[HN Gopher] Nomad drained of $150m due to a coding mistake
___________________________________________________________________
Nomad drained of $150m due to a coding mistake
Author : onion2k
Score : 251 points
Date : 2022-08-02 14:25 UTC (8 hours ago)
(HTM) web link (twitter.com)
(TXT) w3m dump (twitter.com)
| civilized wrote:
| I know next to nothing about crypto, but I do know this is _not_
| the first time I 've heard of a huge crypto hack involving
| security flaws in something called a "bridge".
|
| People should look into those!
| Fargoan wrote:
| I lost ~$400 worth of Nomad USDC in this attack AMA
| nradov wrote:
| [deleted]
| Fargoan wrote:
| washbrain wrote:
| Anyone who unironically believes "code is law" or "code is the
| contact" should be taking a hard look at this and realizing how
| terrible those ideas are.
| shadycuz wrote:
| Really? Even with all the data showing how biased Human judges
| are?
|
| At my day job, I automate everything because humans can't
| reliably perform basic tasks.
|
| I'm not a believer in web3 or crypto but believe computers to
| be more impartial and would rather see them eventually take
| over certain aspects of legal work.
| washbrain wrote:
| Judges are there to provide judgement. It's literally in the
| name. Judges are deliberately put in positions to make
| nuanced decisions. Yes, bias exists, but the solution isn't
| dogmatic and inflexible application of law.
| skeeter2020 wrote:
| I'm not smart enough to follow all the jargon and references in
| this tweet stream, but then I also didn't loose $150M so we'll
| call it a wash.
| ChrisMarshallNY wrote:
| I liked the visualization...
| woojoo666 wrote:
| Im starting to get the feeling that security by obscurity is a
| good thing. There's a reason why banks don't open source their
| infra, or why Google/Facebook/Twitter don't open source their
| algorithms. No matter how smart your engineers are, they are
| going to make mistakes, and if the incentive is high enough then
| people will find and exploit those mistakes. It's honestly
| amazing that L1 blockchains (like bitcoin, ethereum, monero) have
| lasted this long at all
| saurabh20n wrote:
| For the curious, here are direct links:
|
| * Initialization was done 42 days ago:
| https://etherscan.io/tx/0x53fd92771d2084a9bf39a6477015ef53b7...
| -- "Click to see More" and notice "Input Data" parameter [2]
| which sets _committedRoot to 0x00.
|
| * Click through the To contract to get to the code (click on
| Contract tab):
| https://etherscan.io/address/0xb92336759618f55bd0f8313bd8436...
|
| Just adding direct links to what samczsun and 0xfoobar are
| talking about in
| https://twitter.com/samczsun/status/1554260106107179010 and
| https://twitter.com/0xfoobar/status/1554269071214088193/phot...
| mikeyouse wrote:
| All these Web3 companies have a seriously difficult problem to
| solve -- you want to hire the best and brightest engineers to
| really lock-down your systems, but how would you prevent a core
| dev from 'accidentally' enabling some obscure attack and then
| going home that night and exploiting it? Hackers here are going
| to clear tens of millions of dollars.. an A++ rockstar engineer
| maybe makes $1M/year in total comp? How would you ever prevent
| insider attacks? How can you or the police tell the difference
| between a coding mistake and an intentional exploit?
| latchkey wrote:
| multisig. no different than any other large company. Even our
| finance department uses multiple real signatures to sign off on
| large invoices.
| mikeyouse wrote:
| As does ours - but they manually review things to give them a
| 'sense check'. That doesn't scale at all to the crypto world
| where the concept is permissionless and instant transfers.
| Said differently, how would you implement multisig in a setup
| like Nomad and prevent this type of attack?
| latchkey wrote:
| I've been harping on this part of DeFi for a long time...
| developers should be writing very good tests. Along with
| that, security reviews should be followed. This is the
| review in question [1] where developers ignored the
| possibility of an issue. This is the commit [2] that likely
| caused the issue, no tests added. Along with a large chunk
| of "never brag about your security" hubris [3].
|
| [1] https://news.ycombinator.com/item?id=32319344
|
| [2] https://github.com/nomad-
| xyz/monorepo/commit/46d14571f3eada6...
|
| [3] https://twitter.com/0xemon/status/1554310755071119361
| shadowgovt wrote:
| Fundamentally, smart contracts as a technology are pretty doomed
| if their function requires the assumption of perfect code with no
| stop-gap when that assumption inevitably breaks.
|
| We can't expect widespread public adoption of a system like that;
| even lay people are too familiar with how unreliable software is.
| mw888 wrote:
| I'm not holistically recommending the currencies they were
| designed alongside, but I fully believe that there is a _right_
| way to build smart contract languages, and that they look a lot
| more like Pact or Plutus than an EVM compilable dialect.
|
| Both are functional, which means easier to read, and Pact is
| non-Turing complete and strictly typed, making it even easier,
| so much so that formal verification tools can assess what a
| contract is capable of automatically - a much smaller search
| space than EVM bytecode.
|
| When code is not permanent and backing millions of dollars or
| more of value, the trade offs may favor more powerful or
| flexible languages, but the ability to read and understand code
| and what it can do it so wildly important for smart contracts
| that I don't see a world where Pact isn't moving the right
| direction contrary to the EVM.
| rhacker wrote:
| What's Web3?
| [deleted]
| superjan wrote:
| Or Moonbeam? Replica? WBTC? acceptableRoot()? I don't get any
| of this. If I get it correctly, Web3 would use crypto
| technology to let you buy a digital costume that get to wear
| both while playing fortnite and on Facebook when chilling
| online with your real friends, that is unless fb switches to
| building a tiktok clone because it is easier money than the
| "metaverse".
| indigodaddy wrote:
| I know literally 0 about crypto so please communicate as if I
| were a 5th grader (actually they may perhaps be more
| knowledgeable than I).
|
| Any chance for the exploiters to be prosecuted, or is it
| essentially all anonymous?
| che_shirecat wrote:
| alot of the exploit wallets are doxxed, e.g. they have an
| initial deposit into wallet from a centralized crypto exchange
| like coinbase or FTX that investigators can request info from.
| its actually pretty hard to get a "clean" wallet, and even if
| you have one, mixing the crypto back out to fiat is tricky as
| well. what's worse, all transactions are permanently on the
| blockchain so if they don't catch you now they can always catch
| you later.
| MBCook wrote:
| Trying to speculate my immediate question is: what court gets
| jurisdiction over this and why?
|
| * The one where the investor lives?
|
| * The alleged thief?
|
| * The creators of the contract?
|
| * Some 4th option?
| zxspectrum1982 wrote:
| How can Nomad afford to lose $150M and go on like nothing
| happened? Same for other exchanges which have lost hundreds of
| millions. It seems really weird. Any real-world company which
| would lose $150M would have a lot of pressure on it,
| investigations, dismissals, etc.
| rapsey wrote:
| Well done and congrats to the hackers. One step closer of ridding
| the world of web3 nonesense.
| jxi wrote:
| dagw wrote:
| No! We need more "web3 nonsense" like this. This is the closest
| the internet has felt to the cyberpunk dreams of the 90s.
| Outlaw Hackers exploiting bugs in automated smart contract to
| hijack cryptocurrency is the future Gibson promised us.
| radicaldreamer wrote:
| People are losing their life savings and families are being
| set back a decade or more, but the aesthetic sure is cool!
| wishfish wrote:
| True, but it's funny how all these hijinks seemed so cool in
| the books. Jacking in while in a grimy Tokyo nightclub as
| your friend, the assassin with razorblades, watches your
| back. But in reality, it's just all so pathetic. Sometimes I
| feel like a cyberpunk fan in 1988 found a monkey's paw. Made
| a wish that it would all come true. And it did, but in a much
| more banal & sad way than the fan would have thought
| possible.
| hilbertseries wrote:
| I remember how disappointing the duos attack on dyn was
| several years ago. Science fiction had finally come true,
| peoples fridges and toasters had been turned into weapons.
| Become part of a bot net and _checks notes_ took down some
| websites for a couple hours.
| AceJohnny2 wrote:
| > _And it did, but in a much more banal & sad way_
|
| "The future is already here, just unevenly distributed" and
| boring
| rchaud wrote:
| Replace the Tokyo nightclub with an air-conditioned
| military intelligence office in Pyongyang, where crypto is
| flooding in via ransomware payments and web3 exploits.
| That's the reality and it would still be quite
| sensational....as a Tom Clancy novel.
| kelseyfrog wrote:
| That could just as easily be a chapter in Neal
| Stephenson's Cryptonomicon.
| woodruffw wrote:
| Do you have evidence that North Korea makes up any
| significant amount of "Web3" exploits?
|
| From my vantage point, it seems to be mostly bored
| twentysomethings.
| danielvf wrote:
| I don't think this one was North Korea. And yes, most
| aren't.
|
| North Korean cryptocurrency hacks are a bit distinctive.
| Rather than finding logical bugs in contracts, they tend
| to use traditional spearphishing / social eng to get
| targeted people to run malware which they try to pivot to
| stealing keys / access credentials. Then after a hack,
| most crypto hackers try to obfuscate and store their
| stole coins on chain somewhere. North Korea already has a
| large and practiced money laundering network, so after a
| hack the money immediately starts going to hundreds of
| different places in the real world, perhaps to mules or
| to faked accounts in Southeast Asia.
| rchaud wrote:
| The numbers talked about in crypto exploits are in the
| hundreds of millions, if not billions. I would have thoughts
| the 'cyberpunks' chasing these would be completely
| outnumbered by state-backed information warfare groups.
| dagw wrote:
| _I would have thoughts the 'cyberpunks' chasing these would
| be completely outnumbered by state-backed information
| warfare groups._
|
| Maybe they are... Perhaps this is the new way the CIA is
| financing their off the books activities.
| atlasunshrugged wrote:
| It's been the way the N. Koreans have been for a while!
| https://www.nytimes.com/2022/06/30/business/north-korea-
| cryp...
| ufmace wrote:
| You know, it'd be really funny if the CIA had figured out
| a way to hack crypto etc to make extra money to finance
| black ops and had successfully managed to blame it all on
| North Korea.
| powerhour wrote:
| I don't remember Gibson but I wonder if we can get to the
| point that outlaw hackers limit damage to the wealthy and
| send "refunds" to the exploited. That would be worth
| celebrating.
| Ekaros wrote:
| I would say that anyone who have enough time and money to
| investing in crypto is by definition wealthy.
| drc500free wrote:
| I mean, sure, in the sense that a janitor in the US is
| wealthy when considered globally.
| dagw wrote:
| _is by definition wealthy._
|
| Or at least they where before investing in crypto...
| jeffgreco wrote:
| I wish that were true. The Celsius and Voyager fallout
| has shown otherwise:
|
| https://blog.mollywhite.net/celsius-letters/
| https://blog.mollywhite.net/voyager-letters/
| Ekaros wrote:
| Only read voyager letters, but those sums listed point
| towards people being very wealthy.
|
| I could see point if we were talking of hundreds, but we
| are talking of sums of over hundred of thousand. Which to
| me is very wealthy on global scale at least.
| wiredfool wrote:
| My kitchen contractor was in crypto -- when we were
| talking a few months ago he was down 20% but waiting for
| it to come back. That was pre meltdown.
|
| It's not just the wealthy, it's the cab driver giving
| crypto tips now.
| rchaud wrote:
| That would be the part at which these books go from sci-fi
| to straight up fantasy.
| cynusx wrote:
| Like communism, that idealism fails on the part where the
| one stealing a lot of money (or appropriating it in
| communism for the greater good) has to actually give it
| back to somebody that is not himself
| [deleted]
| qbasic_forever wrote:
| You do realize that much of the 'cyberpunk dream' science
| fiction of the 90's was actually harshly critical satire and
| dystopia of what the world would look like when technocrats
| and technology rule people, right? Like you realize William
| Gibson books and such aren't just cyberspace opera/Stars Wars
| in VR... it's showing the real suffering that was possible
| when you blindly trust technology to rule society. Gibson is
| honestly a bit of a luddite in his mistrust of technology.
| lokar wrote:
| This has long been obvious to everyone except the tech
| crowd who worship it as an ideal. Ironic.
| fsckboy wrote:
| I don't agree that cyberpunk was critical or satirical of
| technology, any more than film noir detective stories are
| critical satires of telephones, guns, and automobiles or
| the gritty parts of town; that's just a setting and some
| props, they're stories of human nature.
| shreyshnaccount wrote:
| the real fun of "cyberpunk" is supposed to be open source
| hardware, modular phones, cyber decks, laptops with six
| folding displays, ipads with gpio pins and its not a step
| closer to reality. sad. :( instead we get this web3 nonsense.
| hate it.
| outworlder wrote:
| > open source hardware
|
| Is it really supposed to be open-source? A common cyberpunk
| trope is that mega corporate conglomerates own verything.
| Cyberdecks are modified and reverse-engineered, yes. But
| generally come from a mega corp.
| dagw wrote:
| _modular phones, cyber decks, laptops with six folding
| displays, ipads with gpio pins_
|
| We have all that, although most of it from smaller Chines
| manufacturers. More than that we do have truly open source
| hardware, you can download schematics for almost anything,
| modify and design your own chips and circuits based on open
| designs, dream up your own hardware, and if know the right
| people in Shenzhen you can email it all to them and they'll
| build it for you.
|
| The reason so few people take advantage of any of this is
| that it didn't turn out to be that useful.
| kyruzic wrote:
| That's like saying each train robbery during the settlement of
| the west was getting us one step closer to ending the
| settlement.
|
| If anything these heists prove interest in web3 remains high.
| colechristensen wrote:
| This is about like saying the Hindenburg proved the
| popularity of zeppelins.
| 676234e117 wrote:
| Interesting analogy. Is this exploit a Hindenburg or a
| steam train wreck?
|
| It is probably both. The model of allowing governance
| updates from a contract owner on a bridge or rollup is not
| sustainable and will have to change to mitigate these kinds
| of risks. Whether that means crypto networks as a whole
| will inevitably be replaced by a central banking system is
| harder to agree with.
| colechristensen wrote:
| Crypto for banking is... mildly interesting. Not very
| many people have this mindset, more should.
|
| It's being sold as revolutionary, literally, being able
| to overthrow $x in power or to the more susceptible as a
| way for everyone to get rich.
|
| So people who believe in it think it's some grand
| revolution of freedom, and people against it just see it
| as scammers exploiting the foolish.
|
| What it actually is going to be is boring. Regulated like
| the rest of finance, centralized like the rest of
| finance, but with a few new features which will end up
| not revolutionary but "oh I guess that's nice". It will
| also come with weaknesses that older centralized
| institutions don't have that will seem ridiculous at
| times.
|
| It should be about as exciting as a new programming
| language for bankers. Like sure if you're a banking
| programmer you might think it's cool, but not the kind of
| thing that'll get superbowl ads or the topic of your
| uncle joe's podcast.
|
| Snarky comparisons to the Hindenburg aside, I really
| think things like this disaster in the long line of
| disasters that won't end is just another blow to the
| excitement of crypto which won't disappear completely or
| dominate but become a mundane method for the exchange of
| value which to the end user is only slightly different
| than the old ways.
| 676234e117 wrote:
| If you look beyond the most vocal proponents you will see
| a range of opinions.
|
| I do think it will, over the next 10-20 years, completely
| revolutionize how we think about digital assets and
| digital currency. For the average user it might not be
| any different than paying with Apple Pay. But there will
| be other novel applications and companies that emerge
| from this space much like what occurred in the years
| after the dot com boom.
| colechristensen wrote:
| I really doubt crypto will have anything like the impact
| of the rise of the Internet in the 90s.
|
| There hasn't yet been a killer application besides money
| laundering and speculation bubbles. It's been long enough
| and there has been nothing but toy applications outside
| of people specifically trying to evade laws in various
| jurisdictions.
|
| The actual applications are just going to be boring.
|
| Holding on to crypto personally for actually paying for
| things is awful, and worse than cash. Not only can
| someone take it from me with violence, they can also take
| it from me because of inevitable software bugs. If
| there's a centralized account with an institution, it
| isn't at all different than an account with a bank with
| dollars. And it becomes easier to see my entire spending
| history for anybody that sells me something unless I
| actively launder my money.
| 676234e117 wrote:
| It may never meet the impact of the web but held to that
| standard, maybe no technology ever will.
|
| The killer application is Ethereum and the ideas it has
| spawned, including new global financial instruments like
| stablecoins, decentralized exchanges, NFTs.. and
| cryptography like zk-STARKs and MPC.
|
| With PoS and privacy enabled rollups this technology can
| certainly disrupt and compete with today's popular
| payment processors in the next few years.
|
| But yes, the most successful consumer applications will
| probably be boring, like PayPal or Apple or Stripe adding
| blockchain based mechanisms under the hood.
| Kiro wrote:
| Web3 is all about these heists. That's what makes it fun and
| interesting. We're living the cyberpunk dream.
| wollsmoth wrote:
| I do really enjoy reading about these heists and it does seem
| like a lot of fun.
| Fargoan wrote:
| kstrauser wrote:
| Was this actually theft? The smart contract basically said
| "ask and you shall receive".
|
| I'm trying to think of a banking analogy. Maybe their website
| has a page that says "enter your checking account number to
| get $1,000", but the web service had the authorization code
| commented out. If someone discovers that and tells their
| friends, have they _stolen_ from the bank?
|
| Note that I'm thinking of "theft" and "stealing" from a legal
| point of view. The moral angle may be very different.
| misnome wrote:
| Yes, I imagine that would be counted as stealing, if it
| wasn't intended.
|
| However, if the bank had spent large amounts of time
| absolutely promising irreversible transactions, and
| publicly opened itself to attackers, then - no, that's just
| an intended operation of the system.
| johnbellone wrote:
| This is akin to going to an ATM and finding a bug that lets
| you withdraw money out using the information from a receipt
| that someone threw out in the trash bin. It is definitely
| illegal.
| mathattack wrote:
| If you find a way to get the ATM to spit out $100K to you
| by mistake, legally you have to pay it back. Same if it's
| the bank's error.
| googlryas wrote:
| Sure, but banks and ATMs have never declared that code is
| law
| Fargoan wrote:
| Has Nomad ever said "code is law"? I really doubt they
| did.
| badpun wrote:
| I'm not sure if it's theft but they most certainly have to
| give the money back. It's just an honest mistake, an
| equivalent to accidentally dropping a wallet full of cash
| on the street.
| tgv wrote:
| But that wallet has a signed, notarized affidavit that
| says "finders keepers".
| chrismorgan wrote:
| But there's a fair chance that the courts will eventually
| declare this style of affidavit invalid, being trumped by
| some law or other.
| doix wrote:
| But if you allow the courts to dictate which crypto
| transactions are legal/illegal and to undo illegal ones,
| what's the point of all the decentralisation? You can
| just use the existing systems.
|
| Which country's laws apply? What if one country considers
| the Ethereum contract binding, but the other doesn't?
|
| It feels like having your cake and eating it too. I met
| lots of crypto bros, they all talk about how they use it
| so they can be immune to government
| censorship/intervention etc. They gloat about using
| crypto to avoid taxes and laws.
|
| Relying on the same institutions that you are trying to
| get away from to overcome flaws in your framework seems
| entirely hypocritical to me.
| chrismorgan wrote:
| And therein do you see the almost inevitable doom of the
| dream of decentralised cryptocurrency, because it's never
| going to be able to stand up against the power of
| governments once they decide they don't like it and have
| no vested interest in it surviving. All of this stuff,
| even up to Bitcoin, is only still around at the
| sufferance of governments that have not _yet_ decided to
| clearly make it illegal. Most are currently preferring to
| regulate it (which does tend to undermine the principles
| of full decentralisation, as you rightly observe), but a
| few decide to cut it out like a gangrenous parasite
| that's enjoying mixing metaphors too much, and others may
| at almost any time. Already cryptocurrencies flout things
| like copyright and privacy law, for they have made it
| fundamentally impossible to comply with various plausible
| court orders. And "we have designed it so that it is not
| possible for us to comply" does not impress courts.
|
| And in your musings about which countries' laws--therein
| also do you see the perennial mutterings of discontent at
| international policy, and globalisation shambling towards
| collapse. It may be averted. It may not.
| powerhour wrote:
| Unfortunately they won't be able to do much about it,
| besides jail someone (who may in fact be unable to make
| the victims whole).
| chrismorgan wrote:
| When the executives of cryptocurrency firms start getting
| jailed for contempt of court (when they fail to comply
| with a legitimate court order), the industry will
| collapse, which will take the value of cryptocurrency
| with it, which will return cryptocurrency to niche
| status, _even if_ the governments in question don't just
| decide to make it illegal.
|
| This may not be the way things unfold, but it's legally
| completely plausible.
| mach5 wrote:
| to be fair it's really funny
| doix wrote:
| Is it theft? If you go by the whole "code is law" (is that
| still a popular catch phrase? I don't keep up with crypto
| much anymore), then this is not theft. The contract let this
| happen, so it's legal.
|
| Edit: heh, I see a lot of HN had the exact same thought
| process and we all commented at the same time. I'll leave
| this up anyway.
| Test0129 wrote:
| There is a reason technology that requires high levels of
| stability is mired in layers of approval, review, regulation,
| etc. It doesn't change much if at all once it works, because
| the probability of introducing a failure mode is so high with
| software.
|
| There's a point where this level of of negligence should rise
| to criminal liability, no different than if someone wrote
| code for a new boeing that was so bad it moves beyond
| incompetence.
|
| We are at this point, and crypto companies need to be held
| criminally liable for these hacks. If not at least, should be
| required to carry insurance and pass stringent security
| audits no different than other high value systems. This is
| pathetic, and it's not the first time, second time, or third
| time it happens. I do hope crypto dies. It's been co-opted by
| grifters and thieves, and even when it's not, grifters and
| thieves end up stealing the money anyway through hacks like
| this. Things like this could be _somewhat_ remedied by
| teaching people to refuse to deal with coins that do not post
| several independently verifiable third party security audits
| but alas people don 't care anyway.
| crest wrote:
| Oh cry me a river. This is criminals applying the codified
| "law" against each-other for their temporary enrichment and
| the entertainment of the spectators.
| Night_Thastus wrote:
| I have no sympathy for the end of a speculative trade engine
| that's been almost exclusively used to scam people. Watch the
| "Line Goes Up" video, it explains it very well. It's not
| perfect, but provides plenty of background on crypto in
| general. (Despite the title)
| simonh wrote:
| It's horrible technology, born from deeply misguided ideals
| that will hurt and is hurting a lot of people. I'm not going
| to celebrate it's repeated, persistent failures but I'm not
| going to deplore them either.
| upupandup wrote:
| But what about ppl who are trying to get rich off the
| downfall of others savings? This is web3, crypto
| dang wrote:
| Please don't respond to a bad comment by breaking the site
| guidelines yourself. It only makes things worse.
|
| Especially please don't cross into personal attack. We ban
| accounts that do that.
|
| https://news.ycombinator.com/newsguidelines.html
|
| Edit: since you've actually been doing that a whole bunch
| recently, I've banned the account. Can you please not create
| accounts to break HN's rules with?
| doopy1 wrote:
| Welcome to HN, where crypto is the devil and must be
| eradicated at all costs. Anyone who thinks otherwise here is
| either perceived to be an idiot or a grifter.
| rjbwork wrote:
| It should, perhaps, tell you something that a community
| with one of the most highly concentrated populations of
| technically literate people on the internet are so
| vehemently against a technology.
|
| Crypto is just a paperclip maximizer for silicon and
| electrons that does what traditional companies have been
| doing for at least 60 years. Only 100000x less efficiently.
| sneak wrote:
| This community is nowhere near consensus on this matter.
| A small minority of loud naysayers is.
| rjbwork wrote:
| I don't think it is a minority. In my personal and work
| life, it does seem to be something like 80/20 or 90/10.
|
| You might be right though, it's impossible to tell
| without doing some kind of vaguely rigorous poll.
| JumpCrisscross wrote:
| > _This community is nowhere near consensus on this
| matter. A small minority of loud naysayers is_
|
| There's an information bubble. It's not the crypto
| skeptics. There's a reason when governments around the
| world have moved to ban crypto there's been little to no
| popular resistance beyond angry 4channers.
| sneak wrote:
| Substantually more governments have invested time, money,
| and regulatory effort into the crypto ecosystem than have
| banned it.
|
| The facts don't support the narrative to which you seem
| to be attached.
|
| a16z is a large investor in the space and proponent, as
| well as several other prominent tech investment firms.
| Are they angry 4channers?
|
| It's ok to be personally against it, but please don't
| misrepresent the facts.
| JumpCrisscross wrote:
| > _more governments have invested time, money, and
| regulatory effort into the crypto ecosystem than have
| banned it_
|
| Lots of chatting. Looking at actual dollars and laws,
| we're weighing the elephants of China, India and
| increasingly the EU against...Singapore, El Salvador and
| Malta?
|
| Outside young men, disproportionately minorities, crypto
| has a limited beachhead [1]. It was an easy money
| phenomena with historic comparison. We're now seeing the
| regulatory mood shifting decisively against it with
| limited competent pushback.
|
| > _a16z is a large investor in the space and proponent_
|
| They're notable for where they're prominent and where
| they're not. Aggressive fundraising followed by
| SoftBank/Tiger style deployment. Tweets and blog posts
| galore. Yet middling returns, even on an internal basis,
| and absolutely zero presence worth mentioning in D.C.
|
| I'm no greybeard. But I've worked in finance long enough
| to see the game they're playing.
|
| [1] https://www.pewresearch.org/fact-
| tank/2021/11/11/16-of-ameri...
| FabHK wrote:
| > Only 100000x less efficiently.
|
| You're being too kind to crypto there, I think, by a few
| orders of magnitude.
| yarg wrote:
| Only 2^200 times less efficiently (even that's generous).
| FabHK wrote:
| I'd say between 1e7 and 1e11. 1e5 is too generous, 1e60
| is way too harsh.
| yarg wrote:
| When a fundamental part of token generation is brute-
| forcing secure hashes?
| Ekaros wrote:
| Actually yes. I think crypto promoters are either idiots or
| grifters...
| Jerrrry wrote:
| Non Sequitur.
|
| You can do both logically.
|
| You are a horrible convincer.
| endisneigh wrote:
| This is terrible obviously, but if code is law and someone
| writes bad code and exploits that is it "illegal"?
|
| The entire basis of even having judges, courts, etc is an
| acknowledgment that the "code" is imperfect and certain
| circumstances require human intervention.
|
| Going without that is, well... YMMV.
| bitxbitxbitcoin wrote:
| Do people go to jail for writing bad laws?
| Fargoan wrote:
| Code is law is just a meme
| misnome wrote:
| Isn't it a consequence? If the entire foundation of your
| system is irreversibility and finality, then doesn't it
| effective becomes true? (unless you are big enough to
| force a network-wide rollback...).
| cinntaile wrote:
| If you ignore the fact that the actual law might have
| something to say about this, then sure.
| ghaff wrote:
| But that's exactly what the decentralized crowd is
| arguing. You encode transactions and no centralized
| authority (e.g. a country's judicial system backed by
| people with guns) can override it. A natural consequence
| is that no one can override a mistake either.
|
| Legal contracts in the physical world can be poorly
| drafted as well. But courts don't usually allow ludicrous
| results arising from honest mistakes.
| cinntaile wrote:
| The law doesn't care if I argue it doesn't apply to me.
| RyanCavanaugh wrote:
| If regular law is the ultimate arbiter of the correct
| location of funds in this system, then we don't need this
| complex network of energy-hungry computers constantly
| double-checking each others' work to make a financial
| system. We can just use regular computers, like before.
| Fargoan wrote:
| We don't need the web because we can go back to BBSs
| dylan604 wrote:
| Code is law only if you are an NPC. If you are a normal
| user, code is just rules that are potentially breakable
| oneoff786 wrote:
| It's like the story of the three little pigs except they just
| keep trying the straw houses and blaming the wolves
| [deleted]
| Hashemm wrote:
| rmbyrro wrote:
| If you don't like banks and someone robs a bank, do you
| celebrate the robber?
| rideontime wrote:
| Yes, I do.
| rightbyte wrote:
| Armed robbery too? Or are we talking unarmed thief digging
| a tunnel to the vault?
| dang wrote:
| Please don't post flamebait to HN. It's not what this site is
| for, and it destroys what it is for.
|
| https://news.ycombinator.com/newsguidelines.html
|
| Edit: it should be obvious, but this moderation point has zero
| to do with how any of us feel about web3 or whatever.
| choppaface wrote:
| Couldn't you send this sort of message privately? The post
| gained a number of replies and the sentiment that "web3 is
| trash" is about as commmon today as "McKinsey is trash." I
| would advocate HN send warnings in private as, respectfully,
| public warnings look like flamebait IMO to me.
| dang wrote:
| It's vital that such messages be public. Their most
| important function is to signal to the community what sorts
| of comments are/aren't ok here, and indeed that the site is
| moderated at all.
| eastbayjake wrote:
| > The post gained a number of replies and the sentiment
| that "web3 is trash" is about as commmon today as "McKinsey
| is trash."
|
| Those are both low-value, ad hominem attacks that don't
| substantively engage with content, and they are both
| comments that erode the quality of discussion in our
| community.
| lelandbatey wrote:
| Hacker News does not have a "private message" feature, so
| there is no way to communicate other than publicly.
| marincounty wrote:
| ricardobeat wrote:
| Does this even qualify as 'hacking'? It's the equivalent of a
| bank having a public `GET
| http://bank.com/send?from=123&to=677&amount=200` endpoint.
| edm0nd wrote:
| I'd say it falls under exploiting/bug bounty hunting so yeah it
| counts as hacking.
| Destiner wrote:
| If that endpoint was made public by mistake, anyone using it
| might be held responsible.
| rchaud wrote:
| Kids used to call the act of editing Facebook posts via the
| element inspector and taking a screenshot "hacking".
| Considering the triviality of most web3 exploits, I think the
| descriptor still applies.
| tmpz22 wrote:
| Everytime I see a story like this I wonder if the exploit was
| left intentionally for the founders and developers to exploit one
| way or another. Even if they themselves do not take the money it
| would be trivial to sell the exploit for some form of delayed
| (and more easy to launder) payment.
| stillbourne wrote:
| But code is law therefore this is good for bitcoin.
| cuteboy19 wrote:
| No, if enough rich people are affected we can always roll back
| the blockchain, just ask etherium
| gadders wrote:
| Who was it who described Eth etc as "self-funding bug bounties"?
| efitz wrote:
| Reason #5734 why cryptocurrency is a non starter for real people.
|
| Challenge: explain to a normie that their life savings is gone
| forever because of a zero initialization vector.
| NaturalPhallacy wrote:
| >Challenge: explain to a normie that their life savings is gone
| forever because of a zero initialization vector.
|
| You mistook a currency for an investment opportunity, and
| gambled your life savings on one thing. Currencies have always
| and will always fluctuate against each other. _Diversify your
| investments._
| onion2k wrote:
| I don't think that helps. Saying "5% of your money is gone
| because a developer fucked up, and you have no recourse."
| isn't going to go down well with anyone.
| NaturalPhallacy wrote:
| I mean, saying "5% of your money is gone because a company
| in your index fund went bankrupt, and you have no recourse"
| is no different. And things happen like that all the time.
| It's why all normal financial investments come with very
| explicit upfront warnings that they're not guaranteed.
|
| The issue is treating a currency as an investment is
| just...foolhardy from the get got. Just don't do that. It's
| silly. People saw the value of it go up - or start to have
| any in the first place really - and saw a "get rich quick
| scheme" where there wasn't one. It was the brith of a
| digital currency, nothing more.
| gillesjacobs wrote:
| Challenge: explain to a normie that their life savings is gone
| forever because of mortgage backed derivatives.
| happytoexplain wrote:
| Bad analogy. This explanation has actually been done pretty
| reasonably by a few people. Further than that - after such
| explanations, it's clear even to normal people who's to
| blame, whereas software and cryptography are much more
| esoteric in that department.
|
| Of course there is no justice in either case, but at least
| normal people can _see_ who is most appropriate to behead in
| the case of the traditional financial catastrophes, in the
| purely theoretical revolution.
| rmbyrro wrote:
| What a flex you pulled off!
| davewritescode wrote:
| What a dumb retort
|
| If you got burned by mortgage backed derivatives and lost
| your life savings, it's ultimately because you were
| (knowingly or not) speculating on the value of real estate
| assets and making an assumption about future values of said
| assets.
|
| In the case of Nomad, it's that you put yourself at risk by
| using their service you could've lost everything you put in.
| rmbyrro wrote:
| I'm sorry, but they were selling shitty sub-prime mortgages
| as AAA investments, my friend.
|
| They claimed high-risk mortgages would turn AAA by the
| magic of financial and statistical shenanigans. That's not
| far from "zero initialized vector" shenanigans.
|
| Investing in AAA securities is not speculation, by
| financial standards, by the way.
| NaturalPhallacy wrote:
| >Investing in AAA securities is not speculation, by
| financial standards, by the way.
|
| I would argue that it is now after seeing the bullshit
| the ratings agencies pulled during that fleecing of the
| world.
| nemothekid wrote:
| > _it 's ultimately because you were (knowingly or not)
| speculating on the value of real estate assets_
|
| [...]
|
| > _it 's ultimately because you were (knowingly or not)
| speculating on the value of crypto assets_
|
| Not seeing how these are different
| pwinnski wrote:
| They're not. Just as "everyone" was saying that those
| particular real estate assets were incredibly risky, so
| too is "everyone" saying that all crypto assets are
| incredibly risky.
| quickthrowman wrote:
| 'Normies' didn't lose all of their money selling credit
| default options and swaps on mortgage-backed bonds. They
| wouldn't have access to the markets for those instruments or
| the capital to do so, and if they had access or capital, they
| weren't a normie.
| TomVDB wrote:
| The first challenge is to find those normies.
|
| Somebody who directly invested in MBS is by definition not a
| normie.
| gillesjacobs wrote:
| The 2008 financial crisis decimated many regular people's
| portfolios and was largely set in motion by ubiquitous MBS
| speculation.
|
| My retort was half-baked because two wrongs don't make a
| right. But it is ironic to see that many normies here don't
| see how MBS caused massive wealth loss across all investors
| worldwide without them directly speculating in that asset
| class. While, so far, this hack hasn't caused a crash in
| crypto assets.
| dcolkitt wrote:
| Somebody who directly invested the majority of their money
| in an experimental bridge protocol that raised its seed
| round 3 months ago is by definition not a normie.
| function_seven wrote:
| Which reinforces the top of this thread: "Reason #5734
| why cryptocurrency is a non starter for real people."
| obilgic wrote:
| However cryptocurrency != "an experimental bridge
| protocol that raised its seed round 3 months ago"
| hn_throwaway_99 wrote:
| The main point still stands. The crypto world sees "the
| code is the law" and non-repudiable/non-reversible
| transactions as a feature. The rest of the world
| (correctly in my view) sees it as a bug.
| woojoo666 wrote:
| That "main point" was never justified here. Commenters
| just assumed that a hack on an experimental bridge
| protocol reflected on crypto as a whole
| ohgodplsno wrote:
| No wall street banker was running around telling everyone
| how awesome MBSes are.
|
| However, morons spamming TikTok, Twitter, Facebook and
| every social network to find a sucker to invest in their
| super 20% profit moon monkey future currency can be found
| in a minute, reaching hundreds of thousands. Plenty of
| normies lose their money in this.
| g8oz wrote:
| "The Big Short" did it pretty well.
| scottiebarnes wrote:
| Why are "normies" keeping their life savings on platforms whose
| express purpose and utility is cross network token swapping?
| Vespasian wrote:
| Because their loved ones, or peers or Facebook advertisement
| told them it's safe and a good way to stick it to the man.
|
| Usually just depositing money in a bank doesn't get it stolen
| so the assumption isn't unreasonable.
|
| Even if it's only 0.25*life saving that's still devastating
| for most people.
| rmbyrro wrote:
| Normies should not put 25% even on VC-backed startups, let
| alone anonymous crypto shenanigans
| scottiebarnes wrote:
| I'm confused about why anyone is comparing the security of
| a defi token swapping platform to that of a fiat savings
| account.
|
| If you want an apple to apples comparison you should be
| comparing the security of a savings account to that of a
| cold wallet. Those are much more alike in their function.
|
| I don't think we classify people who engage in cross
| network token swapping as "normies". That's like
| classifying algorithmic day traders as an "average joe
| investor".
| dcolkitt wrote:
| They're not. The vast majority of early liquidity in this and
| most DeFi protocols is raised from institutions, VCs, and
| trading firms.
|
| This is especially the case for protocols like Nomad that
| don't yet have a native token. They'll get liquidity
| commitments through over-the-counter SAFT agreements that
| give the VCs a percent of the future tokens.
| what-imright wrote:
| Are you kidding me? They lost 150 million dollars and the only
| penalty is to write up the bug on twitter? These children are
| playing with peoples lives. There's a body count to losing that
| much money
| yieldcrv wrote:
| People are often in a prisoner's dilemma, where they are
| relying on the developers/team to spearhead the investigation
| including the judicial investigation against the perpetrators
| with the chance of their being a financial remedy
|
| and so therefore nobody is trying to kill or impair the
| developers/team
|
| if you were referring to people committing suicide or being
| suicided by the people they borrowed money from, thats not
| everyone's problem and people in those circumstances should re-
| evaluate to avoid that risk or accept that risk
| andrewia wrote:
| This is a really severe heist, but the latter part of your
| comment seems rather dramatic. Crypto is still generally not a
| medium of exchange, and most users are still speculative
| investors. Most of these investors have a hedge (or are using
| crypto as their hedge), except for the foolish.
| fanf2 wrote:
| But when someone wisely observes that crypto is useless for
| anything except scams, some cryptoenthusiast answers, but no,
| it is useful as a medium of exchange for people in third
| world countries with difficult foreign exchange restrictions.
| sosodev wrote:
| Most perhaps, but stories of people committing suicide after
| every crypto crash are far too common...
| perlgeek wrote:
| There a monetary value you can attach to a human's life, as
| much as that seems to be taboo.
|
| Depending on how you measure, that value is (in the US and
| Europe) typically in the order of 1..5 Mio USD.
|
| So it's not outrageous to assume that losing 150m comes with
| a body count, even if the funds wouldn't have bee used to
| directly save or improve lives otherwise.
| yuan43 wrote:
| > tl;dr a routine upgrade marked the zero hash as a valid root,
| which had the effect of allowing messages to be spoofed on Nomad.
| Attackers abused this to copy/paste transactions and quickly
| drained the bridge in a frenzied free-for-all
|
| From this explainer:
|
| > It's [Nomad is] built to address security first The Nomad team
| has been building secure bridges as a team for 4+ years and has
| studied the pitfalls of multi-sig and validator-based bridges.
|
| https://medium.com/imperator-guide/nomad-a-cross-chain-inter...
|
| Assuming this is true, and assuming the team is not incompetent
| or composed of the typical grifters, perhaps it's time to draw
| the inevitable conclusion. No amount of experience is sufficient
| to safeguard an Ethereum protocol of any interesting complexity.
|
| It's a reasonable question to ask, WTF is Nomad _for_? After all,
| isn 't Ethereum supposed to be the World Computer, Turing
| complete and ready for any task? Nope. Never was.
|
| I think a good chunk of the answer can be found on the home page:
|
| > Nomad reduces gas fees by a factor of 10x relative to
| traditional header relay systems, while remaining decentralized.
|
| https://www.nomad.xyz
|
| That world computer is choked to the gills with accumulated
| waste. The proliferation of chains is the response. Each one is
| less secure than its forebear. Gobbledygook like Nomad is the
| "connective tissue" to get the various organs of this science
| project talking to each other.
|
| Dive deeply enough down and you find the root of it all:
| everybody wants to make the next Bitcoin, Ethereum, Cardano,
| Polkadot, and so on. With each turn of the crank a new crop of
| Barnums springs up to take the money of an unending supply of
| digital rubes.
| bombcar wrote:
| Apparently the coding mistake _was identified_ and deemed
| "impossible to exploit":
| https://certificate.quantstamp.com/full/nomad
|
| > QSP-19 Proving With An Empty Leaf
|
| > Recommendation: Validate that the input of the function is not
| empty
|
| > The Nomad team responded that "We consider it to be effectively
| impossible to find the preimage of the empty leaf".
|
| > We believe the Nomad team has misunderstood the issue. It is
| not related to finding the pre-image of the empty bytes. Instead,
| it is about being able to prove that empty bytes are included in
| the tree (empty bytes are the default nodes of a sparse Merkle
| tree). Therefore, anyone can call the function with an empty leaf
| and update the status to be proven.
| treis wrote:
| It seems like it was (at least arguably) impossible to exploit
| until they introduced a second issue:
|
| >It turns out that during a routine upgrade, the Nomad team
| initialized the trusted root to be 0x00. To be clear, using
| zero values as initialization values is a common practice.
| Unfortunately, in this case it had a tiny side effect of auto-
| proving every message
|
| EDIT:
|
| Reading and noodling I'm 99% sure these are separate issues.
| The vulnerability talks about passing in an empty leaf to the
| prove function. But that's not what the exploit is.
|
| The exploit is using an unproven message. So they are passing
| in an actual leaf to prove. The problem is that unproven
| messages have 0x00 as root and some jabroni set 0x00 as the
| trusted root. So every message was treated as proven by default
| when it should be the opposite.
| mouzogu wrote:
| > routine upgrade
|
| yes, a routine upgrade. that's what it was..... (-_-)
| radicaldreamer wrote:
| The cofounder was involved in some drama with a CELO bridge
| not too long ago
|
| https://imgur.com/a/gV6s1Gw
| mhluongo wrote:
| ... that he also founded and planned to spin out with
| Celo, yes. James is the inventor of Optics, the cross-
| chain communication technique Nomad uses.
|
| Very unhappy with how Celo handled the situation, as was
| much of the technical crypto community at the time.
| radicaldreamer wrote:
| Oh interesting! Seems like some heavy gaslighting by Celo
| then
| sieabahlpark wrote:
| klodolph wrote:
| I'm not completely sure the mechanics of this exploit, but
| I've recently adopted the personal guideline of "all enums
| and integer IDs start at 1", and 0 is simply an invalid
| value.
|
| Not a hard and fast rule, and not something that will catch
| tons of problems, but now and again it does help me catch an
| uninitialized value.
| tlb wrote:
| Or use bigger numbers, so enums that get mixed up somehow
| won't work.
| fsckboy wrote:
| > _" all enums and integer IDs start at 1"_
|
| then whoever takes over maintenance from you and wants to
| make improvements says "hey, we can add this new v2 feature
| through the 0x0 which is available for future enhancements"
| klodolph wrote:
| Unlikely. The way it works is you define your enums like
| this: enum class Color { Invalid,
| // Not a valid value. Red, Orange,
| Yellow, Green, };
|
| I think if someone's crazy enough to reclaim a 0 value in
| an enum or integer ID, then they're probably going to do
| a lot of damage to the code no matter what you do.
| benreesman wrote:
| Yeah, pretty much every integer enum I write has
| `UNKNOWN` or `INVALID` as the zero value. It adds either
| a `case` or a `default` to every switch and a clause or a
| `_` to every `match`, but it saves my ass even in non-
| security-sensitive settings.
| bombcar wrote:
| Anyone who's studied NTSB reports knows this is almost always
| how they go; a single failure that is no problem becomes one
| because of some other issue that doesn't normally happen, or
| couldn't happen because normally a third thing is always done
| ...
| Bud wrote:
| There are several very interesting books about this, yes.
| Air disasters are fascinating to read about.
| brazzy wrote:
| A series of very good, detailed article about air
| disasters over on Reddit: https://www.reddit.com/r/Admira
| lCloudberg/comments/e6n80m/pl...
| stouset wrote:
| Same with tons of security incidents in general. It's the
| "swiss cheese model"
| (https://en.wikipedia.org/wiki/Swiss_cheese_model).
| adhesive_wombat wrote:
| And when it becomes organisationally normalised that one
| layer of safety isn't working and the remaining ones are
| relied upon, then that's more like the subject of _Normal
| Accidents_ [1]
|
| [1]: https://en.wikipedia.org/wiki/Normal_Accidents
| danielvf wrote:
| I don't think this is the same issue as the exploit.
|
| The real issue was half-caught in a review on a pull request
| however. https://github.com/nomad-xyz/monorepo/pull/289/files
|
| If this legacy enum value had been handled later in the code,
| there would not have been a vulnerability.
|
| (This isn't to say that the developers were bad. The person who
| wrote the code was extremely knowledgeable. It's just really
| hard to be perfect every time. )
| bigcat12345678 wrote:
| No, they are bad.
|
| They are bad because they are not competent to write the
| decent code required by their profession and job environment.
|
| In normal software writing trade, such engineers are called
| low performers and routinely managed out of any organization.
|
| Sure, the mistake is not unusual from the perspective of
| general software engineering. But let's not forget what
| software they are working on.
|
| I am totally fine with a bartender dropping a glass... I'll
| put a surgeon on trial if he cannot make his hands steady
| during a heart surgery...
| [deleted]
| jxi wrote:
| Quantstamp said it was exploitable. Nomad falsely claimed it
| wasn't.
| mhluongo wrote:
| They're two distinct issues in two distinct contracts,
| AFAICT.
| 676234e117 wrote:
| It is important that users come to better understand the
| different risk profiles between:
|
| 1. Owning ETH with a non-custodial wallet.
|
| 2. Owning ETH on a CEX.
|
| 3. Depositing ETH into a smart contract to receive a wrapped
| asset. This includes rollups and L2s.
|
| The majority of major crypto hacks[1] are in the 3rd group, and
| almost all of these hacks are related to protocol updates and
| governance. Either: the developers update their code, and
| accidentally push a bug, or one address or a group of addresses
| are allow-listed some privileged actions in the contract and that
| can become a weak point.
|
| Proxying and governance isn't the only way to design contracts.
| Two examples counter to this that are more robust are WETH ($6B)
| [2] and ETH2 Deposit ($20B) [3] which cannot be attacked in this
| way. If users wanted a new feature from the WETH contract, they
| would have to manually migrate over to the new address.
| Eventually we might see this kind of design be applied to bridges
| and rollups.
|
| [1] https://rekt.news/leaderboard/
|
| [2]
| https://etherscan.io/address/0xc02aaa39b223fe8d0a0e5c4f27ead...
|
| [3]
| https://etherscan.io/address/0x00000000219ab540356cbb839cbe0...
| latchkey wrote:
| If developers could make a small mistake that caused this,
| imagine what could happen when The Merge goes through.
| 676234e117 wrote:
| What you are describing is a protocol-level bug, rather than
| smart contract bug. The merge has already occurred successfully
| a number of times on test networks, so it seems unlikely at
| this point. But if a catastrophic failure were to occur on
| mainnet, clients would just revert or fork to a working state.
|
| The reason you cannot just roll back a smart contract exploit
| like Nomad's is that it is very hard to build consensus across
| the entire protocol unless it is something that affects many
| users. The only time this happened was with the DAO which held
| something like 15% of all Ethers at the time, and so it
| affected the entire network. Compare this to Nomad which held
| something like 0.1% of Eth's total circulating supply.
| latchkey wrote:
| > if a catastrophic failure were to occur on mainnet, clients
| would just revert or fork to a working state.
|
| Except with PoS, it is different. People keep applying the
| PoW mentality of a fork to PoS and it just doesn't work that
| way. Jeff wrote a good blog post [1] on this a while back
| that took me a long time to come to terms with. It boils down
| to this paragraph: Proof-of-stake is
| inherently self-referential. It is possible to have two
| perfectly consistent, equally valid chains - perhaps with
| different stakers. Since "stake" is defined within a
| blockchain, it cannot be used to pick between two
| blockchains. Under the right kind of stress, the real,
| unwritten meta-consensus protocol that determines "which
| blockchain do we pay attention to?" will be revealed. Exactly
| what that is will depend on the nature of the fork.
|
| This is untested on ETH PoS and could result in a significant
| loss in value for ETH holders. Not only that, but it gets
| even more complicated with stablecoins that are on ETH. What
| makes all of this quite interesting is the exchanges who get
| to decide which USDC on ETH they sell to you. Likely a big
| reason why exchanges, like Coinbase, are some of the largest
| ETH stakers.
|
| [1] https://github.com/stickfigure/blog/wiki/Proof-Of-Stake-
| Wear...
| 676234e117 wrote:
| The article is not really presenting any strong arguments
| aside from literal hand waving the "<complexity>". The same
| hand waves could be made for PoW. See the last time it made
| discussion[1].
|
| The article suggests that two chains can simultaneously
| exist but that would invalidate the protocol, which will
| always choose one using LMD GHOST. You can read more about
| it here[2].
|
| [1] https://news.ycombinator.com/item?id=27235668
|
| [2] https://eth2book.info/altair/part2/consensus
| FabHK wrote:
| The second link is mostly a high-level overview, and then
| lots of empty subsections (TODOs).
| 676234e117 wrote:
| If you want more details you can always read the Gasper
| paper[1], the spec[2], or client code.
|
| It is complex to somebody not familiar with consensus and
| blockchain execution, but you might say that about any
| modern engineering. PoW is undoubtedly simpler but also
| exponentially more environmentally destructive.
|
| [1] https://arxiv.org/abs/2003.03052
|
| [2] https://github.com/ethereum/consensus-
| specs/blob/dev/specs/p...
| latchkey wrote:
| > The same hand waves could be made for PoW.
|
| Not really. PoW is orders of magnitude simpler than PoS
| and is vastly easier to reason about. I can explain the
| concepts around PoW in 5 minutes to someone who doesn't
| understand it. PoS is a lot closer to a rube goldberg
| contraption than PoW is. The proof in all of this is the
| _years_ it has taken to even get to the point we are at
| today.
|
| > Articles describing the complexity involved
|
| The whole point of my original comment is that this is A
| LOT more complex than a bridge contract and therefore
| will be subject to a larger attack surface. Thanks for
| validating that point.
| 676234e117 wrote:
| I agree with your point that PoS is more complex and has
| a wider attack net than PoW, but I don't agree that users
| will not be able to coordinate on a new fork in case of a
| protocol failure. The worst that may happen is that
| another hard fork emerges, where the majority of the
| ecosystem follows a single chain with the bug reverted,
| and some group of outliers such as disgruntled BTC miners
| or people who profited immensely from the bug decide to
| try their luck with a smaller fork. And that is fine...
| users are free to decide what fork to follow, and they
| can run client software that chooses a different chain.
| latchkey wrote:
| > _The worst that may happen is that another hard fork
| emerges,_
|
| Yes, but what will dictate that? ETH today _is_ the hard
| fork (from what is now ETC).
|
| How much loss will it take to decide what to do?
|
| Where is the failure plan?
| 676234e117 wrote:
| By "loss" do you mean that of the exploiters losing
| tokens because the community decided not to follow the
| hacked chain?
|
| The goal of all the shadow forks and merge testnets is to
| find the different edge cases and failure states to
| answer those questions of "what is the failure plan?" If
| mainnet merge somehow does not succeed despite these
| tests and all clients fail to produce blocks, the merge
| can just be delayed until the bugs are resolved. If
| mainnet merge succeeds but later a bug emerges, users can
| coordinate a change to revert the lost funds.
| TacticalCoder wrote:
| > If developers could make a small mistake that caused this,
| imagine what could happen when The Merge goes through.
|
| I don't get your comment: Ethereum itself has worked without
| any issue since it came out, in 2015 (?) or so. Many smart
| contracts, not built by the core Ethereum devs, have been
| exploited, but from Ethereum's point of view everything worked
| flawlessly.
|
| Why would the Ethereum devs, which have create a blockchain
| working perfectly fine since seven years (including many
| upgrades), suddenly screw up the merge to PoS badly?
|
| I mean: I don't doubt we'll see many more hacks (and I don't
| know why so many people are so keen on putting so much money in
| smart contracts) but the people in charge of Ethereum itself
| seems to be quite competent and have a track records of several
| years without any exploit to prove it.
| lesuorac wrote:
| Not just that but if somebody bad were to happen they can
| hardfork like they did in the past ...
|
| https://en.wikipedia.org/wiki/The_DAO_(organization) https://
| en.wikipedia.org/wiki/Ethereum#Launch_and_the_DAO_ev...
| https://en.wikipedia.org/wiki/Ethereum_Classic
| latchkey wrote:
| ETH had the benefit of PoW working and proven for _years_
| prior to deployment.
|
| Switching to an entirely new consensus model, that has never
| been done before, is _complicated_ and a big reason why it
| has taken as long as it has.
|
| Furthermore, there is a giant target (huge sum of money) on
| ETH's back now. If you had an exploit for PoS, why would you
| reveal it early?
|
| As the person below also states... they could just fork and
| fix things, but this time, it will be a lot harder to do so
| without entirely destroying the value of ETH.
|
| This is a massively risky venture that takes more than just
| hope and prayers. As we've seen in many many hacks over the
| last few years, even the most competent developers can miss
| something crucial.
| dannyw wrote:
| There's hundreds of blockchains using Proof of Stake for
| years. Finally, if exploited, everyone will just agree to
| rollback again; there's no destruction of ETH.
| latchkey wrote:
| You can't just generalize all PoS as being the same code
| and execution. ETH is quite different from the rest.
| Furthermore, none of the other blockchains have even
| close to the level of value (not just $ amount, but also
| fame) tied up in them.
|
| As for rollback... that's what created ETC, but this
| time, it is different... with PoS, the 'stake' is tied up
| in the network. It isn't external, like it is with PoW
| and isn't as easy to just fork. You're effectively now
| forced to convince everyone to follow another canonical
| chain, but you don't have an external way to do so.
| Forking becomes a lot harder. It also becomes a lot more
| complicated and hasn't even been done before... how much
| 'testing' has that gotten?
| stagas wrote:
| How are exchanges going to agree to rollback after they
| have already exchanged those tokens with others? Someone
| has to burden the loss, so it might as well be the
| original blockchain that got exploited.
| DennisP wrote:
| Ethereum's PoS has been running since December 2020. Right
| now about 10% of all ETH is deposited on it. What's coming
| up is the "merge", where the rest of the chain starts
| looking at the PoS network for choosing blocks, instead of
| looking at mining difficulty.
| latchkey wrote:
| > Right now about 10% of all ETH is deposited on it.
|
| Nope. The ETH is just in a rather simple write only
| deposit contract on ETH1. [1] It is also not 'all' ETH,
| since there is no hard cap on the total amount of ETH in
| existence.
|
| It is also a bit more complicated than just looking at
| the beacon chain. That beacon chain has zero value tied
| to it. So while it has been running just fine, there
| hasn't been a reason to attack it. It also hasn't been
| used to actually do anything really... and now there is a
| use. There is also a lot more communication going on
| between nodes that didn't exist before. All of these
| things become attack surfaces.
|
| [1] https://etherscan.io/address/0x00000000219ab540356cbb
| 839cbe0...
| DennisP wrote:
| That's an...interesting view. Let's skip the semantics
| and stick to facts, which are these:
|
| - 10% of the current supply of ETH is in the deposit
| contract, and can't be withdrawn from the deposit
| contract.
|
| - Every address that deposited ETH into that contract got
| a corresponding balance of "ETH" on the beacon chain.
| (I'll call it "ETH" instead of just ETH to avoid arguing
| over whether it's really ETH.)
|
| - The beacon chain is functioning as designed, and the
| "ETH" balances of various addresses are getting changed
| over time. The economic incentives appear to be working.
| People are keeping their nodes up and running to get
| rewards, and trying to avoid getting slashed.
|
| - The plan is for stakers to be able to withdraw their
| balances to the main chain, from the beacon chain. When
| someone withdraws, an ETH balance will be incremented on
| the main chain, and the same address will get its "ETH"
| decremented on the beacon chain.
| latchkey wrote:
| Cool, facts. Let's keep going.
|
| Right now, the contract is one way and there is no way to
| withdraw. The code hasn't been developed yet. The ETH or
| "ETH" or whatever, are secure because there literally
| cannot be insecurity without some code to break.
|
| Heck, even "The Merge" doesn't enable withdraw... it is
| scheduled for some time after (still to be decided and
| coded... more potential security issues) and is of course
| a slow trickle too (first people who can withdraw win the
| short market). That 10% is about as secure as you can
| possibly be in that it is effectively burned at this
| point and will require yet another hard fork to unburn
| it.
|
| Let's go back to the premise of my original comment:
|
| PoS is a lot more complicated than PoW and offers a much
| wider attack surface.
|
| Any large mistake in the code that causes financial loss
| is going to go down a huge rabbit hole of how to manage
| consensus around fork choices and will likely have at
| least a short term devastating effect on the market.
|
| I want to see PoS succeed, but as a 20+ year developer,
| I'm very skeptical it will go off without a hitch.
| tremarley wrote:
| Ethereum has had many bugs, mistakes and flaws.
|
| Before 2018, Ethereum has a similar downtime to Solana
|
| Ethereum is continuously developed to remove bugs.
|
| For example: Until 2017, it was possible to sent a
| specifically signed transaction (without the correct private
| key) that resulted in the msg.sender having null sender
| address. This was fixed in EIP-86
| edm0nd wrote:
| Another ouch
|
| >Messages popping up in public Discord servers of random people
| grabbing $3K-$20K from the Nomad bridge - all one had to do was
| copy the first hacker's transaction and change the address, then
| hit send through Etherscan. In true crypto fashion - the first
| decentralized robbery.
|
| https://twitter.com/FatManTerra/status/1554258880380772352
| cellis wrote:
| It wasn't a robbery! It was engineers dutifully executing the
| smart contract according to its terms!
| rmbyrro wrote:
| > the first decentralized robbery
|
| thanks for the loud laugh
| some_random wrote:
| >the first decentralized robbery
|
| This is the funniest thing I've read all day
| chatmasta wrote:
| It looks like somebody had a bridge to sell them.
| wnevets wrote:
| Since "code is law" doesn't that mean it wasn't a robbery? They
| were just following the law.
| [deleted]
| TrapLord_Rhodo wrote:
| Nope - It's not a robbery.
|
| The old mantra of possession is 9/10ths of the law is and
| always has been false. If i have something i own it. That is
| the one fundamental truth. Now someone can come and try and
| take it back from me by force (Person, Court System, Rebels,
| Corporations) if they can exert more violence on 'me' than i
| can exert on 'Them'.
|
| The problem with crypto is the 'keys' are what crypto is. No
| nationstate can come and take that away from me. They can
| kill/imprison/fine me, but then neither of us will have it.
| You would have to hack/fork the chain for that to happen
| (Which has happened) or find some social way around it (If i
| have it on a centralized exchange, if i have a hackable hard
| drive, found my keys on AWS, etc etc.) Additionally, with
| things like Monero, and tornado swap good luck trying to find
| them.
| adrr wrote:
| It will be interesting to see if they can prosecute people.
| They are called smart contracts and talked about being the
| actual contract.
| vkou wrote:
| People have been prosecuted for this sort of stuff over the
| past few years.
|
| 'Code is law' is just a reddit meme at this point, that has
| no basis in reality. 'Smart contracts' are just regular
| contracts, but with more opportunities for theft.
| lottin wrote:
| I'm pretty sure smart contracts aren't contracts. They're
| pieces of computer code.
| Vespasian wrote:
| Contracts (smart or not) cannot override the law.
|
| I'm not a lawyer but I would be very surprised if courts in
| most countries would buy this argument.
|
| Spelling or grammatical mistakes usually don't invalidate
| contracts in the real world and robbing a poorly secured
| vault is still illegal.
|
| The thief was obviously trying to get other people's money
| without their consent.
| ugh123 wrote:
| "Intent is 3/4 of the law" https://www.law.cornell.edu/wex/
| mens_rea#:~:text=The%20mens%....
| parkingrift wrote:
| Sounds like you want to solve the oracle problem with a...
| central authority?
|
| It's so poetic.
| stdsTho8 wrote:
| kansface wrote:
| > Contracts (smart or not) cannot override the law.
|
| The Law allows people to agree to stupid things, no?
| Vespasian wrote:
| Yes but the argument would (perhaps) be that they didn't
| actually agree to the implementation (including bugs) but
| rather to the intended/advertised functionality
| koolba wrote:
| The only agreed upon contract here is the one on the chain.
|
| I'd love for this type of thing to be tested in court. I'd
| invest in popcorn futures ahead of that trial.
| verdverm wrote:
| Make sure you do it with a defi flash loan
| Vespasian wrote:
| Contracts are invalidated all the time.
|
| If they do that and if they get hold of the individual
| (or their assets) the court can force compliance in the
| usual ways.
|
| "I can't access it and never will be able to" is not a
| believable excuse unless you can prove it.
| lottin wrote:
| A "smart contract" isn't a contract in any sense of the
| word, so I'm not sure what you're trying to argue here.
| wnevets wrote:
| If that is true then this decentralized utopia I heard so
| much about sure does require a lot of centralization.
| renewiltord wrote:
| There are advantages to centralization. One may
| reasonably ask if trad-fi centralization is at the
| optimal level. This is just one way to spend money to see
| if the optimal level is below that. Lobbying for
| regulation is a mechanism to spend money to see if the
| optimal level is above that.
| johnebgd wrote:
| You can't bring rational thoughts and facts into an
| emotional conversation.
| ineptech wrote:
| How is one supposed to know who can and cannot take money
| from the smart contract, if not by consulting the contract?
| If my sign says "Apples $0.00" and you take an apple, can I
| sue you (or have you arrested) on the grounds that you
| should've known the sign was wrong and the apples weren't
| free?
| rchaud wrote:
| How does this much money get 'lost' without heads rolling?
|
| I understand that some of the deposits are from retail
| 'investors' who are poorly organized more interested in token
| appreciation or yield than the safety of their funds. But even
| getting to $150m would take forever if it came from individuals.
|
| Surely there are large investors that provided the bulk of the
| capital. Shouldn't they intervene in some way? Or do these whales
| have so much to waste that they throw money into each of these
| projects knowing that they'll never see a cent back from 50% of
| them?
| Dma54rhs wrote:
| Someone else here claimed they don't yet have a public token
| and it's all vc/institutional money.
| woah wrote:
| The reason this happened is that Nomad's contract was
| "upgradable". This is a pattern where the source code of a
| contract is able to be replaced by a privileged developer
| account. This was not how Ethereum was intended to work and it
| actually needs some pretty convoluted stuff to make it work (see
| the UpgradeBeacon related code here:
| https://etherscan.io/address/0x88a69b4e698a4b090df6cf5bd7b2d...)
|
| The reason developers make their contracts "upgradable" is simple
| greed- they want to be able to launch more quickly than other
| projects without needing to ensure their code will stand the test
| of time. This may be OK for a social networking app MVP, but it's
| not OK for a smart contract which a user ideally should be able
| to audit and understand (or at least rely on the audit of someone
| else). "Upgradable" smart contracts can always be changed after
| the fact, as happened here, which means that any audit is
| meaningless.
|
| Top tier projects still do use simple un-upgradable smart
| contracts. Uniswap first wrote v1, then improved it and launched
| v2, then v3. The Uniswap v1 and v2 contracts are still running
| and usable, and will be for as long as Ethereum is around. Their
| security properties will always be the same as they were the day
| they launched.
|
| "Upgradable" contracts mean that you are trusting your money to
| some anonymous fat fingered (or at worst, criminal) dev, and it
| could disappear at any minute. They defeat the entire purpose of
| even using a blockchain.
| artdigital wrote:
| Yes - but not having them upgradeable means that if your
| contract is dealing with a lot of money and a small bug was
| discovered, you are unable to patch it after the fact, even if
| people are actively abusing that bug
|
| It's not really about greed. Deploying a program and having it
| unchangeable forever comes with risks, and more often when
| dealing with very complex applications, those aren't worth it
| apu wrote:
| lol. lmao.
| Ekaros wrote:
| So how come there was 150 million in this? Haven't the people
| "investing" done their due diligence and reviewed the code?
| Shouldn't that be the expected behaviour like we all do with
| transitive dependencies?
| yieldcrv wrote:
| The contract was fine until an upgrade
|
| Often times the market doesn't like upgradeable contracts for
| this reason, ironically the misunderstood idea of smart
| contracts _not_ being upgradeable is paraded as a bug
|
| but its all situational
| rmbyrro wrote:
| They've exercised the same diligence as usual [1]
|
| [1] https://en.wikipedia.org/wiki/Madoff_investment_scandal
| drcongo wrote:
| I don't understand why people writing smart contracts don't also
| write tests.
| NelsonMinar wrote:
| One explanation is this wasn't a mistake at all, but rather a
| deliberate bug introduced to let someone steal all the money.
| rmbyrro wrote:
| C'mon, haven't you seen the mistakes developers can do in real
| life?
|
| This is plausibly a mistake.
| FabHK wrote:
| Yes, that's the beauty of it.
| brabel wrote:
| With 150 million dollars in the line, that's actually highly
| plausible.
| sva_ wrote:
| I feel like they would have introduced a more sophisticated
| bug that is harder to find/exploit.
| SomeCallMeTim wrote:
| With a bug that's trivial to exploit, you've got hundreds
| of people exploiting it; with a bug that's _hard_ to
| exploit, you 've got maybe only yourself or your agent
| exploiting it.
|
| Which of the two do you think will more likely come back to
| haunt you? The one where any authorities investigating will
| need to dig up the backgrounds and connections of hundreds
| of blockchain addresses exploiting the transaction, or the
| one where only a single address exploits the transaction?
| Won't their attention be primarily on those idiots who try
| to withdraw the money in the US, say, vs that one
| transaction out of hundreds where someone in Barbados had
| their proceeds deposited into a bank and withdrawn as cash
| before closing the bank account (that they opened with a
| false identity, maybe?).
|
| When there's a single account performing the exploit, all
| of the investigative resources will be applied immediately
| to that account, making it far more likely that the account
| in question will be tracked up to the point of withdrawal,
| and potentially flagged in time to prevent such a
| withdrawal. With hundreds of others distracting any
| authorities, it becomes hundreds of times harder track down
| the original perp.
|
| Think of those heist movies where someone throws a handful
| of cash up in the air to help avoid pursuit. Same idea.
| NaturalPhallacy wrote:
| Completely agree, yet initializing a value to zero ain't no
| smoking gun.
| dcolkitt wrote:
| Seems very unlikely. If it was a deliberate bug, the contract
| wouldn't have been slowly drained over hours. The attacker
| would have known how to exploit well ahead of time, and had
| transactions/contracts/infra ready to grab the full $190
| million inside one or two blocks.
| NelsonMinar wrote:
| As SomeCallMeTim says in another comment, the other
| withdrawals make great cover.
|
| I have zero evidence for my "deliberate sabotage" theory.
| OTOH it seems entirely plausible and in line with the general
| scamminess of many cryptocurrency systems. OrangeMonkey's
| comment expounds better on the social and legal aspects that
| make deliberate fraud such an attractive possibility:
| https://news.ycombinator.com/item?id=32318939
| Analemma_ wrote:
| The funniest part of all these stories is the part where they
| announce that they've "notified law enforcement". Yeah, this
| space is all, "woohoo, we're free from the Man! Code is law!",
| until an exploit is found and then they have to call on the State
| to enforce that "no, no, we need the people with guns to undo
| this transaction because it's not what we _meant_. " It's like a
| living demonstration of why libertarianism fails.
| cityzen wrote:
| There is an entertaining documentary series on HBO Max right
| now called The Anarchists which has the same types of
| scenarios. In fact in one scene a guy says, "we're anarchists,
| we can't call the cops!". It has some crossover with crypto as
| well.
| 676234e117 wrote:
| This might be surprising, but not every crypto user is a pure
| libertarian, or believes that code is law. A significant amount
| of funds extracted from this exploit were from whitehat hackers
| who took the funds and plan to return them, to avoid them being
| taken by malicious actors.
| malkia wrote:
| Apart from blockchain, nft, crypto, web3 - is Solidity, the
| language, worth exploring - can it be used (for fun) outside it's
| main purpose? Just curious...
| danielvf wrote:
| As someone who writes Solidity full time - it's probably not
| useful for anything outside its current use case.
|
| The EVM, that it compiles to is a lot of fun though, if you
| like small understandable virtual machines. I like it a lot.
| OrangeMonkey wrote:
| The international obfuscated c contest has taught me that
| programmers can make small mistakes on purpose and its almost
| impossible to identify legit mistakes from malfeasance.
|
| If we have a situation where:
|
| * Its hard to tell, after the fact, 'a mistake' was a bad actor.
|
| * The programmers are, by and large, anonymous.
|
| * The benefit of making 'a mistake' could be hundreds of millions
| of dollars that are not easily traced.
|
| This situation seems rife for abuse and bad actors. Not saying it
| happened in this case. . . but how would you know?
| Destiner wrote:
| "Never attribute to malice that which is adequately explained
| by stupidity"
| nubb wrote:
| if you enjoy obfuscated c, we have this
| https://underhanded.soliditylang.org/
| nyanpasu64 wrote:
| Reading https://blog.soliditylang.org/2022/04/09/announcing-
| the-unde...:
|
| > In Solidity, the order of evaluation of sub-expressions is
| unspecified. This means that in f(g(), h()), g() might get
| evaluated before h() or h() might get evaluated before g().
| Practically, this order is predictable, but Solidity code
| shouldn't depend on that behavior between compiler versions.
| In most circumstances g() is evaluated before h() (left-to-
| right order), which is also the behavior that most languages
| specify in their standards. However, in the case of emitting
| an event with indexed arguments, the arguments are evaluated
| right-to-left.
|
| I feel that order-of-evaluation dependence is a special case
| of the general conflict between expression-oriented
| (functional-style) programming, and impure operations
| requiring sequential reasoning. Another case of this conflict
| is temporary values (expressions) with side-effectful
| destructors (sequential reasoning), for example
| https://fasterthanli.me/articles/a-rust-match-made-in-
| hell#w....
|
| At this point, is it good practice to avoid using side-
| effectful procedure calls as parameters to other expressions
| (especially those with multiple inputs), but instead first
| assign to a temporary value to make order of operations
| explicit?
| OrangeMonkey wrote:
| I am 98% anti-crypto, but this is awesome.
|
| Thank you man!
| nubb wrote:
| i can totally get why a lot of folks are anti crypto but
| from a dev perspective it is REALLY a fun place. It is
| possible to have fun and make money AND not be a piece of
| shit in crypto dev.
| [deleted]
| OrangeMonkey wrote:
| I don't like the industry and I believe that, in general,
| its existence currently is a net negative for humanity.
|
| Currently, I believe that most 'web3' and 'crypto
| applications' exist to drive fear of missing out leading
| to monetary investments in crypto by people who don't
| understand the risks leading to the story here (150
| million lost or stolen). I think of my grandmother or
| uncle investing in crypto and losing their retirement
| savings. I personally know family members who have lost
| low 5 digits. Why? Because they wanted to invest because
| it was the future, web 3, fomo.
|
| I actually believe the world is a worst place because of
| crypto.
|
| Can that change in the future? 100%
|
| Does this mean that you and people who work in the
| industry are bad? Not at all. I've worked in industries
| when I was younger that - now - I think were a net
| negative for the world. I'd be a hypocrite to throw
| stones at people just trying to live...
|
| Maybe governmental regulations of this will change my
| view.
| NaturalPhallacy wrote:
| I think the mistake here is seeing crypto _currency_ as
| an investment. That 's not what it's for. It's a currency
| used to pay for goods and services. The rise in its value
| comes directly with the freedom to use it to pay for
| goods and services that avoid government/corporate
| malfeasance and liberate commerce.
|
| For example, I can get a drug that I have a legitimate RX
| for through the (regulatory) captured corrupt American
| healthcare system at 100x markup, or I can buy high
| quality generics on a darknet market for pennies per
| pill.
|
| Another example: Monero is a privacy coin that is
| designed to be untraceable, and Mullvad (VPN) "Privacy is
| a universal right" offers a 10% discount for Monero,
| Bitcoin and Bitcoin cash. Fantastic utility for people
| looking to break out of oppressive government firewalls
| and spying.
|
| I think crypto _currency_ is a massive boon for humanity.
| And treating it like an investment is foolhardy. It 's a
| currency. If you don't have a plan to spend it, why would
| you mine or buy it?
|
| I saw all this coming when Bitcoin first came out and I
| remember thinking it was expensive at $6/BTC. If I'd kept
| half of what I bought back then I'd be a multimillionaire
| today, but if I'd kept it, it might not have become as
| valuable as it is today either. The value of a currency
| comes from using it, not hoarding it.
|
| >Maybe governmental regulations of this will change my
| view.
|
| Government regulations spurred on by the regulatory
| capture and oligarchy designed to squash the little guy
| are the a huge problem.
| peyton wrote:
| You had families members with retirement savings in these
| kinds of bridge protocols? Really?
| nubb wrote:
| totally understand your POV. I am pro crypto because I
| think banks and VC and hedge funds and market makers and
| all of these shadow/mystery shits that go down in the
| real markets are scammy and evil. while its possible to
| obfuscate things on a chain ledger, its impossible to
| really hide. blockchain tech puts everything in the open
| which i think would prevent a lot of crime that exists
| today and goes completely unchecked.
|
| i prob didnt say all that super well but i hope you get
| the spirit of my argument. i totally respect your opinion
| here though because you are not wrong :)
| avgDev wrote:
| You like unregulated market because you think regulated
| market is "scammy"?
|
| I can't recall a brokerage such as Schwab or vanguard
| ever losing my money, compared to Mt.Gox and other trash
| crypto exchanges.
| Yizahi wrote:
| So you wish to change a system where tens of thousands
| people regulate currencies, and significant number of
| them are scammers or evil, for the system where tens of
| people regulate currencies and half of them were actually
| convicted for scams, sometimes multiple times, and who
| live in the non-extradition offshores. Great idea,
| awesome.
|
| PS: this what I actually hate a lot about tokenbros -
| they say that there is a problem in the economy with
| unaccountability of the world elites (ok, true at at
| least somewhat), and then want to supplant it with an
| even worse system, even more centralized, even more
| unequal, even more dangerous to common people, even less
| secure, and even less accountable for the elites in
| charge. The sheer audacity of their lies is mind boggling
| and induces literal rage.
| rurp wrote:
| Out of curiosity, what do you find scammy about market
| makers?
| Closi wrote:
| > I am pro crypto because I think banks and VC and hedge
| funds [...] are scammy
|
| Liking Crypto because you think hedge funds are scammy is
| kind of like enjoying swimming because rain makes you
| wet.
|
| Today's crypto is much more rife with scams and Ponzi
| schemes than hedge funds currently are (because of actual
| legislation).
| asenna wrote:
| Problem with arguments like these is you put all of
| crypto/web3 into one category.
|
| Yes there are scams out there. Lot more than other
| fields. But just take 2 or 3 solid examples - Uniswap,
| DyDx, etc -> These are much more open and decentralized
| and transparent than their TradFi counterparts.
|
| If you think Uniswap is a scam, you haven't looked into
| it yet. Yes the tokens that get listed on it can be scams
| but that's up to to the buyer to assume the risk. As a
| tool, it's so much more transparent than anything that
| existed before it.
| mod wrote:
| Can you help with some fun jumping off points?
|
| I'm a dev interested in learning more.
| nubb wrote:
| when i wanted to learn Solidity, at the time, I was
| really into yield farming. I forked the sushiswap
| masterchef contract and just played around with tweaking
| it. you can do this for (basically) free on a chain like
| BSC or Arbitrum or you can play around with forking a
| network using Ganache or hardhat (or Foundry if you are a
| Rust nerd).
|
| Crypto Zombies is a very good interactive intro to
| Solidity, despite being REALLY outdated at this point
| (last i checked it was using Sol 0.5 or 0.4).
|
| my best advice is find some popular crypto concept you
| vibe with and just start messing around. Vyper is also
| growing in popularity so that might be worth checking out
| too!
| tgv wrote:
| I've always enjoyed the underhanded C contest, but I don't
| think it's active anymore. Thanks for this. The 2022 entry
| that I saw was very much in the same spirit.
| jpmonette wrote:
| Isn't the same thing for oss contributions, npm packages, etc.?
| cmeacham98 wrote:
| Slipping an exploit into an npm package doesn't let you
| easily run away with tens/hundreds of millions of dollars in
| the same way web3 projects do.
|
| That said, I personally doubt this happens much if at all,
| because if you want to scam on web3 you can just do a good
| old-fashioned pump&dump and nobody seems to be receiving any
| legal/criminal consequences as of yet.
| rmbyrro wrote:
| > hundreds of millions of dollars that are not easily traced
|
| If they keep it in blockchains only, it's hard to connect to a
| real identity. But if they cross the line (which is everybody's
| goal eventually) to the real world, they can get caught as easy
| or even easier than in traditional financial system.
| chernevik wrote:
| This.
|
| I don't how anyone would commit anything more than pocket
| change to a scheme where an insider could deliberately
| introduce a weakness and then exploit that weakness to walk off
| with all the funds committed.
| ChicagoDave wrote:
| I'm still confused as to why web3 hasn't come up with an "undo
| transaction" when shit like this happens.
| yieldcrv wrote:
| the areas being bridged to often do have an undo transaction
| and is a real threat to a heist, which is why people try to get
| funds across the bridge as fast as possible, or only exploit
| the other side of the bridge
| Ekaros wrote:
| The failure of these undo steps is that what if transactions
| downstream have already happened. Possibly with physical goods
| or real money. Unroll those too? And on whose cost?
| paulpauper wrote:
| There must be thousands of people scanning contracts and defi
| protocols for any updates or changes and then trying to exploit
| it. A single exploit is equal to 1000s of years of income even at
| a regular tech job. This is happening every few weeks now it
| seems.
| throitallaway wrote:
| Off topic, but I refuse to read stuff like this in tweet format.
| It's nice that threadreader exists, but this short format shit
| has to go.
___________________________________________________________________
(page generated 2022-08-02 23:02 UTC)