Hacker News new | past | comments | ask | show | jobs | submit login
Did I just lose half a million dollars? (reddit.com)
638 points by olegious 8 months ago | hide | past | favorite | 810 comments

In case you’re wondering what happened, from the thread:

He sent ETH to the WETH contract, received WETH as expected.

Then he wanted to do the reverse and sent WETH, but will not receive anything, because you're supposed to swap your WETH to ETH in exchanges like Uniswap, or call the "withdraw" function in the contract.

For contracts that want to only work with ERC-20 tokens, you use WETH, which comes from a contract that takes 1 eth and gives you 1 WETH.

A known problem with ERC-20 tokens is that transferring them to a contract that isn't made to access them is equivalent to burning them. You should almost never transfer ERC-20 to a smart contract. You instead use approve to give the smart contract permission to withdraw, then call the function you want to receive and tell it to make the withdraw (the contract will internally call transferFrom).

Wait. I'm not letting anyone off the hook for not knowing the above if they put $5 into something, let alone $500k. But even as a coder and someone who was deeply involved in crypto at one point (2011) I find it hard to make heads or tails of wtf this means. All I hear are a lot of acronyms and bizarre edge cases upon edge cases. It sounds like those arguments you'd hear between kids in junior high over magic cards or pogs or something. If this is the level of magical knowledge required to deal with these tokens, it sure seems like a sucker's market.

I think this is a symptom of the general problem of calling everything "cryptocurrency", which anchors people on the mental model of Bitcoin. You were involved in "cryptocurrency" 2011 when everything was Bitcoin or essentially just a fork of Bitcoin and all of the stuff in the comment you replied to was a few years away from existing.

I think it would be like writing "applications" in the early 90s in Visual Basic and then reading something about web applications and saying "I was involved in applications and none of this makes sense to me". That's because it's a different domain, with some similarities but many differences.

Edit: Changed "crypto" to "cryptocurrency" to differentiate from a different general problem with how the shorthand already had a different meaning.

> I think this is a symptom of the general problem of calling everything "crypto", which anchors people on the mental model of Bitcoin.

Or those of us who immediately think of AES, RSA, and Diffie–Hellman.

Anyone around tech in the 1990s may also remember:

* https://en.wikipedia.org/wiki/Crypto_Wars

Right you are. I just edited to differentiate from this other general problem with the nomenclature in the space.

I actually think this one leads to less confusion though, because the people who are familiar with "crypto" vis cryptography universally have enough expertise to differentiate it from "crypto" vis cryptocurrency. Whereas I would estimate that at least 99% of people who have heard of both Bitcoin and Ethereum have no idea that there are important differences in their capabilities and technology.

All the smart but non-technical people I know or read commentary from talk about cryptocurrency as a single thing, where that thing is just different flavors of Bitcoin.

The next time I get cornered by a coinhead - a worryingly common occurrence in real life lately - I'm going to say "Oh, I love crypto! My bank uses it so I can access my account from anywhere. It's great!"

hahaha yeah you can claim a different definition of "crypto" depending on whether you're talking to an anarchist or an institutionalist.

Many of the same teams in this round.

It goes to show that cryptomoney has not yet a settled common set of words to describe what's happening, unlike applications which have "gui, compilers, loop, trees, objects, etc.".

It's still to much specialized to follow what's going on from a higher viewpoint.

I don't think so. The terminology is quite standardised, but just like "gui, compilers, loop, trees, objects, etc." you're not going to know them unless you're familiar with the subject.

Is it really? From what I can tell these are all Etherium-specific terms. This is not standardized. It might be consistent but that’s not at all the same as actually being standardized.

This seems like saying that Chef terminology is standard. It might be internally consistent with its talk of recipes and ingredients and whatnot for imaging machines. But this terminology is not standard because it’s meaningless to someone who had experience with a different imaging platform.

I think it's a mix. Some of it is Ethereum specific and some is pretty standard across all blockchains that support smart contracts.

Yes, it really is pretty standard and straight forward. The ONLY problem is that its popularity has skyrocketed so there are A LOT of people talking about it who have no technical understanding. Parent comment above is a perfect example, complaining because in 10 years the tech has evolved.

I think you're both right to a degree. I agree the jargon is pretty well defined at this point, but it certainly is not as widely understood as the earlier computing and internet jargon. I think the mainstream is in the phase of basically having no idea whatsoever. I am sympathetic to them. I think they feel chuffed with themselves for finally figuring out what Bitcoin is, and now we're telling them they're still over half a decade behind the curve?!

In simple words, he should have called a smart contract's function which would withdraw his tokens and send real ETH to his address. Instead, he sent tokens to smart contract's address and they will stay there forever, not associated with any account. This complexity should be abstracted away by wallet's UI. Users don't have to call APIs directly. Also, this whole situation could be prevented by trying to send a smaller amount first.

I've written middleware APIs for accepting currency in carts and casinos that interfaced with / polled bitcoind and other daemons. Why on earth would this person be calling APIs directly, and why would the daemon not just reject the transaction if it's an unexpected kind of token? Or if he added funds to the contract why not be able to remove them to the same address? I never dealt with smart contracts but even allowing this to happen without an error seems like a crazy, terrible design.

from the reddit comments, similar question, apparently every instruction adds gas fees to running the contract, so if you're going to use the contract a lot, you leave out any kind of validation.

>> Wow why didn't the contract creators think this through and block requests to the contract

> Because adding that check would increase the cost of every user transaction. All AMM swaps would be done with WETH so it’s the right call to not have it in there

There are, of course, other industries with financial incentives against safety features. We usually regulate them.

We can point and laugh at this one person, but according to the reddit thread they're the 265th person to make this mistake, and more than half of the money in the inaccessible account is not theirs.

And that's just for this particular token. You can go to just about any token contract and see how numerous people have sent their tokens to the contract address itself.

I hadn't even thought about this. With BTC early on, the only party to really benefit from lost coins would be "Satoshi", but his coins weren't worth anything until the currency took off anyway, so it was more important and long-term profitable to build a system that didn't lead to user anger than one that would lose coins to deflate what was already a deflationary currency. It really does show how slimy the whole cryptocurrency world has become.

I really can't think of an expression other then "lol" to sum up my response here for just how incredibly stupid this is, as a "platform of the future".

A design which actively discourages robust programming and error handling in financial software. Wow.

It's like a libertarian utopia. Literally everything is an individual responsibility with no wider recourse.

Want validation? Other people don't want to pay for stuff they're not validating... so it's on you to be careful.

Accidentally fuck up? Not our problem, that's on you for not calling the right API.

Want your money back? We're not paying money to cover for other people's mistakes. You're on your own bud.

You forgot to add “If you don’t like it, you’re free to create your own blockchain”.

What about the Eth DAO forks? How was that individual responsibility?

All smart contracts are immutable, but some are more mutable than others.

Ok… but then if you’re going to throw out these cases you should also address how markets can fix these issues, such as great customer service: “when I fucked up they helped me out, they’ll get more of my business”, or maybe insurance, or just better products that don’t have these issues.

Idk why people conflate libertarianism with this hyper-individualist stuff. It really isn’t the case.

Do ethereum and smart contracts currently have excellent customer service, such that the guy in TFA can get his 500k back?

Why should this person get anything back? Code is law. And if code is law all bugs are also law.

The half million was a fair and just transfer. Whoever is the recipient is fully deserving both morally and ethically of their new-found wealth.

If I was on the receiving end of this transaction, I’d thank the sender for the money and move on with my life. Of course I’d never be in the position to receive the funds because I’m not stupid enough to play this game—odds are very good I would be the one who sent half a million dollars by mistake!

I mean, I think I’m joking but not really. If you want to practice “code is law” and really mean it, this is the kinds of stuff that will happen.

Code wasn't law when Ethereum foundation insiders stood to lose a fortune in the DAO hack.

The one who has the private keys to that account could give them the ETH back, yeah. But if no one has the private keys, they can not get it back, that would defeat the entire point of cryptocurrencies in the first place.

There are two types of accounts in Ethereum, externally owned accounts (EOA) and contracts. EOA are controlled by private keys where contracts are not. Since the user sent ETH to a contract, he cannot get his ETH back if the contract does not have a method to transfer ETH back. Whereas if he sent ETH to an EOA then the user of that account can send him back ETH.

But of course they can - if they are the right persons, that is. (See DAO hack. Of course, that did defeat the whole purpose of smart contracts but nobody was willing to notice.)

> See DAO hack. Of course, that did defeat the whole purpose of smart contracts but nobody was willing to notice

Of course a lot of people noticed. The problem is that cryptocurrencies are currently primarily functioning as investment object rather than an actual secure financial ledger, which is why the interest of investors will trump purity.

Low-cost insurance is an interesting idea that might actually work to smooth over some of the hard edges of "code is law".

It ought to be possible to craft an insurance policy that would pay out the $500k (or equivalent WETH/ETH) in cases like the one in this article, where the transparency of the ledger clearly shows that the tokens are unrecoverable.

As insurance companies are notorious for declining to pay out, the clear evidence trail would be helpful to allow the insuree to take the claim to a regular court for a human decision on its validity.

Lol, so like the FDIC but you have to sue to get your money.

Not really. Having the option of a lawsuit is just a backup; the possibility is what makes sure the insurer chooses to pay without one.

An insurer that knows when it doesn't have a case and will be forced to pay (plus costs) when there's clear evidence of coverage and loss will almost always pay without a fight.

However if there are high-value decisions which are not so clear cut, then having the option to go to court or some other mediation system to settle is quite useful. One of the critisms of "code is law" is the lack of mechanism for nuanced, human intervention when something unexpected happens due to a bug, design flaw or unexpected consequence that turns out to be unreasonable.

Code can screw up at scale. And at this point if you’re capable enough to understand the edge cases and offer insurance against them, the insurance went really cover that much.

> but then if you’re going to throw out these cases you should also address how markets can fix these issues, such as great customer service

Ahahahahahha. Ahahahahahahahahahha. Ahahahahahhahahahahahahahah.

--- several minutes of laughter later ---

Markets don't care and they will not fix these issues, because suckers losing money is a much better market proposition than losing money on customer support.

Fo go ahead and learn some history, will you? Almost every single regulation we have in place is precisely because markets never ever fix things.

And yet, disputing charges via your bank and issuing chargebacks via VISA/Mastercard are things that definitely exist and work perfectly fine. And as long as there is no equivalent function in crypto, it won't be suitable as a currency for general use.

And no amount of mocking faux laughter will change that.

Crypto works like cash. If you lose cash, there is no one to dispute charges and issue chargeback.

BTW I never had success trying to chargeback VISA for services that were not delivered. Scammers do it without problem though.

Cash transactions are done locally when you can typically inspect the object of the transaction before paying. That's why there is not the same need for these kinds of protection.

Crypto combines the worst properties of cash and wire payment into a package that has no customer protection and is almost tailor made for scammers.

There are customer protections in the form of 1) escrow 2) seller reputation 3) seller depositing some risk capital at a selling platform. That said, customer protections have never really worked for me in fiat world.

That is not entirely true. Stock exchanges will reverse some clearly erroneous trades, even when they are not required to by law, because people trade more when they feel protected against mistakes.

Good grief, this is like machine language for money

exactly, with no-do overs. Everyone hand codes their assembly correctly on the first try right!?!!

There are plenty of do-overs, it's called the "development phase" and involves testing things on your local computer with the team.

No one gets everything right the first time, but with a lot of testing, you can actually write software that does exactly what you think it will do, and you can achieve pretty cool stuff. Remember that humans wrote the software that took humanity to the moon!

As we know, no software has had bugs caught once launched to prod. The existence of some software that worked under this model is not evidence that it is a good model. "Just test prior to release" is not a complete solution.

In this case, not really. User was calling a "ROM"

What you describe are dry runs.

Are you talking about the user from https://www.reddit.com/r/ethereum/comments/sfz4kw/did_i_just... ? And do you mean "read-only memory"? I'm not sure how that's relevant. The contract they made the transfer to is read-only yes, like any contract on Ethereum. But they could have tested the contract call with a smaller sum before actually performing the bigger one.

Just like the people writing the computer that took us to the moon, I'm pretty sure they tried it before in small-scale simulations before hooking it up to the rocket and letting it go to the moon.

The idea that people need to treat financial transactions in crypto as if they were writing software for a moon mission shows how impractical the entire space is.

If that was the case, I'd agree with you. But as outlined in the comments of this submission time and time again, it was not what happened here.

The user was not doing a normal transfer (at least, they didn't want to, but they ended up doing). They didn't know what they were doing at all, a simply Google search would have showed them the way. Using UIs instead of interacting with the contract directly would have prevented them from making the mistake they did. Doing a small test transfer before doing the big one would have revealed what was wrong as well.

It's not that I'm comparing writing software for moon missions with making cryptocurrency transactions. I was directly replying to mox1 implying that writing 100% correct code is impossible and shouldn't be attempted.

"simply Google search would have showed them the way"

That is how high toxicity systems get made.

There is a difference!

The incentive was robust code that would work well, get it done, go to the moon.

Here, machine time is expensive, puts emphasis on code that works, but just barely...

Let's just say NASA would check for the "yup, you are gonna burn some money" case, and reject it.

Well, there's about $3B worth of WETH issued and only about $1.1M worth of those have been lost due to mistakes like the OPs.

I think that people are so unlikely to fuck this up that such a check would be rather pointless.

Again NASA would disagree.

Money matters a lot. Should this mess endure, people will forever be saying a little bit of gas would have been worth it.

And we've people with six figure arguments as to why such a check makes sense.

The idea of minimal code, focused on speed coupled with financials leads me FAR away from all this.

I will watch with great interest and entertainment.

Should this mess endure, people will just keep using dollars and other fiat currencies.

>Again NASA would disagree.

Yeah, because NASA has been utterly fucked by the congress. Because of politics it's better for NASA to spend 5x the money on 1 reliable spacecraft than to build 5 slightly less reliable spacecraft out of which only 1 fails.

Even if the economics of it don't make sense, NASA can't afford to be seen failing because because politicians will not want to fund them.

I guess my point is that NASA is an exceptionally badly managed entity, not something you'd want to aspire to. (Of course the people working at NASA are not the ones to blame for this.)

>Money matters a lot. Should this mess endure, people will forever be saying a little bit of gas would have been worth it.

That gas would probably add up to more money than has been lost here.

>And we've people with six figure arguments as to why such a check makes sense.

The gas fees of such a check would probably be higher than the losses averted, especially in the long run. And any "losses" are essentially distributed among all ETH holders anyway.

"The gas fees of such a check would probably be higher than the losses averted, especially in the long run. And any "losses" are essentially distributed among all ETH holders anyway. "

This is also how high toxicity systems get made.

The real solution is better client software. Doing these checks on the client-side is free, that's where they should live.

It would be stupid to put these checks in the contract, they would be very expensive and only help people using unsuitable client software.

"It would be stupid to put these checks in the contract, they would be very expensive and only help people using unsuitable client software. "

You feel all client software will be suitable?

I don't. There is NO WAY. Lots of people will do ANYTHING for a bit of margin, hoping for volume.

>You feel all client software will be suitable?

Of course not. There will be more advanced software for expert users that allows them to manually create potentially riskier transactions. That's perfectly fine.

Client software targeting end-users should have such checks.

But it just won't. You read it here first.

This really doesn't line up with the reality of how most people are congregating around user friendly wallet software and steering away from the more advanced options.

You only one need one wallet software to be the official WETH-approved client, sucks for anyone else risking their money with unsupported software.

I am quite happy to be proven wrong.

We shall see. And for me, safely and at a distance.

Frankly, the small cost of robustness in contracts should have been factored in from the beginning. It just does not need to be so damn lean and rickety.

The incentives are wrong here.

My prediction is the current state of affairs all gets ripped up and replaced after a time. And until that happens, we are likely to see activity largely limited to people who have a healthy appetite for risk.

Perhaps it all is as it should be too. Had the reverse been done, emphasis on slightly more expensive contracts that are robust and able to deny the costly errors, I would imagine others clamoring for people to adopt the rock bottom lean stacks...

What it won't all be is dull, will it?


How come such a check is so damn expensive?

It should not be.

I agree with you big time. This is hopefully something we'll see addressed by smart contract platforms in the coming years or decades.

Clearly Ethereum is far from a ready product, but I think we can expect to see massive improvements when proof of stake goes live this year.

Yes! It is all very interesting, but way too rough, IMHO.

TL;DR: They could have got it right. Didn't.

Yes, and that code had bugs.


There are 0 do-overs on smart contracts in production. No stopping the network for a minute to triage, no rolling back a minute, no circuit breakers. No "Error 1202, do you want to continue?" pop-up messages.

“Premature optimization is the root of all evil.” And now in a whole new way!

Back in the day or at least when I ran my own bitcoin node, any call against the blockchain was free. This sounds like someone charging for hitting the API on a rented node, as opposed to an actual cost imposed by the currency to consult the blockchain (?) But maybe the contract-generators aren't even running their own node, just piggybacking on someone else's API. Sure. Cheaper.

AFAIU, smart contracts on the ethereum VM can be arbitrarily complex, so you pay the network to execute them, or a random user with an infinite loop would bring down the network.

You are indeed renting a machine to run some code, and if you want many people to use your code you want to make it cheap. There's a trade off.

You can fuck up things on the BTC blockchain too, "burning" crypto by sending it to a dead address has been a thing for a long time.

It always seemed stupid to me that it was possible, compared to sending money to an invalid IBAN, but I'm not a crypto enthusiast so I may be biased.

On BTC, you could send things to the wrong address, yes. But you can't send the wrong type of currency or send it to a nonexistent address. In this case it seems like the contract has created the black hole (not the Ethereum blockchain itself), but that's even more absurd since someone ultimately should have control over everything that was put into the contract, regardless of the source.

> But you can't send the wrong type of currency or send it to a nonexistent address

Of course you can do both things, which is why catastrophic financial ruin is a daily fear when dealing with cryptocurrencies.


That's impressive, the number of scammers on that thread.

Oh wow, the "answers" on that question are cancer.

Sending currency to non-existant addresses is how people encode arbitary data on the bitcoin blockchain, so definitely possible.

Giving a person control over the funds allocated to their smart contract probably opens holes where they can steal the smart contract's money, though obviously creating software that handles money and can't be updated is its own kettle of fish.

The thing is, the address exists - only (probably) nobody has its private key.

Why would one need to send to non-existent address? Any transaction can include data, one can donate for example.

It truly is laughable. Ever heard of "Return to Sender" in case of invalid events/transactions?

YES. Weren't these supposed to be SMART contracts? My email provider is smarter than that.

Every self-denominated SMART thing that I know of is DUMBER than the conventional thing.

"Smart contracts" was always a really bad name for this functionality.

What a joke.

A better term would be dumb contracts.

First time I hear about IMAP/POP3 provider being able to "undo" emails after being sent. What provider are you using and how does that work behind the scenes? And no, gmails fake "we don't actually send it until you close the tab/wait 30 seconds so you can undo it" doesn't count.

Really? If a mail server (and the post office of most countries) don't have the specified address, it either gets sent back if there is a return address written (email non-delivery notice (aka return to sender, NOT undo) or it goes into a catch all bin (same as a lost & found)(or root account for most mail servers)(or dump it in the bin).

Yes yes, as mentioned in another sibling comment, your wallet won't allow you to send anything to an invalid address. In this case, the address was not invalid, so why expect it to get rejected?

So imagine the bank give all objects in their company an address. The desk has an address, the fridge has an address and so on. Bank accounts have an address too. All these addresses look the same and use the same system to interact with them. The problem is that Johnny wanted to deposit $50 dollar into his account, but he accidentally used the wrong address, and now the fridge in the the bank's kitchen on the 5th floor now owns $50. To his dismay, there is nobody to send his funds back since no human owns the fridge and nobody is even able to break the fridge open to get it out. Don't blame the fridge they say, don't blame the bank they say, don't blame the currency or the address system or the person who made the rules so that fridge addresses and bank account addresses work the same. No, lets blame Johnny, the dumb ignorant fool who doesn't understand the glory of the banks special addressing system. It is working as intended. He should've known better, he should've read the docs etc. Fuck Johnny and his $50.

You’re using a different definition of the word invalid.

Obviously the person you replied to meant invalid in the sense of “not intended to receive funds”

It would have been a competent design decision for a system to require some type of initial registration of intent to receive funds for an address in order for a transaction to post.

I’m sure you’ve heard of it, but in case you haven’t, it’s called bouncing when there’s no valid inbox on the other end. Before you object, yes, you can set up a catch-all incinerator, but that’s not the default as is the case here, you have to explicitly set it up.

"Bouncing" can happen in cryptocurrency world as well, it's called "sending to an invalid address". It just happens to be that the address-space is so big you don't really know what address has a real physical person behind it or not, or yet even.

Try sending cryptocurrency to an invalid address and you'll see that the wallet will reject sending it, just like email bouncing.

Most people setting up mailservers don’t consider a catch-all forwarding to /dev/null a valid inbox. And no sane mailserver software forwards to /dev/null by default if you don’t explicitly tell it what to do when it receives email it isn’t supposed to receive.

A “valid” address locking up funds sent to it without recourse is /dev/null.

Hm, in order to clear up some (seemingly) confusion about how things work, let me offer you this explanation:

The user in the submission did not send funds to a invalid address. The address is valid, as otherwise funds wouldn't be able to be sent to it (the wallet would not allow you, nor the protocol, nor the miner/validators). The address happens to belong to a contract, that can also hold funds, similarly to accounts.

Now, every address/account/contract has a private-key behind it, that allows the owner of the private-key to transfer out of the address/account/contract, but it's impossible to know if the owner actually still has the private-key.

Similarly to how you can't know if john@example.com actually has access to his email account (maybe he forgot his password?), you can't know if an address actually has the possibility of moving the funds out of the address, as the private-key can have been thrown/forgotten/lost.

I’ve made myself abundantly clear that WETH or whatever smart contract shouldn’t blackhole money by default when there’s no handler code, just like mailserver software shouldn’t blackhole emails by default. This is not a case of John making a mistake of forgetting their password, it’s ridiculous fallback behavior with unconsidered edge cases (or maybe considered but intentionally unhandled due to stupidly expensive compute). The design is atrocious and apparently it’s the default for all smart contracts.

The stakes are a little bit higher when you’re sending money instead of emails.

This is the right way. Default behavior for any box should be to bounce. I forward all my wrong mail to a black hole but that's because I'm not a fucking smart contract

Again, if you try to send funds to an invalid address on Ethereum, you won't be able to. First the wallet will stop you if the address is invalid, secondly no miner/validator would pick it up from the mempool if the address is invalid and thirdly, no other party would agree that the address is valid and hence the transfer wouldn't go through.

Simply said: you cannot send funds to invalid addresses on Ethereum.

But you can send funds to an address the funds cannot be retrieved from.

A protocol could conceivably require the recipient to verify they're holding the private key for the address before the transaction can take place.

Yet here we are.

> And no, gmails fake "we don't actually send it until you close the tab/wait 30 seconds so you can undo it" doesn't count.

Why doesn't it count and why does it matter how Gmail works behind the scenes?

Because that feature of gmail is not a part of email, it's a part of gmail the product. And it is not "undoing" sending a sent email, it's cancelling an email that was never sent in the first place.

Because email doesn't work that way. Gmail doesn't send the email for a minute. It would be like your boss asking you to send this email and you wait a minute for him to change his mind before you presses send.

Yeah. Even in the original bitcoind API you would run a validation call on the address and the spend before actually committing it. Afaik you couldn't accidentally send coins into a black hole even if you tried.

I think the address was valid, the problem is that there is no way of getting the coins out of it.

The same thing was done on the bitcoin chain, e.g. counterparty[0] was relying on a "proof of burn" which was basically "Send BTC to a black hole".

[0] https://counterparty.io/docs/faq-xcp/

If no one ever moved coins out of their burn addresses I'll eat my socks.

Uh, do you really like socks that much? I think this is something very easy to verify, just look at the burn address on the chain?

Just monitor this address then and let me know if anyone moves anything out of it :) https://etherscan.io/address/0x00000000000000000000000000000...

The thing is that is not an invalid transaction. The problem is in what happens _after_ the smart contract has received the money.

As far as Ethereum is concerned it's valid, but the contract API is riding on top of Ethereum's blockchain. It's middleware. It's responsible for enforcing the contract. How does it have a giant black hole in it?

It's the same as you and I agreeing on a contract where it says when you send me money, I will burn it. If you then use a bank transfer to me, it's not the bank's fault your money is gone, we agreed on that contract and it's not the bank's business to deal with that. Doesn't mean that there shouldn't be safeguards, there absolutely should be, but just laying out where the responsibilities start and stop and the whole deal with crypto currency is the absence of central control so if you choose to shoot yourself in the foot, you're free to do so. But freedom of action doesn't mean freedom of consequences and in the case of a blockchain, it's forever.

> it's not the bank's fault your money is gone, we agreed on that contract and it's not the bank's business to deal with that.

There's a reason some contracts (in the regular legal world) are illegal.

It was a really bad design decision to have smart contracts have this "send to the address" capability, rather than requiring clients call a method that is explicitly defined.

> he sent tokens to smart contract's address and they will stay there forever, not associated with any account.

Wait... so the tokens are really still there, just inaccessible? In what way do the tokens still exist? What makes them inaccessible? Is there really no possibility of restoring the tokens? No possibility of cleverly hacking them out with the assumed myriad of unpublished security flaws?

The tokens are a number in a hash-map of user to balance in the weth program. Any eth program ("smart contract") can be a user. All the smart contract that owns the tokens has to do is tell the weth smart contract to transfer them, or approve mister redditor to transfer them on the contract's behalf. But that contract wasn't built to do such a thing. And now that it's published, it also can't be updated to do such a thing. A new contract could be uploaded, but that new contract won't be the same user. So they're just gone for good. Hope that cleared things up.

So, could the Ethereum community get together and agree to rewrite the blockchain and undo this transaction? Perhaps they could vote on it and have a hearing of the facts. Of course that introduces its own tyranny but is it possible?

It is possible. That's why you have Ethereum and Ethereum Classic, two different chains. The latter one is the unaltered chain, while Ethereum (which is the most popular that's everybody are using) has been forked in such a way that you're describing once after a large hack.

Specifically, it forked because even though the system is specifically designed to make rewriting history impossible, the hackers screwed so many users that they decided to undo it by ignoring history and starting from before the hack.

... Lest anyone ever think Blockchain tech is somehow immune to network effects and social considerations.

Technically, rather than ignoring history and starting from before the hack, they added a nonstandard transaction (not generally allowed) which reversed the effects of the hack. This did not revert other transactions that happened after the hack.

But, yes, blockchain stuff is fundamentally based on consensus about what the rules are, and people/organizations with more social influence can [...] .

The chain is by nature append only, so you'd have to fork it, which they sure as hell are not going to do for a "little guy," to put it mildly. At least, that's my layman's understanding.

Yep. Little users can still get screwed, but players too big to fall get to make up new rules.

... Reminds me of another financial infrastructure I know.

In simple words, he should have done what everyone else does and used Uniswap or Zapper or Sushi or ANY exchange and swapped WETH for ETH that way.

This is just a dumbass user doing dumbass things. This is basic-level stuff right here. Don't interact with contracts directly unless you 100% know what you're doing.

But people are allowed to interact with smart contracts. To obtain the WETH he needed to do that. This is a "why do we even have that lever" kind of situation. If my brokerage had a "permanently burn all of your money" button then it wouldn't be reasonable to just say "well, people shouldn't push that button."

We can even see this with the criticism of wire fraud. Wire fraud is a huge fucking mess that occasionally costs people their life savings. The entire setup is rightly criticized (heck, even by the crypto community) for having users interact with a highly error-prone system with huge consequences.

People are allowed to login as root and delete their systems too. Yes, today's software doesn't make it easy - and the same can be said about this wallet/token; this was a complex sequence of steps in the wrong direction, not a missclick.

And a lot of ink is spilled about systems to make this very difficult, with people continuing to work to improve things. We didn't simply say "well, just don't type those characters" and move on with our lives.

Exactly like in this crypto case.

People don’t usually store 500k on their PCs.

But people run production servers on their PCs all the time.

The set of people running a service with a revenue of 500k on a personal device must be minuscule and the people doing it almost certainly know it’s stupid.

This is qualitatively different from crypto that allows you to burn your money on accident, while the people who build the infrastructure for this tell you is a smart, safe place to put your money.

If you wire money to a Nigerian prince, it's gone too. Doesn't mean a bank is not a safe place where to put your money.

Interesting how your example has just completely changed.

But also, wiring money is a thing that laypeople almost never do. It’s nerve wracking to wire money. But the equivalent in cryptocurrency is just how it’s done. Every transaction is just a fuckup with no recourse waiting to happen.

What's so interesting? I already told you this wasn't a simple missclick. No need to reiterate.

You can dump money into a pit just as easy with the classic banking system. Where I live (EU), wiring money is the primary way of payments and money transfers. People don't use anything else.

> I already told you this wasn't a simple missclick.

Seems like it essentially was. He exchanged ETH for WETH in exactly the same way. Assuming that the reverse would work (as opposed to destroying the money) was not an unreasonable step. He still screwed up, but a design that allows this is user hostile and stupid.

> You can dump money into a pit just as easy with the classic banking system. Where I live (EU), wiring money…

In the US at least, you can get your money back through the legal system. Accidentally dropping your money into someone else’s account does not give them a right to it and for substantial amounts of money people can and do get their money back.

For this amount of money I’d consider pursuing legal avenues against the developers of Etherium. This design seems borderline negligent and Etherium has modified the code at least once already to force a refund.

Consumer wallet software gives you a warning that this is probably not what you want.

> In the US at least, you can get your money back through the legal system. Accidentally dropping your money into someone else’s account does not give them a right to it and for substantial amounts of money people can and do get their money back.

I doubt this is true in the case of uncooperative out-of-country second party - yeah they have no right to the money, but they don't care and the legal system won't do much for you.

Did this guy get a warning?

I still find the wire transfer comparison lacking, mostly because one shitty design does not justify another.

If this guy didn't get a warning, they're using power-user software (likely CLI-based).

Of course one shitty design doesn't justify another, but the point is not justification but a reply to all the people saying "this is way worse than and would never happen with the traditional banking" that they are wrong. I agree that better UX is needed.

Regarding your point about legal action against Ethereum designers, well... That'd be like pursuing legal action against the designers of your web browser because it allows you to open phishing sites. Nonsense IMHO.

> This is just a dumbass user doing dumbass things.

I tend to agree. Dumbasses clearly designed this system if it allows money to be accidentally destroyed. Dumbasses doing dumbass things indeed.

> Don't interact with contracts directly unless you 100% know what you're doing.

But if you use any of the exchanges you described, you have to trust that they 100% know what they're doing.

It seems safer to avoid smart contracts and cryptocurrencies altogether.

From what I can tell, the underlying issue is that everything is spaghetti code written in a dynamically typed language.

Ignoring that, it's nuts that the best practice is "send a little money, and see if it works". Apparently they don't even have a working transaction simulator that just runs the relevant logic on your laptop so you can see what it will do.

I think you can do test transaction off-chain, I think they're called test-nets and you can use them through many wallets, and even online IDE's[1]. Unfortunately, crypto is still at the stage where it's built for devs and technically minded individuals, and its pretty user hostile. Sending directly from wallet to wallet is a pretty low level thing to do, and generally people should be executing transactions through swaps or other DAPP's, which to me seems like we're working against the empowerment principle of crypto

[1] https://remix.ethereum.org/

Look at NFTs. The empowerment pricnciples are being actively killed by millions of VC dollars. Opensea are nominally recording transactions on a blockchain - but none of the actual meat. Everything 'real' lives inside their centralised system.

A LOT of people are doing it wrong but there are still good projects out there. The two that come to mind are Monero and Bitcoin Cash. Both still work as designed and have low fees and/or instant and/or anonymous transactions.

The underlying issue is that everyone wants to make money. And the quickest way to make money in crypto is to create a new coin, token, smart contract, NFT, web3, whatever. Thus ever increasing complexity.

> Ignoring that, it's nuts that the best practice is "send a little money, and see if it works".

That's what I did the first time I did a bank transfer between two of my banks accounts. Maybe that's just me being paranoid but when sending money I like to test it first.

> Ignoring that, it's nuts that the best practice is "send a little money, and see if it works".

This passes the "does it sound like email?, it might be decentralized!" smell test, anyway.

I think you can do just that with ganache-cli.

I haven‘t tried it, because I don‘t do much crypto stuff at all, but I thought this specific functionality, to dry-run any scenario, from any account, was very intriguing.

> From what I can tell, the underlying issue is that everything is spaghetti code written in a dynamically typed language.

We need to re-write this in Rust before there can be universal acceptance!

Already done and it’s already processed more transactions than ethereum and bitcoin have in their entire history combined, as well as having more developers.


As much as I like rust and think this would help increase acceptance for many tech affine people, this issue was a bad design decision, which is even worse. I don't think I will touch anything crypto until I can trust that the system is designed well.

You can code in whatever can compile to byte code for the EVM. Solidity is typically the language and is statically typed. https://docs.soliditylang.org/en/v0.8.11/types.html

I believe most contracts on the Solana network are written in Rust


several of these projects will set up a local chain with presets to test exactly this. probably worth doing before sending large amounts to random contracts.

How can you be so naive about this topic yet confident enough to add your 2 cents? There are been test nets from day one and running one yourself is trivial.

Realistically if you just want to try out someone else's contract in a safe environment, the existence of the test nets is entirely irrelevant.

The contract is going to be at a different address, all the accounts involved are entirely different, the state of the contract is different. Even proving a contract at one address is the same as the contract at another address is non-trivial.

Pretending the existence of a test net proves anything is a lot like pretending the availability of source for your OS, compiler and dependency stack proves something. Maybe possibly for a professional with unlimited time, but that's it.

It's not really edge bases, it's how contracts works, and how this contract works.

There is nothing magical here. It's a bit like avoiding the checksums that IBAN has, and then complaining that IBAN is broken. Most people interact with WETH via UIs, but for some reason this user chose not to, and got severely burned because of it.

Things that require expertise usually requires one to know acronyms and how things works underneath, the cryptocurrency space is no different.

Now I don't know what you do for a living, but it certainly isn't cryptocurrencies. I'm sure there are more industries you don't work with on a day-to-day basis, and when people who are in those industries talk with each other on a technical level, you'll see the same amount of jargon. That's just part of expertise in a subject.

For example, two of my friends are chemists, and sometimes they talk chemistry stuff when we're having dinners and stuff. Of course I don't understand most of the stuff they are saying, but I'm not gonna claim "chemistry" is "magical knowledge" just because I don't understand it, so I'm not sure why you would about cryptocurrencies.

Or like sticking the wrong plastic card into an ATM and observe the machine eat the card... and your bank account.

You'd expect that invalid actions lead to idempotent errors, not glitch states where you lose everything.

> You'd expect that invalid actions lead to idempotent errors, not glitch states where you lose everything.

Indeed, and that's exactly how most cryptocurrencies work today. You try to send funds to an invalid address, the wallet will present you with an error that you cannot do that.

The user in the submission did not perform an invalid action, because they wouldn't be able to perform an invalid action.

So your definition for "valid action" is just that the eth network lets them do it?

They clearly didn't want to burn £500k, and that is now irrecoverable, alongside 260 other people who made the same mistake, on a smart contract that forgoes validation for gas fees.

How is this not invalid?

> So your definition for "valid action" is just that the eth network lets them do it?

Yes, this is indeed the definition for "valid", that the protocol allows them to do it.

It was a valid action, but not the action the user actually wanted to perform. There are two ways of avoiding these scenarios: A) use UIs and don't interact with the protocol without safeguards, as the UI will prevent you from making mistakes (this user interacted directly with the contract, not via a UI) and B) when doing something involving a lot of money, do it once first with a small percentage, so you can verify it's correct (this user didn't do this either).

For example, I know that IBAN has checksum built into the "address" and that the bank could revert transfers, but if I make transfers above a certain sum, I always send a small amount first, make the recipient confirm how much they received (I send a small random sum) and only then do I perform the larger transfer.

As I mentioned elsewhere in the comments on this submission (https://news.ycombinator.com/item?id=30136941), it's impossible to know if someone actually has access to an address or not, so why would the wallet stop them from sending it?

"It was a valid action, but not the action the user actually wanted to perform."

It's an action noone ever has ever wanted or ever will want to perform.

In the same way putting your finger inside a power socket is an invalid action, and people who designed sockets were smart enough to make it impossible.

"It's an action noone ever has ever wanted or ever will want to perform."

That's not entirely true. Just look at one of the many burn addresses that people willingly send money to all the time, for example: https://etherscan.io/address/0x00000000000000000000000000000...

For example, some holder (maybe a founder) of a certain coin can burn a certain amount of their tokens, making it more rare. This is a quite common practice. If I were to burn a certain amount of tokens, I think the most natural thing to use as a burn address would be the contract address itself.

The only thing you're showcasing here is the lack of understanding of what happened.

This transfer was a transfer from one address to another. No one has ever wanted to do that? It's the entire point of cryptocurrencies!

Making it easy to build contracts that will accept resources and then never do anything with them, destroying the value, is a design mistake.

This is something the developer of the contract should explicitly opt into. As others pointed out, if everything a contract did was via explicit methods, rather than transfers, this type of defect would never have been created.

And this mentality is what will block wider adoption of crypto. Calling people dumb for not understanding a non-intuitive system (after there's so much prior, "return to sender" art in the world) will not get them to use crypto.

Sure, I have no desire for cryptocurrency to get a wider adoption, I have no skin in the game, I'm just looking at the facts. I don't care if the space burns up or saves the world, for me is the same.

This is not the case of a non-intuitive system screwing the user. This is the user purposefully avoiding using the intuitive systems setup for them, and interacting with something directly even though no one does that unless you're a developer. This person has half a million dollars worth of X, while not understanding X.

> (after there's so much prior, "return to sender" art in the world)

That's awesome that you have come up with a solution for this, while the ecosystem hasn't been able to. Could you share your solution?

It's a hard problem to solve in a system that has to A) be decentralized, B) work when less than half the network is trying to screw you and C) prevent double-spending

"return to sender" sounds easy to implement in a centralized system, but it's not that simple for a decentralized one. At least not until you release your solution.

> This is the user purposefully avoiding using the intuitive systems setup for them, and interacting with something directly even though no one does that unless you're a developer.

Of course using the intuitive systems setup for the means that one has to trust some random people or companies, instead of going directly to the blockchain. What happened to trustless?

"Trustless" is referring to the consensus in the protocols, not to the entire ecosystem. This is a ecosystem built by and for humans, of course there will be trust involved.

You are intentionally misrepresenting the parent comment. The point is not that nobody should be able to transfer from one address to another, and pretending otherwise is pretty dishonest.

But then please share with me what the argument is? The user made a transfer that shouldn't have been done in the first place, and somehow people are saying that the protocol should have safe-guards against doing transfers to the wrong address, but how is the protocol supposed to know what address is right/wrong? There is literally no distinction between them, so therefore you need to allow any transfer, or no transfer.

So I guess, when it comes down to the wire, what wins out, the needs of real users, or the documented description of a protocol?

The fact that said protocol is incapable of addressing real needs is a failure state, and historically this has been addressed by building better tooling on top of the protocol, or replacing it wholesale.

> The user made a transfer that shouldn't have been done in the first place, and somehow people are saying that the protocol should have safe-guards against doing transfers to the wrong address, but how is the protocol supposed to know what address is right/wrong?

Sure, the user sent stuff to the wrong address... Or did he? Seems, rather, that he sent the wrong kind of stuff. Had he sent, whateveritwas, WETF in stead of WETH or vice versa, then it would have gone right.

So then it seems the receiving thingamajig was at least as much at fault: It accepted (and just swallowed) a kind of stuff it shouldn't receive. It's like, say, a one-way currency-changing ATM that takes dollars and returns euros. If you feed in euros by mistake, it fucking obviously should just spit them back out (and preferably display or print an error message, "Wrong currency: Gimme dollars to get euros.") You're saying just swallowing your euros would be a "valid" behaviour for that machine.

That's so obviously bullshit that the only remaining mystery here is whether you're actively trying to defend what you know is indefensible, or actually so deluded that you've somehow convinced yourself this bullshit is true. Well, no, not the only one: The other mystery is, which is worse?

>how is the protocol supposed to know what address is right/wrong?

It's the "right" address for certain transactions--like turning ETH into WETH--but the "wrong" address for other transactions, which makes the whole thing a garbage design. You can say "that's just the way Ethereum/crypto/smart contracts work" all day, but it doesn't matter.

Most people don't care why the design is bad, they just care that it is bad, and that there are better theoretical (or real) alternatives to this tech.

Your analogies make sense to me. Sounds a lot like running a system on Linux. Or maybe assembly is a better metaphor. I like the analogy about avoiding all the safety mechanisms on an electric line and jamming your hand in there...the grid can't tell the difference.

The arguments here are odd. The blockchain isn't built to handle this kind of operation by a non-expert user. Yes, mistakes are expensive. Is that okay? In the same way that a nuclear power plant isn't designed for a rando to go in and operate it.

Yes, raw blockchain stuff is hard and non-experts should not interact directly.

The key question is, is the payoff worth building an entire system around? For nuclear power, yes, because it provides electricity for people to just plug into. For blockchain, maybe, maybe not.

> The blockchain isn't built to handle this kind of operation by a non-expert user.

But the blockchain in general and smart contracts especially are pretty expressly supposed to be, that is, central to trustlessness is not requiring some elite priesthood as an intermediary (either personally or as trusted purveyors of overlay systems) between end users and the authoritative system.

Sticking your dick into a socket results in transfer of electrons from one object to another, thats the entire point of the electric grid! Clearly it's designers had no need to design circuit breakers, ground fault circuit interrupters, etc.

I can feel your fists of fury through the screen!

Listen, in this case, there already is circuit breakers, ground fault circuit interrupters and more to prevent problems to happen in the first place. The wallet is the first guard against this, the UIs the various services provide is another, and so on.

But when the user bypasses those and interact directly with the chain, which is not recommended for people who don't know what they are doing, problems can happen.

The same as if someone bypasses all those checks you wrote about, and then complains that they got a ton of electricity zapped into them. Why doesn't the grid just know that it was a human and not something else and stopped sending electricity?!

Reality is not that simple.

You know what happens when you transfer money to a non-existent/incorrect IBAN?

Most likely your bank will reject the transaction and not even defund your account - as you mentioned, the IBAN itself is already designed to prevent human error.

If by chance you “crafted” a technically MOD-97 valid but not existing IBAN and the money goes out to the other bank (PACS.008), the other bank cannot book it (as the account doesn’t exist) and should automatically return it to you (PACS.004).

If by chance the other bank is incompliant and does not return the money, you can have your bank send a recall message (CAMT.056) to try and retrieve the funds. The other bank is then compelled to either refund the money (PACS.004 again) or at the least officially communicate they’re keeping your money (CAMT.029).

At that point, there’s still law and legal avenues to pursue.

One thing that does not and can not happen though, is for the money to vanish into a black hole and be removed from the economy. That is what a stable, standardized and reasonably regulated industry with some centralization does for you.

You know what happens when you send Ether to a incorrect Ethereum address? The wallet will reject sending it. If you bypass the wallet and rewrite your own wallet to send it anyways, the validators reading from the mempool will reject it. If you rewrite your own validator to accept it anyways, no other validator will accept it and the transfer will never go through.

What happened here is more like you used IBAN to send to the correct account, the correct bank and everything was correct, but no one actually has access to the account but the bank doesn't know this.

Nothing has vanished or been removed.

As far as I can tell, no one has argued that transaction validation for this specific smart contract should be built into wallets. You're arguing with a straw man.

The point I see made instead is that the smart contract should not be coded to behave as it does. If a financial product at a retail bank set a pile of cash on fire when you used it incorrectly, regulators would swoop in and make the industry add some safety features, even if that safety came at the cost of convenience.

It's very hard to draw parallels from cryptocurrencies to other things as it's not like other things we have today.

Some sort of analogy could be margin calls/puts. Imagine someone who doesn't know how margin trading works used it, and lost half a million dollars. Who's at fault here? The bank for allowing it, the financial system for having the feature or the user for not educating themselves enough to understand how it works?

> Some sort of analogy could be margin calls/puts.

That is not a comparable situation. The ETH/WETH trader misused a negotiable instrument, and 500K disappeared forever. Someone who loses 500K gambling on margin was gambling and lost. If they somehow mistakenly placed an order on margin, there's probably a process to reverse the transaction and get your funds returned within a specific time window (that's just a guess on my part, though, and it probably depends on the brokerage used).

> It's very hard to draw parallels from cryptocurrencies to other things as it's not like other things we have today.

I don't think this is true; cryptocurrency in this situation is very similar to cash. You can get mugged while holding 500K in a briefcase, and the funds are unrecoverable absent legal restitution. But that's why banks make you sign a waiver of liability when you withdraw large sums in cash.

> Yes, this is indeed the definition for "valid", that the protocol allows them to do it.

I believe that this, right here, is the core disagreement surrounding the utility of cryptocurrencies. There are two orientations to think about software. One is the software orientation and one is the human or problem orientation. "It did what the software says" is a defense often used by crypto advocates who point out, rightly, that there are very strong guarantees that cryptocurrencies provide and other things that they completely do not guarantee. Other people point to the mismatch between the guarantees that cryptocurrencies provide and the actual failure modes that are very common in the real world and complain that advocates seem to be completely ignoring these issues.

I think a relevant comparison is security vulnerabilities in traditional software. If you've got a program that is exploitable through a buffer overrun that enables arbitrary code execution, the program is behaving precisely as programmed. From the perspective of the program and the computer, there is no difference between ordinary operation and the exploit. But from a human perspective one of these behaviors is expected and one is both unexpected and undesirable. And the "well, just don't fuck up your C program" argument is basically failed at this point, for good reason. I would expect to see the same in the crypto space.

`rm -rf /` is a perfectly valid action, but lots of people still get burnt accidentally running it.

Nobody is worried about sending funds to „foobar“. People are worried about sending funds to a syntactically valid address that no one has access to.

This is impossible to solve, in the cryptocurrency space or in the existing structures we have. When you send an email, you cannot know if someone actually has access to that account (maybe they forgot their password?), you can only know if the address is valid or not (by sending the email). Similarly, you don't know if the right person has access to the bank account you're sending funds to, unless you ask the person who is supposed to have access, if they actually can access it.

You can NEVER send a bank account transfer to a UNASSIGNED IBAN, the bank will just reject it after some days.

If you sent a IBAN transfer someone will get the money. You transfer to someone else that gets the money and you could try to go to court.

The money just doesn’t disappear like in crypto.

The e-mail is a great example, the e-mail can be lost, thats why no bank ever made transfer over email! You loose the e-mail text, not 500.000$!

Since this has already been answered multiple times in this submission already, I'll leave you with this:

> You know what happens when you send Ether to a incorrect Ethereum address? The wallet will reject sending it. If you bypass the wallet and rewrite your own wallet to send it anyways, the validators reading from the mempool will reject it. If you rewrite your own validator to accept it anyways, no other validator will accept it and the transfer will never go through.

> What happened here is more like you used IBAN to send to the correct account, the correct bank and everything was correct, but no one actually has access to the account but the bank doesn't know this.

> This is impossible to solve,

Let's talk about putting safety rails around large drops.

They should never be necessary with careful use.

And they can't prevent everyone from falling to their death.

But they still prevent some harms, so we generally require them to be present.

Design to do everything with contracts through methods instead of transfers to contract addresses would make this particular type of failure impossible. There would still be other ways to screw up and lose money on accident, of course. But any way that can be reasonably eliminated and isn't, is a design flaw.

SMTP servers are able to reply whether a user exists, and some still do. Your own server will send you a "undeliverable" message if it receives a negative reply.

Yes, but that's different. That checks if the user exists, not if the person behind the user actually has access to that user.

It's not an invalid action. This was a valid action, it was just a stupid ass action.

Haha, that’s why the client software needs Nick-Fury-style safeguards to say “I understand that this a valid transaction, but given that it’s a stupid-ass transaction, I’ve elected to throw a warning.”

What % of the people that use IBAN, know that there is a checksum, know what a checksum even is, or how to apply it?

Thankfully we have banks to deal with that - and legal framework that can help us undo problems.

"But you can use an exchange with ETH!"

Like banks? Making such networks ostensibly not 'decentralized'?

The entire point of Crypto/Blockchain is that is decentralized and is accessible to everyone.

If it requires that we trust 'quasi-centralized nodes' like CoinBase (i.e. banks) then it mostly defeats the purpose. Just use a bank.

At absolute minimum, the purveyors of such tech should be providing 'off the shelf' free wallet software that solves all of these problems of magical knowledge.

All of these arguments are fading quickly and the people doing this are risking a lot of credibility.

We talk about people wasting their time on AdTech, but at least there is actually some value in AdTech. We are facing an entire generation of people doing 'NoTech'. Let's turn this into something useful.

I think you missed that the user went beyond just using something to swap ETH for WETH and instead interacted directly (manually) with the contract, effectively bypassing the safe-guards that are already in place (even without exchanges) to prevent issues.

The user basically guessed that this is how you turn ETH into WETH and vice-versa, without actually reading anything about it.

If the user searched for "How do I turn ETH into WETH?" and read the first few links, they would have avoided this problem. If they made a mistake of entering an invalid address in a wallet for a transfer, the wallet wouldn't allow the transfer in the first place.

> The entire point of Crypto/Blockchain is that is decentralized and is accessible to everyone

Yes, indeed. That also implies that you're responsible enough to have a basic understanding of what you're doing. Or at least recognize that you don't have a basic understanding, and seek to attain one when needed.

It was not “manual”. It was using MetaMask, one of the most used wallets and most recomended one!

Its not like going to a shell and putting a random command. It was one of the most used GUIs for crypto!

MetaMask, and any wallet, lets the user sign transactions. Wallets can't know nor validate contract internals.

They could.

It doesn't really matter that 'someone did something they should not'.

People will always press the Magic Red Button without knowing what it does with some, if rare, consistency. That's human nature, ergo, our systems must accommodate.

The fact it's possible to lose $500K whereupon 'nothing can be done about it' is a 'dealbreaker' for this tech.

The truth is, when one goes down the rabbit hole, one discovers that ETH doesn't really solve any problems and creates a bunch of problematic side-effects. When you solve those side-effects you end up with something that looks like a regulated banking system.

There needs to be a new angle/twist or use case that we haven't thought of yet, in order for any of this to make sense. We risk getting into accidents when we drive a car, because the 'upside' of fast travel is worth the risk. There's just no real upside with Crypto yet. NFT was a neat idea, but that's not it either.

> People will always press the Magic Red Button without knowing what it does with some, if rare, consistency. That's human nature, ergo, our systems must accommodate.

Are you also frustrated that you can run `rm -rf --no-preserve-root` on your computer and it's not possible to get back your data unless you had backups since before? Clearly, this is a dealbreaker for UNIX because it allows you to delete your root partition. Why would you ever need that?

> NFT was a neat idea, but that's not it either.

Yeah, no, NFTs were and remain a disgusting idea, but thanks for revealing your opinion on that, makes it easier to understand where the falsehoods in the rest of your message comes from.

"makes it easier to understand where the falsehoods in the rest of your message comes from. "

Oh, yes, I'm one of those 'normies' or 'MBA Suits' (!) who can't possibly understand the genius and vision of Crypto and Blockchain.

We see it is a 'Pyramid Scheme Scam' at worst, and completely useless distraction at best, because we're just not enlightened.

You got me.

> the user went beyond just using something to swap ETH for WETH and instead interacted directly (manually) with the contract

Isn't it the "contract" that is supposed to be the "smart" thing here?

> effectively bypassing the safe-guards that are already in place (even without exchanges) to prevent issues.

YTF aren't these "safe-guards" built into the "contract", if it's supposed to be so "smart"?

Even the most stupid ordinary non-"smart" conversion program has the "smarts" to reject invalid input, not confiscate it.

This whole Crypto/Blockchain business is so obviously bullshit all the way down.

Cryptocurrencies give you the OPTION to use a trust-less decentralized system. If that’s not your cup of tea, nobody is forcing you to opt-in to this system. Go use a bank, or a centralized exchange, or whatever makes you happy.

> At absolute minimum, the purveyors of such tech should be providing 'off the shelf' free wallet software that solves all of these problems of magical knowledge.

UI is continually improving and is already much better than in the early days. But the “purveyors of this tech” don’t owe you anything. If you’re not satisfied with the current wallet offerings, you can go build your own, or you can simply choose not to use cryptocurrencies.

If the 'option' implies all sorts of 'costs' (such as lack of oversight, losing money, no insurance') - then it's a choice rational people will not make.

"But the “purveyors of this tech” don’t owe you anything"

You're right.

And it's why nobody in world uses crypto, blockchain or any of this nonsense for doing anything productive and use it solely for trading magic numbers.

Currencies don't come with a prerequisite of intimate knowledge of industrial jargon that requires use on a daily basis to be proficient enough in to not lose everything.

If you're gonna deal directly with the forex industry without any safe-guards there will definitely be a bunch of jargon around, have you ever dealt with the insides of forex trading before?

In general, giving someone money does not require intimate knowledge of what's happening behind the scenes, that's true. But the submission is not about a normal transfer, the user is explicitly avoiding the safe-guards in place, and got burned by it. It's no surprise really.

> have you ever dealt with the insides of forex trading before?

Why, is there a way to send currency directly and irrecoverably into a paper shredder on the inside?

The idea behind 'smart' contracts is to have immutable and decentralized pieces of code on the blockchain to execute transactions, eg. to swap ETH for NFTs or ETH to WETH like in the OP. They have addresses because they can keep a balance, but because they are supposed to be dencentralized no one can move that balance. If it did have a transfer or withdraw function people would have to trust the creator not to suddenly scam everyone.

But yeah the ability to send the directly to the address is stupid. There are no real world and crypto world use cases do it. I think the most glaring thing is that person has 500k in ETH but no idea how smart contract work or how to use the functions...

> to execute transactions, eg. to swap ETH for NFTs or ETH to WETH like in the OP.

It could apparently only swap from one kind of crypto-"currency" to other stuff.

> But yeah the ability to send the directly to the address is stupid.

Isn't the problem raher the ability to send the wrong "currency" to the address?

If it can only change from one kind to others, then the correct behaviour is obviously to accept only that kind, and reject any others. This is basically an online version of a physical currency-changing ATM, where you feed in dollars to get euros (or other currencies?) in stead. If you feed in euros or pounds or yen by mistake, the ATM should obviously spit it back out. This online version just swallowed the wrong currency. You don't have to know how ATMs actually work internally in order to determine that this is invalid behaviour not only on the user's part, but definitely on the ATM's too. If the ATM can only change from dollars to other currencies, then it should only accept dollars.

If you real with trading, options and swaps without understanding them - yes, very much so

Well no, you can use options and swaps to accidentally "gift" your money to more proficient traders or to market-making institutions or just pay it away in fees, but in all those cases you're giving the money to someone, not shredding it.

Do you actually understand what happened in this case?

No one sent any currencies into a "shredder", so not sure why you're asking this question?

an immutable black hole might as well be a shredder. the OP in the reddit did precisely that. that money is GONE. locked away forever. it has not been transferred to anyone else.

Indeed, an "immutable black hole" could be described as a shredder, agree. But that's not what that address is. The semi-official "black hole" address for Ethereum is 0x0000000000000000000000000000000000000000 (https://etherscan.io/address/0x00000000000000000000000000000...), currently has $29,461,295.02 worth of ETH in it. Any other (valid) address is just another address on the network.

"It's not a black hole, because black holes are collapsed stars, which is clearly not what we're talking about."

This is basically the style of argumentation being used here. Frequent equivocation over the terms "valid" and "black hole" to avoid addressing anyone's actual point.

Why do you see a difference between colloquial usage of ‘black hole’ and ‘valid address from which tokens cannot be retrieved’?

This kind of argument came to mind when I first read the thread, but then I thought... isn't the whole point of crypto to be decentralized? To avoid these kinds of concentrated power structures?

Also, chemistry sets come with a lot of graphic warnings.

Do we need a "hot coffee is hot" warning label on every crypto transaction?

And yes I'm aware the lady in the case suffered and it's terrible. I'm just being facetious

Oh come on. This is clearly a terrible system design choice and should have never been codified.

If it is ever going to solve a fraction of the societal ills promised, yeah sounds like it will need that warning.

I've been paying attention to this whole thing for a few years, and I still can't tell how I could send coins to a friend if I had them.

The thing that gets overlooked here is this guy had to have an above average understanding of all this to even get into a position to make this mistake. Manually sending weth to a contract address is not a process a newbie would even conceive of doing. Or even having weth in the first place.

This guy was pretty far over on the right side of the bell curve when it comes to Ethereum knowledge.

It's still obviously a giant design gotcha that losing money this way is possible. They fact that it happened to a guy who knew probably 95% of the esoterica he needed to know to complete the transaction successfully and still got completely burned is an issue.

> The thing that gets overlooked here is this guy had to have an above average understanding of all this to even get into a position to make this mistake

You'd think so, but you'd be surprised.

> This guy was pretty far over on the right side of the bell curve when it comes to Ethereum knowledge.

No, that's not true. Even people at the beginning of the bell curve know that you don't send half a million worth of anything around without verifying first that what you're about to do, is correct. You first do that by reading through everything and double-checking. And after that, you do the thing you want to do, but with 1% of the value or less, and verify/double-check again. After that, you do what you actually wanted to do.

The ecosystem is very new, has bunch of sharp edges everywhere and there is no recourse if you do anything wrong, so going through this process is something you learn very early on.

> They fact that it happened to a guy who knew probably 95% of the esoterica he needed to know to complete the transaction successfully

This is obviously not true, as the person seems to not even have search for "How to convert X to Y" before performing something they know they might not be able to undo.

If this happened at a bank everyone involved would fix it and have a nice laugh the next day.

If this happened at a bank, you would be told you submitted the wrong form to withdraw foreign currency from your account (closest analog I can think of) and be given the correct form before it even started getting processed.

A better analogy would be that you sent the money to a bank account you thought belonged to X, but X can no longer prove that they actually are X, so the bank are not allowing them to withdraw the money anymore. Would the bank still send back the money, even though the recipient was technically correct?

This is indeed the level of knowledge required for even just transferring ETH to another person/wallet. There are different kinds of ETH, and if you transfer to the wrong kind of wallet, you lose everything.

Despite the protestations of advocates, this kind of thing is a major hurdle to adoption.

I'm a cryptocurrencies/blockchain advocate in general but this wETH/BnbEth/sETH/stETH and similar crap is just crazy and stupid.

Same. That top reddit comment that crypto is not ready yet is absolutely right. This feels like a small bu2ow er trting to digitalize their whole operation on 1978 micro computers and getting burned for it.

"Any sufficiently advanced technology is indistinguishable from magic."

but yes, I find myself thinking the same with many things. especially when the disciples seem irritatingly proud of their "knowledge" which actually is just a collection of arbitrary and anti intuitive rules.

Perhaps it's time to coin (sorry) a new phrase:

"Any sufficiently advanced smart contract system is indistinguishable from Magic the Gathering (tm)."

Agreed. Some people are super careful, like myself, when transferring money between personal (normal bank) accounts I always test with a small amount. Even if the bigger amount is like $200. And that's after triple checking the account number before clicking transfer. I can't imagine what I'd be doing with these exotic crypto accounts and smart contracts.

When I do money transfers on bank accounts, I read the 10 digits 4-5 times. If the person that I'm transfering to is in the room, I ask them to read aloud their account number as I follow.

The fact that you have to get 10 digits right and that a typo can result in sending the money off somewhere unknown, disturbs me a lot. It's amazing how cryptocurrencies mimicked that part about existing digital money to perfection.

Give me a QR code, or wire my wallet up with an address book.

Account numbers have checksums.

An „off by one“ typo cannot occur.

I wouldn't trust all banks to have such things in their account numbers.

Especially in the tech age where they seem to think they're beyond physical keyboard typos and OCR errors.

What are you talking about? IBAN account numbers have not one, but two digit checksums.

I probably don't live in the same part of the world as you. IBAN account numbers are not common here at all.

That only proves that banks in your part of the world are way behind the state of the art. The one thing it doesn't prove -- I hope you didn't think it does? -- is that Crypto/Blockchain is necessary for international currency transfers (as some deluded poster here tried to argue a week or two ago).

Do you know how account numbers work in every bank in every country?

In Canada we use email for person-to-person money transfers. I transfer money to my contacts by email address. They then get an email which informs them they have a pending transfer, and allows them to deposit it into their bank account.

You can optionally register your email with the central system for autodeposit.

That’s available in most US banks as well, but direct account to account transfer via account number is also possible.

This is one thing that really confuses me about crypto. Whenever I've worked on a website there is an underlying idea that things need to be simple and intuitive because users aren't going to struggle to figure out how to use your site - they'll just bounce.

It's hard to reconcile my experiences with trying to get users to understand and use relatively simple things with the inscrutable nature of the crypto space. Crypto is overflowing with unwieldy acronyms and punishing rakes to step on. And yet, people are putting massive amounts of money into this?

That's disingenuous. These are really basic concepts in the space (where space = smart contract blockchains).

If you're going to slush a cool half mil around, you should really have absolutely basic litteracy of how this stuff works -- just how you should have the same litteracy about the banking system if you're going to half a mil there too. Or hire people who do.

Agreed this is all nonsensical

I would not really call a "one way only exchange contract" magical knowledge.

I, OTOH, would call a "one way only exchange contract" that doesn't reject "wrong-way" input but confiscates it... magical bullshit.

Exactly. And to the critics in this thread, a thing is not necessarily faulty because you fail to understand it.

> It sounds like those arguments you'd hear between kids in junior high over magic cards or pogs or something.

"Just as trying to think up startup ideas tends to produce bad ones, working on things that could be dismissed as "toys" often produces good ones. When something is described as a toy, that means it has everything an idea needs except being important. It's cool; users love it; it just doesn't matter."

From http://paulgraham.com/startupideas.html

The problem with crypto is despite your explanation, I have no idea what any of your post means. Not any of it.

From what I understood of afidrya explanation (in a sub-comment):

* there's a smart contract to which you can send ETH (directly), it sends WETH back

* however the inverse operation (WETH -> ETH) is not done by sending the WETH, you're supposed to call a special conversion function of the contract

I guess the smart contract only looks for ETH in its wallet (at its address), it ignores the WETH entirely, and thus the WETH become inaccessible.

So the contract is a deposit ATM where you can deposit cash and it spits out a bank check, but if you deposit a bank check it just shreds the check.

Or a currency conversion machine where you can shove USDs in the slot to get EURs, but if you shove EURs in, to the shredder they go,

>So the contract is a deposit ATM where you can deposit cash and it spits out a bank check, but if you deposit a bank check it just shreds the check.

>Or a currency conversion machine where you can shove USDs in the slot to get EURs, but if you shove EURs in, to the shredder they go,

Very good explanation, thanks, though the machine you describe would not probably be called a "smart" ATM.

None of these explanations have ever covered what the hell WETH is, or the reason the person was trying to exchange it. Seems like there's still a lot of implicit assumptions in these explanations.

WETH is short for “wrapped Ether”. It’s a token issued on the Ethereum blockchain. This token conforms to the so-called ERC-20 standard, which is — essentially — the API of the token. Ether itself does not conform to the ERC-20 standard, which is why wrapping it is necessary to e.g. exchange it for other ERC-20 tokens via a smart contract designed for this purpose (confusingly called a “swap”).

WETH is the ERC20(coins) version of ETH. It turns ETH into coins, so the contracts have an easier time interact with it

> Or a currency conversion machine where you can shove USDs in the slot to get EURs, but if you shove EURs in, to the shredder they go,

This example is kinda funny. If your bank notes were accidentally damaged in germany, you could send them to the federal bank and have them replaced as long as more than half of the bank note can be reconstructed. This is a service intended especially for victims of fire or flood catastrophes, though dog related accidents aren't unheard of either.

AFAIK it's the same in the US (the US mint is in charge of both producing and destroying money), because treasuries want to keep track of the physical money supply.

Returning to a browser tab I've had open for a while, I see you beat me to the "currency conversion ATM" analogy by two days.

> but if you deposit a bank check it just shreds the check.

Why would you ever want to “shred the check”? Is this the intended functionality or a bug?

> Why would you ever want to “shred the check”?

You don't, and it's not what technically happens, but it's the closest I could find as the actual behaviour can not be replicated in the real world.

The actual behaviour, at least in my understanding, is that the bank check goes in a box to which only the ATM has access, but the ATM was never coded to look for bank checks in the box, and it's not possible to update it, so it's not possible to get the bank checks out of the box.

In the real world you could take the box out and force it open, but in "the blockchain" the contract has sole control of the wallet, an updated version of the contract would be a different contract with a different address.

> Is this the intended functionality or a bug?

It is, in the broadest sense, a bug: the contract was not coded to handle anything other than ETH inputs, so it ignores everything else, but the other things were still moved into the box.

I honestly thought it was satire at first.

This is apparently a feature, not a bug.


Ok so the problem then seems to be with your understanding of the space, not with crypto itself.

I don't go to a geneticist and go "the problem with genetics is I have no idea what any of it means".

This isn’t genetics, it’s money. Crypto needs to be simple enough for everyone to understand before it can be adopted by everyone. My kids understand stocks and back transfers, while incredibly smart and savvy people are getting confused about crypto and losing money accidentally (it’s not just this single incident, it’s a common story). This isn’t good, and shouldn’t be dismissed as people having unreasonable expectations.

I agree that cryptocurrency has a ton of UX issues to work out in practice, but you don’t need the level of explanation in the top post in order to use it, so the issues mentioned aren’t relevant in practice, and aren’t a good example of “poor cryptocurrency UX for end users”.

What the redditor did was analogous to ignoring the exposed UI elements on a web page and instead opening up the console and calling the JavaScript functions directly. The average user doesn’t try to do that, and so any such failure is not an issue of the website “needing an advanced understanding”; simply following its UI elements is enough.

So it’s unfair to equate the understanding needed for the top explanation with the understanding needed to use a cryptocurrency app.

That contract could have been designed better.

That user could have used it how other people use it.

There are a lot of things here that have nothing to do with “crypto needs to be simpler” copypasta. This particular thing was not simple and never will be unless everyone stops using it. Focus on that one thing: How to design a better smart contract? How to design a better UI for the end user? Thats a great discussion for a programming forum actually.

> This particular thing was not simple and never will be

The user used a currency-exchanging thing, sent it a currency it shouldn't accept as input, and it swallowed his currency in stead of rejecting it.

What's "not simple and never will be" about that? Seems utterly simple to me: The currency-exchanging thing didn't work as it fucking obviously should. And the cryptards have the unmitigated gall to call this shit "smart"... Sigh. Geroffmylawn.

Treating this transfer of WETH as just 'money' is an overly simplified model that is going to get someone burned in the same way as this reddit user. You are interacting directly with low level APIs that are irreversible while sending a lot of money to them, without knowing what they do. This is NOT good, and believe anyone without thorough understanding of these risks and how ERC APIs work should NOT be doing this.

There is an absolute need for cleaner UX on top of this with assurance/insurance to avoid this scenario (both of which exist and are being improved regularly). In the same way you don't directly interface with SWIFT APIs when doing bank transfers, you should not interface directly with ERC20 approve/transferFrom APIs in Ethereum, unless you really know what you are doing.

Still, it shows that crypto is unlike other asset classes like cash, property, stocks, etc. where an unintended 100% loss on $500k is much harder.

Humans didn't design genetics, it's a chaotic and confusing system that evolved by chance.

If you are seriously comparing your monetary system to something that evolved by chance there is a problem with your monetary system.

You are expecting to understand how a completely new and complex technology works from 5 lines of text. Imagine if someone tried to explain Kubernetes to you in 5 lines of text.

Sure, but celebrities and grifters aren't pushing the general public to adopt Kubernetes or bet their life savings on their understanding of it.

There certainly is a different group who pushes Kubernetes as the savior of DevOps. I’ve seen this put plenty of pressure on teams to adopt it and they’ve gone in too fast, resulting in downtime, security issues, and huge operational costs. These are real costs and can have an affect on someone’s home life and career prospects within their company. I’ve had to go in and save quite a few of these people, and they were pretty miserable.

We shouldn’t shill any technology, and anytime we do talk about it’s virtues we should discuss its shortcomings and why people should be hesitant to use it.

Agreed - but Kubernetes won't result in you losing half a million of your assets in an instant.

I mean unless you decide to use Amazon EKS for a side project of course...

Let's try. I don't know what kubernetes does. Can anyone explain in five lines of text?

It abstracts away underlying hardware, leaving you with a convenient set of abstractions for deploying containerized networked services. Sort of an OS for a cluster of distributed machines. Unfortunately this involves lots of YAML. How’d I do?

Except for the very last part because I don't know what YAML is, but the rest was understandable.

Which I think drives the point of all this crypto talk in acronyms contributes to it being incomprehensible.

YAML stands for “YAML Ain’t Markup Language”, (originally “Yet Another Markup Language”).

It it a way of storing the same kind of thing that JSON can store.

Though, unlike JSON, it supports comments, uses a python-like significant indentation, and has a few uh, things not in quotes sometimes being taken as strings, but if it is `NO` then instead, if there are no quotes, it will be interpreted as the constant false .

Better than all the crypto nonsense.

One could write a sentence like that about smart contracts. One I pulled from Google:

Smart contracts are simply programs stored on a blockchain that run when predetermined conditions are met. They typically are used to automate the execution of an agreement so that all participants can be immediately certain of the outcome, without any intermediary’s involvement or time loss. They can also automate a workflow, triggering the next action when conditions are met.

And here's the "oh so complex" contract in question, all 60 lines.

  contract WETH9 {
    string public name     = "Wrapped Ether";
    string public symbol   = "WETH";
    uint8  public decimals = 18;

    event  Approval(address indexed src, address indexed guy, uint wad);
    event  Transfer(address indexed src, address indexed dst, uint wad);
    event  Deposit(address indexed dst, uint wad);
    event  Withdrawal(address indexed src, uint wad);

    mapping (address => uint)                       public  balanceOf;
    mapping (address => mapping (address => uint))  public  allowance;

    function() public payable {
    function deposit() public payable {
        balanceOf[msg.sender] += msg.value;
        Deposit(msg.sender, msg.value);
    function withdraw(uint wad) public {
        require(balanceOf[msg.sender] >= wad);
        balanceOf[msg.sender] -= wad;
        Withdrawal(msg.sender, wad);

    function totalSupply() public view returns (uint) {
        return this.balance;

    function approve(address guy, uint wad) public returns (bool) {
        allowance[msg.sender][guy] = wad;
        Approval(msg.sender, guy, wad);
        return true;

    function transfer(address dst, uint wad) public returns (bool) {
        return transferFrom(msg.sender, dst, wad);

    function transferFrom(address src, address dst, uint wad)
        returns (bool)
        require(balanceOf[src] >= wad);

        if (src != msg.sender && allowance[src][msg.sender] != uint(-1)) {
            require(allowance[src][msg.sender] >= wad);
            allowance[src][msg.sender] -= wad;

        balanceOf[src] -= wad;
        balanceOf[dst] += wad;

        Transfer(src, dst, wad);

        return true;

Why does anyone want to use this?

Knowing nothing about it, this is the question that remains unanswered to me after reading through dozens of comments on this debacle. What was the person who lost half a million trying to accomplish? For what benefit?

I assume that if you just want to use ETH to buy and sell stuff, you don't have to get involved with any of these smart contracts.

There's some detail on weth.io. apparently ETH is not Ethereum (ERC-20) compatible, if you can believe it.

I'm still kind of confused how ypu go from one ERC-20 chain to another. I know there's wrapped Ether on other chains but I'm not clear on how it got there or whether it's a good idea to hold that. Seems like a "not my keys" situation in a way.

You mean buy and sell goods and services? Correct me if I'm wrong, but I don't think basically anyone uses ETH for this (compared to BTC and BCH where at least some merchants exists). If you want to buy and sell tokens in a decentralized fashion, then you'll have to deal with smart contracts.

> I assume that if you just want to use ETH to buy and sell stuff, you don't have to get involved with any of these smart contracts

Correct. If you want to send someone money unconditionally, you can just send it without a smart contract.

> What was the person who lost half a million trying to accomplish?

Why/when to use WETH? From the beginning:

Like Bitcoin, ETH is a crypto currency that has it's own token called ETH (or Ether), you can hold it, send it from one address to another address and earn it by mining. Providing a basic finance and value excahnge platform.

In addition to ETH, Ethereum supports (via Smart Contracts) things called tokens, that are effectively alternative cryptocurrencies. Pre-Ethereum, people needed to create a new chain for each new token, for example you have "NameCoin" and "LiteCoin" and "DogeCoin" and so on. Each has it's own network, initial block, wallet client, mining pools, etc. It's a copy and paste and edit of Bitcoin each time.

With Ethereum, you can create a new token with it's own separate initial supply, precision, allocations etc. on the same blockchain (Ethereum) using a Smart Contract. People can use these tokens on the same network, using the same tools. However there are limits on how different they can be - you can only do what the Ethereum tech allows.

Now as time went on, there were a lot of tokens, and so they developed a standard, ERC20, which is like a C# or Java interface that defines a standard token. With this in place people can write code that interacts with "any token".

I could create a stock exchange contract where people list, place orders etc. to swap tokens. Even once this stock exchange is written and deployed, people can create brand new ERC20 tokens, and because those new tokens meet the interface, the stock exchange will work with it.

This all hots up and of course people naturally want to use these stock exchange, and other contracts (be it gambling, lending, escrow or whatever...) with the original ETH token, since everyone playing has ETH (you need ETH to pay network fees), and it's value is going up and wotnot.

But ETH is not a smart contract. It's hard coded into Ethereum. It was written before ERC20 was standardized. So you can't use Ethereum as one of the tokens in your stock exchange.

WETH offers a way to wrap Ethereum in an ERC20 token and solve that problem!

Since smart contracts can define rules about deposits, withdrawals, etc, and smart contracts can own their own Ethereum. This wrapping can be done purely in code. No need to trust "WETH Inc"*.

WETH is basically an "adaptor" from the gang of 4 design patterns.

* Other wrapped coins usually require trust. For example "Tether" wraps USD, but it requires a company to manage the bank accounts. People may decide they don't believe that company really has the funds, or the parent company could be put out of business by a government. WETH on the other hand is wrapping something on the blockchain in a code-automated way.

You can make mistakes (like the OP) but unless there is a big security hole no one has discovered, you can't have the money stolen or confiscated unless your private keys are compromised.*

Thanks for the explanation. So presumably the person involved was intending ultimately to do something involving some market that uses WETH rather than ETH, and was unwisely testing how the system works with ETH worth half a million dollars rather than five dollars. (Or possibly they changed their minds about using WETH for some purpose, and so just wanted their ETH back?)

Yeah, having done this myself, a use case might be:

1. Buy ETH

2. Convert to WETH

3. Swap for TOKEN

4. Hold TOKEN

5. Swap token back for WETH (hopefully made a profit there)

6. Convert WETH back for ETH

I did this using Metamask / Uniswap so it is all done for you. So I had no need to understand how the contract works. Also didn't have anywhere near $500k!

and this will be the 500k trap:

  function() public payable {
If it didn't have this no-arg behavior, then the mistake wouldn't have been made.

The issue is the question here which is probably invalid.

Cryptocurrency is designed for general use. Kubernetes is designed to abstract specific problems away for specialists.

Smart contracts are not something people who just want to send and receive money are meant to use.

Systemd for clusters

I wouldn’t offend kubernetes with that association :)

Then learn. There is standardized education available now.

How is you being unable (or unwilling) to understand an explanation of a domain you're unfamiliar with a problem with crypto?

This is not necessary a problem? If someone waxes lyrical about nodes, pods, containers and ingress and you know nothing of kubernetes it will sound like jargon soup. But people can understand kubernetes and build services with them, and present UIs using these elements that ordinary people can use.

You are on the Internet - you can find out anything (uncensored). :)

But yeah who has the time...

TL;DR: He completely lost his money by entering the wrong details rather than testing payment first.

He tested it by converting Euros to Dollars first, used it for a while and then put Dollars in to the same machine and they were shredded.

He did test but using the wrong mental model.

Why do we have a machine that shreds any dollars? Who anywhere is interested in a dollar shredding feature?

That's the correct question.

The supporters here are saying "yeah, it shreds dollars, he should have known that". And yeah, if you have a machine that shreds dollars, you better know what it does. That's a good reason for not having such a machine.

Anyway, ETH seems to be full of those features where it shreds money on places that are really not obvious and sometimes gets every single person by surprise.

> Why do we have a machine that shreds any dollars?

Fuck knows. No legit reason that I can see; because cryptards are idiots, is the only thing that comes to mind.

> Who anywhere is interested in a dollar shredding feature?

Nobody with the least bit of sense. (But, see above...) That's why he was complaining about it.

Don't judge crypto by one person's poor explanation of how smart contracts and wrapped tokens work.

Judge it, in stead, by the fact that it makes it possible to set up automatic money shredders.

Ethereum, not crypto. Bitcoin is less complex by choice.

>The problem with crypto is despite your explanation, I have no idea what any of your post means. Not any of it.

Not entirely sure what point you're trying to make here.

Or, in other words: the exact same thing happens to my 80 year old grandmother when I explain about my android phone.

Doesn't make the device any less useful.

Well it makes it less useful if your grandmother can't use it to call you.

... or if your grandmother tries to use it and loses half a million dollars.

if my nans had that kinda money she'd have an iPhone.

And still not be able to call you. (And/or still be able to lose half a million dollars.)

Do we really think women with grandchildren can’t understand Android phones?

Yeah i reckon some 80 year old grandmothers struggle with some Android functions.

I have seen real proof of this. The only reason "regular" people buy Android is to save money, but it becomes a support issue for their children and grandchildren. I've made sure my entire family is on iPhone. My mom could never figure out the bottom three buttons on Android. iOS makes more sense to her.

Counterexample: me. I'd pay double to get a phone that didn't have its on it.

I think this is a problem with crypto that will forever prevent it from becoming mainstream. The average person understands the concept of money but understanding smart contracts is out of scope for a large part of the general population m

Even in todays traditional banking system there are a litany of cases where people refuse to take responsibility for their gullible actions and expect their bank to bail them out.

There are a few stories on the ThisIsMoney (UK's Daily Mail's money rag) front page right now about relatively convincing and sophisticated scams where people were robbed of thousands.

The average person isn't ready for the risk of crypto.



It’s really incredible how easy some of these scams appear to pull off. “I’m your oldest child and no my microphone doesn’t work so I can’t talk to you and I need $2000 immediately” and the parent bypasses warnings from the bank about possible fraud and shoves the transaction through…

It also shows how many of these scams can be defeated with a few simple precautions. Most of them would be defeated by calling the bank back… in other words don’t answer your phone, make all your calls outgoing. Others are defeated by simply not doing anything hastily and under duress (like urgently wiring all your money to an external account for “safekeeping”).

This is one of my actual fears for deep fakes - imagine actually being able to perfectly imitate someone's child to scam them. My parents and I long ago set up a codeword system as a way to delegate trust, but imagine actually hearing your child in distress - it could short circuit your skepticism pretty quickly.

> Even in todays traditional banking system there are a litany of cases where people refuse to take responsibility for their gullible actions and expect their bank to bail them out.

Yeah, but in today's traditional banking system people don't have to contend with currency-changing ATMs that change dollars to euros, and when you feed euros into them by mistake they just shred your money in stead of spitting it back out.

That's not the user being gullible (or OK, maybe that too, but mainly), it's the system being moronic. Or perhaps rather, evil.

Hm, but wouldn't smart contracts have to be as complex as a non-smart contract, if a smart contract were to replace the dumb contract? If I'm looking at the regular B2B contracts I'm supporting at work, even normal contracts are already testing people. Piling (highly complicated, mind you) software on top of that problem seems nuts and entirely not feasible.

Dont know of any traditional contract that can accidentally make money vanish. Also you can go to a centralised authority e.g. bank or court to do something about the wrong party holding the funds at any given point.

You can even retrospectively apply reasonable person type arguments no?

And that is even an argument on top I didn't even mean.

> You can even retrospectively apply reasonable person type arguments no?

Yeah. A significant part of a traditional contract revolves around defining the entities and behaviors you're actually talking about, and another part is about specifying requirements and boundaries for these entities and behaviors. However, it is entirely possible that during a conflict, the parties of the contract disagree about the meanings of the words on paper.

In such a case, you'd bring in a judge by bringing this to court, and a judge has the right to interpret the words and act in the spirit of the contract clauses, not just the words, and to deliberate about the feasibility of clauses. And that's a good thing, because this is a strong defense against scam and fraud.

Like, if something really strongly looks like a contract to buy a car, but technically doesn't say you buy the car, but also doesn't say you don't buy the car. If you get sued for not paying rent or stealing the car in such a case, you could argue you thought you owned it.

That's another, huge, topic.

The nearest scenario in dumb contracts would probably be wiring funds to the wrong foreign bank account. But there are usually a lot of intentionally placed checks before you do something that stupid. And even if you did, at least there's someone you can call. That seems a bit smarter, really.

Non-smart contracts also have something like the two sides having an understanding of what the spirit of what they agreed was, and they can be discussed in court and interpreted by a judge when all else fails. So not absolutely everything has to be spelled out all the time.

Smart contracts are code and there is no fallback mechanism in case of mistakes.

They probably have to be way more complicated than non-smart contracts?

"Smart Contracts" are neither "smart" nor "contracts"... so it really is a poor term.

"Dumb procedures" is more descriptive IMO.

>Smart contracts are code and there is no fallback mechanism in case of mistakes.

Well, there is, but it's hard to pull off -- you can get the entire network to hard-fork to reverse it, like in the DAO hack response.


This works because of legal precedent.

The equivalent in code is pre-existing libraries, and miles of them. But the law has highly developed ways of ridding itself of cruft and tech debt over time, in a way that lib dependencies really don't.

Legal precedent is a method for defining laws, not a requirement of a legal system. It is absolutely not essential to solve issues of incomplete, ambiguous, or invalid contracts.

The key factor is: human judgment

Oh yea...we didn't think of that...oops.

Surely, that problem will just scale with time, adoption and law suits.

This is all such an unbelievable waste of intellectual resources to re-invent the wheel

I think it is more a fundamental philosophical problem with Ethereum. They have fascinating ideas and workarounds for all sorts of issues, but in the end they keep layering complex solutions on more complex solutions.

Maybe a bit like enterprise software, just add another abstraction layer...

The problem is that irreversible transactions are just bad. There is no way around it. Crypto is broken at the most fundamental level.

This kind of fuckup could not happen with regular banking and if you somehow did mess up you can almost always have your money recovered. There is no way to just black hole it never to be seen again.

Some cryptocurrencies make it impossible to black hole funds by requiring the recipient to prove they can spend the money they're about to receive before they receive it. Needless to say, these cryptocurrencies do not feature smart contracts.

Afaik bank transactions are also non-reversible. I don't think that is the main issue, although certainly it is a problem.

If it bothers you, you could probably also go through some service that insures your transactions and gives you a degree of reversibility.

I am unaware of any country where this is true. Many countries have limits on how / when transactions can be recovered but AFAIK there is nowhere where bank transfers are absolutely final with no recourse.

In my country (Germany) afaik if you transfer money, the bank is not guaranteed to be able to get it back (if it has already processed it). There are other forms, for example other people can withdraw from your account and you can contest it within a certain time frame.

A service...like...a bank ?!?

Sure, if it is important to you? But I think there are also smart contracts/escrow services that require you to do additional things besides pushing "send".

The classic is for a trade, and the receiver has to confirm they received the stuff before the money is released.

Afaik "traditional" companies like ebay also struggle with that kind of thing.

The problem is, they have a fundamentally simple concept that solved the double spend and trust problems for a decentralized (sort of currency).

That part we kind of figured out, maybe it's ok, albeit super slow and power intensive, but let's put that aside for a while.

But is there a solid mathematical and cryptographical basis for everything else layered on top? I don't get that impression, it just looks like they're just plugging gaping holes because there's a gold rush to be continued!

If they're just rebuilding a crappier version of the global financial system, there's no point in the rest of us following them.

The financial system cannot run on blockchain technology, even if the technology worked well. This is because "decentralisation" requires blockchain assets to be "unconfiscable", but financing is only feasible if the assets are "confiscable" (otherwise the borrower can walk away with the money and suffer no consequences).

That doesn't seem to make sense. Don't people usually borrow money to spend it (for example to buy a house or finance their startup)? So in most cases the borrowed money is also gone and at most you can confiscate the collateral (for example the house). That is still possible with crypto.

In decentralised finance the legal system, which in conventional finance has the power to seize the borrower's assets in the event of default, is replaced with "dumb contracts", but dumb contracts don't have such a power. Financing is basically impossible with decentralised finance.

Just because finance is decentralized doesn't mean the law doesn't still apply. I don't know where you get that idea from. Also not sure what you mean by "dumb contracts" - crypto contracts can contain code on top of text, whereas traditional contracts can only contain text. So obviously the crypto contracts are strictly superior.

The counter-party to both the borrower and the lender is a dumb contract. A dumb contract is not a legal person, and therefore it cannot initiate legal action, nor legal action can be initiated against it. Furthermore, there's no legal agreement between the dumb contract and its counter-parties, since, again, a dumb contract doesn't have a legal personality which is required to enter into legally-binding agreements.

Depends on the service, but I would think (ianal) if somebody publishes a smart contract and says "you can buy my house via this smart contract", then that person is the counter party, not the smart contract.

Of course you can burn your crypto and send it so some random contract. You can also take traditional money, go to the woods and burn it.

If the borrower and the lender sign a loan agreement with an intermediary, or among themselves, then sure, but this is conventional finance, not decentralised finance. In this situation the dumb contract becomes redundant. It doesn't do anything.

In the case of real estate, it replaces the solicitor. And it facilitates the money transfer, so it also replaces the bank.

No. A dumb contract doesn't replace a solicitor and it doesn't replace a bank. You're just saying things now.

That's why you use smart contracts. You are just unwilling to consider any possibility that crypto could be useful.

You use a dumb contract in a situation where otherwise you'd need a solicitor? Please, explain.

In my country at least, the government charges lots of money (several thousands) to change ownership of real estate in a government managed ledger. That obviously could be replaced by crypto, which (in its basic form) is a distributed ledger. Ownership can be proven via the blockchain.

> That obviously could be replaced by crypto


So far you've been using the present tense, "the [dumb] contract replaces the solicitor", or such.

Obviously it doesn't. Or could you tell me in which countries in the world you won't, at present, have to pay the government to register real estate ownership changes in its ledger just because you paid the seller in a crypto-"currency"?

> That obviously could be replaced by crypto

It's not obvious at all that it could be replaced by crypto.

I went to some workshops when Ethereum was developed (sadly I decided against investing in the ICO because some aspects didn't convince me or I didn't understand them well enough). Even back then the discussion was that they were trying to do too much and it would be difficult to make it work reliably. Bitcoin deliberately chose a more conservative approach. Bitcoin also actually has a scripting language and allows for smart contracts, but they were much slower with unlocking its features for real. (I don't know the current state of it).

Just to say, it really doesn't make sense to judge "crypto" by the state of Ethereum. There are different philosophies, different approaches, different people.

Domains where the basics are still being actively researched should never be part of the backbone of human society, though.

Maybe they'll find solutions. Cool, let them put those solutions in practice in 2040 when all the bugs have been worked out.

Frankly that is the best case scenario for crypto. It's similar to the dot com bubble in 1999 actually, it's 20 years later and the internet is finally somewhat useful and intergrated into our lives. Originally it was just a bubble inflated with ad revenue inflated with investor money

Yeah, but the web was instantly useful for a huge array of legitimate uses.

It was never a solution in search of a problem.

In 1999 the tech wasn't there but everyone could see where it was going, like all investments, it was a matter of timing.

Crypto is still at the fundamental research phase and we don't even have consensus that it does more good than bad, yet.

It does good when your bank accounts get shut down, as happened to Wikileaks for example.

That's a super niche application, not a mass market use.

And yes, I know about the supposed use for people in countries with unstable regimes but I'm not convinced at the moment. Plus that use case, being that of people generally having low disposable incomes (barring China) absolutely doesn't justify the market value of crypto at the moment.

Inflation hits the masses, or in general money supply manipulation schemes. In the last few weeks, markets tanked just because the FEDs announced they plan to increase interest rates. Is that really how we want to go on?

Cryptocurrencies are only used for speculation.

That's your best argument against regular currencies? That they're being manipulated, too? :-)

Bitcoin is not being manipulated. You may be confusing it with Bitcoin markets and Bitcoin trading. Nobody can conjure Bitcoin out of thin air or manipulate interest rates on it.

> Nobody can conjure Bitcoin out of thin air

That's exactly what Bitcoin miners do: They take pure thin air and convert it into noxious power plant fumes. Pure air is what the odiferous Bitcoin is conjured out of.

Bitcoin has been working pretty well for years now.

Working well for what? It's useless as currency.

Working well at letting people keep and transfer crypto coins.

Cabbage patch dolls and pet rocks also work very well at letting people keep and transfer cabbage patch dolls and pet rocks, but that doesn't make cabbage patch dolls and pet rocks a sensible base for the economy. Crypto-"currency" proponents sound pretty much like the folks who used to think cabbage patch dolls and pet rocks would be the future currency.

It seems to me the philosophical mistake is that banking and financial system regulations came about randomly. As if these are just unintended software bugs. As if there was no reason for the regulations.

So all this complexity to get around regulations but you are going to run into the reasons this regulation came about at some scale.

I'm not convinced the government regulations around finance are a net win. Might often just be wishful thinking by politicians, just decree things have to be in some specific way, rather than tackling the root causes for issues.

Its more analogous to being surprised that a VCR might occassionally eat up and destroy a VHS tape, and thinking “this will stop mainstream adoption”

Agreed. It's so powerful but always so complex and confusing and there's just way too many footguns like this.

"Gas" is one of those concepts where I have to relearn what it is every time I read about it but never can retain it for very long. (See also Big O notation.)

Say what you will about the primitiveness of Bitcoin and other early coins but at least they're quite a bit more comprehensible.

> gas

Isn‘t that just the fee for transfering cryptocoins from one wallet to another?

And you can decide on how much it is for your transfers, but if it‘s too low, your transfer will take a long time, up to „infinity/never“.

Gas is the reward for servers in tthe distributed system when they are (taking part in?) executing the smart contract, so that a buggy infinite loop would run out of gas soon.

With 500k$ this smart contract will be able to run for a while.

smart contracts rack up fees for every machine instruction

if your gas doesnt cover the runtime of the contract, the process rolls back all transactions and eats the fee. so you have to overshoot and get refunded the difference.

always seemed like a nonstarter to me, that the computer cant tell me how much gas it needs (see: halting problem)

Billions have been transferred through that contract with no problem. Its pretty much the worse example to bring up that copypasta.

This was an early adopter that just got around to experimenting and didnt even try to keep up with how things work now.

This can all be abstracted away, so end user doesn't even know he is interacting with blockchain tech.

Just because you can do crazy stuff, doesn't mean you have to do it. Like the normal guy isn't trading interst rate derivates or stuff like that.

Also at least with european banking, if you wringly send money to another account, it is also gone forever. A lot of scams regarding old people build up on this. We do not need to buy google play store vouchers like the americans tonget scammed.

>Also at least with european banking, if you wringly send money to another account, it is also gone forever.

Not true. The money is still legally yours if you can prove that it's a mistake or you were deceived, and can be recovered via the legal system if the recipient does not refund it voluntarily. Scammers just move the money away via other, less traceable channels before that can happen.

If caught quickly enough, like within a day, and the money is still in the receiving account, it is very easy to get your money back.

As you say, scammers move money quickly, and they do so to avoid the money being refunded.

> As you say, scammers move money quickly

Aren't European bank accounts tied to real world identities?

You get the first somewhat sober bum on the street with an ID card to register a bank account, they give you credentials, you give them €1000.

They use money mules, the same as US scammers.

And if you send it to the wrong person who isn’t a scammer. They aren’t going to quickly move the funds and shut their account down.

When someone accidentally sent me 200 EUR about 15 years ago it sure as heck didn’t stay mine: their bank contacted mine, which then contacted me to warn me that they would soon be pulling it back out. The sender had transposed numbers in the Bankleitzahl - the pre-SEPA number codes for German banks that are still in modern IBANs, and I happened to have the same account number as someone at that other bank (all little community Sparkassen). Those Bankleitzahlen didn’t have any sort of checksum digits, but IBANs do, preventing most of these kinds of accidents.

> Also at least with european banking, if you wringly send money to another account, it is also gone forever.

It's not though? The money is still legally yours and can be recovered via the legal system. Only if it is moved out of Europe into less well regulated areas it becomes a problem.

This happens in every case though. If I give you cash and you take it to god knows where it can't be recovered either. If I give you money and let you leave with it then there is only so much any system can do.

> If I give you cash and you take it to god knows where it can't be recovered either. If I give you money and let you leave with it then there is only so much any system can do.

But at least someone still has that money; it hasn't been destroyed.

What happened here is the equivalent of sticking notes of the wrong currency into a currency-exchanging ATM, and it shredded them. The system itself was a destructor of value. That doesn't happen in the regular old cash-cards-and-banking system.

If you send money to the wrong person and they don't give it back, you can try sue them to give it back, but there is no inherent law that they must do so.

Or am I wrongly informed? Because that's the knowledge I have from central european laws.

There is, e.g. § 812(1) BGB in German law:

> Wer durch die Leistung eines anderen oder in sonstiger Weise auf dessen Kosten etwas ohne rechtlichen Grund erlangt, ist ihm zur Herausgabe verpflichtet. Diese Verpflichtung besteht auch dann, wenn der rechtliche Grund später wegfällt oder der mit einer Leistung nach dem Inhalt des Rechtsgeschäfts bezweckte Erfolg nicht eintritt.

> A person who obtains something as a result of the performance of another person or otherwise at his expense without legal grounds for doing so is under a duty to make restitution to him. This duty also exists if the legal grounds later lapse or if the result intended to be achieved by those efforts in accordance with the contents of the legal transaction does not occur.


Basically there is law that says for every money send should be a cause, reason that justifies sending. If there is no such reason, reciever is entitled to send them back.

This is gone like into an incinerator though, right? There's by design no way of getting the WETH or ETH back, but also no one controls them anymore?

Yes. Also this is not the first person to make this mistake. One redditor pointed out the person has done the largest such transaction to this contract, representing 45% of the total amount burned.

>Like the normal guy isn't trading interst rate derivates or stuff like that.

Heh, funny you say that, because there was the submission about the danger of the 30-year fixed mortgage, and how the typical borrower is in fact, making an effective bet on interest rate derivatives!

See this thread that quotes that part: https://news.ycombinator.com/item?id=29774806

I still don't get WETH. What is the purpose of exchanging ETH, which is a token on the Ethereum blockchain, for WETH, which is also a token on the Ethereum blockchain (with the same nominal value)?

Pretty soon you'll be able to get paid interest on your WETH in WTF. WTF is a meta token based on a smart contract token based on Ethereum. With WTF, you never need to worry about where your money is. You can be assured that 100% of the time you try to redeem it you will stare at your screen for hours going WHAT THE FUCK

WTF is an actual real token of ETH chain, https://www.coingecko.com/en/coins/wtf-token with a market cap of $1.3 million.

https://protos.com/crypto-airdrop-tries-cover-ethereum-gas-f... Did you know about the token beforehand and made a sarcastic post on it, or was it just a pure coincidence.

Pure coincidence. I had written "wtf" in response to something else and it just sounded like a good coin name for a joke. I don't follow the latest in shitcoins. Not that I'm exactly surprised there's a token called WTF...

“It sounded like a good joke” is the rationale behind a lot of popular altcoin names.

Incredibly, I wasn't even completely sure this was a joke. Something like this doesn't feel too far off from the madness going on in the space

Thanks. That lets me know I've done my satire well ;)

You got me on the first half..

After a while a standard api was invented for tokens that use smart contacts on ethereum. ETH predates these standards and is built in to the operation of the blockchain. Lots of smart contacts know how to deal with standard tokens but don't have a separate code path to deal with ETH. You can get a version of ETH that fits the interface by wrapping it in a standard token.

I think calling them tokens and giving them acronyms like they’re a currency of some sort leads to a lot of the confusion.

I mean, Java class naming wouldn’t be any better but “WETH” is just extending a base class with an interface.

It obviously stands for What Ever The He...ck.

It is a tool to convert ETH into an erc-20 compatible token. ETH itself can only be spent by the private key, whereas users can grant contracts the permission to manage the user's WETH for them.

WETH is Wrapped Ether. It fulfills the conditions of an ERC-20 token, so other contracts always interact with WETH not ETH. Most of this is obfuscated away so that users don't have to have WETH in their wallet for transactions.

ERC-20 is a token standard [1] that lives on top of Ethereum blockchain. It defines the API that any contract running on ethereum must implement in order to be considered ERC-20 compatible - e.g., transfer(), approve(), and so on. This is what gives tokens composability, and allow DeFi applications to build on top of each other.

As ERC-20 runs on top of ETH, it requires gas (paid in ETH) to execute the contract. But ETH itself is not ERC-20 compatible (after all, it's just the base layer; there's no "ETH contract"), so some folks came up with the idea of wrapping ETH into an ERC-20-compatible contract, thus giving birth to WETH.

The advantage is that now ETH (in the form of WETH) can now provide interoperability with the rest of the standardized tokens, including staking, lending, or anything else implemented via a contract. Pure non-wrapped ETH would never give you that; basically you can send your ETH to someone, and that's it.

Now, the weak link is that you're relying on the trustworthiness and the quality of the implementation of the contract, which - more often than not - is questionable. The WETH contract itself is pretty simple, with only 62 lines of code [3]. But one may argue it's overly simplistic, and they failed to implement basic safeguards, like sending WETH to itself, which is what caused OP to lose half a million dollars.

The other side of the argument is that WETh contract was simple by design. Every line of code in Solidity requires gas to execute, so adding even a basic checking to protect against what OP did would have increased the cost by millions of dollars in aggregate fees for everyone else, besides potentially introducing the risk of attacks or additional bugs.

Given that only ~250 WETH transactions[4] (out of 5,562,041 total tx), made the mistake OP did, one could argue that the design wasn't that bad. That's a 99.9955% success rate.

(to be clear: if I were the original WETH developer, I would have added the checking, in spite of costing a few additional bucks for everyone else. But I understand why someone may have thought otherwise. Besides, it was 2017; a lot has changed since then)

[1] https://ethereum.org/en/developers/docs/standards/tokens/erc...

[2] https://www.investopedia.com/news/what-erc20-and-what-does-i...

[3] https://etherscan.io/address/0xc02aaa39b223fe8d0a0e5c4f27ead...

[4] Mentioned in the reddit thread; have not confirmed myself.

Why was this person experimenting with $500k? Even with traditional ACH I send a $1 test transaction before any significant sum. I also use the “don’t fuck with paste” browser extension to ensure there are no typeos in the routing or account number, but just the same I still want to see a transfer work before I send a significant amount. With crypto where everything is much more complicated, there are no do-overs, and no bank to step in and undo a mistake, I’m even more cautious.

I think this more a story of poor risk management.

But they are in good company. I was on the Bear Stearns trading floor when they went bankrupt and I saw a hundred people loose their entire life savings and all their kid’s college money in a few hours. Those were licensed financial experts that were fully knowledgeable and practiced in a variety of risk mitigation techniques - which they failed to apply to their personal portfolios. The company was bought by JPMorganChase and a year later everyone that came over from Bear was gone - JPMC really just wanted the client list and their midtown office tower.

Also, ERC-777 tokens were supposed to fix this egregious problem by having all transfers check with their destinations (through hooks). There are also various similar extensions to ERC-20 I believe.

Unfortunately, practically no one uses 777 as far as I'm aware? Certainly the OG Wrapped ETH contract doesn't, and it can't be upgraded because it's immutable.

The additional transaction fees that using ERC-777 would cost in the Ethereum network are probably much higher than someone losing half a million every now and then. So economically, adopting ERC-777 would be a step backwards.

I agree that deploying the full 777 would be too costly, yes, and probably open up reentrancy attacks.

But one simple check in the transfer function would have saved this person half a million. I would gladly pay that tiny extra bit of gas for their sake.

I wonder how the math shakes out over time.

Economically, KYC in the real world is a step backwards. Economically, laws made to restrict trading is a step backwards. There's still a damn good reason we do it, but the crypto grifters seem to only see the economical part of it for some reason.

In that sense, crypto to me is like a consultancy taking a complex, legacy codebase and saying it'll be easier to rewrite it from scratch.

We see how that plays out all the time. Something shiny and new is produced but it completely fails to take into account why the original system was so complex. Given enough time, it becomes just as complex as the old system, if not more complex.

Satoshi is a pure ancap, the lack of regulations is a feature for them. Being able to be a grifter and scam people is a feature, not a bug to most of the cryptocurrency community.

This reminded me of John Cleeses classroom instructions in "Monty Pythons meaning of life"


Didn't you listen?

Where should one go to learn how all of these systems work? I've been trying to make an honest effort to understand how smart contracts, protocols, decentralized exchanges, etc. work, but after reading about the absolute basics quickly get bogged down in a sea of acronyms and jargon that seemingly lacks any clear explanation. This doesn't even include all of the shills, scams, etc.

> Where should one go to learn how all of these systems work?

Here's the path I'd suggest:

1) If you have no basic understanding of blockchains, read Satoshi's Bitcoin original paper, and Ethereum's Yellow paper.

2) Read about ERC-20 [1][2], to understand what "tokens" really are (TLDR: basically a hashtable stored in the ethereum blockchain, containing a mapping of balances to addresses, and the expectation that you must implement a standard API to be considered an ERC-20 token)

3) Learn about Solidity. The language is dead simple if you have any programming background (preferable C, but not too different than Rust/Python/Go), although it takes some time to wrap your head around the idea that the state is stored permanently in the blockchain. There's plenty of tutorials, but I found Ivan on Tech [3] to be excellent, and Moralis Academy [4] if you want something more structured (plus they offer many other courses in this area).

Solidity documentation [5] is also excellent. And Remix IDE [6] makes it really easy to experiment and run your "hello world" solidity programs in a simulated environment, without worrying about deploying to testnet, faucets, etc.

[1] https://ethereum.org/en/developers/docs/standards/tokens/erc...

[2] https://www.investopedia.com/news/what-erc20-and-what-does-i...

[3] https://www.youtube.com/watch?v=ILw-7mplRlI&list=PLo0ddf4DBU...

[4] https://academy.moralis.io/

[5] https://docs.soliditylang.org/en/v0.8.11/

[6] https://remix.ethereum.org/

I don’t understand why these contracts don’t let addresses that make this particular error recover their funds, it would be easy to implement at contract creation or am I missing something?

That would be a good fix, and it is a glaring omission. But the contract can't be upgraded, so all existing contracts depending on wETH would have to be migrated or replaced too.

Basically the smart contract could have been written so that this transaction was rejected or so that the money could have been sent back, but that would make inteacting with the contract a little bit more expensive for everybody. Or maybe the developers wanted it to be possible to burn tokens by sending them to the contract address.

Seems like maybe it would have been good if the ERC-20 standard had been designed such that you couldn’t send the token to an address controlled by a smart contract unless the smart contract had marked itself as being able to receive that kind of ERC-20 token (or as being able to receive all kinds of ERC-20 tokens)

Like, if the contract for the ERC-20 token would, when handling a send instruction, would check whether the recipient address was a contract address or an address controlled by a keypair, and if the former, would check if the recipient had been marked (not sure if this marking would be stored as data on the recipient contract or as data on the ERC-20 contract) as being able to handle the token in question, and if not, cancel the transaction (other than gas costs).

This seems like it would prevent this kind of error (or at least, reduce the problems resulting from this kind of error to just paying the gas fees), but it would also maybe increase the gas cost of sending transactions with the ERC-20 tokens and I’m not sure whether this increased cost would be negligible or not.

So to paraphrase. Broken technology with serious bugs

Therefore anyone looking to do anything other than gain speculative wealth should stay well away.

Another one born every minute...

Here is background on this for a developer-but-not-crypto-developer.

The Ethereum blockchain has its own money that is built right into "OS" of the blockchain. It's called ETH. Any time one program calls another, the actual function call itself can send ETH along with it. In fact, to transfer ETH from your account, you just make a function call to another account with no parameters, ignore return values, and transfer some ETH along with it.

Now it soon became apparent that this scheme left a bit to be desired:

First developers wanted to create their own moneys. ETH is hardcoded into the system, no one else can use that mechanism.

Secondly, funds can only be sent, never pulled. It turns out that it is really convenient to have funds pulled by trusted programs. It allows funds to be moved when you are not online. For example, you could make an offer to purchase something, and if the seller accepts, the money can be transferred to seller, and the whatever can be transferred to the buyer in the same atomic transaction. This also allows trusted programs to do the math for you using live market conditions.

Lastly, it's a giant security pain to actually have to call someone else's code, and give them the ability to execute right in the middle of the your code, any time code wants to transfer money. (This exact vulnerability lead to the first big hack on Ethereum.)

After a period of experimentation with people making their own money programs, the ERC20 standard was born. This standard is just a very small set of methods calls that a program has respond to in order to count as money. This isn't baked into the OS, it's just a standardized API interface between programs.

So you can call "transfer(...)" to move money, and you can call "balanceOf(...)" to find out how much money someone has etc. It works reasonably well.

The biggest ERC20 you have probably heard of is USDT / Tether. It actualy slightly predates the standardization, and so slightly doesn't match the behavior of everything else. This makes all programs that want to move money have to use a function that checks if the money is acting like USDT or acting like everything else.

Now the ecosystem has two kinds of money: ETH that works at the OS level, and everything else that works as a standard program. And these two have different security properties, and different ways of calling them. It's a pain to securely support both of them because the entire architecture of your code for working with them entirely different. And then there's the matter of not being able to pull ETH, which people often need.

So people decided to make a program that "wrapped" up ETH into and let others treat it as an ERC20 program. It's called wETH. You send the wETH program some ETH, it holds it, and it internally stores that you now have an amount of wETH to match the ETH you sent in. You can then spend it like any ERC20. Anyone can then ask the wETH program reduce the amount of wETH they hold, and give them back a matching amount of ETH.

Most new big blockchain programs, DeFi/NFT/Multichain bridges have switched over to only using ERC20's and requiring users to wrap ETH into wETH to use them. There's even talk/grumbling that the Ethereum blockchain should just provide a special interface allows someone to treat their ETH balance as ERC20.

Thanks for the explanation!

I'm a senior developer with a massive breadth of knowledge. I read like crazy. I have no idea what you just said. I'm sure I could probably understand after a some research. The point is: this stuff is not for the average Joe!

It's like the famous quote by some dude: "A monad is just a monoid in the category of endofunctors, what's the problem?"

But why wouldn't the contract decline this kind of 'invalid' transaction? It is invalid as it is now stuck over there forever, meaning it's a case that should be rejected.

So it's super-bad UX where radically different interaction patterns are used for what are to the user similar kinds of interaction, creating a trap.

The thing is that there are enough frontends using this smart contract where you can simply chose 'WETH to ETH' and you'll get the right transaction. For whatever reason this person thought it'd be a great idea to interact with the smart contract directly. This is possible and fine if you either know what you're doing or read the smart contract beforehand.

This user unfortunately did neither.

> The thing is that there are enough frontends using this smart contract where you can simply chose 'WETH to ETH' and you'll get the right transaction. For whatever reason this person thought it'd be a great idea to interact with the smart contract directly.

Getting out of the supposed user-opacity of legalese to something that was safe and reasonable for a non-elite-priesthood users to understand, trust, and interact with directly without an intermediary was, I thought, the whole allure of smart contracts over using the old-fashioned dumb kind to manage transactions and business relations.

Ive been thinking about this in my own smart contract designs: cant a contract have a approve and transfer method that can accept an erc20 contract hash and transfer method from its ABI? Allowing that contract access to the erc20 tokens sent/assigned to it?

And WETH is "Wrapped ETH" because of compatibility and protocol issues (ERC-20)

> A known problem with ERC-20 tokens is that transferring them to a contract that isn't made to access them is equivalent to burning them.

Is this a bug or a feature?

I'm an average Joe and I understand what you explained and thank you for it.

Simple enough, right? /s

Can someone explain this in plain English for a newbie that isn’t familiar with these complicated crypto technologies?

Imagine there's a machine that you can deposit dollar bills and it registers in an internal database how much you have. The machine calls these stored values as wrapped dollar. You can withdraw your wrapped dollars back as dollar bills whenever you want.

This machine also allows you to send these wrapped dollars to other people - it just subtracts from your balance and adds to the other person's.

What this guy did is transferring his wrapped dollars to an address no one controls instead of withdrawing as he should. This address was the machine's address, but it's not programmed to handle the balance in it's own account and it runs code that can't be upgraded, so any values sent there are lost.

In this example dollar = ETH, wrapped dollar = WETH, machine = the WETH smart contract.

The real problem here was thinking a ETH transfer (dollar bill deposit in the example) works the same as a WETH transfer (database transaction in the example).

Thanks. This all sounds so complicated and frankly scares me away from using these technologies. I would be worried about making this kind of mistake or worse.

The future of currency ladies and gentlemen. This money is literally gone. Unrecoverable. Like he took the money out to a barrel and burned it. Only he didn't get any warmth out of it in exchange.

Considering the emissions of all proof-of-work-based Blockchains, he probably warmed all of us.

ah. Such an easy setup, it was a sure thing I'd be second to the party.

thats pretty funny but for anyone else that wants to learn about this stuff, proof of work blockchains use the same energy whether transactions occur or not

ironically this seemingly would actually bolster the argument against Proof of Work, but its probably more convenient that people are easily swayed towards inaccurate arguments

Since I'm mining ETH when I'm not gaming, he maybe warmed me.

You have to waste energy to create ETH because ‘inflation baaad‘ but destroying ETH is possible by accident. Crypto bros should really take some macroeconomics courses.

Why are those related?

The purpose of requiring energy to operate the network is to have something at stake when enforcing rules of the system. You could have unlimited or even arbitrary inflation of the currency while still requiring proof of work.

Hence, the rule that is being enforced by PoW here is that sending to a "wrong" address is not reversible.

If inflation was bad, would destroying ETH not be a good thing since it leads to what's effectively an instant deflation of supply?

Deflation of actual currency is worse as it promotes hoarding. If something becomes cheaper tomorrow than today (deflation) then I am incentivized to not spend my currency. This grinds the gears of economic activity. Of course this only matters if you expect cryptocurrency to act like a currency.

Destroying ETH is indeed widely considered a good thing. Since the middle of last year, a portion of the fees for every transaction is burned and most ethereum people seem very pleased by this. I've lost track but for a long time last year, ETH was indeed deflationary. The sense is that the value of burned ETH is distributed to everyone on the network in proportion to how much ETH they have.

I don't think it seems so great though...

Eth is currently still inflationary overall, more is minted than burned in the majority of blocks.

The parent might be conflating inflation with the price of Ethereum going up? It's a common perception. But at least in the crypto world, inflation is understood as the value of the currency going down.

I recommend they start with microeconomics, though. More relatable and it would tell them about human nature, first.

Maybe the real WETH was the friends he made along the way?

At least the rest of the planet got a little warmer /s

Ether isn’t intended to be used as a monetary currency like a dollar (reasonable stable). Its purpose is to pay for EVM instructions which are priced in gas.

This is like saying because shoes happen to be worth money (sneakers/trainers) and because people happen to speculate on the price of shoes that the future of money is shoes.

Bitcoin claims to be currency, Ether (used to pay for execution fees on Ethereum) does not.

Everyone else holding eth just got a little richer :)

> Unrecoverable.

I'm not very well versed in this stuff, but surely the tokens he sent are somewhere right.

Like if you sent $500k to a bank but put the wrong account number in, the $500k would still go _somewhere_. It might be difficult to recover, but it's not like the money just disappears.

They are in location X and it has been written into code that there is no way to ever remove them from X. The only difference between throwing this "money" into a black hole and this is that you can see what's in this black hole once it's in there, even if you cannot remove it.

The only way to ever fix this is to rewrite the history of the blockchain which means forking the entire ETH currency by getting all mining/record nodes to agree to it.

Long story short: Virtually unrecoverable without large coordination from the entire ETH community.

It's a possibility if your name is Vitalik Buterin

Hard to say but my guess is that no, even he can no longer pull this off. I think he used his one freebie.

Yup. One more freebie hardfork that reverses (okay not "reverses" techbically but forks away from a previous state) some mistake/hack and Ethereum would lose trust especially competition between chains (EVM or otherwise) is so high.

They would gain trust for returning all of the WETH accumulated in all of the contracts where it’s been idled due to PEBCAK, in concert with a code fork that refuses to accept such transactions. That would be a sign of maturity and intelligence to bankers, and influence their consideration of whether Ethereum might be a viable platform for their financial business someday.

This idea would be antithetical to decentralization of cryptocurrency, but I think that since this issue is a platform level problem (e.g. future contracts can also introduce this) what is needed is a set of mediators/arbitrators (we can call them "judges" that hear these cases and have a technical mechanism to correct them without a fork.

In order to select these judges, the community can elect them directly or elect a board or leaders to select them indirectly.

Of course these corrections would require gas, so they may need to add a small additional gas charge to transactions to fund this group and perhaps also their salaries. We can call this extra gas a "tax".

In summary: Stand up an entire government around ETH in order to ensure the benefit of judges and humans can override code. Once you do this though, you have a central ruling authority with an in-code constitution, but parts that take place in a human judgement realm.

I set this up partially in jest of blockchain currencies in general, but I do actually say this seriously. I think that purists of decentralized code only control will hold back any possible benefits that cryptocurrency could bring. The situation above still has benefits from a monetary fiat system run by a nation state, though I think severely less than what the cryptocurrency ideal is. Some include:

- There is no nation state attached to this centralized ruling body and itself can be decentralized and beholden to no nation

- All transactions and reasons of the body can still be public and on open API's for people to integrate and monitor with modern tech

- The loose "untraceable" or general "freedom" arguments that come with a blockchain would still hold so long as the community with these tenants maintains control of the board / judges / leaders.

You jest, but “stand up a government” is a primary barrier to entry to being considered a “fiat currency”, which makes sense given the drawbacks of trying to qualify as a currency without one.

A banking-grade currency would have reversed the WETH transactions and prohibited new ones. Ethereum has refused so far to do so, even though it’s in their power to hard fork. Whether or not you view them as a currency, that’s not the sort of behavior that engenders a perception of financial trust and safety in their work.

Some other blockchains do actually have "governance" somewhat along the lines of what you've described here.

So all that is needed is forcing a bunch of people to do something. Not much different than forcing a lot of people to do to war, so not impossible.

Lets imagine, hypothetically, that some mafia boss, big company, users would create a lobby, the "platform of people affected by Ethereum" that would lobby to force a fork for a fee. Lets say 50% percentage of your lost money if we are successful, that is still much better deal than having no money at all. And then would use some tool to convince/coerce/bully everybody to restore it or just would mess with the process to force it. Would be this possible or a probable outcome after enough amount of time has passed?

Actually in the case of the bank, no. Conventional money is numbers just like crypto. I think the difference is in the case of conventional money, someone is empowered to manually override the transaction and make you whole.

As I've said in the past, money is a technology, and this kind of override mechanism is built into the design of conventional money, but not into the design of crypto.

Unfortunately in this case, there is literally nothing anyone can do. The Ethereum is sitting in dead space not associated with any address. It's literally untouchable since you cannot change the contract.

Hopefully this isn't the person's life savings.

A smart contract has a set of behaviour as written in code: nodes on the network execute the behaviour. This contract doesn’t have any code to undo a mistake like this, so it is impossible to recover them.

Thst said, the network is a group of machines all agreeing together on what is the correct behaviour, and that can change, so while it is not impossible forever — Ethereum might release a new feature that allows people to reclaim tokens in this circumstance — it is impossible unless the majority of the network agrees (see: The DAO hack and the corresponding fork to recover funds).

Unless I have got this wrong (I don't understand this very well at all), the reason the DAO fork happened is that it disappeared some important people's money and they had the clout to alter everyone else's cryptofinancial reality to get it back.

There would seem to be disincentives to prioritising fixing problems like this that affect unimportant people.

It strikes me as valuable to the crypto world that the mainstream media criticism of cryptofinance is that it is environmentally unfriendly. That is almost a distraction from the fact that it is antisocial and nihilistic.

can the code be corrected though

it sounds to me like the fix would be create a new map that maps account ID -> tokens, where account ID = the "sender" account where the tokens came from, and do the migration to move these 'orphaned' tokens into the right buckets.

admittedly I guess that would break everything/trust if someone can just rewrite the code to say who has what tokens!

> can the code be corrected though

A defining feature of "smart contracts" is that the code is immutable once deployed, and can never be upgraded or bug-fixed.

There are actually some approaches that makes smart contracts "upgradeable" but it involves using a special base class that proxies everything through delegate calls.

But yeah you're definitely right about the nature of the contracts being immutable, unless that immutable code contains some setter that delegates the function calls to some other contract.

ERC-721 (NFTs) actually has a nice way of dealing with sending NFTs to an incorrect address by checking if it implements a special interface if the recipient is a smart contract. But any measures come at the cost of extra gas so they are usually avoided.

Doesn't the WETH smart contract store all the tokens it receives at its address? Doesn't anyone have the private key of that address?

It's been quite a long time since I have been playing with smart contracts and I don't actually remember what happens when a smart contract is created.

Don't know the code for specific code for that contract but contract wrapping/unwrapping doesn't necessarily imply that anyone can withdraw ethers sent via normal means. If the contract is upgradeable it would be possible but being upgradeable should be built into the contract first.

From what I understand smart contracts are immutable, so this "bug" can only be fixed by publishing a new contract which is by definition independent from the old, i.e. unable to access or manipulate any tokens (like these) that belonged to the old one.

Additionally, apparently contracts may rely upon one another, and a bunch of the contacts that utilize this WETH token depend upon the existing contract. All of these (and their dependents, recursively) would also need to be updated.

I.e. the money is gone unless there is a large concerted effort, but no one should reasonably expect this.

The tokens are no longer associated with an account ID, so while the token data is on the chain there is no way for anyone to ever include them in a transaction.

In this case it's absolutely unrecoverable.

It is right there where he sent it. It really did not disappear. It will just sit there forever, very well documented, and very well out of reach for all of us, for the end of all times.

> It really did not disappear. It will just sit there ... very well out of reach for all of us, for the end of all times.

Yeah, that's what we call "disappeared" in English.

They are indeed somewhere, but impossible to recover without cooperation from a large number of people who will be opposed to it. This happened to one of the co-creators of ethereum when his company Parity had a bug that caused them to lose millions of dollars of funding (which I think may now be worth billions) locked in a contract, much like what happened here. He tried to rally people behind a network fork to undo the change, but it didn't work. I believe this experience has a lot to do with his own blockchain project (Polkadot) having an explicit governance process that is and to change things like this without a network fork.

But this ship has sailed for ethereum!

In an accounting system, everything must always sum to zero. That means every transaction has to balance, so nothing can "appear" or "disappear", it has to come from somewhere and has to go somewhere.

Imagine you ran a private currency called Mate Dollars (M$) for you and your mates to exchange with each other "off grid". You decide to introduce the concept of loans. A transaction which lends 1000M$ to MateA would look like this (in ledger[0] format):

  2022-01-30 Loan to Mate A
      Accounts:MateA       1000.00M$
      Liabilities:MateA   -1000.00M$
This a perfectly valid transaction. It sums to zero. Now Mate A can "spend" this money, maybe he buys some goods from Mate B:

  2022-02-01 Goods
      Accounts:MateA    -500.00M$
      Accounts:MateB     500.00M$
Now Mate A and Mate B both have 500 Mate Dollars.

Eventually Mate A will have to pay back his loan because the bank (you) will charge interest on any current liability:

  2022-02-30 Loan repayment
      Accounts:MateA      -1000.00M$
      Liabilities:MateA    1000.00M$
Now he's paid back the loan.

Now from inside the system, nothing was ever created or destroyed. But from outside the system (ie. the real world) it looks like money was "created" at "Loan to Mate A" and destroyed at "Loan repayment". From Mate B's point of view, Mate A always had that money. He doesn't know anything about the bank loan.

Between those two transactions, 1000 Mate Dollars existed, but it was just a ghost in the machine.

Replace "you" with Barclays Bank, "Mate Dollars" with Pounds Sterling and "you and your mates" with the public above and you now understand how "real" currency works. 97% of money we use is just a ghost in the machine between a bank creating it via a loan and the borrower paying it back.

So, you see, money appearing and disappearing from thin air is not a feature of crypto at all. It's just an illusion. It's what it looks like to anyone outside of the ledger (ie. everyone except the bank).

The ETH transaction is the equivalent of you (the banker) making a promise to Mate A to keep his money in an account that can never be accessed by anyone, including him:

  2022-01-30 Silly transaction
      Accounts:MateA      -1000.00M$
      Dungeon:MateA        1000.00M$
The account "Dungeon:MateA" will now always have a positive balance for as long as you keep your promise.

Unlike you, the Ethereum blockchain is incapable of ever breaking this promise.

[0] https://www.ledger-cli.org/

I use plaintextaccounting too.

So in your example Dungeon:MateA is a balance for the other side of the transaction - it does exist, there's a record of it. The money/tokens/matebucks have not "disappeared", but the mechanics of the "promise" means that nothing/no-one can do this operation

  2022-01-30 Silly transaction
      Dungeon:MateA      -1000.00M$
      Account:MateA       1000.00M$

Exactly. They've "disappeared" from outside of the ledger, in the sense that those tokens will never be involved in another transaction so won't be "seen" again by anyone else. But they can never disappear from inside the ledger. That would violate the rules of accounting.

My main point with this is this is how the current money system works! People seem to think money can disappear in crypto but not in the real system. In fact it's quite the opposite. In both systems from the ledger's point of view nothing can appear or disappear. But in the current system, since the ledgers are controlled by private entities they can make stuff appear from the public point of view by creating loans. In crypto the ledger is not controlled by anyone.

Essentially the big problem with finance currently is the people who control the ledger are also allowed to create loans inside the ledger! It's a huge conflict of interest and obscenely privileged position.

Imagine doing this with your life savings

Or even worse, with the life savings of other people.

Since no one seems to think about how this could have prevented, here is a simple way, which I've applied to lots of things in life, not just cryptocurrency transfers:

- If you're making a transfer somewhere with a large amount, do a small transfer first and verify it's working. Confirm at the receiving end before moving big sums.

- If you're calling a contract, try it with a small amount first. Verify the parameters multiple times, and verify the return values multiple times.

- If you're doing something with a huge sum of money, do it in steps instead of all-at-once. Fees won't be as big since you're already dealing with a huge sum of money anyways

- Verify verify and verify that everything went alright with the small sum before trying to do something with a big sum

- If you're tired, don't do it. Wait until you got some sleep

- If you're rushed, don't do it. Wait until you're not rushed, have a tea and think about it

- When in doubt, verify it and don't be tired

- If you're not an expert, have someone who is do verification above for you

Simpler way: use real financial instruments. Traditional financial systems have had solutions for errors like this for centuries.

Reading the reddit thread; it seems like this individual was an OG miner and just held ETH for many years. His previous time investment matured, and he decided to finally cash out.

lol cash out by probably trying to hide it from exchanges and then pwned themselves in the process.

exchanges would take ETH without wrapping it

to get real fiat/cash (not tether) you need an exchange, or meet someone on the street I guess (but you might get held up or something that way).

Obviously, my comment applies to people wishing to do transfers via cryptocurrencies, for one or another reason. Sometimes it's not possible to do transfers via the traditional financial system, or desirable. My comment was written for those who wish to use it, but want to make sure it gets right.

Traditional financial systems don't have solutions even for small typos [1]. Modern financial systems on the other hand have switched to IBAN which has a checksum.

[1]: https://www.theguardian.com/money/2019/dec/07/i-lost-my-1930...

Accidentally transferring half a million dollars to the wrong external account is going to be an absolute mess to recover. There are ways to stop it if you catch it RIGHT away, but it will turn into a nightmare pretty quickly.

Lol verifying with small amounts takes like 5 extra minutes, messing up and having to jump through hoops to fix your errors will take days, especially if you do it on weekends or holidays. And they may not be reversible easily, e.g. IIRC one bank accidently paid off the loan of one of their boderline-default customers to another bank and then couldnt get the money back.

> IIRC one bank accidently paid off the loan of one of their boderline-default customers to another bank and then couldnt get the money back

That was a story because it was an incredibly unusual set of circumstances that meant they didn't get their money back - the bank owed the recipients money to repay a loan, and as such the money sent could easily have been a prepayment of the loan, which often happens before legal action is started, as happened a couple of days later. There was no way to distinguish an intentional action and a mistake here, hence the court ruling in favour of the recipient.

> - If you're not an expert, have someone who is do verification above for you

I would modify this to

> - If you're not an expert, have someone who is do verification above in addition to you (not instead of you)

Sounds great. I'm sure there's checks in place to ensure the smart contract can't have different logic for small amounts and large amounts. Right?

There are many ways to check that, yes.

But the best way is to use a trusted contract.

The other ways are pretty absurd burdens to put on a user.

- If it's complex and not automated, make a checklist, print it, check it off line by line.

I love how everyone assumes that the ETH blockchain is immutable and there is nothing that can happen to undo any of this. Did everyone simply forget when the Dao had a contract bug and the ETH devs literally just rolled back the transaction?

So crypto is immutable, "code is law", decentralized, whatever, until people need to roll back transactions and use centralized exchanges because "they already solved these issues"? Seems like a whole lot of global warming just to re-invent a terrible imitation of banking...

> decentralized

After reading Moxie's blog post on web3 [1] I feel it is a stretch to call anything Ehtereum-based decentralized anymore when this many applications use Alchemy or Infura as providers for their Ethereum nodes.

[1] https://moxie.org/2022/01/07/web3-first-impressions.html

Thank you for that link, I see it was posted to hn, but gained little traction.

It certainly puts words to my feelings around current "crypto" trends as someone (probably like moxie) that still remember the first wave of cypherpunks[1] and dreams of digital currencies.

It feels strange when a lot of smart people insists on something that's obviously false in a practical, real-world sense - and it's nice to see someone else shine a light on that, and explain in simple, correct terms what's actually going on.

I wonder if there are any emerging systems that are more likely to realise the idea (ideals) of digital currencies and smart contracts?

I had hopes for etherum, but now I'm thinking that if we'll ever get there, it'd be in the next generation (call it third generation, bitcoin being first, etherum second - and earlier things generation zero).

I'm thinking it would be proof-of-stake, and somehow viable as real peer to peer, or split in a more sane way between infrastructure and "wallets".

[1] See eg this for a summary and some pointers https://nakamoto.com/the-cypherpunks/

3392pts and 1129comments is "little traction"??


Eh, no. Thank you for that. But that's not what I found when I searched.. Strange. I found this:


It's not just nodes. It's also

- exchanges

- mining pools

- mixers

- oracles

Also, core devs and all stable cryptos are "centralized" by definition. This whole ecosystem is just cancer to a traditional society. It's not an evolution.

Cancer like in the health issue? Or cancer like how Open Source (GPL) was a cancer back in the 2000s?

Something happening once does not mean it will happen again. There have been numerous huge hacks in the past 5 years, even where the losses were from the most influential of holders and no action was taken (e.g. parity bugs).

A bug and reversal occurred in the first few years of Bitcoin's existence that has effectively meant that Bitcoin won't reach the stated 21m coins exactly.

It's guaranteed at this point that there won't be any further reversals.

The point is that it can happen if enough influential individuals in the eth community want it to happen, it is a social software not "immutable", and this will be further enshrined if PoS ever becomes a reality.

Bitcoin has the same problem, and cryptocoin enthusiasts are fooling themselves if they think that miners won't raise the 21m cap when the end of Bitcoin rewards start looming.

> 21m cap when the end of Bitcoin rewards start looming.

This has actually already happened with Monero. The mining reward schedule was much more aggressive in it's diminishing returns. Once the mining returns cross a threshold of not being able to sustain the cost of mining things dried up very quickly. Devs jumped in and added Tail Emission [1] so that all blocks have a fixed reward of 0.6 XMR that will never change or go away.

[1]: https://www.getmonero.org/resources/moneropedia/tail-emissio...

Anything can be done using a fork. But the days of a chain (read as "only bitcoin & ethereum") doing any kind of deep state change and coming out the other side as the winning fork are done. The stake holders are so diverse and so invested in the values (i.e. immutability, scarcity) that any such fork is doomed to failure.

We found out with previous Bitcoin forks, how influential companies and miners are. 21M is non negotiable, and which stakeholder would want to dilute themselves?

> But the days of a chain (read as "only bitcoin & ethereum") doing any kind of deep state change and coming out the other side as the winning fork are done.

When it comes to miner prerogatives the day is never done, they are the sole arbiters of what "winning chain" means, and when they are incentivized to act in unison their will is indomitable.

> and which stakeholder would want to dilute themselves

Miners. Based on your definition, "stakeholders are diluted" every time miners make money, so if the choice is between continuing to make money or not, it's pretty obvious what decision they will make.

I suppose there's a possible future where the miners do nothing and bitcoin transaction fees skyrocket in response. At that point I would expect a mass exodus to altcoins with cheaper transaction fees, but I don't see the miners acquiescing to this future.

> It's guaranteed at this point that there won't be any further reversals.

What if a new bug is found and someone moves all coins to some impossible address?

It's a relatively small amount and I don't think that the original poster is connected enough. It's immutable for them.

It is immutable, unless in some cases it is not. However of majority of us plebs it is practically immutable.

Isn‘t that exactly like the status quo with banks?

It's exactly the same with banks, except "we" (normal plebs) cannot actually see when it happens, as compared to blockchains where all data is public. With banks it happens all the time, but no one knows, so it doesn't make the news. When it happens in blockchains (that one time), it's very obvious so it makes the news.

Why is it such a hot feature that you can see every transaction, though? Why do you care if I got my bank to revert one of my transactions?

I'll make no argument for/against cryptocurrencies here, as the discussion if it's good/bad is futile. My comment is just a statement of fact about the differences/similarities of what we have now, and what cryptocurrencies offer.

How is it at all the same? The banking system is not immutable, the chargeback for example is available to all the "plebs" and we make regular use of it when transactions go awry.

Bank transactions are mutable/reversible by design and by law. It's quite the opposite from banks.

Really? Access to the legal system doesn’t vary based on how pleb you are?

Normally you do not have to actually directly interact with the legal system to reverse a fraudulent bank transaction. The banks have internal policies to comply with the legal system, because the other outcome is more expensive for them.

Um, what? I did. Banks didn’t do anything when I got defrauded by wire except tell me they can’t do anything.

If you initiated a wire to the wrong account, that's one thing. The banks will not reverse this sort of transaction, to my understanding. If someone else fraudulently initiated a wire from your account, then that's another thing. This type of transaction will be reversed. I'm not sure which situation you're talking about. ACH transactions are a whole other ballgame.

I’m talking about me wiring money to someone who was actually a scammer, same as AI said before.

If your response is “oh well you should have been more careful about that”, congratulations on endorsing the very same defense crypto enthusiasts were giving and validating that they’re not all that different.

I reckon that the wire transfer is one of those things where you get a ton of warnings from your bank that the transaction is normally not reversible, at least it is at my bank. I think it's unfortunate that there are any legitimate transactions that require wire transfers -- I definitely am not someone who endorses the status quo here.

I guess my take is that all crypto transactions have properties strictly worse than the worst type of bank transfer. In addition to being irreversible when you initiate them, they are also irreversible if someone fraudulently initiates them on your behalf. And there is no more secure option that you can use with crypto. There is to my knowledge nothing in the crypto space with security properties similar to an ACH transfer.

Too bad for you, my sympathies. But there is still a huge difference here: Someone has your money; it didn't cease to exist. (So from the bank's viewpoint: "Our books are balanced, it went from one account to another.") In this crypto case though, the money was destroyed by the system; the "bank" "ate" it. At least that shit doesn't happen in the old Alfa Romeo banking system.

Yes, there is a difference in that respect. But I was replying to the parent’t point that, because the banking system is run by humans, obviously they will fix anything for you that a human can identify as a bad result. (Like sending the money to the wrong place or to a scammer.)

It’s kind of missing the point to focus on the narrow issue of “can you accidentally destroy money in the conventional banking system?”

> It’s kind of missing the point to focus on the narrow issue of “can you accidentally destroy money in the conventional banking system?”

No it isn't. That's a huge difference. On the contrary, focusing on “Shit happens in the conventional banking system too!”, that's missing the point, IMO.

It’s not really a difference because you can destroy money in the conventional banking system eg by burning paper money. And it’s extremely important if the defense you’re giving I’d wrong, which it is, if that defense is “humans can come in and correct obviously unreasonable things”.

In both conventional banking and crypto, yes, there are situations of “sorry, you’re fucked, but like, you’re just supposed to know not to do that” (where “that” is send wires you’re not 100% sure of or guard your physical cash carefully).

No offense, but you really seem to be drawing the abstraction boundaries poorly here.

> you can destroy money in the conventional banking system eg by burning paper money.

But that's an accident or intentional vandalism by a user of the system; it isn't built into the system itself.

> In both conventional banking and crypto, yes, there are situations of “sorry, you’re fucked, but like, you’re just supposed to know not to do that” (where “that” is send wires you’re not 100% sure of or guard your physical cash carefully).

In conventional banking the “sorry, you’re fucked” situations don't destroy the money banking is all about handling.

> you really seem to be drawing the abstraction boundaries poorly here.

My "abstraction boundary" (if I understand the term correctly?) is: A system that can have parts that do this -- destroy the very thing it's supposed to handle, "money" -- is a crap system. "Yeah, but you can burn cash!" (vandalism) or "Mistype an account number and the money is lost (to you)!" (not destructive) are not system critiques but whataboutism.

Currency-changing ATMs (do such things exist? If not, why not?) or vending machines like for petrol don't have built-in banknote shredders.

[Edit: Left off half a sentence, screwed up emphases.]

In the banking system every day there are reversals for many mistakes of different kinds even if the amounts are tiny and only ordinary people are involved, and if $500k is at stake, the legal system can be used to "convince" banks to do what's right even if they don't want to.

It was Vitalik’s money. Ethereum is immutable as long as Vitalik doesn’t lose money.

The DAO is a big reason why (culturally) this kind of thing can no longer be done. That was a defining moment for the culture and is seen as a growing pain but also a "never again" moment.

> the ETH devs literally just rolled back the transaction?

That's when some of them were themselves invested in the Dao...

It's so immutable that it can be and was forked at least once... It's immutable as long as it's convenient to a clique of people...

Ethereum has been hard forked multiple times. Bitcoin at least once, too.

It's immutable unless the grifters-in-chief lose their investment.

The only way to roll back transactions is to create a fork of the blockchain. A very politically loaded topic to say the least.

Which is exactly what ETH already did years ago with the Dao. There was no technical reason for the rollback/fork. It was just that too many people would lose money because of a bug in a contract. A contract that explicitly said "this is the code" regardless of bugs. So yeah, lol.

Having watched cryptocurrency from a distance via HN etc. for over a decade, I thought I had a general understanding, but this made me realize I wasn’t aware of what smart contracts really were (just looked up solidity today and details of The DAO hack). The potential for irreversible losses, fraud and security holes are much bigger than I realized.

This also lead me to this video which will now be my ‘go to’ recommendation for anyone asking about crypto and NFTs - it’s a general critique and social commentary of the issues with crypto - not specifically about this case, but I thought excellent, and the first time I think I’ve watched a 2hr vid on YouTube ‘Line goes up’ - https://youtu.be/YQ_xWvX1n9g

> this made me realize I wasn’t aware of what smart contracts really were (just looked up solidity today and details of The DAO hack). The potential for irreversible losses, fraud and security holes are much bigger than I realized.

That seemed obvious from the first time I read the expression "code is law".

If code is law, any bug (whether in the contract itself or in the way the contract is called) fucks you irredeemably and with no recourse. I would expect any dev to shit their pants at the idea, even more so upon realising that the code in question is a half-assed brain damaged cousin of javascript, of all thing.

It also cannot be a legal basis for anything, because the law doesn't treat the right or ability to enter in to contracts as an absolute. Think minors, wards, power of attorney.

Contract law is one of the more mechanistic parts of the legal system, but only up to a point. There are good reasons the legal profession - even corporate law - tends to attract a different set of personality traits to software development.

there's also the concept of a contract itself being invalid even if people have some right to enter it.

E.g. if you sign a contract while hanging off a cliff to give some dude all your assets in exchange for being pulled up, it is invalid in my jurisdiction.

Or if the people signing the contracts did not actually understand what they were signing it can be considered invalid (which would be akin to the mess in TFA).

Contracts are better left to people, rather then computers.

In Roman Law a contract requires consent, which cannot be forced, https://www.lawteacher.net/free-law-essays/contract-law/cont...

So it's not just your jurisdiction, it's probably at least half of the entire world and I imagine even systems not based on Roman Law have something equivalent.

Especially in that real law is left for judges to interpret, and that's a deliberate feature to allow "wiggle" room.

Juries are the ultimate arbiter of law application. For this very reason.

In jurisdictions with juries. It's judges, otherwise.

Even encryption algorithms proven correct later turned out to be critically flawed.

The legal system is such a quagmire because figuring out what is "right" in all scenarios is anything but obvious. That's how we end up with laws we don't enforce and technical legal behavior that will still get you into trouble. But what's the alternative? Robot justices? No thanks.

If the complexity is in the nature of the problem, then smart contracts must contain all of this complexity. But how can you ever write smart contracts that are bug free and deal with every contingency?

Instead of making systems that are buggy, cold, and unforgiving we should be making systems that are more tolerant of human mistakes.

When I saw the phrase "code is law" I immediately thought of all the code I've written in my life, and I'm not even the very worst coder out there...

That is a feature if you plan to hack it

I was quite interested in the cryptocurrency ecosystem around 2017/2018, precisely because of the talks around smart contracts. I see these smart contracts to be just (in my opinion), confusing, error prone addressable state machines. Writing smart contracts (at least for Ethereum) has so many gotchas, that it's almost equivalent to rolling your own cryptography.

I'm not sure if issues around smart contracts are just the tooling, or developers are just rushing to push something out there; but the UX and DX is bad. I was hoping that Cardano would be a blockchain/cryptocurrency pairing that would make me interested again in this space, but their Plutus smart contracts[1] are something I wouldn't touch with a 10-foot pole. On the upside, at least testing Plutus smart contracts with QuickCheck seems to have brought improvements to QuickCheck itself[2]

[1] https://playground.plutus.iohkdev.io/

[2] https://www.youtube.com/watch?v=V9_14jjJiuQ a fun little watch for those that like Haskell

- needed to remove this. sorry.

Any chance of making those logs public some day?

Dead man's switch baby.

your whole comment reads like an ad for that video

I’d say ‘recommendation’ not ‘ad’ :)

This was the related section https://youtu.be/YQ_xWvX1n9g?t=4637s that lead me down the rabbit hole of watching the whole thing

I have no connection other than stumbling across it after seeing this story today and thought the critique tied in well.

I also stumbled across his channel recently (that video seems to have gained a lot of traction) and would recommend most of his content! Very thorough.

Is this a motivation issue with crypto? Here is what I mean. Centralized systems work like a web of tunnels - you can’t send “nowhere” or make a huge mistake, but if your part of a tunnel gets shut for some reason, you’re locked. Decentralized ones are like an endless empty void with point-like islands of ownership in it. You can send anywhere, but make one mistake and it’s over. Now pepper this with our usual issues with code correctness and debugging.

The issue is that people do like tunnels because they feel safe, and empty voids are scary. This incentives to still build and use tunnels around this void, which makes “crypto”-ness just an implementation detail not worth using as is by the masses.

Afaiu, this happens for two reasons: 1, the usual, people tend to forget assertions. 2, the new one, crypto institutions who make contracts are incentivized to omit assertions because runtime now costs serious money. They are like factories where there is no rule of safety yet.

Is the above correct, or is it a true half a million dollars mistake? You can’t trust node_modules as it seems, how can you trust piles of contracts code when there is no support, no takedowns of bad versions and no easily accessible (and decentralized?) audit?

Also, could a type system help in this case?

>Centralized systems work like a web of tunnels - you can’t send “nowhere” or make a huge mistake

You can totally make a 1 digit typo while making a bank transfer that results in all the money being lost.

Perhaps you’ll recover it after years of litigation, but that’s really not guaranteed.


E: downvoted by upset bankers? :)

Bad example. IBAN (https://en.wikipedia.org/wiki/International_Bank_Account_Num... ) for example has a two digit checksum that prevents this and similar simple typos.

Besides the checksum, in some countries (e.g. in many banks in The Netherlands), the given name is also checked against the name associated with the target account [1].

[1] https://www.betaalvereniging.nl/betaalproducten-en-diensten/...

Ethereum addresses also have a checksum. In both systems it's possible to enter the wrong destination address.

How is it a bad example? Not everyone uses IBANs.

And besides, big banks still have to deal with checksum-passing iban typos on a daily basis. IBANs only have two check digits.

> And besides, big banks still have to deal with checksum-passing iban typos on a daily basis. IBANs only have two check digits.

Actually the checksum was designed especially to deal with typos. As such, dealing with typo errors is usually not an issue at all.

What they do have to deal with is maliciously created IBANs though. However, if the account an IBAN should point at doesn't exist then the transaction usually just bounces.

> And besides, big banks still have to deal with checksum-passing iban typos on a daily basis.

That's the thing - they can deal with it. There are fallbacks.

In crypto, your money is just instantly destroyed.

You’re mistaken, they usually can’t deal with it.

They’ll ask the other bank if they’d like to return the money, and that bank will maybe ask the recipient if they’d like to return the money.

The recipient doesn’t want to return the money? You’re SOL. You can go to court, but they can trivially evade civil action by transferring the money overseas.

Those are all things you can try, though. In crypto, again, the money just instantly disappears.

You could still appeal to the developers, it has been done successfully in the past.


Which indeed proves that it can be done.

Ok, you are definitely not arguing this is good faith any longer. Get lost.

What do you mean? If you can convince a sufficiently large share of the community, you can in fact roll back transactions.

This is a massively disingenuous argument, and you know it.

> big banks still have to deal with checksum-passing iban typos on a daily basis

Citation needed.

This is elementary school level math, no citation needed. The modulo 97 checksum offers known guarantees.

I think there's a misunderstanding here. If the customer mistypes the IBAN account number, the bank (website, app etc) will automatically reject it as invalid immediately, he won't have to deal with the customer service.

Yes, but the misunderstanding is on your side.

This is overly simplified so not entirely accurate, but if 100 customers typo their destination IBAN the modulo 97 checksum will probably let 3 of them through.

Wikipedia says that "where used, IBANs have reduced trans-national money transfer errors to under 0.1% of total payments", although there's no source for the claim.

0.1% of total payments, i.e 1 in 1000 payments. That’s not 0.1% of typos but all payments.

I have more than once typed ref-number into the amount field. Ofc a transmission of $9765775689758 won't succeed, but if it did, I'm told there's little to be done about it, finders keepers.

Yeah, if you do that and the other party runs off with the money you’re screwed.

You can certainly pursue the matter in civil courts, but law enforcement does not like to touch this kind of stuff at all. If the recipient transfers the money overseas, you will most likely never be able to recover it.

I don't think that's the case everywhere. In Switzerland at least, if I send you money by mistake, I can claim that money back and you would have to give it back to me, even if you have spent it already - unless you can reasonably claim that you were unaware that this money was not meant for you.

As a result, if I received a large amount of money that I coulnd't explain, I would contact the sender or the bank first. I can't just spend it immeditaly and claim that I had no idea.

Yeah, good luck getting that money back if the other party doesn’t want to play along. Enforcing court judgements isn’t easy in these situations.

Where would it be non-reversible? At least in Europe you totally do not own money that is transferred to your bank account by mistake. You'll have to pay it all back. There have been court cases after people spent such windfalls, and yes, they are still in the hook for full returns.

If the recipient of the windfall is not honest, they can just move the money to another country.

You can go to court and get a judgement against someone with no assets to collect. In the end you’ll just have lost even more money.

This is a really good case against crypto.

In the crypto case of this thread, the OP made a mistake and there's no process to fix it. 100K's lost. There's no avenue for recovery.

In the banking case of your link, the man made a mistake and was able to correct it, despite the bank working against him. 100K's lost and recovered.

In the case of the bank, it sure wasn't perfect and definitely should be better. But ultimately, the bank not only paid to recover the money, but the banking system (according to the article) is at least promising a fix for the underlying issue that a simple mistake in writing digits can lead to missending funds.

Also: crypto is touts its trustless nature as a positive. But note that trust is the lever Mr. Teich used to get Barclays to pay the cost of recovering the funds. Barclays only paid after their reputation was threatened, and of course, trust is based on reputation.

But at least in that case, it's possible to get the money back. In this case, isn't the money absolutely, totally, 100% gone forever?

Sort of? You could appeal to the Ethereum developers, they could reasonably recover these funds without upsetting anyone too much by just refunding all WETH transactions sent to that contract. (This is the root of the spiritual disagreement between Ethereum and Ethereum Classic)

Of course you’re more likely to succeed when it’s real money and the other party has to worry about getting sued.

But even in the case of a bank transfer, the other party can abscond with your money and it’ll be extremely hard to recover since law enforcement probably won’t help you and (especially international) litigation costs can quickly render such an endeavor far too expensive.

If you read the followup, that man ended up getting his money back. Additionally, it would be astronomically unlikely to make a mistake like that nowadays because confirmation of payee is used so widely (banks check that the name of your recipient matches the intended name before completing a transaction).

[0] https://www.psr.org.uk/publications/consultations/cp19-4-con...

But this costs us much much more than 500k in sum

> You can totally make a 1 digit typo while making a bank transfer that results in all the money being lost.

Difference being that it isn't "lost" -- not in the sense of vanished from the face of the Earth, gone, ceased to exist. It's only lost to the sender, but it still exists; someone still has it. Sure, the wrong person or entity, but still: It's not gone from existence. Only CryptoCrap does that.

Americans do not understand money transfer, they are still using cheques and western union.

To everyone: If you wrongly send money to a mistyped IBAN it is gone.

I made a transfer with a mistyped IBAN once in the online interface of my German bank. The bank called me a day later and said that there’s something wrong with my IBAN, so I double-checked, realised my mistake and did the same transfer to the correct IBAN. I did not loose any money.

every online interface would check the IBAN checksum, this seems like a bad bank or a bad story aka lie.

But that's very unlikely because IBAN has a checksum precisely to prevent typos.

Plus banks in Europe have a transfer reversal grave period so you just call them and they'll most likely be able to undo the transaction.

I'm not sure about IBAN, but in the UK there are multiple layers that help you avoid sending to the wrong account. However, if you do ultimately send money into an actual incorrect person's account, the only thing the recipient's bank will do is to ask them to send it back. They will not give you contact details or anything else.

TIL - more on IBAN checksum:

> The IBAN check digit consists of two digits in positions 3 and 4 of the IBAN. It is calculated using the MOD97 algorithm and provides the primary integrity check for the IBAN standard.


> mistyped

Very unlikely, the checksum would prevent that.

And most banks (even though I’m unsure it is mandatory) will check the recipient, if totally mismatched a warning will be raised.

But if you send money to the wrong iban+recipient, the money is gone.

It is not gone. You may have to go through courts if the recipient does not return the money voluntarily though.

You will not have any luck enforcing that court judgment if the recipient does not want to play ball. All they need to do is transfer the money to another country.

It is very unlikely that law enforcement would help you in a situation like this, especially internationally.

> To everyone: If you wrongly send money to a mistyped IBAN it is gone.

You clearly have no idea how an IBAN works. It has a checksum exactly to avoid mistyping.

And even if you send the money to an valid, but wrong, IBAN then one of two things happens:

* The account doesn't exist -> transaction bounces * The account does exist -> ask for money back, worst case go to court to recover it

But the money is not gone. There are no black holes just swallowing everything up.

To everyone: the above is wrong.

There’s SWIFT, and they have a reasonably good dispute mechanism, at least for cross border payments.

What would really help is if the recipient had to prove they can spend the money they're about to receive before they receive it.

Which is in fact required with cryptocurrencies using the (pure) Mimblewimble protocol.

I lost 4.5K transfering USDT from Binance to Coinbase From time to time I check if the money is still there.

The last time I asked Coinbase support they didn't even bother to answer me.

I was not investing, one of my contractors unilaterally decided to pay me in crypto.

> I was not investing, one of my contractors unilaterally decided to pay me in crypto.

Why didn't you tell him that you wanted to be paid in real money?

Yup, their response was crypto or nothing

I hope you weren't involved in helping someone launder money.

Because then they would say "ok, here's crypto".

That's not usually how contracts work (in the sense of the actual law, not this smart contract bullshit).

Try enforcing anything overseas..

If I told you in the contract that I'd pay you in iphones, I'm pretty sure you would have to accept them as payment?

How was the USDT lost?

Transfered from Binance to a Coinbase BTC address

I am not sure but he may not have entered provided MEMO other than the wallet address.

there's about $20b worth of eth in the weth contract. $1.1m of eth has been lost this way (so op's lost weth is about 45% of all weth lost from transfers). https://etherscan.io/address/0xc02aaa39b223fe8d0a0e5c4f27ead...

Crypto gets dumber by the day.

What’s the other 20b worth of eth for?

most smart contracts that deal with tokens (swaps, borrowing, etc) use the ERC-20 standard. WETH is a simple smart contract where you deposit X eth and you receive x weth in return (where weth is a token that adheres to the ERC-20 standard). you can then use that weth to swap, borrow and lend in the same way you would with any other erc-20 token.

most users never have to deal with the WETH contract because defi platforms will automatically do the wrapping/unwrapping for you.

the vast majority of the WETH minted by this contract is used for

a) providing liquidity on DEXs (where ~ 50% tokenA and 50% tokenB are deposited to collect trading fees)

b) collateral in a lending platform (e.g. deposit WETH and borrow USDC)

c) bridged to another chain (e.g. bridge WETH to Avalanche or Solana or whatever)

people send eth to get weth back, weth is an erc20 wrapper for eth - wrapped eth

The infographic that's probably the source of it all: https://weth.io/img/WETH_04.gif

> You are now the 265th person to do this but you contributed 45% of all the WETH in the contract.

I feel like this should be the takeaway. Instead of blaming users there should be some system that allows patches, updates and new features to be published to these smart contracts. It just seems silly that any programmer would think it’s a good idea to publish some code you can’t patch and horrifying to let that code scale to this size without being able to correct any of your original assumptions.

There is such a thing as a "proxy" contract. The contract can delegate to another "delegate" contract that actually performs the functions you want. The proxy contract also has a function that allows the owner to change the address of the delegate contract. If you tell you users to interact with the proxy contract then they will always interact with the latest version of the delegate contract.

Some ERC20 tokens implement this but I believe many do not.


How is the proxy contract tested - wouldn't you need to create a proxy-to-the-proxy contract just in case there is a bug and need to point it to the fixed version?

There are a couple design patterns for this

265 people made a mistake which deleted their money. How is crypto still so broken at a fundamental level after over a decade of work.

265 people made a mistake in this particular way deleting their money. Given the amount of cryptobank scams and hacks, lost wallets etc I would not dare have any significant value in cryptos.

Like the people that have made them self a fortune on crypto need to understand that it is psychology a different thing to put fresh money into the system from just extracting profit made from almost nothing.

I've lost bills before, forgot to check change, that was all on me.

At least in that case someone actually got the money. In this case there was a valid transaction to a valid address that no one owns and no one can access.

Not if the money were say burned but at any rate, someone 'gets' them here, too - all holders' get the value of their eth proportionally increased because of the decreased amount of eth in circulation.

The incentive of any crypto/web3 app is short-term greed and not building a trustworthy system.

If I was not 100% confident in performing this transaction (which I would never be) I would send $1 as a test before sending the other $499,999. Is there a technical reason preventing one doing a test transaction first?

Even then, whenever you’re dealing with large amounts there’s risk. E.g., early on in Bitcoin’s development a user lost a lot of Bitcoin by making a small test transfer, not realising that the change (their remaining balance) was sent to a new address in their wallet. But they were running a bootable Linux Distro from a CD and didn’t save the wallet back to a USB or other permanent storage. So they’ll never have access to those keys.

How was this possible, for the change to be sent to a new address? If I understand correctly what you're saying is that the account was split in two: one part went to the wanted destination and the rest to an unwanted destination.

Yes, this is how Bitcoin is designed and has worked from the beginning. The problem is his wallet did save the private key for the change address he just didn’t save the wallet, so it was lost - the changed address wasn’t unwanted, it was wanted, it just didn’t get saved. I believe early Bitcoin wallets generated addresses randomly so you couldn’t recover everything from a seed and had to save your wallet.

Ah, that sounds like lovely use case for average users with higher than 0 chance of blackouts... Right timing bad design(sensible one) and it is all gone...

So in the end regular user probably ends up doing everything on centralized wallets or exchanges and then those are likely to do some off-chain book keeping as that is cheaper... Brining us back to banking...

The downside to doing this is you have to pay the transaction fee twice, once for the $1 and once for the $499,999. The transaction fee is a fixed amount irregardless of how much is being transferred, so it's definitely better to pay the fee twice than risk losing it all if you are even slightly unsure.


Friendly heads up - this isn't a word, and also happens to be one of those slip-ups that people will judge you extra hard for. Say either "regardless" or "irrespective".

It most definitely is a word irregardless of your feelings about it https://www.merriam-webster.com/dictionary/irregardless

Fine. It's not a [standard, generally accepted] word.

Feel free to disregard my advice, though; it's no skin off my nose if you don't want to sound like a "native, educated speaker".

Native, educated speaker here: Nobody cares and everybody understood what they meant.

I always appreciate grammatical corrections, and I know non-native speakers that do too.

A friendly correction of a non-standard word does not deserve derision.

What do you mean generally accepted word? A word is or is not a word . Dont get butthurt because you were pointed wrong after trying to correct someone.

Sheesh. No good deed goes unpunished, eh? From the link:

>We label irregardless as “nonstandard” rather than “slang.” When a word is nonstandard it means it is “not conforming in pronunciation, grammati