Griff Green: The DAO hack ignited Ethereum’s security industry, $200 million in unclaimed funds remain, and why crypto operates as a push tool

Key takeaways

• The DAO hack played a crucial role in kickstarting the security industry within the Ethereum ecosystem.
• The DAO security fund will manage unclaimed funds from the DAO hack, now valued at approximately $200 million.
• Unique among crypto hacks, the DAO hack resulted in all affected parties recovering their funds.
• Constructive criticism can lead to better outcomes in crypto projects if approached with an open mind.
• Security in Ethereum and crypto needs significant improvement for user safety.
• The DAO incident was pivotal for the development of DAOs and smart contract security in Ethereum.
• The DAO’s design allowed for the creation of sub-DAOs, leading to the formation of hundreds after the hard fork.
• The hard fork consolidated ETH from DAO contracts for claims, impacting its financial management.
• Crypto operates as a push tool, contrasting with traditional banking’s pull method.
• Claims for DAO funds are open indefinitely, ensuring long-term accessibility.
• The DAO space is at a low point, needing better bottom-up decision-making tools.
• Ethereum security projects and Layer 2 solutions are the primary focus of current grants.
• The Ethereum Foundation collaborates with round operators for project funding.
• Hot wallets are insecure and can be exploited by scammers.
• The scamming industry is fueled by vulnerabilities in key storage, being a major cybercrime sector.

Guest intro

Griff Green is Co-Founder at Giveth, q/acc, and Unicorn.eth. One of the original DAO curators and a co-founder of the White Hat Group, he helped secure at-risk funds representing 10% of the total ETH supply during the 2016 DAO hack.

The DAO’s impact on Ethereum security

• “The DAO played a crucial role in kickstarting the security industry in Ethereum.” – Griff Green
• The DAO incident highlighted the need for improved security measures in the Ethereum ecosystem.
• “The DAO security fund will focus on managing leftover funds from the DAO hack, which are now worth approximately $200 million.” – Griff Green
• The DAO hack is unique because it resulted in all affected parties recovering their funds.
• “I think the DAO hack is like the only hack where everyone got their money back and everyone made money on top of it just kinda crazy to me.” – Griff Green
• Challenges and criticism can lead to better outcomes if approached with an open mind.
• “I think if you’re open minded to advice and you know the influence of other people and you take it as constructive you end up with a better outcome.” – Griff Green
• Security in Ethereum and crypto needs significant improvement to ensure user safety.
• “I feel like we’ve been kinda stuck in a rut for the last six years even but not making major progress on improving security for the normal layperson to feel comfortable putting their life savings into crypto assets.” – Griff Green

The evolution of DAOs and smart contracts

• “The DAO incident was a pivotal moment for the development of DAOs and smart contract security in Ethereum.” – Griff Green
• The DAO was designed to allow anyone to create sub-DAOs, leading to the formation of hundreds after the hard fork.
• “The way the DAO worked is like anyone who is in the DAO could actually spawn off a sub DAO… it formed hundreds of DAOs after it.” – Griff Green
• The hard fork took the ETH out of every contract associated with the DAO and consolidated it for claims.
• “When the hard fork happened it took the ETH out of every contract associated with the DAO… and put it in one place.” – Griff Green
• The recovery effort for the DAO resulted in reclaiming a significant amount of ETH.
• “Had child DAOs right they had split from the DAO… now there’s only about 2 ether left unclaimed.” – Griff Green
• A significant portion of the extra balance from the DAO token sale remains unclaimed.
• “That is by far the largest bucket this 20% of $34,400,000 ETH… about 70,000 ETH that’s unclaimed.” – Griff Green

Crypto as a push tool and its implications

• Crypto operates as a push tool, where users send funds to contracts, rather than pulling funds like traditional banking methods.
• “There’s something about crypto being like a push tool not a pull tool… people just push their money in the wrong places.” – Griff Green
• The withdraw contract ensures that 100 DAO tokens will always be worth 1 ETH.
• “It’s a contract that will forever collateralize 100 DAO tokens will always be worth 1 ETH.” – Griff Green
• Claims for DAO funds will always be open indefinitely, ensuring that no one will miss the opportunity to claim their funds.
• “The kind of like upshot is that for anybody who had money in the DAO… claims are open indefinitely.” – Griff Green
• The promotion of the DAO’s claims process may lead to an increase in individuals coming forward to claim their funds.
• “I hope that by doing this… someone will be like wait a second I had money in the DAO I need to go get that.” – Griff Green

Current challenges and future prospects for DAOs

• The DAO space is currently at a low point, and there’s a need for better bottom-up decision-making tools.
• “I feel like the DAO space is actually really at a low point probably the lowest… I wanna see us derive actual bottom up decision making tools.” – Griff Green
• There will likely be several more revolutions this year, indicating a growing demand for decentralized governance tools.
• “There were three revolutions last year… and there’s gonna be more this year.” – Griff Green
• The focus will be on DAO-style distributions for funding security initiatives, utilizing various decision-making methods.
• “We’re gonna focus on DAO style distributions… retro funding quadratic funding conviction voting maybe an RFP.” – Griff Green
• The focus of our grants is primarily on Ethereum security projects and Layer 2 solutions.
• “We’re mostly focused on Ethereum security projects… we’re really focused on Ethereum and L2s.” – Griff Green

The importance of collaboration in Ethereum’s security ecosystem

• The Ethereum Foundation’s grants management process involves collaboration with round operators to manage project funding.
• “We’re working directly with them to decide which projects would be eligible for the rounds.” – Griff Green
• Seal 911 is a critical initiative for providing immediate assistance to individuals who have been hacked or phished.
• “They are the frontline when someone gets hacked or phished and they need help you call Seal 911.” – Griff Green
• Hot wallets are fundamentally insecure and can be exploited by scammers.
• “Hot wallets are a bug that account that you have on Metamask or Ravi… you’re effectively fueling a huge industry of scammers.” – Griff Green
• A systemic approach is needed to improve wallet security rather than relying on a single solution.
• “We need an ecosystem of support… it’s not like there’s gonna be one magical solution.” – Griff Green

The human element behind scams and the need for better security

• The scamming industry is one of the largest cybercrime industries, fueled by vulnerabilities in how keys are stored.
• “The main thing fueling it is keys in your browser… it’s one of the largest cybercrime industry.” – Griff Green
• Many scammers are victims themselves, often coerced into their roles.
• “A lot of the scammers that you interact with… they’re basically enslaved in these camps.” – Griff Green
• Walrus enables developers to encrypt data and control access, facilitating innovative applications.
• “Walrus lets developers encrypt data with our primitive called seal… everything is enforced on chain.” – Griff Green
• Current DAOs are primarily focused on corporate governance, which limits their potential.
• “I was excited about building something better than governments… the current application of DAOs is mostly for corporate governance.” – Griff Green

Enhancing decision-making in DAOs through innovative tools

• Quadratic funding and algorithmic voting tools are essential for effective decision-making in DAOs.
• “The only tools I’ve seen come out that actually address this is quadratic funding… those are the tools that I’m really excited about.” – Griff Green
• The future of DAOs will involve more collective decision-making with larger groups of people.
• “I wanna see 200 500 people be decision makers and collectively come to a consensus.” – Griff Green
• The security of funds in old contracts is risky due to outdated technology and potential vulnerabilities.
• “The security of these funds it’s not bad but it’s a little risky for $200,000,000 to be sitting in this old contract.” – Griff Green
• Old multisig contracts lack the infrastructure to safely manage transactions compared to newer solutions.
• “The infrastructure around these funds is not really the old multisig doesn’t have the infrastructure that safe does.” – Griff Green

The DAO’s strategic approach to funding and collaboration

• The DAO plans to distribute grants based on the current yield from Ether, which is projected to be around $8 million this year.
• “Right now with the price of Ether as it is it would generate about $8,000,000 in yield this year.” – Griff Green
• The DAO will take a cautious approach to grant distribution to avoid the mistakes of other DAOs that overspend too quickly.
• “We’re not gonna repeat that mistake we’re gonna go slow we’re gonna get our feet under ourselves.” – Griff Green
• The DAO aims to collaborate with the broader Ethereum ecosystem to identify and fund security initiatives.
• “We need to be working with L2s large dapps wallets and all the entire ecosystem to figure out what these problems are.” – Griff Green
• The role of curators in the DAO was to validate proposals and ensure the legitimacy of both the proposer and the code involved.
• “Their role was to make sure that for anybody who made a proposal that they were who they like the connection between who they were and the proposal was like legit.” – Griff Green

Security enhancements and the role of leadership in Ethereum

• Vitalik and Vlad remained involved in the DAO after the hack, demonstrating their commitment to the project.
• “But Vitalik and Vlad stayed on and then so they’re they’re still OG.” – Griff Green
• The DAO security fund will now manage claims with an expanded team of curators.
• “The DAO security fund itself is gonna now manage those claims and we’re by doing that we’re actually gonna have seven new curators.” – Griff Green
• Vitalik’s active involvement in the DAO shows the importance of security for Ethereum.
• “It shows how important security is for Ethereum to have the founder be active in this.” – Griff Green
• Ethereum is the most secure blockchain, but it still requires improvements.
• “I think it can be I think it still needs improvements all of them do we’re not there yet.” – Griff Green

User security and the importance of operational security

• Users should prioritize using hardware wallets for better security.
• “For the users… buy a hardware wallet don’t store your keys on your computer… it’s worth it.” – Griff Green
• Developers often underestimate the importance of operational security (opsec).
• “I think probably the thing that most developers don’t appreciate the most is opsec.” – Griff Green
• Operational security is crucial for blockchain developers and founders.
• “Operational security is probably the most important thing that any blockchain developer could do or founder.” – Griff Green
• Hackers can exploit vulnerabilities in code repositories to install malware.
• “You can’t just run someone else’s code on your computer… npm just like auto installs some malware.” – Griff Green

Reputation, user experience, and the value of historical resources

• Reputation is worth significantly more than money in the long run.
• “I think like reputation is worth way more than money way more than money.” – Griff Green
• The hardest part of rescuing funds is returning them to the rightful owners.
• “You can rescue the money in a couple of seconds… the grueling hardest part is just trying to give it back to people.” – Griff Green
• Taylor Monahan’s tool significantly improved the user experience for claiming DAO tokens.
• “Taylor made this incredible user experience where you could click one button with your key and you would claim on etc.” – Griff Green
• His book is considered the best resource on the early days of Ethereum and the DAO.
• “Your book is by far the number one resource on early days Ethereum but especially the DAO.” – Griff Green