
ERCFund: An open-end fund smart contract for the Ethereum blockchain - ScJa
https://github.com/ScJa/ercfund
======
amluto
I'm not an Ethereum expert by any stretch of the imagination, but I do know a
bit about funds. This fund appears to suffer from an exploitable race
condition. Suppose the owner of the fund changes the price by more than ~6% in
a single transaction. Then anyone who has the power to race with the owner can
buy at hte old price and sell at the new price or vice versa. Instant
arbitrage!

This looks like it can probably by mitigated by changing the price in tiny
steps and waiting for confirmations (slow and expensive) or by withdrawing the
entire Ether balance of the fund, waiting for confirmation, changing the
price, waiting for confirmation, and re-adding the balance (slow, expensive,
and very very annoying).

Also, I would be amazed if this fund were not deemed a regulated security, in
which case, if the operator is going to comply with securities laws, I see no
benefit to using a smart contract at all.

Also, 3% fees for each transaction? Yikes!

~~~
ScJa
Hey, thanks for the feedback. Your points are definitely valid and are
something that I have given some thought in the past.

It seems really difficult to prevent arbitrage while still keeping the gas
cost for price update low. This is one of the reasons why I defaulted at a 3%
fee (which is ofc changeable as preferred), this could encourage share-holders
to trade their tokens with potential buyers instead of minting/burning them.
Another option could be to split the price into a "purchase-price" and a
"withdraw-price" which are apart from each other to some degree.

The idea by dynamically minting tokens for me was mainly to reduce the chance
for a premium. Many funds in the past, like the TaaS.fund and ICONOMI have had
huge premiums of 30%+, which is not ideal for either party.

It will would defnitely be considered a security in the US I believe, but it
was not my goal to setup a fund structure to avoid taxation. By being on the
blockchain it is potentially possible to use it cross-borders.

~~~
snissn
Why not have a fixed fee price per transaction? Also sorry if I'm not fully
understanding things

~~~
thisisit
There is an inherent issue with market making on a blockchain. Here's my
understanding of it, maybe amluto and ScJa can correct me if I am wrong.

Let's say X coin is worth 1 ETH now. As we are using a decenteralized market
this price is stored in the blockchain.

Now, an hour later someone wants to buy X coin at 1.2 ETH. This information
needs to be updated in the blockchain. But then the update has to go through
confirmation etc. So till the time price is fixed, this intent is stored in
the blockchain mempool.

There are two issues here. The price intent is public now. And a miner can
selectively delay including this price change in a block.

So, if someone is able to read the intent he/she can race with the fund owner
and buy the coin at 1 ETH. Once the price change happens they can now sell the
coins back to the contract at 1.2 ETH.

------
aaron-lebo
I half expect to wake up some morning and find out that someone has figured
out the killer app (mass market) for Eth or the blockchain in general, but
stuff like this also makes me wonder if it can go on indefinitely, without
producing any real value other than investing in itself with money hungry
crowds and hopefuls (especially those invested) propping it up.

It's been years since Eth launched and this and Cryptokitties are about it.

 _Currently investing in a range of different cryptocurrencies requires a lot
of technical knowledge. This has spawned the need for easy way to invest while
reducing entry barriers._

Ex. Is a lack of funding something that's really limiting what's possible
there? You'd figure with the millions thrown at projects that don't have
anything to show (Eth at the beginning, even), that if there was really some
problem searching for a solution, someone would have hit it. I suppose that
could seem luddite-ish.

~~~
simias
Your comment got me curious to see what ICOs look like nowadays so I went
looking for a list of active ICOs. I'm not sure how trustworthy it is but I
ended up here: [https://iconow.net/ico-listing-active-
icos/](https://iconow.net/ico-listing-active-icos/)

If I can trust the various websites linked it seems that it's still relatively
easy to get millions of dollars worth of "investment" by making a fancy
website and a rather vague whitepaper (no previous experience or proof of
concept required). The "red lantern" one at the top of the list who claims to
be about "sexual education" is pretty transparently a prostitution app whose
ICO currently nears $1 million. Looks like it's still the wild west over
there.

------
thisisit
My first reaction was that this looks cool. A friend has been looking for an
open ended fund/ICO on the ethereum blockchain.

But, reading through this has left me confused as to what am I looking at? I
can be wrong but my understanding is that this is meant to serve as a
framework for anyone who wants to start an open-ended fund. If that is the
case - what kind of audits have been done on the code?

~~~
ScJa
Hey, sorry to hear that my descriptions are not clear enough.

It should indeed serve as a framework for potential investors to reduce the
entry barrier of the crypto-sector. It is not my goal to monetize this
software in any way.

There are no audits done on it, it is a project I mainly programmed on my own
with some feedback of other developers. By publishing it on Github my
intention is to collect feedback and maybe achieve some sort of "community-
auditing".

But don't get me wrong I would suggest for anyone wanting to use this suite of
smart contracts to get a professional audit done if large sums are involved.

------
patrickaljord
I hope it will work better than the DAO.

[https://en.wikipedia.org/wiki/The_DAO_(organization)#History](https://en.wikipedia.org/wiki/The_DAO_\(organization\)#History)

~~~
admax88q
Don't worry, if it doesn't than the network will just fork to return all
investors money. Because "the code is the contract" except when it's not.

~~~
Karunamon
Snarky but true. Why would anyone ever get involved in a popular smart
contract when the network devs have shown they’ll play god with the block
chain when it doesn’t come out their way? It’s definitely given me pause...

