In Brief
The investors of “The DAO” had their capital rescued after The DAO's decentralized investment funds got hacked, yet the case proves that there may be an urgent need for blockchain regulation.

The New Kid on the Block

The Decentralized Autonomous Organization (DAO) was set to become the first digital decentralized investment fund. Virtually all its daily operations would be handled, well, virtually. This includes investment plans, payments, and even the corporate governance—all of it is determined by code. Its crowd investment in May 2016 turned out to be the most successful crowd funding campaign ever, passing the previous world record held by the video game Star Citizen.

The DAO had no branch offices and no employees. It performed the duty of managing the crowdfunded investment via so-called Smart Contracts based on the Ethereum-Blockchain. Started in 2013, Ethereum uses the Blockchain to store data permanently in public storage and move it around easily and fast. Ethereum provides the infrastructure to set up Smart Contracts: agreements represented and carried out by a software that emulates the logic of traditional financial contracts.

The DAO used Smart Contracts as a replacement for contracts between investors and startups. Everyone could be an anonymous investor by buying Ether, the cryptocurrency of the Ethereum-Blockchain, and with Ether purchase DAO tokens, which are similar to a corporate share. Each investor could then decide to invest into a startup by sending a number of DAO tokens to the respective proposal. The startups can then exchange the token into Ether and later, if necessary, into traditional fiat currency. Smart Contracts would have carried out all of the aforementioned administration processes.

A Hack Hits Home

However, the promise of a new era of startup investing (beyond that of conventional venture capitalists and angel investors) seemed to be destroyed on June 17th, when a hacker took advantage of some of the code of The DAO’s smart contracts and managed to steal 3,6 Million Ether (50 Million USD at the time).
Fortunately for DAO investors, a waiting period for the withdrawal of funds was programmed into the Smart Contract, which the hacker had to abide by before they could exchange their stolen Ether into offline currency. This gave the DAO investors precious time to find a solution to save their investment.

Following heated debates in the Blockchain community, a majority of the fledgling DAO-network agreed to create an alternative version of the Blockchain on which the hack had never happened.

Now the Ethereum-Blockchain exists in two instances. One is the Ethereum Hard Fork (ETH) Blockchain where the hack was made undone. The other is the untouched, but hacked, Ethereum (ETC), which was intended to sink into oblivion and out of use. However, Blockchain-fundamentalists within the cryptocurrency community decided they had other plans: “Code is law”, they maintained, and “If the code of the DAO allowed this hack, the hack is legit”. These fundamentalists continue to operate the ETC Blockchain despite the immediate financial downside for all DAO investors. Strengthening the fundamentalist position, the cryptocurrency exchange Poloniex, was first to list ETC on its exchange, maintaining the liquidity of ETC.

Sadly, before the DAO had a chance to realize its vision of fluid and open investment funds, it turned into a bickering two-headed monster. With ETH a refund has been established where DAO-investors can get their investments back and on ETC the hacker still owns his stolen Ether.

A Legal Gambit

It has been some four months since the hack of the DAO. The months following the hack were turbulent, with the rescue of the investment capital contributing to a split in the blockchain and the corresponding, yet unwanted, doubling of the investment fund and its capital deposits.

During the DAO’s crowd investment campaign, the legal liability of the DAO didn’t seem to bother backers much; however, that changed after the June 17th hack. Suddenly, the question of legal liability became rather pressing.

“Whereas in a legal regime, contracts are enforced by a court, in a blockchain regime, contracts are automatically enforced by the entire network,” explains Florian Glatz, a Berlin based lawyer specializing in blockchain legality. “Therefore, organizations like The DAO do not need to have a legal personality to operate. On the other hand, the people building, investing and working with DAOs are very much members of our established legal systems.”

Regulators are only just beginning to take the first steps to consider blockchain regulation. In May of 2016, the European Parliament approved a proposal to dedicate a task force to digital currencies and blockchain-technology. However, the proposal clearly mandates a hands-off approach with minimal to no regulations suggested during the early stages of the blockchain’s life.

In September 2016, the US House of Representatives passed a non-binding resolution calling on the US government to craft a national technology policy that includes digital currencies and blockchain-technology.

But the question remains—how can smart contracts be interwoven with the same rules and regulations that govern the very real financial world? Up to now, intermediaries such as banks allow regulators to enforce policy choices, whereas the key feature of the blockchain is that there are no more intermediaries to begin with.

A further hurdle to cryptocurrency regulation is that Smart Contracts-run organizations are not comparable with classical legal entities found in the business world. Blockchain-companies do not currently register themselves in legally recognized ledgers, nor has it been decided if DAO tokens (similar to corporate shares) are financial products that fall under standing financial regulations.

A Way Forward?

Glatz suggests that, in the near future, groups organized as DAOs that interact with physical or even just intellectual assets, will have to find ways to establish a complementary legal counterpart to their virtual company form. “First attempts are based on non-profit foundations holding funds as impartial, classically-regulated intermediaries. In the mid-term future, capital market regulation will be adapted to fit blockchain-based investment schemes.”

Obviously, there is rising concern more regulation that exists for blockchains, the higher the threshold will be for organizations to use blockchain. In a world where cryptocurrency is regulated, innovations such as The DAO likely would have never happened.

Glatz suggests the novel technique of “regulatory sandboxes” as a potential path forward to allow for grassroots movements such as The DAO ecosystem, while ensuring that those businesses, which reach a mass market audience, transition into a fully regulated state eventually. “In the near to midterm future, jurisdictions that offer such a sandbox model for startups, will attract the most disruptive firms.”  The UK and Singapore are two countries fostering such a startup-friendly environment.