Hacker News new | comments | show | ask | jobs | submit login
Priority Queue on Ethereum with a 15 ETH Bug Bounty (github.com)
127 points by HugoMelo 56 days ago | hide | past | web | favorite | 107 comments



Cryptocurrencies, and especially Ethereum, are truly novel innovations in computer science that cross many academic disciplines. The linked example is a great write-up. It’s sad that there is a vocal group, especially on HN, that knee-jerk hates everything blockchain related and wishes with their entire being for it to fail.

However, I think smart contracts are fascinating and wish more people would keep an open mind.


The term “Smart contracts” (Ethereum/EOS/hyperledger) is often used with wild claims for supply chains and cross border business deals, but why would any real business want to use a public blockchain?

Smart contracts can’t even do anything interesting without a trusted source of data input. The threat model and legal questions of smart contracts are another huge deterrent for most businesses.

Latency, throughput, security threats, and cost are all fairly understood with normal databases, yet with blockchain software all of these are measurably worse.

Where are the completed successful smart contracts deployed?

Why would any person or business want/need to use an existing blockchain when some bug or mining operator might cause a catastrophe of that system, who would they sue for damages?

A single user who spent less than $5000 crashed the entire market for Ethereum last summer. Most of the supply of ETH, XMR, BTC and other crypto tokens are owned by a very small population of crypto-oligarchs.

It all seems like a marketing scheme to sell cyber beanie babies to people who are unfamiliar with the engineering flaws in distributing computing and the marketing lies from “investors” who need to pump the price on their magic beans.


Smart contracts can’t even do anything interesting without a trusted source of data input. ...for a certain definition of "doing anything interesting", just as well as "trusted source"*.

As the locus of economy shifts more and more away from physical widgets and into information, the value of information goes up in relation to physical widgets. This makes Blockchain a practical, if not all-encompassing, tool for verification.

Compare a plain old car - the software onboard is a small fraction of its value - to any half-decent workstation, where the value of software can easily exceed the hardware's value several-fold.

Proving I had certain information at certain time point - e.g., a license for the software, or CAD design or other valuable file I've created - can easily provide a lot of value. And in this case "trusted source of information" is the mere fact of existence of a cryptographically secured license file naming me as the licensee at certain time point. Easily securable with the Blockchain.


> Proving I had certain information at certain time point

The blockchain solves the problem of proving ownership of a transferable asset. If you just want to prove that you have certain information at a certain time point there are much simpler solutions: Publicly release the hash of a message (let's say: "I created this using the licence key XXX-XXX-XXX" + signature from your private key) on Twitter/Facebook/Github/Archive.org etc.

Or even better: Sign a contract and send it to your law firm. Once someone breached a licence/contract you need to involve lawyers/regulators anyway.


an interesting way of describing a crypto blockchain like bitcoin or ethereum is that it's a way of incentivizing the storage and preservation of information. In particular, the information of a transaction from one address to another is attached with it a fee for storing it. Your "much simpler solutions" require a trusted third party that has no financial incentive to keep your information around, and depending on the lifetime of your needs may not persist long enough. 10 years ago your solution may have involved myspace or further back geocities or tripod, which are defunct / have refreshed their databases. Spending under 10 cents on a miner fee to store your hash is also a much better solution and cheaper solution than the lawyer escrow. Lawyer escrows and safes are vulnerable to local information loss that bitcoin/ethereum protects against through federated datastores (lots of important papers stored in the world trade center were destroyed on 9/11).


For ~20$ you can publish a hash in a classified ad. That's highly likely to outlast any and possibly every block chain you care to name. Further, because the way hash functions work you can use a single hash to timestamp unlimited amounts of information or individual documents.

This has been true for the last 30+ years yet almost never happens because it's not actually that useful.


The "best" use of blockchain type technology I have seen is the NIST randomness beacon, though I can't think of many applications other than a lottery or where you need to formally prove you used random numbers to pick something.

[0]: https://www.nist.gov/programs-projects/nist-randomness-beaco... [1]: https://beacon.nist.gov/home


> why would any real business want to use a public blockchain?

I think it is only important for a business when public trust is important. For example, a news agency could publish its articles in a public blockchain so the original article and any updates to that article would forever be auditable from that blockchain.


It's exhausting arguing with the same bogus "use cases" every other week but here goes in short:

- In your scenario you're not decentralized, you have a clear authority: the news agency

- The news agency can broadcast a signed merkle tree of the articles it publishes alongside the normal newspaper/news program etc... For instance through their website.

- Anybody who cares about it could maintain a copy of this signed tree locally.

- If the news agency censors or edits an article anybody with a copy of the original tree can prove it by showing that their tree has a valid signature from the news agency and yet the hashes don't match.

There, problem solved without having to worry about proof of work, proof of stake, transaction costs, 50% attacks of what have you.


If I personally published a signed merkle tree... I think I'm too much of a nobody for people to download it to keep me honest you know. Unless I pay them to do it of course.

So then the problem is, I need to go to some entity that is famous enough. And I need my tree to connect to theirs. And all this on the cheap. I'm not a aware of any such thing in existence.

Another nice thing about the blockchain is that the timestamps of the signatures are provable.

And also nice is that there are no record keepers to whom which pressure can be applied.


> If I personally published a signed merkle tree... I think I'm too much of a nobody for people to download it to keep me honest you know. Unless I pay them to do it of course.

In the original scenario I assumed that there were third party people interested in detecting or even preventing modification of articles after they're published. If nobody cares about it then the whole thing is moot to begin with.

If your scenario is that you'd like to be able to timestamp data that has value to you but not others (say, something patent-related) then it's a different scenario and then yes, the blockchain might make sense, although you could also use many other trusted, albeit centralized, third parties to achieve the same thing. Making a public post of Facebook or some other big website for instance. The incentives would have to be very high for these companies to modify post dates for a scam. Even more so if you post it to several websites. I think there are also services who will add your signature to a merkle tree and then publish it in a newspaper for instance.

But I agree that in this situation publishing the hash on a blockchain is actually a good solution. It's simple and easy to program for. But keep in mind that this only works as long as the currency is valuable enough to keep miners honest and rewarded for their work (otherwise people will be able to attack the blockchain and rewrite history). So if a cryptocurrency fails and its value collapses then suddenly your proofs become worthless as a side effect.


Or, instead of paying to implement, operate and maintain that system forever, and also hoping that someone independent will store copies forever (because without that independent third party, the news agency's whole system is irrelevant)... maybe they could permanently store a hash of published revisions on a public blockchain for $0.05 each.

It's just another option that might turn out to be useful for some.

Although, I feel like there are other complications in the news agency use case. For instance, many potential changes to an article are irrelevant to meaning, so they don't imply bad intentions, despite having a totally different hash. If the only copy of an article is on the newspaper's site, then a simple format update a year later could break all the hashes. [edit] I mean so it would become impossible to check whether the article had been changed. A typical hash function doesn't give any sense of edit distance.

GP post doesn't seem to consider the apparent need to also keep unchanged copies of the original articles. Those would be much too expensive to store on today's typical blockchains.

I'm sure those problems have been discussed before, maybe solved, but I wonder if these issues make this news agency case less suitable for a simple Blockchain implementation?


If I understand what you're proposing you want to store the entire articles themselves in the blockchain. That indeed offers many benefits but it's also prohibitively expensive. In practice people will only store small hashes in the tree which can be then used to authenticate offline data. That means that you need somebody to archive that offline data to really make sense of the signed data so you have exactly the issues that you're describing if nobody cares to do it.

The fact that storing data on the blockchain is expensive is also not an optimization problem that can be solved easily with incremental optimizations, it stems from the fact that the data is transferred and mirrored forever on thousands of nodes. If storing data on the blockchain was cheap you'd quickly run into scalability problem. People who run Blockchain nodes don't want to mirror Wikipedia, the output of all the world's newspaper and child porn archives on their servers.


No, of course I'm not proposing anything like that. On the contrary, I was saying that it seemed impossible. Can't you see we actually agree about that!

I pointed out other possible problems with the original suggestion that news agencies should use blockchains. But you seem to completely misunderstand those words as being an attempt to support that original suggestion. Why?

I'm amazed that your reply to me repeats almost exactly what I had just said: "[blockchain could] store a hash of published revisions ... [but] copies of the original articles would be much too expensive to store on today's typical blockchains."

I hope this won't sound rude, but I've got to suggest that you read what people are actually saying, instead of assuming you know what they're going to say.


No wonder you have so many "exhausting arguments".... you're not listening to anyone but yourself.


Just because I feel like arguing a bit, here goes:

>- In your scenario you're not decentralized, you have a clear authority: the news agency Only due to current technical limitations. Shift to Blockchain, get distributed news agencies, with reporters[1] residing all over the world. Think of the time and costs saved by not having to send reporter out of a central office

>- The news agency can broadcast a signed merkle tree of the articles it publishes alongside the normal newspaper/news program etc... For instance through their website. Doesn't help a bit, given how they have total control over the content of the website, they could just as easily swap out the merkele root and claim it is the original one. Blockchain denies them this sleight of hand.

>- Anybody who cares about it could maintain a copy of this signed tree locally. ...and there's a well known tool for distributing that in a verified & timestamped format - Blockchain.

>- If the news agency censors or edits an article anybody with a copy of the original tree can prove it by showing that their tree has a valid signature from the news agency and yet the hashes don't match. Introduces a 'he-said, she-said' problem. Which the Blockchain neatly avoids.

[1] possibly with a lot more "citizen journalists" who do the reporting as a side activity, rather than mostly plain old full-time journalists.


>Shift to Blockchain, get distributed news agencies, with reporters

You'll have to break that one down for me. Can the blockchain also cure male pattern baldness? Asking for a friend.

>and there's a well known tool for distributing that in a verified & timestamped format - Blockchain.

News agencies typically already have a way to distribute information since that's literally their job. Even if they don't they could just tweet it or whatever. That's not really a problem.

>Introduces a 'he-said, she-said' problem. Which the Blockchain neatly avoids.

No it doesn't, if you can provide a valid signature from the "News Org" public key that doesn't match the article's checksum then it proves that "News Org" at some point signed conflicting data, proving that something has been tempered with. It doesn't matter if the person pointing that out is some anonymous user on 8chan, as long as the signature is valid it can only mean that the news organization did something shady or that their key got compromised.

That's the whole principle behind public key cryptography. I signed this comment before posting it, which means that if tomorrow I delete this message and you kept a copy you could show that I in fact authored it (or at least endorsed it somehow): https://pastebin.com/XKnQSFew


> Shift to Blockchain, get distributed news agencies, with reporters[1] residing all over the world

The associated press didn't seem to need a blockchain to have reporters scattered across the world. They simply recruited reporters that lived across the world.

What you're talking about sounds more like twitter or facebook where you have "reporters" (aka users) write poorly written updates from around the world.

> Doesn't help a bit, given how they have total control over the content of the website, they could just as easily swap out the merkele root and claim it is the original one

If you've ever force pushed to a git repo, you know why this is hard. Regardless, blockchain doesn't solve this, per the next point.

> Introduces a 'he-said, she-said' problem. Which the Blockchain neatly avoids.

The blockchain avoids it by insisting whoever spent the most energy is the source of truth.

Let's say an attacker wishes to insist the correct hash is Y, not X, and thus paint the news agency as a liar for having a story up with hash X.

All that person has to do is use more energy to publish a longer blockchain that includes Y... and the news agency doesn't really have an incentive to spend a lot of energy protecting the blockchain probably, so it won't be hard.

The incentive of mining makes sense for money. It doesn't make much sense for this case.

> and there's a well known tool for distributing that in a verified & timestamped format - Blockchain.

I'd go with "git", "rsync", "ftp", or "bittorrent" as well known tools for distributing some files, whether they're timestamped or not.


Why a blockchain?

ipfs [0] already provides persistent immutable links.

Creating a torrent with a feed for updates [1] would also provide distributed storage and hashing of the content with the ability to publish updates.

Or they could create a git repo and encourage others to mirror the git repo, such that they couldn't rebase away history without those mirrors noticing.

Or, and here's a radical idea, they could physically print and deliver papers to people, which means any updates would have to be included as noted amendments in future delivered papers.

However, why would any business want to do this? News sites these days are built on complex dynamic content and ads, which is antithetical to distributing the content in any such ways. If you can download just the text of the article, they're losing ad views. If you download the ads too, it now changes each time a new person purchases an ad on their ad network.

This is blockchain trying to dream up a problem for publishers which those publishers don't think they have. If they did have that problem, a git repo would be the most mature and simple way to implement it, not "blockchain" which includes nothing as mature as git under its umbrella.

[0]: https://ipfs.io/#uses

[1]: http://www.bittorrent.org/beps/bep_0039.html


> This is blockchain trying to dream up a problem for publishers which those publishers don't think they have.

Fair enough, it was just an example... maybe a bad example of when public trust is needed for something.

But, that level of trust and audibility would be nice in this era of conspiracies and fake news. I remember watching CNN on 9/11 and they reported that Flight 93 was shot down over Pensylvania. Maybe that was bad reporting, maybe it was accurate. But, now I can't find that footage anywhere.

I would love to find that footage now. Find out exactly what they said. Find out who their source was. Find out if it was bad reporting with bad sources, or find out if it was something more. Without that footage, it's just hearse and I'm sure we'll never know the truth about it now.


If only there was a group of people dedicated to archiving content... I dunno, maybe archive.org (aka "The Internet Archive")?

They even have a CNN section including a full recording of their broadcast on the morning of 9/11 [0]. I'm not going to waste the time watching this to see if they miss-reported some detail or not because I've got better things to do.

I don't see how blockchain helps here still; the problem with storing video is that copyright is complicated and there's a lot of it which costs a lot to store, not that we don't have the means to store and audit it.

> that level of trust and audibility would be nice in this era of conspiracies and fake news

Being able to see changes to articles doesn't actually help with those problems. Better journalistic practices help. People thinking critically helps. Removing the absurd click-bait headlines we've ended up on might help. Making news not be for-profit might help (related to the former). Changing the format of the fake news doesn't make it any less fake.

It seems like blockchain is being used as this idealistic thing which surely, if implemented, would not suffer from as many or more flaws than the status quo, when in reality no blockchain based thing has reached mainstream usability or mainstream users yet (arguably excepting bitcoin).

[0]: https://archive.org/details/CNN_20010911_130000_CNN_Live_Thi...


Why? News sites don’t even care about maintaining an edit history. They just make minor fixes and leave editors notes when they fix things. News on the block chain is not something anyone wants.


I do. Censorship resistance and removing the ability to rewrite history would be good. even if current media practice is different doesn’t mean it can’t change in the future.


Forbes just recently partnered with Civil, a blockchain journalism project from Consensys Studios, which is the commercial powerhouse of Ethereum’s cofounder.


I've worked in publishing, this initiative sounds like many other "save journalism with technology" initiatives that I've seen go nowhere, like the Coral Project.

But back to Civil. Why would I care that Forbes is going to publish SOME of their articles on this blockchain? Their site uses HTTPS, I'm always sure that the content I'm looking at actually came from Forbes. I never need to question that the person in their byline is who they say they are, and I'm not sure how a blockchain would help if I didn't: it seems like their big plan is to just put badges on articles?

This sounds like a grasp at relevance via blockchain hype.

I'm willing to be convinced that I'm wrong, but I feel pretty safe predicting that this will go nowhere. It doesn't solve a problem that Forbes actually has.


Precisely, and we already have tools at our disposal for that which also work very well in the news agency example (albeit internally): Wiki and Git. Blockchain adds nothing, and has disadvantages of wasting resources.

The only thing the Blockchain has proven to be useful for is cons in the form of speculation, akin to Ponzi scheme. I've seen it argued that it allows people to move away cheaply from bad currencies. Companies like PayPal and Stripe allow for the same already, and they use real currencies.


So what if a story or bit of information has to be retracted by law?

I second my sibling, newspapers have no interest in transparency.


> So what if a story or bit of information has to be retracted by law?

Then the news agency issues a retraction. It's already the case that the Internet will not forget, whether via the Internet Archive or http://www.newsdiffs.org/ .


How can data be retracted from a blockchain?

Both those sites are also subject to laws and can easily retract information if necessary.


> How can data be retracted from a blockchain?

In much the same way data can be retracted from printed copies of newspapers that already have widely circulated copies in both personal and institutional/library hands: by publishing a subsequent retraction later in the chain, like any other change.


The change and what was previously there is left for anyone to see in the blockchain.


And printed copies are not?


Sure. But in the days of it systems and digitalization less and less is being printed. It’s also quite difficult to find and access these printed copies someone might have stored somewhere.


> newspapers have no interest in transparency

I disagree, I mean... the whole point of journalism is to get to the truth -- in other words, to make an event transparent.


> Smart contracts can’t even do anything interesting without a trusted source of data input

At least read the writings of Szabo before you decide what smart contracts are and aren't good for.

There are many several interesting applications here and now around trustless atomic swaps. Not necessarily between assets but cryptographic keys in general (for example DRM systems).

> It all seems like a marketing scheme to sell cyber beanie babies

Well, if it has a marketing budget then it isn't really trustless as there is some central authority to market it. Be careful out there. Rapidly increasing valuations attract scammers like sugar to flies.


I don't want to be anti-blockchain, but I have yet to come across any problems that are solved better with a blockchain than with any other traditional technology - except for the original one, a distributed electronic currency.


I don’t understand why you would be anti- something so new at all. To me it’s preposterous that you would evaluate a new technology based on how many problems it and only it can solve. Don’t you get that new technology has an incubation period where its fundamental challenges must be overcome?

What problem could early steam powered cars solve that horses couldn’t solve better? I doubt the earliest ones performed better than the animal based solutions for ANY specific use.

Yet writing off automobiles at that stage would’ve been a mistake only obvious in retrospect.

Especially for something as truly bizarre as Ethereum, why write it off at this early stage?


How long do we have to wait before we can consider blockchains not so new? Bitcoin is 10yo, the whole field has received literal billions in founding in the past few years (anybody with a good looking website and a three page whitepaper could make millions in an ICO last year). Furthermore anybody coming up with an actual innovation in the field is sure to make millions so the incentive to innovate is huge.

So, where are the results?

Your car analogy doesn't add up, for quite a while horses were undoubtedly more convenient than automobiles. Then automobiles improved and took over. We have a similar situation with electric cars today.

Blockchain technologies are not a few cycles of optimizations away from being able to compete with PostgreSQL, they work fundamentally differently and they have fundamentally, per design, strong limitations about how efficient they can be. That's the cost of trustless decentralization.

To overcome these limitations you don't need "a blockchain but more better", you need a fundamental breakthrough in the way these things work. I suppose you could hope for such a breakthrough but that's akin to hoping that we're going to figure out cold fusion and solve the energy crisis. Sure, it can happen but it's not unreasonable to be skeptical of it.


You're praising innovation blindly. Not all innovation is good, and many supposed innovators are crocks. I understand blockchains enough to where I could build one of my own (note that I say blockchain, and not cryptocurrency) and I really don't see much use for this particular datastructure outside certain niche applications.

What are these truly innovative uses for a nested chain of data blobs whose contents include a hash of the previous link?


> You're praising innovation blindly.

He isn't praising anything. He is simply saying not being anti-something that early. The world isn't all black and white, there's nuance, not being anti-something doesn't means praising it.

> I don’t understand why you would be anti- something so new at all. >[...] > why write it off at this early stage?

What if there's actually nothing good that we can do out of it but you aren't there to talk against it? Well it will die naturally. What if there's actually something good that we can do with it but there's a bunch of anti-something people? Well that add unnecessary friction to something good being made and that just make you a jerk adding it.

You see how it's better?


What defines a blockchain for you?

I agree that a token based currency is not required, I'm just interested in what people define a blockchain as for intellectual curiosity.


> What defines a blockchain for you?

A (potentially distributed) datastructure of some kind, which resembles a linked-list, and ensures its integrity using some sort of cryptographic hash of the previous link such that changing any link but the most recent invalidates the whole chain. Literally -- a chain of (data) blocks.

A non-engineering description of a "blockchain" should be considered to be misleading.

edit - also, I'd take cryptocurrencies more seriously if they could stay out of the headlines for a while


Is utterly funny to read people's opinions bashing against blockchain technology and when asked about a simple definition they fail to mention the use of consensus protocols which was, already 10 years ago, the huge innovation that lead to this revolution.


Consensus protocols are nothing new. The novel part of blockchains is the actual blockchain

https://en.wikipedia.org/wiki/Paxos_(computer_science)

You're thinking of a distributed ledger, which combine blockchains with consensus protocols


I prefer the "proof of work != blockchain" comments when people include the most common consensus protocol in their simple description of blockchain.


> Especially for something as truly bizarre as Ethereum, why write it off at this early stage?

If a new invention is truly transformative, it will thrive even after long doubt. At this stage the public, forced demonstration of cryptocurrencies deserve to be criticized no matter it will be successful or not. (I don't want to criticize general cryptocurrency researchers of course, because, well, they are just studying.)


There are so many advantages to early cars, are you kidding me? They don’t eat hay and shit for one.

Is there anything that your argument wouldn’t work for? Do you truly have to wait a decade before making any judgements about the hype around a technology? When will we be able to say if smart contracts have been overhyped?


They eat coal/gasoline which is probably more expensive. Also they worked on almost no terrain at all compared to horses and constantly broke down.

The only reason they would even make sense to pursue would be because of how successful the train was. Similar to how this bitcoin stuff makes more sense when you look at the success of the internet/paypal/amazon.


You know you can research this stuff right? Gasoline was a waste product in the refining of crude oil (specifically, into Kerosene [itself a replacement for whale oil] they were making anyways). It used to be considered garbage. [1] It really only became valuable once they realized they could power cars with it. They used to dump it in rivers, making them catch fire. [2]

In what - concrete - way is bitcoin related to the success of Amazon or the internet? Please be specific and don't hand-wave if you're going to make such bold claims.

[1] https://knowledgenuts.com/2014/02/24/gasoline-used-to-be-con...

[2] http://www.attendly.com/rockefellers-unconventional-approach...


The internet and amazon displaced the old business models with e-commerce. Bitcoin could do that with money/gold.

This is similar to train->car.


I am not anti-blockchain, there are applications where it makes sense. But 90% of the time when I hear about a blockchain related application its a regular application which just so happens to use the blockchain as storage because its a buzzword.

It feels like the world suddenly discovered the hammer, and now we think everything is a nail


Like what? Everyone seems to hand-wave this, but nobody in the full decade long history of bitcoin and blockchain has come up with a single good use case that isn't better solved by MySQL.


Illegal gambling and illegal transactions tend to be good Bitcoin usecases that are trickier to solve with MySQL due to trust issues. Now, you may not be particularly enamored with illegal activity, but it is the one use case where Bitcoin really excels.


That’s a good use case but it doesn’t feel like a good flagship product to spur mass adoption haha


MySQL doesn't guarantee message integrity, so anything involving shared data among separate entities that could be attractive for manipulation would be better solved with blockchain tech than MySQL.


It's not new, BTC is a full decade old. At this point the internet had a billion users.


The web wasn't invented until the internet was more than a decade old.

This narrative that "Internet time" transforms the world every other year should have died in the 90s. Real work takes time.

Building the infrastructure for the Internet took decades. Even after it won, most people used modems over badly insulated copper wire for the better part of ten years.


Bitcoin is a “product” like the web and it’s existed for a decade. Blockchain is just hashing, infrastructure that’s already existed for decades. Nobody has found a good use for either yet. They may. But that doesn’t mean any particular cryptocurrency should have any value. Or that we should particularly value the blockchain yet.

The reason nobody has found a good use for block chain yet is that the only time it offers any benefits over a traditional relational data store is when you cannot trust anybody. The truth is you can trust someone almost all the time. And even if you can’t really, it might be more efficient to just pretend. The truth is that trust is a substantial optimization and it eliminates vast quantities of waste and inefficiency in the proof of work model. That’s why people don’t want blockchains.

A really clean way of expressing this idea is that when you deposit a paper check at the bank they don’t check the signature. They don’t check the signature because they trust you, or rather it’s more efficient to just assume the money is being deposited legitimately. The amount of effort signature verification takes makes it more expensive than just eating the fraud losses. The same is true in many of these block chain powered proof of work situations. The cost of computing the proof of work outweighs the cost of managing fraud. Not to mention all the ridiculous fraud perpetrated on this unregulated market but that’s neither here nor there.


But no one person or company made billions off the invention of the web.

I wonder if investors are pushing developers away from infrastructure plays, towards consumer apps and sub-platforms.

I imagine that's happening in VR. I hear a lot about headsets, games, medical applications, etc, but I haven't heard anyone get excited about research into better Fresnel lens production.


Well, you need a use case.


USD is already a mostly electronic currency. I’ve done some reading, and I have yet to come across a compelling advantage for cryptocurrency cum currency for the purposes of legitimate transactions.


It’s mostly useful for people whose social networks aren’t fully enfranchised in the U.S. financial system. For people within that system your analysis is correct.


Interesting. Can you expand on what you mean by "people whose social networks aren't full enfranchised in the U.S. financial system?" The phrase has me thinking of this: https://en.wikipedia.org/wiki/M-Pesa


They probably mean people who carry out illegal transactions.


From another thread:

“Code bounties are a great use-case for cryptocurrency.”

https://news.ycombinator.com/item?id=18226000


How is it any better than conventional tools such as Patreon or Flattr?


Why?


Without reading, a use case could be to sprinkle some private keys in your “secure” code and “secure” database.

If it gets leaked/hacked, there will be temptation to cash it out. Follow it and get quick notification that your security has been breached.


You could just use any free kind of canary instead, access to traps is easy to notice without any need for a complex external dependency or wasting big amounts of money.


I personally thought I had an open mind about it but it keeps over promising and under delivering (the most extreme example is the rhetoric surrounding the DAO on the ethereum platform). It's undoubtedly a cool technology but at a certain point it's hard to muster any excitement anymore.


That's true of just about any technological innovation though. Even look at recent examples with space, self-driving cars, etc. I'd posture that we are currently somewhere in the Trough of Disillusionment [0] and that it'll another year or two before there's more mass use/adoption.

[0] https://en.wikipedia.org/wiki/Hype_cycle


Hype cycle suffers from a survivor bias. You cannot use hype cycle to determine if the "innovation" will be eventually successful, as failed "innovations" may also follow the first half of the hype cycle and then fall off.


You're making a strawman argument here. People who have speculated money in blockchains have a financial incentive to be vocal and overhype the technology while minimizing the many drawbacks it has. So I think a bit of "knee-jerk" skepticism is warranted around anything related to cryptocurrencies.

So maybe instead of building strawmen you could tell us what you find so fascinating about smart contracts? Who knows, you might end up convincing some of us haters. Not me though, I'm too busy wishing with my entire being for it to fail. It's better than running for cardio.


How would you like useful, open source tools that can be deployed once and only once (for everyone), and used freely (minus processing fees) forever without having to worry about (a) deploying an instance of it on your own environment or (b) the service going down because the owner lost interest?

Because smart contracts can do that. Pretty neat, huh?


What's sad is the spectacle that has arisen around this novel area over the last several years, the breathless enthusiasm, the handwaving away of concerns, the absolute mindless utopianism that has surrounded this stuff.

Are Smart Contracts interesting? Sure. But they don't address all areas of contract law very well, and they certainly seem like they could well be misused as a way to circumvent a lot of the protections we currently have in place.

Are cryptocurrencies interesting? Again yes, but they don't actually appear to be a very good fit for anything in particular, and they do seem to have a lot of poor economic ideas baked in.

So while blockchains are an interesting set of data structures, a lot of the hate and disparagement comes from the (almost 10) years of relentless hype coupled with the complete failure for any of the great promises to appear. Instead we see exactly what was predictable - hoarding and speculation, scams and fraud.


> However, I think smart contracts are fascinating and wish more people would keep an open mind.

Does it occur to you someone might've had an open mind, and made up their mind?

Your comment assumes such isn't possible, yet your comment polarises the discussion (aka "flamebait") which isn't about the linked article at all. The amount of comments which are on-topic in this thread is zero with a large amount spawning from your initial post. Yet, the linked article is fascinating? Well, I'd love to read the on-topic discussion on it to read about it further.


I think it’s more a reaction to the con artists that infested the whole industry than the technology itself.


No, it is a reaction against the terrible technology.


> It’s sad that there is a vocal group, especially on HN, that knee-jerk hates everything blockchain related and wishes with their entire being for it to fail.

Given the generally high level of comments here at HN, I wonder if it has ever crossed your mind that it might, just might, not actually be knee-jerk hate but you simply being wrong in the novelty and general awesomeness of cryptocurrencies?


I definitely agree with you about the anti-blockchain bubble that's formed, but I think that there are a few unanswered questions about non-technological factors (shameless self-promotion: [1]) that will unfortunately limit them to be little more than interesting technologies for now.

[1] https://www.notion.so/Yet-Another-Rant-About-Blockchains-ece...


I love the idea behind blockchains and smart contracts, but:

1) I don't think smart contracts should be programmed in JavaScript,

2) it would be better if smart contracts were actually treated as law,

3) most problems that are currently being hyped/solved with blockchain would better be solved with a public signed git repository, and

4) blockchains, as currently implemented, are immensely wasteful (I'm hoping this changes with more research).


[flagged]


[flagged]


I downvoted you mostly because I can. But also because this comment violates the rules.


Wow, great write up. Excellent example of computer science fundamentals being used to tackle a novel problem.

I recently had to use the concept of table doubling to improve a system where rough estimation was being used to determine the size of a data structure. It certainly felt good to recall the concept of table doubling and design a system using it's concepts.


Thanks, I basically did a brain dump on the README. I plan do do many more bounties like it in the future. Really glad it's made some traction.


by the way. I deployed the same thing on the KOVAN test network at this address (if people want to test their exploits for free first): https://kovan.etherscan.io/address/0xfbc23099a8bd0ce4227920d...


> […] if people want to test their exploits for free first […]

This sounds like a bad idea, since it would allow other people to extract the script and put it inside a transaction that’s published on the real network, thus unfairly claiming the bounty.


If I were a malicious actor with a good way to attack this, I would wait until this was being used in real applications which deal with larger amounts of ETH, and then attack.

Why should I reveal my cards for $3K?


Because you know if you can find a given flaw, someone else can; and whoever attacks second gets nothing.


Bug bounties aren't aimed at malicious actors, or an attempt to outbid the black market. There's a lot of non malicious people out there who are still competent hackers.


Code bounties are a great use-case for cryptocurrency. I wonder if gratipay[1] for example was built exclusively using BitCoin or Ethereum if it could have survived?

[1] https://gratipay.com


The flaws of ETH seem to show daily. The fact that this is a necessity to keep ETH flowing is a bad sign of things to come.

Bitcoin not blockchain.


I don't understand how the fact that the author solved a novel problem and then posted a bounty points to "flaws of ETH". Could you elaborate?

Also, what do you mean by "Bitcoin not blockchain"?


The fact that what is a necessity? New data structures? Why wouldn't you expect new data structures in absolutely any new environment?


What about open-mindedness, not maximalism


Or neither Bitcoin nor Blockchain. The thing is, inflation is actually what keeps the entire economy moving. Deflationary currencies actively dissuade investment and lending. What would a loan even look like denominated in a deflationary currency? Lenders are incentivized not to give you the one, as their cash reserves appreciate risk-free.

Oh, and also, why trust this random ad-hoc group of self-appointed economists (the core dev team) over a selected group of professional economists with degrees an arms-length away from politics (the federal reserve)? None of it makes sense. If the core team wants to create more bitcoin they can. Just like the fed.

Inflation is not a bad thing - it's solely a regular haircut for unproductive capital. Nobody should be hoarding cash. They should invest. Salaries are indexed for inflation so they don't go down. This isn't rocket science.


Your economics are all wrong. Ever heard of the Cantillon Effect? https://www.aier.org/article/sound-money-project/cantillon-e...


> The Cantillon Effect refers to the change in relative prices resulting from a change in money supply. The change in relative prices occurs because the change in money supply has a specific injection point and therefore a specific flow path through the economy. The first recipient of the new supply of money is in the convenient position of being able to spend extra dollars before prices have increased. But whoever is last in line receives his share of new dollars after prices have increased.

This theory is fundamentally flawed, because it assumes that whoever receives the “new money” buys consumer goods. If this is indeed what happens, then prices should increase. But what if he buys bonds?

If newly produced money is used, not to buy consumer goods (or commodities), but bonds, then the injection of new money into the economy has the opposite effect on the price level, because the new money is used to improve the efficiency of production. E.g. if a producer of chickens sells a $250m bond (bought with “new money”) and invests the proceeds in a chicken plant[1], the price of chickens will decrease, due to increased productivity of producing chickens.

In the above scenario, the only price that will increase is the price of bonds, which is the same as a falling rate of interest (the rate of interest is inversely proportional to the price of the bond). And this is exactly what has been happening for the past 35 years or so[2].

[1] https://markets.businessinsider.com/news/stocks/costco-plans...

[2] https://awealthofcommonsense.com/wp-content/uploads/2015/12/...


Your article seems to be making a distinction between the Cantillon effects and Money Neutrality.

"In principle, it could be argued that Cantillon Effects focus on the short-term effect of changes in money supply, but that money neutrality is a long term characteristic of money. Short-run effects in resource allocation are typically not denied, usually due to the fact that they alter “sticky” prices, such as wages." It then goes on to argue that Money Neutrality shouldn't be taken as a given.

I don't think the article states money neutrality is fallacious, though, and I couldn't find any substantiating claims within it. I suppose the argument I am making is for money neutrality. That yes, the initial recipients of capital are temporarily advantaged being able to purchase assets are pre-inflation prices. However, over time, this does balance out. The market makes it so. I'm not sure, maybe I'm missing something? I'd love to read more on this if you think I am.

That said Bitcoin has a worse Gini ratio than any banana republic, worse wealth distribution and all sorts of other economic factors, and an unbounded cost to transact that as a fixed fee unfairly burdens the poor -- that just make it worse all around than the existing USD based financial system.


> If the core team wants to create more bitcoin they can.

If you believe this, you lack a fundamental understanding of btc.


Actually it’s possible for any hacker to generate more Bitcoins if another bug like CVE-2018-17144 is discovered.

What Exactly Did the Bug Do?

The obvious worst part of this bug was the inflation exploit. An attack could create new bitcoins at will, exceeding the 21 million hard cap limit that is currently in place. This would absolutely destroy confidence in not only Bitcoin, but every cryptocurrency.

https://www.livebitcoinnews.com/cve-2018-17144-the-aftermath...


Yes, I know about that. But that is quite a straw man.

You could say the same thing about the implementation of the protocols that the banks use, who also store your money as an imaginary balance in their computer systems.


You can’t really though, because traditional banks are regulated, and if anyone tried to do that Theyd be investigated by the FBI and the Secret Service then any fraudulently created currency would be destroyed. Further it’s not a core tenet of Fiat Banking that more can’t exist so follow on effects would be limited. If anyone introduces new bitcoin none of that happens, all holder is just lose because decentralization. It’s almost like in the thousands of years of traditional currency people have thought of this and implemented mitigations. It is fascinating to watch bitcoin replay the entire history of traditional banking in fast forward.


> You can’t really though, because traditional banks are regulated, and if anyone tried to do that Theyd be investigated by the FBI and the Secret Service then any fraudulently created currency would be destroyed. Further it’s not a core tenet of Fiat Banking that more can’t exist so follow on effects would be limited. If anyone introduces new bitcoin none of that happens, all holder is just lose because decentralization.

Unless a hacker finds a flaw that lets them siphon off bitcoin without anyone noticing, all the holders would have to do is fork the chain with flaw fixed. Bitcoin is just an P2P shared accounting book, after all, and if someone is able to write an illegal entry in there, the entry can be scrubbed and rewritten. As long as over 50% of the miners believe it's the right thing to do, it becomes the new official record. This actually has happened before and played out exactly as I just wrote: https://en.bitcoin.it/wiki/Value_overflow_incident

If a bank is hacked, who can say really what will happen? Because of secret courts and shadowy government agencies, all you really have is blind trust. Could you go and audit the US Dollar and be sure that there isn't more being created than what the government tells us? It would take you years even if you could, and even then, I'd bet you dollars to donuts that if the government was doing something they didn't want you to know about, they'd block you from finding out.

Bitcoin can be audited by anyone at anytime. Just download the blockchain, and run a program to process it, and you'll know immediately. In fact, the official client does exactly this, and won't accept a blockchain that doesn't pass its internal audit.

> It’s almost like in the thousands of years of traditional currency people have thought of this and implemented mitigations. It is fascinating to watch bitcoin replay the entire history of traditional banking in fast forward.

In the thousands of years of traditional currency, no one was able to create a currency that limited the number of coins created in a way that anyone can publicly check, shared with the ability to transmit very quickly and anonymously large sums across the globe.

This makes cryotocurrency unique, and the old traditional ways of handling money do not apply to it.


Further we've no idea if other such bugs have been discovered and exploited already without responsible disclosure.


You also don't know if your brick and mortar bank has been hacked. It's a silly argument.


I don’t really care though, because they don’t guarantee that no additional dollars are going to enter circulation, we know they well, and the balance of my bank account is insured by the FDIC. If there’s any counterfeiting going on, that’s going to get investigated by the Secret Service and the FBI. If anyone makes more bitcoin, holders just all lose because decentralization. It’s not meant to be a silly argument, it’s meant to be a concrete demonstration of the difference in value between traditional currencies and crypto currencies.


[flagged]


I don't hold it, I invest it in productive things, like I said. I sell those productive assets when I need to buy something substantial, and I use the US Dollar as a medium of exchange and unit of account. You know, a currency. I don't hold it for long enough for 3% annual inflation to make a meaningful dent in my net worth.

It's also trivially false that nobody ever forced a deflationary currency on people, the US dollar used to backed by gold. If your argument is the US dollar is/was forced on people, then the argument is moot.

I'm not sure what you're trying to say.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: