Skip to content
Est. MMXXVIVol. VI · № 273RSS
Blockchain Breaches

An archive of cryptocurrency security incidents — hacks, exploits, bridge failures and rug pulls, documented with on-chain evidence.

Dossier № 002Reentrancy

The DAO Reentrancy Hack

The DAO lost 3.6M ETH ($50M) to the textbook reentrancy bug, the heist that split Ethereum into ETH and Ethereum Classic and rewrote smart-contract development.

Date
Victim
The DAO
Chain(s)
Ethereum
Status
Partially Recovered

On June 17, 2016, an attacker drained 3.6 million ETH — roughly $50 million at the time — from The DAO, a decentralised investment fund built on Ethereum. The DAO had raised over $150 million in its token sale just a month earlier, making it the largest crowdfunding event in history up to that point.

What happened

The DAO's withdrawal function followed an unsafe pattern: it sent ETH to the caller before updating the caller's internal balance. When the recipient was a contract, Ethereum invoked the recipient's fallback function on receipt — and that fallback could call back into the original withdrawal function before the balance was decremented.

The attacker's contract did exactly this in a loop: receive ETH → re-enter the withdrawal → receive ETH → re-enter → repeat. By the time the balance was finally updated, the same DAO tokens had drained the contract many times over. The funds flowed into a "child DAO" controlled by the attacker, where a built-in time lock prevented immediate withdrawal.

Aftermath

  • Vitalik Buterin and most of the early Ethereum community supported a hard fork to roll back the theft.
  • On July 20, 2016, Ethereum's main chain executed the fork, sending the stolen funds to a recovery contract from which DAO token holders could redeem ETH.
  • A minority of users refused, citing immutability as a non-negotiable principle. They continued the original chain as Ethereum Classic (ETC), which still trades today.

Why it matters

The DAO is the founding incident of smart-contract security. It established:

  • The reentrancy pattern as the canonical Solidity bug — every audit checklist still leads with it.
  • The "checks-effects-interactions" pattern as the standard mitigation: update state before making external calls.
  • The philosophical fault-line between strict immutability and pragmatic governance that has shaped every protocol's emergency-response design since.

Nine years later, Curve's 2023 incident and Penpie showed that the original bug class is still finding new ways to recur.

Sources & on-chain evidence

  1. [01]blog.chain.linkhttps://blog.chain.link/reentrancy-attacks-and-the-dao-hack/
  2. [02]coindesk.comhttps://www.coindesk.com/consensus-magazine/2023/05/09/coindesk-turns-10-how-the-dao-hack-changed-ethereum-and-crypto
  3. [03]gemini.comhttps://www.gemini.com/cryptopedia/the-dao-hack-makerdao

Related filings