I love Lord Vitalik as much as any ETH nerd, but the more he dictates to help his friends, the more it will hurt the ecosystem.
It's a bit like those clients that say of their software, in its requirements, "I want my software to be customizable after-the-fact with any new logic I desire, up-to-and-including the power to completely rewrite the application." Some people try to solve this problem as stated, resulting in the https://en.wikipedia.org/wiki/Inner-platform_effect. Other people recognize what's happening, and just respond with "the customization mechanism is the source code. You can customize it at any time by contracting a programmer to do so for you."
The FDIC of the Ethereum blockchain† seems to be—as this example, and the earlier example of the DAO, would suggest—the Ethereum maintainers themselves. The way the Ethereum maintainers propose changes to the consensus protocol to fix problems is through EIPs. So, if there's an Ethereum "natural disaster", the natural thing to expect in response would be an EIP.
† (as opposed to the Ethereum Classic blockchain, which has no such entity, which is rather the point of the fork.)
You could create another layer atop the EIP process, formalizing specifically the recovery process from a "loss of money" event... but it's really going to boil down to a consensus-algorithm change in the end, so an EIP is going to have to be involved.
(Unless you're suggesting that there should be some way, within the Ethereum VM itself, to aribtrate disputes in a way that invalidates the side-effects of previous contract calls? That'd certainly be a trick... especially given that the said "arbitration" would seem to be a human-complete problem, and Ethereum doesn't even have oracle support yet.)
But I see your point about the EIP process. Altering history to benefit a group of people is always contentious, so the EIP process is itself a way to do it on a public forum.
What is the process for adjusting the threshold if the value of the currency swings wildly? A theft of a single Bitcoin is now a theft of thousands of dollars, but years ago it would have been a handful of dollars.
It's easier to say that thefts of any amount should be restored than to deal with all of the politics of picking a threshold. Isn't the Ethereum system designed to avoid politics and the need to trust other people?
Thresholds are never fair and always arbitrary. However that's not a reason to avoid anything that has an arbitrary threshold. Arbitrary is often better than nothing.
Consider the difference between insurance companies, and reinsurance companies. Insurance companies help individuals when the individual has something bad happen to them (ignore, for the moment, that the individual has to pay into this scheme.) Reinsurance companies, meanwhile, operate solely to insure insurance companies: they keep insurance companies from collapsing when a natural disaster causes a correlated risk event that would otherwise cause an insurance companies’ clients’ claims upon them to bankrupt them.
I think the Ethereum developers-cum-NetOps are a sensible group to serve as Ethereum’s reinsurance mechanism, fixing problems for entire classes of people in the event of an economic “natural disaster.” In this case, the proposed EIP effectively reinsures this multisig-wallet “bank.”
But I don’t think it would make sense for the Ethereum devs to be made responsible for individual claims, any more than the US Mint is responsible for making you whole if someone steals your wallet with cash in it. (Though the US Mint, surprisingly, does attempt to make individuals whole if their cash is accidentally burned or shredded or melted or what-have-you, which is an intriguing basis for a counterpoint.)
Anyway, the usual party responsible for making depositors whole in the event of a system screw-up, is the bank itself. This is, in fact, effectively the reason that there are separate (consumer deposit) banks, despite it being entirely possible to just nationalize them all as part of the extended infrastructure of the central bank. These institutions are taking on the (uncorrelated) risk of holding these depositors’ funds themselves, in exchange for being allowed to themselves profit from the arrangement.
Ethereum, I think, would do well building up an infrastructure of smart contracts that facilitate bank-like obligations, including the obligation of the depositor to be made whole in the event of the bank being hacked or making a mistake.
The Ethereum devs would still be the ones to act if a mistake or accident event caused structural damage to the Ethereum economy as a whole. But, under the expectation (in such a world) that plain ETH is like cash in your pocket—uninsured—and only ETH in a [some-hypothetical-ERC-obeying] bank contract is deposit-insured in the event of contract error, the Ethereum devs wouldn’t be expected to act in such cases. It’d be your fault for choosing to give your money to a non-insured bank. (Or maybe some regulatory agency’s fault for allowing the bad bank to exist or to advertise.)
To fail to protect people is to invite regulation. And because people in different countries own Ether, it might happen that different national governments enact different, contradictory regulatory schemes. It would really be better for the Ethereum devs if governments didn't see a need to do that.
But I'll disagree. Whatever your opinion on bank bailouts, I don't think this is the same sort of thing. A bailout is providing assistance in the form of extra money. This is a 1:1 fix of damaged money, something that happens all the time without objection.
Maybe I am just blind and a luddite, but if such generalized mechanism and process would exisit, what would be the difference to the current government and fiat based system?
Admittably, I am astonished that after the DAO mess this smart contract thing is still alive. You can either have code as law, or you can have law as law. Not both. And obviously "code as law" was something these people did not like, so what on earth there is left for smart contracts?
But, yes, I assume that banks do undo transactions somewhat regularly. And I do see a difference. With regards to the banks, there are regulatory bodies with necessary tools to oversee banks and force (of course, they do fail occasionally...) them to behave properly. With Ethereum, there is no such body, but I am expected to trust a bunch of people who claim to have developed a currency which requires no trust. The oxymoron in the last sentence is in itself enough for me to prefer banks, thank you very much.
It does require trust just as you require trust from the seeders/peers of a BitTorrent shared file. If these seeders/peers agree that they should modify the said file, you either agree with them or not. If latter, then you end up with a two versions.
Further, to accept crypto as payment very much requires trust (or faith or belief or whatever you want to call it) that you later find some third party that is willing to accept your coins as payment, preferably with roughly the same value that you assigned to it in the first place.
Awfully lot of trust flying around in a trustless system in my opinion.
I hope your technical ability helps me here in conveying my point to you.
I don't know how to reply to this. That's the opposite of what I said.
> It’s kind of sad to see a lot of people enjoying
I hope you're not talking about me, because I wasn't expressing a preference between entire systems. I was just pointing out a single aspect.
(If you must know, I think having a court system is best, but having the EIP system is better than nothing.)
It's confusing to see my comment go from a positive score to negative while replies show up all agreeing with me...
Most people like that you can have your bank or credit card company hold or reverse a suspicious transaction, and don't regard that as evil statist chains of slavery.
Happens to me multiple times a year, it's unbelievably bad.
You should use a different bank if this is actually true. This is not a common experience.
I don't have to experience these personally to know there is a vast landscape of transactions that get unraveled days to months later.
Some of these benefit the consumer, and some hurt the consumer.
But they apply to all banks.
Smart contracts are similarly high on the code-is-law spectrum relative to other systems. Day-to-day transactions are near perfectly transparent, predictable and repeatable. Changes require highly visible and discussed EIPs or similar.
As time goes on and lessons are learned they will likely increase in desired qualities, never fully achieving them, always in a state of pursuit.
By which measure? There are more than six thousand banks in US, all of which are perfectly capable to create significant amounts of USD currency. My understanding is that even if the number of Bitcoin miners may be higher, it is still much more concentrated to a hand of a few pools.
Miners do not wield all the power, it is a dance between miners, economic nodes, developers and finally users. If those stakeholders are not on board it is unlikely for changes to occur.
Pools are different from being a single entity. If a thousand miners pooled together to lower their earnings volatility, that is much more decentralized than if one person owned a thousand miners. The individuals can choose to leave the pool or switch at any time. The pool is only a temporary agent.
The transactability of crypto is much more decentralized. In traditional banking you must ask for permission to send your money from one bank to another to eventually reach the intended recipient. In crypto it is peer-to-peer.
The US has a decent amount of banks, other countries like Canada do not, countries like Venezuela centrally destroyed their currency.
The problem is, if smart contracts are subject to human governance, what advantages do they have over any other kind of contract? How can they be trusted more than anything else that is subject to human governance? Automatic execution of contracts is nice, but if history can be rewritten later, you can't really build a deterministic system on top of them.
An Ethereum smart contract (program) may be useful when applied to a problem currently solved with a legal contract. But not necessarily.
MakerDAO is a project that achieves a token (Dai) that is termed a "stablecoin" as its value is soft pegged to $1 USD. It was launched in late December and has been very successful thus far. Maker achieves this with a series of smart contracts and operates entirely within the blockchain. MakerDAO is the type of project that is unique to smart contracts and is not possible without Ethereum or similar technology. These are the types of projects you should consider when analyzing the longterm technological capabilities of Ethereum. Imagining a world where paper contracts are replaced with Ethereum smart contracts is a misconception.
2) To criticize Ethereum as "an extremely slow computer" is the laziest, no-effort, no-thought attack you can make
This is just for the initial hybrid design, but last I saw, that design reduces PoW reward by 80%, which necessarily decreases energy consumption by about the same amount. Recently I saw Vitalik claim that the finality provided in the hybrid design is the hard part, and going the rest of the way to full PoS is relatively easy.
Remember, Ethereum is clearly still under development, they never mention that it is ready for general public use.
Sorry that the truth hurts. We've been doing this exact same thing since the late 70s and nothing has changed, at all. It's slow, its hugely wasteful, half of these 'contracts' I could execute on my phone faster than I could on the 'network.' And as shown, lots of room for basic-level stupidity to happen like lost Ether.
Cryptocurrency is >9 years old and so far nobody has thought of a real use case for it (other than selling drugs and child porn) that requires its unique features.
Nick Johnson appears to disagree entirely in a Reddit thread.
I would argue that they are actually worse, because they are subject to the whims of individuals like Buterin who are effectively accountable to no one. In the real world you have judges, you have juries, you have clearly laid out rules, and there exists a well defined process of how legal issues will be handled.
Sooner or later some court is going to get involved in a case involving smart contracts. I imagine they will ignore what the contract says and go to intent of both parties.
A while ago the SEC was looking into having complex securities put a python version of their logic on file, for investors to prod at. That sounds to me like a good use of 'smart contracts'.
We already have established standards for writing and testing safety critical software, like DO-178B. If you want to go even further you use more advanced programming languages that allow you to prove the required properties via its type system.
And just in case all of this fails or a case of PEBKAC, you buy insurance.
If you can prove who stole it, you can go through the courts to gain ownership of their accounts and then transfer the funds back.
Suppose we agree that in two weeks, you are to pay me $1000. Then suppose that some dispute develops between us as to whether the payment is still owed in full, so you refuse to pay.
If we merely had a standard contract, I would need to sue you, and the burden of proof would be on me to show that I am entitled to payment of the full sum.
If we had a smart contract, the payment would execute automatically, and you would have to sue me, and the burden of proof would be on you to show that you are entitled to recover the sum.
So even in a world where a smart contract has the exact same effect on legal duties as a standard contract, it could still let parties reallocate counterparty risk. There are of course other mechanisms for reallocating those risks, like escrow services. How smart contracts compare to those seems like a great area for economic and legal research.
 A doubtful proposition, since parties to a smart contract have manifested some intention to be bound to at least some extent by the mechanics of the smart contract platform. A court will have to consider that as a factor in discerning the true intentions of the parties.
When it comes specifically to changing the positions of parties, I can't think of a scenario where smart contracts help. Especially because they can't check anything, like "was the work done?".
I can think of many uses of escrow, but those don't need smart contracts...
You are supposed to obtain authorization first, but this is not generally verified at the time of the transaction (some accounts do white list specific accounts for outgoing ACH transfers). People can pull money out of your account with just your account and routing numbers.
The only way to initial an ACH chargeback is to attest under penalty of perjury that you did not authorize the transfer. (Not receiving the product / fulfilling the terms of the contract is not a valid chargeback reason for ACH).
So if you had indeed authorized the transfer (as maroperaza stipulates) then your only recourse is to sue them in court.
It's like saying driverless cars will never exist because the road there will involve some accidents. It sucks, but I don't doubt the future of driverless cars.
If we're going to be fixing shit like this, can we also restore funds to the poor guy who got robbed of 41k ether?
Neither gpg nor ssh keys work that way. Why would Vitalik design the etherium wallet key like that? The passphrase is the last line of defense against people who have managed to access to your system, it's not the first and only defense against remote attackers.
Because he may be very clever at having come up with this whole ethereum system, but that doesn't mean he's wise and experienced. It's a rookie mistake, made by a rookie. It happens. He seems the type to learn from it at least.
It is not like gpg where the private key is independent, stored on disk and encrypted by the passphrase.
The user messed up in that he didn't understand that he needed to use a strong passphrase or it was possible for anyone in the world to guess it.
Are you saying that is a good thing? It's well known that brainwallet is a footgun.
>An early old-style brainwallet was created by by memorization of a passphrase and converting it a private key with a hashing or key derivation algorithm (example: SHA256). That private key is then used to compute a Bitcoin address. This method was found to be very insecure and should not be used. Humans are not a good source of entropy.
A master password system is common. For example, choose a weak password for 1Password.app and someone can see all of your passwords.
According to https://techcrunch.com/2017/12/05/parity-ceo-says-shes-confi... The co-founder of Parity has $90M at stake in this PR. If it was me and I had $90M at stake, I would totally slip Vitalik a million or two to ensure that this PR was merged.
The solution here seems to be a hard fork of Ethereum to allow revival of that problem contract. This seems unpalatable as, well, avoiding extensive human intervention is a key idea in cryptocoins.
Disclaimer: I got off the cryptocoin train awhile back so if I've mistaken anything, please point it out.
Ethereum has not yet hard forked to enact this proposal. At the moment it looks very unlikely to gain the support needed.
This change has no consensus like the DAO fix did, and the problem it fixes is both negligible and self inflicted.
1) The proposed transaction is a dilution. It reduces the value of everyone else's Ether by a payout to Parity.
2) Businesses which use the Etherium system but aren't closely associated with the insiders are at a disadvantage when the insiders can recover from their mistakes, but outsiders cannot.
but it is your proposal so you knew that.
It seems like the Ether devs will mess with the block chain anytime something happens. This seems like a terrible way to manage one of the unique coins in the crypto space.
With that said, aren’t they worried about the risk this conveys to oncomers? Wouldn’t anyone think twice if there’s going to be a fork anytime someone screws up a contract at large enough magnitude?
Today, I (generally) get one set of a laws if I live in a particular geographic location, but a "centralized" ETH committee/board could serve as an authority for some set of actions by individuals unbound by geography.
Some people just want that choice.
I believe it should be quite possible to formulate such a thing as part of a smart contract in which the ETH committee/board may always interfer if they desire if this is what people want.
If code or asking Vitalik nicely enough is law, I think I'll stick with lawyers, thanks...
It's possible that the devs will choose to go along with this change, but they've previously rejected several other proposals to recover these funds.
The whole ETH/ETC fork was because they messed up the DAO contract, which set a precedent for "code is law, except when it doesn't suit us".
The ETC fork happened very early and affected some large percentage of available tokens - I think 15% or so.
The users who actually decide which currencies have value are those who are willing to exchange those currencies for things of value - either directly for goods & services, or indirectly through trading it with fiat currencies that you can exchange for goods & services. Like all currencies, Ethereum has no intrinsic value - it's just bits in a bunch of computers across the globe, the same as dollars are these days. Its value comes from peoples' willingness to exchange it for things they do value, which isn't going to be very high if the sellers don't believe it'll be worth something to them in the future.
I mention this because the DAO losses were address by a hard fork.
If enough money is at stake it would be advantageous for Vitalik and other core maintainers to allow for people to pay on getting their PRs accepted. This PR would restore I understand about >$100M in funds. This type of patch is surely worth money in order to accept.
At least if Vitalik and friends took money in order to do these types of arbitrary patch PRs to fix other people's problems, then it would at least be a fair playing field.
Is Vitalik and other core maintainers already getting paid by the people proposing these types of PRs?
Not necessarily. If accepting this proposal means that the community loses confidence in the platform, then there could be way more money to lose than just what is locked up in that dead contract. Does it seem likely they won't take that into consideration?
It's not a cut-and-dried issue, but personally I do tend towards the view that interfering in contracts via hard forks undermines the credibility of the whole idea behind smart contracts. As it is, it seems smart contracts simply do not work as they should. They seem to be vulnerable to both technical and political risks, which is actually worse than a regular contract.
And indeed, I treat it the same way I do scrip in video games. But until you take away the ability to "rebalance the economy", it will stay a video game.
Contracts are functional, being procedural should be the exception.
They should be functional, scoped, limited (by the VM inclusive), testable.
In fact, there are several new languages in development to move things in that direction, including Vyper (originally designed by Vitalik) and Bamboo (designed by the person employed by the EF to work on formal verification).
I don't see either trying to adopt approaches more like Simplicity.
There's a lot of hot air being blown about pure functional programming for smart contracts as a way to somehow solve all logical bugs, which is nonsense.
I don't think it's easier to specify a series of conditions in a functional language than in an imperative language, generally speaking.
And while I think most smart contract languages are bug-ridden disasterpieces, it IS possible to test them thoroughly. The problem is that most folks in the blockchain space, particularly contract author's, simply have no experience dealing with the difficulties of distributed, public facing systems. We see these problems over and over again.
One of the core principles of blockchain technology is immutability - that is, once a transaction becomes part of a blockchain, it stays there forever and can never be undone. In the case of Ethereum, this also includes smart contracts.
An advantage of immutable contracts is that users can trust that it will always operate in exactly the way the code was written, and the developer who wrote the contract cannot change the rules, or alter the "terms of service" as so often happens in centralised systems. A disadvantage of immutable contracts is that if there is a bug in the code, it remains there permanently and can never be fixed. In this particular case, there was a bug that allowed someone to instruct the contract to "self destruct" (refuse to process any more transactions), thereby locking away a large amount of ETH.
EIP stands for Ethereum Improvement Proposal. This particular proposal (which, as I understand, has not yet been accepted) would alter the Ethereum protocol to handle this specific contract address specially in such a way that reverses effects of the unintended self-destruction, allowing the lost funds to be recovered. This goes against the principle that the blockchain must be immutable, otherwise known as "code is law".
Breaking immutability in such a manner is highly controversial; the debate is about whether the development team should make a one-off fix for this particular case because a lot of people lost a lot of money (or rather ETH), or whether they should leave things as-is to avoid destroying trust in Ethereum's promise of immutability.
This has happened previously on one occasion; see https://en.wikipedia.org/wiki/The_DAO_(organization)
Smart contracts are another name for programs that run within the blockchain. Whereas Bitcoin blocks contain data that explains transactions, Ethereum blocks contain data that are virtual machine opcodes. Essentially Ethereum is a never ending list of a single-threaded processor's instructions. These instructions manipulate the global state of a computer. You pay for these transactions with ETH, and when ETH is used to pay for computation on the "world's computer", it is termed gas.
EIP's are "Ethereum Improvement Proposals" which are how anyone can propose changes, protocols, whatever to the Ethereum open source project. Like RFC's for the internet protocols.
Furthermore, if you do succeed in getting help from the community/central committee then you just defeated a goal of cryptocurrencies. Taken directly from the first paragraph of the homepage of the Ethereum website :
> Ethereum is a decentralized platform that runs smart contracts: applications that run exactly as programmed without any possibility of downtime, censorship, fraud or third-party interference.
We're not taking money from you or I and giving it to a failing institution (a bailout). We are setting up a procedure so that when mistakes are inevitably made, someone can still access their funds.
After all we all agree it is all of these company's funds, right?
> Provide a standardized format for Ethereum Recovery Proposals (ERPs), which relate to recovery of certain classes of lost funds. Individual ERPs will follow the same process as any EIP, but will be formatted and evaluated in a standard way to ensure consistency and transparency.