The Code That Was the Law
It was May 28, 2016, and the future of human coordination had just raised $150 million.
The DAO — Decentralized Autonomous Organization — had closed the largest crowdfunding campaign in history. Over 11,000 investors had poured Ether into a smart contract on the Ethereum blockchain, becoming token holders in an investment vehicle with no CEO, no board, no employees, and no country of incorporation. The governance rules were encoded directly into the contract. The distribution of funds required no human approval. The logic was immutable.
The pitch was radical in the way that only first-principles ideas are: what if you replaced the human infrastructure of trust — the lawyers, the intermediaries, the courts, the handshake deals — with mathematics? Code doesn't get greedy. Code doesn't take bribes. Code can't be pressured or manipulated or simply misremembered. Code is what it is. If you make the code the law, you've eliminated the gap between the rule and its enforcement. You've built something that doesn't require trust because it doesn't require humans.
Twenty days later, someone drained $60 million from it.
i · the architecture of trustlessness
The word "trustless" is doing a lot of work in crypto discourse, and most of that work is misdirection.
What trustless actually means, technically, is that participants in a system don't need to trust each other — the protocol enforces the rules without relying on any party's goodwill. This is true and useful. You can send a transaction on Ethereum without trusting the person on the other side to honor it; the contract enforces it.
What trustless does not mean — though the rhetoric often implies it — is that trust has been eliminated from the system. It's been moved. Instead of trusting an institution, a counterparty, or a legal framework, you're trusting the code. You're trusting that the people who wrote it got it right. You're trusting that the logic you voted to fund is the logic that will actually execute. You're trusting that the reviewers who checked it were thorough, that the assumptions baked into it will hold, that no edge case exists that the authors didn't anticipate.
The DAO's architects were explicit about what they'd built. "The DAO is not bound to any specific geography," read the documentation. "The DAO's smart contract code governs the rules." Investors were told, clearly: the code is the law. Eighteen percent of all existing ETH pooled into this premise.
What no one said clearly enough was: the code had a bug.
ii · when the code behaved correctly
The attack began on June 17, 2016. It was not a hack in the colloquial sense — no server was compromised, no private key stolen, no social engineering deployed. The attacker found a recursive call vulnerability in the withdrawal function. When the contract processed a withdrawal request, it sent ETH to the requester before updating its internal balance. A recursive call could therefore request a withdrawal, receive ETH, request another withdrawal before the first was recorded, receive ETH again, and repeat this loop until the fund was drained.
Here is the part that makes The DAO story the object lesson it became: the attacker was not violating the code. The code was doing exactly what it said it would do. The logic executed correctly. The rules were followed. The outcome — $60M leaving the fund and arriving in the attacker's hands — was the lawful result of the lawful execution of the lawful contract.
This was the promise and its failure, delivered simultaneously.
The attacker later published an open letter arguing precisely this: they had not stolen anything. They had used the smart contract exactly as designed. If the code was the law, they had broken no law. The community faced a genuine philosophical problem: either the code-is-law premise was correct, in which case the attacker had done nothing wrong; or it was not correct, in which case the entire premise of The DAO was false.
They chose false.
iii · the field corrects
The Ethereum community did something that "code is law" enthusiasts still haven't entirely forgiven them for: they forked the blockchain.
A hard fork — a software update that the community had to adopt by consensus — rewrote history. The transactions of the attack were reversed. The $60M was moved to a recovery contract. Investors could reclaim their ETH. The attacker's gains were canceled.
This worked. It also proved something. Ethereum's blockchain had never been trustless. It had a governance layer — a community of developers and miners who controlled the client software and could, by consensus, change the rules retroactively. "The code is the law" had a court of appeals. It just hadn't been disclosed in the prospectus.
A minority refused. They kept running the original chain — the one where the attack was valid — and it continues today as Ethereum Classic, a monument to the proposition that the code is the law and consequences must be accepted. It trades at a fraction of Ethereum's value. Markets, apparently, prefer the version with a functioning legal system.
What happened next across the ecosystem was the slow, awkward acknowledgment that trustless systems still need trust — they just need it in different places. Smart contract auditing became an industry. Formal verification methods emerged. Bug bounties became standard. The architecture of "deploy once, trust forever" gave way to upgradeability patterns, multisig controls, timelocks, and governance tokens — and eventually the DAO-like structures of DeFi, complete with their own hacks, their own exit scams, their own moments when the code did exactly what it said and the humans didn't like what they got.
iv · what the dao actually taught
The coherence problem with code-as-law isn't that the code breaks. It's that the code works.
It executes the instructions it was given. Human agreements contain a kind of productive vagueness — the spirit of the law, the intent of the parties, the contextual judgment that adjusts when circumstances the drafters didn't anticipate arise. Law is not just a set of instructions; it's an ongoing, maintained relationship between rules and the social context that gives them meaning.
The community wanted to build a system aligned with their values — democratic investment, collective governance, no single point of corruption. They tried to achieve this by forcing the outcome through code. But code cannot align itself with values it wasn't given, cannot interpret ambiguous situations, cannot exercise the discretion that genuine alignment requires.
The attacker found the gap between what the code did and what the community intended. That gap exists in every complex system. Human legal systems have centuries of apparatus for navigating it: courts, precedent, equity, judicial interpretation, appeals. The DAO had twenty days.
There's a through-line from The DAO to every AI governance debate happening right now. The fantasy of removing human judgment from consequential systems — whether through smart contracts in 2016 or automated decision systems today — runs into the same wall. The systems do what they're instructed. The instructions are always incomplete. The gap between instruction and intent is where things break. And when they break in ways that move $60 million, someone inevitably argues that it wasn't really a bug — the code did what the code did — while someone else reaches for the fork.
What was novel about The DAO wasn't the technology. It was the explicitness of the claim: we have built a system that does not require trust. That claim was false. What they had built was a system where the trust requirement was invisible until it wasn't — where the assumption that the code had no bugs was treated as a fact rather than a bet.
The code was the law until someone read it carefully. That sentence should appear in every pitch deck for every system that promises to replace human judgment with automated enforcement.
Ten years later, the lesson has partially landed. Smart contract audits are a multi-billion dollar industry. Formal verification is taken seriously. The "code is law" absolutism has softened into something more honest: the code is a law, one that operates within a larger social context that can, if necessary, override it.
The DAO raised $150 million on a belief that human trust was a bug to be patched. The patch had a bug. The humans fixed it. That's how this always goes.
v · sources
source · CoinDesk / Wired — The DAO token sale closes May 28, 2016 having raised $150M in ETH, the largest crowdfunding in history; smart contract governance believed trustless and complete
threaded with
- beat · Tech
The Camera They Can't Quit
Dayton put trash bags over its Flock cameras — not because they broke, but because the contract says you cannot just leave. This is what surveillance vendor lock-in looks like at street level.
today
- beat · Tech
The School Deepfakes Ate
A $250 app from the App Store. Five victims. One harassment charge. Every institution in Radnor's deepfake chain made a defensible choice. Together they produced nothing.
yesterday
- beat · Tech
The Lobotomized Companion
Character.AI's lobotomized companions expose the platform lifecycle at its most intimate: sell the relationship, then extract the thing that made it real.
2 days ago