Even today, Decentralised Autonomous Organisations (DAOs) have assets under management worth billions of dollars. In the metaverse, DAOs may be used to capitalise and manage new metaverse platforms as well as fund and govern collaboration within existing metaverse platforms. These novel types of organisations offer a means to decentralisation, providing greater transparency and transaction certainty while potentially reducing transaction costs. However, whilst some might consider DAOs to be essential pillars of the future metaverse, their decentralised and autonomous nature also raise fundamental legal risks to be managed.

What is a DAO and how do they work?

A DAO essentially enables a community of like-minded people to collaborate on a project and to contribute and decide how that project should function. The DAO itself is a self-governing organisation constituted and managed by its members in accordance with self-executing rules. These rules are stored in a complex smart contract, usually deployed on a public permissionless blockchain. DAO communities therefore have no central authority and are owned and controlled by their members.

Funding of the DAO is typically achieved by a token issuance and the members – the token holders – are given voting rights in proportion to their holding. A DAO’s smart contract governed decision-making is based on consensus reached through token holder voting. Though DAOs may be structured in various ways, usually its projects and assets are directly managed by the community as a whole (and not a small group of founders) and the profits shared between the token holders.

Current examples of DAOs in action in the metaverse today include Decentraland (in which JP Morgan has opened a virtual lounge) and The Sandbox (in which HSBC has bought up “land” and Softbank has invested $93 million).

DAOs for decentralisation and collaboration 

If the metaverse is the next iteration of the internet, one of the differences from today’s Web2 internet is likely to be decentralisation. Whilst Web2 involves user-generated content stored in a centralised servers - generally owned by Big Tech platforms - the Web3 vision is for an open source decentralised internet, based on public blockchains. This blockchain-enabled internet could support a series of interconnected metaverse platforms, hosting the “virtual reality” digital economy that promises so much opportunity.

Looking ahead, DAOs could provide a vehicle for collaboration on decentralised projects in the metaverse, for example by providing the framework for joint-ventures offering new virtual services and products. Due to the self-executing nature of smart contracts deployed on a public blockchain (which is available for inspection by all), decision making happens according to the DAO rules both automatically and with full transparency while transaction costs are minimised. Provided the DAO protocols work as intended, and there are no fraudulent actors at play (see below), DAO members minority rights - as set out in the smart contract - would be automatically enforced in the digital world with more certainties than in in the real world (thereby reducing the need to enforce those rights through the courts).

DAO shortcomings

There have however been some very public examples of DAO failures - one of the most notorious examples of which was “The DAO” hack where a loophole in the smart contract allowed $70m worth of Ether to be drained. These failures highlight the shortcomings of decentralisation, where the rules of organisations are automatically executed by computers and not with the reasonable discretion of human beings. They  illustrate how DAO protocols can be vulnerable to unforeseeable tech failures and hacking – which can result in significant theft of its assets and data breaches.

The governance system of a DAO is only as good as the underlying smart contract and may also therefore be vulnerable to fraud. Similarly, a smart contract can only self-execute within the self-contained system of the blockchain meaning interfaces with the “real world” may be manipulated by human interference. 

DAOs proliferating in the decentralised finance (DeFi) space, such as Uniswap and Aave, may also be subject to some form of existing - or future - financial regulation, but the extent of this will in many cases be uncertain. This means limited consumer and investor protections for financial loss and potential liability for founders.

Key legal issues

DAO shortcomings are often coupled with immature compliance frameworks common in start-up culture and scaling techs, and business immaturity in the DeFi market where a common phrase is “code is law” (there may be no traditional terms and conditions for transactions governed by protocols and smart contracts). Essentially, the transposition of trust into technology, the decentralised nature of DOAs and their international set-up raise a number of fundamental legal uncertainties:

  • Ownership rights: What legal rights does ownership of a DAO token give you?

  • Accountability/liability in a decentralised scenario: Who is liable when a smart contract goes wrong? Who is liable when a DAO protocol fails to work as designed? Are DAO members (i.e. token holders) jointly liable for the DAO’s actions?

  • Conflict of law/jurisdictional issues: Assuming you have a valid claim and claimant to sue (e.g. a member of a DAO or the DAO itself) what laws apply and where can you open proceedings?

  • Questions around legal enforcement: Can DAO tokens by seized or frozen by order or injunction; can DAOs be compelled to reveal the identity of their users?

Some of these challenges are currently being addressed by new laws (e.g. the US state of Wyoming’s DAO LLC Law granting company status to DAOs) and there constantly evolving legal discussions around the world, but as of today, severe legal risks remain.

Risk management

Given the high level of risk and reward generally associated with decentralised ventures, when contemplating collaborations via or investments in DAOs in the metaverse, the relevant parties need to do their homework:

  • Investors: are advised to spend time and energy researching the DAOs’ smart contracts and protocols: e.g. to assess their security, to test the smart contract code if possible and to leverage reputable smart contract audit/validation services.

  • Founders: need to actively consider risks – including legal risks – as well as management strategies and approaches to protecting their exposures from the legal uncertainties outlined above. They should be well prepared to assure investors that appropriate security and risk governance is in place.

  • DAO members: should be aware of the potential liability risks assumed simply by entering a DAO. Under German law for example, a DAO may constitute a partnership creating joint liability between DAO members and vis-à-vis third parties) for all the DAO’s future liabilities.

As with all dealings in the future metaverse, a proactive approach will be required to help ensure risk is successfully managed in order to leverage the advantages of DAOs whilst avoiding the pitfalls.

Read the full Metaverse blog series here Contemplating the metaverse: Opportunities and risks (linklaters.com)