Hackable DAOs Follow Hackable Protocols, and the Internet Has Noticed  by@web3scout

Hackable DAOs Follow Hackable Protocols, and the Internet Has Noticed

image
web3scout HackerNoon profile picture

web3scout

web3/cybersec consulting, r&d web3scout at gmail.com

Too much buzz around DAOs at a very abstract level. Unfortunately, in practice there are a lot of misunderstanding, pitfalls and risks.

Who controls any DAO?

The very first DAO is the Bitcoin network and protocol. The simple answer to question - “Who controls any DAO?” is a protocol. The problem is that protocols are developed by somebody. Protocols need to be updated. The 1st risk is centralization on protocol/code developers, a human factor. Protocols should be created and improved by decentralized community.

The 2d risk follows the 1st one. It’s an imperfect technology and implementation, lets look into Rekt Capital’s hacks leaderboard:

image

Decentralization has its own fundamental bugs, any decentralized system or protocol is hackable by 51% attack, DAOs are hackable same way. Anyone who controls more than half of governance power (tokens) can propose and execute any transaction, including the withdrawal of all DAO treasury.

Following code is from most popular openzeppelin smart contracts library.

image

Most simple DAOs can be considered as multi-sig wallet with extended function to call other smart contracts and send/receive crypto. It’s simple but powerful, such DAO can participate in any protocols available, interact with oracles, can be extended by other smart contracts. But hacks leaderboard shows new records.

Unhackable and efficient governance itself is a challenge.

image

Looks like a sci-fi utopia, but who knows?

image

Centralization and middlemen are a big stop factors for humanity progress, new forms of digital distributed organizations are needed, let’s hack in order to turn hackable DAOs and governance into unhackable unhackable DAOs.

To be continued…


Welcome to the Decentralized Internet Contest!

Too much buzz around DAOs at a very abstract level. Unfortunately, in practice there are a lot of misunderstanding, pitfalls and risks.

Who controls any DAO?

The very first DAO is the Bitcoin network and protocol. The simple answer to question - “Who controls any DAO?” is a protocol. The problem is that protocols are developed by somebody. Protocols need to be updated. The 1st risk is centralization on protocol/code developers, a human factor. Protocols should be created and improved by decentralized community.

The 2d risk follows the 1st one. It’s an imperfect technology and implementation, lets look into Rekt Capital’s hacks leaderboard:

image

Decentralization has its own fundamental bugs, any decentralized system or protocol is hackable by 51% attack, DAOs are hackable same way. Anyone who controls more than half of governance power (tokens) can propose and execute any transaction, including the withdrawal of all DAO treasury.

Following code is from most popular openzeppelin smart contracts library.

image

Most simple DAOs can be considered as multi-sig wallet with extended function to call other smart contracts and send/receive crypto. It’s simple but powerful, such DAO can participate in any protocols available, interact with oracles, can be extended by other smart contracts. But hacks leaderboard shows new records.

Unhackable and efficient governance itself is a challenge.

image

Looks like a sci-fi utopia, but who knows?

image

Centralization and middlemen are a big stop factors for humanity progress, new forms of digital distributed organizations are needed, let’s hack in order to turn hackable DAOs and governance into unhackable unhackable DAOs.

To be continued…

Comments

Signup or Login to Join the Discussion

Tags

Related Stories