The DAO Hack — June 2016

The DAO was a decentralised investment organisation deployed on Ethereum in April 2016 by Slock.it. Token holders voted on investment proposals using DAO tokens purchased with ETH. The contract held approximately $150M in ETH — at the time, roughly 14% of all ether in circulation.

The DAO's withdrawal function had a flaw: it sent ETH to the requesting address before updating the internal balance. A caller whose fallback function re-entered the withdrawal function could drain the contract by repeatedly requesting payment against the same nominal balance.

On 17 June 2016 an attacker executed this exploit, moving approximately 3.6 million ETH into a child DAO under their control. Because the child DAO had a 28-day holding period before funds could be withdrawn, the Ethereum community had time to debate a response.

The Ethereum Foundation proposed a hard fork that would relocate the stolen ETH to a recovery contract from which original token holders could withdraw their pro-rata share. On 20 July 2016, at block 1,920,000, the fork executed. The hard fork was contentious — a minority of validators refused to accept reversal of an immutable ledger and continued on the original chain. That chain became Ethereum Classic.