Decentralized autonomous organization

A decentralized autonomous organization (DAO), sometimes called a decentralized autonomous corporation (DAC), is an organization represented by rules encoded as a computer program that is transparent, controlled by the organization members and not influenced by a central government, in other words they are member-owned communities without centralized leadership. A DAO's financial transaction record and program rules are maintained on a blockchain. The precise legal status of this type of business organization is unclear.

A well-known example, intended for venture capital funding, was The DAO, which amassed $150 million in crowdfunding in May 2016, and was hacked and drained of US$50 million in cryptocurrency weeks later. The hack was reversed in the following weeks, and the money restored, via a hard fork of the Ethereum blockchain. Most Ethereum miners and clients switched to the new fork while the original chain became Ethereum Classic.

Background
Decentralized autonomous organizations are typified by the use of blockchain technology to provide a secure digital ledger to track digital interactions across the internet, hardened against forgery by trusted timestamping and dissemination of a distributed database. This approach eliminates the need to involve a mutually acceptable trusted third party in any decentralized digital interaction or cryptocurrency transaction. The costs of a blockchain-enabled transaction and of the associated data reporting may be substantially offset by the elimination of both the trusted third party and of the need for repetitive recording of contract exchanges in different records. For example, the blockchain data could, in principle and if regulatory structures permit it, replace public documents such as deeds and titles. In theory, a blockchain approach allows multiple cloud computing users to enter a loosely coupled peer-to-peer smart contract collaboration.

Vitalik Buterin proposed that after a DAO is launched, it might be organized to run without human managerial interactivity, provided the smart contracts are supported by a Turing-complete platform. Ethereum, built on a blockchain and launched in 2015, has been described as meeting that Turing threshold, thus enabling such DAOs. Decentralized autonomous organizations aim to be open platforms through which individuals control their identities and their personal data.

Governance
DAO governance is coordinated using tokens or NFTs that grant voting powers. Admission to a DAO is limited to people who have a confirmed ownership of these governance tokens in a cryptocurrency wallet, and membership may be exchanged. Governance is conducted through a series of proposals that members vote on through the blockchain, and the possession of more governance tokens often translates to greater voting power. Contributions from members towards the organizational goals of a DAO can sometimes be tracked and internally compensated. Inactive holders of governance tokens can be a major obstacle for DAO governance, which has led to implementations of allowing voting power to be delegated to other parties.

Social
Inactive or non-voting shareholders in DAOs often disrupt the organization's possible functionality.

Legal status, liability, and regulation
The precise legal status of this type of business organization is generally unclear, and may vary by jurisdiction. On July 1, 2021, Wyoming became the first US state to recognize DAOs as a legal entity. American CryptoFed DAO became the first business entity so recognized. Some previous approaches to blockchain based companies have been regarded by the U.S. Securities and Exchange Commission as illegal offers of unregistered securities. Although often of uncertain legal standing, a DAO may functionally be a corporation without legal status as a corporation: a general partnership. Known participants, or those at the interface between a DAO and regulated financial systems, may be targets of regulatory enforcement or civil actions only if they are out of compliance with the law.

Security
A DAO's code is difficult to alter once the system is up and running, including bug fixes that would be otherwise trivial in centralized code. Corrections to a DAO require writing new code and agreement to migrate all the funds. Although the code is visible to all, it is hard to repair, thus leaving known security holes open to exploitation unless a moratorium is called to enable bug fixing.

In 2016, a specific DAO, "The DAO", set a record for the largest crowdfunding campaign to date. Researchers pointed out multiple problems with The DAO's code. The DAO's operational procedure allowed investors to withdraw at will any money that had not yet been committed to a project; the funds could thus deplete quickly. Although safeguards aimed to prevent gaming shareholders' votes to win investments, there were a "number of security vulnerabilities". These enabled an attempted large withdrawal of funds from The DAO to be initiated in mid-June 2016. On July 20, 2016, the Ethereum blockchain was forked to bail out the original contract.

DAOs can be subject to coups or hostile takeovers that upend its voting structures especially if the voting power is based upon the amount of tokens one owns. An example of this occurred in 2022, when Build Finance DAO suffered a coup in which one person amassed enough tokens to get a vote passed, then voted to give themselves full control of the DAO, then, using this power, they drained all of the money from the DAO.