One summer morning in 2016, the cryptocurrency community woke up in a world where stealing $55 million was technically legal—if you could read the code well enough.
🔍 June 17, 2016, at 05:34 UTC, monitoring bots detected an anomaly in the smart contract of The DAO—an automated venture fund managed not by people, but by algorithms on the Ethereum blockchain. Within hours, an unknown address began methodically draining ETH tokens, like an ATM with a frozen program spitting out bills at the press of a button. By noon, 3.6 million ETH had vanished—a third of the fund’s assets, about $55 million at that day’s exchange rate. Panic flooded Reddit and Slack channels: was this theft? Or a brilliant exploit of a bug in public code, one anyone could have found and used?
💀 The DAO was the star of the moment—$150 million raised through a crowdsale in May 2016 made it the largest crowdfunding project in history. Over 11.5 million ETH—14% of all existing Ether tokens—were locked in a smart contract written in Solidity. The idea shone with utopian purity: a venture fund without bosses, where decisions were made by token voting, and profit distribution was automated. Code is law. The blockchain knows no mercy, no judges, no appeals. But no one anticipated that this principle would turn against its creators when a hacker found a legal loophole worth $55 million in the code.
⚙️ The vulnerability hid in the splitDAO function—a mechanism allowing investors to create "child" autonomous organizations and withdraw their share of tokens. The contract’s logic was simple: a user calls the function, it transfers funds, then updates the balance in the database. The hacker spotted a fatal detail: between the transfer and the balance update, there was a time gap. The function first sent the money, then recorded in the ledger that the money had been sent. In that millisecond window, you could call splitDAO again, and the contract, seeing the unupdated balance, would transfer the funds again—and again, and again, until the gas (the computation fee) ran out.
🧠 This was recursion in its purest form—a programming technique where a function calls itself. In computer science textbooks, it’s used for elegant sorting algorithms. On the Ethereum blockchain, it became an infinite loop of theft. The hacker sent a transaction that spawned a child DAO, requested a transfer of 258 ETH, but before the contract could record "balance reduced," an internal call demanded 258 ETH again—and so on, 376 times in a single transaction. The Ethereum Virtual Machine dutifully executed the commands: the code contained no syntax errors, it just didn’t work as the developers intended.
💣 The community froze in shock. Technically, the hacker hadn’t broken the system—they’d used its documented functionality. In traditional law, this is called "abuse of rights," but the blockchain doesn’t care about intent. Vitalik Buterin, the 21-year-old creator of Ethereum, published an analysis of the exploit and admitted: "The code works as written. The question is what we meant by that." Forums erupted in battle. Purists shouted: "Code is law! The hacker acted within the rules!" Pragmatists countered: "This is theft, disguised as legalism!" But the blockchain knows no morality—only hash functions and consensus.
🎭 Meanwhile, the stolen tokens were trapped: due to the contract’s logic, the hacker could only withdraw them 27 days after creating the child DAO. The community had a month to make a decision that would split the ecosystem in two. The DAO’s developers proposed a soft fork—a patch blocking the hacker’s transactions without altering the blockchain’s history. But within days, a new problem emerged: the soft fork created a DoS attack vector, allowing malicious actors to overload the network for free. The only option left was a hard fork—a full chain rollback, undoing all events after the attack. The equivalent of time travel for a distributed database.
⚖️ July 20, 2016, at block height 1,920,000, the Ethereum Foundation executed a hard fork—a retroactive reversal of the theft by changing the protocol. A new smart contract returned funds to 11,000+ investors, as if nothing had happened. The vote showed support for the fork, but the numbers were deceptive: fewer than 6% of ETH holders participated. Most voted with their wallets—simply updating their client software and continuing to mine the new chain. But a minority refused to accept the "history edit."
🪓 The split was irreversible. A group of miners and ideologues continued mining blocks on the original chain, where the hacker kept their 3.6 million ETH. This chain was named Ethereum Classic (ETC)—a blockchain for those who valued immutability over justice. Exchanges listed two coins: ETH (the new, "corrected" one) and ETC (the old, "principled" one). The DAO’s investors got their money back in ETH, but also unexpectedly found an equivalent sum in ETC—a byproduct of the split. The hacker, too, received a duplicate of the stolen funds in ETC, but by then, their address was under close watch, and cashing out millions without deanonymization was impossible.
🔥 The debate exposed a fundamental paradox of decentralization: who makes decisions when there’s no center? Formally, token holders voted, but de facto, the direction was set by core developers, who released a client with the hard fork enabled by default. The apathetic majority simply downloaded the update without diving into the ethics. Critics called it "developer tyranny"—a situation where a small technical elite dictates rules under the guise of consensus. Supporters responded: "This isn’t centralization, it’s coordination in a crisis." But the question remained: if a blockchain can be rolled back by a 6% vote, how resistant is it to censorship at all?
📉 In September 2016, The DAO’s tokens were delisted from major exchanges—Poloniex and Kraken. The project, which began as a manifesto of autonomous economics, ended with manual asset liquidation. Investors got their money back, but the reputational damage was immeasurable. Ethereum lost its aura of infallibility: if code could be undone after the fact, what was the point of blockchain at all? Critics gloated: "You built a database with expensive consensus, then manually edited records like in Excel."
⚖️ In July 2017, the U.S. Securities and Exchange Commission (SEC) issued an official ruling: The DAO’s tokens were securities, and their sale violated federal U.S. laws. The organizers avoided charges (the SEC deemed the project’s collapse sufficient punishment), but a precedent was set. Any token crowdsale promising profit fell under the jurisdiction of traditional financial regulators. "Code is law" collided with the SEC—and lost. The blockchain turned out to be just one layer of reality, and above it, states with police and courts still existed.
🕵️ The hacker’s identity was never established. Some suspected The DAO’s insiders, who knew the code inside out. Others believed in the version of an external white hat hacker, trying to expose the vulnerability before someone malicious did. In an anonymous Pastebin letter, someone claiming to be the attacker wrote: "I acted strictly according to the contract’s code. The funds were obtained legally. The hard fork is theft from me." But proving authorship was impossible—the blockchain anonymizes everyone equally, criminals and victims alike.
🌐 Today, in 2026, Ethereum (ETH) dominates with a market cap in the hundreds of billions, becoming the foundation of the DeFi ecosystem and NFT markets. Ethereum Classic (ETC) exists as a niche coin for ideologues, trading at a fraction of the price. The 2016 hard fork remains a scar on the crypto industry—a reminder that "immutable" systems can be changed if the stakes are high enough. After The DAO, the Ethereum team introduced formal smart contract verification, static analysis tools, and multi-layered code audits. New languages like Vyper were designed to prevent recursive attacks.
🔬 The industry learned a painful lesson: code isn’t law—it’s an interpretation of the programmer’s intent. Today, major DeFi protocols like Aave and Compound use "pauses"—centralized emergency stop buttons controlled by multi-signature wallets. It’s a compromise: decentralization with a kill switch. Critics call it a betrayal of ideals, pragmatists call it maturity. The SEC continues to pursue ICOs, using The DAO case as precedent: in 2023-2025, the regulator won lawsuits against Ripple Labs and dozens of other projects, citing the 2017 ruling.
💰 And the stolen 3.6 million ETH? In the new chain (ETH), they were returned; in the old one (ETC), they remained in the hacker’s address, frozen by suspicion. At 2026 prices, it would be worth billions, but cashing out is impossible—every move is tracked by analytics systems like Chainalysis. The hacker won the technical battle but lost the economic war. The DAO died, but its ghost haunts every smart contract audit, every hard fork vote, every debate about where code ends and responsibility begins. In a world where money is a program and the program is law, it turns out human morality still matters more than the compiler.