
Ethereum Is a Dark Forest - gottagetmac
https://medium.com/@danrobinson/ethereum-is-a-dark-forest-ecc5f0505dff
======
ballenf
Have a friend who lost more than $12k in the process of buying a house.
Scammers sent the wiring instructions a few hours before the legit closing
attorney sent the real instructions. The email looked _exactly_ right except
for a minor change to the domain name from address.

After one hour, wire transfers sent in error are no more recoverable than
crypto.

How the thieves knew so much about the process and timing is supposedly being
investigated, but no one is holding out much hope. And the attorneys have a
strong incentive to cover up any evidence of intrusion on their side, assuming
it was their infrastructure infiltrated.

~~~
Waterluvian
I wanted it to be convenient and electronic transfer but my lawyer said I’m
simply not allowed to. I had to get cheques from my banks and hand deliver
them to the lawyer’s office.

I’m not sure I fully understand, in retrospect, the desire to shave off
inconvenient corners for large life events you do so rarely. I think there’s
real wisdom in some of these things being so slow and old school.

~~~
creato
This reasoning also (especially?) applies to voting. Trying to make voting
"efficient" is not worth it when we do it rarely and we have not had a problem
just getting people to count ballots manually.

~~~
nend
This is a really bad comparison. Making it easier to vote has a big affect on
how many people vote.

Requiring a hand delivered check vs wire transfer to buy house has a minimal
effect on how many people buy a house.

Plus, the US has elections far more frequently than how frequently an average
person buys a house.

~~~
techsupporter
> Making it easier to vote has a big affect on how many people vote.

I think OP meant "efficient" as in "efficient for the people doing the
counting." In this case, efficient is not the same as easy. It's _efficient_
to count a bunch of ballots by having people enter their choices directly into
a bunch of counting computers that are networked to a central counting
computer.

It's _easy_ to vote by getting a ballot (by mail or in person), marking it,
and dropping it into a box. But counting those votes is not _efficient_ , or
at least not fast.

I'm with you; I want the latter, not the former.

------
josh2600
I really think that all of this DeFi stuff is playing with fire. If these
tools scale large enough, it's easy to imagine breaking the right link in the
system at the right time to cause catastrophic failures.

Remember that all complex systems operate in a degraded state. If there's ever
a way that only part of a complicated swap executes correctly the trade can
get really far out of position. People in Ethereum land will say things like
"the smart contracts can't possibly execute if all of these conditions aren't
met!", but I can assure you that lots of extremely fault-tolerant systems
built by very smart people (like electronic stock exchanges) have failed in
very surprising ways.

Weakly collateralized flash loans are just faster leveraged tools with all of
the tradeoffs that entails.

YMMV, there's definitely a lot of money to be made.

[https://www.youtube.com/watch?v=SjbPi00k_ME](https://www.youtube.com/watch?v=SjbPi00k_ME)
<< Relevant.

~~~
Taek
This DeFi stuff is playing with fire because the products being released have
significantly outpaced the state of the art in building safe smart contracts.

To make an analogy, imagine that instead of DeFi, we were talking about
skyscrapers. Imagine that thousands of engineers funded by millions of people
who believed in them were building 25 kilometer tall towers using technology
that they discovered in Isaac Arthur videos. And they were doing it today,
before any of the technologies like active support structures had been
properly matured. That's what's happening here. It's not that building towers
is bad or unsafe, and it's not that the technology behind 25 km towers is
fundamentally unworkable, but it IS the case that you shouldn't be doing it
just yet given our current engineering knowledge.

Defi is insanely cool, insanely powerful, and it will dramatically change the
landscape of society. But given the state of today's technology, if your
product is anything fancier than Uniswap (sorry Maker, sorry Curve, sorry
YAMs, sorry Augur, etc), it's not safe and it's ahead of its time. A lot of
these projects are repeats of things like pets.com. Great idea, but it was too
early (Amazon eventually fulfilled the vision though).

~~~
shajznnckfke
I don’t disagree with your claim here, but aren’t existing systems even worse?
The conventional electronic payments system is in many ways permissionless.
Even if crypto doesn’t live up to all the promises it makes, it may still add
value.

If crypto is building poorly-engineered space elevators to get out payments to
and from the sky, maybe the current system is throwing them in artillery and
parachutes and hoping they land where you aim.

~~~
xiphias2
I stayed with Bitcoin not because I don't see how cool Ethereum contracts are,
but because it's all about getting at least 1 thing right, which is digital
scarce money. Even that itself is an incredibly hard problem. Getting smart
contracts to be secure will take much more time, so I'm staying an outside
observer.

------
pjc50
As an elaborate real-money PVP system, Etherum is amazing. As a means of doing
relatively normal business, being sniped, frontrun, or exploited is hugely
off-putting.

~~~
redahs
In order for money to be both real and useful it should be secured by
unencumbered interest in durable real property.

The simplest way to circulate commercial paper for daily transactions is the
Benjamin Franklin paper money system which involves appointing public loan
officers throughout a nation to issue equity loans to anyone in possession of
unencumbered interest in durable real property which they are willing to
pledge as collateral which the public can auction in the event of non-payment.

This way money is placed in circulation so that the interest paid for the
first use of legal tender is publicly collected and immediately spent back
into the economy and so that the total quantity of money expands dynamically
in proportion to the aggregate quantity of physical durable capital.

~~~
Qworg
Why? This is unnecessarily encumbering the utility of money.

Real and Useful: people can use the money as a store of value, medium of
exchange, and a unit of account - and enough people believe in it.

~~~
redahs
Because allowing new public legal tender to be created on security of
fictitious capital such as speculative land values and deposits of credit
created by other banks is accounting fraud, transfers wealth from the poor to
the rich, creates speculative bubbles in financial asset markets, promotes
disinvestment in the real economy, decreases demand for labor, inflates the
price of land relative to wages for unsupervised labor, and worsens
inequality.

~~~
CryptoPunk
The only reason inflated valuations based on speculative hype, i.e. your
'fictitious capital', are able to redistribute wealth from the productive
economy to rent-seeking interests is that parties taking irresponsible risks
are bailed out by government programs that socialize losses. These programs
are sold to the public as making the market safer for consumers:

[https://www.nber.org/papers/w22223](https://www.nber.org/papers/w22223)

------
lmeyerov
I can't imagine running (or investing) in a software-based company here
without also having an automatic model checking layer for verifying all runs +
24/7 monitoring for disabling any live contract. If you're going to put $10M+,
years of your life, and who knows how much customer money into this, why not
spend $500K of it so you're running with the blockchain equiv of CI testing?
You'd be able to deploy _faster_ , with more confidence and less stress, and
fewer of these weird midnight Europe phone calls.

Viable model checkers for basic software contracts existed since the 80's, and
the modern incarnations are insanely powerful (Z3, ...) + quite approachable
(Rosette, ...). They're used to tackle software verification problems
magnitudes harder than "money can only go from here to there in this tiny
software contract": race detection in distributed file systems, bugs in
hardware circuits, security holes in big javascript libraries, etc. I think of
these same not-very-secret tools every time I see one of these articles, and
yet the engineering fails keep happening.

A few teams deploy tech here, including built on the above, but it seems like
most do not. I'd say mind-blowing, but at this point... mind-numbing?

I do appreciate the author being frank about how bad the status quo is.

EDIT: To give a sense of this -- the same people will talk about meticulous
cold storage key exchanges with someone always being there to watch, driving
into the desert for bootstrapping secrets, and then for their actual
operations, deploy unverified contracts.

~~~
Taek
I hate to be that guy but you are vastly underestimating the challenge of
formally verifying these software systems. Blockchains are highly adversarial,
open source, and doing a lot of innovation. Innovation which means that nobody
has ever tried to verify that type of system before.

Model checkers can tell you thinks like 'there are no underflows' and 'these
two pieces of code are identical', but if you want to know whether there is no
arbitrage or front-running, you're well past the capabilities of the state of
the art. It's not merely a matter of spending $500k on CI and auditing.

And then you've got a separate issue, which is that the space is super
competitive and moves extremely fast. If you spend 6 weeks getting your new
contract audited, you may well miss the window where people will care about
the project you launched. I don't think this is a healthy culture, but it is
one that many teams are trying to compete in. And therefore they ARE willing
to bet millions of dollars without taking any time to audit, because the
expected value of deploying faster is higher than the expected value of
deploying more safely.

For projects that are comfortable moving more slowly, formal verification IS a
big focus, and the cryptocurrency industry has been a material driving force
in many security related technologies such as reproducible builds (Gitian),
reproducible bootstrapping (Guix), and software verification methodologies.

~~~
lmeyerov
For background, I've built verifiers for harder languages, reviewed papers for
crypto systems, seen the inside of crypto operations & crypto security
startups, and help build software for adversarial, investigative, & high
performance scenarios. I'm not an expert in blockchain stuff, but I'm also not
unfamiliar with the software challenges.

* I _would_ agree that paying consultants to audit contracts is prohibitively expensive. It's the equivalent of paying pen testers to do your unit testing & security engineering - that's a costly way to do your basics

* I _disagree_ that model checkers can't check for stuff like front-running. It's not textbook, but close: the first papers on model checkers were specifically temporal logic for stuff like ordering issues. That was ~35 years ago! Contracts are similar in size, and both computers + solvers have gotten exponentially better. For my day job, we do TLFOPS for $0.20/hr, in Python.

* Reproducible builds, bootstrapping, etc. are real... but the 20%, and skipping the 80% I'm talking about. Verifiable VM IRs + verifiable contract lang subsets + contracts verified against them. Yes, we've seen sw supplychain attacks against some projects. More than that? Buggy contracts, buggy contract libs, & buggy blockchains.

I get that crypto startup people don't know this stuff, but you can hire 1-2
devs (= $500K) that can. Even if verifying against full abstraction is likely
out of reach due to the security mess that is the ETH VM & friends, chiseling
out subsets and running the model checking equiv of fuzzers isn't hard. The
status quo of _not_ doing it makes it look like an industry of folks not
running unit tests before pushing to prod. (See: article.) It's not _that_
hard. As more money gets into any company here, my expectations go higher,
even if that industry's haven't.

~~~
literallycancer
How do you check for front running? What if your checker tells you that you
can't fix it just by changing your own code?

~~~
lmeyerov
I'm unclear what level you're asking this at.

\-- Modeling: You start with basics like using the small universe assumption
to bound checking to X transactions. I'd expect most front running to show up
as small cycles here, so the typical case is a super small X. Later, you might
get into a time cost semantics to better tune what you consider interesting,
but almost no one in the crypto space is at the level of modeling maturity.
I'd predict a team's time is way better spent building up a stdlib of contract
checks, verified contract helpers, & whitebox attack heuristics/guides.

\-- Modeling II: Also, in verification, it's way better (ex: realizes more of
the ROI) to verify the program has the properties you want ("money goes from
a->b without getting stuck"). You can dream up individual attacks and model
those one by one ("front-running where ..."), but then you potentially miss
some, or some aspect of one. That's basically the difference between
verification and testing. You still do stuff like check sample scenarios &
individual attacks, but that's more about testing the verification conditions
& model fidelity.

\-- Fixes: A good (while still cheap & easy) checker gives you summarized
examples of attacks. Likewise, it makes it interactive, so you can tune what
you consider in/out of scope. More R&D-level verifiers suggest patches
(verification and synthesis are two sides of the same coin), but that's not
necessary. If your idea sucks or the attack is unavoidable, the verifier isn't
the problem, and if you decide to still proceed with the now proven-bad idea,
you can at least now price the risk in.

~~~
literallycancer
In the article the attacker simply pays a higher fee to have their call
executed first. How does verification help you in this case?

It sounds a bit like it would just tell you that your design sucks and you
need to change it, but that's not really helpful if it does that for all
designs you can come up with.

I'm not convinced you can spend 500k and make the problem go away. If it turns
out the problem can only be fixed by changing the underlying platform, rather
than your contracts, you will spend years talking to stakeholders and
advocating for the necessary changes. Which you still have to come up with
yourself. Unless your solver somehow finds the correct solution?

Another reason why that budget is suspect is that you'd have to develop most
of that from scratch. There certainly isn't an existing set of mature tools
like there might be for verifying properties of C++ code.

Unless you make the problem go away, you are not going to be better off hiring
people. Front runners let one know there is a problem just as well as a
verification consultant.

Proving that an attack is unavoidable might at least save some time. Proving
that a specific solution doesn't work doesn't really help you find the correct
one (?)

~~~
lmeyerov
A couple things here didn't make sense to me:

* $500K / develop from scratch is too expensive:

Nope! I actually hedged by ~10X :) In reality, I'd advocate building
successively better verifiers as more & more money flows through, with the
first solid prototype being $20K-$50K.

One good MS/PhD student in the verification community can build a decent
toolkit over a summer (= $20-50K). The reason is that tools like those I
mentioned earlier are intentionally language-agnostic and part of 15+ year
movement of building out lightweight generic toolkits for this stuff.

Think of it like a CI system: you get most bang for the buck by building out
basic unit tests early on, and as your system becomes worth more $, get into
integration testing, and one day, chaos engineering. Same for different levels
of verifiers.

* Some problems are inherent to all designs...yet you're better off hiring people? That doesn't make sense to me. What are the expensive per-contract outside people going to do if they can't fix the bug? That's worst of both worlds!

When a verifier flags the issue, if a team can't figure out a fix, at least
now they can now mitigate the risk (e.g., shut it off, only put in so much
money, get insurance, hedge/diversify, monitor for the exploit happening, ..).

My broader statement is verification tech is increasingly accessible and
building out some of it for an org deploying contracts is similar to a utility
co building out monitoring or a software shop building out CI. Not for the
weekend coder, but should be basic engineering for a professional shop.

------
andybak
This was as much fun to read as some of the classic Eve Online war stories.

Thank God it's just a game.

~~~
Igelau
I see I'm not the only one. Most blockchain stuff seems like an incredibly
dull game of Fantasy Stock Exchange, but this was more like Eve Online.

~~~
hombre_fatal
They have nothing on the current financial system, like banks being able to
block you because you sell adult sex toys or someone being able to pull money
from your account whenever they want because you once gave them your card
details to buy a $5 sandwich or having to find a merchant relationship just
for people to send you money. These are nonstarters that would get laughed out
of the room if pitched today.

You're just used to the stupidity, so it's easier to scrutinize the new
things. But there are people out there who take those downsides seriously. And
sure, you're always trading old problems for new, different problems, but it's
nice to have the choice between those trade-offs for once.

~~~
marcus_holmes
As an outsider looking in, though, it seems that banks are getting better at
this, while crypto is getting worse.

There's a bajillion fintechs helping the banks sort out their UI issues and
make it friendlier/better.

Bitcoin is still basically unusable for everyday transactions, and the endless
stream of wallet provider hacks is not convincing anyone that it's secure. As
TFA says, the hazards for normal folks playing in this pool are getting worse.
If the miners are frontrunning your transaction every time you want to get
paid, what's the point?

~~~
panarky
_> basically unusable for everyday transactions_

Why is this the acid test? Buying a coffee is a solved problem so why is
blockchain tech expected to address this use case?

 _> the endless stream of wallet provider hacks is not convincing anyone that
it's secure_

Does the endless stream of point-of-sale and credit card hacks make you
question the security of dollars, euros and yen?

~~~
cortesoft
> Does the endless stream of point-of-sale and credit card hacks make you
> question the security of dollars, euros and yen?

No, because my credit card company gives me my money back when there is fraud.

Crypto promoters always paint the irreversibility of blockchains as a feature,
but it always seems like a risk to me.

~~~
xur17
It's just a different approach with different tradeoffs. Credit cards push the
fraud risk and fees on the merchant. Crypto can push it to the user (and in
the process reduce the fees incurred).

I would be happy to have a way to pay merchants I trust online with and remove
the ability to reverse the charge if I was financially incentivized to do this
(with the money the merchant saves on fees).

~~~
cortesoft
The ability to reverse a charge isn't just about helping you if you are
cheated by a merchant, though. It is also about if your credentials are
compromised and used by someone else.

Sure, you might be happy to give up your ability to get a chargebacks against
a particular merchant.... but what about against a thief?

~~~
xur17
It's a tradeoff - in a number of cases, I _would_ be willing to accept that
risk. I already do with cash.

~~~
cortesoft
Sure, but the more articles like this I read about crypto, the more it sounds
like carrying cash at 3am in the worst part of town....

------
hooande
"Better yet, if you happen to know a miner (we didn’t), you could have them
include the transaction directly in a block, skipping the mempool—and the
monsters—entirely."

ugh. It's not what you know, it's who you know

That said, this looks like a very interesting and rewarding system to hack.
But it seems to serve little purpose. The other comments comparing it to Eve
Online are spot on

~~~
rsync
I came here to ask about that specific quotation:

"Better yet, if you happen to know a miner (we didn’t), you could have them
include the transaction directly in a block, skipping the mempool—and the
monsters—entirely."

In the bitcoin ecosystem, as far as I know, basically everyone can be a miner,
right ? If you are running the bitcoin client you are mining and there is no
particular barrier to entry to mining ... just run the client and mine.

How is the ethereum ecosystem different ? If they could avoid all of these
complications by mining, why didn't they just fire up their miner ?

~~~
martinko
Its not different. The issue you run into in both systems is that unless you
have a large amount of specialized hardware, you will not be able to mine a
block in your lifetime.

The number of blocks being mined is constant for the entire mining ecosystem,
so you are basically competing with all the other miners to create a new
block.

~~~
rsync
I see - so the protection one could gain from being a miner that the article
alluded to would come not just from being a miner, but _from successfully
mining blocks_.

That distinction is needed since, no matter how slow and painfully inefficient
I am, if I am running the miner I am, indeed, a miner on the network ...

------
dimmke
The environment described in this article is horrifying and definitely sounds
worse than our current financial system. That person just lost $12k to fraud
and has no recourse at all.

I agree with the other comments on here. Blockchain/crypto has always made me
uncomfortable. I think it's a mix of the slimy get rich quick aspect of it
that draws a lot of people and the cyberpunk/dystopian rhetoric around it.

I also think it's telling that even though Blockchain has been this hyped
thing for 6+ years at this point, we haven't really seen it actually be used
for anything outside of cryptocurrency, which in and of itself isn't used for
much outside of speculation. On the other hand, machine learning is used in
everything now and makes a lot of stuff better.

It definitely sounds like there's an additional major innovation that needs to
happen with this stuff before it's really usable.

~~~
Taek
> I also think it's telling that even though Blockchain has been this hyped
> thing for 6+ years at this point, we haven't really seen it actually be used
> for anything outside of cryptocurrency, which in and of itself isn't used
> for much outside of speculation. On the other hand, machine learning is used
> in everything now and makes a lot of stuff better.

Did you know that the Neural Network has been around since 1958 [1]? Machine
learning is not a technology that is just 6 years old. The latest AI trend is
also not the first or second time that AI has been through a massive hype
cycle.

The problem with the cryptocurrency space is that it's financial innovation.
And just like financial innovation on Wall Street, this tends to draw out the
slimiest people in society, because if you get someone to believe in your
product they may well leverage their mortgage and throw their life savings at
you. It's crushing to see people do this, especially because pretty much only
the malicious projects get hyped up that much.

But that doesn't mean that there isn't any truly groundbreaking innovation out
there. Cryptocurrency changes the fundamental scalability of society. A key
bottleneck for human society is trust - at some point a system gets large and
corrupt, and it becomes difficult to keep bad actors from imparting a large
amount of negative influence. But cryptocurrency allows us to design systems
that don't require any trust at all. They _cant'_ be corrupted, because a
combination of incentives and cryptography keep everyone safe.

As this blog post shows, there are still a lot of rough edges out there, but
the technology is innovating rapidly. I do think the hype is probably 5-10
years ahead of the technology, but in the grand scheme of technology (think of
how long it too Arpanet to mature, or Neural Networks to mature) that is not
much time at all!

[1]: [https://www.computerworld.com/article/2591759/artificial-
neu...](https://www.computerworld.com/article/2591759/artificial-neural-
networks.html)

~~~
schoen
> They _cant'_ be corrupted, because a combination of incentives and
> cryptography keep everyone safe.

I would like this to be right but then I ran into

[https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3197300](https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3197300)

which discusses economic limitations to the incentives for blockchain mining.
(One part is that if a cryptocurrency gets too valuable, the value of a
double-spend attack could exceed some models of the reward for honest mining.
Another part is that if you have unregulated derivatives, you can own a
negative amount of cryptocurrency, which means that your financial incentive
can be to _actively damage_ the cryptocurrency rather than helping it.
Satoshi's paper seems to assume that you can only own a positive or zero
amount of bitcoin rather than a negative amount, when arguing why miners are
incentivized to be honest.)

(This is also true for the ability to short, or insure, any asset -- you can
be financially incentivized to damage it -- but elsewhere this incentive is
partly countered by law enforcement investigations of some trades and
insurance claims where people profited significantly from accidents,
disasters, or scandals. Smart contracts on blockchains let us build insurance
and derivatives markets where you can bet against things without identifying
yourself. In fact the whole underlying discussion here is about how the person
who claimed this particular asset in Ethereum is anonymous and probably can't
be punished for doing so, even if we believed that the claimant wasn't
entitled to make this claim. That could be equally true if the person were
collecting an insurance contract payout. That's potentially fine if contracts
can't create new incentives to cause harm, but maybe not so awesome if they
can.)

~~~
iSnow
The paper is 2y old - which is a bit of time in blockchain space - and yet, no
one has performed this attack successfully in the wild. So, either everyone is
just loving Bitcoin and wouldn't harm it for profit, or it's not so easy
(hint: you cannot short Bitcoin for hundreds of millions, it's not liquid
enough).

Also, this is strictly about PoW, the ETH roadmap (and this is where we are
coming from in this submission) is moving to PoS where attacks are potentially
way more expensive.

~~~
schoen
> you cannot short Bitcoin for hundreds of millions, it's not liquid enough

That seems like a great explanation, but the paper's argument is definitely
not that cryptocurrencies can't exist or can't work, just that they have a
limited range of levels of adoption where the incentives will continue to
point in the right direction. In the paper's model it seems that Bitcoin has
just not reached that level, right? If you _could_ double-spend or short
enough value in it, the incentives would reverse.

> PoS where attacks are potentially way more expensive

I don't think Eric Budish agrees that PoS verification is categorically immune
to this. The very last sentence of the paper mentions that it "will be
interesting to watch [PoS] research develop, and see whether or not it
constitutes a valid response to the critique in this paper".

~~~
e12e
Just a thought - is negative proof of stake a thing? Could you incentivice
_everyone else_ to sabotage the system by "shorting" it?

------
vmception
> Because I’m a professional DeFi thought leader, I had never actually
> deployed a contract to Ethereum before.

As a developer that uses the EVM quite often, this had me laughing out loud!

That matches my experience with pretty much everyone!

And yet there are still the people doing things I could never think of doing
and doing it very quickly. I want to get to that place.

~~~
marcell
Curious what do you use the EVM for?

~~~
vmception
Sell shovels during a gold rush, just like I did for mobile apps a decade ago.

That turns into open source contributions in packages that affect far more
than EVM.

And some truly lucrative knowledge and utility. Except people want to debate
utility whereas nobody batted an eye at mobile even though people only use
like 5 of the hundreds of apps they have. (People made fun of apps getting big
checks but it was all in fun, or congratulated individuals developers making
5-6 figures from app stores, but mention a dapp on a blockchain and everyone
looses their minds)

------
shard
Makes me think of the book Accelerando, where sentient viral corporations and
Economics 2.0 posthuman intelligences running amok in virtual space, trading
uploaded human constructs as currency.

------
est31
I wonder how these bots perform the shorting. Do they take the modified
instruction and increase miner reward to make it more prioritized than the
original transaction? Such a bot would be hard to counter as if you set some
reward value, even if it's extremely high, it would take it and increase it by
1. Even if you saw that value yourself and increased it yourself, they could
counter your counter by inceasing again, the process continuing until
everything is eaten up by miner rewards.

If you have multiple such bots, would they fight over the loot, increasing the
reward until it's all given to the miners?

Are there any logs of rejected transactions that existed in the mempool? Is
there evidence of such fighting?

~~~
hoytech
Yes to all your questions. See [http://frontrun.me/](http://frontrun.me/) for
some logs of gas auctions.

There is/was also so-called "back-running" where bots spammed many
transactions with the same gas price as a target transaction:
[https://github.com/ethereum/go-
ethereum/issues/21350](https://github.com/ethereum/go-ethereum/issues/21350)

~~~
milchek
So, with front-running on Ethereum, am I understanding correctly that what is
happening here is that bots are being used to look at buy and sell orders on
decentralized exchanges and then sending their own tokens with a slightly
higher gas price to get in 'front' of the detected order?

What is the point of "back-running?"

------
emerged
Writing this sort of bot seems like a legitimately fun and interesting thing
to work on, but somehow I have less than zero interest in actually doing it.
There's just something intrinsically repulsive about the entire blockchain
world to me where I just don't want to touch it.

I don't mean to offend people who do love blockchain tech, in many ways I
don't blame you. But is this feeling I have somewhat common? I'm not even sure
how to justify it.

~~~
TeMPOraL
I have it too. I'm not entirely sure where it comes from, but some significant
factors are:

1) Proof-of-work systems are pure, unadulterated energy waste (and an
ecological disaster as long as we depend on fossil fuels). They cannot, ever,
be allowed to become significant in the economy, lest our future will be
building a Dyson sphere around the Sun just to power everyone's ability to pay
for a hot dog on their way to work.

2) There are a lot of naive ideas about how economy and society works
surrounding major cryptocurrencies.

3) The main users of cryptocurrencies are (AFAIK) criminals and amateur
financial speculators.

4) Statistically, you can expect any random startup in this space to be a
scam.

It's a wild west. Trading unregulated money tends to disproportionately
attract the worst kind of people.

~~~
spir
I spend a lot of time on Ethereum and wanted to respond to your points.

1) Yes, proof of work is terrible long-term, mainly because its cost scales
with the market cap of the cryptocurrencies it secures. Ethereum is switching
to proof of stake, which uses a normal amount of electricity and forever
solves this issue

2) There are also a lot of excellent ideas and projects. For example, Gitcoin,
quadratic funding, quadratic voting
[https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3243656](https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3243656)

3) It's true that there are many scams/crimes in crypto, and that many or most
holders of cryptocurrencies are speculators. What makes crypto different from
tulips is that many speculators believe that crypto will come to power large
portions of the world's financial and economic infrastructure.

4) Whether a random crypto startup is likely to be a scam depends entirely on
your filters and definition of "startup". If you limit your population to
projects or tokens with some level of social validation, such as being top-
ranked on coinmarketcap or backed by in-industry VCs, then there're hardly any
scams at all. Ethereum now has hundreds of quality teams working on many
different parts of the ecosystem. For example, the DEX space (decentralized
exchanges, eg. [https://uniswap.org/](https://uniswap.org/)) is very different
than the layer-2 scaling space (eg.
[https://optimism.io/](https://optimism.io/))

5) [It's a wild west...] Respectfully, this is an unkind or perhaps bigoted
statement. I have many friends in crypto who are thoughtful, kind people. They
think deeply about the ethical implications of the systems we're building. The
same is true of many leaders in the space.

~~~
TeMPOraL
Thank you for the thoughtful response. I'll preface with saying that I listed
my points as a contributors to the source of feelings I have about the crypto
space - they're observations subject to selection bias.

RE 1. I keep hearing this for years now; I'll believe in PoS when I see it
actually working.

RE 2., I just tend to keep finding (or being approached with) really bad ones.
Last time I got excited was with FileCoin, but that seems to be... not moving
too fast at all. I'll look into the quadratic funding/voting thing; it looks
interesting, but from the brief overview, it's not necessarily crypto-
specific.

RE 3. That belief is what I consider naive - or just perhaps I strongly hope
it's wrong, because of point 1.

RE 4. That's true. I just keep hitting the obviously scammy ones - but that's
perhaps because I'm an outside observer. Honest people who are knee-deep in
crypto are definitely able to separate the wheat from the chaff.

RE 5. I don't doubt your friends are thoughtful and have strong moral
compasses. But in that last statement, I was talking about trading these
currencies in general - which counts in scam coins, bullshit "crypto! AI!"
startups, and various criminals using cryptocurrencies for illicit trade. I
would think this point is self-evident - an unregulated space with features
that give more utility to criminals than to law-abiding citizens will, by
definition, attract disproportionately more of the former than the latter.
Also, when I say "disproportionately more" I really mean it, it's not a code
for "everyone is bad".

~~~
spir
Thanks for your reply!

You might be interested to check out

[https://medalla.launchpad.ethereum.org](https://medalla.launchpad.ethereum.org)
\- this is a public testnet of Ethereum proof of stake

[https://beaconcha.in/](https://beaconcha.in/) \- this is an explorer for the
proof of stake testnet. The proof of stake chain is called the "beacon chain".
If you want to believe in PoS when you see it actually working, this site is
actually that! The public testnet launched in the last month or so. They are
hoping to launch mainnet later this year.

~~~
michaelsbradley
See also [https://beaconscan.com/](https://beaconscan.com/)

It's another useful explorer.

There's also [https://eth2stats.io/medalla-
testnet](https://eth2stats.io/medalla-testnet)

It's not an explorer, but a way to keep tabs on your (and others') nodes when
it's not handy to e.g. connect with ssh. Only a small number of node operators
are currently reporting to eth2stats, but hopefully that number will grow over
time.

------
aazaa
> On Wednesday afternoon, someone asked whether it was possible to recover
> Uniswap liquidity tokens that had been accidentally sent to the pair
> contract itself.

Uniswap itself is a pretty interesting protocol:

> Uniswap is an exchange protocol that allows users to trustlessly swap ERC20
> tokens. Rather using the traditional order book model, Uniswap pools tokens
> into smart contracts and users trade against these liquidity pools. Anyone
> can swap tokens, add tokens to a pool to earn fees, or list a token on
> Uniswap.

[https://docs.ethhub.io/guides/graphical-guide-for-
understand...](https://docs.ethhub.io/guides/graphical-guide-for-
understanding-uniswap/)

------
mgraczyk
I didn't study the specific contract in detail, so I could be way off base
here, but...

It seems like the money could have been safely claimed using a tiny amount of
crypto. Something like creating this contract:

    
    
        contract Example {
          function Example() public {
            if (keccak256(msg.sender) == HARD_CODED) {
              do_transfer();
            } else {
              do_something_terrible();
            }
        }
    
    

Would be bots be able to automatically determine that they need to swap out
HARD_CODED with the hash of their own address?

------
AaronFriel
Fantastic story and analogy to Liu Cixin's novel.

Writing bug-free code is hard enough, but this adversarial environment is
fascinating and takes it to another level.

~~~
jessaustin
I thought the biggest flaw in _3BP_ was that none of the characters and none
of the unknown assailants seemed to do any temporal discounting. A species
that might be a threat in a billion years is not worth worrying about now.
Resources should be used for immediate survival, not for eventually-it-might-
be-nice extermination. It made the story seem more like a fantasy of
contending royals than speculative fiction of scientists and soldiers. Of
course, it probably seems natural to those who have different priors than I
have. It's funny to see it cited in this context; I'm sure everyone on
Ethereum knows about temporal discounting.

~~~
rsync
"A species that might be a threat in a billion years is not worth worrying
about now. Resources should be used for immediate survival, not for
eventually-it-might-be-nice extermination."

In the third book we are treated to some pseudo-dialog between an attacker and
their supervisor(s) deciding whether to preemptively attack an area of space
(trying not to spoil here) and the options on the table - a tiny kinetic
strike at near light speed vs. the "flattening" that they eventually decide
upon are both presented as nearly zero-cost...

~~~
jessaustin
We know from discussion elsewhere in the story that "photoids" are considered
to use at least a _solar system 's_ worth of energy. In the passage you cite
we learn the "two-vector foil" uses even more (which makes sense given the
fantastical nature of this attack). ISTM the party who has "easy" access to an
armory of these doomsday devices will have to wait a really long time for a
good reason to fear the party who is still stuck in orbit around a single
star.

Liu does lampshade the idea that performing such high-energy attacks should
itself be a giant "here is a dangerous enemy" signal, but does so just to
write it off as something that never happens. At the very least, frugal
genocidal galactic civilizations should probably leave it to other genocidal
galactic civilizations to actually do the tremendously expensive genociding.
Given the eagerness we see in this passage, it can't be uncommon for multiple
attacks to be launched by different parties simultaneously!

It's a great trilogy, and I'm glad Netflix are going to do something with it.
(I really hope they don't whitewash the casting like many other productions.
The fact that most characters are Chinese is important to the story.) This
particular aspect just stood out to me.

------
DevX101
Did the author get permission for this attempted Good Samaritan deed? Or did
he go out on his own and screw up the implementation without the contract
owner's knowledge?

If it's the latter, that's kind of a shit move.

~~~
gus_massa
He didn't need permission: "Code Is Law"

~~~
DevX101
I don't think what the author did was illegal. This is more of an ethical
consideration where consent should have been requested from contract owner
before doing a known risky operation.

~~~
andrewflnr
The Copenhagen Interpretation of Ethics strikes again. OP tried to help and
didn't actually make things worse, but they touched the situation so now it's
their fault.

------
Twisell
Nothing in this article seem to make any sense, does the gibberish pseudo-code
actually mean something for anyone?

I feel like the dumbest of all (and maybe it's normal it's far away from my
area of expertise). But seriously this sound more like a sci-fi plot that
actual engineering.

~~~
rkayg
I'm glad someone else feels like this. One of my friends is in the space, and
I don't understand anything he says. I wonder if this community has created a
whole language / framework to give a feeling of value to what they are doing.
It's kind of like gamers talking about KDA, meta, etc.

~~~
iSnow
My god, have you tried to explain React code so someone outside of coding?
Every field with any kind of intellectual depth invariable has to create an
own set of terms to describe what they are doing.

Stop talking down on people just because you don't understand their jargon.
Either keep quiet and learn or don't judge at all.

~~~
Twisell
And maybe also stop talking down on people just because they don't understand
your jargon. Either keep quiet and learn what's not obvious for outsiders or
just explain your jargon so that more people understand it.

------
Aeolun
I have literally no idea what all of the stuff in the article means, but it
sounds like the whole thing was broken from the start.

If someone can take the transaction you just sent and somehow jump in front of
you to execute the same one, your system seems fundamentally broken.

------
zdkl
I have dabbled extensively in the "traditional" *coin scene, but always shied
from eth and the associated ecosystem. Stories like this are the reason why.

While I could articulate -and genuinely believe in- a raison d'être for the
alt-finance tools created by blockchain systems, the premise and concrete
value of the exceedingly sophisticated mechanisms in ethereum continue to
elude me.

Given the primitives of account & transactions through distributed ledgers,
one can construct a wide variety of services and use cases that interface with
the real world on the user side and on the 3rd party service side.

Are there any services and use cases in ethereum-land that are actually
oriented towards users? Because it seems to me that the only group getting
measurable value beyond education are actors seeking to extract profit from
"legitimate" value store or flow.

And I thought getting away from them was the entire point of Bitcoin et al.
for the ordinary man.

~~~
woah
A lot of this DeFi stuff is about people getting returns by providing
liquidity to financial instruments that would have been done by centralized
exchanges otherwise. So, still speculation driven ultimately, but not totally
useless.

------
mrfredward
In the article: "Better yet, if you happen to know a miner (we didn’t), you
could have them include the transaction directly in a block"

But how could you guarantee the miner was trustworthy, and wouldn't just take
the money after you told them.

Hmm...what if we could come up with some sort of smart contract...

(recursion ensues)

------
sickygnar
The whole thing is a complicated, wacky game. The DeFi stuff is especially fun
right now. Opportunities (and danger) abound. There is so much money locked up
in DeFi.

It's not necessarily always good for the bots either. They can be exploited
and tricked as well.

~~~
cesarb
> There is so much money locked up in DeFi.

Is the money really "locked up"? No money actually enters these systems;
whenever someone buys a token with money, there was someone else selling that
token for money, and the money went from the buyer to the seller, who is free
to do anything with that money.

~~~
Sargos
You are confusing money with value. Value is what something is worth and is
what people prize. Money is just a convenient way to transfer value. I think
you got stuck on that one piece of money (USD) that went from buyer to seller
but forgot that the value transferred between them as well.

------
desdiv
Why did they try rescuing the $12,000 pot on their very first attempt instead
of planting a bunch of $10 dummies and rescuing those instead? Once they
perfected how to rescue the dummies, then move onto the real target.

~~~
gottagetmac
Time pressure was the main reason.

We also couldn’t have been sure that a method that could recover $10 would be
able to recover $12,000. Bots won’t bother to snipe opportunities that are too
small (they have to put a little money at risk to even try).

Finally, there was a nagging worry that demonstrating this kind of transaction
for the bots could “teach” them to look for this opportunity, which could lead
them to this money even before we tried to pick it up (since they could scan
the blockchain for it). I had heard that these bots sometimes used recent
transactions as “hints” to look for new profit opportunities. It sounded like
a wild idea, but all of this was pretty wild.

------
ur-whale
This paper is really worth a read, if only because it shows how much smart
contracts is a brand new territory, mostly unexplored, full of opportunities
(and therefore dangers).

If you're a blockchain naysayer [1], I'd invite you to go read this paper to
measure how deep, rich and complex the world of smart contracts is, and at the
very least get a feeling that you may simply not know how uninformed your
negative opinion is.

[1]
[https://en.wikiquote.org/wiki/Incorrect_predictions](https://en.wikiquote.org/wiki/Incorrect_predictions)

------
pstrateman
That's a lot of words to say "this system is insanely complicated for what it
does (ie doesn't do)".

~~~
lisper
Oh, but the details in this case are absolutely fascinating! Well worth all
the words IMHO.

~~~
recursive
For me, there weren't enough words to actually make any sense of it. What I
got is approximately "if you try to do ethereum stuff, bots will somehow do
the same thing but earlier, and you'll lose your money".

~~~
kjsthree
Agreed, somehow bots are able to jump the queue but there’s no description of
how or why that’s possible. Why would the bot transaction be given higher
priority than the submitted transaction?

~~~
anthony_d
There's an old idea called "front running". Back when the stock market was
based on pieces of paper being passed around, you could hear something
useful/valuable and literally outrun the other person to make a profitable
trade.

To understand the equivalent in Ethereum you need to understand 3 things: 1\.
All transactions require something called "gas" which is based on the
complexity of the transaction. The simplest transfer is 21,000 and seriously
complicated tasks can go up to millions (11 million-ish is the cap now) 2\.
Miner's get to decide which transactions go in the blocks they mine. They get
the fees associated with those transactions, so they pick the most profitable.
3\. You don't get to decide how much gas your transaction uses, but you do get
to decide how much Ether you're willing to spend per unit of gas, e.g.
gasPrice of 3 Gwei(1/1,000,000,000 of an Ether) means you multiply your 21,000
gas transaction by .000000003 and that's how much Ether the miner gets for
including your transaction.

Net Result: Right now on Ethereum Mainnet 100 Gwei is standard, so I see you
have a transaction waiting where you offered 100 Gwei. I just swap out my
address instead of yours and offer 200 Gwei. Now a miner will pick up my
transaction first because they get twice the profits for the exact same amount
of work.

------
ladberg
As soon as I saw the title I thought of the Three Body Problem and I'm glad it
wasn't a coincidence!

------
dnprock
I'm not sure when Ethereum supporters would wake up. Ethereum's design creates
this kind of Dark Forest problem. When it is programmable, you are at risk of
being overpowered by bots. Computers are far more efficient than humans. Smart
contracts are not smart. If they're too complicated (smart), humans can't
comprehend them. So they're mostly dumb. Bots will overrun humans. With
Ethereum, you know you're entering a digital Dark Forest. But you still want
to explore it. You venture into the Dark Forest and got attacked. It does make
an interesting story. But it's a fairly useless system.

With cryptocurrencies, you want to "slow" the system down. You want more
redundancy. You want less efficiency. It's the only way to fight the
automation monsters. Bitcoin is money. Ethereum is a fun and experimental Dark
Forest.

~~~
literallycancer
Most trading is automated. This is not something that's unique to smart
contract platforms. How come the world didn't end already?

------
cecida
Sounds like an enormously complex Rube Goldberg machine.

------
atarian
Does anyone else think that Solidity is far too low-level for the purpose it
serves? I really don't think connecting to ports (as an example) should be
something in a financial contract.

~~~
Animats
Yes. They should have gone with something simple and declarative, like
decision tables.[1] Those have a finite number of cases and can be
exhaustively tested. Which is what you want for a smart contract for something
real.

But no, they had to make it Turing-complete. That failed quickly. Remember the
DAO debacle. That should have been a teaching moment. But no. Because the
people burned were insiders, the whole Etherium blockchain was split to rescue
them.

[1]
[https://en.wikipedia.org/wiki/Decision_table](https://en.wikipedia.org/wiki/Decision_table)

~~~
pacoWebConsult
At the very least people should be formally verifying the behavior of their
smart contracts before investing millions of dollars in them. The ETH VM is
actually pretty simple to model and formally verify at least some of the basic
properties of contracts.

~~~
Animats
Formally verify against what? You need some simple model of what's supposed to
happen to verify against.

------
Zarkonnen
Or use normal banking which has actual regulations for a reason.

~~~
Sargos
It's still an option but it's more work and harder to use and is pretty
limiting in what you can do.

------
d33lio
IMO this is why anyone dumb enough to spend time building trading algos for
crypto should really just use that time looking for vulnerable smart-contracts
/ projects if they actually want to see returns LMAO.

I used to work in the space in the blockchain tracing space - I helped build
one of the first intelligent tracing systems that could handle tokenized
assets on ETH.

I have zero regrets leaving the space...

------
DodgyEggplant
Similar things happen with real money all the time. Many players can hack,
over charge, short, manipulate etc. It may be less obvious, or somehow
perceived legit, but we are not really shielded from other players taking our
invested money with all kinds of "financial tools" that are hard to
understand. Ethereum is just more direct, more feasible

------
vvpan
Perhaps due to a certain naivete I enjoy almost all discussions on HN. There
are few exceptions and discussions under blockchain-related posts are the a
prime example. I will disclose right away that I wholeheartedly think that
blockchains are here to stay and to solve many problems. The general sentiment
on HN, and this thread so far is an example, seems to be animosity toward the
idea in general lightly veiled by pretext of pointing out technical challenges
(which are numerous, I do not think the most ardent blockchain proponent will
deny). Every time I try to point some great ability of "smart contracts" in
return I hear blanket unthoughtful responses like "well how is it better than
a database" or "how is it better than a REST call" (for example this exchange
about the Baseline protocol
[https://news.ycombinator.com/item?id=23824584](https://news.ycombinator.com/item?id=23824584)).

Perhaps starting with a general accusation of the community is not the best
method. But I'll move on... There are things that are very important to
understand about blockchain. The most important one is that the technology and
the systems built on it are _extremely_ young. Blockchain is like the 80s of
computing. I would compare it to editing Unix system settings with "nano" to
adjust a basic setting of your operating system - lots of horror stories for
sure. The big difference is that people are out there to make money off of
your mistakes. Yes, it can be a hostile environment. As the article alludes to
- full anonymity of transactions is still in the pipeline! I do no know a
single blockchain project out there that allows to interact with contracts
anonymously yet. If blockchain is still alive a few years from now (and I have
little doubt about that) then things like Optimism (mentioned in the article)
will have made a whole array of shortcomings obsolete. Awesomeness does not
happen overnight, it took _decades_ for the internet to become the ubiquitous
integral thing that it is now.

Actually, I'm glad the author used Uniswap as an example, because it is a
simple and powerful system that would not have been possible without
blockchain. (Aside: Uniswap is actually one of the first products to create a
POC of running on top of Optimism's Optimistic rollups, so they are no unaware
of issues). It was conceived initially by Vitalik himself and implemented as
an Ethereum grant. The basic idea is that a contract controls two pools of
tokenized assets. The assets are provided by people who get a cut when a trade
happens. The price of assets being exchanged is equal to the ratio of their
quantities in every pool. That is it!!

Now, why do I think that a system as Uniswap is awesome. Right now most tokens
are either tokens for other projects or USD. As the variety of tokenized
assets grows (for example some Japanese banks are looking to create a digital
Yen, and there are clues that suggest it might be on Ethereum) what you get is
an extremely simple no-middlemen system for exchanging things of value. Now,
in theory, any programmer can write a program, say, for currency exchange in
one evening - no middlemen, no 3rd parties to trust, no banks, no clearing
houses and a basic API anybody can integrate. The system is not perfect, and
that's what the article is about. But the concept can be revolutionary.

The blockchain money-grab is disgusting to look at. But do not throw the baby
out with the bathwater.

~~~
xondono
I won’t dare to speak for anyone but me, but personally the issue I have with
blockchain is that is a solution looking for a problem.

If you’ve ever done any business (sales/purchasing), you’ll soon see that
_trust is not really a problem_. Trust is only a problem in single-transaction
deals (two entities trade once and expect to never trade again), which is
pretty rare. Even in that weird case, branding and reputation are actually
quite good ways of providing trust.

In fact I would go further and say that the only entities that are impervious
to the “conventional” approach are governments, by virtue of being monopolies.

I’ve heard amazing tales of what blockchain should be able to do, but so far
it looks like they’ve failed in everything they’ve set up to do.

Blockchain currency (I’ll generalize a bit) was supposed to be a store of
value. They are so bad at this that they’ve become an investing bubble, and
one of the assets with highest volatility out there.

I’m still waiting for useful demos of blockchain technology that aren’t
contrived situations or just smoke and mirrors for startups to get funded.

~~~
xur17
> If you’ve ever done any business (sales/purchasing), you’ll soon see that
> trust is not really a problem. Trust is only a problem in single-transaction
> deals (two entities trade once and expect to never trade again), which is
> pretty rare. Even in that weird case, branding and reputation are actually
> quite good ways of providing trust.

It absolutely is a problem in business, but maybe not in the businesses you
have experience in. For example - try selling gift cards online for payment.
Your only real option is credit cards, which is ripe with fraud, and involves
hefty fees (2-3%). Cash for the internet (which is one thing "blockchain"
enables), solves both of these problems.

------
throwaway4good
"Because I’m a professional DeFi thought leader, I had never actually deployed
a contract to Ethereum before."

~~~
josh2600
Having deployed a contract to Ethereum, I can tell you that it is not for the
faint of heart for a variety of reasons too numerous to list here.

If the VM can change, but the code can't, it's gonna be hard to maintain.

~~~
throwaway4good
I have the feeling that there might actually be more "professional DeFi
thought leaders" out there than people who have deployed something to
Ethereum.

~~~
StavrosK
Is DeFi an actual thing, or just a term for cryptocurrencies in general?

~~~
heynk
[https://defipulse.com/](https://defipulse.com/) is a good dashboard that
highlights the amount of money "locked" (i.e. as collateral) in various DeFi
protocols. It currently indicates $8 billion USD worth of locked funds.

In reality, the number is lower, because folks use "yield farming". You can
put some collateral in one protocol, use that to mint some funds, and then
collateralize that in another protocol. And rinse and repeat. There was a
Twitter post[0] recently where someone analyzed this, and they found that the
"true" TLV was more like ~3.5 billion out of $6.7b.

The space is growing quite quickly. A month ago, the TLV was 50% of what is
was right now.

[0]-
[https://twitter.com/damirbandalo/status/1295089928901140481](https://twitter.com/damirbandalo/status/1295089928901140481)

~~~
StavrosK
Hmm, okay, but what is it?

~~~
michaelsbradley
Decent overview: [https://www.coindesk.com/defi-yield-farming-comp-token-
expla...](https://www.coindesk.com/defi-yield-farming-comp-token-explained)

~~~
StavrosK
Thanks!

------
modeless
This is fascinating. I never thought of writing a bot to watch the mempool for
exploitable transactions. Perhaps in the future it will be more common to send
your transactions privately to a miner instead of putting them in the mempool.

------
jklepatch
I turned that blog post into a video

A visual explanation of how someone made 12,000 USD in a single Ethereum
transaction with front-running.

[https://youtu.be/vP5hVkH_1gs](https://youtu.be/vP5hVkH_1gs)

------
segfaultbuserr
In additional to the "Dark Forest" analogy here, there's another hilarious
analogy of Ethereum I've heard of - it's a game of Core War, but with money in
it.

------
xg15
Ok, I got the part with the arbitrage bots and frontrunners - but could
someone ELI5 to me what the uniswap contract was supposed to do in the first
place?

------
finder83
Are these bots legal that are doing the sniping/etc? I know next to nothing
about Ethereum, but the whole environment sounds questionable

~~~
Sargos
It depends on your definition of illegal. It's not illegal in lots of places
and is a gray area in most places. It's hard to know who would even handle the
case since you're not sure who has jurisdiction, if anyone.

------
mangecoeur
I have rarely seen so much effort and intellect expended for something so
wildly pointless... conspicuously missing from these whole shenanigans: anyone
doing anything that a normal person could recognise as being of practical use.

~~~
beervirus
See also Facebook, as well as large swaths of Google. A generation of our best
and brightest are using their talents to spy on users and get ads into their
eyeballs.

~~~
cryptica
And the value of those ads is totally speculative. We live in a 0-utility
economy. No wonder Warren Buffet's 'intrinsic value' investment strategy
doesn't work anymore. Since the 1970s, the true driver of the economy was the
Fed and its reckless borrowers; not workers, not consumers.

It took 50 years for rich investors and their descendants to lose touch with
reality to the point that they can't tell the difference between something
important and something which is completely useless.

------
dakial1
Well, all this exploits should make the system more resilient in the long run
(as they are fixed) no?

~~~
emrehan
I’d prefer to live with a system where frontrunning is available for anyone
rather than exchanges and brokers only. So that we could upgrade the system to
be frontrunning resistant for good.

There’re front running resistant decentralized exchange PoCs on Ethereum. It’s
only a matter of time (and governance) before we could have this technology on
Ethereum.

------
longnguyen
Not related to the content but why on earth an anchor link is styled as a
strike through text?

------
pkilgore
I'm personally quite excited to vote by blockchain aren't you?

------
nix23
>The Dark Forest is my favorite science fiction book

Mine too and Hyperion andandand :)

------
lallysingh
So who actually uses these contacts? Who's transacting on this?

------
kleer001
The weakest link is always the human followed by entropy.

------
aero-glide
This reads like a cyberpunk novel. Except its all real

------
AcerbicZero
Can you really call them smart contracts, if they're this dumb?

