Decentralized Autonomous Organizations (DAOs) are self-governing organizations controlled and owned by the people who use them. Unlike traditional organizations whose leaders are appointed by a board of directors, a DAO is run by the people who use it. Decisions are made by everyone present in the community, rather than a small number of distant stakeholders, making the DAOs more responsive, efficient, and effective than traditional organizations.
There are around 216 DAOs with a valuation of close to $10 billion, according to a mid-March report from crypto market tracker CoinMarketCap.
A group of peers funds the DAOs, making decisions through a consensus process without a leader, and operating with the help of smart contracts. The DAO is the first successful implementation of a "decentralized organization". It has become an inspiration for others seeking to construct similar autonomous organizations or DAOs, that can help bring about more inclusive, decentralized forms of governance. The potential for autonomous organizations to influence society in the web3 world is vast and represents one of humankind's most exciting potentials for the future.
The concept of a DAO was first proposed in 2015 by Slock.it, a German firm built on the Ethereum blockchain. The Genesis DAO was the project's name, which started a crowdfunding campaign to fund various Web 3.0 initiatives and startups. It was hailed as a game-changing initiative because it raised $150 million in ETH and was one of the first crowdfunding campaigns on the Ethereum blockchain. In the beginning, DAOs were primarily designed to automate decisions and ease bitcoin transactions, but as time went on, DAOs gained a variety of use cases.
However, on June 17, 2016, a hacker exploited a loophole in the DAO's underlying code, allowing them to drain cash of $70 million. The Ethereum developers partnered up with Slokit to recover the stolen funds, but they could only recover 70% of the funds, and 30% had already been lost. Most funds were re-allocated to the network's investors, and that's when the network was hard forked, resulting in two distinct networks: Ethereum and Ethereum Classic.
The original chain, which contains the unaffected fallout of the hack and in which the hacker retains direct control over a large portion of funds, was dubbed Ethereum Classic ($ETC). In contrast, the new chain where the developers retrieved the fund became the main Ethereum ($ETH) chain.
Ethereum was all-new when this hack happened, and many debates erupted, prompting some to question the blockchain's immutability. However, the Genesis DAO breach is an excellent example of a fault that originated not in the Ethereum Blockchain but in one of the Ethereum smart contract apps.
A flaw in the DAO's smart contract allowed a malicious hacker to withdraw funds above what they were entitled to. This type of attack is known as a reentrancy exploit. The malicious hacker used a recursive function to keep re-entering transactions and making withdrawals without updating the amount. This hack demonstrates that the DAO's code had several weaknesses, and the recursive call exploit was one of them.
Even though the Genesis DAO was a significant setback for Ethereum, blockchain development teams have continued to look to the DAO's example for direction on constructing secure smart contracts.
A decentralized autonomous organization is an entity on the blockchain without any central authority control. It is not a corporation, a DAO has no central leader and no human managers. It lives on its decentralized network of computers, followed by the rules encoded in its smart contracts.
The rules are framed for the community members that are transparent and equally shared. For making any change in these rules permission of every member is required. For example, approvals are needed to move funds out of the DAO treasury, change the DAO structure, and make policy decisions
After all group members have agreed on the rules, they are encoded and published on blockchains, usually with standard protocols to be followed by members in the future. To ensure the correct functioning of a DAO network, a decision framework exists among the members and is structured in such a way that participants of the DAO ecosystem are generally rewarded for adding value and punished for acting against the DAO's collective aim.
To put it another way, the DAO runs on governance, which is accomplished by token voting. On-chain voting, which requires a gas fee to register a vote, and off-chain voting, which does not require any gas fees and is carried out through a tool called Snapshot, a decentralized voting tool based on the Inter Planetary File System(IPFS).
Smart contract creation: The DAO's smart contract is created by developers. Once smart contract codes are finalized, they can only amend the rules specified by these contracts through the governance system. Thus the contract is thoroughly checked to ensure that essential aspects are not overlooked.
Funding: Following the creation of the smart contracts, the DAO must decide how to acquire financing and implement governance. Generally, tokens are sold to raise funds, granting holders voting rights.
Deployment: The DAO must be launched on the blockchain once everything has been set up. After the deployment of DAO, it can no longer be altered without a consensus established through a member vote. That is, no specific authority has the power to change the DAO's rules; it is entirely up to the DAO's token holders to decide.
Decentralized crypto-economic protocols, decentralized applications, a marketplace, a game, a peer-to-peer lending system, a decentralized exchange, or a distributed app store are examples of decentralized organizations today.
Source: Coin98 Analytics
Today, dozens of decentralized applications have served as platforms for companies to build new services and products. Many of these Dapps, on the other hand, are still in their infancy, with limited functionality, security vulnerabilities, and scalability issues.
The DAO attack will serve as a wake-up call for the blockchain community, prompting better functionality. Hopefully, this new DAO community will be better prepared to deal with such incidents or even emerge as a zero-loss ecosystem with the help of a smart contract security audit.