Hacker News new | past | comments | ask | show | jobs | submit login
[flagged] Show HN: The last person to use this button gets $200+ USD, via Smart Contracts (thecryptobutton.com)
27 points by masterspy7 on Jan 25, 2018 | hide | past | favorite | 45 comments

Looks like the winner gets precisely 0:

    // The winner is responsible for withdrawing the funds
    // after the button expires
    function Win() public {
        require(msg.sender == winner);
        require(now > deadline);
        reward = 0;

Oh god, I messed up horribly. Will refund everyone who paid

No, no, don’t refund anyone! Code is Law. They knew what they were doing when they donated; refunding them would be moral hazard.

Fixed the contract and will refund anyone who clicked on the old contract

This is so funny.

Maybe put something on the site saying "Don't send anymore this contract is literally a black hole"

Did you not test it on the testnet?

And the tips can't be withdrawn either. All the money stays in the contract?

    function withdrawTips() public {
        // The owner can only withdraw the tips
        tips = 0;

Yea, all the money is gone forever... :( I added that code in last minute and wasn't even thinking when I did it.

Aaaand this is why code-as-law is a shit idea.

Not sure how function calls in ETH Smart Contracts but what prevents someone calling Countdown() function and extending by 3 hours?

Its a "constructor". It is called only once when contract is deployed to blockchain.

Makes sense. Thanks

Like mmozeiko said, it will only get called once. If it got called again, it would deploy a completely new instance of the contract.

There is zero chance I'll click the button, but an interesting idea of the goal is to pay to get the plugin on users machines and get people to discuss WTH.

That said the page is unclear in a few ways. What's the $1? Is that just to validate I have an account (meaning I get to keep it)? Is that the cost to enable the button, meaning once I transfer it I get unlimited future button clicks? Is that the cost per click of the button? Is that some inherent Etherium contract cost? Is there an inherent cost to clicking the button? If so, who set it, you or the blockchain processors?

It then brings up the next big problem. It's nice that you provided the source code foe the button (and I'm assuming hash so I can in theory validate the code against a hash), but how do I know the page I'm loading is even comnected to the code or the button? Or that the plugin isn't hard wired to empty my account?

It seems like you need a fully trusted chain for a user to have faith in the contract.

I think some of the questions you're asking have well known answers within the Eth community, but OP should have provided a FAQ or links.

To register a button click with the smart contract, you must send a transaction over the Eth network, which has an associated transaction cost. I'm fairly certain that you must pay once per click. However, there should be a way to send these transactions from a console like `geth`, so that the browser extensions are purely convenience features.

> I think some of the questions you're asking have well known answers within the Eth community, but OP should have provided a FAQ or links.

What you've called out out is exactly my point. His goal is to reach new people, and his message is targeted only at those already familiar.

Possibly I'm exactly the type of person he is looking for. Someone on the fringe of crypto, curious about it, maybe would dip a toe in for an excuse. Finds game theory interesting (thought normally wouldn't participate in this type of game). But I left just thinking, him this guy it trying to do something, but I don't feel like figuring out exactly what he's trying to do, or all the vectors of how this might just be a scam.

A general life lesson - if someone wants to enter a financial transaction with you, but is un-wiling or unable to provide a clear accounting of the costs and their beneficiaries... Don't.

My initial impression was that this was a modified form of a Dollar Action, and Op didn't provide enough information to dissuade me of that.

Now that said, I think the OP isn't malicious at all, but was simply unaware of how he was presenting which is why I came here and posted my comment rather than just leave the website and not look back.


This is a simple Penny Auction - https://en.wikipedia.org/wiki/Bidding_fee_auction. Not a scam per se but a bit of a racket as the operator typically brings home a lot of money as people are putting much more money in to the pot then is actually paid out.

Costs $1 to click, one person wins?

So it's basically a penny (well, dollar technically) auction of cash instead of a good?

Yeah, this is well-studied in entry level econ / psychology. The only way to win is not to play.

Well, someone will win eventually. Consider it a lottery. 20% goes to the author.

Someone won last night after clicking the button 8 times in total.

    function withdrawTips() public {
        // The owner can only withdraw the tips
        tips = 0;
I don't use Etherium, but that looks incorrect. Is the value of the variable only updated at the end of the run?

The code has now been changed (by switching to a new contract):

    function withdrawTips() public {
        // The owner can only withdraw the tips
        uint pendingTips = tips;
        tips = 0;

It occurred to me 'why not set the timer to reset automatically within rand() of 5 minutes if no one's pressed it, collecting whatever loot gets deposited'.

Two reasons: 1) auditable code 2) transparent deposits and withdrawals

I'm generally skeptical of smart contracts' real-world use but this is a rare case in which an immutable, trustless public ledger is essential.

Also, there is no rand() in Ethereum.


WTF? Screw you dude.

Don't draw the button if I can't click it! Don't say I can do one thing then force me to do another. That is bait-and-switch.

This is along the same lines as videogames showing DLC content you haven't paid for in the exact same way as the game's regular content. It's an obnoxious ploy to get you to buy the DLC, and they get to remind you of that fact every time you click it.

Sorry! I changed the message. To interact with smart contracts, you need some kind of wallet. A really common one is the MetaMask wallet, which is a chrome extension. Other options are Mist (the official Ethereum wallet), Parity, and there is even a web wallet called myetherwallet.com

I appreciate the responsiveness, thank you. Sorry but seeing things like that makes me mad.

The author takes a 20% cut:

        reward += msg.value * 8 / 10;
        // Take 20% tip for server costs.
        tips += msg.value * 2 / 10;
That must be a very expensive server indeed. Isn't it a static page with some web3js? You could host it for free on github.

Anyone want to do a a version of this with a 0.1% fee instead?

Summary of how this works from reading the smart contract:

1. User deposits ether to contract (at least 0.001 ether)

2. Creator of this takes 20% for server costs

3. The other 80% goes into the prize pool

4. When the timer reaches 0, the last person to click the button gets the prize pool (well, actually 0, but...)

brillant growth-hacking from the metamask team :)

Maybe it is, but here's my impression of metamask from this link without any prior knowledge or information.

Metamask breaks buttons on the web, holding the UX hostage until you comply with its order to install some unknown and untrusted software. I will now avoid 'metamask' for life and if I ever see it I'll run away. I will also occasionally go out of my way to get others to avoid this software, as it seems to do nothing but break UX on the web. Get rid of it!

Edit: I'm referring, of course, to the loud, shouting message below the broken website's button that says "ERROR: PLEASE INSTALL METAMASK TO USE THE BUTTON." What did I do wrong? What did I do that so offended this website, that it must show me some secret UI that I cannot access without complying to hostage messages being yelled at my face, and telling me that I'm to blame for the "error"? No, stop it. 'Metamask' is obviously no good.

Not sure if sarcasm? "Growth hacks" encourage sharing. This is the opposite. If I cared about it, I would want this "news" to die quickly and quietly.

I have a fun proposal for a contract: to click the button you need to send 1% more than the last person.

It would get very entertaining very quickly.

Interesting experiment, but the likelihood of a 30 minute timer expiring by adding more participants... :D

Thanks, yea I've realized that there is little incentive to share this out, upvote, etc. I think Smart Contracts are a great way to test out some of these game theory scenarios though :)


Good point, I'll change the message. MetaMask is a common browser extension which allows you to interact with Smart Contracts on the web. Other alternatives are Mist, Parity, or myetherwallet.com

Yeah, this seems like a ploy to get people to install some shady browser extension.

It's a well known extension with Ethereum users.


There's some incentive, since the pot goes up every time someone clicks the button.

I was going to click it then realized you need to pay $1. Interesting experiment nonetheless.

It is broken, I was able to reset the button without logging into Metamask.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact