[sznurek]

Commenting on your second thought: I hoped that people behind DAO (and Ethereum?) will stick to the terms they themselves proposed but it seems they will push hard for forking the chain (see: Ethereum blog).

[street]

The DAO was officially introduced by slock.it with "the code of the contract is the absolute truth, any other description is just a guideline", which was hailed as a new miracle by the investors, but now that it doesn't mean mountains of gold the founding principles are suddenly not important anymore, it seems.

The "hacker" simply used the DAO as it was meant to be used (i.e. according to the smart contract code), and deserves the funds. If there is a hard fork, I hope he sues slock.it for controlling the DAO, and for stealing the funds he is owed according to their own terms ("The contract is king").

[rphlx]

Whenever they're about to lose, those with the power to do so usually change the rules to ensure they win. Cryptocurrency developers are rarely an exception to that.

Actually, the Bitcoin devs deserve a huge amount of credit for not attempting to "improve" the block reward or total supply during their multi-year bleed down from $1200->$200.

[jchrisa]

Maybe someone can write an insurance contract that future DAO authors can hire, as an alternative to interventions. It would have to be bug free.

[rspeer]

Step 1: Write an insurance contract against the malicious use of Ethereum

Step 2: Find someone foolish enough to accept the other side of the insurance contract, in a world where "insurance fraud" is no excuse

Step 3: Use Ethereum maliciously, stealing your own Ether under another identity

Step 4: Collect insurance

Step 5: Profit (in Ether)

Step 6: Good luck turning your Ether into actual money when people figure out how broken everything about it is

[genmon]

This is a smart response. The insurance company could also review the contract code in order to provide cover -- this would give investors extra confidence.

[vkou]

Suppose that I want to make a medical device, and I want to get liability insurance for when a bug in its code administers a lethal dose of radiation to a patient.

Is there any extant insurance company that would want to review my code in exchange for a lower premium?

If not, why would one be willing to do this for a flash-in-the-pan cryptocurrency, but not a useful, real-world device?

[rabidferret]

For an insurance policy like that, they wouldn't offer any policy without auditing the device, including the code.

[will_brown]

Something like this: https://news.ycombinator.com/item?id=11789829

[ricksplat]

Sounds like kernel space code.

[heroprotagonist]

It might also be a question of survival. If $36 million+ is drained from the DAO itself unintentionally at such an early stage, can they continue, and how confident can anyone be that their implementation will be successful if the reference implementation itself is not?

[themusicgod1]

If the DAO is not ready for survival now, then no amount of protecting it will make it ready for survival. What will make the DAO survive is code that only contains bugs that are too difficult to find relative to the value of finding them.