In 2016 The DAO, a venture capital fund, was set up. It had no governing structure and wasn’t tied to any nation or its legal framework. It used the Ethereum Blockchain and traded in cryptocurrency. Community members agreed to its terms and had voting rights to jointly determine how funds would be invested and managed, all of which was controlled and executed by the smart contract.
Associate Professor Stephen Wingreen says, “It’s not new for companies to use Blockchain, essentially a decentralised distribution ledger, to perform transactions, but The DAO took it a step further and decided the entire corporate governance of the company would be done using Blockchain. In other words, no trusted authorities would be running the organisation.”
A member of The DAO community found and exploited a loophole in the smart code.
‘The hack’ itself exploited a bug in the code governing The DAO. It enabled parties to continually process transactions before balancing ‘the ledger’. This allowed accounts to be deeply withdrawn without being stopped to the benefit of one ‘hacker’. The hacker argued their actions were permitted within the terms of the smart contract which had been agreed by all participants.
“Nobody thought such a company could exist yet here it was, and it almost worked. Which begs the question, can it work? And what changes could be made to make it work?,” Associate Professor Wingreen says.
Following the hack of The DAO, community members were at a crossroads to re-write transaction history to return the ‘stolen’ cryptocurrency or to accept the loss of funds and continue. A lack of consensus resulted in the splitting of The DAO, one which recognised the hack and one which did not.
Co-author Robbie Morrison, awarded a Bachelor of Commerce and Bachelor of Laws with First Class Honours from UC, has brought his unique legal perspective to the paper.
“The DAO case poses interesting questions on the application of contract law to smart contracts, which operate in computer code rather than in natural language. It poses a raft of challenging legal issues regarding the legality and enforceability of such contracts,” Morrison says.
Dr Natasha Mazey graduated with a PhD in Information Systems and is UC’s youngest woman to graduate with a PhD.
“There is such rich literature on corporate governance and how decision rights and benefits can be distributed. But, it has assumed that there is always a degree of trust that can be placed in individuals. The governance model of The DAO worked when times were good and events were predictable. However, the community were unable to effectively respond to the hack in a timely manner due to that lack of trust and the need for community consensus about how to respond,” Dr Mazey says.
The paper explores the legal, organisational and behavioural implications of ‘trustless organisations’. The authors suggest a less extreme version of a decentralised autonomous organisation, which employs a curator with the power to pause and start transactions, and to temporarily lead in the event of an unforeseen event, could have a positive impact if adopted in future governance models.
For more information contact:
Associate Professor Stephen Wingreen, University of Canterbury, College of Business and Law, Accounting and Information Systems, Stephen.wingreen@canterbury.ac.nz, Phone: 03 369 3975