[HN Gopher] Missing line in a smart contract leads to $10M hack
___________________________________________________________________
Missing line in a smart contract leads to $10M hack
Author : drdrey
Score : 176 points
Date : 2021-05-16 17:59 UTC (5 hours ago)
(HTM) web link (www.rekt.news)
(TXT) w3m dump (www.rekt.news)
| latchkey wrote:
| This was REKT2. There is a REKT1 AND REKT3 as well.
|
| https://www.rekt.news/value-rekt3/
|
| Anyone heavily participating in DeFi considers this a cost of
| doing business in the cutting edge of new finance (which is a
| very debatable way of saying things).
| cryptica wrote:
| I never understood the point of smart contracts. Why not just
| launch a new blockchain or decentralized application by forking
| code and launching nodes? That way you don't need to pay Ethereum
| fees and you get a lot more flexibility - Also, your project will
| not be constrained by Ethereum's scalability limits and you won't
| have to pay fees to subsidize the popularity of other projects
| which are running on the same platform... Ethereum seems to
| facilitate mostly short term scams.
|
| Projects launch, raise a ton of money, then when people try to
| actually use the new project, they realize they have to pay $20
| per transaction. This quickly kills the project; now onto the
| next scam. What kind of brand new project can justify making
| their users pay $20 per transaction? I struggle to think of any
| genuine use case.
| paulpauper wrote:
| Why do ransomware when you can just find exploit and get away
| without having tainted crypto and also make much more $ too. Defi
| is such a big gift to hackers. Probably $100 million stolen total
| in past 2 year. These protocols and contracts are so complicated
| that such hacks are inevitable and more to come.
| tylersmith wrote:
| Because finding exploits is competitive. Many teams do both
| operations, exploit hunting and malware.
| lottin wrote:
| Moreover the "hacker" is simply doing something that is allowed
| by the contract so it's hard to argue that these hacks are even
| unlawful.
| hn_throwaway_99 wrote:
| Yeah, that's my question with all this. I mean, ransomware is
| obviously illegal. Finding vulnerabilities in smart contracts
| - well, "the code is the contract", so the hacker is just
| executing the code as it was published.
|
| I mean, the whole reason Ethereum Classic exists is because a
| subset of Ether folks felt that restoring the funds in the
| original DAO hack was contrary to the whole "the code is the
| contract" ethos.
| PeterisP wrote:
| Ignoring contract law (which would not blindly accept "the
| code is the contract", and people's ethos does not allow
| them to arbitrarily decide how contracts shall work in the
| country where they live), the fact that some action was
| explicitly written in a contract that was properly signed
| by everyone does not necessarily mean that the action was
| lawful.
|
| For example, if you intentionally misrepresent what the
| contract means to deceive someone into signing a contract,
| then is fraud, and it also invalidates the contract. If the
| fraudster already got the money according to that (invalid)
| contract, no matter if it's cash or crypto, they possess
| it, but it's not lawfully theirs.
| hn_throwaway_99 wrote:
| I mean, at its heart then you are really arguing than
| smart contracts shouldn't exist in the first place (I
| don't really disagree).
|
| The _entire_ reason that smart contracts exist is to get
| rid of the need for any trusted third party intermediary
| because (as proponents argue) all of the logic for the
| contract is completely embedded in the code.
|
| If it then becomes necessary to say "The code is the
| contract, unless there's a bug, in which case we'll have
| some single or set of arbiters decide what the code was
| really _supposed_ to do " then why have smart contracts
| at all, why not just go through a normal escrow process
| where there is an independent arbiter trusted to
| determine who "lawfully" deserves the funds.
| PeterisP wrote:
| I'm not necessarily arguing that smart contracts
| shouldn't exist in the first place - perhaps they have a
| valid future role in effectively and cheaply adjudicating
| small claims where currently it might not be worth to
| enforce a contract due to the effort and costs of the
| legal process; something vaguely like what arbitration
| was intended to be.
|
| This use case would IMHO have a quite large market, and
| it would be perfectly compatible with those smart
| contracts having a proper (non-code) appeals process
| explicitly designed in the system - the benefit would be
| that the third party (arbiters, or state, or whatever) is
| not used in most cases, because that would be costly.
| splintercell wrote:
| If Code is law then hard fork is also law. Otherwise those
| Ethereum classic people are saying that code is law but
| only the DSL of Solidity. Outside updatable Ethereum engine
| code is not law.
| hn_throwaway_99 wrote:
| > If Code is law then hard fork is also law
|
| Not at all. All crypto currency only has value because
| other people collectively choose to "believe" a certain
| chain. Usually there is global consensus of which chain
| is the "true" chain, but there have been many times in
| the past that one group has decided to follow a different
| fork for whatever reason. I mean, Bitcoin has Bitcoin,
| Bitcoin Cash and Bitcoin Gold. The value that gets
| allocated to a particular fork just depends on the number
| of other people that choose to follow that chain.
| [deleted]
| hhvn wrote:
| You could argue all hacking is just doing something that is
| (accidentally) allowed by the target system.
| ethanbond wrote:
| Not really, because the entire premise of smart contracts
| is that the code IS the only representation of the
| contract. In normal software systems there's an intent and
| then an implementation. There's no explicit guarantee they
| are identical, which is exactly why there are subsystems to
| allow e.g. refunds or transaction invalidations.
| alisonkisk wrote:
| That's just ignoring the intent part.
| PeterisP wrote:
| That premise is clear, proponents of smart contracts
| would like it to become true, but as of now that premise
| is simply not true anywhere in the world.
|
| There may be obvious practical difficulties in
| identifying the counterparty and enforcing a judgement in
| them, but if that becomes possible (and if $10m is at
| stake, perhaps it might become possible, bounties, etc)
| then the argument that "code is the only representation,
| and this is what the code said, so this was lawful" is
| not valid, as it contradicts both contract law and fraud
| statutes.
| lottin wrote:
| But code is the only representation, like it or not. The
| smart contract is _code_ and nothing else.
| PeterisP wrote:
| That's _almost_ true - there often is also some out-of-
| bounds communication about that code before the smart
| contract is implemented, which can help establish intent,
| which matters a lot in resolving disputes about a
| contract.
|
| But the actual contract terms between the parties and
| facts like is this contract valid at all, who owns what
| and who owes what to whom are ultimately determined by
| contract law, not by the smart contract, like it or not.
| The smart contract may determine possession of certain
| things, and in many cases it would be uncontested and
| there it has a purpose of just doing the contract
| settlement automatically, but as soon as there's a
| dispute, then the legal ownership and any claims would be
| settled according to contract law, not according to what
| the code says.
| mrfusion wrote:
| I'd bet missing lines of software have done way worse than this.
| just-ok wrote:
| Bank error in your favor, collect ~~$200~~ $10M.
| [deleted]
| barbegal wrote:
| This also shows how little security probing is performed on
| cryptocurrencies and smart contracts. It took over a month and a
| huge bounty to find the bug in this contract. The likelihood of
| finding bugs in other currencies and contracts is extremely high
| despite millions of dollars of value relying on it.
|
| Most cryptocurrencies and smart contracts are copy and paste with
| little analysis of the underlying code. To the creators the
| incentive is to create something fast and without expending any
| extra effort. The losers are always the users who put their trust
| in the creators. An ideal open source decentralised system should
| allow the users to verify the claims of the creators but the
| reality is that the code and the systems around it are far too
| complex for any single person to be able to verify quickly.
|
| Does anyone know of any organisations that can vet smart
| contracts and provide insurance in case they get hacked or fail
| in other ways?
| paulpauper wrote:
| even pro coders get hacked and make mistakes. normally,
| mistakes are inevitable and survivable, but crypto makes the
| stakes so much higher.
| paulpauper wrote:
| When so much $ at stake and no wya to get it back, it makes it
| necessasry to have perfect code
| sireat wrote:
| Looks like there are plenty of more DeFi hacks/internal
| fraud/incompetence https://www.rekt.news/leaderboard/
|
| Setting aside the hacks, what good is DeFi anyhow for those
| outside crypto space?
|
| Seems DeFi currently serve two main functions.
|
| 1. Crypto backed loans - main purpose being crypto speculation /
| possibly some dubious tax benefits
|
| 2. Decentralized exchanges - nice for those into crypto but not
| for Joe Sixpack.
| ctur wrote:
| Someday some engineer working on these kinds of contracts will
| realize they can make a lot more money illegally by
| "accidentally" adding such bugs to the ecosystem then colluding
| with whoever exploits them.
|
| Actually it's probably already happening.
| bombcar wrote:
| There's been at least one smart contract with a "typo" of zero
| for O that allowed an "exit event".
| s5300 wrote:
| Yeah, this is the case for this specific contract. Could dump a
| large amount of proof but don't exactly need too much attention
| brought my way.
| paulpauper wrote:
| Makes you wonder how many incidents are inside jobs. Probably
| more than one would assume.
| fastball wrote:
| As with the rest of the industry, mostly the solution here is
| just better vetting and static checking etc.
| exdsq wrote:
| Interesting to see that those with audits are still vulnerable. I
| question the quality of companies like Certik which basically
| just run a home-brewed static analysis tool and charge a crap
| ton.
| coreyoconnor wrote:
| For fun I've been analyzing the contracts posted to
| r/CryptoMoonShots. Out of 20 posts 16 of them used the same
| contract; modulo names. This contract blocks everyone from
| removing funds but the owner.
|
| How? Is it some complex chunk of code that requires a delicate
| hack?
|
| No, not at all. There is literally a function with code, more or
| less, like: "If owner then OK here's all the funds". Anybody can
| check this in the contract. Yet people are dumping funds into
| these contracts. Even tho these contracts tend to only attract a
| few thousand dollars each. Well, costs next to nothing to create
| and spam.
|
| A more detailed analysis of a similar contract to the one I've
| seen: https://cryptot3ddybear.gitlab.io/blog/posts/scam-
| explained-...
| KETpXDDzR wrote:
| I see a market for static code analyzers for smart contracts. And
| virus scanners!
| doopy1 wrote:
| Yes, it's a very lucrative field for those that are good at it.
| [deleted]
| tylersmith wrote:
| It's a rapidly growing, and fun, market. Anyone interested,
| feel free to contact me about working in this field.
| jtsiskin wrote:
| The story doesn't end there. After they converted to BTC at
| https://www.blockchain.com/btc/address/1Cm6WGvXQ9EgvvWX5dRsB...,
| where does the money go?
| paulpauper wrote:
| that is presumably to prevent the $ from ever being frozen. in
| some instances, devs will freeze defi tokens. very uncommon and
| controversial but it happened after kcuoin hack
| s5300 wrote:
| Oh, Value DeFi is just a long-haul grifting scam in general lmao.
| Wasn't a "missing" line, "dev" team just set it up lol.
|
| I have a boatload of screenshots sent from one of their team
| members I'd been talking with for a few months that was
| internally profiting off the grift but then went rogue.
|
| Shame this story is getting attention, especially on HN. YFV aka
| Value DeFi is just a long-haul rugpull/scam lol.
| koolba wrote:
| Serious question for people familiar with this space. Would you
| encourage an ambitious expert programmer with a substantial
| finance background to avoid this space entirely, or enter it as a
| creator, a contractor, or black hat?
| hiq wrote:
| What's your goal?
|
| I don't think committing crimes as an expert programmer is a
| rational choice with most utility functions. Do you really want
| to make 10x or 100x as much in exchange of your peace of mind?
| Given that you're probably a top earner already? And that's
| already taking it from a purely selfish point of view.
| koolba wrote:
| I'm wondering which would be the most lucrative one, five, or
| ten years out.
|
| Plus the legal status of interacting with a smart contract
| per its "code is law" API has not been tested. Have you
| broken any law or even civil contract?
| jazzyjackson wrote:
| Well at least take a look around and see if it's interesting to
| you. I've been enjoying a playlist of blockchain lectures by
| Gary Gensler, current chair of the SEC. Lecture 6 is smart
| contracts with Lawrence Lessig guest speaking. [0]/[1]
|
| I've been avoiding smart contracts since hearing about hacks
| like these (similar to the Multisig Parity Bug years ago,
| neglected to initialize, let someone else become the owner and
| kill the contract) - but I've been educating myself the past
| week and find that there are really cool things that can be
| done, maybe cooler a year or 15 in the future when ETH finally
| gets its fees under control.
|
| As a programmer, you'd probably be interested to see the
| ethereum virtual machine's "assembly" language [2], I'm pretty
| impressed with how little code underlies all these ERC20
| tokens.
|
| [0] https://ocw.mit.edu/courses/sloan-school-of-
| management/15-s1...
|
| [1]
| https://www.youtube.com/watch?v=EH6vE97qIP4&list=PLUl4u3cNGP...
|
| [2] https://docs.soliditylang.org/en/v0.8.4/yul.html
| dj_mc_merlin wrote:
| Is it weird that this kind of excites me? It's like in that
| videogame Uplink, where you would hack into a bank and redirect
| cash to yourself. Except in real life. A new wild west?
| shiado wrote:
| There's no such thing as hacking a smart contract. The code is
| the law.
| distribot wrote:
| I find the cyber noir nature of this rekt.news to be really
| delightful
| PaulHoule wrote:
| I went to a conference years ago in NYC and was shocked that
| Etherium didn't have a security story at the application level.
| naikrovek wrote:
| After reading a bit, not knowing WTH is being talked about, I did
| some searching. Because the author(s) of this article forgot what
| makes hypertext so powerful. (In fact, I think a lot of people
| have forgotten that. Don't be afraid to link things, people.
| Linking to something literally saves you the trouble of
| explaining it yourself. LINK MORE, PLEASE. I will click.)
|
| So this is apparently about some stock market for
| cryptocurrencies, looks like? I think so.
|
| The first few paragraphs of the analysis of the post-mortem
| contain so many new terms that I am never likely to trust anyone
| that pushes any type of cryptocurrency, ever. This is pretty
| clearly "The New Scam" type that is fashionable. People are
| regularly getting busted for the old fashioned pyramid scheme, so
| I guess something else needed to be invented.
|
| This stuff is unregulated, prices are easily swayed by a few
| famous individuals or sometimes a lot of unknown people, en
| masse, and you can earn and lose real money by trading the stuff.
| Hard pass. This article just reinforces to me that my decision
| about that is correct.
|
| I do not like telling people that their interests are bad,
| because I'm sure in some ways blockchain stuff is at least semi-
| useful. I mean there are other ways to provably make ledgers
| read-only, but whatever. I'm not trying to stir anyone up, is
| what I'm trying to say. Cryptocurrency is just so clearly not "on
| the level" in my eyes. Sorry. :(
| Arnavion wrote:
| >Because the author(s) of this article forgot what makes
| hypertext so powerful. (In fact, I think a lot of people have
| forgotten that. Don't be afraid to link things, people. Linking
| to something literally saves you the trouble of explaining it
| yourself. LINK MORE, PLEASE. I will click.)
|
| This is a fine sentiment, but [you] [don't] [link] [every]
| [word] [in] [your] [sentence] to a dictionary website either,
| because you expect the reader to know English. In the same way
| it's perfectly fine to write an article with a target audience
| that understands the concepts being discussed. Not everything
| needs to be written for a general audience; this website is
| exclusively about cryptocurrency, and particularly dense with
| jargon and slang at that.
| charonn0 wrote:
| It's a poor speaker who blames the audience for not
| understanding.
| tylersmith wrote:
| Not every random reader of an article is in its intended
| audience. The audience the speaker is writing for
| understands the article fine.
| [deleted]
| alextheparrot wrote:
| This is actually a bit amusing, because one of my favorite
| reading features on iPad is being able to click and hold on
| an arbitrary word to look it up.
|
| Sure, the UI/UX of a traditional link isn't desirable, but I
| do want every word to be linkable to the dictionary.
| nemetroid wrote:
| Firefox has an option for this in the right-click menu
| after selecting text (e.g. by double-clicking).
| Arnavion wrote:
| You can copy-paste a word from the website into your search
| engine too. The website doesn't have to do anything. Just
| like the program you used on your iPad didn't do anything,
| it was the iPad providing the select-and-dictionary
| feature.
| anyfoo wrote:
| On the Mac too, you can just "force press" the touchpad on
| any word and a definition comes up. As a non-native English
| speaker, I use it quite a lot.
| mwlp wrote:
| or highlight and ctrl+cmd+d :)
| saurik wrote:
| Sounds great as a feature of your client, not of every
| single site.
| dylan604 wrote:
| I'm pretty sure I've seen some of those ad afiliate
| javascript libraries that add links to words in a paragraphs
| back to some random website that used a matching keyword that
| looked very close to your example.
|
| At least, way back before I started using blockers.
| jacoblambda wrote:
| Basically what this (and DeFi in general) is is a decentralised
| lending platform and "liquidity farm".
|
| The lending part is relatively self-evident. You can pool funds
| together and the contract automatically issues loans when
| requested provided the user has X amount of collateral. Most
| "DeFi" lending basically acts like a margin for margin trading
| at the moment.
|
| The liquidity farming however is a bit more practical. It's
| creating pools of liquidity for decentralised exchanges and
| various "cross-network" smart contracts to temporarily source
| coins out of.
|
| There's a lot of dogfooding going on but the general system
| behind it is useful. It's just overly simplistic and the code
| lacks pretty much any scrutiny in a lot of these cases.
| echelon wrote:
| What happens if you don't pay back a DeFi loan?
| jacoblambda wrote:
| In most cases it's bound to your collateral so if you don't
| pay back or the value of the collateral dips below some
| level, the loan is automatically reclaimed from your
| collateral.
|
| A lot of the loans are 1:2, 1:4, or greater depending on
| what the currency it is being traded in is. If your total
| collateral dips below that multiple of the loan, you
| forfeit the value of the loan from your collateral plus
| some penalty fee.
| chrisco255 wrote:
| While this startup smart contract got hacked, there are plenty
| of reputable products in the space that have never been hacked
| and have upwards of $80 billion locked up right now:
| https://defipulse.com/
|
| The top projects: Aave, Compound, Uniswap, etc. have been
| audited several times over, publish their smart contract source
| code for further review, offer millions of dollars in bug
| bounties and inherently the locked value acts as a giant bug
| bounty. I feel comfortable with these projects that have been
| around for several years now. But it is an open ecosystem and
| not all projects are created equal. You can also take out
| insurance for the biggest protocols for additional protection.
| mondoveneziano wrote:
| > You can also take out insurance for the biggest protocols
| for additional protection.
|
| Then what's the point? I can already take out insurance in
| the "traditional" banking system (e.g. every checking account
| has FDIC).
| ZephyrBlu wrote:
| It's a crypto news website. They're not going to link to basic
| crypto terms.
|
| Your whole comment sounds like confirmation bias to me. You
| don't like crypto, therefore all the new terms you've never
| heard of must be bad stuff, everyone is out to scam people and
| crypto isn't "on the level".
| naikrovek wrote:
| Maybe it is, I don't know. But I do know that I'm not ever
| even going to dip a toe into cryptocurrency because of the
| personalities of the people who are heavily pushing it. I am
| not talking about you.
|
| Everyone I know who is into this is very strongly into it,
| and they can never really explain why. Lots of non-specific
| sentiments emerge, and rather quickly, but no real this-
| changes-things-because-of-X details or explanation about
| anything. It's the same pattern I've seen from people who
| believe in psychic readings and Tarot cards, except those two
| groups can get very specific, it's just about imaginary
| things.
|
| Age is a superpower. I have a few decades behind me. You see
| patterns in behavior, because people are not snowflakes, and
| incoming generations make the same mistakes the outgoing
| generations have made, and must learn the same lessons
| previous generations have learned. This generation is trying
| the things that the other generations already tried, etc.
| Some things change, but the fundamental things people try to
| do with their lives, those don't really change much
| generation to generation.
|
| Experience is a good teacher. Now, maybe I'm wrong about
| cryptocurrency, I'll gladly admit that. And I would counter
| by saying that "I'm seeing the same broad strokes I've seen
| previously, with different names."
| ZephyrBlu wrote:
| Which personalities are you referring to?
|
| I'm curious about what you've picked up as well. Like
| people not being able to explain why they're into it. Could
| you elaborate on those things a little bit?
| naikrovek wrote:
| The super "gung-ho about cryptocurrency" guys. They act a
| lot like they're selling you a car that they don't have
| any details about. It's great, it's awesome, it's
| everything you ever wanted, etc. It will make you look
| good, it will make you happier, it will make you more
| confident, and so on, but if you ask about anything other
| than what is printed on the sticker, they can't answer
| the question with any detail, and they deflect.
|
| That's my (of course limited) experience with
| cryptocurrency advocates.
| CuriousSkeptic wrote:
| I'm not sure it's been done before though. This crowd seems
| hell bent on replacing basic trust and civility with
| algorithms. As if if we could just eliminate morality the
| world would be better.
|
| From what I know this has mostly been described in
| dystopian sci-fi before, not really tried in earnest.
| wyager wrote:
| > prices are easily swayed by a few famous individuals or
| sometimes a lot of unknown people, en masse, and you can earn
| and lose real money by trading the stuff
|
| Totally, this Gamestop stock market stuff is crazy. Oh, you
| were talking about cryptocurrencies?
| doopy1 wrote:
| I know this won't change your mind, but the reason you are
| seeing new terms is, because you're seeing the birth of new
| protocols. Pictures yourself in the early days of the internet
| and you want to learn about http and/or javascript (for
| example) - you would be overwhelmed with new terminology to
| concepts that didn't exist before like gui based web browsing.
| Crypto/Defi are this in many ways. Does that make it not a
| scam? Maybe, maybe not, but don't let the new terminology
| startle you.
| naikrovek wrote:
| The Internet was something new that provided new capabilities
| and new abilities to humanity with extremely high
| reliability, and at a scale that didn't exist prior to that.
|
| Cryptocurrency doesn't provide any new capabilities at all.
| Money and trading existed before. Price fluctuations existed
| before. Markets existed before. Buying and selling existed
| before. But now, because it's so new, and because it's not
| technically money, but a virtual good, this is all
| unregulated and fertile ground for people who want to take
| advantage of others.
|
| This is why it seems to me so much like a sales pitch to me
| when people talk about it. It seems very much like they need
| you to commit money in order to get anything out of the
| arrangement themselves. This is "Jebediah's Miracle Snake
| Oil" with a new name.
| reilly3000 wrote:
| This makes me think that the next generation may have a new
| profession of hybrid lawyer-programmers that are engaged to
| ensure the validity of smart contracts, both negotiating and
| formally verifying these boilerplate transaction machines. While
| this was clearly a technical oversight, there are also legal
| frameworks and traditions that need to be programmed into future
| contracts. That along with insurance, escrow, title, and other
| professions will need to evolve with web 3 paradigms.
| quadcore wrote:
| There might be something deeply interesting in that news
| actually. 'initialised = true' is obviously a bad pattern, now
| the world cant argue about it anymore. Why is it bad? Obviously,
| if you forgot the line then... BOOM. So instead I check whatever
| main variable the initialisation initialised before the
| initialisation starts. Also, the whole concept of initialisation
| is a bad pattern. You dont want to have an initialisation
| whenever you can avoid it, you want to perform the whole
| calculation every time. 'initialisation' implies a state machine.
| You dont want state machines, you want stateless machines, as
| much as possible. So yeah, 'initialisation' is a good
| optimisation some of the time and most of it a bad compulsive-
| caching habit.
|
| 'initialised = true' just costed people $10M. I really like those
| DeFi things cause at first glance.. I think they might actually
| teach you how to code!
| TazeTSchnitzel wrote:
| It is surprising that people would entrust large amounts of money
| to Turing complete C-like programming languages in an environment
| where mistakes are irreversible. Surely you would want to use a
| language that makes it harder to accidentally introduce common
| vulnerabilities?
|
| For example, considering contracts are likely to be state
| machines (and the error in this case is a state machine issue),
| maybe an explicitly state machine-oriented language design would
| be good? I'm not familiar with academic research in this area but
| I have used a real-world one before, Linden Scripting Language,
| which incidentally is also used for what you could call "smart
| contracts" involving money, albeit not in a cryptocurrency
| environment.
| IG_Semmelweiss wrote:
| There's an extremely strong case for Bitcoin as a public ledger
| of real estate transactions within a particular jurisdiction like
| a country, but that would necessitate a lot of interested parties
| losing power that it would be a political 3rd rail.
|
| Outside of that is there any s interesting use cases that have
| emerged?
| _pdp_ wrote:
| These kind of mistakes should not be possible in smart contracts
| if they are to become more mainstream. There has to be layers
| upon layers of defence built in to protect against common
| pitfalls. It is crazy that a single line can cause so much
| damage.
| tankenmate wrote:
| Crypto pen testers will become a thing; plenty of central banks
| are making noises about starting blockchains.
| jacoblambda wrote:
| There are better tools for this, they just aren't in common use
| unfortunately. Had this been written in Glow, both this bug and
| the bug that followed where another 7M was stolen would have
| been compile errors.
|
| This is just the consequence of people developing code in
| languages that provide little to no protection against their
| various footguns. At the very least we should expect to see
| some additional tool on top of the language that can reason
| about the correction of the code.
| ZephyrBlu wrote:
| How would those bugs have been compile errors in Glow? I'm
| unfamiliar with it, but that sounds interesting.
| ethanbond wrote:
| Maybe we could create a system to adjudicate such failures? ;)
| paulpauper wrote:
| Then they will never become mainstream
| hiq wrote:
| Many people are asking what happened, because the article does
| not go much into detail.
|
| The code is there (linked in the article):
| https://bscscan.com/address/0x7a8ac384d3a9086afcc13eb58e9091...
|
| After spending 2min on it and using this hint from the article:
|
| > The affected pool contract had an initialize() function that
| should have been activated after deployment.
|
| > The line: initialized = true; is missing from the function.
|
| That's really the crux of the issue. Have a look at the
| `initialize()` function. It's meant to be called only once
| (that's why it uses the modifier `notInitialized`), right after
| the smart contract is deployed, and never again. But the
| `initialized` variable is never set to true, meaning that it can
| be called again, and it seems that's what the attacker did.
|
| ...so for those who expected something fancy and technically
| advanced, that's not for you.
| andrewfromx wrote:
| so where does one draw the line between theft and just doing
| what the code allows? I wonder in the future crypto courts is
| the defense, "your honor, the code allowed me to call
| initialize again, they specifically didn't set it to true."
| going to fly? Or will you have to prove that the 10 mil you now
| have was intended to be given to you and your "victim" isn't a
| victim at all.
| paulpauper wrote:
| if it went to court, i am guessing presuambly under a plea
| deal the hacker would be required give back all or most of
| the crpyto to rectify the 'mistake;' if not, it would prove
| intent to steal . For example, there is the 2005 Sammy
| MySpace XSS incident. Technically, his code was interpreted
| by Myspace as valid CSS/html, but was still guilty due to
| intent.
| [deleted]
| cosmodisk wrote:
| It may depend on a legal system in a country but I think 'Or
| will you have to prove that the 10 mil you now have was
| intended to be given to you and your "victim" isn't a victim
| at all' is more likely. For instance there were cases,where
| ATMs dispensed stupid amounts of money because of some error.
| People would normally be found guilty if they take the money
| that technically isn't theirs.
| meowkit wrote:
| In the future I think smart contracts will be standardized -
| these kinds of things won't happen unless you're trying
| something new. If that's the case there will probably be
| services/testnets to properly vet it before launching on a
| mainnet.
| sidlls wrote:
| The legal system isn't a computer that implements the law
| strictly to the letter based on only factual information.
| There are "reasonable person" standards, allowance/tolerance
| for mistakes, etc.
|
| Relevant to this discussion is rules covering mistaken
| deposits to a bank account: recipients are obliged to return
| the assets, not shrug their shoulders and use the cash while
| they proclaim "Bank's fault; they're responsible!"
| jlarocco wrote:
| I don't follow any of this too closely, but I thought the
| whole idea was to get rid of courts by using precisely
| codified contracts?
|
| What's the advantage if the result is the same system as
| before (lawsuits, courts, etc.) with added complexity of
| "smart contracts"?
| xyzzy_plugh wrote:
| How do you get rid of courts? Do you imagine an alternate
| reality where existing regulations do not and can not
| apply? Because I'd recommend continuing to imagine.
| jypepin wrote:
| I think smart contracts are meant to automate the work
| behind contracts/agreements, but if someone hacks you,
| well, they did something illegal and you can sue?
| mondoveneziano wrote:
| I think the question is: Why then deal with all those
| inefficiencies and cost of distributed computation,
| mining, and broadcast transactions, if you need courts to
| override decisions anyway, and insurance to cover
| yourself when something goes wrong? You can already
| "automate" without smart contracts.
| philangist wrote:
| All exploits are technically some version of "just doing what
| the code allows", I don't see how that would change whether
| or not a hack/theft actually occurred.
| nkrisc wrote:
| Seems like these smart contacts should include written
| contracts as well to outline what the code is intended to
| do, if you can't rely on the code.
| 2OEH8eoCRo0 wrote:
| Reminds me of a Team Fortress 2 griefing video where they
| kept putting turrets underneath the map that couldn't be
| killed but could shoot players.
|
| "If they didn't want you to do that then why did they put
| it in the game?"
| dragonwriter wrote:
| One view of smart contracts is that the code defines the
| intent/agreement, so if the code allows it, the it is,
| _ipso facto_ , not theft.
|
| Of course,
| bseidensticker wrote:
| Proponents of Ethereum will say that smart contracts obviate
| the need for courts. I don't think this sort of Ethereum
| bug/hack thing has ever shown up in the court system yet. I'm
| sure someone will bring a case if they know who did it. If
| gaining access to someone's system using default credentials
| or no credentials is a violation of the CFAA then I'm sure
| this is as well.
| timoth3y wrote:
| > so where does one draw the line between theft and just
| doing what the code allows?
|
| This is the heart of the problem with smart contracts. The
| theory is that the code is the law. There is no theft. There
| is no need to trust, authority, or arbitration.
|
| Of course, this only works when the smart contracts perfectly
| meet a correctly defined spec and have no bugs.
| mondoveneziano wrote:
| That's not enough, all parties would have to have 100%
| awareness and understanding of the smart contract, detail
| by detail.
|
| Real life contracts sometimes turn out to have non-
| enforceable clauses within our legal framework, or may be
| entirely invalid if, for example, signed under pressure or
| false pretense.
| adflux wrote:
| And a judge will decide whether the contract was signed
| under duress. Who will judge smart contracts?
| derefr wrote:
| > Of course, this only works when the smart contracts
| perfectly meet a correctly defined spec and have no bugs.
|
| In practice, two parties agree that "what the smart
| contract says is what's true", just like two parties agree
| that "what the paper contract says is what's true." From
| that point forward, 'bugs' in the contract -- and their
| consequences -- are _intended_ negotiated results of the
| contract.
|
| Just like a regular paper contract can have loopholes that
| advantage one of the two parties, and the introduction of
| those loopholes is often _an intentional aim of the
| negotiation process_ (i.e. both parties are aware of the
| loophole, and whether it 's _left in_ is something that can
| be negotiated for vs. other interests each party to the
| negotiation has.)
| PostThisTooFast wrote:
| What a pile of jargon and zero explanation. Shit article.
| Barrin92 wrote:
| I wonder when people will realize that the complexity inherent in
| human financial transactions will not go away just because you
| write code instead of natural language and 'decentralized
| finance' will reinvent everything it tried to get rid off (but
| shoddily) because nobody likes to lose their live savings because
| they missed a semicolon.
| seibelj wrote:
| There are plenty of Defi protocols that have not been hacked
| with many billions locked in them. Among them are Uniswap,
| Compound, Aave, and Synthetix. And in the traditional finance
| world plenty of mistakes have been made, like when Knight
| Capital accidentally ran their unit test algos in production
| and lost $500mil
| https://en.m.wikipedia.org/wiki/Knight_Capital_Group
| paulpauper wrote:
| those are somewhat different. these are intermediaries when
| doing a hack. the hackers target smaller defi protocols with
| flash loans for example
| JadeNB wrote:
| > 'decentralized finance' will reinvent everything it tried to
| get rid off
|
| Matt Levine wrote about exactly this in a recent Money Stuff
| column:
| https://www.bloomberg.com/news/newsletters/2021-05-11/money-...
| . First paragraph:
|
| > A model that I often use for cryptocurrency is that it is
| rediscovering traditional finance: In its early days, crypto
| was a brand-new financial system, unsullied by the old evils of
| central banking, leverage, regulation, etc.; eventually people
| realized that some of those things were good, and started
| reinventing them. One way to reinvent finance is for idealistic
| crypto technologists to invent banking, leverage, regulation,
| etc., from first principles, with cursory or no knowledge of
| how the traditional financial system addressed these issues or
| why it rejected other solutions. You would expect this to lead
| to flawed but interesting results, whole new ways of doing
| things that might blow up horribly but that might instead point
| the way to a better future.
| ZephyrBlu wrote:
| I find the fact that crypto is re-inventing finance from
| first principles to be really interesting.
|
| As he says, " _You would expect this to lead to flawed but
| interesting results, whole new ways of doing things that
| might blow up horribly but that might instead point the way
| to a better future_ ".
| shoto_io wrote:
| I think you have point. And, a key advantage I can imagine is
| that "checklists" could be implemented into code over time and
| that is potentially superior to natural language. I am not a
| crypto expert though.
| qeternity wrote:
| If it were this easy, software would not have bugs.
| terenia wrote:
| Stark reminder on the importance of quality control and
| checking the work twice. I think people sometimes become
| complacent with work completed in the virtual environment vs
| the physical world.
| shoto_io wrote:
| yes. Reminds me of something a friend said a while ago:
| "You know how I became a great coder after 3 years? By
| being a bad coder for 3 years."
| sva_ wrote:
| > because nobody likes to lose their live savings because they
| missed a semicolon.
|
| Yeah, but shouldn't it be possible that these things will be
| avoided by confirming the validity of the code with theorem
| provers such as Coq, Lean, or something similar, at some point
| in the not too distant future? That's what I've been wondering,
| without currently having any stakes in the game (and probably
| not until there's compelling mathematical proof of security)
| Daishiman wrote:
| Theorem provers require code for defining what you want to
| prove and the method through which you reach said proof.
|
| Proofs and theorems can have bugs.
| sva_ wrote:
| But aren't proofs exact in what they state? So it wouldn't
| be the proof that would be faulty. It'd be the
| interpretation of what somebody thinks the proof means to
| them, and that'd be something you could entirely
| objectively reason/work on.
| Daishiman wrote:
| But the human world is not exact and full of context.
| Even mathematical.proofs exist within a context of an
| axiomatic system, known proofs, and various domain
| assumptions.
|
| I remember that in my computability theory class,
| defining the right proof was by far the most difficult
| task. And this was in very small, closed systems.
| sva_ wrote:
| > But the human world is not exact and full of context.
|
| That is of course correct. However, it was my impression
| that the contract mentioned in the OP was completely on
| the blockchain, and therefore completely deterministic
| (no oracles or whatever.) Hence I figured it could've
| been proved with absolute rigor, in which case it
| should've been possible to formally prove the
| correctness. I'll be honest, I didn't look through the
| contract in detail now, so I might be wrong.
| janoc wrote:
| That would cost an arm-and-leg, it would need to be done by
| someone who actually understands both the theory of proving
| algorithm corectness and the algo in question and systems
| like CoQ are from being able to prove large, complex systems.
|
| All the while traditional "non-distributed" finance simply
| uses sound engineering practices, such as code reviews,
| audits and sign-offs at much smaller cost and without
| requiring specialized PhDs in multiple unrelated fields.
| sva_ wrote:
| >That would cost an arm-and-leg,
|
| Without being able to provide any evidence, I'm quite sure
| (that is, I hypothesize) that if a theorem is clearly
| stated, such as in the case of formal proof assistants,
| we'll soon reach a point where we'll have a distributed
| network in which people are able to 1) provide economic
| incentive for somebody to provide a given proof, 2)
| somebody else to potentially offer a better proof which
| will computationally be accepted (verified by some
| algorithm that prefers one proof over another by some sort
| of metric), and therefore 3) have a system in which the
| validity of a computer algorithm, which has been stated as
| a conjecture, can be mathematically created and verified in
| a decentralized fashion.
|
| >it would need to be done by someone who actually
| understands both the theory of proving algorithm corectness
| and the algo in question
|
| If the theorem is stated clearly, no further understanding
| is needed. But of course they'd need the understanding of
| providing the right axioms and definitions, which are as
| limited as possible, to state their conjecture. That, I
| think, will be the point at which the purpose of the
| mathematician will shift from providing proofs, towards
| discovering interesting and coherent conjectures, as the
| proving of those will turn into a kind of rat-race, and
| ultimately merely a computational challenge.
|
| Anyways, I'm just rambling about some things that have been
| on my mind recently. Don't take me too seriously.
| the_local_host wrote:
| > ...shouldn't it be possible that these things will be
| avoided by confirming the validity of the code...
|
| It would be better to build in a margin of tolerance for
| correcting mistakes, but that's contrary to the rigid
| determinism that smart contracts and cryptocurrencies, for
| some reason, strive for.
| redis_mlc wrote:
| It's an autistic thing, especially visible on HN.
|
| You get the same argument for eliminating airline pilots, yet
| when an engine explodes, I want pilots to deal with the
| emergency.
| Consultant32452 wrote:
| Companies have canned contracts, like when you buy a house your
| mortgage company just plugs in a few variables and voila,
| contact. Commonly used smart contracts will converge in a
| similar way before they make it into common usage.
| chriswait wrote:
| Does anyone else feel like replacing all the legacy finance
| infrastructure with decentralised code is going to produce a
| worrying number of stories like this? Most of the examples I've
| seen so far it's happening to someone who works in tech, has
| disposable income, and is generally a proponent of
| cryptocurrency.
|
| I haven't written a lot of decentralised code in production,
| but I get the impression there is generally more to consider,
| and a fun new class of failure modes to worry about.
| ryanmarsh wrote:
| Even as a crypto maximalist I believe code can create
| tyrannies of it's own kind. Take the example a story posted
| on HN some time ago of code Hertz wrote reporting cars not
| turned in as stolen and getting people (unfairly) arrested.
|
| If I call my bank, they can fix a mistake, no matter how bad,
| because they own "truth".
|
| I think what will end up happing is every contract will have
| the ability for some authorized key to make arbitrary
| movements of tokens amongst custodial accounts and nobody
| will build contracts where anything is moved out of custodial
| accounts until there's been multiple authorizations. Sort of
| how I transfer money into Gemini, I don't just trade from my
| personal checking account and they won't transfer to my
| checking without some authorizations. Look, I know I'm not
| being sophisticated here, I'm just saying, you need a way of
| un-fucking a fuckup and if someone can abscond with tokens
| easily because of a small logic flaw that doesn't work writ
| large.
| Daishiman wrote:
| So then why even bother with DeFi when what you're doing is
| just relaying trust back to a centralised human party?
|
| It's just regular finance with extra steps.
| dnautics wrote:
| How would exactly the same argument not be applicable to any
| sort of public code repo?
| [deleted]
| cfcosta wrote:
| I'd say this is a problem of a really new tech, with the
| advanced attack vectors and methodologies we have nowadays.
|
| Thankfully, other cryptos (such as Cardano) are building
| their smart contract platform with correctness/security in
| mind (compiler checks and so on), so we might see less
| problems like this.
| jollybean wrote:
| It's worse than that.
|
| Contracts are not code.
|
| It's a complete misunderstanding to posit them as such.
|
| Contracts depend first and foremost upon the legal regime in
| which they are valid. Every jurisdiction has rules,
| precedence, language means specific things.
|
| There is quite a bit of variability in this stuff, which is
| why we have lawyers. And Judges.
|
| Putting a contract into a crypto ... is basically pointless.
|
| There's possibly more transparency, akin to publishing
| contracts on the web or something like that.
|
| And of course, there is a 'narrow range of agreement
| possibilities' that could take place on crypto contracts, for
| example, things like stock options etc..
|
| But generally speaking, even the contract cryptos are
| 'technologies looking for application'.
|
| We don't want to 'nay say' new, dreamy ideas, but these new
| dreamy ideas, combined with a bit of hubris, arrogance,
| greed, lack of self awareness can create problems.
| coryrc wrote:
| No, because I expect it to implode well before "all" gets
| replaced!
| arp242 wrote:
| > Does anyone else feel like replacing all the legacy finance
| infrastructure with decentralised code is going to produce a
| worrying number of stories like this?
|
| And stuff like "I lost PS95,000 in a bank scam after my
| solicitor's email was hacked".[1] She managed to recover
| PS57k after , but still lost PS35k, not an insubstantial
| amount!
|
| If anything, we need _more_ protection against stuff like
| this. Sending money to the wrong account because your
| solicitor 's email account was compromised is something that
| can happen to anyone, especially if it's someone you've been
| in regular contact with.
|
| It seems the systems for dealing with fraud in the current
| banking system is already inadequate (although there is now a
| new "voluntary code" according to the article, no idea how
| well this works in practice), and for crypto it's woefully
| so.
|
| [1]: https://www.theguardian.com/money/2020/feb/29/bank-scam-
| soli...
| Dayshine wrote:
| This is before the recent change in bank transfers that
| requires account name to match account number right?
|
| My understanding was that change basically closes the
| majority of these scams (where the account details are
| substituted) as you would now need to create an account
| with a name you don't have ID for which is very very hard.
| jacoblambda wrote:
| I think the big issue is using tools without verification
| infrastructure. Of course there are specification level bugs
| to deal with but hacks seem to be oh so often the simple "I
| forgot to initialise a variable" kind of attacks.
|
| I think we really need to be splitting up code for smart
| contracts into 3 classes:
|
| - Low Complexity, Automated Assurance: Non-turing complete
| DSLs that allow you to fully reason about their behaviour and
| catch bugs in a near completely automated manner. The only
| one of these that I know of at the moment is Marlowe however
| I'd love to know if more existed. This class should be easily
| accessible by finance people and should be near impossible to
| get wrong.
|
| - Medium Complexity, Semi-automated Assurance: These are
| tools that are expressive and more code than contract however
| they may or may not be turing complete. These can catch a
| wide number of bug classes but may need manual intervention
| (annotations or proofs) to cover the last mile.
|
| - High Complexity, Manual Assurance: The are tools that give
| you the full power of a turing complete language and all the
| landmines that come with them. I personally believe any smart
| contract written with one of these tools should not be used
| in production unless it is accompanied with a formal
| specification and an end to end set of proofs verifying
| correctness.
|
| At least with this model you can judge the risk factor by how
| complex your application is. 90% of smart contracts probably
| fall into the first class and another 9% probably fall into
| the second. There really is no reason to be using a tool
| without any reasonable amount of assurances provided unless
| your project is extraordinarily complex (and even then it'd
| probably cost a fortune to run on a network) and even then
| there's no reason for these smart contracts to exist without
| any proofs backing them.
| tshaddox wrote:
| But also, surely the traditional legal system will still handle
| disputes over smart contracts just like it does with
| traditional contracts. I can't imagine that a missing line of
| code (intentional or not) would be treated any differently by
| the legal system than a vaguely-worded clause in a traditional
| contract. The legal system almost certainly will not say "your
| contract was just code and the code executed properly according
| to its technical specifications and therefore the outcome
| stands."
| lottin wrote:
| I'm pretty sure a "smart contract" isn't a legally-binding
| contract. A smart contract is a piece of software code, like
| a text editor or a web browser.
| tylersmith wrote:
| People get so hung up on the word contract. Might as well
| spend time arguing that rodents make for bad I/O
| peripherals.
| unyttigfjelltol wrote:
| Well ... first, what's described in the article isn't that
| smart. It's actually dumb.
|
| If we describe these code-as-law thingys as 'dumb
| contracts' it is crystal clear that 'YES' this is a _dumb_
| contract and any sane judge presented with one may well
| decide to give the participants exactly what they deserve,
| just like paper-based 'dumb contracts.'
|
| The key innovation here is that we've gone to the remedy
| residing in _programmer_ malpractice, rather than
| _attorney_ malpractice. Which in turn, when it becomes
| obvious to all involved, hopefully will have a chilling
| effect on any _smart_ programmer asked to write a 'dumb
| contract.'
| ZephyrBlu wrote:
| It's called a "smart contract" because it's programmable
| (Smart) and can be executed based on specific conditions
| (Contract).
|
| I've seen/read somewhere that Vitalik regrets naming them
| "smart contracts" though.
| varjag wrote:
| They are database triggers, but that's not enough
| grandeur for cryptoheads.
| lazide wrote:
| Looking at the various issues that have come up with
| these 'smart contracts' (aka the ethereum DAO issues up
| until now), I think anyone who wants to write one should
| be automatically excluded from being allowed to do so.
| tshaddox wrote:
| Yes, and if you use a smart contract to hire someone to
| build a deck on your house, I suspect any resulting legal
| disputes would be treated by the courts the same as if you
| had used a traditional contract.
| lottin wrote:
| A "smart contract" is a computer program that manipulates
| balances on a ledger. There is no way you can use that to
| hire someone to perform a job because this isn't
| something that can be expressed in terms of balances. You
| would need an actual contract to do that. Also the
| parties that interact with the so-called smart contract
| have no agreement between them. What could they possibly
| have a dispute over?
| tshaddox wrote:
| Yes, a smart contract is not a legally-binding agreement,
| although it could be a component of a legally-binding
| agreement. That's my point.
|
| The smart contract in my hypothetical scenario might be
| something like a transaction with 3 parties: you (the
| customer), the construction company, and a third-party
| verification service, that executes your payment to the
| construction company when any 2 of the parties agree to
| execute. This theoretically prevents the possibility of
| any 1 party defecting and running away with a monetary
| benefit (including the third party verification service,
| which couldn't run away with the cash like a traditional
| escrow service hypothetically could).
|
| But my point is that even in this case, if the
| construction company and third-party verification service
| colluded to run away with the money without completing
| the work, you would still sue one or both of them, and my
| prediction is that the courts would treat this
| essentially identically to a scenario using traditional
| contracts.
| lottin wrote:
| But for this arrangement to work the customer, the
| construction party and the third-party need to enter into
| an agreement, i.e. a traditional contract. A traditional
| contract is legally binding, so of course the courts
| would treat it as legally binding. The smart contract may
| be part of the agreement but a smart contract by itself
| is not an agreement and something cannot be a legally-
| binding agreement if it isn't an agreement to begin with.
| tshaddox wrote:
| I suspect a court would tend to take the existence of the
| smart contract as a pretty clear indication of the intent
| of the involved parties. But of course if you're entering
| a significant commercial agreement like this you had
| better make an explicit traditional contract as well.
| riffraff wrote:
| The problem is that smart contracts do not come with the
| same capability to take your counterpart to a tribunal:
| you might not even know who your counterpart is, im which
| country they live or if there are multiple ones. Who are
| you gonna sue?
| kevindong wrote:
| Then what's the point of smart contracts? If you always must
| have some form of repudiation/reversal mechanism, you might
| as well go with the traditional contracts.
|
| You could argue there will be lowered costs in the happy path
| where nothing goes wrong, but I'm not sure that's valid since
| the underlying software still needs to written/supported by
| someone.
| tshaddox wrote:
| One obvious point would be transactions for which the
| traditional legal system is not an option, like illegal
| transactions or highly secretive transactions. But yes, I
| think advocates would provide other examples of lowering
| costs.
| BoiledCabbage wrote:
| The thing is, that's what a lot of smart contract proponents
| are pushing for. That the legal system has no say over
| contracts, so the outcome would stand. Or effectively bake
| into operating these contracts that the legal system isn't a
| reprieve against anything.
| tshaddox wrote:
| They might be pushing for it, but I just don't think it's
| going to happen, at least for transactions where it's
| feasible to sue in court. The courts already deal with
| traditional contracts and, from what I can tell, they tend
| to look more at what a reasonable person would expect the
| outcome of a contract to be than the literal text of the
| contract.
| jollybean wrote:
| "That the legal system has no say over contracts, "
|
| An agreement is an agreement subject to laws and
| jurisdiction. There's no avoiding that.
|
| It will be interesting to see how this plays out in the
| courts.
| lazide wrote:
| If distributed and decentralized it also runs across a
| common issue with courts - the 'make me' problem.
|
| If someone buys product x from seller y, which is based
| on some decentralized 'contract' which is defacto
| enforced by every node of the network independently - and
| that product then produces a unjust outcome.
|
| You go to court, but what if Y is just a node on the
| network? And everyone involved is outside the courts
| jurisdiction? what can an adverse court judgement
| actually accomplish? It can't roll back the network
| activity to fix the smart contract without everyone's
| consent - and that seems unlikely. It can declare product
| X illegal or fine seller Y - but if they have no way to
| enforce it, what's the point?
| Pulcinella wrote:
| I doubt the judge is going to care that the "contract"
| passed through a bunch of different peoples hands (nodes
| in a network). They could still fine the seller or order
| them to return the funds to X.
|
| If Y can't be hauled into court because they are in
| another country or you just don't know their identity,
| well that isn't a problem specific to these "distributed
| smart contracts."
| lazide wrote:
| It is actually a problem specific to these types of
| contracts. It is very difficult to nearly impossible for
| me to get money to a company somewhere right now in a way
| that doesn't surface who they are and where they are at
| in some really obvious (and traceable) way - part of the
| US War on Terror is the anti money laundering, and know
| your customer rules and heavy handed enforcement of US
| financial control.
|
| In this case, you send some ether somewhere.
| PeterisP wrote:
| For meaningful amounts of money, if the seller Y is
| identifiable but simply abroad, then there are various
| cross-country agreements that would allow to use the
| legal process in their country to collect money from them
| in various ways, especially if there's a lot of money at
| stake.
|
| If the seller is unidentified, then it is possible to get
| a judgement and work on identifying them. If it's not
| just a civil dispute but felony fraud, then law
| enforcement might identify them some years later, it
| happens.
|
| Of course, if everyone involved is properly anonymous
| then it's very, very hard to enforce anything, and takes
| enough effort and money so that it's not worth the hassle
| for small amounts, so for that there's simply some
| 'caveat emptor' in dealing with foreign anonymnous
| sellers. But for large cases of fraud? Everyone makes
| mistakes now and them that may allow them to get
| identified, and such fraud can be prosecuted many years
| later.
| Daishiman wrote:
| If a US or EU court finds participants of said node
| criminally or financially liable and the political will
| exists (which will happen when someone important enough
| gets screwed over by a bad contract) they may be
| deported, face criminal prosecution, be banned from
| transacting with US financial entities, etc.
|
| Those things are not a small deal.
| arilotter wrote:
| It's not necessarily true that a smart contract is controlled
| or operated by an individual or corporation. Once deployed,
| many have no provisions for administration or ownership
| tools. If you're using one of these contracts and there's a
| bug, suing the creator would be like suing someone because
| they put a random legal contract template online & you didn't
| proofread it well enough.
| pm90 wrote:
| Code won't make the complexity go away but it can definitely
| inform humans of various little things that would be too
| tedious or expensive to do manually.
|
| There's a reason we don't have lawyers review every ecommerce
| or in-store purchase that's made: the process of shopping has
| been standardized to such an extent that most parties
| (merchants and buyers) don't need to sign a bespoke agreement
| for every transaction.
|
| If we can get more complex agreements automatically hammered
| out, it represents not just large cost savings, but potentially
| creating more business for smaller players easily.
| vladimirralev wrote:
| There is place for both systems. Most crypto people have made
| peace with the fact that they can lose it all. People
| overestimate conventional finance. Conventional finance is
| incredibly flimsy if you dig into it. Leveraged beyond repair,
| ductaping one unprecedented monetary experiment after another.
| No conventional currency has preserved substantial purchasing
| power over a span of say 100 years maximum. The mathematical
| proof of supply limits alone is an unbeatable feature. Myself,
| not a crypto fan at all, I am sure crypto will be banned at
| some point, but just on the merit it's as good as anything.
| lottin wrote:
| I think you're confusing "money" with "finance". Finance is
| about lending resources to carry out projects, whereas money
| is a means of exchanging things.
| paulpauper wrote:
| conventional finance has ways of insuring money and getting
| back stolen funds. it also is more idiot proof. nothing like
| that exists with cryto. crypto way less forgiving of errors..
| vladimirralev wrote:
| Not quite accurate. The insurance you are talking about is
| for the custodial services of financial institutions. You
| can get custodial service for crypto with insurance too
| (https://custody.coinbase.com/faq). Outside of your
| narrowly worded agreement you don't have anything except
| perhaps the justice system which rarely works out in these
| cases. $20B were stollen in phone scams alone in the US
| last year, not recovered or insured, outside the insurance
| terms.
| agumonkey wrote:
| > will reinvent everything it tried to get rid off
|
| I started to have this feel already. DeFi projects creates
| projects that create projects .. it's gonna be a potential
| spaghetti bowl of intermediate layers. Either the mass is gonna
| make it survive on the side or it's gonna fade off xml style.
| duxup wrote:
| First thing I do when changing or creating a thing.
|
| Try to figure out WHY things are the way they are and run
| through some scenarios. It's not a bullet proof system, I don't
| always do it well... but it can help having to re-invent some
| of the more obvious aspects of the wheel.
|
| The whole blockchain ecosystem seems like a long drawn out
| lesson as to why at least some systems we have are kinda big,
| bulky, involve a lot of checking / overhead ... and why some
| rules and regulations exist.
|
| Every new blockchain company that posts a blog and complains
| about "Why can't we just..." often has me thinking "Well yeah
| you shouldn't... wtf"
| ZephyrBlu wrote:
| This reminds me of Chesterton's Fence:
| https://fs.blog/2020/03/chestertons-fence/.
| duxup wrote:
| TY
|
| I hadn't read this before, but it is worded way better than
| I did.
| latchkey wrote:
| Another one _just_ happened... $10m. This time using the wrong
| variable.
|
| https://bearn-defi.medium.com/bvaults-busd-alpaca-strategy-e...
| geonic wrote:
| For the crypto currency layman this reads like an article from
| some other weird parallel universe.
|
| You get the idea that the article is talking about money but
| the details seem crazy like a dream.
| yaitsyaboi wrote:
| What is the purpose of Solidity? Why did there need to be a new
| language for interacting with the Ethereum Virtual Machine?
| This really couldn't be accomplished by a python SDK?
| kamyarg wrote:
| Not an expert in solidity but from my limited experience EVM
| and smart contracts have really different approach when it
| comes to computation.
|
| two things that come to my mind:
|
| - There is really no random() function due to need for
| determinism
|
| - Space vs. Time complexity is distorted, the gas you pay for
| instruction vs. byte is really different economics compared
| to AWS EC2 instance/hour etc.
| splintercell wrote:
| Solidity is a DSL. DSLs have their purposes and this happened
| to be a correct purpose. It just also happens to be that
| Solidity is a terribly designed language.
| ZephyrBlu wrote:
| In what way is Solidity terribly designed?
| f00zz wrote:
| Not an expert, but integer overflows getting silently
| truncated sounds pretty terrible. I understand there are
| safe arithmetic libraries, but this should have been
| built right into the VM
| gokhan wrote:
| What's the benefit? These are all human errors, easily
| reproducible in any language.
| secondcoming wrote:
| > Contacted Binance Authorities immediately to block the
| hacker(s) fund transfers
|
| I don't understand this part. I thought crypto was
| decentralised and so nobody controls anything. Yet, this
| suggests the opposite... some entitiy somewhere can shut you
| out on a whim.
| tylersmith wrote:
| Nobody can force you to do business with them. Binance can't
| stop the transaction they can just not do business with that
| person.
| geocrasher wrote:
| Can somebody explain to a non-coder who doesn't have anything to
| do with cryptocurrency what happened here? I find the article
| itself to be unreadable.
| latchkey wrote:
| The bank got robbed.
| yojo wrote:
| As I understand it: Value DeFi is a company that provides
| infrastructure for some kind of lending. Money (in this case
| cryptocurrency) is locked up in a "smart contract" that acts as
| a sort of bank account. If all is working correctly, the owner
| of that money can dispense it to borrowers by sending specially
| crafted and authenticated messages.
|
| In this case it looks like the way it was supposed to work is:
| create the contract, send an "initialize" message to declare
| yourself the owner, then fund it and otherwise control the
| money. The intent was that "initialize" could only ever happen
| once, so the owner could not change.
|
| In practice, there was a bug where someone could initialize
| again, thereby declaring themself the owner of the contract and
| funds. Someone did this to a contract funded got with $10M,
| then promptly sent it all to their own account.
| geocrasher wrote:
| Thank you. After some coffee and a re-read, this is the
| conclusion I came to also.
___________________________________________________________________
(page generated 2021-05-16 23:00 UTC)