It misses the point that the "contract" is also code, and contained a legitimate bug. Exploitation of that bug in most places would be a crime.
If I figure out that an ATM spits out hundred dollar bills every time I type in a certain pin, that's a crime. I don't get to make the claim that I was rightfully using the ATM.
The quote that "The DAO’s code controls and sets forth all terms of The DAO Creation" is a disclaimer that is meant to protect the DAO from those who would seek to imply some sort of guarantee or warranty from the organization. In other words if the attacker makes off with the funds, and the DAO decides to keep the code as is, then as an investor I have no recourse against the DAO.
Ultimately the letter misses the main point. The DAO token holders are free to amend the contract code as they see fit thru consensus. The disclaimer never states the contract can't change. And even if it did, the idea that their would be some legal recourse for the attacker, should the community decide to fork, is hilarious.
So the letter comes across to me as something an immature troller would write. I'd be suprised if most sophisticated DAO token holders took it seriously.
But they so explicitly point to the code as the source of truth for the contract. Banking and trading firms use teams of lawyers to find loopholes in contracts and laws all the time. Why would digital contracts (code) not have the same level of scrutiny / unscrupulous behaviour? Guaranteed if big money is at play in the system non-code based exploits will be used by firms just as often.
The parties of any contract are free to amend the contract. You're referring to a situation in which one party of a two party contract seeks to exploit the terms.
In this case, which has an enourmas number of parties to the contract, 99.9% agree to amend the contract.
I don't thinks much legal precedent for a contract with thousands of parties, but it also means that there's no simple legal "source of truth" to the contract.
IANAL, but as far as I know, traditional contracts can be amended - under the condition that all concerned parties agree to the changes. Not 99.9% of the parties, all of them. As you say, that may be impractical with such a big number of parties, but impracticalities don't change the law.
In fact, before the incident, Ethereum's rules were even stricter as in that there was no way at all to amend a contract. Which is why the current strategy against the attack is to modify Ethereum itself and hard code the attackers wallet into the platform code. The ones who are to "vote" on that proposal (because they are the only ones with the power to implement it) are the miners, not the DAO holders.
I think this would be comparable with making a contract with a bunch of MPs - and when they find that the contract can be exploited, they lobby to amend contract law itself and add a clause that deals specifically with your contract.
What does that matter if the terms are changed?? The attacker exploited a contract that will be given new terms by the vast majority of the parties involved, which prevents his exploit.
You could possibly claim that the contract requires 100% of all parties involved to amend, but I don't think a contract with such a larger number of parties has ever been dealt with by any legal system.
Add to that, that the attacker almost certainly committed computer fraud, and the attacker seems to have little ground to stand on. Contracts (or loopholes in them) don't give you the right to break other laws.
It misses the point that the "contract" is also code, and contained a legitimate bug. Exploitation of that bug in most places would be a crime.
If I figure out that an ATM spits out hundred dollar bills every time I type in a certain pin, that's a crime. I don't get to make the claim that I was rightfully using the ATM.
The quote that "The DAO’s code controls and sets forth all terms of The DAO Creation" is a disclaimer that is meant to protect the DAO from those who would seek to imply some sort of guarantee or warranty from the organization. In other words if the attacker makes off with the funds, and the DAO decides to keep the code as is, then as an investor I have no recourse against the DAO.
Ultimately the letter misses the main point. The DAO token holders are free to amend the contract code as they see fit thru consensus. The disclaimer never states the contract can't change. And even if it did, the idea that their would be some legal recourse for the attacker, should the community decide to fork, is hilarious.
So the letter comes across to me as something an immature troller would write. I'd be suprised if most sophisticated DAO token holders took it seriously.