The 2016 DAO Fork — How Ethereum Classic Got Its Name
The Ethereum Foundation forked the original chain and applied the ETH name to the new chain. The original, unmodified chain became Ethereum Classic.
The original Ethereum chain — operating since the July 2015 genesis block — continued unmodified after the 2016 fork. The Ethereum Foundation applied the ETH name and ticker to the new chain; the global community recognised the original as Ethereum Classic. This is the sequence of events — and who fought to suppress it.
The DAO Crowdsale
EventSlock.it deploys The DAO smart contract; members of the public send it ETH in exchange for DAO tokens. The crowdsale closes on May 27 raising $150 million — the world's largest crowdfund at the time. Approximately 14% of all circulating ETH becomes locked in a single contract. When the Ethereum Foundation created a new chain in July 2016, this ETH remained on the original chain — intact, in its pre-exploit state.
The DAO Exploit
EventAn attacker exploits a recursive call vulnerability in The DAO, which holds roughly 14% of all circulating ETH. The Robin Hood Group (RHG) drains the remaining DAO funds into a child DAO they control, citing intent to secure them until after the planned hard fork.
The Hard Fork — The Ethereum Foundation Creates a New Chain
Defining MomentThe Ethereum Foundation implements an irregular state change, creating a new chain that reverses the DAO exploit. The Foundation applies the Ethereum name, brand, and ETH ticker to this new chain. The original chain — operating continuously and unmodified since the July 2015 genesis block — retains the full original state, including the 72,009,991-token genesis supply and the RHG's child DAO position. The global community names the original chain Ethereum Classic; exchanges assign it the ETC ticker.
Poloniex Lists ETC
EventThree days after the fork, Poloniex lists the original chain under the ETC ticker — one of the first uses of the Ethereum Classic name — against expectations: the Ethereum Foundation had told exchanges the original chain would have little to no community interest or value. Poloniex's listing triggers an immediate price discovery market and signals that the original chain would not disappear. Many exchanges quickly follow. This unexpected survival is the direct context for the suppression activity that follows.
Internal Ethereum Foundation Communications Circulated
EventA screenshot of a Skype group labeled "Ethereum foundation [internal only]" (36 participants) is circulated publicly. It shows participants discussing ETC following the fork. Fabian Vogelsteller (author of the ERC-20 standard) writes "Just did. Haha. Nice free money" and "Hopefully it stays a coin like expanse with no real value."
Requests to Delete Public Posts
EventLefteris Karapetsas (Ethereum core developer) sends a direct message on July 28 asking a Reddit user to delete a comment explaining the contract being used, noting "the zero hour to attack the DAO...is really close." Griff Green (Slockit community manager) separately messages the same user to delete posts "especially about the paid out and similar things." Both messages are screenshotted and published.
51Pool — Coordinated Hashrate Attack
EventETH-aligned participants form a mining pool called 51Pool.org with the stated intent to destroy the ETC network through a sustained 51% hashrate attack. The pool fails to accumulate sufficient hashrate as ETHash miners instead commit resources to mining ETC. By August 1, the mining pools publicly declare they will not attack ETC.
Alex van de Sande Reverses Public Position
EventAlex van de Sande (Ethereum Foundation) had publicly led the white hat counter-attack on June 21 — tweeting "DAO IS BEING SECURELY DRAINED. DO NOT PANIC." and "we launched our white hat counter attack." On August 8, he publicly states: "TLDR: I had nothing to do with it."
2,987,009 ETC Transferred to Exchanges
EventApproximately 2,987,009 ETC is transferred from the White Hat multisig (0x1ac729d2db43103faf213cb9371d6b42ea7a830f) through a distribution contract to Poloniex, Kraken, Bittrex, and Yunbi. Poloniex and Kraken freeze the deposits. The ETC reaching Bittrex and Yunbi is sold via market orders on August 10, contributing to a sharp price decline that day.
RHG Follow-Up Statement
EventJordi Baylina posts a follow-up on Reddit disclosing that signals were received "from the greater community to distribute these ETC in ETH, to continue to support Ethereum projects," that the first transfers took place on August 9 without prior public announcement, and that exchanges are being asked to return the frozen funds to multisig wallets.
DAO Funds Unlock on ETC
EventBeyond the RHG's child DAO position, millions of additional ETC held by DAO token holders and the original attacker become accessible as the DAO's splitting mechanism completes on ETC. Large sell pressure hits the market. ETC's price holds remarkably well despite the sustained dumping across August, demonstrating sufficient buy-side demand to absorb the concentrated institutional sell-offs.
Grayscale Ethereum Classic Trust (ETCG) Established
InstitutionalGrayscale establishes the Ethereum Classic Trust approximately eight months after the August 2016 events. The trust becomes publicly quoted on OTCQX in May 2018, accessible through Charles Schwab, Fidelity, and Interactive Brokers — pioneering regulated institutional access to ETC. ETC is held in cold storage by Coinbase Custody under a 2.50% annual management fee. As of March 31, 2026, ETCG reports $89.31M in assets under management at 0.78020295 ETC per share.
ETC Cooperative Founded — Core Development Funded
InstitutionalThe ETC Cooperative is established as a US 501(c)(3) non-profit by Ethereum Classic's earliest core contributors. A 1% portion of Grayscale's ETCG management fee is donated to the Cooperative, making Grayscale the primary institutional funder of ETC's core development. The Cooperative has backed every hard fork, every client release, and every cross-client coordination effort since the Atlantis upgrade.
DAO Hacker Identified — Toby Hoenisch
EventJournalist Laura Shin, in a joint investigation with Chainalysis, identifies Austrian programmer Toby Hoenisch — co-founder and former CEO of TenX — as the likely perpetrator of the 2016 DAO hack. The investigation traced the stolen ETH to Bitcoin, through Wasabi Wallet mixing, de-mixed by Chainalysis to four exchanges, then converted to Grin (a privacy coin) and withdrawn to a non-custodial node named 'grin.toby.ai' — hosted on the same IP address as a node named 'TenX.' Hoenisch had previously written blog posts warning about the DAO's vulnerability before the hack. He denied the allegations, stating Shin's conclusion was 'factually inaccurate.' The investigation was published in Shin's book The Cryptopians.
"The DAO is back" — Unclaimed Funds Repurposed for Security
Present DayGriff Green announces that approximately 70,500 ETH from the ExtraBalance Withdrawal contract and ~4,600 ETH from TheDAO's Curator Multisig — funds with "no clear claimants" — will be deployed as TheDAO Security Fund, part of the Ethereum Foundation's Trillion Dollar Security initiative. About 20% of the original refund pool was never claimed; that ~$6M in 2016 is now estimated at ~$200 million. The funds will be staked, with revenue directed to Ethereum security grants via quadratic funding and retroactive mechanisms. Named curators include Vitalik Buterin and Jordi Baylina — the same Baylina who posted the 2016 follow-up acknowledging the ETC had been converted to ETH "to support Ethereum projects."