Even by cryptocurrency standards, “The DAO” received a lion’s share of hype upon its release. Publicized as a truly decentralized autonomous organization, The DAO promised to be the future of smart contracts. However, last week someone exploited a flaw in The DAO’s code, siphoning off over 3.6 million Ether (worth over $60 million at the time of the incident).
Many in the media have been calling this an “attack,” although one could argue that when code equals law, someone who exploits flawed code has done nothing illegal, or even unethical.
Further, even putting aside the morality of the exploit itself, a fierce debate has arisen about how to respond to the incident. Some are calling on the leaders of The DAO and Ethereum to roll back the blockchain so that the absconded Ether can be recovered.
Others, including the founder of Ethereum, Vitalik Buterin, want to institute a soft fork by which miners could invalidate the transactions, preventing the hacker from receiving the funds.
However, each of these proposals engendered significant pushback from the cryptocurrency world, because they call into question the decentralized and autonomous principles of The DAO itself (and cryptocurrency in general).
These transactions were legitimate applications of the code when they occurred. If they can be invalidated by the actions of a small number of individuals (core developers and miners), what is to prevent future transactions from being invalidated when they don’t coincide with the wishes of the majority of developers or users? Or, perhaps even more troubling, the wishes of a government authority? It begs the question: Is The DAO truly decentralized and autonomous?