Lessons from The DAO

Rage Review : The DAO project is currently the largest crowdfunding project, raising a total of about 150 million US dollars, and it is very famous. A few days ago, The DAO was hacked, causing chaos for a while. After calming down and carefully analyzing this incident, you will find that many problems have existed before, and solutions are being actively studied. The management and operation of The DAO has always been a concern of all parties in the industry. The author of this article gives some suggestions on this and says that everything should not be rushed, and steady progress is the most important thing.

Translation: spring_zqy

Lessons from The DAO

Since The DAO was announced, I have been asked by countless people for my opinion, and I was planning to publish some of my insights. However, recent events have delayed the release of this report, so now I will add some analysis, experience, and suggestions for the future.

Last month, I publicly warned The DAO twice. First, the amount of funds raised was too high. Second, I thought the complexity of its management and its reliance solely on smart contracts were like a time bomb. The project was really a bit too hasty.

I fully believe that the same benefits of experimentation can be achieved with less risk, while still maintaining a diverse set of user engagement.

By William Mougayar

You don’t need $150 million to launch a self-funded experiment and build an operations team — a project governed by smart contracts, unproven code, and inexperienced managers. In my opinion, $10-15 million would be enough and achieve the same effect, just with less headlines and publicity.

When I heard the rumors about THE DAO from Slock.it, I had just finished writing my book, Business Blockchain, which includes a section on DAOs (decentralized autonomous organizations) titled "The DAO is Coming" (p. 111).

However, this section of the book is based on my previous research and analysis, as well as my own interpretation of how the DAO framework ensures good operations. It does not contain any overly optimistic views about the DAO model that was later conceived by the founders of Slock.it.

On May 1st, THE DAO funds began to hit records frequently. The explanation I heard was that this project was an experiment to allocate funds to other Ethereum projects. However, I think this purpose is not bad, if it is managed properly and the regulations are strict and clear. I hope they can make good progress and have considered investing and participating in the experiment, but in the end I didn't do it.

I decided to remain a bystander because I think the implementation they envisioned is not perfect enough.

Initial concerns

In mid-May, when THE DAO’s funding reached a new high, I started to worry. On May 18, at the OuiShare conference in Paris, I specifically warned that THE DAO experiment might be too big and too risky.

I said at the time:

“I suggest not to rush into it and to move DAO forward slowly. It needs practice and testing. I hope that the testing can be done with small amounts rather than huge amounts of money, because any loss may have a serious impact on the entire system.”

A few days before the hack, I was actively volunteering for THE DAO, hoping to persuade them to improve their governance. But their response was: “Thank you, but the project is running smoothly on its own.”

Apparently they were too arbitrary in implementing this autonomous experiment mission. Then the 617 hacker event happened.

Lessons and Implications

For some background information, you can refer to the FAQ written by the Ethereum Foundation on Reddit.

There are many articles about its analysis and opinions, but I prefer those authors who provide solutions and constructive opinions, such as the analysis of Ethereum creator Vitalik Buterin, Cornell University professor Emin Gun Sirer, and Guanghe Investment partner Albert Wenger. In addition, I also appreciate Andreas Antonopoulos's articles and Bloomberg's analysis.

I posted some of my thoughts on Twitter:

There are many ways to see the methods of the perpetrators. Behind this "attack" are also legal, ethical, regulatory, theft, terrorism, bribery and blackmail issues. If I were a judge, I would hold the hackers accountable for many crimes.

Now is not the time to be clever or defend the hacker by saying that because they were running a valid smart contract and just used a feature to "allow" funds to be transferred to the immature DAO project, they did nothing wrong. We should not allow such statements to appear. The hacker used 3.6 million ether as a self-reward, but they did nothing to contribute except exploitation.

In their so-called "open letter", the hackers did not express any interest in using the funds for the mission and goals of THE DAO (i.e. funding projects and running companies). The characteristics of the initial DAO project were to achieve one purpose, that is, to approve project proposals and distribute funds to real companies through the DAO. For the hackers, the purpose was to keep the funds, not to fund companies, so they committed theft.

The hacker’s goal was clearly to damage THE DAO and Ethereum, and to tarnish the credibility of the crypto space.

So, they are scammers and lawbreakers. They also bring insult and injury by providing funds to miners who do not comply with the fork, which is tantamount to bribery and blackmail. So far, the perpetrators or groups have not shown any "good intentions". They are completely malicious. In my opinion, this is a "terrorist attack" in the crypto community. We know what we should do with terrorists. There should be no sympathy and no reprieve. Special circumstances require special measures, and I hope the community will do something right at this time.

Is it a benefit that the hackers have brought to me by making us aware of the inherent risks of smart contracts and the deformity of THE DAO? Maybe. But I will not praise them for this. These flaws have been explained by Vitalik Buterin in his blog, and they are actively working on them. There is no need to use such an extreme way to expose these problems and the problems of DAO smart contract supervision.

If the hacker really wanted to expose the vulnerability of the contract code with good intentions, then they only need to provide proof and then immediately return the ether and be an ethical hacker. In fact, the identity of a hacker is completely unethical.

Start small

In any case, we can learn a lot of lessons from this incident.

Running a company according to DAO principles is like setting up a car to drive itself. It requires accountability and lots of testing to avoid accidents. Maybe Ethereum and Tesla Motors (which brought us self-driving cars) are close to this model, but we are not there yet.

We need practical training and guidance, and we need to start with semi-automation, like Tesla's cars, where the driver can put down the steering wheel at any time and watch how the car will go, or summon the car outside the garage, or let the car stop by itself. These two processes can relatively reduce their harm, even if they go wrong.

Simple is better than complex. THE DAO is a bit complex and over-designed. During the fundraising period, THE DAO's central website was gradually updated, and the final product was a polished product. However, the more I looked at it, the less I understood, and problems appeared one after another. Too much complexity is not a good thing. Its language is very vague in terms of law, technology, and contract, and it does not mention any responsibility.

The management of a DAO is not easy. THE DAO faces not one but two management challenges. It needs to manage itself, but also consider the issue of how to ensure decentralized operational management (involving the implementation of smart contracts) and the relationship between the receiving company and the voting members.

This makes DAOs increasingly complex, perhaps beyond the initial conception of DAO founders.

With autonomy comes responsibility. Smart contracts involving money are not just a lottery game, they carry a huge responsibility. When smart contracts involve a lot of economic value, we must be vigilant.

Smart contracts are not a hammer. To some crypto enthusiasts, smart contracts are like a hammer. They want to use smart contracts for everything, and THE DAO is the epitome of this belief. But not everything is a nail, and smart contracts can be used. It’s too early to use smart contracts to rule the world.

Security comes first. The more money at risk, the higher the level of security required. Security needs to be secured before deployment, not added mid-term. Blockchain cryptocurrencies already go through a mandatory testing phase, why not DAOs? Too much cosmetic stuff.

More than just technology

It is not enough for technicians to work alone.

You can’t make up management or operations experience if you haven’t been involved in the proper operations of an organization. If too many people without technical experience are involved in team operations, it will be difficult to quickly resolve common mistakes and trivial issues.

Don’t create a decentralized autonomous organization if you don’t have operational experience, because you will be in a blind spot. It takes more than just administrators to ensure the correct operation of a DAO.

Effective anonymous leadership is still a science fiction. Are we ready to trust anonymous leaders? The anonymous leaders we know of today are generally evil organizations, such as ISIS, ISIL, and al-Qaeda. Although Satoshi Nakamoto is also an anonymous leader, he was anonymous at least until the leadership responsibility was decentralized.

Good intentions don't matter. They are completely overshadowed by evil and incompetence.

Smart contracts involving money are not like any code snippet. You can’t write smart contract code like you would write a few lines of Java or Solidity. Smart contracts that carry monetary value must be handled with care and caution. After all, it’s all about trust, isn’t it? Decentralized protocols are perfecting trust, and now we trust machines more than incumbents trust intermediaries.

Vulnerabilities are expensive, and this statement is also very vivid and clear. Code-based management is still immature. It can be said that we are still in the early stages.

We can’t rush for success, we need to start with small experiments. In February 2015, I wrote an article exploring the issue of “Factors for Success in Decentralized Autonomous Organizations,” many of which are still in use today. In my book, I updated some of my thoughts. The problems of DAO alone are already serious.

Why not start with a hybrid version? Pure DAOs require guidance and iteration on business models. We cannot assume they are configured correctly from the beginning.

Impact and Recommendations

So what does the future hold for DAOs, smart contracts, and decentralization?

This is going to be a very very long answer, and I’m sure other people have better ideas, but here are my top points:

Develop smart contract levels. Vitalik Buterin wrote a comprehensive review of smart contract security issues and potential solutions. Hopefully, we are not playing whack-a-mole.

Set a self-limit for the contract, no more than $10 million. After we are sure there are no other problems, we can gradually increase it, just like the speed limit, as long as there are no accidents for a long time, we can adjust it slightly. I think this self-limit should be implemented for at least a few years.

Conduct multiple investigations and studies on DAOs and their management. DAOs are still a very immature field. We need to adopt DAOs in an initial sandbox, then focus on learning and continue to innovate in a targeted manner.

Keep in mind the three steps of blockchain application: business, technology, and legality. This is not just about designing better smart contracts. The three-step approach can ensure that there are no stumbling blocks in the process of implementing decentralized technology.

Invest in the science of smart contract engineering. Ethereum has opened up this whole new field, and the more we learn, the more problems we’ll find in getting it right.

Remember the second step of success: vision, principles and human beings. These three parts are also related to clarity, precision, quality and ability.

Don’t ignore the issue of jurisdiction. Choose and specify the laws and jurisdictions you want to be bound by. We are still governed by government laws. Choosing laws specifically for the crypto space is like choosing the jungle and Darwin’s laws of survival.

Once someone questions your legitimacy, you are at the mercy of shenanigans like THE DAO hacker.

Be smart

So does DAO have to end here? The answer is no, because DAO is difficult to recover. This happened before he really understood the decentralized management model.

There are some truths we already understand: for example, you can't reach the moon through fantasy and ambition alone, and when it comes to organization and safety issues, you have to do your best.

Startups often have problems, but the better ones respond to failure gracefully, learn, iterate, and keep exploring the right path. Unfortunately, the DAO founders are hanging over their heads.

Ethereum should not be blamed for this and bear the stigma. Yes, it has been trying to save THE DAO, mainly on the moral level, even if it slightly distorts its decentralized autonomy principle. In the maintenance of Ethereum, they do not want this attack to be recorded in history like the Bitcoin Mt Gox incident, although Bitcoin later perfectly solved this problem.

Ironically, THE DAO started out as an Ethereum impersonator, which provided a positive signal for the accumulation of fundraising records. On the surface, the list of managers shows the Ethereum participants, and you would think, "Since the founder or operator of Ethereum is also a manager, how did things develop to this point?" Unfortunately, as far as we know, technical managers are not enough to make DAO famous or prevent it from having problems.

Although we don’t know what DAO will eventually become, there is a potential need for experimentation in DAO governance models and implementations. We can assume that there will be DAO 2.0, 3.0, and other versions. Other DAOs and their related architectures are also being studied, and the fancy routines are gradually decreasing, but they still need to be cautious.

The statement that “Ethereum will become stronger and more powerful” is still quite modest. Give it some time and everything will be clear.

I believe that good will prevail over evil. Smart and ethical people will succeed, and we will gradually get back on track to achieve great technological innovation, innovation after the World Wide Web protocol and its Internet infrastructure: the era of decentralization with cryptography as the foundation layer.

This is just a mini version of Carlota Perez’s Paradigm Shift Principles in action:

After the installation phase, it was beyond the regulations, but it promoted the configuration process. THE DAO was too hot and the hacker was too extreme. After this incident, as long as we have learned the lesson, the rest of the community will benefit from the next deployment of Ethereum and decentralized technology.

We cannot rush the technological paradigm shift, but we can achieve it slowly, taking small steps to achieve a great result.