
Proposal to restore a destroyed Ethereum contract - peterkelly
https://github.com/5chdn/EIPs/blob/a5-eip-999/EIPS/eip-999.md
======
seibelj
If they want to change history to help a privileged group of people, they
should have a generalized mechanism and process for doing so. If I can prove I
accidentally lost 1 ETH, let alone millions, I should be able to retrieve it
via that same process.

I love Lord Vitalik as much as any ETH nerd, but the more he dictates to help
his friends, the more it will hurt the ecosystem.

~~~
derefr
The "generalized mechanism for doing so", in this case, would be the EIP
process itself, no?

It's a bit like those clients that say of their software, in its requirements,
"I want my software to be customizable after-the-fact with any new logic I
desire, up-to-and-including the power to completely rewrite the application."
Some people try to solve this problem as stated, resulting in the
[https://en.wikipedia.org/wiki/Inner-
platform_effect](https://en.wikipedia.org/wiki/Inner-platform_effect). Other
people recognize what's happening, and just respond with "the customization
mechanism is the source code. You can customize it at any time by contracting
a programmer to do so for you."

The FDIC of the Ethereum blockchain† seems to be—as this example, and the
earlier example of the DAO, would suggest—the Ethereum maintainers themselves.
The way the Ethereum maintainers propose changes to the consensus protocol to
fix problems is through EIPs. So, if there's an Ethereum "natural disaster",
the natural thing to expect in response would be an EIP.

† (as opposed to the _Ethereum Classic_ blockchain, which has no such entity,
which is rather the point of the fork.)

You could create another layer _atop_ the EIP process, formalizing
specifically the recovery process from a "loss of money" event... but it's
really going to boil down to a consensus-algorithm change in the end, so an
EIP is going to have to be involved.

(Unless you're suggesting that there should be some way, within the Ethereum
VM itself, to aribtrate disputes in a way that invalidates the side-effects of
previous contract calls? That'd certainly be a trick... especially given that
the said "arbitration" would seem to be a human-complete problem, and Ethereum
doesn't even have oracle support yet.)

~~~
seibelj
If I can't get my ETH back back when I mess up, then neither should Parity. If
the community wants me to get my ETH back when I mess up, then Parity should
be able to. I'm not providing a value judgement on whether this is good or
bad. I'm saying that it is hypocrisy to let one group get their ETH back over
the individual if they have enough political support.

But I see your point about the EIP process. Altering history to benefit a
group of people is always contentious, so the EIP process is itself a way to
do it on a public forum.

~~~
Dylan16807
It's not hypocrisy to have a threshold of losses before intervening.

~~~
twblalock
What's a fair threshold? How could a fair threshold be determined and later
justified when people push back against it?

What is the process for adjusting the threshold if the value of the currency
swings wildly? A theft of a single Bitcoin is now a theft of thousands of
dollars, but years ago it would have been a handful of dollars.

It's easier to say that thefts of any amount should be restored than to deal
with all of the politics of picking a threshold. Isn't the Ethereum system
designed to avoid politics and the need to trust other people?

~~~
andybak
> What's a fair threshold?

Thresholds are never fair and always arbitrary. However that's not a reason to
avoid anything that has an arbitrary threshold. Arbitrary is often better than
nothing.

~~~
twblalock
When it comes to money, arbitrary rules are definitely worse than nothing. If
I use a system to own or transfer money, I want to know exactly what the rules
are. I have no confidence in arbitrary protections. Lack of confidence is what
kills economies, companies, and currencies. It’s in every cryptocurrency
project’s interest that people who hold the currency have confidence that
their rights are protected.

~~~
x404
Exactly, the cryptocurrency told us the code is law, but in the ETH, the Lord
can change the law whenever he wish. It looks absurd.

------
twblalock
Stuff like this is why smart contracts won't work for the general public.
Nobody wants to live in a world where a bug in a contract lets people steal
your money and you can't get it back, even when you can prove who did it. We
have contract law to deal with this stuff in the real world.

The problem is, if smart contracts are subject to human governance, what
advantages do they have over any other kind of contract? How can they be
trusted more than anything else that is subject to human governance? Automatic
execution of contracts is nice, but if history can be rewritten later, you
can't really build a deterministic system on top of them.

~~~
seibelj
I think "smart contract" is a bad name for what it truly is - a program that
runs on the blockchain. I tell programmers to think of smart contracts as
programs.

An Ethereum smart contract (program) may be useful when applied to a problem
currently solved with a legal contract. But not necessarily.

MakerDAO[0] is a project that achieves a token (Dai) that is termed a
"stablecoin" as its value is soft pegged to $1 USD. It was launched in late
December and has been very successful thus far. Maker achieves this with a
series of smart contracts and operates entirely within the blockchain.
MakerDAO is the type of project that is unique to smart contracts and is not
possible without Ethereum or similar technology. These are the types of
projects you should consider when analyzing the longterm technological
capabilities of Ethereum. Imagining a world where paper contracts are replaced
with Ethereum smart contracts is a misconception.

[0] [https://makerdao.com/](https://makerdao.com/)

~~~
twblalock
It's ironic that a crypto project seeking stability decides to peg its
valuation against a fiat currency, i.e. the US dollar.

~~~
profalseidol
As always, you'll have to read into the details. MakerDAO doesn't exactly peg
it's value to the US dollar. Here's a good interview about how it works -
[https://www.youtube.com/watch?v=ZggkzPJ5Yt4](https://www.youtube.com/watch?v=ZggkzPJ5Yt4)

------
ryan-c
The person who wrote this EIP works for Parity.

If we're going to be fixing shit like this, can we also restore funds to the
poor guy who got robbed of 41k ether?

[https://medium.com/taptrust/frozen-the-story-of-the-
largest-...](https://medium.com/taptrust/frozen-the-story-of-the-largest-
wallet-burglary-in-ethereums-history-a-massive-mystery-and-a-1b0a81f3ee88)

[https://www.coindesk.com/35-million-refund-developer-
appeals...](https://www.coindesk.com/35-million-refund-developer-appeals-
ethereum-hard-fork-hack-reversal/)

~~~
slavik81
> the hack happened because of a weak passphrase [...] Levy [expected] his
> private key would still be needed to access the wallet. But the wallet
> generation tool Levy used, developed by ethereum creator Vitalik Buterin,
> had a critical flaw in that others could access the wallet just with the
> passphrase.

Neither gpg nor ssh keys work that way. Why would Vitalik design the etherium
wallet key like that? The passphrase is the last line of defense against
people who have managed to access to your system, it's not the first and only
defense against remote attackers.

~~~
mabbo
> Why would Vitalik design the etherium wallet key like that?

Because he may be very clever at having come up with this whole ethereum
system, but that doesn't mean he's wise and experienced. It's a rookie
mistake, made by a rookie. It happens. He seems the type to learn from it at
least.

~~~
ibarrac
No, the tool works like a brainwallet. The seed phrase determines the ethereum
public and private keys. That way there is nothing else to save, no file
backup is necessary. Knowledge of the seed phrase is sufficient. That's a
feature, not a bug.

It is not like gpg where the private key is independent, stored on disk and
encrypted by the passphrase.

The user messed up in that he didn't understand that he needed to use a strong
passphrase or it was possible for anyone in the world to guess it.

~~~
Buge
>No, the tool works like a brainwallet.

Are you saying that is a good thing? It's well known that brainwallet is a
footgun.

[https://en.bitcoin.it/wiki/Brainwallet](https://en.bitcoin.it/wiki/Brainwallet)

>An early old-style brainwallet was created by by memorization of a passphrase
and converting it a private key with a hashing or key derivation algorithm
(example: SHA256). That private key is then used to compute a Bitcoin address.
This method was found to be very insecure and should not be used. Humans are
not a good source of entropy.

------
Everlag
From diving in, it looks like the contract backing a smart wallet
implementation had a vulnerability/bug/design flaw allowing an arbitrary actor
to kill it[0]. It looks like these contracts are treated as a shared library
so the contract being killed means any wallet depending on it is bricked.

The solution here seems to be a hard fork of Ethereum to allow revival of that
problem contract. This seems unpalatable as, well, avoiding extensive human
intervention is a key idea in cryptocoins.

Disclaimer: I got off the cryptocoin train awhile back so if I've mistaken
anything, please point it out.

[0]
[https://github.com/paritytech/parity/issues/6995](https://github.com/paritytech/parity/issues/6995)

~~~
ameliaquining
It's not the first time Ethereum has hard-forked to roll back a sufficiently
bad bug in a smart contract, and it probably won't be the last. They
periodically do hard-forks for other reasons as well. Eventually they might
declare it 1.0 and stop doing this, but that's not how it's managed today. At
this point I think users accept this as a risk of using Ethereum. Of course
anyone who doesn't like it is free to try to keep the old chain alive (indeed,
Ethereum Classic is still a thing that exists).

~~~
cslarson
Ethereum Classic also hard forks in order to make changes and other upgrades
to it's protocol.

Ethereum has not yet hard forked to enact this proposal. At the moment it
looks very unlikely to gain the support needed.

------
dahdum
The debate is mostly happening here:

[https://www.reddit.com/r/ethereum/comments/8cdqi8/restore_co...](https://www.reddit.com/r/ethereum/comments/8cdqi8/restore_contract_code_at/)

This change has no consensus like the DAO fix did, and the problem it fixes is
both negligible and self inflicted.

~~~
Animats
Points made there:

1) The proposed transaction is a dilution. It reduces the value of everyone
else's Ether by a payout to Parity.

2) Businesses which use the Etherium system but aren't closely associated with
the insiders are at a disadvantage when the insiders can recover from their
mistakes, but outsiders cannot.

~~~
5chdn
Curious why people think so w.r.t. (2). Anyone can submit a proposal.

~~~
xref
for the reason he said in (2), insiders like Parity have much better odds of
having their EIP accepted.

but it is your proposal so you knew that.

------
adamnemecek
Shit like this will kill eth. If anyone seriously working on this (any anyone
with any vested interest in shit like this not happening) wants to have an
informal chat about fixing this, I think I have some ideas on fixing this.
It's quite legit, if I can say so. Check my profile for email.

~~~
Karunamon
Serious, not at all snarky question:

It seems like the Ether devs will mess with the block chain anytime something
happens. This seems like a terrible way to manage one of the unique coins in
the crypto space.

With that said, aren’t they worried about the risk this conveys to oncomers?
Wouldn’t anyone think twice if there’s going to be a fork anytime someone
screws up a contract at large enough magnitude?

~~~
pjc50
Ironically, providing a means to reverse disasters is probably good for
Etherum; it reduces the number of investors who leave because they've been
burned.

~~~
gruez
It also kills one of the main selling points, which is that code = law. If you
want human intervention, go with regular contracts.

~~~
pjc50
Unfortunately, code = bugs.

~~~
wolfgke
I claim that the law is much more full of bugs than typical code.

------
mbrock
It seems like most people in this thread don't understand that this is just a
proposal made by the firm that lost funds and there is very little indication
that it will be supported either by the Ethereum Foundation or by the
community at large.

------
consto
If this is accepted and implemented, could someone explain how Ethereum is a
_decentralised_ cryptocurrency?

~~~
jaaames
It's not. The Ethereum foundation will continue to merge EIPs like this that
benefit them and their cronies.

The whole ETH/ETC fork was because they messed up the DAO contract, which set
a precedent for "code is law, except when it doesn't suit us".

~~~
cslarson
This EIP has not been enacted via a hard fork and from the looks of it doesn't
have the required support.

The ETC fork happened very early and affected some large percentage of
available tokens - I think 15% or so.

------
geoah
Related PR
[https://github.com/ethereum/EIPs/pull/999](https://github.com/ethereum/EIPs/pull/999)

------
bhouston
Is the affected associates of Vitalik, the benevolent dictator of Ethereum?
Then this may get in.

I mention this because the DAO losses were address by a hard fork.

If enough money is at stake it would be advantageous for Vitalik and other
core maintainers to allow for people to pay on getting their PRs accepted.
This PR would restore I understand about >$100M in funds. This type of patch
is surely worth money in order to accept.

At least if Vitalik and friends took money in order to do these types of
arbitrary patch PRs to fix other people's problems, then it would at least be
a fair playing field.

Is Vitalik and other core maintainers already getting paid by the people
proposing these types of PRs?

~~~
adrianN
If you believe a system where people with more money get more votes to be
fair.

~~~
bhouston
At least it wouldn't be based on who Vitalik knows personally. I would rather
a transparent system that operates with known principles rather than one that
is arbitrary and based on knowing Vitalik.

------
Tepix
I know it's not a very popular opinion but I think this is a good idea
(disclaimer: i am not affected by this issue). The tech is there for the
people, not the other way round.

~~~
rebuilder
On the other hand, if you want human arbitration of contracts, then it seems
like that is already available outside the crypto space.

It's not a cut-and-dried issue, but personally I do tend towards the view that
interfering in contracts via hard forks undermines the credibility of the
whole idea behind smart contracts. As it is, it seems smart contracts simply
do not work as they should. They seem to be vulnerable to both technical _and_
political risks, which is actually worse than a regular contract.

~~~
Tepix
It would be part of a planned hard fork (for other reasons). There will not be
a hard fork just for this issue.

------
raverbashing
I'm still aghast that "smart contracts" are procedural programs. No wonder a
lot of bugs derive from them.

Contracts are functional, being procedural should be the exception.

They should be functional, scoped, limited (by the VM inclusive), testable.

~~~
davesque
The Ethereum VM accepts opcodes like any other modern computing platform.
There's a lot of work going into formal verification of contract code. There's
nothing in principle that prevents compilation of smart contracts into VM code
via a formally verified compiler that implements a functional language.

~~~
KirinDave
Except the majority of the Ethereum community being ideologically opposed...

~~~
DennisP
I'm an Ethereum smart contract dev/auditor and active in the community. I'm
not aware of any ideological opposition to more functional or verifiable
languages.

In fact, there are several new languages in development to move things in that
direction, including Vyper (originally designed by Vitalik) and Bamboo
(designed by the person employed by the EF to work on formal verification).

~~~
KirinDave
My experience proposing actual use of these has been met with complaint and
actual jeers in social circles. Further, it's pretty depressing that you
suggest Vyper and Bamboo actually offer more formal verification or even
correctness.

I don't see either trying to adopt approaches more like Simplicity.

------
viach
I propose to roll Ethereum price back to 2015 for just a day, as a lot of
people I know missed it and didn't manage to buy.

------
Intellikon
No. Just No. This is no different than the bank bailouts that inspired the
creation of cryptocurrency. Is Parity too big to fail? If the answer is 'yes',
then It's ime to convert all your ETH to ETC.

------
raldi
Can someone explain this in terms understandable to a software engineer with
familiarity with cryptocurrency in general but no specific knowledge of ETH?

~~~
peterkelly
Ethereum is sort of like Bitcoin, but includes a Turing-complete scripting
language. Programs written in this language are called "smart contracts", and
can do a much wider range of things than simply dealing with currency.

One of the core principles of blockchain technology is immutability - that is,
once a transaction becomes part of a blockchain, it stays there forever and
can never be undone. In the case of Ethereum, this also includes smart
contracts.

An advantage of immutable contracts is that users can trust that it will
always operate in exactly the way the code was written, and the developer who
wrote the contract cannot change the rules, or alter the "terms of service" as
so often happens in centralised systems. A disadvantage of immutable contracts
is that if there is a bug in the code, it remains there permanently and can
never be fixed. In this particular case, there was a bug that allowed someone
to instruct the contract to "self destruct" (refuse to process any more
transactions), thereby locking away a large amount of ETH.

EIP stands for Ethereum Improvement Proposal. This particular proposal (which,
as I understand, has not yet been accepted) would alter the Ethereum protocol
to handle this specific contract address specially in such a way that reverses
effects of the unintended self-destruction, allowing the lost funds to be
recovered. This goes against the principle that the blockchain must be
immutable, otherwise known as "code is law".

Breaking immutability in such a manner is highly controversial; the debate is
about whether the development team should make a one-off fix for this
particular case because a lot of people lost a lot of money (or rather ETH),
or whether they should leave things as-is to avoid destroying trust in
Ethereum's promise of immutability.

This has happened previously on one occasion; see
[https://en.wikipedia.org/wiki/The_DAO_(organization)](https://en.wikipedia.org/wiki/The_DAO_\(organization\))

~~~
tylersmith
While I disagreed with the DAO fork and disagree with this EIP, neither of
them changed immutability. The problematic transactions are still there. These
are irregular state transitions that are normally illegal but are hardcoded to
be allowed as special one-off favors.

------
knorker
I'm shocked, SHOCKED, to see that what the banking system has realised
hundreds or thousands of years ago, that sometimes things go wrong and you
need to undo it, is actually true. Cryptocurrencies deliberately design around
what society has _deliberately_ put in place, because _that 's what we want_.

------
kevindong
Problems like this are a critical flaw in cryptocurrencies. When something
goes horribly wrong, who do you go to for help? You don't have a right to
recourse with cryptocurrencies. With real money, you have legal rights that
can be exercised by simply filing a complaint with the bank. If that doesn't
go well, you go to the regulatory agencies or the courts.

Furthermore, if you do succeed in getting help from the community/central
committee then you just defeated a goal of cryptocurrencies. Taken directly
from the first paragraph of the homepage of the Ethereum website [0]:

> Ethereum is a decentralized platform that runs smart contracts: applications
> that run exactly as programmed without any possibility of downtime,
> censorship, fraud or third-party interference.

[0]: [https://www.ethereum.org/](https://www.ethereum.org/)

~~~
davesque
Remember, however, that's there's nothing about "real" money that
intrinsically bestows upon its users some set of legal rights. Traditional
currency users have legal rights because the legal system has had enough time
to evolve to handle them properly. A lot of current crypto systems don't
specifically include mechanisms for recovery of funds (and, as you point out,
many of them claim this shouldn't happen) but that doesn't mean it's not
technically possible somehow.

------
coralreef
Can someone explain where the balance is?

[https://etherscan.io/address/0x863df6bfa4469f3ead0be8f9f2aae...](https://etherscan.io/address/0x863df6bfa4469f3ead0be8f9f2aae51c91a907b4)

~~~
ryan-c
My understanding is that contract code is a "library" of sorts, that was
imported or called by parity multisig wallets.

~~~
5chdn
Exactly. It is the library used by hundreds of wallets. The library itself
does not hold any balance.

------
pimpindots
Assuming that in the future most businesses use crytocurrencies (which I think
we can all agree on would be awesome and better than what exists), they will
need to be able to access their money even if they make a mistake.

We're not taking money from you or I and giving it to a failing institution (a
bailout). We are setting up a procedure so that when mistakes are inevitably
made, someone can still access their funds.

After all we all agree it is all of these company's funds, right?

------
AlexCoventry
A relevant earlier EIP, which I assume this conforms to:

> Provide a standardized format for Ethereum Recovery Proposals (ERPs), which
> relate to recovery of certain classes of lost funds. Individual ERPs will
> follow the same process as any EIP, but will be formatted and evaluated in a
> standard way to ensure consistency and transparency.

~~~
5chdn
EIP 867 which you are referring to is in limbo, this is not conforming with
the ERP.

------
late2part
How is this different from the Federal Reserve and Treasury deciding to "save"
Bear Stearns but not Lehman?

------
julienfr112
Is it time for a second ETC fork ?

------
cyptus
this post breaks hacker news mobile page to scroll horizontal

------
_bxg1
The future is weird.

------
xer
This is corruption.

------
dustingetz
is there a reason eth’s contracts aren’t coded in haskell or similar

