Three members of Hacking Distributed – Dino Mark, Vlad Zamfir and Emin Gün Sirer just released the first draft of a research paper that analyzed The DAO and its voting mechanism. This paper identifies problems with The DAO’s mechanism design that incentivise investors to behave strategically – that is, at odds with truthful voting on their preferences and then outline potential attacks against The DAO made possible by these behaviors.
In particular, we have identified seven causes for concern that can cause DAO participants to engage in strategic behaviors. Some of these behaviors can cause honest DAO investors to have their investments hijacked or committed to proposals against their interest and intent.
These concerns motivate a moratorium on funding proposals to prevent losses due to poor mechanism design. A moratorium would give The DAO time to make critical security upgrades. We encourage the community to adopt a moratorium until The DAO can be updated.
For expediency, we skip the background on The DAO and its mechanisms and jump right into the attacks. A primer on The DAO’s operation can be found in the full paper.
The funding closed yesterday on The DAO – a kind of cross between Kickstarter and a VC fund which runs autonomously with no human input on the Ethereum platform. The DAO (short for decentralized autonomous organization) raised over US $150 million worth of Ether, during the 27-day sale.
The DAO is basically an investment vehicle governed by a program, directed by investors’ votes, to seek out and fund proposals. Implemented as a smart contract on the Ethereum Blockchain, The DAO raised 11.5 million Ether, which makes it the largest crowd-funding event in history. The DAO now controls 16 per cent of the total supply of Ether.