Definition and history of DAOs
The term DAO is generally understood to refer to an “organisation” (although as we discuss below it is frequently not possible or straightforward to identify a juridically recognisable entity), the activities and governance of which are managed – in whole or in part – by decentralised code rather than a traditional leadership or management structure. Decisions, and associated voting, are generally dealt with through decentralised ledger technology.
An early example of a DAO is “TheDAO”, which was launched in 2016 and was intended to be an Ethereum-based autonomous, investor-directed, fund management / venture capital vehicle, without fund managers. Rather, investment decisions were to be made by “voting” by token-holders, with the rules for the process contained in self-executing smart contracts. TheDAO raised some US$150 million over a 4 week token sale. But there was a vulnerability in the code and around US$50 million was diverted before TheDAO even became operational. In the event, the losses to the investors were largely made good by a controversial hard fork of the Ethereum network, but TheDAO was, unsurprisingly, doomed. TheDAO provides an early example both of a DAO, and of the risks that may go along with DAOs.
The DAO philosophy
As the name implies, at the heart of DAOs are the twin principles of decentralisation and autonomy. These concepts are integral to the blockchain and crypto landscape. A DAO, in its purest form, functions without a traditional management hierarchy or centralised decision-making authority. Instead, it relies on self-executing code, known as smart contracts, to facilitate organisational functions. This approach strives for a “trustless” environment, where participants do not need to trust each other to ensure that the organisation operates as intended. Purpose and intent are elements baked in from inception. By removing the need to trust other participants in a DAO, the intention is to promote predictable and transparent functionality, without the need to trust in management or the discretion of the directors.
In theory, transparency and predictability is guaranteed by the promise that decisions will be determined algorithmically, and smart contracts will self-execute based on rules, set out in code that is open for inspection by anyone.
DAOs in practice
In practice, however, DAOs exist on a spectrum. Few DAOs adhere universally to the core principles of decentralisation and autonomy. Many resemble traditional organisations, but use smart contracts for limited, discrete purposes. Sometimes this amounts to little more than a branding strategy. So-called “hybrid” DAOs often retain elements of centralisation or require human intervention for operational continuity, raising questions about the extent to which they embody the DAO philosophy. Even in the case of organisations that sit at the purer end of the philosophical spectrum (in which smart contracts represent the primary means of decision-making), there remains a degree of day-to-day management by founders or key investors; indeed this may stem simply from the fact that the founders and key investors will hold large numbers of token, and usually each token carries a vote. As such, hybrid DAOs remain vulnerable to risks that are common to all corporate entities, including bias, negligence and fraud.
While smart contracts enable DAOs to operate independently of human oversight, the rigidity inherent in a smart contract's code can be both a strength and a liability. DAO smart contracts are akin to a company’s articles of association, establishing the organisation’s framework, voting mechanisms, and other key processes. However, like any predefined set of rules, smart contracts are limited by their initial programming, which may not account for unforeseen circumstances. When a novel issue arises, DAOs lack the flexible decision-making structure of traditional organisations, where boards or executives can exercise discretion. The emergence of the unexpected vulnerability in TheDAO provides a case in point, where it took action by the general Ethereum community to safeguard the relevant investors.
DAOs seek to handle this limitation in two ways: by reserving authority to developers to manage the smart contract and/or by use of the voting rights attached to the tokens issued to participants.
In the case of most DAOs, the original developers or founders of the DAO retain control over the code, allowing them to modify the smart contracts if an unexpected situation arises. This is a straightforward mechanism and allows the DAO to adapt quickly to changing circumstances. At the same time, allowing specific individuals to retain decision making authority means the DAO is not truly decentralised, since changes to the smart contract may be made unilaterally. Participants therefore have to trust the developers’ intentions and technical expertise.
Some DAOs have opted to deal with this by adopting a form of democratisation: issuing crypto-tokens to participants, granting them voting rights proportional to their token holdings, much as shareholders have authority to take certain decision about the running of a corporation. Token-based voting systems may – assuming that the rules contemplate this – allow DAOs to reach a consensus on changes to the smart contracts. While this may seem more decentralised (and so more in accordance with the core philosophy), as with any share-based voting system, there remains the risk that decision-making power could be concentrated in the hands of a small number of token holders who between them hold the necessary voting power to effect, or to block, decisions. This risk is exacerbated for DAOs since owners of crypto-tokens may be concealed or anonymous. It may be near impossible for prospective participants in a DAO to determine whether a majority of voting tokens are controlled by a vested interest.
These difficulties explain why so few DAOs are truly "pure". Whatever mechanisms are used to take decisions that the code cannot determine, they invariably introduce elements of centralisation or human discretion, both of which can compromise the DAO’s decentralised and autonomous nature. This also means the DAO cannot be truly trustless.
Legal nature, and jurisdictional issues
From a juridical perspective, there are linked issues which may give rise to knotty challenges when dealing with a DAO: first, what is it – that is, precisely what type of entity (if any) is one dealing with (and what system of law governs that question). Second, where is it – for example where and how can it or relevant individuals be served with legal proceedings? Traditional corporations have easily identifiable legal identity and personality, and operate (from a constitutional point of view) under the jurisdiction of the country in which they are incorporated. The law of the place of a company's incorporation is profoundly determinative of its operation and its obligations: usually including at least some of its tax liabilities, regulatory requirements, and legal standing. That law also usually governs the duties to the corporation of those who manage it or cause it to act.
DAOs, however, often avoid formal incorporation, viewing it as antithetical to their decentralised nature. The purpose of decentralisation is to exist purely in the digital realm. Most DAOs will decline to hold or deal in fiat currencies for similar reasons: to avoid becoming entangled in a particular state's monetary system. In this way, DAOs strive to evade the regulatory reach of any single jurisdiction. Some DAOs incorporate a legal entity in order to interact with the “real world” (e.g. to open bank accounts, to contract with service providers or resources such as GitHub, or to hold IP) but in such cases those identifiable entities are often of subsidiary importance and may well not serve as a satisfactory proxy in relation to legal or insolvency proceedings. In the case of a “pure” DAO, the reluctance expressly to adopt an identified legal personality or structure can give rise to novel legal difficulties when something goes wrong. Absent a formal corporate structure, courts or regulatory authorities may classify DAOs as some other form of entity or structure.
Although cross-border partnerships and the like are relatively common, the nature of a DAO may amplify the analytical problems that can arise. The distributed ledger technology which underpins a DAO may be spread across any number of jurisdictions. Likewise the participants who, to add to the complexity, may be impossible to identify at least exhaustively.
Under English law – if English law applies to the question in the first place – it is possible that where a DAO is formed for the purpose of investing for profit or otherwise operating for profit, there may be a general partnership (under section 2 of the Partnership Act 1890). This may be important if a disaffected investor wants to take proceedings to recover losses. However, it may not be straightforward to identify who, and where, the relevant putative partners are. Their domicile, and the place of central administration of the partnership, will be relevant to these conflicts of laws questions.
Another possibility under English law is the unincorporated association, and/or a trust structure. In litigation in the US concerning the Ooki DAO and also the bZx DAO, DAO token holders have been found to be members of an unincorporated association within the meaning of relevant local legislation.
Each of these possible characterisations is capable of producing surprising or unintended consequences, such as broad exposure to liability in the case of a general partnership being found to exist under English law.
Some DAOs have recognised the trade off inherent in incorporation: while the organisation may be tied to a specific jurisdiction (and so face the liabilities that flow from that decision), it also offers protections, including limited liability, protecting shareholders from liabilities beyond that which they taken on voluntarily.
Indeed, some jurisdictions are becoming increasingly favourable to the establishment of DAOs. The state of Wyoming in the USA now allows certain DAOs, described as unincorporated non-profit DAOs, to register in the state as "decentralized unincorporated non-profit associations” ("DUNAs"). Participants in DUNAs have the benefit of limited liability and discrete legal character, but, at the same time, registration brings with it a degree of regulatory oversight – and most notably prohibits profit generation unless it is applied towards the organisation's non-profit purposes.
Other US states also recognise DAOs in one form or another. Tennessee permits the registration of decentralised organisations, whereas Vermont allows the incorporation of blockchain-based LLCs. In the Marshall Islands, the DAO Act 2022 enables DAOs to be incorporated as companies with limited liability. It seems likely that more and more governments will start to grapple with DAOs in various, idiosyncratic ways. This will mean that DAOs around the world will have to give serious thought to these trade-offs.
Fraud
While DAOs are designed to promote transparency and trustlessness, they also create opportunities for malign actors to defraud unexpecting participants. No organisation is totally immune to fraud and cybercrime, whether operating in the DeFi world or in traditional financial services. External threats are sophisticated and endemic, and DAOs are no exception. DAOs have been used to launder money and to sidestep regulatory and criminal oversight, and, while some DAOs may profess to be both decentralised and autonomous, upon inspection, this may be little more than a good cover story.
Some examples reveal how malign actors have used the principles at the heart of DAOs, decentralisation and autonomy, for financial gain.
First, decentralisation: any DAO that is governed by tokenholders’ voting is subject to the whims of the majority of those tokenholders, just as majority shareholders of companies will often have overall control. But although a DAO may profess to be decentralised with no overall control, such claims merit closer examination, because majority control of DAO tokens can be easily concealed. This is one often crucial area where DAOs diverge from traditional corporate ownership transparency, such as to give rise to increased risk.
This was the case for the Ooki DAO, an ostensibly decentralised organisation that used the DAO structure to conceal majority control. Investigation by the US Commodity Futures Trading Commission revealed that the DAO's founders retained a controlling influence over Ooki DAO, despite giving it the semblance of decentralised, and democratised, community governance.
Equally, autonomy is a difficult principle to guarantee. Smart contracts are simply code, and code is rarely perfect. Mango Markets advertised itself as a "safer, smarter, faster" way to interact with DeFi, being governed by a DAO that issued tokens, known as MNGO tokens. These tokens were unregistered and traded outside of traditional financial markets. It was later discovered that the value of the tokens had been manipulated by exploiting weaknesses in the underlying smart contract's protocol. The US Securities and Exchange Commission brought charges against Mango DAO and others, alleging that "by skirting the SEC’s registration provisions, Mango DAO, Blockworks Foundation, and Mango Labs deprived investors of critical protections afforded by the federal securities laws". It was recently announced that all MNGO tokens will be destroyed.
Company law in many jurisdictions offers ways of protecting against these sorts of malign control/deception risks. In the UK, a shareholder may investigate a company before investing, including by undertaking due diligence on its ultimate beneficial owners and published financial information. Once committed, a shareholder may benefit from safeguards against unfairly prejudicial conduct of the majority. But these black letter law protections will not benefit participants in DAOs.
Insolvency
Just as other traditional legal frameworks do not map neatly onto DAOs, it is unclear how many DAOs will come to an end. They are certainly not immune from financial distress, and courts will have to tackle how to untangle very untraditional holdings of assets and distributed liabilities among the participants in (and creditors of) a DAO.
Without recognisable legal form, many DAOs will fall outside of insolvency legislation or outside the reach of the English insolvency courts. DAOs which can be shown to be English law general partnerships will not be immune to English law insolvency procedures, but as we have discussed above, showing that a DAO should be characterised as an English law partnership may be far from straightforward (and assembling the necessary material may be time-consuming and costly). A degree of imagination may be necessary to effectively or practically dissolve DAOs that are no longer viable, and distribute any remaining assets.
Hector DAO is a good example of the complexities that can arise when DAOs face financial and existential challenges. Hector DAO managed a complex array of crypto-asset investments through smart contracts, but without centralised control. In early 2024, it faced financial difficulties, with no clear way of addressing the DAO's mounting debt. Token holders and developers, all of whom held some level of decision-making authority, struggled to take control of the organisation’s deteriorating financial health.
Hector DAO was ultimately placed under joint receivership in the BVI following which a US Bankruptcy Court, for the first time, recognised the DAO as a debtor invoking Chapter 15 of the US Bankruptcy Code.
However, this decision also raises questions about the enforceability of insolvency proceedings against DAOs. Since DAOs lack a centralised authority or physical presence, implementing court orders or distributing assets may become logistically and juridically challenging.
Conclusion
DAOs capture the true essence of DeFi and that can draw people in, sometimes with evangelical fervour and blind faith in the principles. However, DAOs are not immune to abuse. The legal challenges facing DAOs and their participants in cases of fraud and insolvency underscore the need for a thoughtful approach to regulation, governance, and legal compliance. For clients in the crypto and DeFi sectors, understanding DAOs is crucial to leveraging their potential benefits. But while DAOs represent a groundbreaking organisational model with the potential to redefine corporate governance and participation, the decentralised and autonomous philosophy that gives them their appeal also leaves them open to manipulation and can render efforts at redress particularly challenging.
As the legal landscape around DAOs continues to evolve, participants must be vigilant in assessing the risks and practical implications of interacting with these entities. Be sure you understand how an organisation works, and who is in control. Insist on protections that you can rely on. Have an exit strategy. By conducting proper due diligence, consulting legal and technical experts, and remaining informed about regulatory developments, investors can make informed decisions about involvement with DAOs and protect their interests in this exciting but rapidly changing environment.
Authors
Aidan Casey KC is a leading commercial barrister at 33 Chancery Lane Chambers, specialising in civil fraud, offshore work, and commercial and chancery litigation and arbitration. He regularly deals with cryptocurrency cases.
Jonathan Brogden (Partner and Head of Crypto Disputes) and Alexander Bradley-Sitch (Associate) are part of the Commercial Disputes team of DAC Beachcroft LLP. They regularly advise clients on disputes and investigations relating to cryptocurrencies, DeFi and FinTech.
