The code is there (linked in the article): https://bscscan.com/address/0x7a8ac384d3a9086afcc13eb58e9091...
After spending 2min on it and using this hint from the article:
> The affected pool contract had an initialize() function that should have been activated after deployment.
> The line: initialized = true; is missing from the function.
That's really the crux of the issue. Have a look at the `initialize()` function. It's meant to be called only once (that's why it uses the modifier `notInitialized`), right after the smart contract is deployed, and never again. But the `initialized` variable is never set to true, meaning that it can be called again, and it seems that's what the attacker did.
...so for those who expected something fancy and technically advanced, that's not for you.
This is the heart of the problem with smart contracts. The theory is that the code is the law. There is no theft. There is no need to trust, authority, or arbitration.
Of course, this only works when the smart contracts perfectly meet a correctly defined spec and have no bugs.
Some cryptocurrency enthusiasts seem to think declaring "code is law" actually makes it so while this is pretty far from the truth.
And like in real life, you can refuse to tell where the money is hidden.
>unlike USD, the court can’t do something like garnish your wages to pay back a 10M settlement by taking some crypto out of your incoming transactions
You think so, do you? "The law is the because that's what the law says it is". It might not be possible now (and I'm not sure I believe that, you can garnish foreign wages) but it will be if the need arises.
"But the code" yeah, no, that's a silly argument that only applies to cyberspace and not the physical world you occupy
Yeah, and if you get paid in cash you can keep it secret to.
OTOH, if your lifestyle reveals you have access go and are spending funds and not making required payments, courts can impose other consequences, up to and including imprisonment. But usually, seizing and selling off physical or reachable intangible property would be the first way to handle monetary debts. And, sure, crypto itself may be easy to conceal, but if you can’t use it to acquire anything tangible without sacrificing the safety, is it really usefully safe?
Also the verb is "garnisheed". They're not putting parsely on it :)
No, its “garnish”, past-tense “garnished”.
> They're not putting parsely on it :)
No, but its the exact same verb, just a different sense.
Real life contracts sometimes turn out to have non-enforceable clauses within our legal framework, or may be entirely invalid if, for example, signed under pressure or false pretense.
Imagine if Goldman Sachs did this. A judge can say "look, you can follow our rules or we start seizing assets etc".
And when you're sitting around trying to be anonymous, well... you're doing everything on a public ledger, so now you're extremely restricted.
Hell, courts/legislative bodies could even go down the "force all miners within their jurisdiction to rollback an unwanted transaction". You think miners care enough to make a stand on this kind of stuff?
Unless you're going to like.... download your consciousness onto the blockchain you are still just as liable to being told by a court what to do as anything else.
US financial laws have been very useful for the gov't to be able to de facto give it worldwide jurisdiction in some areas, I think there would be relatively few qualms about continuing down this path. Especially if (for example) Robinhood and Coinbase were forced to follow along. At one point the "blessed" thing will become the only place you can really operate.
This would destroy the real-world value of this block, basically making it a digital equivalent of dirty money.
On the other hand, this feature is a motivation for centralists to take issues with public decentralized blockchains.
in my experience if you ever tried to tell a judge the code is the law you will be in for a world of hurt. Hope they don't read about it elsewhere either.
on edit: obviously in agreement with parent, just noting that the very concept of the code is the law introduced to a judge is going to elicit some very negative reactions.
In other words, it doesn't work.
What rubbish. You cannot claim "the computer let me do it" and expect to be let off for that. That's an extreme absurdity and is absolutely not how the law works.
Contrary to what a lot of people seem to think: Crypto is not "outside" the law in any way. It is a token of value (like FIAT currency) and there are plenty of laws that cover use cases from capital gains taxes to money laundering to, you guessed it, theft.
In practice, if using a smart contract as a contract, the way you'd use a paper contract, then two parties would sit down and negotiate; draft the negotiated agreement into the form of a smart contract; and then agree (signatures, handshake, multi-sig deployment, whatever) that "what the smart contract does — as executed by the network-consensus abstract machine — is our explicit mutual intent, and damn any statement by either of us to the contrary."
This is the same thing you're doing with a paper contract: by both signing it, you're agreeing that "what the paper contract says — as interpreted by a judge — is our explicit mutual intent, and damn any statement by either of us to the contrary."
Of course, nobody's actually using smart contracts as contracts. They're just using them as trusts/agents. For now.
But a smart contract used as a contract wouldn't have "bugs." It's a negotiated agreement; negotiated agreements have loopholes. And loopholes are perfectly legal. If you left one in, and your counterparty exploits it? Too bad for you. You should have run your contract through a better (code) lawyer.
See also: the DAO hard-fork that created Ethereum Classic.
> if a judge decides it's doing something illegal or unconscionable and issues injunctions to that effect
A judge can't tell a distributed network that has equal presence in countries with mutually-antagonistic economies what to do. They can at most ban the network's nodes from being operated in their country — but people in that country can still continue to use the network through a VPN.
Think of it like offshore gambling, except that it's 'offshore' respective to every country on Earth, and there's nowhere a sufficiently-motivated Navy can send a bunch of boats to shoot at it, either.
Much of the economic value of blockchains comes from the fact that they allow private citizens of countries that have no trade/treaty compatibility (e.g. countries actively at war with one-another), to have a basis for trust allowing them to enter into contracts with one-another. The basis for this trust is the virtual 'overlay' legal framework of "whatever the software the majority of node operators decide to install says, goes."
Of course, if you and I are both in America, and we enter into a smart-contract contract, then we're also entering into a civil legal contract evidenced by that smart contract (just like we're entering into a legal contract if we make a verbal "handshake agreement.")
But if we have a compatible legal framework to operate in, that grants our contract as valid†, then why would we even need a blockchain?
† (A common reason to not grant a civil contract as valid: because it's a contract for purchase of illegal goods. In such cases, you don't have a compatible legal framework to operate in, even if you're operating in the same country.)
The distributed network is to some degree a red herring here: in most cases, an unhappy judge would be issuing orders compelling behaviors from specific people (e.g. "you're going to send that $10M back to the person who had it"), and if that contradicts the code, too bad - do it some other way.
> Think of it like offshore gambling, except that it's 'offshore' respective to every country on Earth
Except it's not: if you're in Iraq and I'm in Brazil and we enter into a contract (as would be legally understood in either or both countries), we are now in a contract under the jurisdictions of both countries.
Even being literally "offshore" doesn't really matter: almost every country will claim jurisdiction over its own citizens if they're not already under the jurisdiction of some other nation (by way of being on a ship registered under that nation's flag). You can't actually escape the law just by going out into the middle of the ocean.
I'm presuming here that the unhappy judge is on the other end, is the thing. There's no judge local to the person “in the wrong” who actually has cause to go after them. Only the judge in the other country does.
If I'm in Iraq and you're in Brazil, and I rip you off, and you have no idea who I am because I'm just some pseudonym on a darknet market, then sure, a Brazilian judge can write an order for "me" to pay the money back... but how are they ever going to enforce that? They don't even know who "I" am.
Let's say they at least know where I am (Iraq.) In a compatible-legal-frameworks situation, your judge could get an arrest warrant out, and nudge my country's police to try to do some ISP PRISM-ing to figure out who I am. Then your judge could try to get me extradited to Brazil to be tried.
But if Iraq and Brazil aren't on "good buddies who treat one-another's warrants in good faith" terms... then what's your judge going to do?
(To put this another way: if Edward Snowden ripped a bunch of private US citizens off before heading to Russia/Switzerland/wherever, would he have been any more likely to have been extradited sooner?)
> if you're in Iraq and I'm in Brazil and we enter into a contract (as would be legally understood in either or both countries), we are now in a contract under the jurisdictions of both countries.
In the case of actual offshore casinos, if you lose money to another person, you don't owe them money, because you never interacted with them directly. You played a game together; but while doing so, what was technically, legally happening was that you were interacting with the casino, and they were interacting with the casino. So, if anyone owes anyone money, then it's the casino that you owe money; and, separately, it's the casino that owes them money. (This is a large part of why casinos get you to trade your cash in for tokens, and then play games using the tokens. Everything that happens with the tokens, is "you interacting with the casino.")
You see this dynamic domestically in the form of e.g. car insurance. If you rear-end someone, you don't owe that person money. You owe your insurance provider money; your insurance provider owes their insurance provider money; and their insurance provider owes them money. Usually all different amounts! Because those are three different contractual agreements, being settled separately.
While it’s not necessarily the case that this is the body of case-law that would pertain if you send Dogecoin to someone in another country through your mutual memberships in some DEx, it’s not not necessarily the case, either.
I think we’re getting off-track here, though. My original point wasn’t that a judge would be replaced by a network-consensus abstract machine. It’s that a network-consensus abstract machine is a valid replacement good for a judge, when you don’t have any compatible legal framework through which to access a judge. This is the good people are paying for when they pay crypto transaction fees: this fake robot judge, that—while worse than a real judge in almost all respects—is at least better than the nothing (i.e. the “send Western Union and pray your counterparty isn’t a Nigerian prince”) you get by default in international civil/contract-law dispute scenarios.
You are in for a world of hurt... that's not how this works. At all. https://en.wikipedia.org/wiki/Tort
It's slightly different than what you describe, because the parallel contract is an actual contract: a written and binding agreement between multiple parties, which explicitly grants consent for some bit of software to govern a given business arrangement.
Most "smart contracts" aren't Ricardian contracts, though, they're just chunks of software running on a blockchain.
They probably should be though, because contract law applies to business whether a specific legal contract is drafted or not, and no, that implicit contract doesn't say "whatever the software does is fine".
Relevant to this discussion is rules covering mistaken deposits to a bank account: recipients are obliged to return the assets, not shrug their shoulders and use the cash while they proclaim "Bank's fault; they're responsible!"
A very contrived example. Say a Smart Contract exists for a contractor to paint a boat cornflower blue and then get paid when the job is done, but the Oracle system says that the contractor messed up and painted it sky blue. It can be part of the Smart Contract in the event of some error that it can go to arbitration to some pre-agreed-to subject matter experts that both sides agreed to beforehand for a quick and reasonable resolution or fee.
This kind of thing can be planned for and made standard in smart contracts. It'll only happen if it saves businesses more time and money than it costs though, and many other question marks will be involved. I think it's very exciting conceptually though.
"If they didn't want you to do that then why did they put it in the game?"
Merits aside, sidestepping the need for this is the whole point of blockchain.
Where big money is at stake most sensible judges will, or will /try/ to, look behind absolutist language in a contract (be it smart or not). Courts are very good at looking at contracts and asking what the parties intent was. They will ask things like "was it intended not to initialize this function?" They may then answer the question with, "No of course not, it was a bug. The person exploiting that bug knew that and cannot reap the benefit". Maybe, or maybe not: trying to guess what a judge will say is a mugs game, but my point is that saying it's a smart contract not operated humans renders it "Absolute Code-as-law" one can't interfere with is unlikely to fly.
What's the advantage if the result is the same system as before (lawsuits, courts, etc.) with added complexity of "smart contracts"?
Of course, it is not necessarily obvious that blockchain-powered smart contracts are the only way — or the best way — to achieve that automation and efficiency!
The entire point of proof-of-work is that it is inefficient, by design. Efficiency is counteracted: Advances in technology that lead to more efficient mining techniques directly mean the difficulty for the next block being adjusted up.
Operating on traditional databases (where automation is regularly implemented, too) is orders of magnitude more efficient. Because like most other things other than proof-of-work, those processes directly benefit from getting more efficient.
Of course, ethereum forked when a big hack happened, but it won't be forking for every hack, otherwise it's not really a reliable blockchain.
The main thing smart contracts bring to the table is a mechanism of enforcing contracts without government involvement or control. The contract gets enforced, period. The parties can be anonymous, it doesn't matter which country they're from, and so on.
Unfortunately, that's probably not going to be what occurs. Even today, there are constantly bugs discovered and fixed, some critical, that have been latent in systems for decades - as in since the last century.
The recent FragAttacks against WiFi systems come to mind.
If you can use courts, you have no reason to use "smart" contracts.
This explanation, much like its sibling "voluntary transaction" defense of market failures and economic coercion, sounds to me like a bully who hits their victim with their own arm, and then exclaims, "stop punching yourself!".
That one lost around $154 million USD at the time. The hacker didn't get anything though, the funds became permanently trapped.
Imagine having a bad day at work?
I haven't written a lot of decentralised code in production, but I get the impression there is generally more to consider, and a fun new class of failure modes to worry about.
And stuff like "I lost £95,000 in a bank scam after my solicitor's email was hacked". She managed to recover £57k after , but still lost £35k, not an insubstantial amount!
If anything, we need more protection against stuff like this. Sending money to the wrong account because your solicitor's email account was compromised is something that can happen to anyone, especially if it's someone you've been in regular contact with.
It seems the systems for dealing with fraud in the current banking system is already inadequate (although there is now a new "voluntary code" according to the article, no idea how well this works in practice), and for crypto it's woefully so.
My understanding was that change basically closes the majority of these scams (where the account details are substituted) as you would now need to create an account with a name you don't have ID for which is very very hard.
As for how this actually pans out in practice: I don't know. I'd guess that having people also fill in a name isn't impossible either, although it certainly makes it a lot harder.
I think we really need to be splitting up code for smart contracts into 3 classes:
- Low Complexity, Automated Assurance: Non-turing complete DSLs that allow you to fully reason about their behaviour and catch bugs in a near completely automated manner. The only one of these that I know of at the moment is Marlowe however I'd love to know if more existed. This class should be easily accessible by finance people and should be near impossible to get wrong.
- Medium Complexity, Semi-automated Assurance: These are tools that are expressive and more code than contract however they may or may not be turing complete. These can catch a wide number of bug classes but may need manual intervention (annotations or proofs) to cover the last mile.
- High Complexity, Manual Assurance: The are tools that give you the full power of a turing complete language and all the landmines that come with them. I personally believe any smart contract written with one of these tools should not be used in production unless it is accompanied with a formal specification and an end to end set of proofs verifying correctness.
At least with this model you can judge the risk factor by how complex your application is. 90% of smart contracts probably fall into the first class and another 9% probably fall into the second. There really is no reason to be using a tool without any reasonable amount of assurances provided unless your project is extraordinarily complex (and even then it'd probably cost a fortune to run on a network) and even then there's no reason for these smart contracts to exist without any proofs backing them.
https://archetype-lang.org/ is a non-turing complete dsl that you can run http://why3.lri.fr/ proofs on.
Another way is to run proofs on the michelson that was generated by a higher level language (https://ligolang.org/, https://hackage.haskell.org/package/morley ...) with: https://gitlab.com/nomadic-labs/mi-cho-coq
The most interesting project (still alpha i think) to me is: https://juvix.org/ a rather elegant dependently typed language.
By the way what's your thought on Plutus (https://developers.cardano.org/en/programming-languages/plut...)?
It's technically its own language however it is basically a Haskell DSL/library that lifts code into a smart contract domain. It seems to retain the full expressivity and safety of Haskell (and the Haskell tooling). Additionally it allows you to share the same code base for on and off network code (as the smart contract code is largely just code lifted into a smart contract domain. This provides pretty much seamless interaction between the two domains. The documentation is a bit sparse at the moment which is its biggest weakness however that's rapidly being improved with the approach of Alonzo at the end of July/start of August.
I'm honestly so glad we as a space are finally starting to move away from Solidity and all of its footguns.
If I call my bank, they can fix a mistake, no matter how bad, because they own "truth".
I think what will end up happing is every contract will have the ability for some authorized key to make arbitrary movements of tokens amongst custodial accounts and nobody will build contracts where anything is moved out of custodial accounts until there's been multiple authorizations. Sort of how I transfer money into Gemini, I don't just trade from my personal checking account and they won't transfer to my checking without some authorizations. Look, I know I'm not being sophisticated here, I'm just saying, you need a way of un-fucking a fuckup and if someone can abscond with tokens easily because of a small logic flaw that doesn't work writ large.
It's just regular finance with extra steps.
The problem with loans generally isn't that you can have one at 10Am on a Sunday morning.
Contracts are not code.
It's a complete misunderstanding to posit them as such.
Contracts depend first and foremost upon the legal regime in which they are valid. Every jurisdiction has rules, precedence, language means specific things.
There is quite a bit of variability in this stuff, which is why we have lawyers. And Judges.
Putting a contract into a crypto ... is basically pointless.
There's possibly more transparency, akin to publishing contracts on the web or something like that.
And of course, there is a 'narrow range of agreement possibilities' that could take place on crypto contracts, for example, things like stock options etc..
But generally speaking, even the contract cryptos are 'technologies looking for application'.
We don't want to 'nay say' new, dreamy ideas, but these new dreamy ideas, combined with a bit of hubris, arrogance, greed, lack of self awareness can create problems.
One could counter that no code ever stands alone, but is executed in terms of some runtime.
But I think I can bolster your point with two further thoughts:
1. Contracts are not meant to be code. The process of drafting a contract helps people arrive at a common understanding - a shared consensus, a "meeting of the minds" - and once signed, it then documents that understanding along with relevant context sufficient for third parties to be able to recreate that common understanding.
The contract is not executable - it, at best, is a declarative description of some of the outcomes. The actual execution is handled independently by the parties that entered the contract. The contract only exists so that common understanding can be preserved through time and shared with other people - whether it's because some party forgot the details, or it needs to be modified, or third parties (like lawyers, judges or arbitrators) need to be involved in dispute resolution.
2. To the extent a contract contains anything resembling executable code - say, the aforementioned declarative descriptions of outcomes, or imperative descriptions of specific behavior, or some attachments with deliverable specifications, etc. - these are all expressed in a very high-level programming language, i.e. natural language. This "code" is ultimately "executed" by sapient human beings. In other words, the programming language and runtime in questions are GAI-complete: that is, coding them up from scratch, e.g. to enable "smart" contracts to be comparable in utility to regular ones, would be equivalent to creating a human-level general-purpose artificial intelligence. We're not anywhere close to achieve that, thus by definition, "smart" contracts are too dumb to make sense when we can use the normal ones.
Thankfully, other cryptos (such as Cardano) are building their smart contract platform with correctness/security in mind (compiler checks and so on), so we might see less problems like this.
Try to figure out WHY things are the way they are and run through some scenarios. It's not a bullet proof system, I don't always do it well... but it can help having to re-invent some of the more obvious aspects of the wheel.
The whole blockchain ecosystem seems like a long drawn out lesson as to why at least some systems we have are kinda big, bulky, involve a lot of checking / overhead ... and why some rules and regulations exist.
Every new blockchain company that posts a blog and complains about "Why can't we just..." often has me thinking "Well yeah you shouldn't... wtf"
I hadn't read this before, but it is worded way better than I did.
As a developer I often stumble across code and systems that are superficially idiotic. I just think "Why isn't this doing X instead?".
Here there are two approaches 1) blindly change the thing to make it better 2) Try to understand why it is wrong, and what led to the legacy design.
The sensible thing might be 2, but its also soul-crushingly boring. So I obviously always do 1. After ripping out some code and replacing it with shiny new code, you invariably find the edge cases that led to the legacy design.
They will show up as bugs, or edge cases missing. After a while, you will have iterated so that your solution might look something like the original (hopefully slightly better) but the important thing is you now have a system you understand fundamentally. You basically traded a few regressions for fundamental understanding of a system
An agreement is an agreement subject to laws and jurisdiction. There's no avoiding that.
It will be interesting to see how this plays out in the courts.
If someone buys product x from seller y, which is based on some decentralized ‘contract’ which is defacto enforced by every node of the network independently - and that product then produces a unjust outcome.
You go to court, but what if Y is just a node on the network? And everyone involved is outside the courts jurisdiction? what can an adverse court judgement actually accomplish? It can’t roll back the network activity to fix the smart contract without everyone’s consent - and that seems unlikely. It can declare product X illegal or fine seller Y - but if they have no way to enforce it, what’s the point?
If the seller is unidentified, then it is possible to get a judgement and work on identifying them. If it's not just a civil dispute but felony fraud, then law enforcement might identify them some years later, it happens.
Of course, if everyone involved is properly anonymous then it's very, very hard to enforce anything, and takes enough effort and money so that it's not worth the hassle for small amounts, so for that there's simply some 'caveat emptor' in dealing with foreign anonymnous sellers. If you defraud $10 off of someone across the ocean, you are likely to get away with this. But for large cases of fraud? Everyone makes mistakes now and them that may allow them to get identified, and such fraud can be prosecuted many years later.
If Y can’t be hauled into court because they are in another country or you just don’t know their identity, well that isn’t a problem specific to these “distributed smart contracts.”
In this case, you send some ether somewhere.
Those things are not a small deal.
If we describe these code-as-law thingys as 'dumb contracts' it is crystal clear that 'YES' this is a dumb contract and any sane judge presented with one may well decide to give the participants exactly what they deserve, just like paper-based 'dumb contracts.'
The key innovation here is that we've gone to the remedy residing in programmer malpractice, rather than attorney malpractice. Which in turn, when it becomes obvious to all involved, hopefully will have a chilling effect on any smart programmer asked to write a 'dumb contract.'
I've seen/read somewhere that Vitalik regrets naming them "smart contracts" though.
The smart contract in my hypothetical scenario might be something like a transaction with 3 parties: you (the customer), the construction company, and a third-party verification service, that executes your payment to the construction company when any 2 of the parties agree to execute. This theoretically prevents the possibility of any 1 party defecting and running away with a monetary benefit (including the third party verification service, which couldn’t run away with the cash like a traditional escrow service hypothetically could).
But my point is that even in this case, if the construction company and third-party verification service colluded to run away with the money without completing the work, you would still sue one or both of them, and my prediction is that the courts would treat this essentially identically to a scenario using traditional contracts.
You could argue there will be lowered costs in the happy path where nothing goes wrong, but I'm not sure that's valid since the underlying software still needs to written/supported by someone.
This allows for a lot more efficiency as people who've never met can make trades on an open market without having to involve anyone else.
Matt Levine wrote about exactly this in a recent Money Stuff column: https://www.bloomberg.com/news/newsletters/2021-05-11/money-... . First paragraph:
> A model that I often use for cryptocurrency is that it is rediscovering traditional finance: In its early days, crypto was a brand-new financial system, unsullied by the old evils of central banking, leverage, regulation, etc.; eventually people realized that some of those things were good, and started reinventing them. One way to reinvent finance is for idealistic crypto technologists to invent banking, leverage, regulation, etc., from first principles, with cursory or no knowledge of how the traditional financial system addressed these issues or why it rejected other solutions. You would expect this to lead to flawed but interesting results, whole new ways of doing things that might blow up horribly but that might instead point the way to a better future.
As he says, "You would expect this to lead to flawed but interesting results, whole new ways of doing things that might blow up horribly but that might instead point the way to a better future".
Yeah, but shouldn't it be possible that these things will be avoided by confirming the validity of the code with theorem provers such as Coq, Lean, or something similar, at some point in the not too distant future? That's what I've been wondering, without currently having any stakes in the game (and probably not until there's compelling mathematical proof of security)
All the while traditional "non-distributed" finance simply uses sound engineering practices, such as code reviews, audits and sign-offs at much smaller cost and without requiring specialized PhDs in multiple unrelated fields.
Without being able to provide any evidence, I'm quite sure (that is, I hypothesize) that if a theorem is clearly stated, such as in the case of formal proof assistants, we'll soon reach a point where we'll have a distributed network in which people are able to 1) provide economic incentive for somebody to provide a given proof, 2) somebody else to potentially offer a better proof which will computationally be accepted (verified by some algorithm that prefers one proof over another by some sort of metric), and therefore 3) have a system in which the validity of a computer algorithm, which has been stated as a conjecture, can be mathematically created and verified in a decentralized fashion.
>it would need to be done by someone who actually understands both the theory of proving algorithm corectness and the algo in question
If the theorem is stated clearly, no further understanding is needed. But of course they'd need the understanding of providing the right axioms and definitions, which are as limited as possible, to state their conjecture. That, I think, will be the point at which the purpose of the mathematician will shift from providing proofs, towards discovering interesting and coherent conjectures, as the proving of those will turn into a kind of rat-race, and ultimately merely a computational challenge.
Anyways, I'm just rambling about some things that have been on my mind recently. Don't take me too seriously.
It would be better to build in a margin of tolerance for correcting mistakes, but that's contrary to the rigid determinism that smart contracts and cryptocurrencies, for some reason, strive for.
Proofs and theorems can have bugs.
But a proof/formal methods can't actually prevent you from being wrong because you can be wrong at any meta level.
Oh, this is a definition of "correct", it's not me correcting the OP.
I remember that in my computability theory class, defining the right proof was by far the most difficult task. And this was in very small, closed systems.
That is of course correct. However, it was my impression that the contract mentioned in the OP was completely on the blockchain, and therefore completely deterministic (no oracles or whatever.) Hence I figured it could've been proved with absolute rigor, in which case it should've been possible to formally prove the correctness. I'll be honest, I didn't look through the contract in detail now, so I might be wrong.
It doesn't change the fact that the crypto system lives in a human world were law, politics and attacks can coerce you to do a lot of things and the formality of the system is just irrelevant.
I started to have this feel already. DeFi projects creates projects that create projects .. it's gonna be a potential spaghetti bowl of intermediate layers. Either the mass is gonna make it survive on the side or it's gonna fade off xml style.
There's a reason we don't have lawyers review every ecommerce or in-store purchase that's made: the process of shopping has been standardized to such an extent that most parties (merchants and buyers) don't need to sign a bespoke agreement for every transaction.
If we can get more complex agreements automatically hammered out, it represents not just large cost savings, but potentially creating more business for smaller players easily.
c.f. people checking t&c's becuase they can't be bothered to read them (/sympathetic).
The advantage then is that you get to choose how much control you want to give up for safety. Unlike the current system where you have to use these institutions to participate.
How? Is it some complex chunk of code that requires a delicate hack?
No, not at all. There is literally a function with code, more or less, like: "If owner then OK here's all the funds". Anybody can check this in the contract. Yet people are dumping funds into these contracts. Even tho these contracts tend to only attract a few thousand dollars each. Well, costs next to nothing to create and spam.
A more detailed analysis of a similar contract to the one I've seen: https://cryptot3ddybear.gitlab.io/blog/posts/scam-explained-...
This type of contract made a killing a few months ago. Basically miners trade by sandwiching orders in the mempool. You can search the 'salmonella' contract for more info.
Link for the lazy, super interesting read.
two things that come to my mind:
- There is really no random() function due to need for determinism
- Space vs. Time complexity is distorted, the gas you pay for instruction vs. byte is really different economics compared to AWS EC2 instance/hour etc.
It has been some time since I did it(Late 2018 I think), but was really informative to get the mindset and different constraints people deal with in smart contract world.
And it worked.
Solidity is just a programming language to call functions and code on the blockchain. You can theoretically write it in any language but need to compile down to EVM at some point.
Solidity wasn't writting from the ground up to be safe and secure. There are a number of projects like vyper, which is a pythonesque language that compiles to the EVM. It's more centered around safety.
I don't understand this part. I thought crypto was decentralised and so nobody controls anything. Yet, this suggests the opposite... some entitiy somewhere can shut you out on a whim.
They wont and dont block the transaction though. The bridges to other blockchains are very fast, and hacker would be prudent to move their funds immediately to a blockchain with greater security.
You get the idea that the article is talking about money but the details seem crazy like a dream.
Actually it’s probably already happening.
I mean, the whole reason Ethereum Classic exists is because a subset of Ether folks felt that restoring the funds in the original DAO hack was contrary to the whole "the code is the contract" ethos.
For example, if you intentionally misrepresent what the contract means to deceive someone into signing a contract, then is fraud, and it also invalidates the contract. If the fraudster already got the money according to that (invalid) contract, no matter if it's cash or crypto, they possess it, but it's not lawfully theirs.
The entire reason that smart contracts exist is to get rid of the need for any trusted third party intermediary because (as proponents argue) all of the logic for the contract is completely embedded in the code.
If it then becomes necessary to say "The code is the contract, unless there's a bug, in which case we'll have some single or set of arbiters decide what the code was really supposed to do" then why have smart contracts at all, why not just go through a normal escrow process where there is an independent arbiter trusted to determine who "lawfully" deserves the funds.
This use case would IMHO have a quite large market, and it would be perfectly compatible with those smart contracts having a proper (non-code) appeals process explicitly designed in the system - the benefit would be that the third party (arbiters, or state, or whatever) is not used in most cases, because that would be costly.
Blockchain adds a ton of cost and complexity precisely because it is completely "autonomous" with no enhanced trust relationship for anyone. The second you have some people with an enhanced trust relationship, then the whole reason for using blockchain falls apart.
Smart contracts can let you enforce things that aren't enforceable otherwise, but they aren't going to let you avoid having things enforced through other means.
Not at all. All crypto currency only has value because other people collectively choose to "believe" a certain chain. Usually there is global consensus of which chain is the "true" chain, but there have been many times in the past that one group has decided to follow a different fork for whatever reason. I mean, Bitcoin has Bitcoin, Bitcoin Cash and Bitcoin Gold. The value that gets allocated to a particular fork just depends on the number of other people that choose to follow that chain.
There may be obvious practical difficulties in identifying the counterparty and enforcing a judgement in them, but if that becomes possible (and if $10m is at stake, perhaps it might become possible, bounties, etc) then the argument that "code is the only representation, and this is what the code said, so this was lawful" is not valid, as it contradicts both contract law and fraud statutes.
But the actual contract terms between the parties and facts like is this contract valid at all, who owns what and who owes what to whom are ultimately determined by contract law, not by the smart contract, like it or not. The smart contract may determine possession of certain things, and in many cases it would be uncontested and there it has a purpose of just doing the contract settlement automatically, but as soon as there's a dispute, then the legal ownership and any claims would be settled according to contract law, not according to what the code says.
Anyone heavily participating in DeFi considers this a cost of doing business in the cutting edge of new finance (which is a very debatable way of saying things).
For example, considering contracts are likely to be state machines (and the error in this case is a state machine issue), maybe an explicitly state machine-oriented language design would be good? I'm not familiar with academic research in this area but I have used a real-world one before, Linden Scripting Language, which incidentally is also used for what you could call “smart contracts” involving money, albeit not in a cryptocurrency environment.
Tezos uses a human readable stack based language as a low level represenation that is suited for formal proofs: https://tezos.gitlab.io/008/michelson.html
If archetype depends on that then its going to be hard to port but i dont think it does.
Another interesting project in development is https://juvix.org/ which targets more backends beside michelson like llvm and wasm. Might run on eth2/Ewasm.
There are also blockchain specific features like: https://medium.com/tqtezos/tickets-on-tezos-part-1-a7cad8cc7...
Setting aside the hacks, what good is DeFi anyhow for those outside crypto space?
Seems DeFi currently serve two main functions.
1. Crypto backed loans - main purpose being crypto speculation / possibly some dubious tax benefits
2. Decentralized exchanges - nice for those into crypto but not for Joe Sixpack.
For people outside the US, they could also get price exposure to US stocks with things like sAAPL, sGOOG, etc (synthetic assets that represent an underlying equity)
The DeFi space could eventually grow to replace any firm that acts as a middleman for digital trades: Robinhood, Wealth front etc.
Most cryptocurrencies and smart contracts are copy and paste with little analysis of the underlying code. To the creators the incentive is to create something fast and without expending any extra effort. The losers are always the users who put their trust in the creators. An ideal open source decentralised system should allow the users to verify the claims of the creators but the reality is that the code and the systems around it are far too complex for any single person to be able to verify quickly.
Does anyone know of any organisations that can vet smart contracts and provide insurance in case they get hacked or fail in other ways?
So this is apparently about some stock market for cryptocurrencies, looks like? I think so.
The first few paragraphs of the analysis of the post-mortem contain so many new terms that I am never likely to trust anyone that pushes any type of cryptocurrency, ever. This is pretty clearly "The New Scam" type that is fashionable. People are regularly getting busted for the old fashioned pyramid scheme, so I guess something else needed to be invented.
This stuff is unregulated, prices are easily swayed by a few famous individuals or sometimes a lot of unknown people, en masse, and you can earn and lose real money by trading the stuff. Hard pass. This article just reinforces to me that my decision about that is correct.
I do not like telling people that their interests are bad, because I'm sure in some ways blockchain stuff is at least semi-useful. I mean there are other ways to provably make ledgers read-only, but whatever. I'm not trying to stir anyone up, is what I'm trying to say. Cryptocurrency is just so clearly not "on the level" in my eyes. Sorry. :(
This is a fine sentiment, but [you] [don't] [link] [every] [word] [in] [your] [sentence] to a dictionary website either, because you expect the reader to know English. In the same way it's perfectly fine to write an article with a target audience that understands the concepts being discussed. Not everything needs to be written for a general audience; this website is exclusively about cryptocurrency, and particularly dense with jargon and slang at that.
Sure, the UI/UX of a traditional link isn't desirable, but I do want every word to be linkable to the dictionary.
At least, way back before I started using blockers.
Your whole comment sounds like confirmation bias to me. You don't like crypto, therefore all the new terms you've never heard of must be bad stuff, everyone is out to scam people and crypto isn't "on the level".
Everyone I know who is into this is very strongly into it, and they can never really explain why. Lots of non-specific sentiments emerge, and rather quickly, but no real this-changes-things-because-of-X details or explanation about anything. It's the same pattern I've seen from people who believe in psychic readings and Tarot cards, except those two groups can get very specific, it's just about imaginary things.
Age is a superpower. I have a few decades behind me. You see patterns in behavior, because people are not snowflakes, and incoming generations make the same mistakes the outgoing generations have made, and must learn the same lessons previous generations have learned. This generation is trying the things that the other generations already tried, etc. Some things change, but the fundamental things people try to do with their lives, those don't really change much generation to generation.
Experience is a good teacher. Now, maybe I'm wrong about cryptocurrency, I'll gladly admit that. And I would counter by saying that "I'm seeing the same broad strokes I've seen previously, with different names."
From what I know this has mostly been described in dystopian sci-fi before, not really tried in earnest.
I'm curious about what you've picked up as well. Like people not being able to explain why they're into it. Could you elaborate on those things a little bit?
That's my (of course limited) experience with cryptocurrency advocates.
The top projects: Aave, Compound, Uniswap, etc. have been audited several times over, publish their smart contract source code for further review, offer millions of dollars in bug bounties and inherently the locked value acts as a giant bug bounty. I feel comfortable with these projects that have been around for several years now. But it is an open ecosystem and not all projects are created equal. You can also take out insurance for the biggest protocols for additional protection.
Then what's the point? I can already take out insurance in the "traditional" banking system (e.g. every checking account has FDIC).
1) Decentralized finance is extensible, pluggable, open, auditable, and non-custodial. This means, when you want to integrate, say a popular crypto money market like Aave into your application, you don't need Aave's permission. You can just have your application interact with Aave's smart contract. (https://aave.com/)
2) When a smart contract is properly engineered, you retain full 24/7 access to your funds with 100% uptime guaranteed by the base chain that it sits on (Ethereum in most cases). You do not get Robinhood-like situations where all of a sudden they turn the buy button off on some stock like what happened two months ago.
3) Everyone has access to the same information. It's all on the public blockchain. There are no backroom deals, it's all in open-source code on the chain. It's all auditable.
4) The yields on so-called stablecoins (cryptos that are pegged to some traditional currency, like USD) are higher on DeFi. You can earn 7 or 8% or more on DeFi, because you are effectively acting as your own peer-to-peer bank and lending out your funds directly to a collateralized third party.(https://compound.finance/)
5) Decentralized finance has already introduced things like decentralized exchanges, which allow people to crowdsource liquidity. You can earn a yield for participating in a liquidity pool on Uniswap, for example (https://uniswap.org/)
6) There are additional exciting applications in this space, it's currently undergoing a Cambrian explosion of activity similar to the early internet. I cannot explain all of this in a short-form HN response, but there's real value there. Real innovation that will change finance forever. If you want to learn more, please check out:
However, you can build this on DeFi today quite easily (see yearn for an example), and you don't need to ask anyone for permission, you just hook things together. The smart contracts can move money around within DeFi based on algorithms that will find the best rate of return on various collateral coins. This is why people are calling it money legos. It allows rapid innovation from the edges, instead of the center, which is insanely powerful. I hope this inspires you to do more research.
The lending part is relatively self-evident. You can pool funds together and the contract automatically issues loans when requested provided the user has X amount of collateral. Most "DeFi" lending basically acts like a margin for margin trading at the moment.
The liquidity farming however is a bit more practical. It's creating pools of liquidity for decentralised exchanges and various "cross-network" smart contracts to temporarily source coins out of.
There's a lot of dogfooding going on but the general system behind it is useful. It's just overly simplistic and the code lacks pretty much any scrutiny in a lot of these cases.
A lot of the loans are 1:2, 1:4, or greater depending on what the currency it is being traded in is. If your total collateral dips below that multiple of the loan, you forfeit the value of the loan from your collateral plus some penalty fee.
Cryptocurrency doesn't provide any new capabilities at all. Money and trading existed before. Price fluctuations existed before. Markets existed before. Buying and selling existed before. But now, because it's so new, and because it's not technically money, but a virtual good, this is all unregulated and fertile ground for people who want to take advantage of others.
This is why it seems to me so much like a sales pitch to me when people talk about it. It seems very much like they need you to commit money in order to get anything out of the arrangement themselves. This is "Jebediah's Miracle Snake Oil" with a new name.
The new capability that cryptocurrency provides is that money is now "programmable" it's a fusion between money and software.
Wether or not this is a benefit, is subjective, but IMO it's a humble beginning with epic potential.
B) it's not programmable; it's an inert thing; proof of work or storage. Programs generate it according to rules that people set. (Real money is created according to rules that people set, as well, so it's "programmable" too, if you look at it in the same way.)
There is nothing new about cryptocurrency.
I could dump $1000 into bushels of corn and get the same exact effect. To grow corn you need to have space to grow it, fertile soil to grow it in, and you need to work, over time, to plant it, fertilize it, and to control pests and invasive weeds. At the end of the growing season, you harvest and you store the corn in a grain silo, and you wait for the price to go up to a point you're comfortable with before you sell it.
Same with wheat, soybeans, livestock, real-estate and so on. None of those things are currency, but at least they're tangible, and they can all be traded for money, just like cryptocurrency.
A - Of course it's not fiat money, but it doesn't need to be. The money in your bank account can be described as virtual too. Folks transact in crypto all the time for goods, services, and "conceptual" transactions like DeFi and NFTs. Maybe it's not widely adopted enough for you to buy a 6-pack of beer at the corner store, but that doesn't mean it's not money. The money in your bank account is just as virtual anyway by your definition. For example: I can't pay with Shekels at a Walmart in Iowa, but I can pay with my debit card and have the bank convert it to the currency in my location, etc...
B - When I say it's programmable money, I'm talking about things like the EVM. Calling it programmable money is reductionist sure, but in effect that's what it is. Cryptocurrency and dapps provide a platform for folks to have complex transactions. Just because you don't want to participate in those transactions doesn't mean others aren't, they clearly are. Also, this stuff doesn't need to fit the traditional definition of currency in order to be viable. To me, it's a distributed computing platform for the exchange of value. Maybe you think it's worse than what we have already, and that's fine, in many way it is, but that doesn't mean it doesn't have benefits of its own.
Totally, this Gamestop stock market stuff is crazy. Oh, you were talking about cryptocurrencies?