Even by cryptocurrency standards, “The DAO” received a lion’s share of hype upon its release. Publicized as a truly decentralized autonomous organization, The DAO promised to be the future of smart contracts. However, last week someone exploited a flaw in The DAO’s code, siphoning off over 3.6 million Ether (worth over $60 million at the time of the incident).
Many in the media have been calling this an “attack,” although one could argue that when code equals law, someone who exploits flawed code has done nothing illegal, or even unethical.
Further, even putting aside the morality of the exploit itself, a fierce debate has arisen about how to respond to the incident. Some are calling on the leaders of The DAO and Ethereum to roll back the blockchain so that the absconded Ether can be recovered.
Others, including the founder of Ethereum, Vitalik Buterin, want to institute a soft fork by which miners could invalidate the transactions, preventing the hacker from receiving the funds.
However, each of these proposals engendered significant pushback from the cryptocurrency world, because they call into question the decentralized and autonomous principles of The DAO itself (and cryptocurrency in general).
These transactions were legitimate applications of the code when they occurred. If they can be invalidated by the actions of a small number of individuals (core developers and miners), what is to prevent future transactions from being invalidated when they don’t coincide with the wishes of the majority of developers or users? Or, perhaps even more troubling, the wishes of a government authority? It begs the question: Is The DAO truly decentralized and autonomous?
Code Serves People
The DAO could learn some lessons from another cryptocurrency, Dash, which includes an established decentralized and autonomous organizational system. The key lesson here is that code serves people, not the other way around.
The DAO’s flaw was that it put all the power in the hands of code, without any mechanism for preventing hacks of flawed code. As Daniel Diaz, head of business development at Dash, noted, “Contracts in general need governance. It is rare to find a contract that does not have an arbitration clause, but the Ethereum platform did not include any sort of arbitration method in their protocol and did not establish this method in the contract when it was created.”
So how does Dash maintain a decentralized autonomous system and yet prevent a similar exploit? It does so through its Masternode network and its Budget System.
The Masternode network is a series of “supernodes” which power the Dash network. These nodes are incentivized for their work with payments from the Dash blockchain (similar to how miners are incentivized).
In return, Dash Masternodes are required to be up-to-date with the latest Dash version, meet certain minimum hardware and uptime requirements, and hold a 1,000 Dash collateral in reserve.
A further responsibility of Masternode owners is the ability to vote for proposals in the Dash Budget System, which allocates up to 10% of block rewards for projects related to Dash (as a point of reference, the current monthly budget cycle will allocate approximately $60,000 worth of Dash to proposals)