Albeit The DAO has been attracting a lot of funds from investors during its crowdsale, it appears there are some fundamental issues with the concept which needs to be addressed. According to a recent study, there are multiple reasons for concern.
The DAO Technology is Not Bulletproof
One of the main selling points of The DAO has been how people can just trust the technology since there are no individuals in control of the concept. However, as it turns out, this technology may contain some flaws that most people weren’t aware of. All of these vulnerabilities come forth from unintended consequences of the project’s underlying mechanism.
The biggest flaw is how The DAO technology could be used to tie up investors’ funds indefinitely. This is not something anyone should be looking forward to, as it opens the door for ransom demands or funds being usurped. But that is not the only concern, as the principle to vote on proposals may cause some unintended issues as well.
To be more precise, there is a disincentive to vote no on specific recommendations. In the long term, this could lead to bias being established, which would render the whole point of The DAO entirely moot. Strategic token holders will only want to cast their “NO” vote if they are convinced the outcome of the proposal will be “NO” as well. Doing so requires gaining intelligence of how others will vote, which will not result in reliable information.
Some investors may be looking for ways to pull their ETH funds out of the DAO. The only way to do is by parting ways from The DAO, yet that solution is not safe from harm either. Assailants are, technically speaking, able to pursue individuals who are leaving The DAO and buy tokens during the creation phase. Assuming the attacker would obtain 53% of the tokens or more, he can then effectively deny any proposal made by the user to withdraw funds. This leads to an indefinite trap of user resources and is a very real threat to this technology.
But it gets even worse, as the paper also mentions:
“In the extraBalance Attack, an attacker tries to scare token holders into splitting from The DAO so that book value of TDT increases. The book value of TDT increases because token holders who split can not recover any extraBalance, so as more holders split, the extraBalance becomes a larger percentage of the total balance, thus increasing the book value of the TDT. This attack is made more severe by the fact that once an amount equal to the value of the extraBalance has been spent, a proposal can be created to send any amount of eth to extraBalance and the curator is not able to prevent this via the whitelist.”
All in all, it appears as if The DAO creators have thought long and hard about the technology they intended to use. However, some people have been going over things with a fine-toothed comb and discovered potential weaknesses. The paper makes a mention of how these issues can be addressed and remedied, although that will require technical changes to The DAO or a social agreement among the curators.
Source: Google Docs
Header image courtesy of NewsBTC