Press J to jump to the feed. Press question mark to learn the rest of the keyboard shortcuts
175

A Call for a Temporary Moratorium on The DAO

175
Posted by3 years ago
Archived

A Call for a Temporary Moratorium on The DAO

Hi Everyone!

I'm making a call for a temporary moratorium on the DAO. If it goes into effect, the moratorium would last until certain security issues are resolved.

The purpose of the moratorium is to protect the DAO's token holders against the affirmative voting bias, and to prevent attacks. The fixes to these problems meet the token holders' expectations that the Curators are able to prevent majority takeover attacks, and the expectation that token holders are able to withdraw their money at any time.

This is a result of a two-week deep dive into the DAO's rules and game theory. Dino Mark and Emin Gun Sirer took a lot of time to audit the DAO's code and, with help from other community members, we have done a lot of analysis of the mechanism design/game theory of participating in the DAO.

Here's Emin Gun Sirer's blog post on the topic: http://hackingdistributed.com/2016/05/27/dao-call-for-moratorium/

Here's a work-in-progress paper documenting our analysis in detail. https://docs.google.com/document/d/10kTyCmGPhvZy94F7VWyS-dQ4lsBacR2dUgGTtV98C40/edit#

Edits to come.

87 comments
97% Upvoted
This thread is archived
New comments cannot be posted and votes cannot be cast
Sort by
level 1
22 points · 3 years ago

I think it makes all the sense in the world to protect The Dao now that it as grown much larger than anyone initally anticipated and I full support a cautious approach since we are in completely uncharted waters at this point.

I also really like the idea that was posted somewhere else that the DAO can only fund other DAOs

level 1
16 points · 3 years ago

Very nice work, after reading this I totally agree. Even just the lack of reliable GUIs yet is enough in my opinion to place voting on hold indefinitely.

level 2
2 points · 3 years ago

Myetherwallet.com worked way better than the Mist wallet for me. Made voting and even viewing proposals real easy.

level 1
14 points · 3 years ago

You can also vote here: https://dao.consider.it/

Temporary moratorium on the DAO - Security Issues

level 1
12 points · 3 years ago

Fully agree with the moratorium. And thank the three of you very much for spending the time to do this analysis!

level 1
11 points · 3 years ago

+1

level 1
18 points · 3 years ago

Very well written summary of The DAO and attack vectors.

level 2
18 points · 3 years ago

Agreed, vlad and his colleagues did a genuine service to the community here.

level 1
8 points · 3 years ago · edited 3 years ago

Nice job, way to take the initiative and address these problems.

level 1
22 points · 3 years ago

Let me make one thing clear: as a curator I do not support a curator-led moratorium because I don't believe our job is to lead but to follow the token holders. As a token holder I would like to see an experiments on child DAOs that would hold a few million ether only and have these issues resolved. But as a curator, only thing I ask is:

If you are a token holder, please start a self proposal tomorrow asking about the moratorium or vote in one if it's there. Whatever the token holders decide, I will support.

level 2
13 points · 3 years ago · edited 3 years ago

The role of Curator is to safeguard the DAO. We are in uncharted territories and curators' first responsibility is to protect the DAO. If the curators collectively announce due to personal reasons/illness you will not review code or whitelist anyone for 2-3 months, it's well in line of the spirit of your duty and it's well appreciated. I am sure you will all feel better and come back to your duty when there is a good proposal to update the DAO with proper security measures.

level 2
3 points · 3 years ago

There's already r/microdao.

level 2
1 point · 3 years ago

Preach on, avsa! :)

These folks need to review & accept the DAO proposition first before making such requests.

level 1
6 points · 3 years ago

THE FIXES PROPOSED FOR DAO 1.1 CAN BE WORK ARROUND WITHOUT MOVING FROM DAO 1.0 to DAO 1.1

The Idea is that the proposal contract checks this conditions in the main DAO when it is executed.

That is, the proposal must check that the number of yes is over the quorum, and it also will throw if it is signed before the Split grace time (8 days). The proposal still has 2 days to be executed.

With curators only approving proposals that meets this conditions we solve this two issues.

The third issue is about the extraBalance, that does not apply after the closing period.

And the forth is the stalker attack. It has been proved that with a quite complex tactic the attacked can take the attacker's money. It would be good to write a program/script that the normal DTH just run in the background and handles this tactic. So this should not be a big issue.

level 1
6 points · 3 years ago

Great work! I support this 100%

level 1
3 points · 3 years ago

from the troll box: "First DAO proposal is to pay some security guy to be on call for 150k a year"

level 1
3 points · 3 years ago

Something you might want to add to the paper:

In order to blackmail the victim, the stacker creates a smart contract that splits the ether in the childDAO between the attacker and the victim in required proportions. Then the attacker demands that the victim whitelists the address of that contract.

level 1
6 points · 3 years ago

Very interesting. I must admit I have underappreciated the role of the curator when I first saw it. Now I understand how important these people are for the DAO. Thanks, Vlad, and thanks Alex /u/avsa for stepping in. We do need to step back and think clearly. I do not like being under pressure to start dealing with proposals when it is very tricky to decide what to do with the affirmative bias. I was also quite worried about the effects of concurrent proposals. And stalker attack, of course. I think it is quite real.

I agree with Alex that the job for tomorrow to make a SELF proposal to call on the curator for such a moratorium.

More posts from the TheDao community
Continue browsing in r/TheDao
__THIS IS THE UNOFFICIAL SUB OF THEDAO!__
1.9k

Members

0

Online


Created Apr 1, 2016