Ethereum DAO Hack 2016 | Hard Fork Story, ETH vs ETC Explained

In the summer of 2016, a hacker exploited a reentrancy bug in The DAO — a $150M decentralized venture fund built on Ethereum — and drained 3.6 million ETH (~$60M). What happened next defined Ethereum's identity: a contentious hard fork, a community split, and a permanent debate about whether blockchains should be immutable or correctable.

The DAO (Decentralized Autonomous Organization) was the most ambitious smart contract experiment of its time. Launched in April 2016, it raised 12.7 million ETH ($150M at the time) from 11,000 investors to fund Ethereum-based projects via on-chain governance. Two months later, it was drained. The subsequent response — a hard fork that reversed the hack — created the most important philosophical rift in blockchain history.

What Was The DAO?

The DAO was a smart contract system that functioned as a venture fund: DAO token holders could vote on funding proposals for Ethereum-based projects. If a proposal passed, ETH from the treasury would be sent to the project's address. Token holders could also split from the main DAO by creating 'child DAOs' if they disagreed with governance decisions — this split function turned out to contain the fatal vulnerability.

The DAO was co-founded by Simon and Christoph Jentzsch of Slock.it. It raised its funds in 28 days in April-May 2016, becoming the largest crowdfunding event in history at the time. Security researchers (including Peter Vessenes) raised red flags about the smart contract code before the attack — specifically the reentrancy risk in the recursive call pattern. These warnings were not acted on in time.

The vulnerability: when DAO token holders requested to split and create a child DAO, the smart contract would send ETH to the child DAO before updating the internal balance. An attacker could create a child DAO that, upon receiving ETH, immediately called the split function again — repeatedly draining ETH in a loop before the balance was ever updated. This is the reentrancy attack pattern.

✓The DAO: crowdfunded $150M in ETH as decentralized venture fund (April-May 2016)
✓11,000 token holders voted on project funding via on-chain governance
✓Split function: allowed dissenters to exit with their ETH share — contained the bug
✓Reentrancy vulnerability: send ETH before updating balance → recursive withdrawal loop
✓Warning signs: multiple security researchers flagged risks before the attack
✓Scale: The DAO held 14% of all ETH in circulation at the time

The Hack: June 17, 2016

On June 17, 2016, an attacker began exploiting the reentrancy bug. By looping the withdrawal call recursively, they drained 3.6 million ETH over several hours — worth approximately $60M at the time, representing a significant portion of all ETH in existence. The exploit was visible on-chain as it was happening; the Ethereum community watched in real-time as millions were drained.

Critical detail: the stolen ETH was held in a child DAO with a 28-day lock period before it could be moved. This gave the Ethereum community a window — roughly 28 days — to respond before the attacker could access the funds. This window became the battlefield for one of the most intense governance debates in crypto history.

The attacker actually posted an 'open letter' claiming the exploit was legal — they had used the smart contract's code as written and weren't violating any rules. From a 'code is law' perspective, the exploit was arguably valid: the contract did exactly what its code specified. The attack sparked an immediate debate: should Ethereum 'code is law' or should the community intervene?

✓June 17, 2016: reentrancy exploit drained 3.6 million ETH (~$60M)
✓28-day lock: stolen ETH held in child DAO before movable
✓On-chain visibility: community watched the hack in real-time
✓Attacker's 'legal' claim: exploited code's actual behavior, not a bug in their view
✓'Code is law' debate: should immutable blockchains be altered to fix exploits?
✓28-day window: time pressure created urgency for governance response

The Fork: ETH vs ETC and the Governance Choice

The Ethereum Foundation and Vitalik Buterin proposed a hard fork to move the stolen ETH from the child DAO back to a recovery contract, effectively reversing the hack. A community vote (weighted by ETH holdings) showed roughly 87% support. On July 20, 2016, the hard fork activated at block 1,920,000 — returning 12.3M ETH to original DAO holders.

Not everyone accepted the fork. A minority of the community continued running the original pre-fork chain, arguing that reversing transactions violated the fundamental promise of blockchain immutability. This chain became Ethereum Classic (ETC). Both chains share the same history up to block 1,919,999; after that point, they diverge permanently.

The split created a lasting debate: ETH holders argue that pragmatic governance (fixing catastrophic bugs) is necessary for a useful platform. ETC holders argue that 'code is law' immutability is the entire point of a blockchain — any rollback destroys trust in finality. Both chains still exist today; ETH has grown enormously while ETC has remained a niche project.

✓Hard fork proposal: Vitalik Buterin proposed reversing the hack via chain reorg
✓Vote: ~87% ETH-weighted support for the fork
✓Fork activated: block 1,920,000, July 20, 2016
✓Ethereum Classic (ETC): minority continued original chain — 'code is law' principle
✓ETH/ETC split: same history before block 1,919,999, diverge permanently after
✓Legacy debate: ETH (pragmatic governance) vs ETC (immutability absolutism) continues

Frequently Asked Questions About The DAO Hack

Learn From Crypto History to Build Better

The DAO hack is a reminder that smart contracts are code, and code can have bugs. MineXrpOnline uses established, audited infrastructure to generate your daily XRP earnings — learning from 15+ years of blockchain security history.

Earn XRP Securely