The DAO hack in 2016 was a pivotal moment in blockchain history, revealing vulnerabilities in smart contracts and leading to the split of Ethereum.
What Was The DAO?
The DAO (Decentralized Autonomous Organization) was the first major on-chain venture fund, launched in April 2016. It raised over $150 million in ETH. Investors used DAO tokens to vote on funding proposals. The DAO ran entirely through smart contracts on Ethereum.
How the Hack Happened?
On June 17, 2016, a hacker exploited a vulnerability in the DAO’s smart contract—a recursive call bug—allowing them to drain 3.6 million ETH (worth about $60 million at the time) into a ‘child DAO.’ The stolen funds weren’t immediately usable due to a 28-day holding period, giving the community a small window to respond.
Aftermath and Lessons Learned
The incident exposed the risks of deploying unaudited or complex smart contracts without proper governance. It accelerated the need for code audits, bug bounties, and formal verification tools in DeFi. The community was also faced with the question: should code be law, or should consensus override code in emergencies?
The DAO hack reshaped Ethereum and the entire smart contract landscape. It highlighted that even revolutionary technologies must be built with caution, forever changing how the industry approaches governance, protocol security, and ethical decision-making.
