
Simple Contracts are Better Contracts: the Meltdown of the DAO - jackaltman
https://blog.blockstack.org/simple-contracts-are-better-contracts-what-we-can-learn-from-the-dao-6293214bad3a#.x8njdgum1
======
sandworm101
How many of the TheDAO Curator members are lawyers?

Contracts are agreements that are meant to be legally enforceable. The
enforcer has always been the King, a local governmental authority and a third
party. The very concept of a contract assumes the neutral third party. That
third party is to interpret the contract, identify potential scoundrels,
nullify illegal contracts and generally make sure everyone isn't playing
games. Smart contracts seek to sidestep that ancient structure by replacing
the neutral third party with an inflexible machine. Good luck with that.

Contract language is also meant as a manifestation of intent. Smart contracts
seek a perfect manifestation, dismissing all notions of imperfect knowledge or
misunderstanding. Typos rarely matter in real contracts. Intent can trump
language where appropriate. But in smart contracts typos are everything. Good
luck with that too.

~~~
tdaltonc
I'll make a prediction about where this is going longterm. Smart contracts
will take off despite their rigidity but we will start writing them to include
common law arbitration protocols. The arbiters will initially be 1 or more
human but as the block chain begins to evolve it's own common law(s), fuzzy
machine arbiters will emerge to fill the "incompleteness".

~~~
sandworm101
>>... to include common law arbitration protocols.

That's a great example of the sort of ambiguity that an arbitrator must deal
with. Do you mean to refer to "the common law" as in the body of law
descending from the brits, or do you mean the common law principals of
precedent and authority? Or do you mean only the concept of precedent by which
past decisions under similar fact patterns are used to inform decisions
regarding new fact patterns. I have some assumptions based on your choice of
language and my best guesses as to your cultural background, but good luck
finding a machine capable of such understanding. If we crack that, then much
of our culture is moot and the robots can be left to run things.

~~~
tdaltonc
I mean a "concept of precedent by which past decisions under similar fact
patterns are used to inform decisions regarding new fact patterns." Without
the need for territorial jurisdiction there will be many competing (but still
distinct) common law groups. Signatories would pick a lineage at signing (npm
install JAMS).

We'll start with human only arbiters, (panel of three from JAMS for example)
then moved to mixed panels, then totally mechanical arbiters will handle most
disputes once they're good enough.

~~~
TheSpiceIsLife
_then totally mechanical arbiters will handle most disputes once they 're good
enough._

I'm not seeing it. Who's going to enforce the outcomes of machine dispute
resolution? I mean, who's going to even want to sign up to the machine dispute
resolution? Not me, no way, that's the freaky dystopian future we're supposed
to be trying to avoid.

~~~
tdaltonc
Business wants a reliable and predictable legal system. They don't care that
the judge has a pulse. If the machine looses it and starts making terrible
decisions, people would just start using a different arbitration group. You
could probably even update old (well written) contracts to accommodate that.

~~~
sandworm101
Business wants a just and fair legal system.

Reliability and predictability are extraordinarily easy. For example: he who
pays the most to the judge wins. That's very reliable, very predictable. It
can be automated. Decisions can be taken instantaneously with absolute and
perfect certainty as to who should be the victor. But it isn't just or fair,
nor is it friendly to business.

~~~
xtian
Business wants to maximize profit. It supports justice and fairness to the
extent that they aid the production of profit and absolutely no further.

A just legal system may be imposed upon businesses, but the desire of each
business is to transform that system into one where it receives maximum
benefit for minimum expenditure.

Your example isn't desirable because it maximizes expenditure, not because it
minimizes justice.

------
grellas
Can code both embody and replace law for the exact function for which it is
set up?

DAO strives to execute through code an idealized pooled investment system by
which contract issues are resolved entirely by code and wholly apart from any
external societal legal or enforcement mechanisms.

All well and good but, where people are involved, code simply cannot define
all the relations needed to capture what the law does (and, indeed, and in
spite of its flaws, does very well indeed).

Consider the argument that the exploit here is not a flaw at all but just
another variation on what the code does, with the result that investors who
suddenly are $50M lighter in their wallets have not been harmed at all and
should have no recourse to any remedy to restore their funds to them. The idea
here is that the code _is_ the contract and, if that is what the code does,
well, that is what you bargained for, whether this is good or bad from any
particular moral perspective. Right at the entry point of the system is a
prominent disclaimer that says this in exact words. So a contract is a
contract. If you don't like the result, tough.

The participants here are wealthy and presumably sophisticated investors. What
if they aren't? What if this were marketed to a lot of gullible small
investors who were induced to part with their money through various
representations stating that their funds were entirely safe, subject only to
normal investment risks relating to the underlying companies they funded? What
does society do when people like this lose their life savings when some newly
discovered "feature" of the code allows a sharpie to walk away with their
funds? Are they to have no legal recourse because a "contract is a contract,"
especially if it embodied in code?

And what happens if a system is set up and the person or persons who find the
new "feature" enabling them to walk away with other people's funds are the
very people who organized the fund? Does law from the broader world step in to
provide a remedy to those who lost their money? Or does the "contract is a
contract, especially in code" logic work to deny any remedy to the
participants here as well?

And, setting aside any of the more extreme examples, what if it is simply the
case that those who did participate had reasonable expectations that any code
that would define and limit their rights would do all that was expected in
terms of defining their investments but would include safeguards that would
prevent anyone from simply coming in to remove their funds altogether (dare I
say "steal")? What if they were misled into having such expectations by
promoters of the venture who said or implied that such safeguards existed? Is
it enough to say that none of this matters because of some disclaimer buried
in fine print? Is all of this simply irrelevant just because a "contract is a
contract, especially in code"?

Contracts are part of any system of law that includes private property, and a
very important part at that.

But contracts can never define the totality of the law that applies to a given
situation, even if the parties swear up and down that that is their intent.

That is why securities laws exist, to help investors who get swindled by
sharpies with well-honed contracts.

That is why the laws relating to fraud exist, to help those who are misled by
others to their financial detriment.

Indeed, that is why a sophisticated body of laws exists relating to contracts
themselves, to cover cases where the intent of the parties is sometimes so
frustrated by one thing or another as to make it inequitable to enforce a
contract.

Law is and always has existed in multiple layers. Legislatures pass statutes
but courts exist to interpret them to cover specific cases as disputes arise.
The same with administrative regulations promulgated by agencies. Even within
the courts themselves, common law courts would declare legal "rules" only to
have courts of equity intervene to correct things where the "rules" led to
harsh or inequitable results.

Basically, all of this is another way of saying that human relations are
complex and any system of laws and justice needs to be able to handle such
complexity if it is to be worthy of being a system of justice.

Perhaps in narrow cases, things such as DAO can be set up to create a rich
guy's playground of sorts in which, for the overwhelming number of cases,
outside laws play no part within the self-contained system. Perhaps there is
even an ideal of some type to be realized here (get rid of lawyers, etc.).

But no such system can ever be utterly divorced from the rules of the broader
society. Ideal or no ideal, this is just not how the law works. Apart perhaps
from some survivalist society or other, people simply cannot exempt themselves
from the general rules of law no matter how much they desire to do so. They
can limit the application of such broader laws to a degree but, when key
bounds are transgressed, the law will apply in its full force regardless of
their intentions.

So, I would say that the curators here probably had no choice. It was either
do what they did or watch as lawsuits followed, probably in abundance. This
may have violated some ideal in play here but it was a pragmatic necessity
given how law in reality works (and always will work).

~~~
doctorpangloss
> But contracts can never define the totality of the law that applies to a
> given situation, even if the parties swear up and down that that is their
> intent.

I think this is true, and this is probably all you had to say.

> Can code both embody and replace law for the exact function for which it is
> set up?

Sure, yeah. 99.9999% of people in rich code-enforced transactional systems
like EVE Online and the NASDAQ order book are content with how code has
replaced and embodied the "law" (or more broadly, "how things work"), despite
the fact that people win and lose at this video game and in the real stock
market all the time. It's clearly not just about people being mad and losing a
ton of their money, because that happens in the stock market all the time but
losers rarely sue NASDAQ.

It's just when people do sue NASDAQ, hilariously, it's when there's bugs in
the order book / exchange code, or shutdowns of the market due to technical
errors. Do you see how that is different? What matters isn't whether or not a
"contract is a contract," but whether or not there are bugs.

A bug is a concrete thing. It's not something you can abstract away into your
bigger point about "human relations" and a "system of laws."

You can write a test for nearly all kinds of bugs and show very confidently
that whatever the issue was, it won't happen again. There's no such thing as
unit tests for laws, unless you get so abstract as to lose everything
essential about unit tests. You can reproduce bugs in code infinitely, but you
don't get to re-adjudicate disagreements in contracts infinitely. There's so
much that's different between disagreements over legal interpretations and a
software bug that you're missing why people view the fork as relatively
uncontroversial.

There was a bug in the code which led to an exploit. It isn't a refutation of
law being embodied in code. It's just a refutation that this particular
exciting contract system wasn't treated like the multi-hundred-million dollar
software product it turned out to be. The story is smaller than you make it to
be.

------
Animats
There are two fundamental problems with Etherium contracts.

1\. They're executable programs. They could have been a set of declarative
rules listed in priority order, but no, the designers went overboard and made
them general programs with loops and recursion. There are straightforward ways
to analyze sets of rules; they're usually amenable to case analysis. It's hard
to analyze programs.

Writing a declarative contract language is a challenge. But doing so forces
the designers to think through what they want the system to be able to do, and
what they don't want it to do. Doing contracts as executable programs is
punting on the problem. It says "we don't know how to do this, so we'll dump
the problem on the users."

2\. The stack overflow problem is idiotic. The system should have been
designed so that if a program aborts, anything it did is rolled back. That's
the design flaw this attack exploits.

~~~
drcode
To be fair, ethereum has bytecode at its base- almost certainly someone will
wrote a more declarative language on top of it now to help minimize the chance
that unexpected calling trees can lead to unexpected behavior.

Also, the existing solidity language is pretty well designed, it's just a hard
problem and an even better design may be needed.

~~~
Animats
_Almost certainly someone will wrote a more declarative language on top of it_

Papering over the mold seldom works. It makes things _easier_ , not _more
reliable_. See C++ templates.

~~~
drcode
A better example is Haskell, which usually compiles down to a low level C
dialect.

~~~
amaks
Any language can compile to the low level C dialect.

------
alistproducer2
Bailing out the DAO undermines the core value propositions of Ethereum -
contract immutability (stability) and decentralization. I understand that the
argument is "this is a special (ie, too big to fail) case; however, who can be
sure?

IMO the better way to handle this is to acknowledge the mistake and let it
fail. It's embarrassing I get it. Honestly, the big bank types who threw
millions at this tech without doing due diligence deserve to lose their shirt.
It's called speculation for a reason.

If the core team cares about the long term credibility of the project with the
people who real matter - the tech community - they will not bail it out.

Edit:

For anyone interested, there's a really great discussion on this subject at
the Ethereum reddit
[https://www.reddit.com/r/ethereum/comments/4oiqj7/critical_u...](https://www.reddit.com/r/ethereum/comments/4oiqj7/critical_update_re_dao_vulnerability/)

------
louprado
"Simple Contracts are Better Contracts" has always been the mantra of the
Ethereum and DAO team. Most times when a security question was raised, "simple
contracts" was their defacto answer [1].

This exploit suggests that the most competent developers in this space, who
always preached simple contracts, are not yet able to consistently write
secure contracts.

Also, the OP states the importance of being able to update a contract. As of
last year that meant the original contract MUST include a self-modifying code
provision. Self-modifying code doesn't align well with keeping your code
simple.

As an aside, "contracts" are Ethereum's raison d'être and the Ether currency
value is largely based on adoption. Even though this exploit did not expose a
flaw in the Ethereum block chain, the Ether sell-off is an expected
consequence.

Lastly does anyone have a link to the original contract code and how it could
be rewritten so that it isn't vulnerable to this exploit ?

[1]
[https://www.youtube.com/watch?v=cahj4WJtp20](https://www.youtube.com/watch?v=cahj4WJtp20)
Q&A at 42m44s is relevant.

Edit: corrected time stamp for above video

~~~
109129831023
"Most competent developers"? There are probably thousands of better informed
developers/researchers who would not attempt to set up such a company _before
they have stronger formal guarantees_.

Of course, if you want to be first-to-market, none of that seems to matter.

~~~
Avshalom
Strong formal guarantees are complicated see? and we run around telling
ourselves that simple is better, so we keep writing shit code.

------
alttab
Simple contracts then are only as scalable, reliable, and secure as the code
that runs off the blockchain.

Arguably, that defeats the whole purpose because it is then who controls the
code (since it is no longer decentralized), controls the contract.

If I'm reading this right (I'm not 100% sure of that), this is the equivalent
almost of not running a blockchain at all (if the idea is taken to its
finality).

Storing the who and the what of contracts has never really been the issue, its
been the execution and the honoring of the contract that man has not yet
solved.

But centralizing the code that runs the contracts, and taking it off the
blockchain doesn't sound like the way to do it.

~~~
TheSpiceIsLife
What is supposed to give us the impression the problem of contract execution
hasn't been solved?

A huge majority of contracts are never disputed, carried out to completion or
ran as a going concern without any issues. Contracts are routinely
renegotiated when one or both parties have a change in circumstances, or at
specific time intervals. Only a very tiny fraction of contracts are ever
disputed, and fewer of those reach the courts.

I don't understand the problem trying to be solved here.

~~~
sandworm101
>> I don't understand the problem trying to be solved here.

Lawyers. They want to get rid of the lawyers.

It's a common desire. Like politicians, you want to get rid of them up until
the day you actually need one. That day may have come for smart contracts.
Does anyone here doubt TheDAO are now seeking legal advice on this matter?

~~~
TheSpiceIsLife
Exactly. If you write a crummy contract but believe it is sound, then set out
to convince other people of it soundness, and they sign up and pour their
money in, and then the contract leaks, who's responsible? ... well, next
minute: lawyers.

We'll first have to invent, and deploy at scale, the immutable person before
we can have the perfect contract 100% of the time.

So long as people change, minds are fallible, misunderstandings and
disagreements continue to occur, interpretation and intent are going to be
fuzzy.

------
nzoschke
As a software engineer everything here rings true to me.

Use as simple of tools as possible when programming and offer many ways for
mere humans to change code and review correctness and review, approve and roll
back critical transactions.

But this sounds effectively like the status quo with credit cards and
Kickstarter.

So I'm not sure what a blockchain adds other than a different platform and
maintainers than the existing financial and group purchasing corporations.

------
brbsix
The AI equivalent to a recursive call bug are self-replicating Von Neumann
probe paperclip maximixers that consume the entire universe. We're going to be
in a world of hurt if we aren't able to sort this out. It's pretty essential
that machines are able to discern our intent or the spirit of our contracts
one way or another.

~~~
leetbulb
Easy solution: just hide all of the paper in some other universe :) On a
serious note, well said.

------
cyrillic
If the contract code can be upgraded by the majority of involved parties, it
would be simple to buy 51% of the voting power and change the code to pay out
everything else. Each takeover would double your wallet. Am I missing
something here?

~~~
brbsix
51% attacks are a known issue. A sustained 51% attack is pretty much an
existential threat to any blockchain. So I doubt the issue gets any better
when dealing with individual contracts.

[https://blog.ethereum.org/2014/05/15/long-range-attacks-
the-...](https://blog.ethereum.org/2014/05/15/long-range-attacks-the-serious-
problem-with-adaptive-proof-of-work/)

[http://ethereum.stackexchange.com/a/544](http://ethereum.stackexchange.com/a/544)

~~~
cyrillic
Thank you for your valuable input. The problem I see is not in having 51% of
the whole capacity of the blockchain, but of the smaller
entities/organizations/contract codes. With the proposed simple contracts, the
little 'start-up' contract codes with little voting power will easily get
acquired by bigger ones, which then vote for a code change to pay out the
remaining shares. This is much more realistic that the traditional 51%
attacks. Letting the majority of a small DAO-like organization vote for code
change (which translates to law-change) will not only be used to fix bugs, but
to change the contract to the majorities advantage. This may eventually result
in one single big contract code that incorporates every new organization on
the horizon.

~~~
nawitus
It should be possible to define that you need e.g. 90% of the shareholders to
approve a change to the contract. The 90% could still steal money from the
10%.

~~~
brbsix
It is. The example code for a DAO [0] illustrates how everything from minimum
quorum for proposals to margin of votes for a majority is configurable.
However like you said, so long as the contract is mutable, it's possible for a
majority to subvert it.

[0]: [https://www.ethereum.org/dao](https://www.ethereum.org/dao)

------
jcoffland
If simple contracts, where much of the code is off chain, are to be the way of
things it begs the question, why do we even need Turing complete contacts in
the first place. A blockchain could be created which has a few fixed rules
which enable the basics of a DAO with much lower risk.

------
simpleblend
I ended up writing an article explaining my position on the whole thing:
[https://blog.simpleblend.net/dao-attack-whos-
blame/](https://blog.simpleblend.net/dao-attack-whos-blame/)

------
modarts
Thought this was a commentary on the poor API contracts exposed by data access
objects

------
jawatson
I may be stepping outside of my area of expertise, but doesn't this seem like
a perfect place to apply formal verification tools? As long as the contract
isn't too long, it should be possible to ensure that the implementation
exactly matches the specification.

------
ybroze
I really wanted to know about the Data Access Object.

------
Aelinsaar
Just from reading commentators here at HN, it doesn't seem like these issues
were unforeseen. Rather, it seemed that whatever intense optimism exists
around cryptocurrencies is capable of overwhelming investor sense in return
for the promise of some ideological "win".

~~~
plttn
I feel like this might be a semi-unpopular opinion, but frankly I'm getting
tired of the idea that a blockchain is the solution to every single problem
the human race faces.

There's this almost religious level of looking the other way whenever there's
some sort of failure in a blockchain system, and they always say "that was a
one-off situation"

~~~
dredmorbius
I'm also finding the "blockchain all the things" concept ... perplexing.

I really don't understand the mechanism or dynamics.

It seems I'm not the only one.

There's a growing set of evidence of breakdown among institutions founded on
or around Blockchain: Bitcoin, MtGox, Ethereum, others.

And a profound failure to either understand or acknowledge (and I'm not sure
which of the two it is predominantly, or how much it varies by individual)
what money, currency, and contract actually are.

~~~
plttn
I'm not a dumb person by any stretch of the imagination, and I actually got
lost in the weeds when trying to read _The DAO_ 's website and what exactly it
does and how it works.

(which is a hilariously confusing thing to name a brand; "Which DAO are you
talking about?" "The DAO" "Yes but which one")

There's situations where blockchains are a good idea, but there's many cases
where they aren't.

------
draw_down
Code is law! Ohh, ummm, err, uhhh, except when we say it's not.

