Tech Talk Computing NetworksEthereum’s $150-Million Blockchain-Powered Fund Opens Just as Researchers Call For a HaltBy Morgen E. PeckPosted 28 May 2016 | 13:01 GMTAddThis Sharing ButtonsShare to FacebookShare to TwitterShare to Hacker NewsShare to RedditShare to EmailShare to PrintMore AddThis Share optionsPhoto: Jens Kalaene/dpa/AP PhotoAt 9 a.m. GMT this morning, funding closed on an entity called The DAO. It’s a blockchain-enabled financial vehicle that’s structured kind of like a cross between Kickstarter and a venture capital fund and which now runs autonomously—no humans needed—on the fledgling Ethereum network. The DAO (short for decentralized autonomous organization) raised over US $150 million worth of the bitcoin-like cryptocurrency, Ether, during a feverish, 27-day sale.The DAO’s launch is feat that should surely stand out as a feather in the cap for the Ethereum network, as it is the most successful crowdfunding campaign yet documented anywhere, ever. But yesterday, just hours before The DAO was scheduled to open for business and begin taking project proposals, three blockchain researchers published an article outlining multiple flaws in the governance structure of the organization that they say could be used as vectors for attack. The researchers are asking everyone involved with The DAO to temporarily halt funding activities and fix the critical problems.“The attacks are quite real. So, somebody has to do something about them,” says Emin Gun Sirer, one of the authors of the article and of the blog where it was first published.The DAO is the first iteration on the Ethereum network of an idea that has been floating around the crytpocurrency space for a few years now, which is that you could take all the functions of an investment vehicle—fund storage, project vetting and approval, fund disbursement, and profit allocation—and handle it on a blockchain, thereby creating what is effectively a corporation without jurisdictional anchors. Equally attractive to some is the fact that a blockchain-enabled organization is completely transparent and does not rely on a managerial class with high salaries to complete its functions. Everything is done by the code, which anyone can see and audit.“The people who don’t participate, the people who are just in it for the ride, who are non-active members of The DAO, they’re going to be the ones who get screwed by biases and vulnerabilities”—Vlad Zamfir, Ethereum developerWhat investors who jump on board do rely on, however, is the expertise of the people who write and audit the code. They have to trust not only that the software is secure but also that the governance models work the way they are intended.This second part is where Sirer and his co-authors, Vlad Zamfir and Dino Mark, say the DAO creators have failed.Here’s a brief explanation of how The DAO is supposed to work. It’s first created as a contract written into an address on the Ethereum blockchain. The code for the contract specifies all the rules of the game. This was done by a few well-known people in the Ethereum community.In order to play the game, you send Ether (the native currency on the Ethereum network) to the contract address and you get tokens back in exchange. These tokens signify your proportional ownership over the mass of Ether poured into the contract. That period just ended. Now, in order to unlock the funds people will present project proposals and the DAO owners will vote on whether the projects are worthy of investment. For example, the same people who wrote the DAO contract are also planning to solicit investments from the organization to fund Slock.it, a project that is hell bent on decentralizing the sharing economy and replicating corporations like Uber and AirBnb as user-owned entities. At first the voting sounds simple. But there are a few notable details that complicate any game theory analysis of the governance structure. Voting is not a DAO participant’s only power. If I have DAO tokens, I can also decide to split from the larger DAO and create my own smaller one. I can also sell my DAO tokens to anyone who will buy them. If I vote on a proposal, I lose my right to split and I don’t get it back until the polls have closed. Nor can I sell my tokens while voting is in progess. In order for a vote to count, a quorum must be reached. The size of the quorum depends on the amount of funds requested in the prposal. There actually is a managerial class with very limited duties. There are 11 so-called “curators” who read proposals and vet them for basic flaws and scamminess. They also manage the status of the payment addresses on the funding proposals. In order for an address to recieve funding it must be whitelisted by the 5 out of 11 of the curators. The DAO can vote to fire and replace curators.