The rule of law is the key to saving DAO

It has been more than 48 hours since DAO was hacked! The community is still discussing it, and the final solution seems to be still undecided! Just like facing a TV series with a slow plot, people are gradually losing patience and even confidence...

On the morning of June 19th, Beijing time, the hacker published an open letter, claiming that he was able to obtain Ether through DAO because "the DAO code itself contains this function" and that his behavior was not theft but "legal and legitimate." The hacker's reason was (in order to show its legitimacy and legality, the reason was "suggested by the law firm"): DAO's smart contract code did not have any explanation, nor did it have any other text that limited anything beyond the DAO code settings. In the second half of the open letter, the hacker also emphasized that any soft fork or hard fork would infringe on his "legally and legitimately obtained Ether" rights and interests, and even threatened that the fork would be harmful to the Ethereum ecosystem.

Facing this open letter thrown by the hacker, the logical focus is actually very simple, that is, whether their behavior is "reasonable use of DAO rules". I believe that whether we are shareholders of DAO or not, we should have roughly similar basic judgments, right? The Prince of Rage Gong gave a vivid example: a group of people played mahjong with an automatic mahjong machine, and then someone found a hole under the mahjong machine, changed the cards and won all the money. Although the metaphor is also inappropriate, it vividly shows the DAO hacking incident. Is the hacker's behavior, the behavior of changing cards with the hole under the mahjong machine, a reasonable use of the rules? Obviously not!

So, the question is, everyone knows that it is not fair use, but who will claim it? Who will explain it? Teacher Bai Shuo asked this question, but no one in the community could answer it. Because DAO is "ownerless", it is impossible to determine the subject who has the right to interpret the DAO rules, and it is difficult to come up with a basis for interpretation, except for the DAO code.

So some people asked, who created the DAO code? It was the DAO R&D team of Slock.it, and Vitalik Buterin, the founder of Ethereum, was also a member of the team. Therefore, only the DAO R&D team and Vitalik took the lead in responding to the hacker attack. In fact, the DAO R&D team did quickly propose a series of alternative solutions after the incident. However, after the solution was proposed, some people immediately questioned it, believing that smart contracts should follow the autonomy of the code and should not use centralized solutions to solve the problem.

Of course, most voices still support the improvement of DAO's code and rules. After all, the hacker's behavior has touched the bottom line of human civilization. In the Nuremberg Trials after World War II, the Gestapo argued that its actions were in compliance with German law at the time in response to the massacre of Jews. However, the judge believed that the law could not violate basic morality, and that bad laws were illegal. The reason is clear and need not be elaborated.

While people were arguing over some metaphysical issues, some people pointed out more important and urgent issues. Perhaps they were the DAO shareholders who held a larger share. They said: No matter what autonomy, decentralization, morality or law are, I only care about my property. Now that the Ethereum has been transferred to the hacker's account (although it is still in the freezing period according to the rules), what should we do to recover the loss as soon as possible?

What to do? It seems that the problem has returned to the starting point. Since DAO is an "ownerless" organization, let's launch a vote. Is it a soft fork, a hard fork, or nothing, and let the hacker take away the property "according to the rules"? Using democracy to reflect public opinion, this method seems good! However, in the face of the vote in the community, some people have expressed different opinions, believing that the will of the community cannot represent the shareholders of DAO, and it cannot reflect the share weight of DAO shareholders. Even if the hacker sends a water army or simply hacks the voting system and casts enough self-interested votes, what should be done? Impatient people simply think that procrastinating democracy and reasoning with hackers are no different from the benevolence of Duke Xiang of Song. First, take back the stolen property and let the police catch the hacker first. So, someone reported the case to the public security network monitoring.

Reporting the case to the police is somewhat black humor. For such a new thing, even if the police respond, it will not be so fast. Just when public opinion tended to ease, the hacker side launched an offensive (the statement has not been verified whether it was really done by the hacker side, so it is only suspected). Through a spokesperson, they (the spokesperson claimed that the hacker was a team at this time) will establish a smart contract to reward miners who refuse the fork plan with 1 million ether and 100 bitcoins. This is the so-called "bribery"! In the decentralized and autonomous code world, this seems to be allowed. Even if it is not allowed, what can be done to stop it? Even this is not something that the host of the mining pool can decide. Even if the current distribution map shows that the computing power is concentrated in a few large mining pools, in fact, every miner can choose to go to another one at any time. There is no way to influence the behavior of thousands of miners except their true thoughts. Since the code problem can only be solved by code, Ethcore (a technology company founded by Gavin Wood, former COO of Ethereum and author of the Ethereum Yellow Paper, formal derivation proof) proposed a plan to "bribe" miners in return, taking out a portion of the DAO's principal to set up a reward fund to reward miners who support forks and oppose hacking. Moreover, Ethcore has quickly launched the code.

Although the solution seems good, it still cannot satisfy everyone. Some people think that this solution is not democratic. They question why it is not the shareholders of DAO who decide whether to fork, but the miners who decide the ownership of shareholders' property? Think about it, the property was taken away by hackers, but the miners who have nothing to do with it have to decide whether to take it back. It is no wonder that they are unhappy that their fate cannot be controlled by themselves.

This is not right, and that is not right either. Some people are extreme: just "burn" the ether in DAO! Just like Counterparty (XCP), put Bitcoin into a "black hole address" without a private key! In this way, shareholders cannot redeem it, and hackers cannot get it. Let's freeze these ethers permanently! I can't help but think, isn't the original intention of DAO to establish a decentralized autonomous management organization? These crowdfunded ethers were originally intended to be used for the operation of selected projects after normal voting. This is different from the concept of Counterparty. If they cannot be withdrawn and used, how can they be used for operation and how can they realize value-added for shareholders? Obviously, we can't turn DAO into a zombie organization for the so-called "security", right? Unless DAO is ready to become something completely different from what it is now.

The DAO hacking incident has undoubtedly poured cold water on the booming blockchain technology and the ideal of decentralization. The vote launched on the DAO official website on the evening of the 19th Beijing time, like several previous votes, has a negligible number of voters compared to the huge crowdfunding volume of 300 million US dollars. Is it possible that most people do not understand the technical principles at all, and are just blindly speculating in coins? It is unknown. The community is still full of disappointed words: it turns out that code is not law at all. We criticize the lack of precision in language and text, so we expect to use code to achieve precise expression and execution, but now we find that code only looks more precise than law, but in fact it can never cross the gap between signifier and signified. It even seems that code is not as good as law. At least law is maintained by the state machinery, and once there is a problem in the world of code, there is not even a specific person in charge or organization. It is very uncomfortable!

It is hard to avoid disappointment, after all, our property and ideals have been damaged. However, if we think about these issues more rationally, we will find that, in fact, the fundamental reason why the community is in such a mess and a weekend is a mess is that the basic rules of the rule of law are still lacking in the blockchain and decentralized world. The rule of law here does not only refer to the traditional mandatory rules guaranteed by the authority of the state, because as the essence of decentralization shows, the traditional law cannot control specific things on the blockchain. However, this does not mean that traditional law will completely withdraw from the blockchain world; the rule of law here should include a series of dispute resolution and rights relief plans for decentralized applications on the blockchain after disputes occur; the rule of law here should also include the organic connection between the blockchain code and traditional law. It is not easy to express it together, so I will describe it in four paragraphs:

1. Smart contracts are the best interpretation of the spirit of the rule of law.

When talking about the history of rule of law in textbooks, the first thing to talk about is the "philosopher king" proposed by Plato in The Republic. Plato originally hoped that an omniscient and morally perfect philosopher would become the ruler of the city-state. However, in his later years, he found that such a person did not exist in the world, so he proposed the "second best solution", namely the rule of law. Although the law has shortcomings such as low efficiency, ambiguous semantics, and delayed response, it has excellent qualities to maintain the survival of society compared with the autocratic and capricious rule of man. From the definition of the rule of law, it can be seen that once it is determined, it cannot be changed at will without legal procedures, and the execution of the law is not subject to human will. These descriptions are also very suitable for decentralized applications on blockchain, especially for describing smart contracts. Therefore, Professor Lessig proposed the proposition of "Code is Law" (of course, that was ten years ago). Seeing through the various criticisms of traditional authority and intermediaries, we have such high expectations for blockchain and decentralized things, because smart contracts are the best interpretation of the spirit of the rule of law and one of the important forms of realizing the rule of law in the future.

2. The research and development of decentralized applications should be based on the rule of law rather than finance.

DAO is a financial project, and is currently the world's largest crowdfunding project. In the blockchain ecosystem, exchanges, mining, and crowdfunding for issuing new coins are all financial projects. This is caused by the profit-seeking nature of people, and there is nothing wrong with the market economy. However, the era of the Wild West should be over. If decentralized applications encounter problems like DAO, there will be no rules to settle disputes in the blockchain world. How can we talk about property rights and financial development? My suggestion is not to directly appeal to traditional laws and institutions for disputes on the blockchain. As mentioned earlier, traditional laws and institutions are powerless to deal with things on the blockchain. If it is just a judgment on a piece of paper that cannot be enforced, it is meaningless. My suggestion is that all decentralized applications in the future, including DAO, should make the most perfect dispute resolution mechanism as part of their code. I even propose to establish a set of general codes for decentralized application dispute resolution on github, and improve them with the wisdom of the public, so that they can be directly called by future decentralized projects. Such a set of codes can be called "BlockChainLaw".

3. Blockchain is not yet fully autonomous, and traditional laws and judicial institutions cannot completely withdraw.

When I introduced the details of blockchain technology to the technical experts around me, the most common question I encountered was, "Since it is a decentralized technology, why do we need a server?" Although I can answer: "The storage and program are open, transparent and certain, no matter which server is used, the same result can be obtained." However, compared with the passionate propaganda in many speeches and articles, it is actually not confident enough to claim that blockchain can achieve the ideal absolute decentralization at this stage. The same is true for the autonomous properties of blockchain. The people's helplessness in the DAO hacking incident has fully demonstrated that at this stage, decentralized applications on blockchain cannot achieve complete and perfect autonomy. Even if we do not take action to modify the code, it is impossible to prevent hackers within the existing code framework.

Decentralization is not absolute, and autonomy is not yet completely perfect. Therefore, we still need traditional laws and judicial institutions. It is conceivable that the hackers who attacked DAO will still stand in traditional courts one day in the future as (civil) defendants and (criminal) defendants; it is conceivable that if the fork plan is not passed, and the shareholders of DAO want to assert their rights on their own, they will definitely apply to the court for compulsory execution. After all, we are flesh and blood people. We invented machines to serve us, not to let them shackle and embarrass ourselves. Going back to the logical origin of the hacker's open letter at the beginning of this article, although traditional laws have no control over things on the blockchain, they can set a limit. Traditional laws do not and cannot interfere with specific matters in the blockchain, but all applications cannot exceed the scope and touch the bottom line (the basic morality of the survival of human society). Any person or thing that dares to violate the bottom line will still have jurisdiction over traditional laws and judicial systems. After all, no matter how smart the hacker is, he is still a person on the earth. No matter how much property he steals, he must realize its value. For these, traditional laws and judicial systems are not weak at all.

I would like to say a few more words here: Blockchain is certainly a product of consensus, but it is a "machine consensus". Machine consensus is transparent, open and faithfully executed, but in the face of an ever-changing world and an unknown future, in the face of sudden "black swans", in the face of malicious use, and in the face of changes in circumstances, it may lead things astray. In the final analysis, "machine consensus" is just a manifestation of "human consensus" at the code level. If you mechanically follow machine consensus, it is a kind of abandoning the essence and pursuing the end, cutting the feet to fit the shoes, and eventually forgetting the original intention. When machine consensus is not enough for autonomy, we still have to return to the human consensus level to solve the problem. Isn't this the case with today's handling of the DAO hacking incident? It's just that today, we have not paved the road from the "machine consensus" at the application layer to the "human consensus" at the basic layer. It is still a muddy and rugged road, so we need to make efforts to cross mountains and ridges.

4. There should be an organic connection between the blockchain world and the traditional world, and Code and Law should be integrated.

Whether it is smart contracts on the blockchain or other decentralized applications, technically, from the infrastructure to the peripheral calls, there are various interfaces and protocols to integrate them into an organic whole. There should also be certain interfaces and protocols between the code of the blockchain world and the laws of the traditional world ("Code is Law" means that they are homogeneous and compatible). As analyzed above, the code of the blockchain world controls specific affairs, while the laws of the traditional world protect the bottom line of human society. This is like now we write a decentralized smart contract on Ethereum. If we want the general public to use it, it still depends on the web services provided by centralized servers, but this is really not important, because what we want is not the concept of utopia, but to use various technical means to show their magical powers, take their strengths, and complement each other's advantages, so as to make the world a better place.

Specifically, I have thought of a function for the "BlockChainLaw" open source project that I had envisioned before: leaving an ultimate entrance for traditional laws. This ultimate entrance can allow traditional judicial organs to intervene in the operation of the blockchain system in extremely urgent and special circumstances. Of course, the setting of this ultimate entrance requires people's consensus, and its operation and activation also require people's consensus. That is, in extremely urgent and special circumstances, people vote to open a cryptographic gate similar to multi-signature account control, so that the judicial organs can obtain some ultimate control rights of the blockchain system. In this way, it is possible to avoid being overwhelmed after an emergency occurs, and avoid tragedies such as machines killing people but being unable to stop them in the future, which makes humans at a loss. Yes, we still need a centralized ultimate control, because "human consensus" is always more potential and wiser than "machine consensus", but there is no need to be discouraged, because the path (procedure) to this "ultimate control" is decentralized. In fact, we have made a big step forward. What we have lost is just a little nominal flaw (decentralization is no longer perfect), but what we have gained is the compliance of basic morality and strong security for all mankind.

It is not easy for the "BlockChainLaw" project to achieve these goals. Blockchain is the world's blockchain, and the legal systems of each country and even the legal systems within each country are inconsistent (think of the states of the United States, think of China's "one country, two systems"). To reach a consensus with the blockchain system is tantamount to creating a United Nations legal system. From another perspective, the blockchain system is more like a platform, bridge and bond for countries (regions) to reach a consensus on the legal systems. Is the "ambition" of "BlockChainLaw" too big?