>...However, they were later slightly more optimistic, writing, "it may also be the start of something good... there may be a path forward. We don't want to comment on next steps until that path is at least visible to us"
How on earth can people just shake off a loss of $182MM? And is this one of those contracts? Have the courts ruled that code is law, and that a poorly implemented and exploitable contract is legal? There is so much wrong with this.
Wall Street “shakes off” losses with massive Congressional investigations, new laws, people jumping out of skyscraper windows, new rules and regulations that greatly limit what they can do.
None of that happens with crypto, which has lost more money in scams than Wall Street has in a decade, despite being a fraction of the size of Wall Street.
A loss to some, but a huge win for the ones who took the money. The crypto evangelists should start promoting this aspect of the space: "It isn't really stealing if the code was bad!"
Should be the opposite, this is not even 1/10th of 1 percent of what's stored in defi. This shouldn't even be huge news. I don't even see any links to bug bounties on their site.
I should know better than to comment in crypto threads, the "discussions" are rarely interesting. Here's the meme, you'll understand why it's so fitting. There's probably a more proper name for this type of fallacy but I don't know it. https://youtu.be/A-RfHC91Ewc
Yes, they are. Things don’t have to be the same to be comparable. People compare them all the time and very reasonably so. “Should I put my money into traditional finance or defi? What are the pros/cons?”
An axis that should be compared when choosing a finance system is “how likely is my money to disappear?”. A single event where an amount of money that’s this fraction of the overall system and this much value is a newsworthy, meaningful, relevant, comparable event.
> “Should I put my money into traditional finance or defi? What are the pros/cons?”
I have no issues with this question, because you want to compare the two and find out what properties suit your goals.
> An axis that should be compared when choosing a finance system is “how likely is my money to disappear?”.
This is not what was being discussed, but it is certainly an important question to ask if that is the choice one is making.
> A single event where an amount of money that’s this fraction of the overall system and this much value is a newsworthy, meaningful, relevant, comparable event.
We already agree that the two events are newsworthy. The thing we disagree on is the following: If 0.1% of traditional money is stolen is newsworthy, then this adds further evidence that 0.1% of DeFi money being stolen is newsworthy. I don't agree with that.
It's news that a life-changing volume of cash can get hacked away from your wallet and just vanish.
It's not better that there's actually a planet-changing volume elsewhere in similar jeopardy. We should be howling about the anti-features baked into these things that enable criminal enterprise.
Based on current US inflation rates, that’s about 4 days worth of inflation. So, you could probably blame the Fed for “stealing” that much in one swoop.
The more I read news about crypto the more I believe they delivered none of the promises (high transaction fees, slow, burning a lot of resources for nearly nothing) and bringing more problems
Monero is the closest to the original cryptocurrency dream. Enforced privacy, low transaction fees, fast transactions, mining viable on commodity hardware. I've gotten paid via XMR, it works great.
Too bad nobody seems to care much about it because the numbers don't go up.
How much does it cost to convert that to US dollars?
And what is the half life value before that money ends up disappearing because of a hack, wallet mismanagement, or a straight up scam, or ending up being seized by the FBI?
Considering the ridiculously large percentage of Bitcoin that belongs either to the FBI or Mt Gox scammers, and the massive number of other scams in crypto, I bet once you adjust for those factors the value will be minuscule.
> How much does it cost to convert that to US dollars?
Not sure how that's comparable to Visa, Visa doesn't handle conversations at all between different types of currencies (you can't convert USD to BTC with Visa for example). It all happens via 3rd parties, just like with cryptocurrencies, so it depends on the 3rd party more than anything else.
> And what is the half life value before that money ends up disappearing because of a hack, wallet mismanagement, or a straight up scam, or ending up being seized by the FBI?
Neither of those things have happened to Monero, and since the project is relatively old (for the cryptocurrency space at least), it seems safe to say that they generally know what they are doing, or we'd seen more hacks.
I think the original claim still seems right. Monero both settles faster and has lower fees (depending on the amount for the Visa transaction obviously, as it's percentage based, while Monero as a "flat fee" [based on network activity]).
Well they got big money to buy in. Sure Ethereum-based DeFi projects are scams, but the so-called blue chip currencies will probably stick around. Ultimately, the traceability of crypto is its unique selling proposition.
What does "fake" mean in this context? Malicious? Or that the attacker made it look like a BIP so it would get executed? Or something completely unrelated?
Maybe your money is pretty safe in your bank. My dad worked for 40+ years and paid every month his pension fund dues. When his company (a very big and old company in our country) went bankrupt, it was found that the pension fund was broke. They had been using money from the pension fund to cover whatever they had to cover due to corruption, bad administration, etc (it was illegally done so, by the way). Not only that, but the government knew about this, since it was a really, really big pension fund, and had stepped in as pension administrator for the past six or seven years. Didn't matter. The pension broke, the company broke, my dad and thousands of others were left without their retirement pay.
This is not some outrageous story over here. It was so normal that it didn't make any headlines. Two years ago postal workers have started to take a pay cut to cover a hole in their pension fund. The mail here is state owned, by the way, and it didn't matter. The directors took their money, the workers had to pay up.
I did my research, I wouldn't put money in Beanstalk Farms, or 99% of cryptocurrencies, but there are couple, two or three, crypto projects that I know are legitimate and secure, and I trust them more than the banks I have access to.
There is an interesting false equivalence here between pension funds and banks. But it's a personal annecdote, so really it's up to you what made you lose faith in "the system".
I know they're not equivalent. But banks have broken here too, and people lost a lot of their money. By the way, credit card interest here is over 300% annually. Can get up to 800 depending on the bank.
> There is an interesting false equivalence here between pension funds and banks.
The dissimilarity of pension funds & banks is present, and so there's no opposition to that objection.
> But it's a personal annecdote, so really it's up to you what made you lose faith in "the system".
I'll admit my pro-crypto stances upfront, but the anti-crypto stance of "Oh it's just your opinion that 'the system' messed up" is highly non-conducive when it comes to getting people out of crypto & trusting the current financial system once again.
To those people, their rightfully legitimate concerns of corruption, non-transparency, & failure to even partially repay the funds lost are dismissed as 'anecdotal', much like the concerns of every privacy-concerned individual before Snowden's leaks were made public.
To that end, verall, your dismissal of the parent's experiences as anecdotal will sour the opinions of the concerned & cause them to dig in their heels even further. It does not help alleviate their concerns, nor does it help in re-establishing trust.
With regards to the actual improvements that I would like to see implemented in the current financial system, the creation of a triple-ledger accounting system [1] where transactions are anonymized-but-traceable would help a long way in re-establishing trust in the current financial system. The 3rd party in this picture wouldn't even need to be a blockchain: It would just need to be a neutral 3rd party that would make transactions on the aforementioned ledger transparent to the general public.
What’s hilarious is to take your side, you have to imagine somebody saving into crypto for 40+ years and then cashing out. The odds of any crypto lasting that long, and that money having even remotely a predictable long term value, is pretty plainly absurd.
We are over 1/4th of the way into the 40 years with Bitcoin. Today, is worth 40,000x more than when it started. It is absurd to you, but not to many other people.
Personally, I'd rather trust a system which can't be controlled by any one individual (or even a small group of individuals), over a corporate pension fund.
In the 90s my country was plagued by out of control inflation. In a desperate attempt to control it, the government just froze everybody's bank accounts. Nearly everyone was left without money. Imagine logging into the bank and discovering that all your money had been confiscated. Some people saw it coming and cashed out beforehand, and suddenly became wealthy after everyone else's money was wiped out.
I don't trust governments and I don't trust banks. I want an economy that's completely independent of them.
Agreed. Many of the people posting on HN have a very western view of mind and haven't experienced the difficulties of finance and banking in other countries.
It solves a problem I have as a westerner who likes to live in non-western countries. Simply put, moving, storing and accessing my money anywhere in the world is hard. Crypto makes it a trivial non-issue.
Brasil actually fixed their inflation problem with Plano Real (Cardozo was finance minister at the time) which is one of the all time great stories of government intervention in an economy.
I'm not impressed by their plan. They simply created yet another currency and duped the population into believing it was going to be different this time.
The inevitable fate of all inflationary currencies is irrelevance. Its value will drop to zero and it will be replaced by a new currency in order to restart the cycle. It's only a matter of time.
It would be interesting to create a cryptocurrency where transactions take an additional time to settle based on amount from the time the transaction is requested.
$20k? No delay other than getting the transaction through the mining pools or whatever. $500k? Maybe an hour to settle. $1m+? That’s going to take a day (in which time big red warning lights can flash on your defi project wall boards).
It's not hard to set in delays yourself if you want them.
You're missing the point though: these defi systems are mostly scams right out of the gate. They're designed to be exploitable by their creators.
They're also designed so that the exploits are plausibly denyable-- so while we can look at the long long list of anonymous created defi ponzis that vanish with everyone's funds via similar attacks we can conclude that many were intentionally designed that way-- attributing it for any specific one is challenging.
That can be solved by adding a delay for each subsequent transaction from a wallet. Solana has been considering this to solve some spam issues. t+(n*cooldown period), or something
After thirteen years this is what crypto gives us. A few people get rich at the cost of all the rest. From coins getting hacked/stolen to ransomware, to just cryto-gambling.
But there is something positive to say about crypto too.
The failings of crypto teach a lot of people about how and why societies work the way they do. And that no amount of tech can ever replace our institutions and human trust.
I'm 100% with Stephen Diehl on this one: the entire 100% of crypto needs to be burned down to the ground. It needs to go because of the enormous harm it does to people and our larger society, for no gains at all.
I’m no crypto maximalist, and would struggle to argue against the position that crypto today is pretty much all scams, pump&dumps and pixie dust selling.
To me it’s a shame though, crypto as a concept is very interesting in many ways. Algorithmic money, defined by serverless programs, not COBOL behemoths. Massively distributed, yet consistent mutable database. A space where you can bootstrap an idea on a shoestring budget. A bit like internet vs cable TV and trad banks.
Except in this analogy, the “crypto” internet seems to have gone straight from Arpanet to nothing but ads, child porn, dark net and gambling, skipping past Wikipedia, Google, dotcoms (when they were plucky upstarts not to vil conglomerates). Shame.
“100% of crypto needs to be burned down to the ground. It needs to go because of the enormous harm it does to people and our larger society, for no gains at all.”
> flash-loan attack due to a flaw in its newly introduced Curve LP Silos that compromised the protocol’s governance mechanism, ultimately permitting the attacker to conduct an emergency execution of a malicious proposal siphoning project funds
The fact that this dude literally sold millions of dollars of magic beans, which made the beanstalk, which suddenly disappeared, has got to be at least a little suspicious.
It was a super basic flash loan oracle manipulation, which could have been done by anyone, so it probably was just another Waterloo kid finding their fortune, but really, who are these people who dumped millions of dollars into magic beans?
Seems "good enough" to me. Currently it's 123430 deposits in total that are inside tornado. The risk is that exchanges will "taint" any ETH that has been passes through there, even if you could prove it's legal income.
How on earth can people just shake off a loss of $182MM? And is this one of those contracts? Have the courts ruled that code is law, and that a poorly implemented and exploitable contract is legal? There is so much wrong with this.