Without any employees, managers or even a product, a company that runs on code became the world’s most lucrative crowdfunding project. But within weeks, it had lost at least $50 million to a hack, and the only way to get the money back was to betray its own principles
In late April, investors and economists began talking excitedly about something called The DAO. The name is part of the attraction: it sounds like an alien species, like the Borg or the Combine, and its exponents made aptly futuristic claims of its power.
They said that The DAO was a completely new kind of company: no board, no CEO, no managers. In principle, it was an investment fund, but in place of analysts and fund managers there was only code: automatic, incorruptible, perfectly representative of the interests of its investors. That was the idea anyway.
In its manifesto, The DAO (Decentralised Autonomous Organisation) is described as ‘existing simultaneously nowhere and everywhere and operating solely with the steadfast iron will of immutable code’.
This might sound more like the mission statement of a student math-rock band than a real business, but it expresses the change that The DAO’s inventors and investors wanted to see in the world: fair capitalism, enforced by unbiased technology.
Code obeys rules – it is rules – where humans tend to obey self-interest. Code doesn’t pick favourites, it doesn’t make decisions based on an inflated sense of self-importance and it doesn’t spend your pension on a gigantic yacht.
How attractive this idea was can be gauged by the first month’s sale of DAO ‘tokens’, the voting chips used to invest in the company.
Despite it being a pretty niche idea that only a small percentage of people understand, The DAO raked in over $150 million in under a month, making it by far the most successful campaign in the history of crowdfunding.
Block rockin’ venture capitalism
The code that makes it possible to build a company is the technology behind Bitcoin: the blockchain.
If you’re not familiar with blockchains, or ‘the blockchain’, as a lot of people are keen to call it, here’s a quick explanation:
A blockchain is a shared database file. With a digital currency such as Bitcoin, this file is a list of all the Bitcoin transactions, and it’s stored on every computer that uses the Bitcoin programme.
It might help to think of the blockchain like a shared document: you have to have the document open to use the currency, and you can’t buy or sell without writing the transaction in the document.
It’s this shared ledger of transactions and timestamps that makes Bitcoin work as a form of money.
In 2013, a 19-year-old Russian programmer called Vitalik Buterin proposed a new kind of blockchain, one in which the transactions themselves are programmable.
Imagine that shared document again, but this time you can write and execute code on the document itself, using it as a virtual machine. The applications that run on this platform run on every computer that uses it, in exactly the same way, so everyone who uses the platform is using the same virtual computer.
While it isn’t very fast, the fact that it runs within a blockchain – strongly encrypted, verified and shared across thousands of computers – gives it an important property: trust.
People have spent centuries working on the idea that trust can be substituted by rules, and The DAO is the latest iteration: by making a whole company from secure blockchain elements called ‘smart contracts’, the company itself becomes automatic. Agreements become active and self-fulfilling.
Stephan Tual, COO of Slock.it and one of the creators of The DAO, remembers glimpsing the possibilities these smart contracts create, when he and his team travelled to Toronto to present at a conference.
“We were staying in this place that was a ‘hacker hotel’ for Bitcoiners, and these people were existing entirely on Bitcoins. So these kids, 20 years old or less, lived in this house, they were paid in Bitcoin, and everything they bought was with Bitcoin.
“After a week there, you can’t help but think that they are completely off the grid. And I couldn’t stop thinking that in a year’s time, when Ethereum [a decentralised app store] was out… at that point, they were just bartering, but with Ethereum they could do complex organisational structures. They could do companies.”
The concept that fair play could be encoded into a company captured the imaginations of a large number of people. Tual remembers that, shortly after they began writing the framework for The Dao:
“We woke up one day and we had 4,000 people interested in The DAO on our chat channel. We thought, wow, this is really serious now, we have a responsibility to make this happen properly.
“So we said everything is open-source, we made a framework that is a guide to how this thing should be done, and we let the community go and start it. Some people from the community banded together and started the code, instantiated the code on the Ethereum blockchain using our framework, and that’s how it began. It took on a life of its own.
We checked the code – it looked good, they hadn’t cheated, they hadn’t put traps in there or things to steal money or whatever.
“And,” he laughed, “next thing you know, 150 million dollars.”
Then, a $50 million-dollar ‘hack’
At first, things were going spectacularly well for The DAO. Techcrunch enthused that it was ‘a new paradigm of economic cooperation’; The New York Times has described The DAO as ‘a VC fund with no capitalist’; The Economist suggested that a DAO structure combined with the robo-investment technology of firms like Nutmeg could outpace traditional hedge funds and investment banks.
For a moment it seemed possible that Frontera was justified in calling The DAO ‘the greatest threat that banks have ever faced’. Then:
- On June 17, an as-yet-unidentified user found a feature of The DAO’s code that allowed them to ‘split’ the original organisation into two and move the funds into the new ‘child DAO’.
- Users watched in horror as 3.6 million ether – the Bitcoin-like cryptocurrency used to invest in The DAO – were drained into the attacker’s account.
- Buterin and others scrambled to isolate the funds and retrieve the money, but as they did so a problem emerged: the ‘hack’ wasn’t necessarily illegal.
The following day, the attacker posted an open letter on Pastebin (helpfully signed ‘The Attacker’), in which they pointed out that their exploit had simply been to take advantage of the way The DAO was written.
“I have carefully examined the code of The DAO and decided to participate after finding the feature where splitting is rewarded with additional ether. I have made use of this feature and have rightfully claimed 3,641,694 ether.”
The attacker was clearly aware of the measures The DAO’s creators would take to stop them claiming their funds. They continued: “A soft or hard fork’ – meaning a rewriting of The DAO’s code – ‘would amount to seizure of my legitimate and rightful ether, claimed legally through the terms of a smart contract.”
They had a point: you can’t in one breath claim to have built a company with no management on ‘the steadfast iron will of immutable code’, then swoop in and, in the best traditions of senior management everywhere, change the rules to protect your financial interests.
And yet, as of last week, it appears that this is exactly what The DAO is doing: the community that uses the Ethereum platform and The DAO has voted to ‘hard fork’ the platform, meaning that they will effectively roll back the Ethereum network to the time before the hack.
It’s the cryptocurrency equivalent of the end of the original Superman movie, where Superman flies around the Earth really fast until time goes backwards so that he can return to the point before Lois Lane dies and save her.
In doing so, Superman ignores the warning of his father, Jor-El, not to interfere with human history; in saving The DAO, its founders have rewritten the first principles upon which their company was built.
Block to the future
The DAO’s future is uncertain at this point, but there’s an argument that it was doomed anyway. As an investment fund, The DAO was far from a sure thing, preferring democracy over the kind of due diligence that other companies perform to secure investments.
To date, its two investments have been in Slock.it, a company run by the DAO’s founders, and a French company that makes electric trikes. It’s not exactly Warren Buffett territory.
But the organising principle of The DAO will not go away. As blockchain technology becomes more sophisticated and as the distributed computing power needed for more complex systems like Ethereum grows, these models will become increasingly prevalent.
Tual says a DAO model could be used to build any number of businesses:
“If Uber was [replaced by] a DAO, it would be a co-op. It would be the taxi drivers banding together and saying, we’re going to each put in £10, and we’re going to get a developer to write the app for us. And then we’ll just run that in our taxis, and we won’t need Uber.”
DAOs that invest well or offer co-operative, peer-to-peer banking could become serious challenger banks.
But would a decentralised, autonomous co-operative really be more successful than, say, Amazon? Could a pharmaceutical company be successful as a DAO? Companies have evolved in a climate of fierce competition and no transaction is ever completely fair; sociopathic greed and corruption have repeatedly been shown to be success factors in business.
Tual concedes that he doesn’t see DAO-style businesses replacing any major companies in the immediate future.
“I don’t think it will take six months. It will take years, but we’ll get there, not because the big companies will adopt the new model, but because everything new will be created using the new structures. I think young entrepreneurs will be the first to adopt it, and there will be many failures, but there will be unicorns, too.”
What this first experiment shows is that if you’re going to build a company on code, you need to do some very careful debugging before you begin.