Hacker News new | past | comments | ask | show | jobs | submit login
Proposal to restore a destroyed Ethereum contract (github.com/5chdn)
152 points by peterkelly on April 15, 2018 | hide | past | favorite | 168 comments

If they want to change history to help a privileged group of people, they should have a generalized mechanism and process for doing so. If I can prove I accidentally lost 1 ETH, let alone millions, I should be able to retrieve it via that same process.

I love Lord Vitalik as much as any ETH nerd, but the more he dictates to help his friends, the more it will hurt the ecosystem.

The "generalized mechanism for doing so", in this case, would be the EIP process itself, no?

It's a bit like those clients that say of their software, in its requirements, "I want my software to be customizable after-the-fact with any new logic I desire, up-to-and-including the power to completely rewrite the application." Some people try to solve this problem as stated, resulting in the https://en.wikipedia.org/wiki/Inner-platform_effect. Other people recognize what's happening, and just respond with "the customization mechanism is the source code. You can customize it at any time by contracting a programmer to do so for you."

The FDIC of the Ethereum blockchain† seems to be—as this example, and the earlier example of the DAO, would suggest—the Ethereum maintainers themselves. The way the Ethereum maintainers propose changes to the consensus protocol to fix problems is through EIPs. So, if there's an Ethereum "natural disaster", the natural thing to expect in response would be an EIP.

† (as opposed to the Ethereum Classic blockchain, which has no such entity, which is rather the point of the fork.)

You could create another layer atop the EIP process, formalizing specifically the recovery process from a "loss of money" event... but it's really going to boil down to a consensus-algorithm change in the end, so an EIP is going to have to be involved.

(Unless you're suggesting that there should be some way, within the Ethereum VM itself, to aribtrate disputes in a way that invalidates the side-effects of previous contract calls? That'd certainly be a trick... especially given that the said "arbitration" would seem to be a human-complete problem, and Ethereum doesn't even have oracle support yet.)

If I can't get my ETH back back when I mess up, then neither should Parity. If the community wants me to get my ETH back when I mess up, then Parity should be able to. I'm not providing a value judgement on whether this is good or bad. I'm saying that it is hypocrisy to let one group get their ETH back over the individual if they have enough political support.

But I see your point about the EIP process. Altering history to benefit a group of people is always contentious, so the EIP process is itself a way to do it on a public forum.

It's not hypocrisy to have a threshold of losses before intervening.

What's a fair threshold? How could a fair threshold be determined and later justified when people push back against it?

What is the process for adjusting the threshold if the value of the currency swings wildly? A theft of a single Bitcoin is now a theft of thousands of dollars, but years ago it would have been a handful of dollars.

It's easier to say that thefts of any amount should be restored than to deal with all of the politics of picking a threshold. Isn't the Ethereum system designed to avoid politics and the need to trust other people?

> What's a fair threshold?

Thresholds are never fair and always arbitrary. However that's not a reason to avoid anything that has an arbitrary threshold. Arbitrary is often better than nothing.

When it comes to money, arbitrary rules are definitely worse than nothing. If I use a system to own or transfer money, I want to know exactly what the rules are. I have no confidence in arbitrary protections. Lack of confidence is what kills economies, companies, and currencies. It’s in every cryptocurrency project’s interest that people who hold the currency have confidence that their rights are protected.

Exactly, the cryptocurrency told us the code is law, but in the ETH, the Lord can change the law whenever he wish. It looks absurd.

Separate from the question of whether people should be made whole, I think, is the more interesting question of who has an obligation to make people whole.

Consider the difference between insurance companies, and reinsurance companies. Insurance companies help individuals when the individual has something bad happen to them (ignore, for the moment, that the individual has to pay into this scheme.) Reinsurance companies, meanwhile, operate solely to insure insurance companies: they keep insurance companies from collapsing when a natural disaster causes a correlated risk event that would otherwise cause an insurance companies’ clients’ claims upon them to bankrupt them.

I think the Ethereum developers-cum-NetOps are a sensible group to serve as Ethereum’s reinsurance mechanism, fixing problems for entire classes of people in the event of an economic “natural disaster.” In this case, the proposed EIP effectively reinsures this multisig-wallet “bank.”

But I don’t think it would make sense for the Ethereum devs to be made responsible for individual claims, any more than the US Mint is responsible for making you whole if someone steals your wallet with cash in it. (Though the US Mint, surprisingly, does attempt to make individuals whole if their cash is accidentally burned or shredded or melted or what-have-you, which is an intriguing basis for a counterpoint.)

Anyway, the usual party responsible for making depositors whole in the event of a system screw-up, is the bank itself. This is, in fact, effectively the reason that there are separate (consumer deposit) banks, despite it being entirely possible to just nationalize them all as part of the extended infrastructure of the central bank. These institutions are taking on the (uncorrelated) risk of holding these depositors’ funds themselves, in exchange for being allowed to themselves profit from the arrangement.

Ethereum, I think, would do well building up an infrastructure of smart contracts that facilitate bank-like obligations, including the obligation of the depositor to be made whole in the event of the bank being hacked or making a mistake.

The Ethereum devs would still be the ones to act if a mistake or accident event caused structural damage to the Ethereum economy as a whole. But, under the expectation (in such a world) that plain ETH is like cash in your pocket—uninsured—and only ETH in a [some-hypothetical-ERC-obeying] bank contract is deposit-insured in the event of contract error, the Ethereum devs wouldn’t be expected to act in such cases. It’d be your fault for choosing to give your money to a non-insured bank. (Or maybe some regulatory agency’s fault for allowing the bad bank to exist or to advertise.)

> It’d be your fault for choosing to give your money to a non-insured bank. (Or maybe some regulatory agency’s fault for allowing the bad bank to exist or to advertise.)

To fail to protect people is to invite regulation. And because people in different countries own Ether, it might happen that different national governments enact different, contradictory regulatory schemes. It would really be better for the Ethereum devs if governments didn't see a need to do that.

You’re arguing for the bailout of banks, it’s hypocrisy because the blockchain was meant to counter that mentality. Maybe bank bailouts are OK after all and that’s what eth heads are realizing.

You could make your own hypocrisy argument for anyone that believes that, but seibelj was calling out a hypocrisy purely of size, which is something different.

But I'll disagree. Whatever your opinion on bank bailouts, I don't think this is the same sort of thing. A bailout is providing assistance in the form of extra money. This is a 1:1 fix of damaged money, something that happens all the time without objection.

What do you mean by oracle support?

> If they want to change history to help a privileged group of people, they should have a generalized mechanism and process for doing so.

Maybe I am just blind and a luddite, but if such generalized mechanism and process would exisit, what would be the difference to the current government and fiat based system?

Admittably, I am astonished that after the DAO mess this smart contract thing is still alive. You can either have code as law, or you can have law as law. Not both. And obviously "code as law" was something these people did not like, so what on earth there is left for smart contracts?

There wouldn’t be one (and indeed, there isn’t one): ETH is now just a shitty clone of the current fiat banking system, but with even less transparency and more corruption (and to put the cherry on it, it’s an environmental catastrophe to boot). It’ll be a few more years before the starry-eyed libertarians figure that out though.

You don't see a difference between banks that undo transactions constantly, and a system that might undo one or two a year?

Disclaimer: I do not recall my bank undoing my transaction. Ever, that is.

But, yes, I assume that banks do undo transactions somewhat regularly. And I do see a difference. With regards to the banks, there are regulatory bodies with necessary tools to oversee banks and force (of course, they do fail occasionally...) them to behave properly. With Ethereum, there is no such body, but I am expected to trust a bunch of people who claim to have developed a currency which requires no trust. The oxymoron in the last sentence is in itself enough for me to prefer banks, thank you very much.

> but I am expected to trust a bunch of people who claim to have developed a currency which requires no trust

It does require trust just as you require trust from the seeders/peers of a BitTorrent shared file. If these seeders/peers agree that they should modify the said file, you either agree with them or not. If latter, then you end up with a two versions.

I don't recall "trustless" being one of bittorrent's main selling points?

Further, to accept crypto as payment very much requires trust (or faith or belief or whatever you want to call it) that you later find some third party that is willing to accept your coins as payment, preferably with roughly the same value that you assigned to it in the first place.

Awfully lot of trust flying around in a trustless system in my opinion.

You'll have to understand that the trust in 'trustless system' is in the technical sense. Think of traditional RDBMS versus blockchain for sharing data between two companies. The former needs trust because it is mutable and controlled by an admin. The latter is more designed to be 'trustless'.

I hope your technical ability helps me here in conveying my point to you.

You don’t see a difference between a regulated system in a state were people are sovereign and one system where the people at the top of it can do whatever they want? It’s kind of sad to see a lot of people enjoying fascism barely 70 years after the most terrible war to date...

> You don’t see a difference

I don't know how to reply to this. That's the opposite of what I said.

> It’s kind of sad to see a lot of people enjoying

I hope you're not talking about me, because I wasn't expressing a preference between entire systems. I was just pointing out a single aspect.

(If you must know, I think having a court system is best, but having the EIP system is better than nothing.)

It's confusing to see my comment go from a positive score to negative while replies show up all agreeing with me...

Undoing transactions is one of the most useful features of real banks. It helps prevent fraud.

Yeah, people arguing against this are so far removed from what the vast majority of people want that it's not really possible to have a discussion with them.

Most people like that you can have your bank or credit card company hold or reverse a suspicious transaction, and don't regard that as evil statist chains of slavery.

Not just undoing them; if my bank's ML fraud algorithm doesn't like my purchase, it won't let me make it at all! And the customer service rep doesn't know why it's happening and tells me he can't override it and "could I please stop using www.grabtaxi.com"

Happens to me multiple times a year, it's unbelievably bad.

That sounds unacceptable, why haven't you changed banks?!

I am with a different bank now, but previously the bank above (Chase) was the only bank in Canada that offered foreign transactions without an annual fee or a 2.5% currency conversion fee.

>You don't see a difference between banks that undo transactions constantly

You should use a different bank if this is actually true. This is not a common experience.

Some bounced checks, most fake checks, all chargebacks...

I don't have to experience these personally to know there is a vast landscape of transactions that get unraveled days to months later.

Some of these benefit the consumer, and some hurt the consumer.

But they apply to all banks.

There are no absolutes. Is Bitcoin decentralized? Sure, but not 100%, not every human has perfectly equal say and ability in its functioning - but it is much more decentralized than other systems and that has value.

Smart contracts are similarly high on the code-is-law spectrum relative to other systems. Day-to-day transactions are near perfectly transparent, predictable and repeatable. Changes require highly visible and discussed EIPs or similar.

As time goes on and lessons are learned they will likely increase in desired qualities, never fully achieving them, always in a state of pursuit.

> but it is much more decentralized than other systems

By which measure? There are more than six thousand banks[1] in US, all of which are perfectly capable to create significant amounts of USD currency. My understanding is that even if the number of Bitcoin miners may be higher, it is still much more concentrated to a hand of a few pools.

[1] https://en.wikipedia.org/wiki/Banking_in_the_United_States#A...

Generally the central bank dictates the money supply through interest rates.

Miners do not wield all the power, it is a dance between miners, economic nodes, developers and finally users. If those stakeholders are not on board it is unlikely for changes to occur.

Pools are different from being a single entity. If a thousand miners pooled together to lower their earnings volatility, that is much more decentralized than if one person owned a thousand miners. The individuals can choose to leave the pool or switch at any time. The pool is only a temporary agent.

The transactability of crypto is much more decentralized. In traditional banking you must ask for permission to send your money from one bank to another to eventually reach the intended recipient. In crypto it is peer-to-peer.

The US has a decent amount of banks, other countries like Canada do not, countries like Venezuela centrally destroyed their currency.

The central bank has only indirect control over how much money a bank is willing to lend, same goes for other financial instruments like collaterized debt obligations (ways of moving debt of the book of a bank, so that they can lend (i.e. create) more money) and credit default swaps.

Giving all the power to a bunch of Chinese miners doesn’t fit my definition of decentralisation honestly. I still believe much more in the banking system subject to different governments than anything that is (or can easily be with a minimum effort) in direct control of one single government quite famous for his absolute control over everyone and everything.

There is nothing systemic or inherent to China having a lot of hash power. They just happen to be strong in silicon manufacturing. This will likely decrease over time and is different from being centralized by rule.

"the more he dictates to help his friends" is unfair I think. Isn't this a proposal by a Parity developer? Where does it say that Vitalik endorses this, or that he has either the will or the ability to dictate its adoption?

In fact, the one comment I've seen from Vitalik on this matter was pretty skeptical of any sort of bailout, expressing a desire for these sorts of actions to be increasingly difficult to achieve.

Stuff like this is why smart contracts won't work for the general public. Nobody wants to live in a world where a bug in a contract lets people steal your money and you can't get it back, even when you can prove who did it. We have contract law to deal with this stuff in the real world.

The problem is, if smart contracts are subject to human governance, what advantages do they have over any other kind of contract? How can they be trusted more than anything else that is subject to human governance? Automatic execution of contracts is nice, but if history can be rewritten later, you can't really build a deterministic system on top of them.

I think "smart contract" is a bad name for what it truly is - a program that runs on the blockchain. I tell programmers to think of smart contracts as programs.

An Ethereum smart contract (program) may be useful when applied to a problem currently solved with a legal contract. But not necessarily.

MakerDAO[0] is a project that achieves a token (Dai) that is termed a "stablecoin" as its value is soft pegged to $1 USD. It was launched in late December and has been very successful thus far. Maker achieves this with a series of smart contracts and operates entirely within the blockchain. MakerDAO is the type of project that is unique to smart contracts and is not possible without Ethereum or similar technology. These are the types of projects you should consider when analyzing the longterm technological capabilities of Ethereum. Imagining a world where paper contracts are replaced with Ethereum smart contracts is a misconception.

[0] https://makerdao.com/

It's ironic that a crypto project seeking stability decides to peg its valuation against a fiat currency, i.e. the US dollar.

As always, you'll have to read into the details. MakerDAO doesn't exactly peg it's value to the US dollar. Here's a good interview about how it works - https://www.youtube.com/watch?v=ZggkzPJ5Yt4

So...you can have a program that runs on an extremely slow computer and costs a ton of electricity to execute?

1) Proof of Stake will end the argument about electricity[0]

2) To criticize Ethereum as "an extremely slow computer" is the laziest, no-effort, no-thought attack you can make

[0] https://github.com/ethereum/wiki/wiki/Proof-of-Stake-FAQ

Ethereum simply promising to switch to PoS, at some undefined future time when it's extremely convenient for them, provides absolutely no moral redemption. They have to actually do it.

They have a testnet, are working on a second testnet, will freeze the spec once that testnet is running, and have funded multiple teams to formally verify the design's properties. That effort is going well and should be finished within four months.

This is just for the initial hybrid design, but last I saw, that design reduces PoW reward by 80%, which necessarily decreases energy consumption by about the same amount. Recently I saw Vitalik claim that the finality provided in the hybrid design is the hard part, and going the rest of the way to full PoS is relatively easy.

Wow, lots of hidden assumptions there. You seem to imply that they're not working on it at all.

Remember, Ethereum is clearly still under development, they never mention that it is ready for general public use.

"To criticize Ethereum as "an extremely slow computer" is the laziest, no-effort, no-thought attack you can make"

Sorry that the truth hurts. We've been doing this exact same thing since the late 70s and nothing has changed, at all. It's slow, its hugely wasteful, half of these 'contracts' I could execute on my phone faster than I could on the 'network.' And as shown, lots of room for basic-level stupidity to happen like lost Ether.

The speed is not what makes Ethereum unique and useful. The global consensus of what happened on that computer is what is useful.

Why is that useful?

Cryptocurrency is >9 years old and so far nobody has thought of a real use case for it (other than selling drugs and child porn) that requires its unique features.

"The global consensus of what happened on that computer is what is useful."

Nick Johnson appears to disagree entirely in a Reddit thread.

> The problem is, if smart contracts are subject to human governance, what advantages do they have over any other kind of contract?

I would argue that they are actually worse, because they are subject to the whims of individuals like Buterin who are effectively accountable to no one. In the real world you have judges, you have juries, you have clearly laid out rules, and there exists a well defined process of how legal issues will be handled.

Just came in to say exactly this. You can complain about how banks handle transfers all you want, but at least you have a decent shot of getting your money returned if something goes wrong.

Sooner or later some court is going to get involved in a case involving smart contracts. I imagine they will ignore what the contract says and go to intent of both parties.

And by proving here that the blockchain can be forked at will, the whole thing might as well be hosted on an Oracle database at JPMorgan Chase.

Yeah, and I doubt the judge will be impressed by arguments about immutability, especially if the lead developer of the smart contract system has a history of suspending immutability to help his friends...

If you look at it as a way to write a contract, not an assumption about how it will be processed, it's useful. A program can reduce ambiguity by a lot, and reduce the need for legal intervention.

A while ago the SEC was looking into having complex securities put a python version of their logic on file, for investors to prod at. That sounds to me like a good use of 'smart contracts'.

Legal contracts also have mistakes in them, and companies and people get wrecked for millions of dollars.


Of course legal contracts can contain mistakes, and even intentional fraud. But when that happens, we don't have to just throw our hands up and say "Well, the contract is immutable, so you're screwed unless you happen to be friends with the guy who runs the blockchain."

That's actually exactly what happens in a few of the cases mentioned. In fact, in one of them, the courts chose not to fix the error because it would set a dangerous precedent (which is what you are saying would never happen).

I never said that everyone who goes to court would get what they want, or that the courts would throw out such contracts 100% of the time.

Some contracts are declared void by the judge because they are against the current legislation. In ethereum the contract is the law (until the people at the top are ok with it, otherwise they will unilaterally change the law)

It’s an expensive, yet ultimately entertaining lesson in why regulations and institutions exist. I suspect that most people knew this was silly going in, but saw there was money to be made. A smaller subset were sufficiently idealistic/ignorant, but quickly learned the lesson. The fun is in the remainder who aren’t just trying to pump money out of rocks, but still really believe in it, the real cryptolibertsrians! It’ll be years before they get over their dreams and crash down to reality, if they ever do.

There are a lot of programs that already govern our lives every day. From airplanes to medical devices that can output lethal doses of radiation.

We already have established standards for writing and testing safety critical software, like DO-178B. If you want to go even further you use more advanced programming languages that allow you to prove the required properties via its type system.

And just in case all of this fails or a case of PEBKAC, you buy insurance.

Is there an insurance company offering to insure against crypto losses? Considering the rampant amounts of both fraud and general incompetence, I assume the premiums are/would be astronomical.

> Nobody wants to live in a world where a bug in a contract lets people steal your money and you can't get it back, even when you can prove who did it.

If you can prove who stole it, you can go through the courts to gain ownership of their accounts and then transfer the funds back.

One way smart contracts could still prove useful is by changing the position parties are in prior to any lawsuit.

Suppose we agree that in two weeks, you are to pay me $1000. Then suppose that some dispute develops between us as to whether the payment is still owed in full, so you refuse to pay.

If we merely had a standard contract, I would need to sue you, and the burden of proof would be on me to show that I am entitled to payment of the full sum.

If we had a smart contract, the payment would execute automatically, and you would have to sue me, and the burden of proof would be on you to show that you are entitled to recover the sum.

So even in a world where a smart contract has the exact same effect on legal duties as a standard contract[1], it could still let parties reallocate counterparty risk. There are of course other mechanisms for reallocating those risks, like escrow services. How smart contracts compare to those seems like a great area for economic and legal research.

[1] A doubtful proposition, since parties to a smart contract have manifested some intention to be bound to at least some extent by the mechanics of the smart contract platform. A court will have to consider that as a factor in discerning the true intentions of the parties.

You could also just post-date a check (and notify the bank).

When it comes specifically to changing the positions of parties, I can't think of a scenario where smart contracts help. Especially because they can't check anything, like "was the work done?".

I can think of many uses of escrow, but those don't need smart contracts...

The purpose of the example isn't to be a realistic or useful application of a smart contract, but merely to show that smart and traditional contracts can in principle have different effects on the real world, even if the law treats them as having identical effects on parties' legal duties.

I'd rather not live in a world where people can take money out of other people's bank accounts without going through due process first. In your example, due process happens at the end of the dispute rather than at the beginning.

In that case, don't read too much about how ACH actually works.

You are supposed to obtain authorization first, but this is not generally verified at the time of the transaction (some accounts do white list specific accounts for outgoing ACH transfers). People can pull money out of your account with just your account and routing numbers.

The only way to initial an ACH chargeback is to attest under penalty of perjury that you did not authorize the transfer. (Not receiving the product / fulfilling the terms of the contract is not a valid chargeback reason for ACH).

So if you had indeed authorized the transfer (as maroperaza stipulates) then your only recourse is to sue them in court.

This would also mess badly with the economics of law. For a majority of the contracts, the cost will go up as they will need to be scrutinized more because the cost of a mistake is much higher (it is immediate and final).

sure but it just means there will be a set of standardised smart contracts with a proven track record, and as much as possible other contracts will compose simple ones.

It's like saying driverless cars will never exist because the road there will involve some accidents. It sucks, but I don't doubt the future of driverless cars.

Don't forget that Ethereum is a first generation technology. There will be many refinements along the way of any new idea. I think these restores are repulsive but I have to remind myself that their team is always growing and learning from mistakes.

The person who wrote this EIP works for Parity.

If we're going to be fixing shit like this, can we also restore funds to the poor guy who got robbed of 41k ether?



> the hack happened because of a weak passphrase [...] Levy [expected] his private key would still be needed to access the wallet. But the wallet generation tool Levy used, developed by ethereum creator Vitalik Buterin, had a critical flaw in that others could access the wallet just with the passphrase.

Neither gpg nor ssh keys work that way. Why would Vitalik design the etherium wallet key like that? The passphrase is the last line of defense against people who have managed to access to your system, it's not the first and only defense against remote attackers.

> Why would Vitalik design the etherium wallet key like that?

Because he may be very clever at having come up with this whole ethereum system, but that doesn't mean he's wise and experienced. It's a rookie mistake, made by a rookie. It happens. He seems the type to learn from it at least.

No, the tool works like a brainwallet. The seed phrase determines the ethereum public and private keys. That way there is nothing else to save, no file backup is necessary. Knowledge of the seed phrase is sufficient. That's a feature, not a bug.

It is not like gpg where the private key is independent, stored on disk and encrypted by the passphrase.

The user messed up in that he didn't understand that he needed to use a strong passphrase or it was possible for anyone in the world to guess it.

>No, the tool works like a brainwallet.

Are you saying that is a good thing? It's well known that brainwallet is a footgun.


>An early old-style brainwallet was created by by memorization of a passphrase and converting it a private key with a hashing or key derivation algorithm (example: SHA256). That private key is then used to compute a Bitcoin address. This method was found to be very insecure and should not be used. Humans are not a good source of entropy.

Any tool that allows that mistake to be made is badly broken.

Because he is not all that bright. Eth is a shit show of scammers and used for little else

Are you sure you understand what happened?

A master password system is common. For example, choose a weak password for 1Password.app and someone can see all of your passwords.

Only those connected to Vitalik get fixes, everyone else is shit out of luck.

The people connected to Vitalik here just wrote the wallet. It doesn't really help them per se. It helps the innocent people who were hurt by their mistake.

Doesn't this fix help the company Parity which has connections to Vitalik?

According to https://techcrunch.com/2017/12/05/parity-ceo-says-shes-confi... The co-founder of Parity has $90M at stake in this PR. If it was me and I had $90M at stake, I would totally slip Vitalik a million or two to ensure that this PR was merged.

Vitalik's net worth is a lot higher than that, I highly doubt he can be bribed for a couple million (or any dollar amount)

Everybody can be bought. Rich people don't stop caring about more money just because they are rich.

From diving in, it looks like the contract backing a smart wallet implementation had a vulnerability/bug/design flaw allowing an arbitrary actor to kill it[0]. It looks like these contracts are treated as a shared library so the contract being killed means any wallet depending on it is bricked.

The solution here seems to be a hard fork of Ethereum to allow revival of that problem contract. This seems unpalatable as, well, avoiding extensive human intervention is a key idea in cryptocoins.

Disclaimer: I got off the cryptocoin train awhile back so if I've mistaken anything, please point it out.

[0] https://github.com/paritytech/parity/issues/6995

It's not the first time Ethereum has hard-forked to roll back a sufficiently bad bug in a smart contract, and it probably won't be the last. They periodically do hard-forks for other reasons as well. Eventually they might declare it 1.0 and stop doing this, but that's not how it's managed today. At this point I think users accept this as a risk of using Ethereum. Of course anyone who doesn't like it is free to try to keep the old chain alive (indeed, Ethereum Classic is still a thing that exists).

Ethereum Classic also hard forks in order to make changes and other upgrades to it's protocol.

Ethereum has not yet hard forked to enact this proposal. At the moment it looks very unlikely to gain the support needed.

The debate is mostly happening here:


This change has no consensus like the DAO fix did, and the problem it fixes is both negligible and self inflicted.

Points made there:

1) The proposed transaction is a dilution. It reduces the value of everyone else's Ether by a payout to Parity.

2) Businesses which use the Etherium system but aren't closely associated with the insiders are at a disadvantage when the insiders can recover from their mistakes, but outsiders cannot.

Curious why people think so w.r.t. (2). Anyone can submit a proposal.

for the reason he said in (2), insiders like Parity have much better odds of having their EIP accepted.

but it is your proposal so you knew that.

If the DAO had consensus, why do we have ETC (Ethereum Classic) now?

Shit like this will kill eth. If anyone seriously working on this (any anyone with any vested interest in shit like this not happening) wants to have an informal chat about fixing this, I think I have some ideas on fixing this. It's quite legit, if I can say so. Check my profile for email.

It sounds almost like you're assuming that, just because there's an EIP, it's already set in stone and will definitely happen. It seems to me like there's a majority of opposition to this. And is it really that surprising on its own that someone involved with the parity project would write an EIP like this?

Serious, not at all snarky question:

It seems like the Ether devs will mess with the block chain anytime something happens. This seems like a terrible way to manage one of the unique coins in the crypto space.

With that said, aren’t they worried about the risk this conveys to oncomers? Wouldn’t anyone think twice if there’s going to be a fork anytime someone screws up a contract at large enough magnitude?

Ironically, providing a means to reverse disasters is probably good for Etherum; it reduces the number of investors who leave because they've been burned.

It also kills one of the main selling points, which is that code = law. If you want human intervention, go with regular contracts.

I'm mostly on your side on this one, but you have to remember that a lot of folks see decentralization as merely having more than one option for centralized law/money/etc.

Today, I (generally) get one set of a laws if I live in a particular geographic location, but a "centralized" ETH committee/board could serve as an authority for some set of actions by individuals unbound by geography.

Some people just want that choice.

> Today, I (generally) get one set of a laws if I live in a particular geographic location, but a "centralized" ETH committee/board could serve as an authority for some set of actions by individuals unbound by geography.

I believe it should be quite possible to formulate such a thing as part of a smart contract in which the ETH committee/board may always interfer if they desire if this is what people want.

Unfortunately, code = bugs.

I claim that the law is much more full of bugs than typical code.

All the more reason not to believe in 'code = law'

Exactly. Regardless of what cryptonerds might be thinking about it, this actually may be a feature, not a bug. Laws aren't algorithms and court isn't a computer for a reason. There's plenty of space to occupy between "paper contract interpreted by humans" and "a contract where a bug in it is absolutely irreversible".

It's not a systematic means of redress or resolving bugs though though, it an arbitrary action to benefit people with a sufficiently close relationship with the dev team. An approachs which could just as easily burn you as bail you out, especially assuming most people still undecided about getting involved in the ETH ecosystem don't have close relationships with the dev team.

If code or asking Vitalik nicely enough is law, I think I'll stick with lawyers, thanks...

The disaster is only reversed in the main blockchain. There can always exist other Ethereum blockchains where it is not reversed.

So it's purely for risk free investing? Investors are after a high reward but don't take on the risk?

The Ethereum devs have not chosen to mess with the block chain. This is a proposal written by the entity that lost the most money (and also caused the problem in the first place).

It's possible that the devs will choose to go along with this change, but they've previously rejected several other proposals to recover these funds.

You're extrapolating from one incident to "anytime something happens."

One incident is all it takes to open the door. And the fact that this is being seriously considered rather than rejected outright is troubling all on its own.

It seems like most people in this thread don't understand that this is just a proposal made by the firm that lost funds and there is very little indication that it will be supported either by the Ethereum Foundation or by the community at large.

If this is accepted and implemented, could someone explain how Ethereum is a decentralised cryptocurrency?

It's not. The Ethereum foundation will continue to merge EIPs like this that benefit them and their cronies.

The whole ETH/ETC fork was because they messed up the DAO contract, which set a precedent for "code is law, except when it doesn't suit us".

This EIP has not been enacted via a hard fork and from the looks of it doesn't have the required support.

The ETC fork happened very early and affected some large percentage of available tokens - I think 15% or so.

Sorry to sound a bit snarky, but you have a sample size of 1 as evidence. It seems there's a lot of opposition to this EIP so I wouldn't count on it being accepted.

The dirty secret is that cryptocurrency development isn't decentralised; whichever group gets to issue software updates to most users is in charge.

Nope. Users are in charge when they make the choice of which software to use.

Well, technically for cryptocurrency it's those users who are mining that get to determine which is the "real" chain and therefore whose currency is worth something and whose is worthless. They get to pick a fork.

Well, the user response if 51% of miners decide to pick a fork that enriches themselves at the expense of users is "alright, I'm done, this cryptocurrency is worthless. Have fun spending electricity to mine these digital bits that don't mean anything."

The users who actually decide which currencies have value are those who are willing to exchange those currencies for things of value - either directly for goods & services, or indirectly through trading it with fiat currencies that you can exchange for goods & services. Like all currencies, Ethereum has no intrinsic value - it's just bits in a bunch of computers across the globe, the same as dollars are these days. Its value comes from peoples' willingness to exchange it for things they do value, which isn't going to be very high if the sellers don't believe it'll be worth something to them in the future.

And you can always leave your country for another country. Doesn’t make it decentralized.

I guess you could argue that the nodes can reject the hard fork. Decentralization doesn't preclude nodes coming to a consensus to change (or not change) the protocol.

Is the affected associates of Vitalik, the benevolent dictator of Ethereum? Then this may get in.

I mention this because the DAO losses were address by a hard fork.

If enough money is at stake it would be advantageous for Vitalik and other core maintainers to allow for people to pay on getting their PRs accepted. This PR would restore I understand about >$100M in funds. This type of patch is surely worth money in order to accept.

At least if Vitalik and friends took money in order to do these types of arbitrary patch PRs to fix other people's problems, then it would at least be a fair playing field.

Is Vitalik and other core maintainers already getting paid by the people proposing these types of PRs?

> This type of patch is surely worth money in order to accept.

Not necessarily. If accepting this proposal means that the community loses confidence in the platform, then there could be way more money to lose than just what is locked up in that dead contract. Does it seem likely they won't take that into consideration?

If you believe a system where people with more money get more votes to be fair.

At least it wouldn't be based on who Vitalik knows personally. I would rather a transparent system that operates with known principles rather than one that is arbitrary and based on knowing Vitalik.

I know it's not a very popular opinion but I think this is a good idea (disclaimer: i am not affected by this issue). The tech is there for the people, not the other way round.

On the other hand, if you want human arbitration of contracts, then it seems like that is already available outside the crypto space.

It's not a cut-and-dried issue, but personally I do tend towards the view that interfering in contracts via hard forks undermines the credibility of the whole idea behind smart contracts. As it is, it seems smart contracts simply do not work as they should. They seem to be vulnerable to both technical and political risks, which is actually worse than a regular contract.

It would be part of a planned hard fork (for other reasons). There will not be a hard fork just for this issue.

The point of contention is "all people" or "some people".

I'm quite torn on this one myself but for now the downsides are outweighing the good. Just the fact that it is very contentious is a big problem. It just isn't worth another possible network split or negative pr it would bring. Ethereum is trying to be a particular kind of base layer blockchain - it needs to encourage the development of non-hard fork solutions to these issues, like better auditing, insurance, etc.

As a general rule I agree. But in this case it demonstrates that Ether is run by people, not math. That is not what many people want.

And indeed, I treat it the same way I do scrip in video games. But until you take away the ability to "rebalance the economy", it will stay a video game.

I'm still aghast that "smart contracts" are procedural programs. No wonder a lot of bugs derive from them.

Contracts are functional, being procedural should be the exception.

They should be functional, scoped, limited (by the VM inclusive), testable.

The Ethereum VM accepts opcodes like any other modern computing platform. There's a lot of work going into formal verification of contract code. There's nothing in principle that prevents compilation of smart contracts into VM code via a formally verified compiler that implements a functional language.

Except the majority of the Ethereum community being ideologically opposed...

I'm an Ethereum smart contract dev/auditor and active in the community. I'm not aware of any ideological opposition to more functional or verifiable languages.

In fact, there are several new languages in development to move things in that direction, including Vyper (originally designed by Vitalik) and Bamboo (designed by the person employed by the EF to work on formal verification).

My experience proposing actual use of these has been met with complaint and actual jeers in social circles. Further, it's pretty depressing that you suggest Vyper and Bamboo actually offer more formal verification or even correctness.

I don't see either trying to adopt approaches more like Simplicity.

What do you mean?

In this case, the problem was that the function to self destroy the contract didn't have the flag "OnlyTheOwnerCanCallMe" or something like that. A functional program wont save you of missing flags.

Smart contracts are state transition systems. Whether you write them in a "functional" or "procedural" style is more or less a superficial syntactic question.

There's a lot of hot air being blown about pure functional programming for smart contracts as a way to somehow solve all logical bugs, which is nonsense.

Of course it won't solve all bugs, but it's easier to specify a series of conditions as a functional description rather than writing a stack vm program.

You seem to be comparing a high-level functional language to a low-level bytecode.

I don't think it's easier to specify a series of conditions in a functional language than in an imperative language, generally speaking.

While I'd also prefer something with more verifiable and with more expressive power as well, it's pretty wrong to suggest that "procedural" is somehow not what will come of any code that relies on OO. Monads sequence code too.

And while I think most smart contract languages are bug-ridden disasterpieces, it IS possible to test them thoroughly. The problem is that most folks in the blockchain space, particularly contract author's, simply have no experience dealing with the difficulties of distributed, public facing systems. We see these problems over and over again.

I propose to roll Ethereum price back to 2015 for just a day, as a lot of people I know missed it and didn't manage to buy.

No. Just No. This is no different than the bank bailouts that inspired the creation of cryptocurrency. Is Parity too big to fail? If the answer is 'yes', then It's ime to convert all your ETH to ETC.

Can someone explain this in terms understandable to a software engineer with familiarity with cryptocurrency in general but no specific knowledge of ETH?

Ethereum is sort of like Bitcoin, but includes a Turing-complete scripting language. Programs written in this language are called "smart contracts", and can do a much wider range of things than simply dealing with currency.

One of the core principles of blockchain technology is immutability - that is, once a transaction becomes part of a blockchain, it stays there forever and can never be undone. In the case of Ethereum, this also includes smart contracts.

An advantage of immutable contracts is that users can trust that it will always operate in exactly the way the code was written, and the developer who wrote the contract cannot change the rules, or alter the "terms of service" as so often happens in centralised systems. A disadvantage of immutable contracts is that if there is a bug in the code, it remains there permanently and can never be fixed. In this particular case, there was a bug that allowed someone to instruct the contract to "self destruct" (refuse to process any more transactions), thereby locking away a large amount of ETH.

EIP stands for Ethereum Improvement Proposal. This particular proposal (which, as I understand, has not yet been accepted) would alter the Ethereum protocol to handle this specific contract address specially in such a way that reverses effects of the unintended self-destruction, allowing the lost funds to be recovered. This goes against the principle that the blockchain must be immutable, otherwise known as "code is law".

Breaking immutability in such a manner is highly controversial; the debate is about whether the development team should make a one-off fix for this particular case because a lot of people lost a lot of money (or rather ETH), or whether they should leave things as-is to avoid destroying trust in Ethereum's promise of immutability.

This has happened previously on one occasion; see https://en.wikipedia.org/wiki/The_DAO_(organization)

While I disagreed with the DAO fork and disagree with this EIP, neither of them changed immutability. The problematic transactions are still there. These are irregular state transitions that are normally illegal but are hardcoded to be allowed as special one-off favors.

Smart contract has a bug that caused funds to be lost in an indefinite state. I understand the amount was +$300M but give the fall in value is may now be closer to $100M.

What's a smart contract? What's an EIP?

No offense, but for a software engineer, you seem to have an aversion to googling answers.

Smart contracts are another name for programs that run within the blockchain. Whereas Bitcoin blocks contain data that explains transactions, Ethereum blocks contain data that are virtual machine opcodes. Essentially Ethereum is a never ending list of a single-threaded processor's instructions. These instructions manipulate the global state of a computer. You pay for these transactions with ETH, and when ETH is used to pay for computation on the "world's computer", it is termed gas.

EIP's are "Ethereum Improvement Proposals" which are how anyone can propose changes, protocols, whatever to the Ethereum open source project. Like RFC's for the internet protocols.

Thanks for taking the time to write this. It will save 1,000 people 10 minutes of googling.

I'm shocked, SHOCKED, to see that what the banking system has realised hundreds or thousands of years ago, that sometimes things go wrong and you need to undo it, is actually true. Cryptocurrencies deliberately design around what society has deliberately put in place, because that's what we want.

Problems like this are a critical flaw in cryptocurrencies. When something goes horribly wrong, who do you go to for help? You don't have a right to recourse with cryptocurrencies. With real money, you have legal rights that can be exercised by simply filing a complaint with the bank. If that doesn't go well, you go to the regulatory agencies or the courts.

Furthermore, if you do succeed in getting help from the community/central committee then you just defeated a goal of cryptocurrencies. Taken directly from the first paragraph of the homepage of the Ethereum website [0]:

> Ethereum is a decentralized platform that runs smart contracts: applications that run exactly as programmed without any possibility of downtime, censorship, fraud or third-party interference.

[0]: https://www.ethereum.org/

Remember, however, that's there's nothing about "real" money that intrinsically bestows upon its users some set of legal rights. Traditional currency users have legal rights because the legal system has had enough time to evolve to handle them properly. A lot of current crypto systems don't specifically include mechanisms for recovery of funds (and, as you point out, many of them claim this shouldn't happen) but that doesn't mean it's not technically possible somehow.

it would be possible with concealed and rsa signed meta data. so theoretically you would be able to request a transaction revesal submitted to the miners after you verify your identity on the blockchain.

Can someone explain where the balance is?


My understanding is that contract code is a "library" of sorts, that was imported or called by parity multisig wallets.

Exactly. It is the library used by hundreds of wallets. The library itself does not hold any balance.

Assuming that in the future most businesses use crytocurrencies (which I think we can all agree on would be awesome and better than what exists), they will need to be able to access their money even if they make a mistake.

We're not taking money from you or I and giving it to a failing institution (a bailout). We are setting up a procedure so that when mistakes are inevitably made, someone can still access their funds.

After all we all agree it is all of these company's funds, right?

A relevant earlier EIP, which I assume this conforms to:

> Provide a standardized format for Ethereum Recovery Proposals (ERPs), which relate to recovery of certain classes of lost funds. Individual ERPs will follow the same process as any EIP, but will be formatted and evaluated in a standard way to ensure consistency and transparency.

EIP 867 which you are referring to is in limbo, this is not conforming with the ERP.

How is this different from the Federal Reserve and Treasury deciding to "save" Bear Stearns but not Lehman?

Is it time for a second ETC fork ?

this post breaks hacker news mobile page to scroll horizontal

The future is weird.

This is corruption.

is there a reason eth’s contracts aren’t coded in haskell or similar

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact