus, not a machine.”
As we continue to explore the vast potential of decentralized organizations, this message is as relevant as ever. DAOs may offer a structure for creating more equitable, meaningful, and accessible organizations than ever before. But no amount of technology, automation, or funding is going to make this happen. It is up to us, the community, to bring these opportunities to light.