The DAO is not the Tao

Originally written by Lee Bryant on June 21, 2016.

Traditional German guild sign for a glazier (Wikimedia)

The future of institutions in the digital age is a question that fascinates me because it is where the values (and value) of old and new collide in such an interesting way. I gave a talk about this at the recent OuiShareFest event in Paris, arguing both that the inherent conservatism of institutions can protect long-term values against short-term volatility, and also that we need to urgently upgrade them to protect the best human values of our digital age.

Perhaps, as my colleague Anne McCrossan has argued, we do not need institutions, just instruments, in the new world, but I think the current ongoing story of how the first attempt to create a genuinely Distributed Autonomous Organisation (DAO) failed can provide us with some fascinating lessons, and it suggests that perhaps there is still a role for institutions after all. There are good reasons why and how they evolved to maintain knowledge, practice and values, such as professional standards in guilds or the hippocratic oath for doctors, and carry them into the future. But clearly we need to re-imagine them and aim for something that embodies our human, connected and distributed values of today, rather than those of yesterday’s bureaucratic elites.

OuiShareFest was dominated by discussion on the blockchain, Ethereum and the DAO. Primavera De Filippi gave a really enjoyable talk about the potential for distributed systems and the DAO, using a mechanical plant artwork that you can feed with Bitcoins as a prop. Vinay Gupta was also inspiring in his massively over-optimistic view of a global computer that can solve climate change (I am oversimplifying, of course). But some of the other talks, like much Blockchain cheerleading, said nothing of any substance and the speakers were just pedalling the hypecycle. So strong was the commendable commitment to decentralisation at the event, that I felt like a grumpy naysayer for asking what would happen if The DAO and Ethereum suffered another Mt. Gox-type theft or scandal, as the Bitcoin community has seen repeatedly, and how this could be avoided.

Soon after the event, the DAO invited contributions to what is effectively a distributed VC fund of DAO tokens, based on Ethereum’s blockchain and using its ETH currency. The idea was that this capital would be allocated to ventures and projects automatically based on voting among participants. On this basis, the DAO raised the equivalent of $160m within a very short space of time, with the idea being that smart (i.e. entirely programmatic) contracts recorded on the blockchain would drive the allocation of tokens to projects with no human oversight:

The terms of The DAO Creation are set forth in the smart contract code existing on the Ethereum blockchain at 0xbb9bc244d798123fde783fcc1c72d3bb8c189413. Nothing in this explanation of terms or in any other document or communication may modify or add any additional obligations or guarantees beyond those set forth in The DAO’s code. Any and all explanatory terms or descriptions are merely offered for educational purposes and do not supercede or modify the express terms of The DAO’s code set forth on the blockchain.

Inevitably, however, the smart contract code had bugs and somebody discovered a ‘recursive send’ exploit that could be run over and over again to drain the DAO’s funds into a child DAO. The bug was apparently known and a fix planned, but he or she got in there quickly enough to siphon approximately $50m of DAO tokens into a child DAO under their control, albeit one they cannot liquidate for 27 days. During that time, the community behind the project has to either let them walk away with the funds and preserve the sanctity of the idea that code is sovereign and the DAO cannot be reset by humans, or somehow roll back the DAO with a soft or a hard fork to preserve the funds through human intervention. As others have pointed out, this seems like a pretty unnecessary and dumb failure, rather than the kind of celebrated ‘fail fast’ event that we can learn from to improve. Instead, not only is the DAO effectively finished, but the very concept of DAOs has been set back considerably thanks to the naivety of this first implementation.

The perpetrator of this ruse was quite clear that they did nothing wrong and had merely used the provisions of the code to move tokens, and despite being labelled a ‘hacker’ or ‘attacker’, their actions were not illegal in any way, hinting that they would take their own legal action if the ‘smart’ contract they used was overridden to prevent them liquidating the funds.

The story has unsurprisingly attracted a lot of commentary. Wired wrote about “A $50 Million Hack Just Showed That the DAO Was All Too Human”; but my favourite is Matt Levine’s insightful analysis, which digs into the question of contractual intent versus technical execution and reminds us that the messy, imperfect and overlapping world of legal institutions that govern contract law has evolved to protect us against clever technical exploits that go against the spirit of an agreement. He also pointed out a curious aspect of the story, which is that even some participants who stand to lose money argue that any attempt to fork the DAO to rollback the transactions would be wrong and invalidate the very notion of the DAO:

Others, such as Paul Hartzog writing for the P2P Foundation, argue that the rollback proves a distributed system can protect funds in a way that conventional banks cannot, because the transactions all took place in the open, on the ledger, and the community can therefore declare them invalid and reverse them, despite the fact that this required the equivalent of a bail out-type intervention.

With only 27 days to decide, the community behind the DAO and Ethereum have some tough calls to make, and the technical co-Founder of Ethereum, Vitalik Buterin, has been very active in trying to identify bugs and security vulnerabilities in the smart contract code, whilst also canvassing opinion on whether or not to fork. Predictably enough, Vitalik sees only technical solutions to what he regards as a technical problem, but what this episode demonstrates is a more a lack of understanding of people, trust, law (see this analysis for a taste of just how naive the DAO’s reading of smart contract law actually was) and economics than a lack of security hardening.

This is not the first time that developers see the potential for perfect technical solutions to messy social problems, and it won’t be the last. It reminds me of debates about online identity in the early 2000’s, where many people believed we could create a perfect system of online ID verification without any knowledge of the dangers and risks of such a system in the wrong hands, or its potential to exclude people. It also reminds me of debates about ontologies and what was briefly called Web 3.0, which aimed to create perfect logical structures for the organisation of knowledge. In the field of organisation design, it also has echoes of holacracy, another perfect technocratic system that seeks to legislate away the messiness of humanity and give up power to a ruleset in the form of a long and bureaucratic constitution.

There is a huge role for algorithmic management and smart contracts within organisations and future institutions, but I believe they should serve, rather than govern, human purpose.

As a reader of history, I think one of the key lessons of the C20th was the danger of apparently utopian systems when given power over people, and the concomitant damage done by over-zealous utopians who are happy to tolerate some broken eggs in pursuit of their perfect omelette. I often go back to the example of early Czech Communism, as described by the beautiful novels of Milan Kundera, who paints a picture of idealists seeking a perfect system only for that system to turn around and imprison them when run by rule-obsessed bureaucrats. Humanity is always messy and ambiguous, and most attempts to flatten it out into something ordered result in tyranny.

The blockchain is just a database. In theory, it could so some interesting things, as described in the recent Goldman Sachs research paper on the topic, such as peer-to-peer energy distribution, better forms of real estate title insurance and recording, certain financial instruments such as collateralised loans and leveraged loans, or perhaps it could help create genuinely peer-to-peer replacements for centralised ‘sharing economy’ firms such as AirBnB and Uber. But even in these areas, there are many reasons why it may not be the silver bullet we expect.

Stock markets began as a way to allocate investment to firms that needed it, but High Frequency (algorithmic) Trading has little to do with investment needs and everything to do with playing the system to make money for speculators, rather than investors. Similarly, companies exist not just to make money or allocate capital to maximise returns, but to do something for somebody. The economy exists to create a better society, not the other way around.

Decentralisation is powerful and meaningful when it spreads power to people, connected in networks of trust, not when it allows bedroom hackers to hide behind anonymous identities to game the system, like day traders pumping and dumping shares or spoofing trades to move markets.

In my talk at OuiShareFest, I suggested that institutions need to become simultaneously more human (as in more connected, more networked) and less human (as in more technocratic and algorithmic, and less prone to capture by dominant groups). I like this conundrum precisely because it is so resistant to simple answers and polarisation. The other principles I suggested for modern institutions were that they should be:

  • networked – an organisation built arounds connections and ecosystems.
  • lateral and pace-layered, with layers evolving at different speeds, rather than just an up-down hierarchy.
  • service-oriented rather than departmental and functional; focused on’customer’ needs.
  • platform-based: embody key functions in a shared platform that others can use.
  • distributed: based on small teams connected by networks, working on a shared platform.
  • self-managed: people manage themselves and their work in a data-rich environment with basic middle management reporting functions perhaps replaced by algorithms.
  • ‘cyborganised’: people and machines working together, but with people in control.
  • sentient: using the ‘human sensor network’ to create a self-aware organisation.
  • self-aware: distributed real-time data for all participants rather than restricted management reporting information only being shared upwards.
  • agile and responsive: able to evolve structures and practices to better pursue its purpose.
  • glocalised: located in physical or virtual communities but operating globally; having some sense of responsibility for the communities it works with.

Humanity is complex, but it is also powerful and capable. Any attempt to iron out the kinks and create perfect technocratic organisations is doomed to fail, and instead we should be trying to use distributed computing, smart contracts and algorithms in general to support human ingenuity and to produce better organisations that can create good outcomes for people. This is why we should be careful before we buy into the techno-determinist dreams of those who are a little too keen to leave our humanity behind. Decentralisation that strengthens our mutual dependence, connections and responsibilities to each other, rather than abstracting them behind purely online constructed identities, is what we should be aiming for.