
Oracles, or why smart contracts still haven’t changed the world - discovan
https://blog.smartdec.net/oracles-or-why-smart-contracts-still-havent-changed-the-world-69464999e1d3
======
takinola
The smart contracts concept has an inescapable flaw: it's software. The
problem is that software has bugs, ergo some smart contracts will have
exploitable bugs. So what happens when someone triggers the contract, based
not on the performance of the contract, but on a bug? Do you shrug and treat
the software as the final arbiter or do you go to court and seek redress? If
the former, then it may become profitable (and legal) to employ talented
hackers to go around cracking contracts. If the latter, then why not just
write the contract on paper from the start since courts have well established
traditions for dealing with paper contracts?

~~~
derefr
> If the latter, then why not just write the contract on paper from the start
> since courts have well established traditions for dealing with paper
> contracts?

Presumably because paper contracts don't scale; nor do they arbitrate
machine:machine interactions without human proxies on both sides.

~~~
ttul
Show me a few practical reasons you’d ever need a smart contract for this,
instead of just some code and an actual agreement between parties to place
nicely together?

~~~
derefr
Assume you have a two-sided markets of interacting agents who each only
interact once, like buyers and sellers.

Without any middleman, this doesn't work, because the parties are in a
prisoner's dilemma, rather than an _iterated_ prisoner's dilemma—nobody can
effectively punish the other party in a future transaction, so there's no
incentive to not screw the other party over.

Without smart contracts, what you need here is a "marketplace owner"—a legal
agent where both sides have a legal agreement with _them_. This changes the
situation so both sides are playing an iterated prisoner's dilemma _with the
marketplace owner_ , who can punish a user on either side for what they did to
a user on the other side in a previous one-off transaction.

But this marketplace-owner role is also known as a "middle man." Their role in
punishing defection is valuable enough that the market doesn't disappear if
they extract rent from both sides—and so they usually do. Ideally, we would
have an alternative where everything still works out, but where rent cannot be
extracted.

With smart contracts, the marketplace-owner role is performed by, essentially,
the buyers and sellers all automatically voting on whether a given transaction
was legitimate. The smart contract is just the specification both sides have
agreed to, in a given case, for judging the legitimacy of a transaction; and
the blockchain is just a database which all parties doing this auditing
synchronize amongst themselves, containing copies of both 1. those
specifications, and 2. all the data required to validate any new transaction
against them (which, in the case of a ledger-like transaction, is usually "all
the valid transactions executed so far").

There still needs to be a human-level legal recourse for disputes—but those
disputes would only ever be disputes about _the specification of transactional
legitimacy being wrongly specified_ , which are much rarer than disputes of
the form of "he defected!"/"no I didn't!", to the point that the service of
arbitrating such disputes would not be seen, at a human level, as valuable
enough to justify rent-extraction.

~~~
landryraccoon
> Assume you have a two-sided markets of interacting agents who each only
> interact once, like buyers and sellers.

Don’t we already have this? Street markets and retail shops and one off
websites and millions of other agents making up modern markets? It seems to
work fine.

~~~
derefr
> Street markets and retail shops

In cities with police forces. Purchases at street-markets don't devolve into
robbery because police forces disincentivize that. The municipality taxes you
for that service, and so is effectively a middleman and rent extractor for
these transactions.

Also, in cases where you've decided to trade using cash rather than to barter,
you're being protected from your counterparty paying with counterfeit
currency, by the state coming down rather harshly on counterfeiters, keeping
counterfeit currency out of the market. That's a service they provide in
exchange for state-level taxes. So, another middleman and rent extractor in
your transaction.

> one off websites

When this works, it's because the payment processor (Stripe, PayPal) is acting
as the middleman and rent-extractor.

Even without a payment processor, you can usually seek redress from your
credit card company (another middleman and rent-extractor.)

Also, a search engine probably acted as a _matchmaking agent_ to lead you to
reputable services (and so is also acting as a rent-extractor in a round-about
way, with sponsored ads and such.)

Without these parties in play, the Internet is _not_ a safe place to transact.
99.99% of credit card input forms on the internet (by volume) are those of
phishing domains. That's what a non-iterated prisoner's dilemma looks like.

~~~
ItsMe000001
Do I read this right - and this is a genuine question, not a rhetorical one -
"smart contracts" as tool to not have to rely on the state? Because to me it
seems tools like these are _exactly_ the ones that need a strong state (or a
strong mafia - when there is no state those with power create one for
themselves). I admit I have a hard time understanding what your point actually
is.

~~~
derefr
You read it about half-way right. Smart contracts make the state _less_
involved, but they don't eliminate its involvement in a transaction
altogether, any more than regular written contracts eliminate the state from a
transaction.

The state, or any actor for that matter, can fill multiple roles in a
transaction. Intermediating _all_ transactions is a bad role for _any_ actor
to be in (from every other actor's perspective), because it's one prone to
rent-extraction. Any time you hand money over to a second party _through_ a
third party, humans have enshrined the logic that the third party—if it's big
and powerful enough—can demand a cut of that transaction.

In all the cases I mentioned, the rent that is being extracted is a cut of all
regular transactions. Sales tax / VAT is rent; credit card fees are rent;
payment-processor fees are rent; and all of these are _percentages_. That is
why states, credit card companies, and payment processors all have billion-
(or trillion-)dollar budgets.

Imagine we eliminate that intermediation. Transactions flow directly between
buyer to seller, with nobody able to take a percentile cut of them. No rent is
extracted from the original transaction.

Now, in the case where a transaction doesn't go well, we do still want some
actor to _arbitrate disputes_ over a transaction. But, given the way legal
systems work, it's entirely possible to do that arbitration _after the fact_.
That is the whole idea of civil court, after all.

Such arbitrations usually result in the need for a recompensatory transaction
(i.e. a lien); and such transactions _need_ to be intermediated (i.e.
supervised) by a third-party, since the two parties have already proven that
they aren't mutually trustworthy. So there is a transaction here from which
you probably can't stop rent from being extracted.

But that's okay! Disputes happen very rarely, while regular transactions
happen _all the time_. The total cut of small-claims court, probate court,
etc. fees, is way smaller than the total revenue of sales tax. The total
amount paid to retain an arbitration service, is way smaller than the total
amount earned by operating an escrow service. Etc.

The state is essential! It just doesn't belong _between_ two people. It
belongs waiting behind two people, acting as the exception-handler which one
or both parties run to to report the transaction as having failed from their
perspective. _Then_ the state can step in. Much less work for the state; but
also, much less rent to extract.

~~~
terragon
This thread is fantastic for someone like me who never completely understood
the point of smart contracts. Thanks for laying it out so well.

------
ouid
>The success of recent years in the machine learning field will likely allow
us to determine outcomes of past events from indirect sources with acceptable
accuracy.

probably not

~~~
platz
The neural network told us to burn all the money, so we did.

------
joosters
Even if there were perfect, reliable oracles, ‘smart’ contracts still are
terrible. When something unexpected happens, the contract is guaranteed to
screw up, with no chance for human compromise.

~~~
tyre
I mean, that’s just kind of argument against…computers?

Code is itself a compromise. Do this thing for me, and in exchange for not
having to do the thing you lose flexibility.

~~~
TeMPOraL
> _I mean, that’s just kind of argument against…computers?_

No, it's an argument from programmers' common sense. Smart contracts are code,
and we all know that any program more complex than hello world will contain
bugs, due to both coding mistakes and errors in modeling the relevant aspects
of reality. Given that, binding people with (immutable!) code seems like an
extraordinarily bad idea.

~~~
derefr
I've never understood smart contracts as binding _people_ to anything in
particular. People can cash out of the cryptosystem and go do whatever. Smart
contracts are binding against _machine agents_ , who have no alternative
economy to participate in.

~~~
michaelscott
If it's exclusive to machine agents there are plenty of consensus-oriented
protocols already in existence that could accomplish the same goal without
relying on a blockchain. Machine agents are already bound by the code that
executes and models them, all you'd be doing is adding a layer of consensus-
driven redundancy for security reasons (both technical and social).

~~~
derefr
> there are plenty of consensus-oriented protocols already in existence that
> could accomplish the same goal without relying on a blockchain

Assume:

1\. a distributed system where the consensus algorithm is _state-dependent_
(in the sense that an SQL RDBMS that exposes the ability to insert
rules/triggers has state-dependent consensus—different MVCC states will see
different transactions as valid/invalid);

2\. malicious machine-agents (bot oracles) supplying arbitrary input into the
distributed system;

3\. the distributed system being open-membership, such that malicious people
are running auditing nodes (and so you can't really do Raft consensus);

4\. the distributed system being large enough that you can't really do Paxos
consensus in any efficient way.

Is there any other solution to this problem, than to use the consensus
algorithm of:

1\. have many nodes redundantly, eagerly audit a block of new inputs;

2\. on each step, choose of those blocks essentially by lottery (specifically,
a lottery no individual node on the distributed system can predict or cheaply
craft an input to win);

3\. allow anyone who wants to, to configure their node to fully verify past
blocks, such that enough nodes doing this will create "herd immunity",
diverging the system away from maliciously-crafted blocks.

Step 2 of the algorithm _requires_ Proof-of-Work (so far as we know); step 3
of the algorithm _requires_ an accessible chain of signed proofs to audit.
Together, those spell "blockchain."

~~~
TeMPOraL
Real-world applications rarely require all the assumptions that are necessary
for blockchain to be the best solution. For instance, some real-world systems
will not be distributed; others will be running under common ownership or
under ownership of people who trust each other mutually, etc.

There's this adage[0], that "organizations which design systems ... are
constrained to produce designs which are copies of the communication
structures of these organizations". It's usually meant negatively, but in this
case one can draw a positive conclusion - just like organizations don't need
the blockchain to efficiently do their businesses, automated systems designed
by those organizations may not need the blockchain either.

\--

[0] -
[https://en.wikipedia.org/wiki/Conway%27s_law](https://en.wikipedia.org/wiki/Conway%27s_law)

~~~
derefr
Sure, I don't disagree that many "blockchains" have no need to be such.

There is, in my mind, justification for there existing at least one
distributed computation substrate where machine-agents can basically play a
[https://en.wikipedia.org/wiki/Nomic](https://en.wikipedia.org/wiki/Nomic)
together, each asserting rules into the system, and then moving data
(including data representing physical assets, and new rules) around according
to the thusfar-established ruleset. Basically, an extensible distributed stock
market where different negotiable synthesized instruments, each with their own
rules, can be brought into being and traded, without needing to get buy-in
from anybody, by just throwing them on there and seeing if anybody is
interested.

(You know, the thing that there was enough pent-up demand for that the very
first even-somewhat-viable distributed computation substrate, Ethereum, was
forced into this shape despite not being very well-suited for the job, having
been designed for entirely different kinds of computation.)

That's pretty much the _only_ good case for a smart-contract blockchain _as
such_ that I know of, though.

~~~
jonnydubowsky
Thanks for introducing me to Nomic games. I think it would benefit those
interested in improving on current smart contract implementations to put away
the computer for a few days, and just map out the value stream and logical(and
often illogical) behavior of the humans, including whatever steps can be taken
to supercede the code, in the physical world. I wonder if Nick Szabo had any
interactions in this space before coming up with the first ideas for
implementing smart contracts. For those interested in the history of smart
contracts, check out
[https://en.m.wikipedia.org/wiki/Smart](https://en.m.wikipedia.org/wiki/Smart)
Contract .Szabo proposes that smart contract infrastructure can be implemented
by replicated asset registries and contract execution using cryptographic hash
chains and Byzantine fault tolerant replication. Askemos implemented this
approach in 2002 using Scheme later adding SQLite as contract script language.
The precursor to smart contracts was Ian Griggs idea on Ricardian Contracts
[https://en.m.wikipedia.org/wiki/Ricardian_contract](https://en.m.wikipedia.org/wiki/Ricardian_contract)

------
sparkie
If Satoshi had thought that a selected set of entities was an adequate
replacement for the central entity for control over the money system, he would
never have invented Bitcoin. The driving force behind Bitcoin was that it
doesn't matter how many entities you have. Every participant needs to be
treated as an equal party. Blockchains with "master nodes" are completely
missing the wood for the trees.

It really is a shame that we've got so many people trying to do smart
contracts "on the blockchain," when everything that they're attempting to
offer was previously possible before Bitcoin because their solutions
ultimately require a central entity or selected set of entities to work.

~~~
pishpash
Satoshi isn't God and designed for one extremal case for his experiment. The
whole spectrum from decentralization to centralization is valuable to someone.

~~~
sparkie
I just wonder how many people have heard of say, Secure Multi-Party
Computation, before they come to the conclusion that they need to print their
own money. Yao pioneered many interesting concepts which have basically been
swept under the rug because nobody is interested in something that isn't
"blockchain."

All blockchains are valuable to someone - the creator. They're cash cows. They
start with the premise that they need a blockchain (so they can print money),
and work backwards - what can we apply the blockchain to in order to convince
people to buy our token. How many cycles of pump and dumps we can go through
before people realize that it isn't going to work.

If everyone can and does print their own tokens, what are your tokens going to
be worth?

------
kartickv
Don't many contracts rely on something to be verified in the real world? If I
sign a contract with you to deliver 100kg of rice, and you claim I delivered
wheat instead, how can an algo decide that?

~~~
wslh
Via external sources, the blockchain cannot decide this independently and this
breaks the decentralization factor. Typical solutions is to use external
oracles with judges and penalty/rewards schemes.

I think it is worth to take a look to MakerDAO and how they handle external
oracles to create the DAI stable coin.

------
wslh
Oracles break decentralization. I can only imagine a relative secure oracle,
for example a weather sensor, as a set of devices/robots left on a remote
place and hiding from people/animals while signing data transactions. A lot of
thinking should be added to this to remain undetected and sending signals from
a remote place. This is the relative equivalent of having the most secure
computer in the world in a closed placed and unconnected.

Beyond this, before smart contracts change the world we need to
cryptocurrencies be useful and change the world. That is the simplest smart
contract case.

------
RoyTyrell
I could easily be missing the boat with smart contracts, but to me they seem
like a solution waiting for a problem. Perhaps for some smaller domain of
transactions such as paying for computing resources (rendering, numerical
analysis, etc), buying digital resources, or as an alternative to a
traditional escrow. Other than that, I don't see what society is really
missing out on by not having them.

~~~
discovan
\- to me they seem like a solution waiting for a problem

I feel exactly the same. However, SC are a very interesting technology. I
prefer to study it now, to be ready when the humanity is OK with electronic
money (cryptocurrencies) and come to electronic contracts.

------
momentmaker
chain.link - decentralized oracles

