[HN Gopher] SafeDollar 'stablecoin' drops to $0 following DeFi e...
___________________________________________________________________
SafeDollar 'stablecoin' drops to $0 following DeFi exploit on
Polygon
Author : awb
Score : 435 points
Date : 2021-06-28 17:41 UTC (5 hours ago)
(HTM) web link (cryptoslate.com)
(TXT) w3m dump (cryptoslate.com)
| rsync wrote:
| Is there speculation, to match my own, that a fatal flaw in a
| stablecoin such as this was placed there on purpose ?
|
| Probably not in this case as one wouldn't "liquidate" the
| stablecoin at merely $250k of assets ... but wouldn't this be a
| viable (albeit, nefarious) mechanism to defraud crypto investors
| ?
| abzfd wrote:
| tezos has formally verifiable smart contracts for exactly this
| reason
| tfang17 wrote:
| Any coin with the word "Safe" in it, probably isn't safe.
| Applejinx wrote:
| Zero counts as stable. Nothing further is ever going to happen to
| that price, I'll bet :)
| jandrese wrote:
| [Mr. Burns looks through a portfolio of his old stocks]
| Mr. Burns: Hmm, let's see..."Confederated Slave
| holdings." How's that one holding up? Blue Haired
| Lawyer: It's, uh, steady.
| yetihehe wrote:
| This situation resembles more that one episode of Rick and
| Morty where Rick changed value of blemflarck[0] from 1 to 0.
|
| [0]https://rickandmorty.fandom.com/wiki/Blemflarck
| sethammons wrote:
| Reminds me of a quote from someone at work in regards to a big
| bug: it is a self correcting problem - people will stop using
| and paying for it and it will no longer be a problem!
| tumblewit wrote:
| Not really. If owning a coin becomes illegal it can fall below
| zero where you are paying someone to take your coins. Something
| similar to oil happened a while ago when storage had become an
| issue so prices fell below 0$
| derefr wrote:
| Oil is physical; it takes up space, and needs special
| protections to not pollute the container it's stored in.
|
| Digital goods, meanwhile, can just be transferred permanently
| "into the void" (i.e. to an account without an associated
| key.)
| harikb wrote:
| This implies there isn't any contract obligations/fine
| print at the point of link to real world / real identity
| (exchange).
|
| In a hypothetical world, if coinbase made you sign things
| at signup and later demanded money for the upkeep of the
| network caused by your own transactions, I don't think you
| can say no to that easily.
|
| Compare this to an HOA demanding a $100k payment from each
| condo owner in the Miami condo repair / collapse story. Now
| let us assume that condo is worth less than $100k. I don't
| think you can just walk away and abandon your condo.
|
| It is not about storage cost and transportation - it is
| whatever contract you agreed to when taking the investment
| or liability.
| analognoise wrote:
| You can absolutely walk away and abandon your condo in
| that case.
| CydeWeys wrote:
| > Now let us assume that condo is worth less than $100k.
| I don't think you can just walk away and abandon your
| condo.
|
| You can if you go bankrupt. It's not like condo ownership
| is non-dischargeable in the same sense that, say,
| Superfund site ownership is.
| derefr wrote:
| To be clear, we're talking about doing this _in advance_
| of something bad like that happening. Legal damages like
| that mostly attach to a sort of "snapshot state" --
| whoever held each thing at the time that the damages
| happened. So you can't get away from the debt by throwing
| away the condo. But if you already _had_ thrown away the
| condo _before_ the building collapsed, I don 't think
| it'd be your responsibility.
|
| (Compare/contrast: what if, instead of _burning_ the deed
| before the collapse, you instead _transferred_ the deed
| to another condo owner? Or, say, to the HOA itself? Both
| of those are just as simple in the crypto case as
| "throwing away" the token is. In the real world,
| transfers like that need to be witnessed under contract
| law. But in the crypto world, most tokens don't have
| sophisticated logic for recipient-agreement-gating
| transfers like that. You can send most kinds of tokens to
| people whether they want them or not.)
| tumblewit wrote:
| Interesting didn't know this. I always assumed it had to go
| to someone else. So digital currency can't go below zero
| (or where you are paying someone to take it off you).
| wizzwizz4 wrote:
| If you delete your wallet, nobody has the money any more.
| "Sending it into the void" only helps with proving that
| fact to someone else.
| roywiggins wrote:
| You can just send to an arbitrary public key whose
| private key is unknown and unknowable. Eg nobody knows
| the private key corresponding to
| "00000000000000000000000" or whatever. The chances of
| someone stumbling across the correct private key is
| ~zero, even if that address is otherwise valid.
|
| https://www.reddit.com/r/Bitcoin/comments/3k8dnq/someone_
| has...
| tromp wrote:
| In Mimblewimble blockchains you cannot "burn" coins, as the
| receiver output must come with a rangeproof that also
| proves the ability to spend it.
|
| Of course, you can still throw away the recipient keys
| after use; you just cannot prove that you did.
| croes wrote:
| There is no void for digital data, it's always some kind of
| data storage. RAM, HDD, SSD etc.
|
| If the data is send to void it's gone.
| SheinhardtWigCo wrote:
| That is exactly the point of the comment you're replying
| to.
| IncRnd wrote:
| Would you pay someone to take your $0 crypto coins away from
| you? That doesn't seem sustainable.
| yawaworht1978 wrote:
| Buy the dip
|
| /S
| ipaddr wrote:
| "Notably, this is not even the first time SDO was exploited. "
|
| A week ago they had another issue.
| joelbondurant wrote:
| Should have used MongoDB.
| jt2190 wrote:
| They've posted a post-mortem
| https://safedollar.medium.com/safedollar-post-mortem-analysi...
| paulpauper wrote:
| I thought it was $248 million. 248k is tiny for a stablecoin.
| grape-eater wrote:
| God I wish that was me
| cs702 wrote:
| "SafeDollar" -- what an an unintentionally but perfectly
| Orwellian name!
|
| Nonetheless, I feel bad both for the people who worked hard to
| create this failed cryptocurrency and for the victims who
| suffered these sudden losses.
|
| It's hard to write bug-free code. One way to help prevent bugs is
| to make languages less powerful. In hindsight, it seems that
| Satoshi Nakamoto's decision _not_ to make Bitcoin 's scripting
| language Turing complete, making all sorts of bugs impossible,
| will prove to be a smart choice over time. It forces applications
| of Bitcoin that require control flow to be executed off the main
| chain.
| encryptluks2 wrote:
| I only feel bad for them to an extent. Many people are entering
| the crypto-space solely on hype hoping to get rich quick but
| honestly have no clue what they are doing and have way too much
| cash to burn.
| aerovistae wrote:
| There is no such thing as a stablecoin, it's a made up term to
| try to lend legitimacy to new crypto scams. And I say this as
| someone who just bought some Ethereum in the hopes of making a
| profit :)
| everfree wrote:
| This is uninformed. What do you call USDC, which is directly
| redeemable for US Dollars by anyone with a Coinbase account?
| Every USDC is backed by one USD of deposits in a US-based bank.
|
| USDC is a stablecoin, and there are plenty of others out there.
| beervirus wrote:
| A stablecoin that hasn't lost its peg _yet_.
| keymone wrote:
| redeemable until it's not.
| TameAntelope wrote:
| But given the monthly audits conducted, "it's not" is not
| very likely to happen at all. The auditor would have to be
| actively lying or misrepresenting for USDC and Gemini both
| for something like _that_ to happen.
|
| Much more likely a smart contract somewhere fails than
| USDC/Gemini (the only two I know that do full audits to
| ensure 1:1 dollar backing, ignoring USDT). There just isn't
| much risk there, hence there not being much (any) profit
| trading stablecoin.
| keymone wrote:
| what happens if gemini goes belly up like mtgox? are the
| assets backing the peg isolated from bankruptcy event?
| spiralx wrote:
| There are no monthly audits. They have "attestations"
| which are not the same thing.
| loeg wrote:
| > But given the monthly audits conducted, "it's not" is
| not very likely to happen at all. The auditor would have
| to be actively lying or misrepresenting for USDC and
| Gemini both for something like that to happen.
|
| USDC has regular _attestations_ , not _audits_. It 's an
| important distinction.
| Marazan wrote:
| You can get Circle to give you USD for USDC? How?
|
| Are you talking about selling USDC to another baghholder?
| Thats not 'redeeming' that's trading.
| stepanhruda wrote:
| Yes, Circle or Coinbase will redeem them for you. Similarly
| you can close a position on DAI and burn the tokens.
| rank0 wrote:
| *redeemable with permission from Coinbase and provided they
| follow through on their promises of 1-1 backing
| twox2 wrote:
| All terms are made up by your definition.
| aerovistae wrote:
| Sure, that's true although it's just semantics. I'll be
| unreasonably specific then: the term stablecoin was made up
| with harmful intentions to deceive and mislead in order to
| make a profit off others' losses.
| twox2 wrote:
| I'm not sure I agree, but it will be hard to convince you
| if you're coming from a place where you think crypto is
| scammy/deceptive to begin with. Let me assume you're
| willing to suspend your disbelief:
|
| I do agree that some stablecoins are scammy in nature, but
| others serve an important purpose and that purpose is to
| allow individuals and enterprises to navigate doing
| business in crypto despite crypto's high volatility. Where
| is the deception in that?
| NationalPark wrote:
| Isn't the whole value of your ethereum based on people using it
| for these kinds of scam projects?
| aerovistae wrote:
| Absolutely.
| cutler wrote:
| Maybe the world just needs less people trying to get something
| for nothing. If the scammers operating these currencies teach
| the greedy traders a lesson we'll all be better off.
| brettermeier wrote:
| WORD!
| president wrote:
| I think that's just human nature.
| __MatrixMan__ wrote:
| Agreed.
|
| I'd like to figure out how to build a cryptocurrency that is
| useful for conducting actual business but toxic to investors.
|
| An economy that lacked parasitic middle men would be a good
| thing for the status quo to have to compete with.
| georgeecollins wrote:
| >> I'd like to figure out how to build a cryptocurrency
| that is useful for conducting actual business but toxic to
| investors.
|
| Yes, perhaps a currency that you could trade quickly and
| cheaply all over the world, with 2-3% reduction in its
| purchasing power each year so that no one has a reason to
| hoard it or speculate. I wish we had the technology to
| create such a currency./s
| __MatrixMan__ wrote:
| We lose a lot more than 2% each year to wasteful policies
| designed to ensure that investors get their returns.
|
| Downtown there are hungry people, downstream there are
| thirsty people, and yet my HOA won't let me stop watering
| my lawn, nor will they let me replace the grass with
| something edible.
| saalweachter wrote:
| Every day the largest wallet is confiscated, divided into
| ten equal portions, and each piece is randomly awarded,
| lottery-style, with every transaction from the previous day
| serving as a lottery ticket.
| bombcar wrote:
| Ironically that's not far from what SafeMoon purported to
| be. But people would "invest" in it as a form of a
| lottery.
| __MatrixMan__ wrote:
| I dunno, it's not about wealth concentration, be rich,
| that's fine. It's about whether your wealth was gathered
| by contributing useful work, or by parasitizing it.
|
| I imagine a proof of work system where there's a
| community work queue, and "mining" is completing tasks in
| the queue, borderlands-style (though hopefully without
| the violence). The mined tokens can be resolved to nft's
| which stay attached to the wallet of the user who
| requested that the work be done.
|
| There's also a web of trust and a UBI component (Circles-
| UBI style) to disinventivise sybil accounts.
|
| If the work-originator deems the work unsatisfactory,
| they can invalidate the tokens that were mined from its
| "completion" and recoup a fraction of what they paid to
| have it done.
|
| So doing business with somebody who has a reputation of
| doing shoddy work, or of failing to respect good work, is
| risky because your tokens might evaporate.
|
| An would-be investor in this token would have to decide
| whose tokens to buy, which requires much more research.
|
| You could also have some system to disinventivise
| hoarding, like a token half-life.
|
| Or you know, something like that.
| saalweachter wrote:
| The difficulty is that once you move from things like my
| joke solution to earnest attempts like yours you start
| involving the real world in your model, and you end up
| with something that is more like a social solution than a
| technological one.
|
| Once you start talking social solutions you start looking
| more like a business or a commune or a community and less
| like a technology. You don't just have algorithms and
| widgets and cryptographic hashes, you have people who are
| supposed to execute fuzzy decision making processes like
| authenticating that someone "did good work", and then you
| need validation protocols to check whether people are
| executing their human-algorithms correctly, and identity
| and spam systems to ensure that someone isn't running a
| bot-net that simulates a town of people pretending to do
| useful work...
|
| Which in addition to making everything way more
| complicated, makes you step back and say, "Wait, what am
| I trying to accomplish here by creating a cryptocurrency
| which is a currency and not a speculation-vehicle again?
| And why am I trying to do it by creating a cryptocurrency
| again?"
| __MatrixMan__ wrote:
| Oh yeah, it gets messier for sure, and I think that
| providing the protocols is probably the smaller part of
| it. Teaching people to use them is probably harder. But
| the benefits of taking on those challenges strike me as
| too big to ignore.
|
| As for the botnet thing, I really like how CirclesUBI
| handles it. "Trust" is a pact to treat tokens minted for
| the other party as indistinguishable from tokens minted
| for yourself. So by all means, go simulate a small town
| doing "useful" work. Nobody is going to value the fruits
| of that labor unless they've seen them, and so your
| tokens will be worthless.
|
| Once you have the base web of trust set up, you can layer
| other types of trust on top of it, like returns-borrowed-
| tools-undamaged trust and other things that lower the
| cost of doing business.
|
| It's about using technology to take things that already
| work (cooperation) and make them work at scale (1000
| people instead of 10). No need for global consistency,
| the resources are all local anyway.
|
| As for being called a commune, that's fine. Communism
| allegedly doesn't work, so the idea that people might be
| doing this in tandem with traditional economics ought to
| be considered "not-a-threat" except in cases where
| traditional economics produces exceptionally troublesome
| outcomes.
| imtringued wrote:
| To be fair there is some residual demand for a sort of
| "law of physics" namely a basic mechanism that forcibly
| applies to everyone. We use paper notes to signify that
| we owe the holder of the paper note work. The paper note
| follows the law of physics in the sense that it is a
| physical object that can be transferred from person to
| person.
|
| The issuance of paper notes is still a social problem but
| the act of exchanging them at a shop is not.
| [deleted]
| fleddr wrote:
| It won't work, the lessons won't be learned.
|
| Within the larger space of crypto are the "degenerates" and
| "ape investors". That's what they call themselves. They're
| fully self-aware of their unhinged choices and behavior. They
| embrace it and laugh at it.
|
| This is important to understand. They aren't uninformed or
| gullible. They know they're crossing a field of land mines
| and decide to go for it anyway.
| thebean11 wrote:
| MakerDAO is not a scam, and the dollar peg survived the last
| crypto crash so it's pretty "stable".
| neals wrote:
| They had to create USDC to keep it pegged during the crash
| before that, though. So actually it's USDC that's stable,
| that makes Maker stable.
| thebean11 wrote:
| Who is "they"? Maker has nothing to do with USDC. USDC is a
| Coinbase product.
| sonicggg wrote:
| Your seem uninformed. Dai is backed by USDC.
| thebean11 wrote:
| The comment I replied to implied that Maker and USDC are
| connected beyond USDC being one of many collateral
| currencies for DAO, which I don't believe is the case,
| but feel free to correct me if I'm indeed uninformed.
|
| edit: From someone above https://share.streamlit.io/tadzz
| /maker_dai_collateralization...
|
| Each DAI is over collateralized, and backed by more ETH
| than USDC.
| flixic wrote:
| Last I heard, Dai was backed over-collateralized crypto,
| like ETH. Even Coinbase says so:
|
| > Unlike centralized stablecoins, DAI isn't backed by US
| dollars in a bank account. Instead, it's backed by
| collateral on the Maker platform.
|
| https://help.coinbase.com/en/coinbase/trading-and-
| funding/cr...
| rodiger wrote:
| You should take a look at the breakdown... USDC is such a
| large portion of Dai backing (62%) that it's deemed an
| existential risk. They're working on reducing the
| reliance though with more stablecoins and more collateral
| classes.
|
| https://share.streamlit.io/tadzz/maker_dai_collateralizat
| ion...
| __MatrixMan__ wrote:
| Currency pegging isn't a new thing. For instance, the ratio of
| Belizian dollars to US dollars is defined as 2:1.
|
| That peg could certainly fail, and you could certainly argue
| that there's something not quite right about the practice, but
| it was made up to legitimize tokens long before crypto.
| exdsq wrote:
| If I create a USD-stablecoin with a supply of $1 backed by my
| $1 in US bonds, is that legit?
| Scoundreller wrote:
| But nobody in crypto would willingly trade their crypto for
| something backed by fiat and therefore inflating. Right?
| incrudible wrote:
| Wrong. Unlike bank deposits or treasury notes, stable coins
| have interest yields to outweigh inflation.
| Scoundreller wrote:
| I guess as far as counterparties go, people trust a bank
| or the fed more.
| incrudible wrote:
| There is no counterparty risk in a smart contract
| involving only digital assets. There is systemic risk,
| however.
| Joeri wrote:
| Maybe stablecoins are just digital currencies with binary
| exchange rates. It seems to me that when you declare a digital
| coin exactly tracks the value of the dollar, you basically are
| not allowing its dollar exchange rate to have any values except
| 1 and 0. It makes sense that when the value of this coin
| couldn't possibly remain at 1 it by necessity had to toggle
| over to 0.
| Tade0 wrote:
| Pardon the pop culture reference, but did the attack happen to
| change its value from one of itself to zero of itself and was
| performed by a bitter, but highly intelligent man in his 70s?
| lgats wrote:
| https://www.youtube.com/watch?v=noQsHiTJAXo
| lalaland1125 wrote:
| These incidents really illustrate the main flaw of smart
| contracts: a single bug in your code can lead to incredible
| losses.
|
| I simply don't think it's possible for human beings to write good
| enough software for smart contracts.
| [deleted]
| mattwilsonn888 wrote:
| This is one of the biggest reasons I like Cardano. It's written
| in Haskell and its contract language is functional and heavily
| inspired - meaning that code gets many of the functional
| benefits: it is more concise, more readable, less prone to side
| effects, and more often than non-functional code won't run at
| all if mistakes are made.
|
| The trade offs in functional languages seem to well suited for
| the world of smart contracts, that I almost think of smart
| contracts as the retro-active problem that functional
| programming solves. Granted, I appreciate functional
| programming and good code enough where I wish all code met the
| standards required for FP, but the real world is much messier;
| when large amounts of money are so directly on the line though
| I think its obvious the compromise is worth it.
|
| Smart contracts are like launching a rocket - you don't
| optimize for development time. FP forces a bit more safety.
| breck wrote:
| > I simply don't think it's possible for human beings to write
| good enough software for smart contracts.
|
| I agree, but think it's fixable. I believe we have missed a
| natural platform in between binary notation and computer
| languages.
|
| I believe there is a 2-D dimensional binary. Simply using a
| grid (with an array of cells forming a line, and lines stacked
| on top of each other--a spreadsheet basically), we can drop
| *all* syntax characters. The only thing you have is your cells
| and your semantic words.
|
| Not only does this make tooling and languages much simpler
| (which will have big network effects), but you gain new
| fundamental complexity metrics which may turn out to be
| incredibly important in designing simple, bug free systems.
|
| I personally really like crypto but it's not one of my main
| interests. I have been working with some folks in the space on
| using these ideas to build a new type of blockchain from the
| ground up. I bet that the biggest blockchain in the future will
| be a higher dimensional one, based on Tree Notation or
| derivatives of the core ideas.
| jcranmer wrote:
| > I believe there is a 2-D dimensional binary. Simply using a
| grid (with an array of cells forming a line, and lines
| stacked on top of each other--a spreadsheet basically), we
| can drop _all_ syntax characters. The only thing you have is
| your cells and your semantic words.
|
| I fail to see how this helps.
|
| The reason why bugs crop up all the time in software isn't
| because syntax is confusing. It's also not because semantics
| is confusing--plenty of bugs have perfectly clear, well-
| understood bugs. The problem is that we as programmers _don
| 't think about how our software could fail_. We don't ask
| ourselves "could this multiplication overflow?" frequently
| enough. We don't look at code and ask "who made sure this
| pointer points to valid data?" We believe that there's no way
| the price of an affiliated token could ever reach exactly $0,
| so we _assert_ that it can 't happen.
|
| The way you avoid these bugs is to just simply make it
| impossible for the system to get into certain states. It's
| already the case with statically-typed languages that it's
| impossible to pass a string to a function that expected an
| int. If you design your API right, you can make it impossible
| to get an index into an array that is out-of-range (although
| this is way too rarely done). But, even then, you will still
| find people who will confidently use the escape hatch to say
| "this string is clearly UTF-8, I know it is from outside
| experience, so don't bother checking."
| breck wrote:
| All parts in a system have a probability of failure. A bug
| in a well-engineered system is only a problem when a long
| series of things simultaneously go wrong. Tree Notation (2D
| languages), can be used at all layers, from microcode to
| assembly to system langs to interpreted langs to user
| facing high level langs. It's simplicity will decrease the
| probability of failure at each layer of the stack, causing
| a huge improvement in total reliability of systems. It even
| works great with paper! Easy to make fallbacks for when the
| network goes down.
| oivey wrote:
| Just to add, things like type checking are the
| comparatively easy part. The world itself and many of our
| constructs for thinking about it are not well defined. The
| trouble in reconciling these things are why things like
| appeals courts exist. Smart contracts built on this ill
| defined world will always have bugs. The world isn't going
| to become significantly more well defined for smart
| contracts, either. If that were possible, we wouldn't have
| those aforementioned higher courts.
| rakhodorkovsky wrote:
| Can you elaborate on your last paragraph or point me
| somewhere?
| breck wrote:
| I can't yet, sorry! My general research on Tree Languages,
| as well as a number of products I make, is all open source
| and public domain, but (sadly since research funding is not
| so advanced) I do have to be a bit pragmatic and make some
| money here and there. There might be some bits and pieces
| out there.
| Jasper_ wrote:
| did you just reinvent Befunge, but unironically?
| breck wrote:
| > v v ,,,,,"OH NO! "@
| HugoDaniel wrote:
| Would an "upgradeable" crypto-coin solve that flaw?
| imtringued wrote:
| Complete with a crypto court...
| analognoise wrote:
| Upgrade to fiat currency that the rest of the world runs on
| and doesn't have these problems?
| WalterSear wrote:
| Immutability is at the heart of blockchain functionality.
| Everything involved requires it. So, you'ld have to throw it
| all out and try to invent something entirely different.
| w4llstr33t wrote:
| Have you heard of Tezos?
|
| _Tezos is often referred to as the first "self-amending"
| blockchain, which routinely adapts and adopts new features
| natively and automatically via its unique on-chain
| governance mechanism. This protocol functionality allows
| the system to coordinate the selection of new updates
| though popular voting, integrate the new updates that are
| selected, and compensate the developers who proposed them._
| [1]
|
| [1] https://www.gemini.com/cryptopedia/what-is-tezos-xtz-
| governa...
| drdrey wrote:
| That's not true, upgradable contracts using proxies is a
| common pattern.
| hindsightbias wrote:
| Until lawyers become coders or coders become lawyers I don't
| even see who could review them.
| bena wrote:
| I actually know a guy who does both. Nothing further to add,
| just thought it was funny that I actually know a lawyer who
| does some programming.
|
| I think he was going to college for computer science and then
| switched to law. Last I heard from him, he was running for a
| judgeship.
| wyager wrote:
| It's possible, but approximately no one in the shitcoin
| industry knows or cares enough to write fully formally verified
| programs.
| solomonb wrote:
| Are there even any dependently typed smart contract languages
| that would allow you to encode and carry proofs in your
| contracts?
|
| Without that I think the best you could do is model your
| program in some other formal verification system and then
| convince yourself that your model matches the actual
| contract.
| wyager wrote:
| The Simplicity language is good. I'm sure there are other
| designs.
| vjhdfhjjh wrote:
| https://blockstream.com/2018/11/28/en-simplicity-github/
| miguelrochefort wrote:
| Ever heard of Cardano?
| progbits wrote:
| Time for LawyerCoin (TM). The smart-contract is written in
| English (or other human language) and the oracles are powered
| by a bunch of lawyers who pinky swear to enforce them.
|
| I'm doing ICO next week, if anyone wants in.
| notJim wrote:
| This, but unironically.
| whatshisface wrote:
| We can do better than pinky swearing. Each lawyer gets mining
| fees when they enforce a contract fairly. "Fairly" is defined
| by consensus, where each lawyer is forced to predict the
| consensus before voting in a private ballot that is only
| revealed when the rewards are issued. Lawyers who predict the
| consensus get rewarded. If you start it off with people who
| are trying to be fair then predicting fairness will lead to
| the most reward, and it will keep going until the majority
| defects.
|
| The collective is incentivized to continue being fair because
| if they weren't, nobody would use their coin, and the rewards
| issued to fair lawyers would be worthless.
| lisper wrote:
| That's actually a pretty good idea. I had a similar idea to
| discourage the gaming of upvotes on sites like HN and
| Reddit: make each upvote cost a point, but then you get a
| point for everyone who upvotes after you, divided by the
| number of votes the item had at the time you upvoted (or
| something like that). So people who upvote popular stories
| early, i.e. people who successfully predict what people
| will like, get rewarded.
| whatshisface wrote:
| Don't give me too much credit, I stole it straight from
| https://augur.net/ by swapping "truth" with "justice." ;)
| Fortunately for me the idea blockchain is irrevocable and
| my theft cannot be reversed.
| falcor84 wrote:
| But why would we want to encourage such groupthink and
| discourage dissent?
| whatshisface wrote:
| Taking up the OP's side because it's interesting...
|
| Some kinds of groupthink are bad (like making an anti-
| vaccine subreddit that only ever shows articles about
| vaccine-related industrial accidents, instead of a
| vaccine subreddit that shows people a truly
| representative sampling of vaccine knowledge), but other
| kinds are arguably good (not seeing 4chan nasty stuff on
| /r/reallycutekittensandpuppies.) Only _some_ group
| content coordination is filter bubbling, while other
| times it 's filtering.
| lisper wrote:
| Yeah, this. A lot of good stuff submitted to HN never
| gets noticed because there's not much incentive to go
| through new submissions. It's basically volunteer work,
| so you get volunteer-quality results. The caliber of
| volunteer in HN is higher than most sites, but a lot of
| good stuff still falls through the cracks (like most of
| the stuff I submit ;-)
| gilgad13 wrote:
| This is good, but distributing the mining fees evenly
| across all lawyers will result in too low a fee for the
| work involved. What if, instead, the parties of the
| contract would each pick a small set of lawyers
| ("representing" lawyers) to receive their fees for
| enforcing the contract. Rather than relying solely on the
| mining lawyers for _this_ contract to participate in
| consensus (as that number is now small and adversarially
| motivated), we would expand the consensus pool to all
| lawyers who participated in sufficiently similar contract
| enforcement in the past, using their votes on previous
| enforcements as an immutable record.
|
| In this design, determining the threshold for similarity
| may require the participation of a third-party "oracle" or
| "judge" component.
| shadowgovt wrote:
| Did you just re-invent law from first principles? ;)
| spicybright wrote:
| As long as you can pitch it as a new idea to SV, you'll be
| rolling in it!
| scottpf wrote:
| The plus side is that smart contracts provide their own "bug
| bounty" programme. If a smart contract that handles a coin with
| a market cap of +50M USD has not been breached, I absolutely
| trust that contract to be safe.
| dasudasu wrote:
| Then it becomes a matter of game theory as to whether you
| cash in the bug immediately to empty the pot, or wait for it
| to grow even more from the positive feedback loop of it being
| "obviously bug free if it grew this large". For state-
| sponsored actors, 50M would only be a modest sum.
| throwaway4good wrote:
| The problem here is really Ethereum and the language Solidity.
| Chuck full of gotchas and completely horrible to work with.
|
| The mechanics of stable coins is really trivial and thusly
| should be trivial to implement and validate. Unfortunately it
| is not, and it is sad that the hype and investment rush inside
| the broader crypto field does not foster languages and
| platforms that actually are suitable for the few realworld use
| cases that exists inside crypto.
| delusional wrote:
| How are they trivial? From my limited knowledge they are
| basically trying to stabilize a speculative asset using
| another speculative asset. To me it seems like an essentially
| impossible task.
| throwaway4good wrote:
| Yeah. In theory they are broken.
|
| But in practice they can work for a while.
|
| They work by taking a collateral and splitting in two. The
| first part has some fixed value in an external currency.
| The other part is the rest. And that works as long as the
| rest has some value.
|
| However here we are talking about programming errors in the
| implementation. And Solidity/Ethereum is really at fault.
|
| How do you implement a contract in Ethereum where a certain
| thing happens the price of Ethereum drops below XXXX
| dollars? You can (as this is what MakerDAO and others are
| doing) only it is silly complex to do.
|
| It really should not be.
| mattbeckman wrote:
| EOS tried to use on-chain Ricardian Contracts and pair that
| with upgradeable smart contracts in C++ with DPoS consensus
| so that intent-of-code could be enforced. That's pretty "real
| world" but most people feel it's not unstoppable enough.
|
| Ethereum is pretty unstoppable, but unless you use a contract
| proxy, your contracts are immutable and bugs that can be
| exploited will be exploited.
| throwaway4good wrote:
| Contracts need to be written in a specialized language not
| a general purpose language like c++.
| fasteddie31003 wrote:
| How is that different from a traditional contract written by a
| lawyer? A single word could leave a huge unexpected hole in a
| traditional contract.
| ullevaal wrote:
| The parties in a dispute like that are likely to settle out
| of court, in a somewhat reasonable manner, instead of blindly
| applying the law until a judge automaton reaches a decision
| following the letter of the law.
|
| With a smart contract, there can be no negotiation and
| attempt at reconciliation. The price here will never recover
| from $0, so at a single point in time $248,000 was
| transferred from bag holders to beneficiaries.
| duxup wrote:
| There's actually some chance that a poorly written contract,
| can be fixed / worked out between the parties involved.
| [deleted]
| sneak wrote:
| See also:
| https://www.bbc.com/worklife/article/20180723-the-commas-
| tha...
| duxup wrote:
| I'll take some chance over no chance.
| kortilla wrote:
| The difference is that disputes are resolved by humans who
| attempt to determine intent.
| tyre wrote:
| Because traditional contracts can be interpreted by a court
| of law and adjudicated with context. There's an entire field
| of contract law, with hundreds of years of precedent to fix
| very obvious human errors, like a typo where neither party
| could have possibly meant what is "technically" in the
| contract.
| tablespoon wrote:
| > Because traditional contracts can be interpreted by a
| court of law and adjudicated with context.
|
| And all of that is a kind of technology that many
| "technology" people are _far_ too eager to throw away for
| spurious reasons (often because they just plain don 't
| understand it).
|
| It's like if someone was working on autopilot program and
| rewrote it in a "modern" language, and "simplified" it in
| the process by dropping a bunch of "unnecessary" use
| cases...then it turns out that at least some of those cases
| were there for good reason and a bunch of planes crash. A
| lot of cryptocurrency and blockchain stuff is half-baked
| because it seems focus on faddish technology for its own
| sake rather than trying to actually build someone that
| works.
| leifg wrote:
| Regular written contracts are not automatically enforced.
|
| Not a lawyer here but I'm guessing.
|
| Not all legal loopholes automatically deprive you of all your
| savings. Intentional loop holes only go so far before
| consumer protection or other entities overwrite it. And if
| both parties are in agreement and in good standing you can
| figure out a way to find a reasonable compromise.
| pinky1417 wrote:
| Indeed, contracts can be invalidated if they're abusive.
| For example, there's a doctrine in contract law called
| unconscionability. If you buy an airline ticket to Boston,
| the captain can't say upon landing "Welcome to Boston! You
| can pay $10,000 to deplane or we'll take you back to where
| you departed." Or let's say that, when you agree to the
| terms for a e-commerce site, buried deep in the terms is a
| clause saying the site gets half the money in your bank
| account. Sure, both parties might've technically agreed to
| the contract, but the contract probably isn't enforceable.
|
| *Not a lawyer either, but I've read some introductory
| contract law stuff. All I know is this: you don't want to
| rely on the courts to save you, since they generally err on
| the side of the literal contract, but I don't spend much
| time worrying about accidentally agreeing to a contract
| that will sell myself into slavery.
| exdsq wrote:
| Lawyers argue over ambiguities or mistakes and use precedent
| to solve these issues, smart contracts don't have that extra
| level of protection.
| donmcronald wrote:
| With a traditional contract you don't have to worry about an
| unrelated 3rd party coming in and taking all your assets. And
| if you have a mistake in a contract that governs a business
| relationship there's a lot of incentive on both sides to
| compromise (assuming it's a good relationship).
| aeturnum wrote:
| Part of contract law is that the legal standard for
| enforceability is "reasonableness"[1]. If there is a clause
| in a contract that you want to exercise, but your
| counterparty claims they didn't understand it or intend it
| they can take you to court. Unless you can convince a judge
| that they might, at one time, have wanted to agree to the
| contract then the contract is not a basis for you to take
| that action.
|
| Contracts have always had a healthy dose of manual debugging
| that have allowed them to function.
|
| [1] The idea of "a reasonable person" is used heavily in the
| US legal system and has problems but it also has upsides.
| PeterisP wrote:
| In contract law, intent is the key part, so if the "hole" is
| truly unexpected (e.g. the most significant errors that come
| to mind would be an accidental omission of "not" which
| completely reverses the meaning of the contract; or perhaps a
| mistaken swap in the description of who pays whom) then it
| would be reasonable to demonstrate that is was not what
| either of the parties intended, and thus that single mistaken
| word simply does not matter and would be ignored.
|
| What you _do_ get in contract disputes where specific wording
| matters is in edge cases where you might reasonably assert
| that both parties wanted (and agreed) A or not-A for some
| specific situation as part of the negotiation, disputing
| where _exactly_ some boundary lies - but not for the core
| parts or complete reversal. On the other hand, automatically
| enforced "smart contracts" don't make such a distinction and
| any typo can reverse the core meaning of the contract as
| well.
| ourcat wrote:
| Agreed. And it's the auditors who need to get better.
| arcticbull wrote:
| A lifetime of experience has shown us that code review and
| testing are never sufficient to eliminate bugs. What we need
| to do is abandon the concept of smart contracts that
| immutably and permanently move people's money with zero
| recourse - running exposed to the internet without a
| firewall.
| mrec wrote:
| I've seen them described as "self-funding bug bounties".
| intrasight wrote:
| When I think about it in those terms... Why not fund bug
| bounties that way?
| solomonb wrote:
| Because you presumably want to find bugs in applications
| that are not smart contracts.
| adtac wrote:
| Wait you don't have a /root/btc_bounty_private_key.txt
| with 600 permissions in every server?
| X6S1x6Okd1st wrote:
| That is happening as well.
| EGreg wrote:
| Because the payout would be too large
| rawtxapp wrote:
| They are called ransomwares and people aren't very happy
| with that method.
| ineedasername wrote:
| And oddly ineffective at actually prompting action on
| closing out those bugs.
| ike0790 wrote:
| lmao
| unholiness wrote:
| But it's so much worse than that, right? Bugs in a smart
| contract are immutable. Those are just the terms everyone
| agreed to. There's simply no path to deploying a fix that
| every good actor agrees is beneficial.
| pjerem wrote:
| I guess technically you can deploy a new contract that
| reverses the previous contract outcomes then replays the <<
| fixed >> terms. Good luck to find a common agreement
| though. And so much more possibilities for new bugs.
| ekir wrote:
| It's fairly common to deploy a proxy contract, which allows
| for a sort of updating. Basically you deploy a new contract
| and have the proxy point to that new contract instead of
| the old one. There are definitely some limitations and it's
| not fully standardized yet. There's a tentative standard
| here https://github.com/ethereum/EIPs/issues/1538 and
| OpenZeppelin also has their own implementation.
|
| Although neither of these things will actually help if your
| contract gets exploited before you can push a fix.
| gumby wrote:
| Doesn't a proxy contract defeat the whole purpose of
| algorithmically enforced contracts?
| acjohnson55 wrote:
| The problem there is that it allows people with deploy
| privileges to unilaterally change the rules. So you lose
| "code is law". Hypothetically, you want to custody of
| assets in an immutable contract with the minimal amount
| of privileges, and use proxy contracts for higher level
| on-chain functionality. But it's not so clear to me that
| it's possible to achieve a perfect factoring, in general.
| xur17 wrote:
| Typically folks require a governance vote (so multiple
| parties) + a timelocked contract, and then after some
| system age / volume they burn the option.
| skizm wrote:
| Ethereum just forked the entire blockchain to undo a
| transaction they didn't like. I'm not sure if that's reassuring
| or a complete violation of the entire premise of smart
| contracts.
| mikkelam wrote:
| As long as everyone agrees i see absolutely no problem. The
| entire value proposition of decentralized blockchain is to
| establish consensus without trust. If everyone agrees to undo
| a transaction, it seems perfectly fine to me, as that would
| require the consensus the blockchain already establishes
| danellis wrote:
| > As long as everyone agrees i see absolutely no problem.
|
| They didn't all agree, though. Now there's Ethereum (the
| people who agreed with the fork) and Ethereum Classic (the
| people who didn't agree).
| mikkelam wrote:
| Some agreed, others didn't and they decided to create a
| fork. Consensus doesn't require everyone to agree, just
| the majority
| Analemma_ wrote:
| Thank goodness we've gotten away from a system where the
| government can arbitrarily decide to steal my money and
| towards a glorious future where a bunch of randos on the
| internet can arbitrarily decide to steal my money. I feel
| so much better.
| vecinu wrote:
| You're literally talking across yourself, at least that's
| how I read it.
|
| Your first comment [1]
|
| > As long as everyone agrees i see absolutely no problem
|
| and now
|
| > Some agreed, others didn't...Consensus doesn't require
| everyone to agree, just the majority
|
| So you literally just said there is a problem.
|
| [1] https://news.ycombinator.com/item?id=27666781
| WalterSear wrote:
| One way of reading this comment is that you concur that
| there's a problem.
| jwlake wrote:
| Mostly it involves people making systems that are too complex
| to trivially analyze. You can not write arbitrarily complex
| secure code. You need to limit your scope and do one very
| simple thing extremely tersely and correctly.
|
| You can make powerful systems with simple correct independent
| components. You can not make complex secure monolithic systems.
| It gets even worse when you look at contracts with delegation.
|
| The problem with most "smart" contracts is they have
| abstractions, delegation and scope creep.
| spicybright wrote:
| I don't know much in the field, but formally verifiable
| programming methods come to mind.
|
| You'll potentially have less of a chance for contracts to be
| exploited (at least compared to what we have now).
|
| That said, you can't protect against infrastructure exploits
| as easily, mathematically flawless program or not.
| foobiekr wrote:
| Formal methods are about matching the spec. Errors in the
| spec are still an issue. Moreover, there is very, very
| little formally verified code in the world, much less than
| you'd believe.
|
| My former professor (RIP) oversaw the formal verification
| of the F-16 computer software and it still had significant
| bugs in the end where the specification itself was
| incomplete or in error. And that was a multi-year, team-
| scale effort. No one is doing that for smart contracts.
| gurchik wrote:
| I'm not familiar with formal verification, so forgive me.
| Could something like TLA+ be used to inch yourself
| towards a verifiable spec? Although you are moving the
| goalpost, the hope is that eventually your spec is so
| simple that it is "obvious" that it is correct?
| tialaramex wrote:
| A nice practical example from TLS 1.3:
|
| TLS 1.3 has been formally proven (not an implementation,
| but the standard itself). To the extent the
| mathematicians correctly explained what the TLS 1.3 RFC
| says, and correctly told the machine what TLS 1.3 is
| supposed to do, the machine proof says this protocol does
| what we intended.
|
| That work assumes a bunch of components are black boxes,
| they must work. If we ever lose confidence that they
| work, we've got to throw those out. So for example
| SHA-256, AES GCM, X25519, the proof doesn't say "We prove
| these work" it says "Assuming you're right that these do
| what they're designed to do the rest of your proof holds"
|
| Anyway, one of the assumptions in that proof is a
| surprise to a human implementing TLS 1.3, it isn't
| explicitly mentioned in the TLS 1.3 document as written.
| And so the result is, if you didn't obey that assumption,
| the proof doesn't hold and sure enough you're vulnerable
| to an attack.
|
| The assumption is for Pre-shared Keys (e.g. IoT devices A
| and B don't want to bother with certificates, so they
| just use pre-agreed random keys) _each device pairing_
| has its own PSK.
|
| A person looking at the design figures hey, got two
| devices Alice and Bob, I can just have a single key K
| known to both devices, and everything is secure. But
| that's wrong - and the TLS 1.3 proof doesn't say this
| will work. Here's what bad guys can do, it's called the
| Selfie Attack:
|
| Alice sends a message to Bob, maybe "Did you feed the
| cat?" and it's encrypted with key K. Normally Bob
| receives the message, maybe answers "Yes I fed the cat"
| also encrypted with key K and all is well.
|
| But now Mallory is on a network able to intercept and re-
| route messages. Alice sends to Bob, "Did you feed the
| cat?" encrypted with key K. Mallory can't read or tamper
| with this message, it's encrypted with key K and TLS 1.3
| works as designed, _but_ Mallory just re-directs the
| message back to Alice, "Did you feed the cat?". The
| message is encrypted with key K, Alice assumes Bob sent
| it, and replies "No, I didn't feed the cat" also
| encrypted with key K, which Mallory re-directs again back
| to Alice, who now _mistakenly_ believes that Bob has told
| her he hasn 't fed the cat.
|
| There are obviously a bunch of things you could do to fix
| this. First of all you could just have more PSKs. If
| Alice's message to Bob is always encrypted using the
| Alice->Bob shared key, when Alice actually receives it
| instead she knows something is wrong immediately. Or you
| could just prefix each message with To/From information,
| like an old-fashioned email and that works too so long as
| you check it.
|
| But the important observation is that this is an
| assumption in a proof that nobody really surfaced until
| it was too late. If researchers had told the proof system
| "No, the PSKs can be the same" the proof fails. Or if
| they'd carefully explained to the TLS Working Group, "We
| had to spell out that the PSKs must be different" then
| today RFC 8446 would likely explain that you need to do
| that or you've got a security problem. But neither
| happened and this attack slipped between the cracks.
| rodgerd wrote:
| A very interesting and informative comment - thank you.
| impreciouschild wrote:
| MakerDAO is formally verified.
|
| https://medium.com/@MakerDAO/the-code-is-
| ready-2aee2aa62e73
| raverbashing wrote:
| Yes, I agree. Most of the security of smart contracts should
| be in the VM. Things like self-asserting the results and only
| finishing the transaction if it actually passes a double-
| check. Or set value limits to each smart-contract (so even if
| there's a bug it will only operate on 0.00001 BTC for
| example).
| admax88q wrote:
| If your smart contract can only process tiny amounts of
| money, then it's no useful.
| raverbashing wrote:
| That's not what I'm saying. But sure, if you think you
| can write smart contracts without bugs for all means
| don't set a limit.
|
| I'm saying _you_ should define a ceiling for your smart
| contract so in case of a bug, no transactions over that
| ceiling go forward.
|
| So if you have a stupid bug that causes you to transfer
| 1BTC instead of 0.001BTC you don't lose all your money.
| recursive wrote:
| What's the distinction? That just means _you_ won 't be
| able to use smart contracts for anything useful.
| ConcernedCoder wrote:
| Can there ever be 'bug free' software? As a lifelong
| programmer, I'm starting to think that it's impossible to write
| perfect software free from bugs.
| toast0 wrote:
| It depends on what you mean by bug. Often, requirements
| change, and now the program doesn't meet requirements; that's
| not something you can avoid.
|
| Ensuring your requirements are correct is possible, but often
| hard. Ensuring your software meets the requirements is
| possible, but often hard, especially if you need to consider
| hardware failure or defects.
| ma2rten wrote:
| I thought that was conventional wisdom.
| 71a54xd wrote:
| > Can there ever be 'bug free' software?
|
| _Only in academia_
| staticassertion wrote:
| Can a single program be proven bug free? Sure. Can we do that
| for arbitrary programs? No.
|
| This may interest you:
| https://en.wikipedia.org/wiki/Rice's_theorem
| Symbiote wrote:
| In some cases, yes. See Software Verification [1] for some
| pointers.
|
| It's massively more expensive, so you'll see it used in
| aerospace, railway signalling, some vehicles (trains,
| components of some cars), power generation and distribution,
| industrial processes.
|
| Sometimes also in consumer products that have long warranties
| and are extremely expensive to recall/repair, like washing
| machines.
|
| Just yesterday was a post on a formally-verified C compiler,
| used by Airbus (and others) [2]
|
| [1] https://en.wikipedia.org/wiki/Software_verification
|
| [2] https://news.ycombinator.com/item?id=27648735
| kube-system wrote:
| Software verification can make a system [?] bug free from a
| pragmatic perspective, but, there are still holes: humans
| do the verification, and there are practical limitations to
| the scope of system and integration tests. The fact that we
| still find zero-days (and other bugs) on systems that have
| gone through software verification is evidence of this.
| jhickok wrote:
| Technically, I don't see why it would be impossible. Seems
| like it is incredibly unlikely.
| dragonwriter wrote:
| > Can there ever be 'bug free' software?
|
| Sure. And if you look at sufficiently small-scale pieces of
| software, there is probably a lot. As scope of a software
| system increases, the probability of bugs rapidly approaches
| unity, though.
| Kiro wrote:
| I don't see it as a flaw. It's all part of the game and the
| fact that things like this can happen just makes it more
| intriguing. Obviously only valid if you, like me, see it as a
| futuristic/cyberpunk financial experiment or art project.
| jxi wrote:
| On the other hand, it's fully auditable and transparent. Who
| knows if my bank's software is stealing a couple dollars from
| me every month due to "software bugs" as well. I'd need to
| setup a bot to check my balance every day to make sure.
|
| Point is not whether my bank is malicious, but just that
| there's bugs everywhere and we'll have a few big "rug pulls" as
| this defi stuff is in prototype phase, but it will eventually
| grow mature. A flaw in Windows can lead to incredible losses
| too, but we've grown past that.
| rawtxapp wrote:
| The flip side of that is any smart contract that stood the test
| of time should be rock solid. For example, there are _huge_
| incentives to go ahead and hack a big contract like maker,
| compound, uniswap or aave, so you can bet that there 's highly
| qualified people out there trying to hack them as we speak, yet
| after all this time, they are still working as intended.
|
| I have a lot more trust in that kind of product than in a
| product where contracts are subject to interpretations by
| humans which may or may not be reliable. It's one of the
| reasons why people incorporate their companies in Delaware,
| there are well known case law, so you know in advance what to
| expect from the justice system. Predictability is an important
| part of a contract, I trust a well inspected and battle tested
| smart contract much more than a human enforced contract. That
| said, not everything is suited to smart contracts, but many
| financial applications are.
| lisper wrote:
| That's no guarantee. Someone might have a zero-day stashed
| away somewhere.
| rawtxapp wrote:
| The game theory comes into play, if you found a bug that
| could empty maker's vaults for example, you better do it
| _right now_ , otherwise, someone else will before you and
| you wasted all your time/energy.
| theli0nheart wrote:
| Exactly. This is precisely why there aren't (or at least,
| in a rational world, _should not be_ ) any undisclosed
| zero-days in crypto. If you're aware of an exploit,
| you're just going to exploit it immediately unless you're
| willing to let someone else exploit it in your place.
|
| There is a large amount of money at stake with these
| exploits and it doesn't make economic sense to let one
| sit around.
| Retric wrote:
| How many major bugs in software and especially cryptosystems
| went undisclosed for decades?
|
| The core issue is the inherent asymmetry where 1 person
| finding 1 bug can destabilize giant systems. Even if these
| systems where hundreds of years old that doesn't actually
| mean much.
| zionic wrote:
| By this logic most e-commerce is a mistake as well, since a
| serious flaw in the linux kernel could take down most web
| servers.
| arcticbull wrote:
| Nah, that's governed by contracts, law and enforced by
| the police. That money tends to be traceable and
| recoverable.
| Retric wrote:
| Credit card transactions are reversible, that means such
| flaws can be considered a cost of doing business rather
| than permanently destroying anything.
| rawtxapp wrote:
| How many bugs had a _direct financial return_ in the same
| way? If you found a bug in maker (or any of the other big
| contracts) today, you can walk away with billions of
| dollars worth of coins, that 's a huge sum.
| Retric wrote:
| Major bugs in smart contracts can cause the system to
| stop working rather than handing anyone billions. As such
| people can discover such issues without disclosing them
| in much the way infrastructure can be vulnerable without
| people damaging it.
| computerlab wrote:
| The Parity wallet bug from 2017 is the classic example so
| far, where someone who was just messing around with the
| smart contract 'accidentally' locked up $280m in
| assets[1]. I've linked to the GitHub thread below...this
| person didn't get anything from the exploit, and it
| wasn't for street cred (they deleted their account).
|
| https://github.com/openethereum/parity-
| ethereum/issues/6995#...
|
| https://www.cnbc.com/2017/11/08/accidental-bug-may-have-
| froz...
| rawtxapp wrote:
| Even being able to grind a smart contract to a halt would
| be very profitable if you shorted it right beforehand.
| Retric wrote:
| Even then you are limited things to people who are
| willing to break the law and have a giant sign pointing
| them as a likely culprit.
| rawtxapp wrote:
| I mean people short crypto all the time, averaged over a
| long enough period of time long/short ratios are roughly
| ~50/50 [1]. It's normal market behavior. And if you're
| shorting one of the big ones, you can most likely do it
| on defi without even providing a name.
|
| 1: https://www.bybt.com/LongShortRatio
| DanHulton wrote:
| Yeah, the classic example is the original binary search
| algorithm. It had an overflow bug that went undetected for
| two decades: https://thebittheories.com/the-curious-case-
| of-binary-search...
|
| It's an incredibly simple algorithm and still got missed.
| Smart contracts have no chance.
| seibelj wrote:
| There was not $Billions to be paid out for finding that -
| it's a matter of incentives.
| Retric wrote:
| Not every way to break a smart contract results in a
| major payout.
| notJim wrote:
| How often was that bug actually hit in production? How
| many people are allocating arrays of size 2*31? A bug is
| less likely to be caught if it's not exploitable.
| solomonb wrote:
| This sounds like a fallacy of the inverse. Those contracts
| not being hacked yet is no proof that they are resistant to
| hacks.
| theli0nheart wrote:
| It's not clear what fallacy you're thinking about because
| the fallacy of the inverse is not it.
|
| From
| https://en.wikipedia.org/wiki/Confusion_of_the_inverse:
|
| > _Confusion of the inverse, also called the conditional
| probability fallacy or the inverse fallacy, is a logical
| fallacy whereupon a conditional probability is equated with
| its inverse; that is, given two events A and B, the
| probability of A happening given that B has happened is
| assumed to be about the same as the probability of B given
| A, when there is actually no evidence for this
| assumption.[1][2] More formally, P(A|B) is assumed to be
| approximately equal to P(B|A)._
| Closi wrote:
| The inverse of "any contract that has been hacked was
| insecure" is "any contract that hasn't been hacked must
| be secure".
|
| I think this is what OP meant. If something has been
| around for a long time it does probably mean it's less
| likely there is a really obvious security flaw, but it
| doesn't necessarily mean it is 'rock-solid' as plenty of
| things that have been seen to be 'rock-solid' in the past
| have turned out to be insecure.
| cylon13 wrote:
| It is pretty good evidence that they are resistant to hacks
| though, and speaking about interesting evidence that
| doesn't pass the bar of proof isn't some kind of logical
| fallacy. That's a pretty high bar to set for what you're
| willing to integrate information-wise about the world into
| your model of it.
| uncomputation wrote:
| Considering there are still new bugs found in chip designs,
| operating systems, and compilers that have been around 4
| times as long as any cryptocurrency I have literally no idea
| why you would feel safe in "smart contracts." At least if my
| bank account is hacked, I have a solid legal standing for
| compensation and I have good reason to believe centralized
| financial institutions will keep extensive documentation and
| logs. With decentralized finance, all I have is some Medium
| dot com post on the "Forward Plan" and an ominous message
| that "SAFEDOLLAR IS UNDER ATTACK."
| rawtxapp wrote:
| The bugs found in smart contracts equal large sums of money
| _right away_ unlike 0-days in OSes or other systems where
| the link is much more indirect. For example, if you find a
| 0-day on Windows, sure you might sell it for 7-8 figures on
| the black market, if you found a bug on maker (or any of
| the big contracts), you could walk away with billions of
| dollars in a practically untraceable way.
| doesnotexist wrote:
| https://en.wikipedia.org/wiki/Market_for_zero-
| day_exploits#M... The wikipedia entry on this is a bit
| misleading or misinformed. As there are multiple above
| ground buyers for 0-days that have no interest in making
| it difficult for people to sell to them.
| snewman wrote:
| I'm not sure this follows.
|
| It's a fair point that any easy-to-find bugs in large, time-
| tested contracts will have been found. Any medium- or hard-
| to-find bugs also will probably have been found. But there
| might still be a very-hard-to-find bug lurking; and given the
| value of finding such a bug, people might look hard enough to
| find it.
|
| In other words, the same scale that ensures there is no low-
| hanging fruit, also provides the incentive to pick high-
| hanging fruit.
|
| > I have a lot more trust in that kind of product than in a
| product where contracts are subject to interpretations by
| humans which may or may not be reliable.
|
| This is a valid concern, but it's also extremely well-
| understood at this point; we have centuries of global-scale
| experience with traditional financial and legal systems.
| They're certainly not flawless, but it's rare for gigantic
| new flaws to emerge. An important point is the existence of
| mechanisms for rolling back bad transactions and challenging
| / appealing flawed decisions.
| jwblackwell wrote:
| > it's rare for gigantic new flaws to emerge
|
| There are countless instances of rouge traders, high level
| financial crime and corruption.
|
| Wirecard is one recent example costing billions. The Libor
| scandal another that comes to mind.
| donio wrote:
| > The flip side of that is any smart contract that stood the
| test of time should be rock solid.
|
| They all are until they aren't.
| EGreg wrote:
| I would trust things with formal proofs a lot more
| tylersmith wrote:
| Human beings write software that flies people around the world
| and shuttles people between the Earth and space. Managing money
| is not more important than many things we use software for.
| ethanbond wrote:
| Software that you can't update is borderline not-software.
|
| It's hardware with no joysticks for humans to adjust. It just
| happens to be hardware that's implemented in code.
| trophycase wrote:
| You can upgrade many smart contracts with proper practice.
| mustafa_pasi wrote:
| Those systems have built in redundancies. They don't assume
| trustless 100% bug-free code.
| pfisch wrote:
| I'm not saying you're wrong, but that software in most cases
| isn't constantly under attack from another team of engineers
| trying to blow up all the planes.
| MattGaiser wrote:
| 1. Not always correctly, as seen with the 737 MAX.
|
| 2. We have a general AI exception handler called a pilot.
|
| 3. Many of those systems have hardware redundancies, so even
| if there is a bug, hardware can stop it. A fuse might blow
| instead.
| rspeele wrote:
| Putting your money in one of these smart contracts is like
| getting on a fully autonomous plane, with no pilot.
|
| And you get a refund for your plane ticket if you reach your
| destination, but if you don't, whoever figured out the trick
| to crash the internet-connected plane gets to keep all the
| ticket money. And that could be the same person who wrote the
| plane's software.
| admax88q wrote:
| Surely you see the difference between managing money on the
| open internet and closed systems such as planes and
| spaceshipts.
|
| The incentives to break those other pieces of software are
| different.
|
| Very few people are incentivized to hack planes to crash and
| kill people. Even fewer are incentivized to hack the space
| shuttle. Not to mention those pieces are rarely exposed on
| the public internet, or have connectivity at all.
|
| But massive amounts of nigh-untraceable free money? Ton's of
| people are incentivized to go for that.
| [deleted]
| iNane9000 wrote:
| That's not even close to the main flaw. The main flaw is that
| it incentivizes crime, human trafficking and accelerates
| environmental destruction. None of these are huge problems if
| you can afford a private bunker in New Zealand. It's a major
| problem for ordinary citizens, especially those of poorer
| countries.
|
| Everything involving code has bugs. Bugs aren't a reason not to
| use code. Bitcoin isn't a problem for the very small fraction
| of the population that use it. Bitcoin users are super rich
| tech workers and finance guys, by and large.
|
| The people hurt most by Bitcoin are all the people who don't
| use it. It benefits the ultra-rich at great expense to the
| other 99% of humanity.
| AgentME wrote:
| >accelerates environmental destruction
|
| Ethereum is working on moving to proof-of-stake within the
| next year, which completely removes its need for energy-
| intensive proof-of-work mining.
| WalterSear wrote:
| Ethereum keeps kicking the can on this, and not for
| technical reasons.
|
| > "One of the biggest problems I've found with our project
| is not the technical problems, it's problems related with
| people". - Buterin
|
| https://tokenist.com/buterin-explains-why-
| ethereum-2-0-upgra...
|
| Given that the reasons are political rather than
| engineering in nature, there's no way to put a timeline on
| them.
| twox2 wrote:
| That it incentivizes human trafficking and crime is pure
| hyperbole. Also turns out that the barrier to entry for
| crypto is lower in the 3rd world than you might think:
|
| https://www.youtube.com/watch?v=jvHN0MEBoZo
| iNane9000 wrote:
| I believe the synagogue shooter was paid in Bitcoin. So not
| pure hyperbole.
|
| Edit: might have the details confused about above point,
| but the general thrust of things is pretty clear.
| https://foreignpolicy.com/2019/03/19/neo-nazis-banked-on-
| bit...
| sjtindell wrote:
| Their complaint was not with your premise but the
| language. Rather than incentivizes perhaps facilitates.
| twox2 wrote:
| Well in that case, nothing incentivizes more crime than
| USD.
| iNane9000 wrote:
| It's more regulated though. That's the point is there's
| some control in usd, for better and worse.
| vimy wrote:
| Cash is the ultimate anonymous method of payment.
| Veliladon wrote:
| Cash is a physical thing that needs to be taken somewhere
| if you're using it to pay someone off or receive a
| payoff. That gives means to be apprehended at some point
| in the chain. Crypto on the other hand you just hand over
| the coins. The coins are sent to an exchange's wallet,
| mingled, then pulled out on another anonymous wallet.
| This is what makes it so great for ransoms.
| dasudasu wrote:
| Not necessarily. Bills have serial numbers on them. They
| can also be marked.
| [deleted]
| fleddr wrote:
| From a humanitarian and economical point of view, Bitcoin
| doesn't hurt the poor. It allows the unbanked to finally
| store wealth, as a counter to a local strongly inflationary
| currency. Besides storing wealth, also growing wealth, as
| pretty much the only option they have.
|
| Unless you don't believe the narrative that Bitcoin
| stores/grows wealth very well, in that case...poor people can
| simply not use it.
|
| Perhaps you mean to say that the distribution of coins is
| uneven. That's true, but not a problem Bitcoin aims to solve
| or can solve. Bitcoin is fair, the same rules apply to
| everyone. If a billionaire has a 1,000 Bitcoin and I have 0.1
| Bitcoin, we both win or lose based on price action equally,
| relatively speaking. That's as fair as it gets. With Bitcoin,
| having lots of coins doesn't give you any new free coins,
| unlike fiat money.
|
| The environmental destruction is overstated and rapidly
| changing as we speak. Soon the vast majority of mining
| happens based on renewables with a specific focus on stranded
| energy. And this isn't a vague promise, some 60/70% of the
| hashrate from China, which include most coal-based mining, is
| being wiped out in just a few weeks.
| viraptor wrote:
| > With Bitcoin, having lots of coins doesn't give you any
| new free coins, unlike fiat money.
|
| Fiat money doesn't give your free money either. You have to
| invest in something - and there's plenty of fee-limited
| options in the cryptocurrency world as well.
|
| > And this isn't a vague promise, some 60/70% of the
| hashrate from China, which include most coal-based mining,
| is being wiped out in just a few weeks.
|
| Because the price is so low, not because they want to help
| the environment. At the next peak everyone will be happy to
| burn whatever fuel is cheaper than the payout again.
| varjag wrote:
| There is approximately 0 unbanked storing wealth in
| Bitcoin.
| X6S1x6Okd1st wrote:
| This is a pretty small drop for the space.
|
| This is a good news aggregator for rugs (exit scams), bugs &
| more: https://www.rekt.news/
| Animats wrote:
| This was a stablecoin backed by two other stablecoins? What's the
| point? Now you have multiple points of failure and no upside.
| hexo wrote:
| Such stable, much wow. Doge approves!
| chizhik-pyzhik wrote:
| The fact that this is trending on HN shows how little hacker news
| knows about the cryptocurrency space. A relatively unknown,
| recently launched stablecoin collapsing is not big news in
| crypto.
|
| Now if dai, usdc or usdt had failed, that would be a big deal.
| NationalPark wrote:
| I think it's pretty obvious that people here are very literate
| about the cryptocurrency space and just find it amusing,
| apparently to the chagrin of true believers.
| fleddr wrote:
| Quite the opposite.
|
| It's valid, healthy and even recommended to have significant
| skepticism regarding crypto. I think that's fair game, as
| about 90% (or more) of coins are pump-and-dump schemes.
| Further, almost everything "Defi" is supremely risky, as they
| are completely unregulated, not insured, often lack
| liquidity, and can go down the drain at moment's notice.
|
| Fine. However, there's a general anti-crypto stance here
| largely based on outdated mainstream narratives that if you
| truly would be literate about crypto, could only laugh at.
|
| So this community is not "very literate", it doesn't even
| past the basic smell test.
| ineedasername wrote:
| I don't think there's a strong anti-crypto stance here. It
| strikes me much more as a strong anti crypto-fanboy stance.
| I'm not saying there's no one on HN who doesn't like
| crypto. I just think that, as a technogy, the general
| sentiment is "it's not fully baked yet". When that runs
| head long into dogmatic refusal to admit to any problems
| with crypto as a concept or a particular currency, the
| sparks that fly may look anti-crypto.
| rednerrus wrote:
| USDT failed a LONG time ago.
| rawtxapp wrote:
| What is failure specifically? USDT (despite it's shadiness)
| trades at 1USDT:1$ on pretty much all exchanges _and_ you can
| short it if you truly believe it 'll flop anytime soon.
| rednerrus wrote:
| The question is are there really $1 USD for every $1USDT?
| The answer is surely not. You may be able to get your money
| out today but in the long run there is nearly a 100% chance
| you lose it all.
|
| https://bitfinexed.medium.com/tether-is-setting-a-new-
| standa...
| rawtxapp wrote:
| There isn't 1$ for every 1USDT, they said so themselves.
| It will eventually fail != "USDT failed a LONG time ago".
|
| If you truly believe what you say, then you should
| definitely consider shorting it, if you're right you'll
| make a lot of money.
| Hallucinaut wrote:
| The failure spoken of is clearly the breach of the
| promise (and associated changing of literature) to back
| each by one USD.
|
| However I'm very interested in the idea of shorting a
| "stable"coin. Who would possibly enter into this contract
| for an asset that has an upside of zero and a (potential,
| long-term, depending on your bearishness) downside of
| 100%?
|
| In any case, with the strong likelihood Tether themselves
| are effectively shorting it by selling it unsecured by
| any real assets it would be a tough market to get in on.
| Budabellly wrote:
| I bookmarked this comment from a few months ago on how
| one might make such a trade:
| https://news.ycombinator.com/item?id=26174690
| rawtxapp wrote:
| Which is why I asked what they meant by failure
| specifically.
|
| You have to borrow it to short it, so there's a 1-3% APY
| cost associated with shorting it. You have to calculate
| the tradeoff of the likelihood of it going to 0 within
| the next couple of years vs the cost of borrowing USDT to
| short it.
|
| Say you short 1M$ worth of Tether, it goes belly up
| within 4 years, it cost you like ~40k$ to short it, but
| your upside is 1M$. If it never actually fails because
| the market is irrational or by some miracle Tether was
| doing the right thing, then your cost depends on when you
| close your position. It's a relatively cheap way of
| making lots of money depending on your conviction on
| Tether's likelihood to fail.
| slownews45 wrote:
| No kidding - each of the these crypto folks go "trust us" -
| and then even the simplest things (1:1 US Dollar backed coin
| - seriously - how hard is this!) turn out to be a full of
| crap and lies.
|
| And if you believe USDT has been 1:1 backed by us dollars for
| its full history - dream on. If you believed they would
| actually get audited when they said they would - hahah.
| fleddr wrote:
| Your statement "how hard is this" shows your complete
| incompetence regarding the backing of anything.
|
| Nothing of value is backed in our world. If a mere 7% of
| bank account holders go to the bank to collect their money,
| the bank collapses. They don't have your money, it's not
| there.
|
| If all owners of gold (gold value papers) today claim their
| physical gold, it can't be done. There's 400% more value
| paper compared to the total supply above ground.
|
| If all owners of Apple stock today decide to sell their
| stock all at the exact same moment, they won't get out the
| full market cap. Because the entire thing crashed before
| that. But that won't happen, because the exchange will
| simply stop the trade.
|
| Which is the same thing crypto exchanges do when things get
| too heated.
| mike00632 wrote:
| The difference is that Apple doesn't claim to have a 1:1
| reserve of dollars to back the value of their stock. It
| should matter to you that the USDT folks are lying (over
| something important).
| fleddr wrote:
| We're in agreement that lying about backing is wrong in
| any case, no argument there.
|
| I in particular object to the notion that things of value
| should be 100% backed by actual USD, in bank accounts or
| cash. That's not how liquidity works, yet a lot of people
| intuitively believe this to be so.
| Dylan16807 wrote:
| They said it wasn't hard, not that it was necessary in
| all circumstances.
|
| Banks and gold deposits re-lend money because it makes
| them money and they can sell the storage service for
| cheaper. If you want something that won't be loaned back
| out then you can buy that service pretty easily.
|
| And stock prices changing is a very different thing. The
| actual supply is there, and entire markets caps can and
| do get sold in things like mergers.
| imtringued wrote:
| >Nothing of value is backed in our world. If a mere 7% of
| bank account holders go to the bank to collect their
| money, the bank collapses. They don't have your money,
| it's not there.
|
| Considering negative interest rates in the Eurozone you
| would be doing the banks a favor. They don't want your
| deposits.
| zionic wrote:
| Seriously.
|
| _Meanwhile on boomer news_
|
| > A single web server caught fire somewhere in Bolivia, is
| social media over? (+20000 points)
| atweiden wrote:
| > Now if dai, usdc or usdt had failed, that would be a big
| deal.
|
| The "Dai" peg did break -- both in early 2020 [1], _and_ a few
| days after launching. DAI's now 60% backed by Tether like
| instruments. It's basically a strictly worse version of
| Facebook's Libra, assuming Libra weren't crippled by state
| regulators (Libra is now Diem).
|
| Every major algorithmic stablecoin has imploded at least once
| in times of market volatility. Preston Byrne has written a
| wonderful article explaining why the concept is clearly unsound
| and theoretically flawed [2]: When you make a
| "coin" which is in form and substance a repackaged
| exposure to another underlying cryptocurrency, as Dai is simply
| repackaged Ether, and Basecoin is simply an abstraction of
| demand for "Base bonds," and peg that exposure to some
| meatspace asset like an ounce of gold or a U.S. dollar,
| a sudden move against the underlying collateral - in
| this case, 12% - can trigger a sell-off that breaks
| that peg, and breaks it hard.
|
| It's perhaps a testament to the frothiness of the
| cryptocurrency markets -- or the sheer number of low
| information investors -- that this concept doesn't die. No
| matter how many times the "stablecoin" peg breaks, no matter
| how many times it costs investors millions of dollars in
| losses, it just refuses to die. If there were any justice in
| this world, the concept would've been fundamentally discredited
| _years ago_.
|
| Unfortunately, when stablecoins break, they get propped up by
| biased investors in closely linked pseudo equities who limp the
| imploded stablecoin along by injecting more capital and then
| powering on the hype machine.
|
| [1]: https://blog.makerdao.com/the-market-collapse-of-
| march-12-20...
|
| [2]: https://prestonbyrne.com/2018/01/11/epicaricacy/
| [deleted]
| ineedasername wrote:
| HN is a social news site subsidized by a company that incubates
| the latest technologies, including DeFi.
|
| If there are _any_ appropriate places on the internet for news
| about a new collapsed piece of DeFi tech, HN is unquestionably
| on that list.
| puranjay wrote:
| Its the end of the bull run and $250k rugs/exploits are about
| as common as rainy days in London.
| PragmaticPulp wrote:
| > A relatively unknown, recently launched stablecoin collapsing
| is not big news in crypto.
|
| The fact that some people think a $250,000 heist followed by
| the collapse of a half a million dollar stablecoin is "not
| news" underscores how ridiculous the cryptocurrency space is
| right now.
| __s wrote:
| VCs blowing an order of magnitude more on coke doesn't make
| the news
| Dylan16807 wrote:
| If someone blows millions of dollars on coke I very much
| want to read that article. Why would that not get reported,
| are you sure?
| meowkit wrote:
| I'm sure he was exaggerating, But it's definitely true
| that half a mission is nothing for VCs and its pocket
| change in terms of market cap.
| salt-thrower wrote:
| A VC publicly saying "I don't spend money on coke" as a
| marketing tactic and then getting busted doing just that
| would make the news. Much like a coin that claims "this
| coin is stable and its value is tied to USD" getting looted
| and crashing to $0 also makes the news.
| neoromantique wrote:
| Me shouting "I'm a VC and I don't spend money on coke"
| and then getting busted doing just that would not make
| news, as I'm nobody. Same here.
| salt-thrower wrote:
| You don't have half a million dollars invested in the
| thing you claim to be, to then blow. Unlike a VC or this
| coin. That analogy doesn't work.
| ineedasername wrote:
| Well, it wouldn't make the news if the price dropped
| because the _actual_ USD value dropped to zero. That
| would be perfectly legitimate. Of course the world would
| be burning as 5lb bags of rice became worth a dozen human
| lives, so tech news in general might not be very top of
| mind at that point.
| arcadeparade wrote:
| 250k is nothing compared to the biggest defi losses:
| https://rekt.news/leaderboard/
| mgfist wrote:
| I don't know much about this space but a half million dollar
| marketcap is absolutely tiny and non-news. BTC market cap is
| what, close to a trillion or something?
| notJim wrote:
| The top 10 stablecoins together have a total market cap of
| around $100 billion. Of that, $62 billion is tether, and
| the next largest is USDC at $26 billion, then BUSD at $10
| billion.
|
| It is interesting that these exploits still happen.
| legulere wrote:
| Those are based on the trust of the companies behind them
| though and don't collapse so suddenly. Also MT.GOX took
| several days to fully collapse.
| jMyles wrote:
| Don't get gaslit - this comment is on-point.
|
| (Though I think it's obvious that USDT is a scam.)
| [deleted]
| jhgb wrote:
| To be fair, zero is a very stable number.
| 6a74 wrote:
| So what type of exploit is this? Is this a problem with smart
| contracts? Could this be a problem for other cryptocurrencies
| with smart contracts, like Ethereum?
| kcy1019 wrote:
| https://polydex.medium.com/plx-locker-smart-contract-inciden...
| tylersmith wrote:
| It was an issue with a specific contract, not the contract VM
| or the chain itself. It's absolutely a problem for other poorly
| written contracts, but not a systemic problem for all smart
| contracts.
| [deleted]
| kj4ips wrote:
| This is most likely a problem with this specific smart
| contract, from what I understand, if the EVM on the "winning"
| miner were to produce a state transition that did not
| faithfully follow the SC, that block should be rejected.
|
| Polygon is a little different, due to its proof of stake
| system, where there is no "winner" and the validators (Heimdall
| instances) "check" the work of the actual block producers (Bor
| instances). It also has a slasher-like element where only one
| Heimdall instance needs to prove that a block is incorrectly
| executed for it to be rejected, so a malicious actor would need
| to compromise all active Heimdall instances to be able to lie.
| Sohcahtoa82 wrote:
| Using smart contracts, people are creating cryptocurrencies
| within an Ethereum network. Sort of a blockchain-within-a-
| blockchain. Right now, Polygon is a popular alternate Ethereum
| network for doing these.
|
| The problem of course, is that once these contracts are
| published onto the network to create your new cryptocurrency
| token, it's very difficult (perhaps impossible?) to update
| them. And of course, if someone finds a vulnerability in one of
| the contracts and exploits it, it's game over. There's no
| reversing the transfer of tokens.
|
| So to give a more explicit answer to your question, it's not a
| problem with Ethereum, but a problem with the contracts people
| are writing on the Ethereum network.
| lazzlazzlazz wrote:
| There are more than $100b of stablecoins -- 285x year-over-year
| growth -- with a variety of very interesting and high-quality
| stablecoins proliferating. And of course, Hacker News focuses on
| some garbage project nobody in the space even followed.
|
| How is there no discussion about FRAX, Maker's DAI, USDC, CRV's
| 3pool token, Liquity's LUSD, and so many other interesting
| projects?
| charwalker wrote:
| I don't put money in gambling on assets underwritten by
| nothing. If I want a rush I'll buy AMC or something with real
| world value.
|
| The hype drives the coins but the only people getting rich are
| those in early then motivated to tell people to buy. It's a
| decentralized pyramid scheme and even those work some of the
| time.
| marton78 wrote:
| Why is everyone talking about the condo that collapsed recently
| in Miami? There are so many condos still standing, but nobody
| cares!
| lazzlazzlazz wrote:
| There are larger, far more interesting collapses (and
| subsequent recoveries): Titan, Fei, Empty Set Dollar, and
| more.
|
| Even going with your analogy, it makes no sense that this was
| #1 on HN. Unless it's also true that HN is just weirdly out
| of sync with crypto.
| knownjorbist wrote:
| This is such a weak(and frankly untimely) analogy, sorry.
| davesque wrote:
| There probably have been previous discussions about those
| projects. But yeah, the project relating to this headline is
| not news worthy. It's HN; go figure.
| pavel_lishin wrote:
| Because there's nothing _interesting_ about them. They 're just
| another variation on the same ol' "we peg our value to the
| dollar(*)!" pitch.
|
| The interesting stuff happens when they fail.
| bvaldivielso wrote:
| You can be dismissive about literally anything that way.
| Computers: another variation on the same ol' "input in,
| output out" pitch.
|
| You find stablecoin's failures interesting. Crypto
| enthusiasts (which admittedly are a tiny fraction of the
| people holding cryptocurrencies) do too, while at the same
| time finding the pegging mechanisms interesting as well
| xur17 wrote:
| They all do the same thing (peg to the dollar), but in
| different ways with different tradeoffs. That's the
| interesting part that you're completely missing.
|
| Some are more centralized than others. Some rely on
| governance more than others. Some allow themselves to drift
| further from the peg than others. Some are more complex (and
| therefore more at risk of failure). There's actually quite a
| lot going on, and I personally find it pretty interesting,
| but yeah, at the surface, it's a bunch of coins that trade
| fairly close to $1.
| jMyles wrote:
| I have to say, it seems to me that OP specifically started
| the list with two different, interesting, novel approaches
| that are not as you describe. It's as if the comment was
| designed to repel lazy, karma-farming comments like this one,
| and yet you still delivered one. Why?
|
| What else can you suggest in order _not_ to prompt this
| response?
| aqme28 wrote:
| I think they way they peg their value to a dollar is
| interesting, because there are so many different strategies
| now.
|
| Some are via reserve dollars, some via collateral based on an
| oracle, some via collateral not based on an oracle, some are
| tightly coupled, and some are a bit looser.
| lazzlazzlazz wrote:
| I couldn't disagree more. All of the projects I listed have
| radically different mechanisms, failure conditions, capital
| efficiencies, and value capture abilities. It's a fascinating
| space that is in its infancy.
|
| And you're missing projects that aren't pegged to the dollar,
| but instead have dampened volatility floating price targets
| -- like Reflexer and OlympusDAO.
|
| It's a rich, beautiful corner of a rapidly growing space.
| Aperocky wrote:
| It's a rapidly inflating bubble like NFTs and subprime
| mortgages.
| xur17 wrote:
| What aspect of stablecoins makes them a bubble?
| shkkmo wrote:
| A rapidly rising market cap that depends on the
| expectation of continued growth of demand. Some
| stablecoins are more protected than others against drops
| in demand.
|
| However, without a compete backing the the currency a
| stablecoin, there is a point at which sufficient supply
| of the stablecoin cannot destroyed and the peg will break
| as supply outstrips demand.
|
| When the bubble pops there will be a lot of broken pegs
| but it most likey won't wipe out every stablecoin.
| PragmaticPulp wrote:
| The stablecoins that succeed aren't very interesting because
| they're simply blockchain representations of actual funds held
| elsewhere. Or at least funds that are claimed to be held
| somewhere. Those stablecoins are simply a redeemable, tradeable
| representation of money held somewhere else.
|
| These artificial stablecoins that attempt to get clever with
| algorithmic finance and smart contracts are interesting because
| they inevitably collapse when someone pokes the system enough
| to make it unstable. The strangest part is how it happens over
| and over again yet people still put money into these flawed
| algorithmic stablecoins anyway.
| thebean11 wrote:
| > The stablecoins that succeed aren't very interesting
| because they're simply blockchain representations of actual
| funds held elsewhere. Or at least funds that are claimed to
| be held somewhere.
|
| DAI is not in this category. It is backed by over
| collateralized loans in multiple currencies, and maintains
| peg by creating and burning coins in a smart contract.
| fleddr wrote:
| You say they are "simply" a representation of fiat money,
| basically a fiat mirror held in crypto, but they play an
| incredibly important role in the ecosystem:
|
| - In some countries, swapping crypto to stablecoin (another
| crypto) has no tax implications whilst swapping to fiat does
| have consequences.
|
| - For big account holders (not me), stablecoins are the only
| way to put gains on "dry land". If you win big on exchanges,
| you can't take it out at once, there's withdrawal limits. It
| can takes months to get it out, years if really rich. During
| all this time, your gain may finish if you'd hold it in the
| original coin, so stablecoins secure your profit in the
| meanwhile.
|
| Fascinating? No, but definitely important.
| quadcore wrote:
| Interesting there is this new series on Netflix, StartUp
| about this stuff. So the question really is "does it
| work?". Couldn't this be interesting for that it will force
| us to change the way we code? For sure the best paradigm
| will win over time. And the best coders. People are
| investing in the coders at this point like they do in a
| bank. Feels like this story isn't stopping anytime soon.
| jMyles wrote:
| > The stablecoins that succeed aren't very interesting
| because they're simply blockchain representations of actual
| funds held elsewhere.
|
| Now do MakerDAO.
| xur17 wrote:
| Or LUSD (which is >100% backed by ETH).
| Aperocky wrote:
| > high-quality stablecoins
|
| Until the next financial crisis maybe?
| raesene9 wrote:
| The largest stablecoin by Market cap, Tether, has been
| discussed on here, quite a few times.
| okareaman wrote:
| I am not a good enough programmer to bet significant amounts of
| my life savings on my ability to write bug free code
| progbits wrote:
| Is there a website along the lines of istheshipstillstuck.com or
| arewewebyet.org but for "Is that coin / smart-contract dead
| already" ?
|
| Would be an useful reference in this ever-changing landscape,
| though I would pity the maintainers.
| hboon wrote:
| https://rekt.news/leaderboard/
| somedude895 wrote:
| Is there one for all the scam ICOs from 2017/2018? I'm
| ashamed to admit I fell for one called KYC and one called
| Crc, which was supposedly supported by Crytek or something.
| It was just a hundred bucks, but I've always wondered what
| happened to that one given that it had a well known brand
| tacked on.
| meepmorp wrote:
| That's amazing.
| progbits wrote:
| Indeed, wonderful! Thanks hboon (and viksit).
| viksit wrote:
| Yes - Rekt. https://www.rekt.news/leaderboard/
| puranjay wrote:
| I lost money in this.
|
| AMA I guess?
| vecinu wrote:
| The funniest, most ironic part is the ad at the top of the page,
| "Earn up to 12% APY on Bitcoin, Ethereum, USD, EUR, GBP,
| Stablecoins & more."
|
| I'm so tired of people manipulating others and telling them to
| throw their savings into "Stablecoins" for 5-12% APR. Pure
| insanity.
| davesque wrote:
| A $250k market cap token goes under and it makes the front page
| of HN. I think that sheds light on both the bias and extent of
| knowledge of the average HNer with regard to blockchain tech.
| armatav wrote:
| Why not just have a version 1 smart contract, that inside of it
| has an amount check that, if passed, rewrites the smart contract
| (or issues a new one) - version 2 - that rectifies the problem?
|
| So people who "agree" with the change can just insta-exchange
| their cash, and those who don't can keep their cash on version 1.
| Then you don't have bugs like this as easily anymore.
|
| This whole thing will no go very far without something like an
| update system. The old C programmers would laugh their ass of at
| a code-once-and-hope mentality.
|
| EDIT: And by rewrite I mean like how OTA updates "rewrite"
| things, have a coin-bootloader or something that takes care of
| it.
| nlitened wrote:
| What is the point of a smart contract that its owner might
| update on a whim? Just deploy an HTTP server.
| knownjorbist wrote:
| Any major smart contract updates over time, but in some cases
| they back themselves into a corner with a bug.
| chrisco255 wrote:
| I honestly don't understand why this coin even makes the news. At
| $250K it was less than a microcap penny token. It's insignificant
| and not worth a print.
| Shosty123 wrote:
| No kidding. Losing $250k on a bug would, relatively speaking,
| be a good day at my company.
| stiltzkin wrote:
| There are NFT that are worth more than $250k.
| Jhsto wrote:
| Despite the low liquidity on the exchange, the market cap of
| the token was supposedly $250M:
| https://twitter.com/Mudit__Gupta/status/1409463917290557440?...
| [deleted]
| rodiger wrote:
| that was a typo, it's 250k.
| graeme wrote:
| How did they have a marketcap of $250M as a stablecoin when
| they had 1000x less in reserves?
| incrudible wrote:
| That was the exploit. 248 million tokens were minted on
| $250k collateral.
| spiralx wrote:
| Because market cap is nonsense, if I create FooCoin with
| 1,000,000 tokens and sell one for $250, it has a market cap
| of $250M despite only ever having $250 in real money
| involved.
| graeme wrote:
| I know market cap isn't sensible for coins with varying
| values, but for stablecoins equal to $1 market cap is
| supposed to be the number of tokens in circulation and
| therefore should be close to reserves.
|
| Number of reserves is its own issue but only having 0.1%
| reserves is miniscule.
| mshumi wrote:
| Take this line of reasoning further and you reveal the
| problem with crypto to crypto taxation.
| graeme wrote:
| Why? When you sell you make a profit or loss, same as any
| other asset.
| chrisco255 wrote:
| Sounds like a statistical fluke to me (or some kind of
| market cap manipulation scheme). This token was not that
| liquid and not that widespread at all. I never heard of
| this token until today and I spend several hours a day on
| crypto.
| ayngg wrote:
| Because this is the kind of story that cryptocurrency
| detractors love, and that aligns with the general sentiment
| towards cryptocurrencies on HN.
| SavantIdiot wrote:
| Odd: HN is made up of the people closest to cutting-edge
| technology on the planet, and yet sentiment is negative on
| cryptocurrency. Hmmm...
| imtringued wrote:
| Cutting edge black market currencies? Most people aren't
| interested in that.
|
| People come with their Argentina and Venezuela inflation
| and capital control stories and I fully agree with them but
| it feels like that is in no way justifying the hype around
| cryptocurrencies. Average people just want the MLM fueled
| number go up speculation and that is about it.
| SavantIdiot wrote:
| I'd be curious to meet anyone who has bought something
| with any cryptocurrency, aside from drugs. And I don't
| mean online because why would I believe some internet
| rando? I was friends with a porn producer who started
| accepting bitcoin years ago and was paid in some, but
| I've never met someone (that I trusted) who bought
| something at Newegg or Telsa with BTC.
| fleddr wrote:
| It's odd indeed. This is a VC-created forum where its users
| reject entire sectors of new technology. Besides being
| anti-crypto, there also anti-google, anti-iot, and anti-any
| website looking fancier than something from 1996.
|
| It's a thing to accept and be entertained by I guess. The
| stunning lack of self awareness over here is legendary
| though.
| UweSchmidt wrote:
| Let's see:
|
| - Google: monopolistic tendencies, decline of their
| search engine, copyright troubles for youtubers, overall
| bad execution with their projects recently.
|
| - iot: really bad security and privacy, otherwise it
| would be neat.
|
| - modern websites: gauntlet of cookie banners and modals,
| ads and surveillance are criticized, page weight often
| silly, but the capabilities of modern websites are
| generally appreciated here.
|
| - crypto: enables ransomware and other crime, insane
| energy use, bad track record of ponzi schemes and hacked
| services, speculation vehicle with few winners, not
| generally used/usable for real payments; blockchain-based
| services not feasible (oracle problem, if possible then
| killer apps would have appeared, a Hello World program
| requires mining and melts your CPU, etc.)
|
| Did I sum up HN's sentiment correctly? Could you point
| out where the lack of self awareness lies?
| fleddr wrote:
| Yes, I could. You just did it, as did the 3 other
| replies. You double down and confirm my point.
|
| Like I said, I see the humor in it. It's culture. Every
| forum has a culture. That's why you came to the defense,
| even in absence of an attack.
|
| I know I won't change that, but I do want to explain my
| counter point by means of an example.
|
| You have absolutely no idea how deeply I hate Google. I
| could write books full of it. Yet I will still not fall
| in the trap of an absolute closed mind or simplistic
| binary rejection.
|
| Same for crypto and for anything large and impactful.
| It's a hard thing to do these days, to be a technologist
| for technology sake, and to cleanly separate it from the
| maker's reputation, personal politics, and so on. Very
| few things in life can be sorted into good or bad.
|
| So when you have topics that are close to taboo, yes, I
| do think that's odd.
| UweSchmidt wrote:
| I tried to present the arguments around here in a nuanced
| way. I don't think that there is much of a closed mind or
| a simplistic binary rejection, or a taboo, on technical
| topics here on HN.
|
| The onus is on crypto boosters (who are usually invested
| and would benefit from more hype) to present better
| arguments and demonstrate the general benefit/feasability
| of crypto.
| SavantIdiot wrote:
| > The stunning lack of self awareness over here is
| legendary though.
|
| Yes, indeed.
| pnt12 wrote:
| On another perspective, maybe HN is anti-scams, pro
| privacy, pro privacy and pro UX.
|
| No other discussions face such criticism, only crypto.
| Does everyone believe them with a burning passion? Or are
| people afraid of losing money?
|
| "It is difficult to get a man to understand something,
| when his salary depends on his not understanding it."
| wavesounds wrote:
| It's because so far all of these crypto currencies use
| terrible technology that is destroying the planet. There's
| nothing "cutting-edge" about block chain, it was a neat
| idea 12 years ago but since then it's proven itself to be a
| completely shit database.
| viksit wrote:
| It feels like the mainstream adoption of tokens is going to need
| the equivalent of FDIC coverage / credit card transaction dispute
| systems.
|
| Is it theoretically (or in practice) possible to reverse /
| mitigate these kinds of token transfers? How would we even think
| about that?
| koolba wrote:
| If the contract was "smart" enough you could require an escrow
| to a third party, but you're still trusting the contract to be
| correct.
| viksit wrote:
| Could you elaborate on this a bit? When you say "smart", do
| you mean "having knowledge of the escrow"?
| lucasnortj wrote:
| Lol smart contracts and blockchain are for tinfoil hat wearing
| people who need to get a girlfriend
| runbathtime wrote:
| > As a result, SafeDollar's price--which was supposed to always
| be equal to $1 since it's a stablecoin--has plummeted to zero,
| according to the protocol's own website.
|
| Any defi project can all themselves a stablecoin. It is false
| advertising to say that you will maintain the peg to a dollar if
| you cannot meet that promise.
|
| If you are just experimenting or trying to get something for
| nothing (synthetics- created out of thin air 'backing' your
| stablecoin), then don't make claims that it will be a dollar.
|
| Also, selling unregistered securities is illegal. Operating a
| money exchange business is a crime without license.
| yawaworht1978 wrote:
| You could also say it only lost 1usd in relative value./s
| omk wrote:
| A point that most crypto heads miss is that the world does not
| run algorithmically. Legal contracts do not work like a software
| program and that characteristic is a feature not a bug. Not being
| able to reverse transactions that were part of an exploit is in
| infact a bug. Businesses need that tolerance for error. You need
| an oracle in your system. The oracle can maintain transparency of
| the attestations carried out if that is what matters.
|
| An extreme anti-establishment view is driving most crypto
| enthusiasts into opting for tech that isn't going to remain in
| everyone's interest for too long. These lessons started with DAO.
| Barrin92 wrote:
| I'm gonna be honest I don't know what the audience is for a
| product where you risk losing your entire life savings because
| you typed a wrong word in a smart contract rather than paying a
| middleman a fraction of a percent.
|
| It's almost like a sort of willful ignorance of division of
| labour and the concept of pooling risk.
| ljm wrote:
| Or where you do the equivalent of stuffing cash under your
| mattress by hiding the password to your cryptowallet inside a
| safe, or using one of the various incantations of writing
| your password on a post-it note.
|
| Sure, the vast potential of reward justifies the added risk.
| But I'm also not in the US, I'm not rabidly anti-government,
| and I don't want to store my money under my floorboards.
| Good, old-fashioned, regulated banks serve a valuable
| purpose.
| UIGYUIUYG wrote:
| > by hiding the password to your cryptowallet inside a
| safe, or using one of the various incantations of writing
| your password on a post-it note.
|
| This is the scariest bit about crypto by far and that I
| will not deny. This is why whilst I don't trust banks, they
| do have big safes with locked boxes in. Using these with
| shamir backups is what protects my assets, and worst case
| scenario my private key is also split in two and engraved
| in two seperate countries.
|
| If it's ever at the point where I can't access any of
| these, there's bigger shit going on in the world.
| ljm wrote:
| It's also why I think crypto is suffering a bit of the
| Dunning-Kruger syndrome. We've had well over 2000 years
| of banking and it's always the case that protecting your
| money then becomes a legit business-case. The business
| plan is ages-old and always the same: take the money
| under protection, ensure a certain percentage in reserve,
| and profit off the venture by using a percentage of funds
| for investment and speculation. Just, not so much that
| you can't pay people back.
|
| The latter point is a stickler, so get regulation in
| there and ensure anyone doing banking is protected up to
| a certain sum. Any money beyond that... you put all your
| eggs in one basket, sorry. Other people need to be made
| whole, too.
|
| Use the same regulation so that banks that embezzle
| protected customer funds can be prosecuted, too. This
| equally applies to insurance, credit cards, loans, and
| other industries that make money out of offering money.
|
| You can't stop a run on the bank if everyone loses
| confidence at the same time, as we saw in 2008 (Northern
| Rock in the UK) or in 1929 (Wall Street). But as you
| say... that's when bigger shit is going on.
|
| But now... to me crypto feels like a group of upstarts
| thinking they can reinvent millennia of economics and
| come up with something better. All I've seen so far is a
| skeuomorphism to a scarce resource, essentially treating
| silicon as if it were gold.
|
| It's making a handful of people filthy rich, people who
| would have been well-off in the first place, but it's not
| changing the world for the better. It's siphoning another
| resource for a wealthy elite.
| staticassertion wrote:
| > This is why whilst I don't trust banks, they do have
| big safes with locked boxes in.
|
| This doesn't matter at all. Banks will hand your money
| over during a robbery - it's policy and it happens often.
| What matters is that banks have insurance and legal
| infrastructure to deal with theft. When a bank is robbed
| insurance covers the loss, the FBI begins investigations,
| etc. The lockboxes are for show (I worked in a bank, no
| one will tell you otherwise).
| bopbeepboop wrote:
| One interpretation would be that they view the risk of poor
| transactions as less than the misdeeds of the current system.
|
| Eg, fiduciaries who structure transactions to reap fees, like
| Bank of America, or places like Comcast who routinely
| mischarge.
|
| I'd be curious to see a study on bank fee abuses or rental
| scams and how much the public loses each year to racketeering
| by entrenched players.
| olah_1 wrote:
| > rather than paying a middleman a fraction of a percent.
|
| Having a middle man doesn't ensure safety. It just means that
| you have someone to blame if it all goes wrong. And even if
| you blame them, they most likely won't see any negative
| repercussions anyway.
| [deleted]
| [deleted]
| grape-eater wrote:
| Long term people are going to flock to DeFi services that
| have centralized discretion to compensate victims of exploit.
| One way to do this is to have a token that people can lock up
| and vote for/against a bailout.
| LudwigNagasena wrote:
| The audience is the people who don't want to deal with the
| government for whatever reasons, the most obvious one is
| doing something illegal like buying drugs or costly like
| sending money overseas in developing countries.
| teawrecks wrote:
| First world citizens like to complain about how little they
| trust their govts, but I find it very telling when those
| same citizens can only see crypto as a benefit to nefarious
| actors. It's like complaining about Facebook and continuing
| to use Instagram.
| imtringued wrote:
| I think it is because we are allowed to complain in the
| first place. Free speech is free (monetarily and
| legally).
| rchaud wrote:
| > I'm gonna be honest I don't know what the audience is for a
| product where you risk losing your entire life savings
| because you typed a wrong word in a smart contract.
|
| Some of crypto's loudest voices are young, college-aged
| people who've recently read Atlas Shrugged or Catcher in the
| Rye and are certain that _they_ will never be the ones to
| lose their keys.
| jk7tarYZAQNpTQa wrote:
| As of today, the audience is "people trying to get rich
| fast".
| brianwawok wrote:
| Doing illegal things, mostly.
|
| If you are working a w2 job and paying taxes and paying your
| mortgage / auto loan... crypto doesn't really help you.
|
| Blackmail? Awesome. Buying illegal substances? Awesome.
| Gambling? You got it...
| humbleMouse wrote:
| Why would any of those things be better bought with crypto?
| If anything, better to buy all of those things with fiat
| cash, no? Why would you want a permanent record recorded
| every time you buy something? (Crypto)
| rawtxapp wrote:
| > If you are working a w2 job and paying taxes and paying
| your mortgage / auto loan...
|
| You forgot to add "and live in a stable country with a
| stable currency and relatively functional contract/justice
| system".
| r3trohack3r wrote:
| I'm making an assumption here that "crypto" means "crypto
| coin" and, perhaps further, any form of blockchain based,
| consensus maintained, public ledger.
|
| I don't understand this "crypto is good for doing crime"
| narrative.
|
| When I'm doing crime, I strongly prefer there to be no
| record of the transaction. The closer I can get to an
| assurance there is no permanent record of the transaction,
| the safer I feel in deviating from the law.
|
| Conducting any illegal business in a permanent public
| ledger is a non-starter for me. Even with a public ledger
| that "guarantees" privacy, I'm staking my freedom on the
| underlying cryptography not being broken before the statute
| of limitations for my crime passes.
|
| I'd go as far as reversing this narrative. Crime moving to
| a permanent public ledger strikes me as any regulating
| body's dream.
| woodruffw wrote:
| > When I'm doing crime, I strongly prefer there to be no
| record of the transaction. The closer I can get to an
| assurance there is no permanent record of the
| transaction, the safer I feel in deviating from the law.
|
| You're exactly right about this, which is why it's
| important to remember that a plurality (majority?) of
| those who speculate in cryptocurrencies don't seem to be
| especially aware of the whole "immutable, irrefutable
| public ledger" aspect.
| roflc0ptic wrote:
| Those considerations notwithstanding, people are actually
| using crypto for criminal behavior. However great your
| arguments are against it, the reality is that it's
| happening.
|
| Reasons it might be happening: You can say they're being
| shortsighted and taking on unnecessary risk, but then,
| people who make criminal livings tend to have a higher
| appetite for risk than e.g. I do.
| mox1 wrote:
| The thing about Bitcoin right now is that it is being
| used for good AND nefarious purposes. So you get some
| level of "hiding in the noise".
|
| Add in the ability to move it around the world easily,
| its liquidity and transaction volume and you have just
| about the perfect grey / black activity currency.
| staticassertion wrote:
| > I strongly prefer there to be no record of the
| transaction.
|
| Other than cash, this isn't viable. You'll have to
| launder your money no matter what, at some point. Crypto
| just makes transferring trivial, it's less regulated, you
| can't go to your bank and ask them for help, etc. It's
| good for criminals for these reasons.
|
| There's radically more infrastructure for this sort of
| thing in existing systems. Crypto is far less regulated,
| you can transfer across countries easily, laundering
| becomes trivial, transfers via hacked accounts, etc.
| ipython wrote:
| I would argue that many criminals don't care if you know
| who they are. Plus cash doesn't "scale". Try ransomwaring
| millions of computers and cashing out with untraceable
| money.
|
| Criminals don't care if there's a record of their
| transactions because trans-national law enforcement is
| basically non existent. You got ransomwared from Ukraine?
| Nobody cares. Until, apparently, you cause havoc across
| the eastern seaboard by infecting a few corporate
| machines associated with a gas pipeline.
| WanderPanda wrote:
| You said it, when you are a debtor fiat with its constant
| debasement is great. For creditors fiat doesn't work that
| well.
| UIGYUIUYG wrote:
| You can literally say that about cold hard cash. Blackmail?
| Pay cash. Buying illegal substances? Cash. Gambling? Get
| your cash out. It's all in how you use it.
|
| https://eandt.theiet.org/content/articles/2021/05/moon-
| missi...
|
| Anything is a store of value, wood, gold, water, dogecoin
| ect. If people want to accept something for something else
| this is a way of life.
|
| It's just sad that people only see the bad use cases. How
| about if I transact only in crypto (Monolith card), now
| every purchase I make is via crypto, nothing different to
| using a bank card with US dollars backing it, just you have
| the full control over your own money.
| pavel_lishin wrote:
| Do people who had SafeDollar have control over their own
| money? Did the people whose money got locked in the DAO
| because of a software bug have control over their own
| money?
|
| > _How about if I transact only in crypto (Monolith
| card), now every purchase I make is via crypto_
|
| Do you in fact do this?
|
| > _nothing different to using a bank card with US dollars
| backing it_
|
| There certainly is if you read Monolith's fine print, and
| it's wildly disingenuous to pretend otherwise:
|
| _The Monolith account and Visa Debit Card are electronic
| money products which are not covered by the Financial
| Services Compensation Scheme or the Deposit Insurance
| System of the Republic of Lithuania. The funds will be
| safeguarded by Contis Financial Services Ltd or UAB
| ,,Finansines paslaugos ,,Contis". For any disputes, the
| Financial Ombudsman Service and the Bank of Lithuania
| consumers disputes resolutions institution are
| available._
| UIGYUIUYG wrote:
| > Do people who had SafeDollar have control over their
| own money? Did the people whose money got locked in the
| DAO because of a software bug have control over their own
| money?
|
| Nope, because they didn't do their due diligence. Do you
| deposit your savings to a new bank that's not had a
| single audit done? Are there any specific banks that you
| won't do business with? It's the exact same in the crypto
| sphere.
|
| > Do you in fact do this?
|
| I do indeed. I use it as my daily spending card. Should
| Contis Financial Services Ltd collapse it'd be a bummer,
| but I've lost more on a night out by dropping a paper
| note. I will agree it's not like using a bank card, I
| should specify more like a pre-paid card.
|
| Whilst you don't get the financial protection that you do
| with standard institutions it's the price you have to pay
| to start working towards a different financial future.
| umanwizard wrote:
| > Do you deposit your savings to a new bank that's not
| had a single audit done?
|
| Sure, because banks in my country are regulated, and
| deposits are insured, so I trust literally any bank.
| pavel_lishin wrote:
| Valid points, but the financial future crypto like this
| paints is not a future that seems better to me, not like
| a future I want to live in, or work toward.
| rednerrus wrote:
| The difference is you can't use dollars to do digital
| transactions. Good luck with sending a suitcase full of
| cash to SatoshiDice. Even better luck getting a suitcase
| back.
|
| The only value add for crypto right now is that it's
| pseudoanonymous and you can use it for black market
| transactions. Other than that why not just use Venmo or
| CashApp?
| andai wrote:
| This is one reason cash is being phased out in many
| countries. It took me most of a week to deposit money on
| my account -- the bank literally would not take my money!
| They told me to find a machine, and they were either out
| of order, removed, or did not take cash.
|
| Well, that's the noble explanation. Another consequence
| is they can now have an electronic record of every single
| purchase almost every citizen makes.
| [deleted]
| ncann wrote:
| > It's just sad that people only see the bad use cases
|
| Yeah, when 95%+ of the actual things that people use
| crypto for are those things, it's hard not to. Can you
| honestly say the "valid" uses for crypto take up more
| than 5% the total volume in any possible metric you can
| think of? It's always ransomware, extortion, blackmail,
| money laundering, drugs, you name it.
| admiral33 wrote:
| Do you have a source for '95%+'?
|
| https://www.forbes.com/sites/haileylennon/2021/01/19/the-
| fal...
|
| https://www.cnbc.com/2021/01/24/overall-bitcoin-related-
| crim...
| UIGYUIUYG wrote:
| One I personally know of -
| https://cryptoslate.com/another-big-cardano-ada-deal-is-
| in-t...
|
| There is many other cases for blockchain / crypto
| technologies far beyond the world of ransomware,
| extortion, blackmail, money laundering.
|
| > The country will implement a national, blockchain-based
| student and teacher ID and attainment recording system to
| digitally verify grades, remotely monitor school
| performance and boost education and employment
| nationwide.
|
| > IOHK's Atala PRISM identity solution will enable
| authorities to create tamper-proof records of educational
| performance across 3,500 schools, 5 million students, and
| 750,000 teachers to pinpoint the locations and causes of
| educational under-achievement and allocate educational
| resources effectively.
|
| You've got Walmarts chinese subsidy investing in vechain
| for logistics:
|
| https://cointelegraph.com/news/walmart-china-subsidiary-
| team...
|
| These are just two off the top of my head, let alone all
| the partnerships in the works that we haven't heard about
| yet.
|
| There's big money getting into crypto whilst
| simultaniously lots of news and opinions regarding the
| fact it's used for nefarious acts.
| [deleted]
| diamond559 wrote:
| So you're just making up number because they sound right
| to you? In the future, if you do some simple googling
| before you join a conversation you'll sound less
| uninformed.
|
| https://www.newsweek.com/illegal-use-bitcoin-
| dropped-50-2020...
| brianwawok wrote:
| Totally true.
|
| That said, to deposit 10k of cash in a bank you need to
| fill out some forms.
|
| I also don't have a great way to send you say 100k in
| cash. Suitcase full of dollars? But I can send you 2 BTC
| much easier.
|
| The big hole in demanding giant ransoms was always taking
| delivery of the suitcase full of money. Not so hard to do
| with digital currency.
| [deleted]
| darepublic wrote:
| > Gambling? You got it...
|
| I had high hopes for betsofbitcoin but after making a bet
| on the 2014(?) superbowl the mtgox scandal occurred and my
| last bet was never redeemed.
| swiley wrote:
| Or just small experimental things. I can pay for jmp.chat
| with bitcoin, the dev doesn't have to deal with paypal and
| I don't have to worry about my credit card being stollen.
| slg wrote:
| To be fair illegal is not the same as immoral. For example,
| cryptocurrencies can also be used to transfer money out of
| financial system controlled by oppressive regime which is
| largely a positive use. The problem is that "oppressive
| regime" is a matter of opinion and therefore these
| transfers are indistinguishable from tax evasion and other
| financial crimes. Techno-libertarians see that as a
| feature, I think most of the rest of us see that as a bug.
| There is no economic or technical solution there. It is
| almost exclusively an issue of personal politics.
| brianwawok wrote:
| Right, I am not passing judgement. I am not saying
| gambling in certain ways is immoral, but I am saying that
| it is illegal and thus bitcoin is often used to try and
| stay hidden.
| ognarb wrote:
| The only audience are people who don't know about that or
| have more to win than to loose.
| sneak wrote:
| > _Legal contracts do not work like a software program and that
| characteristic is a feature not a bug._
|
| Not everyone agrees with that. Everyone using smart contracts
| is opting in to code-as-law - nobody who doesn't want that
| needs to use or touch them.
| krrishd wrote:
| I don't disagree with you, but I think the only fallacy here is
| that it's an extremely zero-sum way to look at things.
|
| Are we perhaps better off for many -- maybe even _all_ -- of
| our status quo legal contracts not working like software
| programs? Sure.
|
| Is there a class of legal contracts -- either already in
| existence, or made possible by crypto -- that'd make much more
| sense if ran like software (with different
| requirements/constraints than the error tolerance you
| described)? I don't see why not, and why this would be mutually
| exclusive with the first premise.
| omk wrote:
| I agree that it isn't a zero sum game and that there are
| valid use cases. But I don't see any of these use cases
| operating over a multi-million dollar business. There has to
| be a way to override an exploit when a sum like that is at
| stake.
| krrishd wrote:
| Not to suggest that this is the best way to do it, but
| that's already happened on Ethereum:
| https://en.wikipedia.org/wiki/The_DAO_(organization)
| verdverm wrote:
| Where does the legality of a contract get determined?
|
| The execution of a contract seems distinct from is legal
| validation.
| crote wrote:
| What would such a contract look like?
|
| The whole point of crypto-like contracts is that the terms of
| the contract are defined solely by code. Ambiguity is, by
| definition, impossible.
|
| If you remove that, why not just use a regular contract?
| TrainedMonkey wrote:
| A point that most people miss is that the world is slowly being
| eaten by algorithms. One example would be trading floors being
| converter from mosh pits to electronic ledger books. Another
| example would be slow advent of self driving, sure it's not
| here yet, but I think we can agree it is possible.
|
| So, is it that much of a stretch to assume that some day a
| significant fraction of contracts will be more algorithmic?
| "The best way to predict future is to create it" - unatributed.
| lamontcg wrote:
| The backstop needs to be humans.
|
| The rest of the world doesn't want to lose millions due to an
| exceptional condition in a contract that wasn't apparent on
| audit.
|
| That isn't how the law works, and that's a good thing.
|
| When it comes to contract disputes you ultimately wind up
| before a human with hopefully decades of experience trained
| by a system with centuries of experience which can deploy
| some level of nuance.
|
| Which is not how geeks think the legal system works. Or if
| they do understand it works that way they feel that it is
| flawed. That isn't a flaw, that's a feature.
|
| Sometimes it goes wrong. But if you're ever the beneficiary
| of a judge going "yeah that contract term was always
| bullshit. you think you're clever, but i wasn't born
| yesterday. nullified." then you'll appreciate it.
| Sevii wrote:
| This is the reason crypto enthusiasts are enthusiastic in the
| first place.
|
| Crypto enthusiasts want to defect from the system of democratic
| law in favor of algorithmic law.
| MattGaiser wrote:
| Indeed. Credit cards are far less decentralized than cash. But
| because credit cards have an administrator to protect the
| consumer, they are also preferable to cash.
| drcross wrote:
| The majority of people in the world can't get a credit card.
| jvanderbot wrote:
| This argument does not help. Those same folks cannot carry
| around a crypto-buck either.
|
| There are plenty of mobile-only banking solutions that are
| widely used in non-western worlds, and that's likely a
| model for emerging economies. When electronic banking
| comes, OP is saying that standard banking ("perfected over
| millenia TM") is honestly quite preferable over algorithmic
| contracts.
| thebean11 wrote:
| > Those same folks cannot carry around a crypto-buck
| either.
|
| Many of them can. Smartphones have much higher adoption
| than credit cards in these areas.
| jvanderbot wrote:
| > There are plenty of mobile-only banking solutions that
| are widely used in non-western worlds, and that's likely
| a model for emerging economies. When electronic banking
| comes, OP is saying that standard banking ("perfected
| over millenia TM") is honestly quite preferable over
| algorithmic contracts.
| vel0city wrote:
| FWIW, traditional banking and credit processes existed
| over a millennia ago. The Book of Ezekiel which writes a
| lot about the "sin" of interest was written around 593
| BC. Exodus which classically is attributed to Moses was
| probably actually written down around that time as well
| also talks about charging interest. Clearly people over
| 2500 years ago had concepts of loans, interest, and debt.
|
| Note: I am not a religious extremist, I have a
| traditional mortgage and an auto loan.
|
| https://biblehub.com/ezekiel/18-13.htm
|
| https://biblehub.com/exodus/22-25.htm
| jvanderbot wrote:
| Exactly. This system has been polished to some definition
| of fairness over a long period of time. "millenia".
| vel0city wrote:
| Ah oops for some reason in my mind I read that as
| singular millennium. My bad!
| jvanderbot wrote:
| I thought it was very informative anyway, so thanks!
| acka wrote:
| > This argument does not help. Those same folks cannot
| carry around a crypto-buck either.
|
| I'm commenting on this as well as sibling and descendant
| comments: There are First World countries (several in
| Europe) in which credit cards are both uncommon and
| pretty much inaccessible to the majority of the
| population while at the same time crypto services apps
| and wallets are ubiquitous. The reason why credit cards
| are not is because governments want to discourage
| excessive personal debt.
| CJefferson wrote:
| Let's hear about the several European countries where
| crypto of much more popular than credit cards.
| CydeWeys wrote:
| > This argument does not help. Those same folks cannot
| carry around a crypto-buck either
|
| I'm not a big DeFi booster, but I don't think that's
| true. All it takes is a mobile phone. There's some pretty
| compelling videos coming out of El Salvador showing just
| how easy it is to instantly transact Bitcoin between two
| people simply by scanning a QR code on the other person's
| phone and then sending a Lightning Network transaction.
| This is already reality on the ground, and seemingly more
| accessible than getting access to credit.
| jvanderbot wrote:
| You'd have to ignore the rest of the comment to honestly
| think this is a reply to the point OP was making and I
| was clarifying.
| gowld wrote:
| How is that different from M-Pesa or Venmo? The
| difference is that no one has shown up yet in that
| particular location to set those up, but someone did come
| set up Bitcoin infra in El Salvador.
|
| Still, the ease of spending crypto in El Salvador, great
| as it is, does not prove it's safe and that everyone
| won't get hacked and robbed.
| paxys wrote:
| Those same people are way less equipped to use crypto. I
| have been to shops in rural areas in third world countries
| which have credit card machines running over telephone
| lines. Broadband internet and fancy tech is still a decade+
| away for a lot of parts of the world.
| wnevets wrote:
| but they can get and use {meme}coin?
| toomuchtodo wrote:
| This is true, but with that said 54 countries have instant
| payments [1] [2]. This number will only grow, as you're
| just pushing messages around queues. Once Congress lit a
| fire under the Fed, it's only taking ~4-5 years to roll out
| instant payments in the US. This is very fast for such
| endeavors.
|
| Your average financial consumer in most countries is going
| to trust their bank and government to protect their fiat vs
| cryptopunks, blockchains, "smart contracts", and
| "stablecoins". To compete with fiat, you need to sell trust
| and recourse, not speed, and that's something crypto
| inherently doesn't support.
|
| (No need to point out Venezuela and the like about where
| crypto might have a chance, ground truth shows those folks
| overwhelming used Zelle and clandestine US deposit accounts
| to circumvent government monetary controls [3] [4])
|
| [1] https://www.moderntreasury.com/journal/real-time-
| payments-ar...
|
| [2]https://empower1.fisglobal.com/rs/650-KGE-239/images/Rep
| ort_... (pdf, start at page 30)
|
| [3] https://www.coindesk.com/venezuela-is-a-testing-ground-
| for-d...
|
| [4] https://mobile.twitter.com/jp_koning/status/12540091122
| 63868...
| phreack wrote:
| The crypto movement in South America is growing
| explicitly because people are increasingly not trusting
| their banks and government to protect their fiat. I've
| never heard of Zelle and not everyone has access to a
| clandestine US account, while anyone can buy open a
| crypto wallet and get some DAI.
| toomuchtodo wrote:
| Could you provide evidence or a citation of crypto uptake
| in South America?
| staticassertion wrote:
| This is consistently the case too, not just in financial
| systems. Even language, which is loosely structured and
| something we get 'wrong' a lot on a day to day basis, is
| _better_ for that reason - strictness just doesn 't fit into
| the world of human beings. We're much better at using context
| to make case by case calls - a rigorous, inflexible system is
| playing against our greatest strengths.
| derac wrote:
| Yes, secure your own keys or risk losing everything doesn't
| work in the real world. This is a level of required diligence
| by the end-user that is unacceptable for any real world use.
|
| With billions being syphened from African countries, it's hard
| to make the case that crypto microloans are a net good for the
| continent.
| rednerrus wrote:
| Many of those taken in some of these elaborate scams, are
| security EXPERTS. Assuming that Joe T Dillhole is going to be
| better at securing their bag than security experts is a
| stretch.
| Bancakes wrote:
| So long as these are software errors, we can fix them. We can't
| drain swamps, though.
| dcolkitt wrote:
| Much of the world literally does run algorithmically. Literally
| every day you trust your life, privacy and money to algorithms
| that make decisions without human intervention. The financial
| system trades trillions of dollars in automated systems that
| make split-second decisions in a way that precludes human
| supervision. Hedge funds and banks already trust algorithms
| that if broken could lose billions.
|
| The existence of flawed software does not mean that it's
| impossible to make reliable or trustworthy software. If you'll
| never trust your money to a smart contract no matter how
| vetted, then I'd recommend you never fly a plane or store
| personal data in the cloud.
| NovemberWhiskey wrote:
| > _Literally every day you trust your life, privacy and money
| to algorithms that make decisions without human intervention.
| The financial system trades trillions of dollars in automated
| systems that make split-second decisions in a way that
| precludes human supervision._
|
| ... but when that stuff goes wrong, which it does, we don 't
| just say "geez that's too bad, the code is the code".
|
| Look at the 2010 flash crash: something like 20,000 trades
| were broken after discussion between FINRA and the exchanges
| based on how far they were from the reference price.
|
| Similarly, I don't end up eating the entire loss if my bank's
| anti-fraud system mistakenly approves a transaction on a
| stolen credit card, because I have 60 days from the statement
| date to report the problem under the FCBA.
|
| The point is that in most cases where physics is not involved
| (e.g. flight control systems), the real-time behavior of the
| systems is backstopped by processes to deal with exceptions
| in a slower, more considered way.
| dcolkitt wrote:
| Knight lost half a billion dollars in 30 seconds and not a
| single trade was reversed. If anything similar happened to
| any major hedge fund or market maker, nothing would get
| reversed.
|
| Every hedge fund and market maker knows that if their
| algorithms break, their money is gone. Period. No backsies.
| The point is billions in capital is already completely
| trusted to algorithms with no human fail safe.
| NovemberWhiskey wrote:
| > _Knight lost half a billion dollars in 30 seconds and
| not a single trade was reversed. If anything similar
| happened to any major hedge fund or market maker, nothing
| would get reversed._
|
| I am pretty sure that NYSE canceled trades in six names
| after Knight; and the LULD pause rules that were
| introduced after the 2010 flash crash (unfortunately too
| late to save Knight) also create opportunities for human
| intervention.
| twic wrote:
| > The financial system trades trillions of dollars in
| automated systems that make split-second decisions in a way
| that precludes human supervision.
|
| Nope. Regulations require human supervision, in some way, of
| that trading.
|
| Furthermore, those trades have exactly the kind of non-
| algorithmic softness that omk talks about: if an algorithm
| makes a trade which is obviously incorrect, you can ask the
| exchange to bust it.
| orthecreedence wrote:
| I'd say most of the systems you mention either a) have human
| failsafes b) have years of pre-algorithmic precedent such
| that the algorithm matches some well-known accepted process
| or c) are speculative in nature and therefor can assume the
| risk of a faulty algorithm.
|
| Algorithmic stablecoins are mostly in category "c" so far.
| There is no human failsafe and there is no predetermined
| process that can shape the algorithm.
| bostonsre wrote:
| > The existence of flawed software does not mean that it's
| impossible to make reliable or trustworthy software.
|
| It also doesn't mean that it is economically feasible to make
| 100% reliable or trustworthy software.
|
| > If you'll never trust your money to a smart contract no
| matter how vetted, then I'd recommend you never fly a plane
| or store personal data in the cloud.
|
| Isn't vetting of contracts the opposite of having a no human
| touch algorithmically run world?
|
| And who does the vetting of the code? Who does the vetting of
| the people the vet the code? Who does the vetting of the
| people that run the code?
|
| To have your money in smart contracts right now is tantamount
| to seeing those 737 max plane crashes in the past, then
| plugging your ears with your fingers and saying I can't wait
| to fly on a 737 max tomorrow. It's kind of a mess out there
| right now [1].
|
| [1] https://cryptoslate.com/binance-smart-chain-sounds-alarm-
| ove...
| jtbayly wrote:
| Sure. But when you get pissed off at those algorithms, you
| can turn to the government to force the entities behind the
| algorithms to change the result. That's the whole point. It's
| not algorithmic _in the end_. Code is not law, and if it is,
| that 's a bug, not a feature, to most people.
| dswalter wrote:
| But in many cases, there are ways to dispute and/or
| retrospectively fix or amend a transaction that is mis-
| classified.
|
| In the exceptionally rare case that something is exploited
| within a cryptocurrency, there is no recourse for the victim.
| crazygringo wrote:
| > _Much of the world literally does run algorithmically._
|
| I think you're missing the parent's point, which is around
| the world running on _legal contracts_.
|
| It's that _legal disputes_ are settled non-algorithmically.
| If someone harms you through fraud or other illegal action, a
| judge can order a transaction reversed, etc.
|
| None of this has anything to do with algorithmic trading, or
| using algorithms in finance generally for efficiency.
| tptacek wrote:
| It literally does not. The world runs _advised_ by
| algorithms, but not _governed_ by them. It 's a fundamental
| difference. When algorithms in the real world create lose-
| lose outcomes, people override them, which is why when your
| credit card gets stolen you don't end up paying for stuff.
| You can bake that logic into a software contract, but if the
| design of your system is that the totality of software
| contracts are the final word, you have the same problem; you
| can't predict all the corner cases. It turns out a lot of the
| human beings that work for companies engaged in the financial
| system actually do stuff to solve problems.
| thaumasiotes wrote:
| > When algorithms in the real world create lose-lose
| outcomes, people override them, which is why when your
| credit card gets stolen you don't end up paying for stuff.
|
| An exploit where I take all your bitcoins isn't a lose-lose
| outcome, and neither is that. If I steal your credit card
| and you have to pay for my stuff, you're the only party who
| loses.
| adtac wrote:
| If you steal my credit card and buy things with it, I
| will call my bank and I won't need to pay for it when I
| settle my statement balance at the end of the month. The
| bank will follow up with the merchant and/or law
| enforcement and, in most cases, the bank will get its
| money back somehow. In the cases where it doesn't, I'm
| sure the bank is insured against losses. Banks and
| insurance companies probably have a complicated model for
| estimating $X/yr in theft.
|
| If someone steals my wallet's private key (= stealing my
| credit card), I'm done. There is no recourse AFAIK.
| G3rn0ti wrote:
| But there is a price to pay for the responsibility you
| burden off onto the bank. Banks charge fees, pay almost
| zero interest (at least currently) and are usually very
| unpleasant to deal with when you want to borrow money.
|
| I'd say it depends. You probably shouldn't manage your
| life savings using a crypto wallet. Keep some money at a
| bank. Keep some money in cryptos.
|
| Cryptos are not a solution to every financial problem out
| there but they add new and exciting options for us. Don't
| think black and white. But embrace more freedom to
| choose.
| [deleted]
| thaumasiotes wrote:
| > If you steal my credit card and buy things with it, I
| will call my bank and I won't need to pay for it when I
| settle my statement balance at the end of the month.
|
| This is an epically terrible argument for why you
| shouldn't have to pay for things someone else purchased
| with your stolen credit card. "I shouldn't have to
| because I don't have to"?
|
| Compare tptacek's claim:
|
| >>> which is why when your credit card gets stolen you
| don't end up paying for stuff.
|
| There are four parties involved: you, the thief, the
| bank, and the merchant.
|
| When you can afford to pay, here's a win/loss table in
| the case where you have to pay: you:
| lose bank: win merchant: win
| thief: win
|
| And in the case where you don't have to pay, but the bank
| collects from the merchant: you:
| win bank: win merchant: lose
| thief: win
|
| You don't have to pay, and the bank can't collect from
| the merchant: you: win
| bank: lose merchant: win thief:
| win
|
| When you have to pay, but you can't afford it:
| you: win bank: lose merchant:
| win thief: win
|
| Where's the lose/lose scenario?
| tptacek wrote:
| I was sure someone would make this argument and debated
| dumping more words into my comment to address it
| preemptively, but figured instead I'd wait for someone to
| spell it out first.
|
| So, just to clear this up: you, the customer, and your
| credit card company agree that it's lose-lose for retail
| customers to be on the hook for credit card fraud. It
| makes it much harder to actually use the credit card
| transaction processing system, which you want to do
| because it's way better and safer than carrying cash, and
| the credit card companies want you to do because they're
| credit card companies.
|
| In any given situation, a merchant on the hook for stolen
| stuff does not agree that this is lose-lose. Them getting
| paid with stolen money is a win-lose for them. But the
| credit card company takes the long view: if customers
| were always on the hook for this stuff, customers would
| stop using credit cards as much. It's better for everyone
| if it's easy to buy things, and not terrifying to shop
| online.
|
| Merchants that disagree with this assessment can refuse
| to take credit cards. They can just take Bitcoins, The
| Currency Of The Future. The consensus view here is not
| hard to discover.
| frumper wrote:
| As the holder of the credit card I can't think of a good
| reason why I would/should pay the debt off for a purchase
| I didn't make. I did not initiate the sale with the
| merchant, I did not verify I was the rightful card
| holder, I did not authorize the funds to be transferred,
| and I will not send money to that bank to make up for any
| of that. Banks are in the business of encouraging
| transactions and my card number could be skimmed from a
| physical device, or from hacked website on the internet,
| or I used it at Target
| https://money.cnn.com/2013/12/18/news/companies/target-
| credi..., or someone physically stole my wallet.
|
| If they did try to collect then that sounds like a great
| reason to go back to cash because even if I get mugged,
| criminals can't spend me tens of thousands of dollars
| into debt by stealing my cash on hand. They are limited
| to what's in my wallet.
| thaumasiotes wrote:
| > As the holder of the credit card I can't think of a
| good reason why I would/should pay the debt off for a
| purchase I didn't make.
|
| This applies to everyone involved, but someone's going to
| pay for the loss anyway, unless you can recover from the
| thief.
|
| There is no reason for the merchant to pay for the
| purchase either -- he is even less culpable than you are.
| But that's what everyone is advocating here.
| WanderPanda wrote:
| Replying to adtac:
|
| But what if someone does not want the insurance of the
| bank? There is no opt out. With something like bitcoin
| you ideally have the option to take the risk of final
| settlement on your own or delegate it to some insurance
| deliberately
| dcolkitt wrote:
| You are aware that the vast majority of financial market
| trading is run by algorithms that _govern_ not _advise_
| vast amounts of capital in an irreversible way.
|
| Sometime these algorithms break or are exploited. Often in
| spectacular disasters. Knight lost half a billion dollars
| in 30 seconds. Nobody reversed though, even though it was
| clear error.
|
| If you have a 401k I guarantee you that a significant
| amount of your money was traded by an algorithm that if
| broken would have lost everything. If the question is
| whether people would ever trust capital to irreversible
| algorithms, the answer is they already do. It's called the
| stock market.
| xyzelement wrote:
| // Knight lost half a billion dollars in 30 seconds.
| Nobody reversed though, even though it was clear error.
|
| You cited Knight twice in this thread, and it's just not
| the same concept. I think your point is that people
| should accept irreversible transactions in whole because
| there are some edge cases where they exist today, and
| that just doesn't make sense.
|
| First, there's a difference between an average person and
| Knight in the degree of sophistication of tools that they
| can wield. So the fact that Knight is allowed to operate
| like this is in no way connected to whether this mode
| should be the default for an average person.
|
| Second, the Knight example can be interpreted as an
| exception that proves the rule. They had an unforced
| error that (from what I recall) looked to the rest of the
| world like real trading. But there's a whole other slew
| of issues (clearly bad prices, exchange-errors, etc) that
| cause trades to be unwound. Some exciting reading if you
| care: https://www.investopedia.com/terms/e/erroneous-
| trade.asp
|
| You have a point that yes to some extent we're all
| subject to underlying risk of irreversible activity but
| the bigger point is that we as society try to minimize it
| where possible. So moving the system in the other
| direction, especially where it makes it easy for Joe-Blow
| to fuck it up, is not the way.
| dcolkitt wrote:
| There's no categorical difference between Knight and
| Vanguard. If Vanguard fucks up its trading, the exchange
| is not under any obligation to make it right. The only
| difference is that Knight was a lot more aggressive in
| terms of pushing the envelope on its algorithms to reap
| excess profit. I'm sure Vanguard is a lot more
| politically sympathetic, but I'd trust that "guarantee" a
| hell of a lot less than I'd trust battle tested software.
|
| Say the fund managers running your 401k decided to say
| "fuck it, turn off all the circuit breakers." Would you
| just shrug your shoulders and say "no worries, I'm sure
| FINRA's got my back if anything goes wrong. Blindly
| trusting the people running institutions to keep you safe
| is as misguided as assuming that all software is
| infallible .
| umanwizard wrote:
| > If you have a 401k I guarantee you that a significant
| amount of your money was traded by an algorithm that if
| broken would have lost everything
|
| How so? My 401k is invested in a fund that just owns a
| broad index of stocks, not an algorithmic trading hedge
| fund.
| mason55 wrote:
| Even that has an "algorithm" behind it - they have to
| manage inflows & outflows, the heartbeat trades if it's
| an ETF, etc. Vanguard doesn't have a person sitting there
| buying a little bit of AAPL every time someone invests in
| VTSAX.
|
| OP is trying to say that even something as simple as
| VTSAX could have a problem and, I don't know,
| accidentally sell all its AAPL and so it's proof that
| even for the current market there are rules that govern.
|
| Except, of course, if VTSAX dumped all their AAPL somehow
| the trade would be unwound, as trades occasionally are.
| Selling stock on the market is not nearly as irreversible
| as it may seem.
| holoduke wrote:
| The world is more than just automated trading systems
| remolacha wrote:
| The matching engine on the exchange is also automated.
| The settlement system is electronic. Etc. etc.
| umanwizard wrote:
| Yes and if any of those make mistakes, the trades can be
| rolled back with human intervention.
| jgalt212 wrote:
| > Sometime these algorithms break or are exploited. Often
| in spectacular disasters. Knight lost half a billion
| dollars in 30 seconds. Nobody reversed though, even
| though it was clear error.
|
| This actually blew my mind. The exchanges bust trades all
| the time. I don't why they didn't do it in this case.
| Applejinx wrote:
| I think quite a few people who find crypto objectionable
| will also consider many, even most of the weirder
| technological outgrowths of the stock market to be every
| bit as objectionable.
|
| As we've repeatedly learned, to the detriment of most
| people in the world.
| kasey_junk wrote:
| Knight took closer to an hour to melt down than 30
| seconds.
|
| NYSE and the SEC _chose_ not to reverse those trades but
| they could have. There are plenty of ways the exchange
| can undo those and also trade busts happen daily on every
| exchange.
|
| Almost certainly if a large index etf or fund lost
| everything to a software glitch the trades would be
| reversed and even if for policy reasons they weren't they
| could be. The facility exists.
| tptacek wrote:
| In a previous lifetime not so long ago, I was paid to
| find vulnerabilities in exchange infrastructure --- order
| routers, match engines, FIX gateways, all that stuff.
| When I was getting started, any interesting finding was
| super exciting. "This is a billion-dollar vulnerability!
| Suck it, Mark Dowd!"
|
| Then I learned about out-trades. In reality, these
| heavily automated markets screw up (or, rather, customers
| of these markets screw up) somewhat regularly. Surprise:
| one of the reasons lots of humans work both at the
| exchanges and at companies that program directly to them
| is that mistakes happen, and are often resolved not by
| code but by hashing things out between cooperating blobs
| of electrified fat tissue. Gross, I know!
|
| Obviously, there are big screwups where the rules coded
| into the algorithm are the last word. But those rules
| aren't always the final word, and, more importantly, the
| rules themselves are easily changed when the electric
| meat blobs want them to.
| G3rn0ti wrote:
| I think the word ,,smart contract" does not actually describe
| them very good. Of course, a piece of software can not replace
| a legal contract, really, because software is stupid and
| inflexible.
|
| Think of smart contracts rather as vending machines for
| financial transactions. For example: You enter some crypto
| coins, maybe select an option and the machine returns a receipt
| for redeeming your investment plus some interest later.
|
| If the machine is well designed it will forever do the same
| thing and, hence, be reliable and convenient. Of course, bugs
| can happen. But like with vending machines, you test and audit
| its code before deploying it everywhere.
| remram wrote:
| In a very real way, those contracts are less smart than
| existing legal contracts.
|
| In the same way a "smart speaker" allows for interactive and
| sensitivity to its environment compared to a "dumb speaker",
| a "legal contract" allows for arguing and bugfixing and
| sensitivity to its environment compared to an block chain
| "contract".
|
| They should call them "strict contracts" or "inflexible
| contracts" or "software-enforced contracts". The smarts have
| been taken out on purpose.
| G3rn0ti wrote:
| > The smarts have been taken out on purpose.
|
| Yes. Where dumb contracts make sense, they make many
| financial services much cheaper. But investing your life
| savings somewhere will probably forever demand counselling
| by a human being.
| kybernetikos wrote:
| > In a very real way, those contracts are less smart than
| existing legal contracts.
|
| It's more that they're just entirely separate things. Smart
| contracts are programmable money. Contracts are agreements
| between parties. The fact that you can use smart contracts
| to automatically take actions required by an actual
| contract is interesting and useful, but it's not enough to
| make the two comparable.
| remram wrote:
| I'm not the one who decided to name them "smart
| contracts" instead of "programmable money". Not that I
| think the latter term makes sense...
| Kiro wrote:
| I'm a crypto head but I don't think it will ever replace
| traditional systems in any way. For me, DeFi is its own
| cyberpunk universe where this stuff is part of the game.
| derefr wrote:
| > that the world does not run algorithmically
|
| Sure it does: moving gold and commodities between countries in
| non-mutually-friendly regimes, very much resembles crypto.
|
| Fiat finance is a system of contract law built _on top of_ a
| de-facto "state of nature" of irreversible no-arbitrator
| commodity transfers. It exists in places where people can agree
| on who the arbitrating party should be. It does not exist
| outside of those places. It _especially_ does not exist between
| powers that are actively at war.
|
| Cryptocurrency platforms are, at a base layer, a digital
| equivalent to the commodities-transfer "state of nature." Many
| crypto platforms _also_ have the mechanisms within them to
| build fiat finance systems atop them. (The keyword to search
| here is "security tokens".)
|
| I personally think that's for the best. Build something that
| can simulate _all_ the kinds of finance the real world operates
| on, rather than only some.
|
| Most people, most of the time, if they touch crypto at all,
| should be doing so using one of the fiat "layers" on top of
| crypto, rather than the commodities-transfer base layer. Just
| like people should be buying things using credit cards, rather
| than by sending gold bullion in the mail.
|
| But if the fiat layer were the _only_ layer, then you 'd have a
| system that only worked where contract law works, which would
| be no better than the existing fiat ecosystem, in the sense
| that it wouldn't enable many of the use-cases that
| cryptocurrency enables. Chief among those use-cases being
| securely transferring commodities to people in countries that
| your own fiat regime's financial infrastructure refuses to deal
| with, for them to then convert to local fiat money. (See e.g.
| the saga of this YouTuber
| https://www.youtube.com/channel/UCAPrhJwVweWZA8GEPoClSdw trying
| to pay his employees/contractors in Nigeria, Liberia, etc. for
| their work.)
| res0nat0r wrote:
| At least to me, and possibly others, any system which I have
| my money invested and I can lose everything I own with no
| recourse due to some exploit is completely laughable and
| something I will never ever touch. There's a reason folks
| keep their life savings in a Chase bank account, because if
| something like this happens you have recourse to recover your
| money.
| UIGYUIUYG wrote:
| Then don't put your money in a newly created contract?
|
| You yourself say you keep it in a Chase bank account, you
| sure as hell wouldn't put your life savings in a newly
| created bank and trust everything to them would you?
|
| Look at what you put your money into, has it had any audits
| done (this applies to both tax / financial audits for brick
| and morter stores, and code audits to smart contracts).
|
| I will never ever invest my money with HSBC, they have
| shown time and time again to willfully break the law and
| soley gain monetarily from it, the governments or financial
| institutions don't do anything about it. Just like I will
| never ever invest my money into USDT, I think it's a
| massive scam and don't touch it in the slightest, doesn't
| stop millions of others investing though.
| res0nat0r wrote:
| I'll take an FDIC insured bank over some new cool crypto
| project any day of the week.
| kybernetikos wrote:
| That's different, that's because you trust the insurance.
| If you had insurance you trusted for the new cool crypto
| project, you might feel differently.
| fastball wrote:
| People have never lost their life savings when held in a
| bank account?
| craftinator wrote:
| I'm just gonna leave this here:
|
| https://youtu.be/CS9ptA3Ya9E
|
| It's a dark comedy sketch that has an answer to your
| question.
| skytreader wrote:
| I think your position is essentially at odds with parent.
|
| > Sure it does: moving gold and commodities between countries
| in non-mutually-friendly regimes, very much resembles crypto.
|
| Parent is talking about a legal framework and yet your
| counter-example is a transaction between two
| jurisdictions/parties/legal entities that are in less-than-
| legal agreement with each other. Apples to oranges.
|
| Also, I'm quite certain you and parent interpret "the world"
| differently. You seem to interpret it in the sense of a pre-
| formalized economic framework society. Whereas parent (with
| whom I side with), use the term "the world" to refer to that
| sector of society with a codified economic framework.
|
| > Many crypto platforms also have the mechanisms within them
| to build fiat finance systems atop them. (The keyword to
| search here is "security tokens".)
|
| That might very well be the case but parent's argument is
| that our legal economic system is not purely algorithmic.
| Crypto might have features that are analogous to our current
| fiat systems but those features do not describe the whole
| fiat system; it misses some features (or "bugs", depending on
| how you look at it).
|
| To paraphrase parent's statement, having someone able to
| override transactions is a feature of our existing systems,
| for better and for worse. Conversely, a system without this
| arbitrator has pros and cons too. You pick your poison.
| notsureaboutpg wrote:
| I can't tell if this is a joke or not but the example of
| moving gold between non-friendly countries (do you mean
| smuggling?) is probably the least algorithmic thing out
| there... It's something where you absolutely will fail if you
| don't have tolerance for faults and flexibility to recover
| potential losses or change course while transacting...
|
| The parent comment's real point was that the world isn't run
| algorithmically. An enterprise which tries to smuggle goods
| may not be able to reverse transactions if they transfer too
| much, but they should be able to react to an overcharge and
| shut down operations before they lose everything. Or they
| should be able to stop a shipment before it reaches the
| border. Or they should be able to change the rules of their
| trade if government rules change in between.
|
| That's the kind of stuff smart contracts tend to ignore or
| forget about. They have little flexibility in them in a world
| that's constantly in flux.
| jtbayly wrote:
| So... sending money to where your own government forbids you
| to send it? It sounds like you're admitting that the point of
| cryptocurrency is simply to break the law, while pretending
| like the purpose is much bigger.
| derefr wrote:
| There is more than one "law." Each fiat ecosystem is its
| own system of financial law, each mutually-incompatible
| with any other fiat ecosystem. Cryptocurrency gives an
| alternative arbitrator that allows for these mutually-
| incompatible systems of law to be bridged.
|
| Also, to be clear, in the example I mentioned, the
| government of the US does not forbid trading with
| Nigeria/Liberia/etc. Traditional money-transfer services
| (Paypal, Western Union, most savings banks, etc.) are just
| unwilling to do it, because of the frequency of those
| transactions being scams. But this prevents people who
| "know what they're doing" (like people employing people in
| those countries!) from having any means to send money
| there.
|
| This is a gap in the market, in some sense, but it's one
| that couldn't really be filled by any other fiat "retail"
| solution, as that solution would then be what scammers use
| to bilk people. So you really need something that's
| "complex and finance-nerdy" in the way that crypto is, to
| ensure that it's hard enough for regular people to use it
| to transfer money, that scammers just don't bother to try
| talking people through it. (Such a product would then never
| find product-market fit, as it would have no retail
| customers. Only a system run "for its own sake", like
| cryptocurrency systems are, can really be a good base
| platform to enable such transfers over the long term.)
| jtbayly wrote:
| Wait, so BitCoin's benefit now is that it's too hard to
| use? lol
|
| edit: And that's why it can't be used for scams! Oh my.
| I'm not sure what universe you live in, but it's
| different from mine.
| derefr wrote:
| Crypto is too hard to use -- or more specifically,
| requires too much financial and technical acumen to
| understand -- to make it profitable for someone to
| operationalize a mass-market "volume" scam (a scam
| involving stealing small amounts of money from a large
| number of people) based on it.
|
| "Volume" scams are the really _successful_ scams -- the
| ones that fly under the radar for years /decades because
| no individual person is ever out for enough money to make
| large institutions upset to the point of pursuing them.
| Tons of "volume" scammers get their start every day.
|
| The opposite kind -- the scams where large sums are
| stolen from relatively small numbers of people -- are
| flashy, but ultimately futile, as high-value scammers
| almost always get caught, and quickly.
| conradev wrote:
| Does Wise (fka TransferWise) send money to those
| countries?
| 8note wrote:
| The defacto state of nature is reversible transactions.
|
| Unless the things have been destroyed, the trade can be
| undone
| [deleted]
| seoaeu wrote:
| > Chief among those use-cases being securely transferring
| commodities to people in countries that your own fiat
| regime's financial infrastructure refuses to deal with, for
| them to then convert to local fiat money.
|
| Ah, the "I want to break laws" use case for cryptocurrencies.
| la_fayette wrote:
| When I was young I remember when I showed Excel to my parents,
| they always calculated through the numbers because they didn't
| trust computers.
|
| Maybe we have a similar phenomenon with blockchains nowadays...
| Of course there will be errors in the source code somewhere, it
| is software written by humans!? It is just a matter of creating
| another level of abstraction as a safeguard in the smart
| contract, maybe even with 4 eye principles...
| kybernetikos wrote:
| These topics are orthogonal to the technology. It's perfectly
| possible to create tokens using smart contracts on the ethereum
| blockchain that have keys that can reverse transactions. I
| deployed a simple one to a testnet a while back as a proof of
| concept for a bank (any time an enforcement action was taken, a
| reason had to be provided, and it was broadcast as an event).
|
| And just because you're using a smart contract, doesn't mean
| that the legal system of the jurisdiction you're in no longer
| has an opinion or the ability to make judgements against you.
|
| So, I agree, some of these things are features not bugs to
| normal humans, but to most cryptocurrency enthusiasts they are
| anathema. Ultimately we'll need systems that are a bit more
| friendly to error. It's early days though, and the technology
| is flexible enough to incorporate nearly any kind of system you
| want.
| omk wrote:
| That's precisely my point. An oracle in the system is needed
| for an override. But introduction of such an oracle is viewed
| by most crypto enthusiasts as a undebatable compromise.
| programmarchy wrote:
| This coin made a mistake so its stakeholders pay the cost. People
| who had nothing to do with it are essentially unaffected.
|
| In fiat world, if big industry or finance makes a mistake, the
| taxpayers are forced to bail them out instead of allowing them to
| fail, because of some perceived "systemic risk" that could take
| down the entire national economy.
| qwerty_clicks wrote:
| Very surprised MATIC value didn't drop on this news
| buggythebug wrote:
| what?
| renewiltord wrote:
| This stuff always has the vague feeling of pirate treasure type
| stuff. Like you've got a map with a red X on it and you then go
| look for the treasure and it's got all these traps and stuff and
| then bam! Treasure! But then the pirates come after you.
| qwertox wrote:
| Is this a bug in Polygon? Just this weekend I was listening to
| Software Engineering Daily "Polygon: Connecting Ethereum
| Compatible Blockchain Networks with Denis Ermolin" (from June 2
| 2021) [1]
|
| There was a lot of talk about how secure Polygon is.
|
| [1] https://softwareengineeringdaily.com/2021/06/02/polygon-
| conn...
| danielvf wrote:
| No, this was purely a bug in the SafeDollar code.
___________________________________________________________________
(page generated 2021-06-28 23:01 UTC)