Hacker News new | comments | show | ask | jobs | submit login

Unlike traditional contracts, the idea was that smart contracts were going to eliminate the need for enforcement or dispute resolution. So that law is enshrined in code.

But this incident has set a precedent, at least within Ethereum, that the project leadership will intervene to enforce the spirit of a smart contract.

So what now are the benefits of Ethereum smart contracts over the traditional legal system?

The way I see it, at least with traditional contracts you have the benefit of a trained and experienced judge making the call in case of a serious problem.




Agreed. If this soft and hard fork idea really goes through, it seems that now you are in fact getting the worst of both worlds: For your contract, you have to write code that apparently is very hard to get right and bug-free[1], while at the same time you are at the whim of a "community" -- whose decisions (sorry, "suggestions") can apparently be announced by one guy in a blog post -- not to deem what you are doing an "attack".

PS: Also a second thought: Given that the "attacker" used apparently existing functionality of the DAO and that the DAO site clearly states "[n]othing in this explanation of terms or in any other document or communication may modify or add any additional obligations or guarantees beyond those set forth in The DAO’s code", I am wondering: If this (as measured by the DAO code: rightfully obtained) ether is now taken from him/her, might this not be an opportunity to sue the developers implementing this fork in a real-world court?

[1]: http://hackingdistributed.com/2016/06/16/scanning-live-ether...


I think this comment on the original blog post says it very well:

"To be clear, if this happened due to an exploit in the software, then I can accept a hard fork fixing the issue. However, if the DAO team made a mistake in the way they designed their smart contract, as an issue of principle, they should not be "bailed out" by the Ethereum team because they are "to big to fail." Hard lessons like these teach the cryptocurrency community at large to do their homework and to be excessively (and obsessively) diligent with their security."

I agree with this.


Do you own ethereum that will undoubtedly fall in value if the attacker is allowed to start dumping their earnings? It's within the network at larges interest to fork, so that is what will happen.


"Do you own ethereum that will undoubtedly fall in value if the attacker is allowed to start dumping their earnings?"

No, I do not own any ethereum and have had only a casual interest in the entire project. My own investments have been in "Oh By Codes"[1] most recently :)

[1] https://0x.co


> Agreed. If this soft and hard fork idea really goes through, it seems that now you are in fact getting the worst of both worlds: For your contract, you have to write code that apparently is very hard to get right and bug-free[1], while at the same time you are at the whim of a "community" -- whose decisions (sorry, "suggestions") can apparently be announced by one guy in a blog post -- not to deem what you are doing an "attack".

That's not really fair. His decree does not make it so. It still must be accepted by a majority of the miners, and this is and always has been a known property of the system. The collective will of the miners ultimately trumps the contract system. However, consensus there is purposely extremely difficult to achieve, and likely only possible in extreme cases like this.

Since this was a known property of the system, and since the agreement is inherently democratic, I don't see how this is a problem. Hard forks are simply another behavior of the network. Nothing more, nothing less.


The troubling issue with the system that this highlights is that a majority of users can agree to implement a fork which invalidates an existing contract.

As you say, that's a known property of the system. And it might be one of those things that's only viable in practice when the network is young. But can a CFO be considered to have satisfied their fiduciary duty if they write a contract which can be subverted in this way?


Ya, it's a tricky issue to be sure. But the miners are strongly incentivized to act in a way that minimizes harm to the currency itself. If they start accepting hard forks left and right then ether will lose all its value extremely rapidly. So i'm not really sure the slippery slope argument applies here.

I think this really can be considered a 'one time thing'. It isn't like miners can be pressured by a government to halt contracts for terrorists or other things. They have to be convinced and agree with the argument being made. There isn't a sole individual to whom pressure can be applied here. Granted, Vitalik may wield some influence, but if he started advocating things that were clearly not in the best interest of Ethereum, people simply wouldn't take on his suggested upgrades.

EDIT: I'd also add that for the record, as a DAO token holder, my personal opinion on what should be done is this: A soft fork to prevent ether from moving out of the child DAO, and then nothing. Just burn that ether forever. This avoids the moral hazard problem while minimizing harm to the overall ecosystem. People like me who made the mistake of investing still feel the pain, but Ethereum itself moves forward.


I respect that position, the moral hazard question is quite significant, particularly this early in the lifecycle of this network.


This basically sounds like, should we bail out Greece?


Commenting on your second thought: I hoped that people behind DAO (and Ethereum?) will stick to the terms they themselves proposed but it seems they will push hard for forking the chain (see: Ethereum blog).


The DAO was officially introduced by slock.it with "the code of the contract is the absolute truth, any other description is just a guideline", which was hailed as a new miracle by the investors, but now that it doesn't mean mountains of gold the founding principles are suddenly not important anymore, it seems.

The "hacker" simply used the DAO as it was meant to be used (i.e. according to the smart contract code), and deserves the funds. If there is a hard fork, I hope he sues slock.it for controlling the DAO, and for stealing the funds he is owed according to their own terms ("The contract is king").


Whenever they're about to lose, those with the power to do so usually change the rules to ensure they win. Cryptocurrency developers are rarely an exception to that.

Actually, the Bitcoin devs deserve a huge amount of credit for not attempting to "improve" the block reward or total supply during their multi-year bleed down from $1200->$200.


Maybe someone can write an insurance contract that future DAO authors can hire, as an alternative to interventions. It would have to be bug free.


Step 1: Write an insurance contract against the malicious use of Ethereum

Step 2: Find someone foolish enough to accept the other side of the insurance contract, in a world where "insurance fraud" is no excuse

Step 3: Use Ethereum maliciously, stealing your own Ether under another identity

Step 4: Collect insurance

Step 5: Profit (in Ether)

Step 6: Good luck turning your Ether into actual money when people figure out how broken everything about it is


This is a smart response. The insurance company could also review the contract code in order to provide cover -- this would give investors extra confidence.


Suppose that I want to make a medical device, and I want to get liability insurance for when a bug in its code administers a lethal dose of radiation to a patient.

Is there any extant insurance company that would want to review my code in exchange for a lower premium?

If not, why would one be willing to do this for a flash-in-the-pan cryptocurrency, but not a useful, real-world device?


For an insurance policy like that, they wouldn't offer any policy without auditing the device, including the code.



Sounds like kernel space code.


It might also be a question of survival. If $36 million+ is drained from the DAO itself unintentionally at such an early stage, can they continue, and how confident can anyone be that their implementation will be successful if the reference implementation itself is not?


If the DAO is not ready for survival now, then no amount of protecting it will make it ready for survival. What will make the DAO survive is code that only contains bugs that are too difficult to find relative to the value of finding them.


> might this not be an opportunity to sue the developers implementing this fork in a real-world court?

That would make for a very interesting trial, where a very rigid ideology would be put to the test.


> the project leadership will intervene

The project leadership can only propose change. Change requires "ratification" by a majority of miners as well as the support of node operators and holders.

> So what now are the benefits of Ethereum smart contracts over the traditional legal system?

The contract can only be invalidated by a significant majority / supermajority of the community through the consensus process. Therefore this is unlikely to happen often if ever, and if so, only in very extreme, clear circumstances in which the entire community is in jeopardy. [0]

[0] Theoretically.


Not a single TheDAO proposal has even been close to reaching a quorum [0] to pass a vote. How is this ratification supposed to happen?

[0] https://dao.report/?sort=popular&keywords&status%5B0%5D=1&st...


So far there hasn't been a single serious proposal, so naturally nobody is voting.


That's not true.

Proposal #5 "Moratorium on proposals" only reached 8.86% of 20% quorum before voting ended.

Yet the moratorium is already in effect... as you can see there aren't any other real proposals out. Everyone is waiting to sort out these huge bugs in the framework.

https://www.reddit.com/r/ethereum/comments/4ns5nl/news_on_th...


I'm a Dao member (or at least I was this morning..!) and didn't vote on that one -- I didn't see the point in voting on proposals that are polls as opposed to votes on moving money to a specific address. There are forums to discuss general strategy, doesn't need to be a poll.


>But this incident has set a precedent, at least within Ethereum, that the project leadership will intervene to enforce the spirit of a smart contract.

It is the beginning of a precedent but precedent is fairly weak because Ethereum in its early stages and very experimental (many hard forks are in Ethereum future). Bitcoin rolled back the blockchain at one point as well but it wouldn't happen today.

>So what now are the benefits of Ethereum smart contracts over the traditional legal system?

My view is that smart contracts can most useful for low value contracts that you would never want to take to court. No judge wants to listen to two people arguing over 18 dollars.


Even if we agree that Ethereum is still in its early stages we have to ask whether this response is setting a good or bad precedent going forward.

Will the project leadership offer a soft- and/or hard-fork every time a poorly-implemented smart contract is exploited in a manner that is not intended by the contract creators?

If every smart contract is going to be "guaranteed" in this way, then this introduces significant overheads for the project and can also create moral hazard.

Alternatively, if only some contracts are "guaranteed" but not others, this can introduce opportunities for favouritism or discrimination...

Are cases only considered when they affect the ether price or where there is personal involvement with the contract? Is that fair?

Interventions and their resolution can also quickly get politicized just like the bank bailouts from the financial crisis.

It is not clear this is setting a good precedent.

Edit: reworded for clarity


Not to mention: you can use the mere claim of yourself knowing a bug in a smart contract to force the other side to do as you say. If it's sufficiently hard to check for bugs, the other party might accept the cost of doing as you say as cheaper than the cost of checking for bugs again.

This was a plot mechanism in some SciFi story I read a few years back. Edit: one of the in-universe early Revelation Space books.


In this particular case the contract holds 15% of all ether.

The fork won't be enacted unless a majority of the community agrees to run its code. That's not likely to happen except in extreme cases, like this one.


I don't think such a scenario is entirely neutral.

Because it implies that some contracts will have a greater probability of being "bailed out" if they are backed by more ether.

It may turn out to be a bad thing because it will establish the idea that not all Ethereum contracts are created equal.

And this can lead the system to be more centralized.


Is 15% really that extreme? This is a game; nothing of real value in the world is being created or destroyed (that wasn't already during mining). I personally hope the ethereum community decides to play this game out and not bail out the DAO. It's way too early in the social experiment to change the rules.


Lots of people have traded serious amounts of real money for those game tokens.


I agree that 15% may not be that extreme, but 15% is not all that's at stake. 100% of all ether existing has so far lost 20% of its value (relative to other currencies at the time of the article's writing). I wouldn't be surprised if it continued to drop further. This may cause enough panic among miners to actually get a majority to agree to a hard fork.

Edit: for the record, I don't own use Ethereum or own any ether, so I would also hope that a hard fork doesn't happen to bail out a single contract, but I have no financial incentive on the line.


In other words, this contract is too big to fail?


Perhaps, but:

a) It is being bailed out by referendum, not mandate. Everyone gets a vote, if you don't want to install the patch, don't do it.

b) The funds to bail it out are those stolen by the attacker. Nobody is asking people without DAO tokens to suddenly contribute their ether to restoring the DAO or take debt.


Is there really an attacker and stolen funds though?

I mean, the contract executed exactly as specified.

If the system was well designed, there would be no way to undo the results. Such a system may never exist, but the fact that ethereum can sometimes change contract results means it isn't living up to its ideals.


I disagree in part with (b). A hard fork could split the community and cause the price of ether to crash further. While miners who fork may not actually lose ether in the process, they may actively cause it to lose whatever value it has left.

Of course, miners not associated with the DAO would never normally consider risking such a thing, but the rapidly falling price of their ether may convince them that it's the safest move.


1) TARP arguably had a referendum immediately afterward in the form of the election.

2) The American people were paid back.


Exactly. This is being pitched as a negative, when really, consensus-based changes are probably always for the best.


Precisely, because this company is at the root of Ethereum. They can do these kinds of tomfoolery, and anyone who uses and trusts Ethereum is to blame for not doing their homework.


> But this incident has set a precedent, at least within Ethereum, that the project leadership will intervene to enforce the spirit of a smart contract.

This is really too bad. The best outcome would be for the community to learn from this and build tools and practices that make new contracts significantly more reliable.

Smart contract design practices will have to undergo the same kind of gradual hardening that web servers have over the past 20 years. Let's hope it happens a bit quicker.


Disagree. Over time, there will be less and less human intervention and people will be able to rely on a system of contracts assembled from tested and trusted components. And avoid expensive litigation fees.

Look, self-driving cars required humans to take over and require updates to deal with new challenges -- until they don't, or very rarely do.


In the place of litigation fees you pay software development fees. Not that I am really against it as a developer.

Smart contracts are different from self-driving cars in that the former have competing intents within while the latter have a common goal of "not hitting anything".


If anyone can intervene, intervention will happen, even if it takes a new law to make it so.

The only way to eliminate the human interpretation factor is to eliminate the possibility for human interpretation. This is effectively impossible in a pre-singularity world, so there can be no such thing as a contract enshrined in code which is binding.


Interesting from a practical perspective; I hope that ideologically we exercise enough restraint to prevent this historic circumstance.

Perhaps that is only a reasonable hope for values under $50-100M USD.


> the idea was that smart contracts were going to eliminate the need for enforcement or dispute resolution

Well that's the fantasy of the century. Has no one learned this lesson with Bitcoin? An electronic currency doesn't magically wave away the fact it's being built and used by humans.


IMO smart contracts are more about decentralized "serverless" services than they are about law contracts.

Personally I hate the term "smart contracts" because of the confusion they create on what they actually are.


I prefer robo contracts. Implies cheap and no humans (with pros and cons of all robo services). Code is only as smart as the humans who program it.


Yep. Ethereum just rendered themselves pointless.


This real highlights the genius of Satoshi imo. If she had not disappeared she would have surely become a benevolent dictator for life and thus a single point of failure. By being anonymous and going silent, that outcome was prevented.


The miners have always been the arbiters. That's implicit in verifying transactions via their consensus.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: