Hacker News new | comments | ask | show | jobs | submit login

The paper points out that many of the Ponzi contracts on Etherium have exploitable bugs. Some can be induced to compute too much and thus run out of "gas", aborting. Some allow an attacker to change the party who gets the fees. Some can be stalled out with a suitably constructed transaction.

Making Etherium contracts a full byte code execution engine was a big mistake. That form is too bug-prone and led to the DAO debacle. It should have been something simpler, such as a decision table.[1] That simple declarative form can handle most useful business logic, but can't loop. It's always decidable and is easy to hand-check.

[1] https://en.wikipedia.org/wiki/Decision_table

Well, given that ether has appreciated 10x since the DAO debacle makes it somewhat unconvincing to use that as evidence of a design mistake.

   full byte code execution 
   engine was a big mistake
An even better scheme would have been proof-carrying code: a contract should have been a pair (c, p) where c is the program expressing the contract (in a Turing complete language) together with a proof p in a suitable program logic (for total correctness) that proves that c does not do a bad thing (e.g. consume too many resources). It's easy to check that the proof p is valid for c.

Too complex for the purpose.

Yes and no.

The proofs could be auto-generated for decision table based contracts, so a decision table could be a convenient DSL for simple contracts, without preventing more complicated contracts. The average contract writer would never need to see the full language or be exposed to proofs.

Try implementing the DAO as a decision table?

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact