[HN Gopher] Canadian math prodigy allegedly stole $65M in crypto
___________________________________________________________________
Canadian math prodigy allegedly stole $65M in crypto
Author : bookmtn
Score : 259 points
Date : 2025-04-14 14:21 UTC (2 days ago)
(HTM) web link (www.theglobeandmail.com)
(TXT) w3m dump (www.theglobeandmail.com)
| nikhizzle wrote:
| So which one is it? Code is contract and he should get to keep
| the money. Or crypto is governed by laws outside of crypto and so
| he violated the "spirit" of the code and hence is a criminal?
|
| It seems like right now the crypto industry makes the decision to
| their convenience on a daily basis.
| intrasight wrote:
| Purity goes out the window when there's real money involved.
| And means that in cryptocurrency, you only own what the
| government grants that you own.
|
| It'll be interesting how this gets resolved by Canadian courts.
|
| And this is rich: "A bad actor not brought to justice and held
| to account for one act of fraud will surely commit another"
| jiveturkey wrote:
| > It'll be interesting how this gets resolved by Canadian
| courts.
|
| He's being prosecuted by the US DOJ, EDNY. Not Canada.
| Obscurity4340 wrote:
| Bet they were MAGA
| notyourwork wrote:
| This comment adds no value to the discussion and tries to
| politicize the conversation.
| criddell wrote:
| Code is contract and disputes are handled by the courts.
| There's no such thing as a purely extrajudicial contract, is
| there?
| Spivak wrote:
| I think the name smart contract is misleading because if you
| believe that the code is law then there is no actual contract
| in the smart contract. There is no meeting of the minds, no
| agreement on what the contract means or what is considered
| customary. Just a machine floating in the ETHer you can
| interact with. You owe the machine nothing and it owes you
| nothing.
| jxjnskkzxxhx wrote:
| We have laws, yes.
| eadmund wrote:
| Yes, we have laws. When should the law intrude on the private
| transaction of two parties? Typically, the law holds both
| parties to their contractual agreement. If those two parties
| have contracted to abide by the output of an algorithm, can
| the law distinguish good faith manipulation of algorithmic
| inputs to benefit oneself from bad faith manipulation of
| algorithmic inputs to benefit oneself? Given that the whole
| point of a smart contract is to encode the terms of the
| agreement as code, when is it appropriate to step in and
| alter that agreement?
| hinkley wrote:
| In the real world locks are meant to keep honest people honest
| and slow down the dishonest people until someone notices and
| stops them.
|
| There's a world where crypto could be sold the same way, but
| the sycophants drowned that out for long enough that we aren't
| in the Trough Disillusionment now so much as the Trough of Open
| Mockery.
| Gunax wrote:
| There definitely some hypocrisy, but it might work differently
| in the law.
|
| As devs, we might claim that 'code is the law' but my guess is
| that the law does not care. That is, one cannot overwrite
| property laws by a few lines of code.
|
| Consider how disclaimers work--we are increasingly putting
| limitations on what rights you can contractually forfeit.
|
| This will be interting to watch.
| gosub100 wrote:
| See also: tether.
| programjames wrote:
| It seems absolutely bonkers to me that someone would write a
| smart contract that lets them bleed $50m without automatically
| stopping after they lose the first $1/10/100k.
| poochkoishi728 wrote:
| That seems hard to implement. Presumably the move was all
| based on regular transactions. You can't just say, "If we're
| losing money, stop it", you have to concretely specify the
| conditions.
| hiAndrewQuinn wrote:
| There is a third way: Private adjudication. I see no reason why
| the crypto community couldn't run its own private court system,
| similar to what e.g. Randy Barnett describes in chapter 5 of
| _Anarchy and the Law_.
|
| (Obligatory, I don't work in crypto or have any special
| connection to it, I just think people forget this third option
| even exists when it's really the most common way most private
| industries actually resolve disputes most of the time.)
| notnullorvoid wrote:
| It already does run its own private court system, it's the
| consensus process that is used to upgrade the protocol. If
| there was enough consensus there could be a fork that
| returned the funds, but that will never happen.
| hiAndrewQuinn wrote:
| Sure, but suppose people decide that's not good enough.
| vincnetas wrote:
| what "people"?
| ausbah wrote:
| simple, those who lose to the system they've supported
| until it bleed up in their face
| dkarras wrote:
| Private court system? How does it work? Regular court system
| works because the government has the threat of violence, has
| the muscle and rights to hunt, capture and detain. if
| "private court" rules against me and I refuse to obey, how
| will they make me obey? There is no "or else" embedded in it
| so it will be useless.
| theurerjohn3 wrote:
| its a cryptocurrency, the courts legitimacy would likely
| come from the community forking as necessary to resolve
| issues as identified by the court, in the same way the us
| judicial branch gets its legitimacy from the us executive
| branch employing force as necessary to resolve issues as
| identified by that court.
|
| its a broader group to convince, sure, but there is a clear
| 'or else' from which the court can get that legitimacy.
| 'return the money or else we will return it for you' is a
| meaningful or else
| amit9gupta wrote:
| He did not steal anything. He beat the fund (Indexed Finance) at
| their own game.
|
| He has not stolen anybody's password, has not modified DeFI code
| - simply executed a set of financial transactions according to
| the rules (expressed as DeFI smart contracts) and profited from
| it.
|
| Indexed Finance is an unlicensed investment firm. The promoters
| knew the risk ( decentralized finance) and now they want to blame
| someone who outsmarted them at their own game.
| Cthulhu_ wrote:
| The company and its customers knew what they were getting into;
| to get protections from the law and guarantees, financial
| institutions need to get licensed and comply with all the
| rules, regulations and law. Of course, this includes providing
| transaction data to the relevant parties to help them detect
| tax evasion and money laundering.
| Aurornis wrote:
| > to get protections from the law and guarantees, financial
| institutions need to get licensed and comply with all the
| rules, regulations and law.
|
| That's not how the law works.
|
| If someone breaks the law or doesn't comply with regulations,
| that's a separate issue. It doesn't entitle a third party to
| steal their funds.
|
| If you were to rob a drug dealer, you couldn't argue that
| they weren't complying with the law and therefore you were
| free to take it. You would both have broken laws.
| archontes wrote:
| Define theft.
|
| If you write a contract and give it to a lawyer with the
| instruction, "Anyone who satisfies this contract gets this
| money." And someone satisfies the contract to the lawyer's
| -but not your- satisfaction, and the lawyer sends the
| money, did the third party steal from you?
| danielvf wrote:
| There's a very relevant XKCD on this, where someone
| discovers a clever "bug" in an insurance contract, and is
| then disappointed.
|
| https://xkcd.com/1494/
| InDubioProRubio wrote:
| But wont somebody think of the Incompetence Finance Inc. - we
| cant have fraudsters defrauded, with legal means. The upper
| caste taketh the lower giveth that is tardition since the dawn
| of time.
| InsideOutSanta wrote:
| This. If you believe in cryptocurrencies, you can't run to the
| courts when people use them as designed, even if they didn't
| use them as intended.
|
| If you end up using the legal system to remediate undesired
| transactions, what's the point of cryptocurrencies in the first
| place?
| thinkingtoilet wrote:
| > what's the point of cryptocurrencies in the first place?
|
| So far, to execute illegal transactions and using the lack of
| regulations to exploit the financially illiterate.
| hinkley wrote:
| Money laundering.
| apercu wrote:
| And get rich quick scams. And fraud.
| smallmancontrov wrote:
| And drugs. And delivery of bribes to the sitting US
| president (these are not the same as illegal transactions
| because when the president does it it is not illegal).
| hinkley wrote:
| Amongst our weaponry are such elements as graft,
| narcotics, money laundering, fraud... I'll come in again.
| eftychis wrote:
| Oh, it is illegal. It's just that the DOJ is turning a
| blind eye because someone at some point wrote a
| "memo"[0,1], which it seems can be the bane of global
| peace and prosperity as we know it. (Yes, it is ironic
| that a memo in some countries like the U.S. can affect
| everyone else.)
|
| P.S. I understand the context in your comment here. Just
| expanding on it for cynicism's sake.
|
| [0] https://biotech.law.lsu.edu/blaw/olc/sitting_presiden
| t.htm [1] https://www.justice.gov/file/146241-0/dl?inline
| [Note it has been updated since 2000.]
| xp84 wrote:
| (i'm not GP but...)
|
| You've cited policy which blocks _prosecution_ of sitting
| Presidents -- but that didn 't necessarily enjoin
| eventual justice from being served after his term(s) end.
| However the outcome of Trump v. United States, 603 U.S.
| 593 (2024) appears to not just block prosecution but
| grant immunity, meaning what would normally be a crime
| ceases to even be a crime.
|
| That ruling appears to draw a nearly complete shield of
| immunity around Presidents for any crimes done as
| 'official acts,' and nearly everything can be claimed to
| be an 'official act' especially given how vaguely-scoped
| much Presidential power has become. I consider it pretty
| unlikely that we'll ever see a former President even be
| charged with a crime if Congress doesn't explicitly
| repudiate this ruling with an actual law.
|
| Source: https://en.wikipedia.org/wiki/Trump_v._United_Sta
| tes#:~:text...
| eftychis wrote:
| Thank you. I tried to keep my comment short, but your
| expansion was necessary on second thought. For better or
| for worse, I expect this to be relitigated. (Unless all
| outgoing presidents start the tradition of pardoning
| themselves from now on.)
|
| The reason is that what constitutes an official act is up
| in the air, and let us be honest, the incumbent president
| is not known for staying inside the Executive branch's
| lane.
|
| But the sheer unwillingness of the DOJ to prosecute,
| creates a catch-22: you need indictments to change or
| clarify Trump v. United States, 603 U.S. 593, and right
| now there are two options:
|
| Somehow revive the private right to criminal prosecution
| (and of the president at that)(See Linda R.S. v. Richard
| D., (1973) 410 U.S. 614 (citations omitted)) or a Federal
| Court to appoint counsel to investigate a former or
| incumbent president. (Young v. U.S. ex re. Vuitton et
| Fils, (1987) 481 U.S. 787.) And I am not sure which one
| is less likely to happen. (Or for Congress to take that
| role beyond impeachment, which is even less likely.)
| btilly wrote:
| The case where the precedent was set suggests that it is
| within the outer perimeter of what the President does to
| give a speech designed to whip up a crowd before they
| head them off to the Capitol to attempt a coup.
|
| While Trump may go farther than that, it is hard to
| imagine any other President in our history who would have
| considered doing anything more deserving of criminal
| prosecution in a US court.
|
| Given how polarized our country has become and the
| requirement for a 2/3 majority in the Senate, it is also
| difficult to see how we could ever again wind up in a
| situation where the threat of impeachment is a
| significant concern to a sitting President. Given the
| current state of the Republican party, I'm not even sure
| whether an attempted military coup by Trump would get
| that result.
| xp84 wrote:
| I agree completely. He doesn't need to do a coup now that
| he has absolute power for four more years given the
| vacuum of leadership that is the legislative branch, but
| he absolutely would get away with it if he chooses to
| someday.
| roenxi wrote:
| > I consider it pretty unlikely that we'll ever see a
| former President even be charged with a crime...
|
| You could have stopped the sentence here; most US
| presidents are responsible for acts that appear to be
| criminal but for the fact that it is political convention
| not to charge them. The most egregious case I recall was
| Anwar Al-Awlaki [0] - where he seems to have been killed
| on the president's orders without actually having done
| anything specific to justify it. Searching for "crime" on
| his Wikipedia page turns up nothing much. If a president
| isn't publicly investigated by the judicial system for
| having a US citizen killed it is hard to see when charges
| would be appropriate.
|
| [0] https://en.wikipedia.org/wiki/Anwar_al-Awlaki
| jollofricepeas wrote:
| I agree.
|
| The story of Anwar Al-Awlaki and his American US-born son
| who was killed in the attack authorized by the Obama
| administration must not be forgotten.
|
| The issue of presidential powers and conduct must be a
| non-partisan issue. Trump merely walked through the
| cracks created under Obama.
|
| Being well-intentioned ("protecting Americans against
| terrorism") is not sufficient excuse for murdering an
| American minor due to the sins of his father no matter
| how much the Obama administration DOJ attempted to make
| it legally permissible to do so.
| greedo wrote:
| <Trump merely walked through the cracks created under
| Obama.>
|
| Which were dependent on the GWB administration (forced
| renditions, torture prisons), the Reagan administration
| (Iran-Contra etc), the Nixon Administration (Watergate
| etc), FDR's admin (concentration camps), on and on and
| on.
|
| The expansion of Presidential power is non-partisan.
| Congress would be the logical counterbalance but other
| than in fits and starts has generally abdicated this role
| to the SCOTUS which has now been captured by believers in
| the unitary Presidency.
| dullcrisp wrote:
| Did you actually read the article you linked, or just
| search for the word "crime?"
| roenxi wrote:
| Both. I was doing the search because I was thinking "well
| maybe there was a crime in there somewhere that I
| missed".
| dullcrisp wrote:
| Okay. Well in that case, my (uninformed) take is that
| both holding the president personally criminally liable
| for actions of the US government that they authorized,
| and not holding the president accountable for campaign
| finance violations they undertook on the path to getting
| elected, are about equally ridiculous. But it seems that
| we're doing the second one.
| roenxi wrote:
| I'm honestly lost on what you might be alluding to with
| the "campaign finance violations"; but that is a classic
| up there with the remarkable rate that whistle-blowers
| turn out to be guilty of sexual assault nothing-burgers.
| I expect candidates will routinely violate campaign
| finance laws and don't see why that is more than a minor
| problem until someone outlines what the actual issue is
| in a specific case.
|
| If they're taking millions of dollars from Chinese NGOs
| that would be a problem. If they filled out a form
| wrongly and there is no motive involved that isn't
| interesting. Might be worth a few political points on a
| slow news day.
|
| Those laws are a poster child for the high risk of
| selective enforcement leading to political corruption.
| bawolff wrote:
| > where he seems to have been killed on the president's
| orders without actually having done anything specific to
| justify it.
|
| This was an assaination as part of an armed conflict if i
| understand correctly.
|
| There are a lot of things you can argue about with the
| morality of the drone strike program, but its at the very
| least grey. As a general rule, armed conflict involves
| killing people who have done nothing wrong other than
| being on the wrong side of the conflict.
|
| Its possible it still might be a crime, but i think it
| would be on the standard of if its a war crime, and not
| an ordinary murder.
|
| P.s. i dont understand what him being an american citizen
| has to do with it. Its not any more ok to kill non-
| citizens.
| thinkingtoilet wrote:
| I posted the original comment everyone is replying to so
| it's clear I'm not fan of crypto. To be fair, literally
| everyone I've ever known, including myself, has only ever
| used cash to buy drugs. I can't put that on crypto.
| dhosek wrote:
| For online sales of drugs it's through crypto. Also, it's
| the preferred way of paying ransom these days.
| smcin wrote:
| You only mean ransom of data or platforms, not people?
| Lionga wrote:
| Both. All kind of ransom is just better with crypto. Talk
| about disputing an industry.
| waspleg wrote:
| The only person I knew who had BTC in like 2008 used it
| to buy drugs from the Silk Road. They're dead now so it
| doesn't matter.
| sfn42 wrote:
| There's a pretty big market for drugs and other illegal
| things on onion websites. You send an encrypted order,
| transfer crypto to an escrow wallet, then they send the
| product in the mail.
| anonym29 wrote:
| Some of the first early adopters of pagers and cell
| phones were drug dealers and prostitutes.
|
| The economic conditions that push vulnerable people to
| committing crimes enhanced by technology are not a
| condemnation of the technology itself.
| oh_my_goodness wrote:
| Who's using a ledger system for illegal transactions?
| Salgat wrote:
| I like how every attempt to legitimize cryptocurrency by
| the current administration has just resulted in hurting the
| price of cryptocoins.
| close04 wrote:
| By now everyone who stands to gain from (ab)using crypto
| is probably already convinced. Almost everyone else heard
| so much about scams and illegal activities around crypto
| that they find it too risky. So the current admin is
| preaching to a small choir, to the angst of the large
| one.
|
| What I like is that every time there's a hack, or someone
| loses money over crypto either due to some illegal action
| or just unintended consequence of using it, you have a
| few more people demanding more regulation and state
| intervention. If only crypto regulation was scoped
| exclusively to when they need it after being swindled out
| of it.
| rchaud wrote:
| That's happening because crypto 'value' doesn't exist in
| a vaccuum, immune to the vagaries of the tradFi markets.
| When shit hits the fan, credibility matters. That's why
| traders park cash in government bonds when a market sell-
| off happens; a government bond essentially guarantees you
| get your money back quickly when you're ready to go back
| into the markets.
|
| The recent moves by the administration have been so
| incompetent as to tank the bond market as well, thereby
| leaving few safe harbors. And no harbor is less safe than
| crypto.
| throwaway2037 wrote:
| I agree with your assessment of cryptocurrencies. Here is a
| thought experiment that I use with other people: Ask
| yourself why none of the top 10 global investment banks
| have started their own crypto exchange. Now, add the 20
| largest stock, futures, and options exchanges. Still none.
| After all, it is "just" market making (with a bit of
| clearing, custody & execution services). What is wrong with
| this picture? For me, the real issue is that KYC (know your
| customer) legal requirements will drain all the profit from
| the operation and expose the ibank/exchange to enormous
| legal risk.
|
| Another one to make you scratch your head/chin: The world's
| busiest crypto exchange is Binance. The Wiki page literally
| says: "Headquarters: Unknown". How can anyone trust a
| company like that? Who regulates it? What enforcement
| agency will help in the event of fraud?
| b3lvedere wrote:
| 90% agree with this , with the little caveat that law and
| regulation always are a couple of steps behind huge
| innovations. Unfortunately sometimes companies think this
| gives them freedom to break current laws and regulations.
|
| Your thought experiment reminded me a little of the
| Kurzgesagt video on how to debunk an internet conspiracy
| in seconds: https://www.youtube.com/watch?v=Hug0rfFC_L8
| smcl wrote:
| By far the more common use case is as an unregulated asset
| you can semi-legally pump-and-dump, and to extract money
| from gullible rubes
| pavlov wrote:
| As recommended by the President of the United States.
| nicbou wrote:
| As _demonstrated_ by the President of the United States.
| rchaud wrote:
| And demonstrated by his new business partner in the
| private prison industry, Bukele of El Salvador.
| pcthrowaway wrote:
| You're saying the same thing
|
| > So far, to execute illegal transactions and using the
| lack of regulations to exploit the financially
| illiterate.
| smcl wrote:
| I think this was edited - my understanding of the
| original comment was that it was primarily for buying
| things on the darknet ("illegal transactions").
| timcobb wrote:
| > what's the point of cryptocurrencies in the first place?
|
| Not to be that guy but it seems like the point of
| cryptocurrencies is to scam vulnerable people...
| xattt wrote:
| A wanting of having cake, but a desire to eat it too.
| hinkley wrote:
| Take the cake immediately to your left. Problem solved.
| CursedSilicon wrote:
| The entire idea of crypto is "I wasn't supposed to be the one
| holding the bag!"
| hinkley wrote:
| Musical chairs except you don't want to get a chair.
| what wrote:
| That game is called Hot potato.
| hx8 wrote:
| Funny, I thought the whole point was to hold on to the bag
| as long as you can. Think back to the first time you heard
| about btc or eth, and how much return a modest investment
| would have made. It's the people that sold early that lost
| out.
| vkou wrote:
| How is that theory going for the bagholders of the
| graveyard of dead coins and rugpulls?
| hx8 wrote:
| You're not wrong, but has there ever been a time when
| buying & holding the 3 largest market cap coins wasn't a
| winning strategy?
|
| Most of the deadcoins were very low cap, and low cap
| investments are inherently risky. Most of the rugpulls
| were schemes around small coins or individuals not
| actually holding the private keys to the wallet.
| brohee wrote:
| The purest survivor bias in a while, and even some of the
| few survivors are in freefall, e.g. Litecoin.
| don_neufeld wrote:
| > what's the point of cryptocurrencies in the first place?
|
| I think you're answering your own question here
| vonneumannstan wrote:
| >you can't run to the courts when people use them as
| designed, even if they didn't use them as intended.
|
| I doubt that will hold up in court. The exact thing could be
| said about computer networks and hackers exploiting them.
| jstanley wrote:
| > If you believe in cryptocurrencies, you can't run to the
| courts when people use them as designed, even if they didn't
| use them as intended.
|
| If you believe in cash, does that mean you can't run to the
| courts if someone steals your cash?
|
| If your security proves insufficient to prevent a theft, that
| doesn't mean the theft was legal! It just means your security
| was insufficient.
|
| That security can be enforced by mathematics instead of
| courts is definitely a _benefit_ of cryptocurrency, but when
| it goes wrong courts still matter.
| crote wrote:
| The problem here is that those crypto contracts aren't
| designed to be security. They are intended to be
| _contracts_.
|
| It's like opening a bank account, and the contract says
| "You can only access your own money in the vault.
| Everything you can access is yours to use as you see fit."
| On your first visit the manager brings you into a vault
| with hundreds of cash-laden tables. He shows you to an
| empty table, and says "Here's your table. Enjoy!".
|
| Are you allowed to take money from the other tables?
| Clearly the _contract_ says you can, but surely that can 't
| be what they intended? Is it theft to "break their
| security" by walking over to another table, or is it just a
| hidden perk of the contract you signed?
| notahacker wrote:
| Moreover they're designed to be contracts with the
| explicit intention of enabling trustless exchange
| _without_ third party oversight, under the belief that
| the code can replace a legal system
|
| unlike actual contracts, which are written with the
| expectation that disputes may occur and be resolved by
| arbitrators and a legal system (who will probably rule
| that a poorly drafted clause 2b _doesn 't_ in fact grant
| you the right to take all the other customers' money)
| dandanua wrote:
| @crote
|
| > Are you allowed to take money from the other tables?
| Clearly the contract says you can, but surely that can't be
| what they intended?
|
| If their entire business model is based on giving a service
| that allows you to store your money in safety without any
| government dependency, while in reality they allow everyone
| else to take your money, then they deserve whatever happens
| to them.
| yifanl wrote:
| The fact that they deserve to be bankrupt doesn't mean
| the person responsible for their state of bankruptcy is
| innocent.
| InsideOutSanta wrote:
| _> If you believe in cash, does that mean you can't run to
| the courts if someone steals your cash?_
|
| No, because the point of cash isn't to circumvent
| government control of the financial system. If you build a
| whole system just to decentralize financial control and
| avoid government influence but then appeal to the
| government as soon as you don't like what happens, you're
| doing something wrong.
| hinkley wrote:
| Cash is a fiat currency issued by the government you are
| running to for restitution. I'm not sure GP understands
| what fiat currency means.
| kasey_junk wrote:
| Now do gold.
| koolba wrote:
| > If you believe in cash, does that mean you can't run to
| the courts if someone steals your cash? If your security
| proves insufficient to prevent a theft, that doesn't mean
| the theft was legal! It just means your security was
| insufficient.
|
| Stealing someone's private key and then using it to steal
| their assets is very different from exploiting edge cases
| of get rich quick schemes.
| Muromec wrote:
| It's different in means, but not in intent. Sure,
| extortion, blackmail and robbery all differ from theft,
| but are illegal all the same
| lelandbatey wrote:
| It's quite different in intent. When you stash crypto
| within a defi contract that _you authored_ , and that
| contract states that the crypto can move under certain
| conditions, and then folks come along and say "hey, I
| meet those conditions" and move the crypto, then no crime
| has been committed!
|
| If you didn't want folks to be able to get the crypto
| under those conditions, then why did you make the
| contract grant them the crypto in those conditions? I
| can't take a stack of $100 bills and leave it on the
| sidewalk with a post-it note saying "only to be picked up
| by John" and then sue the person named John who comes by
| and picks up cash. I also can't get mad when Alice sees
| the stack and tells her friend John to come pick up the
| money with his name on it.
|
| So it is with crypto. Why are you using crypto if you
| don't want to follow the rules? That sounds to me like
| you're trying to do unregistered securities trades...
| tempestn wrote:
| In the legal system, formation of a contract requires
| intent. If it can be demonstrated that there was no
| intent to form a provision of the contract, no "meeting
| of the minds", then I don't believe it is enforceable.
| (Though IANAL.)
| lelandbatey wrote:
| The point is that there's a pretty big publicly published
| document informing the world of their intent. It's called
| a contract, and they said "this will be the rules by
| which we abide."
|
| It's a very hard battle to say "wow, I didn't intend to
| have my contract say that, despite writing that and
| publishing it." You'd have to have a lot of auxiliary
| material explicitly stating the opposite of what your
| contract actually said, or you'd have to convince others
| that what the contact actually says is so difficult to
| understand that there was no way to anticipate that the
| contract allows what it does. And even then, I don't know
| if that'd pass because "I didn't think of that at the
| time" is commonly not accepted as a way to get out of
| breach of contract.
| tonyarkles wrote:
| I think you're confusing "smart contracts" with "legal
| contracts". They're not entirely different but exploiting
| a loophole in a smart contract doesn't necessarily meet
| the standard of a legal one.
|
| > To form a contract, there must be: a) an offer and
| acceptance of said offer; b) consideration for the offer,
| or some value exchange; c) an intention to form legal
| relations; and, d) a certainty of the terms of the
| contract
|
| https://www.canlii.org/en/commentary/doc/2019CanLIIDocs40
| 82
|
| The people who made the smart contract almost certainly
| wouldn't tick all four of those boxes definitively. It'd
| be an interesting civil case probably!
| MadnessASAP wrote:
| It's actually pretty well established that a typo in a
| contract doesn't isn't enforceable, particularly if the
| party trying to enforce it is acting in bad faith.
| pcthrowaway wrote:
| If you get into a cash poker game, and someone outplays
| you, then no, you can't run to the courts
| tempfile wrote:
| > If you believe in cryptocurrencies, you can't run to the
| courts when people use them as designed, even if they didn't
| use them as intended.
|
| Yes, indeed. And when people leave their home unlocked the
| thieves should get to keep their stuff. What kind of savagery
| is this?
|
| > If you end up using the legal system to remediate undesired
| transactions, what's the point of cryptocurrencies in the
| first place?
|
| Great question, we have been waiting for answers for nearly a
| decade now...
| DangitBobby wrote:
| The entire point of a home is not to escape traditional
| finance. It's by design not compatible with a simple "thief
| breaks into house" comparison, otherwise the entire
| enterprise is a scam and they should be criminally
| prosecuted for fraud the second they ask for legal dispute
| resolution on transactions that happened on ledger.
| InsideOutSanta wrote:
| _> And when people leave their home unlocked the thieves
| should get to keep their stuff._
|
| That's not what happened here. What happened is that the
| crypto company said, "Follow this contract," and their
| customer followed the contract and took their money, and
| then the crypto company was like, "But not like that!"
|
| Ostensibly, the whole point of cryptocurrencies is to
| decentralize financial control and not depend on
| governments for that service. If you then depend on
| governments the second you don't like what happens, there's
| no point to cryptocurrencies.
| tempfile wrote:
| If you can't distinguish "not what I intended" from "not
| what I wanted" then there is probably no reasoning with
| you. Luckily for the rest of us, making this distinction
| is a pre-requisite for becoming a judge or lawyer.
| InsideOutSanta wrote:
| _> Luckily for the rest of us, making this distinction is
| a pre-requisite for becoming a judge or lawyer._
|
| I have to admit, that's pretty funny. But I will point
| out that you did not make an argument in support of your
| position; you merely insulted me.
| tempfile wrote:
| I really didn't intend that as an insult! I just find it
| very easy to distinguish between a case where someone
| followed reasonable rules and got an outcome they didn't
| like, versus a case where someone found absurd rules -
| clearly not intended by anyone - and exploited them for
| an undeserved gain.
|
| If you see a case where someone exploits a badly-coded
| computer program to take a hundred million dollars from
| someone, refuses to return any of it (even when offered
| several million dollars for their trouble), refuses to
| co-operate with the judges and the rest of civilised
| society, and just see "waa waa baby doesn't like his
| medicine" then I don't see how to actually reason with
| you. That's just a value difference, not really an
| insult.
| InsideOutSanta wrote:
| _> I just find it very easy to distinguish between a case
| where someone followed reasonable rules and got an
| outcome they didn't like, versus a case where someone
| found absurd rules - clearly not intended by anyone - and
| exploited them for an undeserved gain_
|
| I think you overestimate how easy it is to distinguish
| between these two. A reasonable common example is people
| like Bernard Marantelli exploiting lotteries. The lottery
| does not intend for people to play as Marantelli does.
| You can (and people do) argue that he's stealing money,
| but should he go to jail for playing the lottery in a way
| "not intended by anyone"? I don't think so.
|
| It's the same with card counters at a casino. The casino
| can throw card counters out because they can decide who
| plays at their establishment, but it would be
| unreasonable to jail card counters for playing blackjack
| in a way casinos don't intend.
|
| _> If you see a case where someone exploits a badly-
| coded computer program to take a hundred million dollars
| from someone_
|
| This phrasing removes relevant context to the point where
| it no longer represents what actually happened.
|
| _> refuses to return any of it (...)_
|
| I did not comment on any of this at all.
|
| _> I don't see how to actually reason with you_
|
| This is dismissive and denies my ability to be convinced
| by reasonable arguments. It is insulting, even if it's
| not intended that way.
| tempfile wrote:
| I think both those cases are easy to decide, and are
| legitimate play. Even if they were not legitimate, I
| think the remedy is simple -- not jail, but at worst
| return the money that was taken. In this case, even if
| deciding the merit of the case is hard, there was a
| transparently reasonable remedy (return 90% of the funds,
| continue with your life) which Medjedovic rejected. More
| than just rejecting the offer, he then went on to launder
| the tokens through a mixer, fled the country, and has
| refused to put the funds in escrow while the case is
| decided in court. None of this is reasonable, in my
| opinion, and I am 100% ok with the legal system forcing
| him to comply.
|
| > This phrasing removes relevant context to the point
| where it no longer represents what actually happened.
|
| I don't think it does, but you don't explain why, so
| there is not much to argue. It is hard to get an
| objective description of what happened, but as far as I
| can tell, the liquidity pools operated by Indexed Finance
| are governed by a smart contract, the smart contract
| contained a mistake, and by exploiting that mistake,
| Medjedovic was able to drain them completely.
|
| Can you explain to me in simple english how that is using
| the contract as intended? Note that "it's what the smart
| contract said" is not sufficient, for the same reason
| that "the web server allowed me to make that request" is
| not a defence against a charge of computer hacking. What
| the smart contract says is actually almost irrelevant.
| What is relevant is what it was _intended_ to do.
|
| Incidentally, why should I be rooting for this guy? It
| seems like literally the only argument in favour of what
| he did here is "everything that is possible is fair". His
| extraction of money is purely parasitic, and aside from
| merely identifying the bug, he hasn't done any useful
| work at all. I would grant that this applies to the
| lottery and card counting examples too. But why should I
| care that he's having his money taken away?
| InsideOutSanta wrote:
| _> I think both those cases are easy to decide_
|
| Many people disagree with you and describe what these
| people do as theft, so it's not as easy as you think.
|
| _> which Medjedovic rejected_
|
| I made no points at all about what he did afterward. This
| is all irrelevant to my point.
|
| _> I don't think it does, but you don't explain why_
|
| I did explain why further up in the thread. It's not just
| a badly coded computer program; it's a badly coded
| computer program _that acts as a contract intended to
| circumvent government control of money._ That 's the
| context.
|
| People agree to adhere to the smart contract instead of
| putting their money into a financial institution that
| uses contracts backed by laws enforced by governments.
| This guy adhered to the smart contract, and when the
| crypto company didn't like the outcome, they decided that
| none of the crypto stuff mattered and that the laws
| enforced by governments mattered after all.
|
| But this makes cryptocurrencies entirely pointless. If
| you can use legal means to circumvent undesired smart
| contract outcomes, then you can just do that in the first
| place and not have the smart contract.
|
| _> Can you explain to me in simple english how that is
| using the contract as intended?_
|
| Yes, of course. Smart contracts are self-executing
| contracts. The agreement you make is written in the code
| of the contract. That is the intention behind a smart
| contract. It makes no sense to say that you did not
| adhere to the contract if it allowed you to do something.
| So by definition, anything you do that the contract
| enables you to do is using the contract as intended.
|
| _> Note that "it's what the smart contract said" is not
| sufficient, for the same reason that "the web server
| allowed me to make that request" is not a defence against
| a charge of computer hacking_
|
| Again, this argument ignores the context of smart
| contracts. Web servers don't claim that their code is a
| contract.
|
| _> why should I be rooting for this guy_
|
| It doesn't matter. I'm not rooting for this guy. I'm not
| arguing emotionally in favor of some guy who did
| something. In fact, I think he's a shithead.
| tempfile wrote:
| > It makes no sense to say that you did not adhere to the
| contract if it allowed you to do something.
|
| I think this is the point where I really disagree with
| you. I don't see how this is different for smart
| contracts, as opposed to, say legal contracts written in
| english. It is not true in general that just because a
| contract says something, that those exact terms are
| enforced. There is a whole body of law around what terms
| are enforceable, what to do in cases of mistakes, and so
| on.
|
| I am now really unclear on what your position is. I
| thought originally that you were in favour of smart
| contracts, and that it was somehow unfair or unethical
| for e.g. a court to rule whether a smart contract was
| intended to do something different than what it did. So I
| am trying to understand why you think it is unethical. In
| this case I think it is unethical to obey the smart
| contract, and that what this kid did is unethical and
| should be illegal. Are you saying what he did is wrong,
| but he should be allowed to do it anyway? If so, why?
| InsideOutSanta wrote:
| _> I don't see how this is different for smart contracts,
| as opposed to, say legal contracts written in english_
|
| It's different because the whole purpose of smart
| contracts is to circumvent governmental power structures.
| Otherwise, people would use regular contracts.
|
| Technologically, it's much easier to set up a payment
| system using a centralized database in a specific
| jurisdiction and have people sign normal contracts to use
| the system. People create cryptocurrency systems to
| _avoid_ that. They put much effort into creating payment
| systems independent of existing power structures. If this
| system does not work without backup from the legal system
| and governmental power, then all that effort is
| pointless.
|
| _> I thought originally that you were in favour of smart
| contracts_
|
| I think they're interesting.
|
| _> Are you saying what he did is wrong, but he should be
| allowed to do it anyway?_
|
| Yes.
|
| _> If so, why?_
|
| Using existing governmental power structures to punish
| people who adhere to smart contracts in ways some system
| members don't like invalidates the whole system. If
| cryptosystems don't work purely technologically without
| judicial support, they don't work, period.
| tempfile wrote:
| I think you're letting the perfect be the enemy of the
| good. It seems like an obvious advantage to have systems
| that decide the outcome automatically and correctly 99%
| of the time, despite requiring occasional corrections
| from outside. That's not the same as a regular contract,
| so it doesn't follow people would always either choose
| smart contracts or traditional ones.
|
| What you're hoping for is, taken literally, impossible.
| Smart contracts can't protect people from fraud, or
| coercion. Since the law _does_ protect them from these
| things, smart contracts cannot be totally isolated from
| the legal system (even if everyone wanted this, which
| they don 't).
|
| > Using existing governmental power structures to punish
| people who adhere to smart contracts in ways some system
| members don't like
|
| Fine, but what about in ways that _the rest of society_
| don 't like?
| InsideOutSanta wrote:
| _> It seems like an obvious advantage to have systems
| that decide the outcome automatically and correctly 99%
| of the time_
|
| That's what traditional systems already do.
|
| _> Fine, but what about in ways that the rest of society
| don't like?_
|
| They don't participate in crypto.
| protocolture wrote:
| The problem is that Smart Contracts aren't sold as
| "Computer Program" they are sold as binding agreements
| forged in code. The code was agreed to by all parties.
|
| I absolutely get your position, and possibly
| hypocritically supported the main branch when ethereum
| had a big fork over exactly this issue. But its also not
| hard to see where the "code is law" guys are coming from.
| tempfile wrote:
| I don't think this matters. It's equally true of natural
| language contracts, which are litigated constantly.
| FireBeyond wrote:
| > Luckily for the rest of us, making this distinction is
| a pre-requisite for becoming a judge or lawyer.
|
| Actually, in many parts of the US, you do not have to
| have any law education to become a judge in district
| courts.
| danielmarkbruce wrote:
| It's like building a home on a land which has no system
| of law because you like anarchy, and then complaining
| when a fellow anarchist steals your stuff.
| BlackFly wrote:
| You'll need a stronger defense than that in court because
| courts absolutely create and deal in gray areas where
| technical fine lines exist.
|
| What you need to argue is that the the smart contracts were
| valid contracts that the creators intended to and had
| opportunity to understand and that their creation was their
| act of negotiation of a position. It isn't really a stretch,
| but with amounts like this probably more diligence would have
| been due than that. Calling it theft is ridiculous on the
| other hand.
| Calwestjobs wrote:
| it can be said that laws are social contract
| kulahan wrote:
| I disagree simply on the principle that nobody has any
| choice in whether or not to participate. Calling it a
| social contract just sounds too... soft? for what it
| really is.
| esperent wrote:
| > nobody has any choice in whether or not to participate.
|
| You've hit a key point of disagreement amongst
| philosophers about the idea of the social contract.
|
| Some of them say it's not voluntary because we were all
| born into a existing society, others say, sure it is, you
| can just give up all your property and go live in the
| forest.
|
| Others then reply that disabled people and children can't
| do that.
|
| But also the idea of living in a forest is not really an
| option for most people in the modern world. So my
| personal take is that the social contract is inherently
| non-voluntary in the modern world.
|
| > Calling it a social contract just sounds too... soft?
| for what it really is.
|
| Why do you think a social contract implies softness? For
| most of it's existence the social contract allowed
| slavery, ritual killing in the form of warfare and duels,
| and it still allows the death penalty in much of the
| world.
| Nevermark wrote:
| > Why do you think a social contract implies softness?
| For most of it's existence the social contract allowed
| slavery, ritual killing in the form of warfare and duels,
| and it still allows the death penalty in much of the
| world.
|
| I think they are saying that the words "social contract"
| sound more collaborative and voluntary (to them) than
| what the phrase actually refers to. Your examples would
| only reinforce that view.
|
| It is a subjective stance on a coined phrase, but given
| most of our laws were settled by people not living now,
| and enforced on people not living when the laws were
| created, and there is no periodic process of ensuring
| laws reflect the living, the words "social" and
| "contract" are being stretched quite a bit.
|
| (On the other hand, the meanings of most phrases drift
| from the nominal meanings of their constituent words.)
| dullcrisp wrote:
| I don't think something being a contract is reliant on
| there being a compelling alternative though. But then
| it's usually hard to tell what's important to
| philosophers.
| esperent wrote:
| > I don't think something being a contract is reliant on
| there being a compelling alternative though
|
| Legally, a contract must be entered into voluntarily by
| both parties. If either party is coerced into joining,
| then it is no longer considered to be a contract. I
| assume that philosophers use the same meaning of the word
| contract.
| dullcrisp wrote:
| But you'd have to draw a distinction between "I have to
| sell my company to Microsoft because they're the only
| ones with the expertise to run it," and "Microsoft sent
| someone to hold a gun to my head until I signed this
| paper even though I actually have other options."
|
| In this case it seems more like the former since no one
| is really actively combing the woods for hermits and
| forcibly integrating them into society. I guess it's not
| unimaginable for something like that to happen, but I
| don't think you could say that that's reason that most of
| us are part of society. I do guess you could argue that
| point, but the argument would have to be that society is
| actively taking away viable alternatives to force people
| who otherwise would not have to have to join it, not that
| such alternatives never existed in the first place.
| lazide wrote:
| I dare you to name a forest that someone won't try to
| kick you out of pretty quickly.
|
| The US has forest rangers, among others, as do most
| countries. Even in remote Siberia and Alaska, it likely
| won't be long before someone defending a mining claim or
| similar gets you removed or tries to shoot at you, though
| you might get long enough in some spots to live half a
| life at least.
|
| Every society I'm currently aware of has something
| similar going on, and they absolutely are trying to
| remove opportunities to stay outside of their bounds.
| RHSeeger wrote:
| But the benefit of living in a society is that those
| people that _cannot_ survive without the society, _can_
| with it. They still have the option to live outside
| society, they'll just perish. And that sucks. But by
| being part of society and gaining the benefits thereof,
| you are agreeing to follow it's rules (or suffer the
| consequences if you do not).
|
| I would not survive away from society due to medical
| needs. In exchange for being able to acquire the items I
| need to survive, I follow the constraints of living in
| that society. But it _is_ a choice. I could choose to go
| live in the woods without said benefit; and I'd die.
| Detrytus wrote:
| But the point of "living in the forrest is not an option"
| isn't that the person in question is incapable of
| surviving there. It is that the society claims ownership
| of the forrest an will punish you for trying to live
| there. I mean, try sleeping in your own car in
| California, or some other US states...
|
| That's just the nature of almost any society: they are
| actively hostile towards such outliers.
| esperent wrote:
| To be fair, this philosophical discussion originated in
| the time of Locke and Hobbes, and back then it was far
| more viable to go off and live in a forest, especially if
| you went to America to do it.
| esperent wrote:
| > But the benefit of living in a society is that those
| people that _cannot_ survive without the society, _can_
| with it
|
| Hence why it's a "contract". Both parties benefit.
| Society gets to exist, the people in it _mostly_ have
| better lives than they would living alone in a forest.
| Admittedly, that 's a low bar and we could stand to
| improving things.
| _Algernon_ wrote:
| >But also the idea of living in a forest is not really an
| option for most people in the modern world. So my
| personal take is that the social contract is inherently
| non-voluntary in the modern world.
|
| This idea is ridiculous because even if you could go live
| in a forest a large part of the enlightenment was that
| states grabbed control of the periphery (forests) of
| their domain. You can no longer run of into the forest.
| The state will still want you to fit into the existing
| ownership structures, censuses, taxation regimes, etc. If
| you commit a crime it will still be decided by the
| existing courts.
| giantg2 wrote:
| "you can just give up all your property and go live in
| the forest."
|
| And these people are wrong since the laws will still be
| applied there. If you don't own the land you are likely
| trespassing, squating, etc.
| immibis wrote:
| If you don't sign a contract you are not bound by it, and
| you are not protected by it. If the law doesn't apply to
| you, that cuts both ways: people can kidnap or murder you
| with impunity for any valid-sounding or completely-made-
| up reason.
| giantg2 wrote:
| Consent has nothing to do with signing, look at TOS. Same
| things with laws - you're subject to them just because
| you're in their domain.
| protocolture wrote:
| Social Handcuffs
| Brybry wrote:
| In the indictment[1] he's not charged with theft.
|
| He's charged with:
|
| 1) wire fraud (the smart contracts/swap exploit)
|
| 2) unauthorized damage to a protected computer (running the
| exploit on the ethereum network)
|
| 3) attempted hobbs act extortion (contacting kyberswap to
| attempt to gain control of kyberswap in exchange for return
| of some of the crypto)
|
| 4) money laundering conspiracy
|
| 5) money laundering (knowingly laundering the proceeds of
| the previous, including paying an undercover agent to help
| bypass a blacklist to do so)
|
| [1] https://www.justice.gov/usao-
| edny/media/1388036/dl?inline
| throwaway2037 wrote:
| Hat tip for that indictment document. Here is the
| official press release (parent page to your doc?) from
| the Dept of Justice: https://www.justice.gov/usao-
| edny/pr/canadian-national-charg...
| BlackFly wrote:
| Yes, I cite that in another comment. The article calls it
| theft, well specifically they say "stole" but that
| implies theft.
| pchangr wrote:
| The point of bitcoin, in words of their creator is to "allow
| online payments to be sent directly from one party to another
| without going through a financial institution." That's it.
| Braxton1980 wrote:
| >cryptocurrencies in the first place?
|
| To get 30mg oxy
| analog31 wrote:
| Money is a technology. Its purpose is whatever use you want
| to put it to.
|
| Like any technology, a money system can be designed so that
| it works well enough for a small set of intended purposes,
| and poorly for all other purposes. Moreover, its uses can be
| constrained by laws.
|
| I think an open question is whether existing laws related to
| money or property apply to cryptocurrencies. For instance,
| "theft" and "fraud" cover a lot of things, without
| specifically listing all of them.
|
| If it's ambiguous whether such laws apply to crypto, then
| sure, someone could use the legal system to settle the
| matter. In fact, using the legal system to remediate
| undesired transactions could be as good a use of crypto as
| any, if "anything goes."
| FireBeyond wrote:
| Yup. Exactly. "The code is law". Well, sometimes you learn
| you're not as good at code as you thought you were.
| -__---____-ZXyw wrote:
| This!? Which? What..? Why!?
| __MatrixMan__ wrote:
| The point of cryptocurrencies is to reward people who make
| hardware available for in-public multiparty computation. The
| point of _that_ is to be able to create rulesets and expect
| that they 'll be followed within the confines of the system.
|
| It's bonkers to me that the only rulesets people care to
| implement on such a platform are just reflections of money as
| we know it. How unimaginative. I wish we'd make something new
| rather than translating something old--bugs and all--into a
| new language.
| BobbyJo wrote:
| Hardware availability is a use case of cryptocurrency, but
| not the point. The point is a decentralized accounting
| system that no single party can manipulate, for good or
| bad. You can apply that to hardware availability, digital
| game economies, supply chain accounting, etc. but the
| _point_ of crypto is more abstract than any of that.
| Calwestjobs wrote:
| his point was correct
| godelski wrote:
| For those unfamiliar, see "The Cypherpunk Manifesto"
| We are defending our privacy with cryptography, with
| anonymous mail forwarding systems, with digital
| signatures, and with electronic money.
|
| https://www.activism.net/cypherpunk/manifesto.html
|
| Or "The Crypto Anarchist Manifesto"
| Computer technology is on the verge of providing the
| ability for individuals and groups to communicate and
| interact with each other in a totally anonymous manner.
| Two persons may exchange messages, conduct business, and
| negotiate electronic contracts without ever knowing the
| True Name, or legal identity, of the other.
|
| https://groups.csail.mit.edu/mac/classes/6.805/articles/c
| ryp...
| __MatrixMan__ wrote:
| I agree with:
|
| > the point of crypto is more abstract than any of that
|
| It has to do with operating in spite of somebody who
| would otherwise tamper with your information. It's about
| durability in the face of sophisticated adversaries.
|
| I was trying to get at the point of crytocurrency. The
| accounting system can handle anything at all, so why
| bother with the coins? We've had coins for thousands of
| years, they're the most boring app imaginable. Why bother
| maintaining artificial scarcities when we could be
| addressing real ones?
|
| But at the end of the day, if nobody provides hardware
| for it to run on, then, we can't have that accounting
| system. And those people have to pay their electric
| bills, and for the hardware they're using, and for that
| they need something money-shaped. The point of
| cryptocurrency is to be that money-shaped thing. We need
| it to interface with the traditional finance system until
| we can replace that system with something better.
| throwpoaster wrote:
| Let's do it! What's the idea?
| __MatrixMan__ wrote:
| A list of ways people can trust each other (e.g. to be a
| skilled plumber, or to be a fair mediator, to be a real
| human, to not let their key get compromised, and many
| other things). I call these colors.
|
| Also there's a directed graph where the nodes are users.
| Edges on this graph indicate that this user trusts that
| user, the edges are colored to indicate which type of
| trust it is.
|
| Given two users, they can compare graphs to decide if
| they both trust (transitively) any other users in some
| set of colors. Also, if cycles appear, then that cycle is
| a community of experts and they can follow the graph in
| reverse to find out which other users consider them
| experts.
|
| It's sort of like how we have representatives in
| congress, except instead of being one layer deep with
| millions of people being represented by one, it can be as
| nested as needed to ensure that the experts are not
| overloaded (since many of us are somewhere in the middle,
| we distribute the load by playing both roles--depending
| on who we're dealing with). It also differs from typical
| representative democracy because you can express trust in
| somebody's diplomacy and simultaneously avoid trusting
| their understanding of economics (or whatever other
| colors you care to).
|
| Ideally it would be a system in which the most trusted
| and capable people for any job are easy to find and easy
| to support, and in which we focus on becoming skilled and
| trustworthy rather than on the ownership of scarce
| things.
|
| Human societies already work like this, they have for a
| million years or so, but it stops working well when the
| cognitive burden of walking all of these trust graphs
| becomes too much to bear, then things get authoritarian.
| We now have the technology to scale it better, but the
| implicit non-specialized authorities are still in charge.
|
| A couple of applications for this that could work in the
| near term:
|
| 1. If you have a dispute, you can use the data find a
| mediator who is trusted by you and the other party. And
| not just trusted, but trusted in the relevant way. This
| is a step towards a better court system, better because
| the arbiter is explicitly trusted by the complainants and
| because the arbiter is an expert in the color of the
| complaint.
|
| This would solve the well-somebody-needs-to-be-able-to-
| undo-the-transaction problem without invoking a bank and
| without leaving it unsolved. The transaction arbitrator
| would be determined by the trust settings of the parties
| to the transaction. There's a lot more consent and
| specificity in that than in what we're doing.
|
| 2. If you find a dubious claim, you can see who signed it
| and check for a trust path between you and that person.
| 1,000,000 fake amazon reviews mean nothing through that
| lens, since you don't trust them. But two or three
| reviews signed by people that you explicitly trust
| (perhaps transitively) would mean a great deal. This
| gives us a way to ignore scammers and malicious AI's and
| creates a space in which being trustworthy is an asset
| (contrast this to the world we've built which is more
| about commanding the most attention).
|
| I'm not saying I have it right, but such things are worth
| trying in general, and "crypto" isa much better medium
| for them than bureaucracy (although I'm more excited
| about CRDT's than blockchains, because I think partition
| tolerance is more important than consistency).
| oh_my_goodness wrote:
| Guessed translation: "The point of cryptocurrencies is to
| reward the people who do cryptocurrency infrastructure."
|
| That's the point for them. It's not the point for anybody
| else.
| Jasper_ wrote:
| But how do you reward people within the system? You need
| some sort of token with value...
| __MatrixMan__ wrote:
| You could contribute to a goal that they care about, or
| give them something they need, or help find somebody who
| will. Or you can promise to do so in the future.
|
| Using "value" as a medium is problematic because we
| increasingly don't value the same things. It worked ok
| back when food took so much effort to grow that securing
| it represented a significant portion of our mindshare.
| Then money was reliably a proxy for our shared agreement
| that food was good.
|
| But now that it's so much easier to make the necessities
| that we agree on, we spend more time perusing
| contradictory outcomes. Which is more valuable, if my
| endeavor succeeds and yours fails, or visa versa? Whose
| agenda am I furthering when I decide to value a dollar?
| It's hard to participate in because I can never figure
| out whether I'm hurting or helping.
|
| Better would to let people be explicit about what they
| want so that we can the things that have consensus and
| work towards those. As it is we're letting the ownership
| of scarce abstractions determine what gets done, which is
| just bonkers. It was once the best we could do with only
| the laws of physics at hand to enforce the rules (re: the
| scarcity of gold), but now we can do better.
| CPLX wrote:
| I mean you can believe in cryptocurrency. But why do courts
| have to believe in it?
| gamblor956 wrote:
| "Code as law" was attempted as a defense in another token-
| related "hacking" case.
|
| It didn't work there, and it won't work here either.
|
| _If you end up using the legal system to remediate undesired
| transactions, what 's the point of cryptocurrencies in the
| first place?_
|
| That is a philosophical argument completely unrelated to
| whether or not something is illegal. Cryptocurrencies aren't
| a replacement for the law, nor do they stand outside of it.
| 2muchcoffeeman wrote:
| I feel like the current state of affairs is a consequence
| of mixing real money systems with crypto and then making it
| easy to invest in.
|
| Because it sure looks like they intended for "code is law"
| to be the case. Many of the oft cited use cases were to
| circumvent traditional systems.
| andy81 wrote:
| > That is a philosophical argument completely unrelated to
| whether or not something is illegal.
|
| Most comments saying that cryptocurrency holders should
| abide by "code is law", are not actually saying that we
| should abide by "code is law" and abandon the legal system.
|
| It's a classic argument to show that the purported benefits
| of cryptocurrency are a farce.
| nkrisc wrote:
| > If you end up using the legal system to remediate undesired
| transactions, what's the point of cryptocurrencies in the
| first place?
|
| In this case, to make money. These are not ideological
| purists, they're capitalists.
| Taek wrote:
| Just because some subsets of the crypto industry want to
| operate entirely outside the law doesn't mean the whole
| industry wants to operate outside the law. As evidenced by
| anyone who pays taxes on their crypto.
|
| Saying "he used the system as it was designed, even if not as
| intended" is more or less equivalent to saying that any
| computer hack or zero day is also "using the computer system
| as designed".
|
| You even plausibly extend that to picking locks in the
| physical world.
|
| So yes, it does make sense for the law to get involved.
| protocolture wrote:
| If a smart contract requires a court to execute you really
| should have just used a regular contract no?
| EGreg wrote:
| No. Definitely not.
|
| Smart contracts are supposed to eliminate a huge swath of
| disputes, so often people don't need courts at all.
| People can put business rules in place that aren't
| violated - and not just for contracts.
|
| For example bidders at Christie's and Sotheby's sometimes
| don't have the money but the houses can't make a big
| scandal. They try to hold another auction and sell it to
| someone else as if the guy sold it.
|
| In crypto it would be trivial to endure bidders have put
| up the money. You can refund the lowest bidder below N
| winners. You can also ensure payouts happen at agreed-
| upon rates. You can prove escrow. And stuff like that.
|
| Imagine a bunch of donors or investors seeing how their
| money is spent because it is on the blockchain. Or
| imagine a community having roles and knowing that each
| role was granted properly.
|
| In web2 anyone who can get into the database can modify
| any records and then you hope court cases and chilling
| effects will undo the damage retroactively.
| protocolture wrote:
| >Smart contracts are supposed to eliminate a huge swath
| of disputes, so often people don't need courts at all
|
| That just sounds like near total agreement with me.
|
| Dont get me wrong, I love smart contracts conceptually.
| But if the parties to a smart contract desired court
| arbitration, they should include a function for it in the
| smart contract. Like a swing vote for a trusted third
| parties keys.
|
| Without that, to me, you are signalling acceptance of the
| outcome of the code without arbitration. If you seek a
| court to interfere with the execution of a smart contract
| that never included a provision for arbitration then you
| are in my mind, as guilty of ignoring the intent of the
| smart contract as any hacker might be.
|
| And if you were just going to court to dispute the smart
| contract, you may as well just have accepted a legacy
| contract. Escrow, multiple parties, etc etc all solved
| problems in the traditional legal space.
| EGreg wrote:
| The key is that the smart contract framework introduces a
| feature that is used let's say 2% of the time.
|
| So I disagree even if you used that feature of the
| framework, that you "may as well have used a non smart
| contract".
| unsupp0rted wrote:
| > In crypto it would be trivial to endure bidders have
| put up the money.
|
| And also not in crypto, as has been done for thousands of
| years
| Taek wrote:
| Smart contracts give you a lot of financial automation
| and guarantees that regular courts do not. Furthermore,
| any litigation or arbitration in court is very expensive.
| If you can use smart contracts to simultaneously increase
| the complexity and sophistication of your transactions
| while also reducing the number of times you need to go to
| court, you've created value.
|
| And, a lot of crypto projects do pair their smart
| contracts with regular contracts, or at the very least
| with ToS
| ellen364 wrote:
| It seems more like a contract dispute to me. My first
| thought is that a commercial court could decide who keeps
| the money.
|
| (Clearly in the real world the American authorities have
| decided it's a criminal matter. I just find it odd that a
| "smart contract" dispute falls under criminal rather than
| commercial law.)
| Vegenoid wrote:
| > If you end up using the legal system to remediate undesired
| transactions, what's the point of cryptocurrencies in the
| first place?
|
| Agreed, but there is already a very similar case where "code
| is law" was tested, and failed:
| https://www.justice.gov/archives/opa/pr/man-
| convicted-110m-c...
|
| It turns out that once a financial system becomes big enough,
| the US will apply its finance laws to it. Finance laws are
| designed to prevent sudden unexpected transfers of wealth
| from one (wealthy) unwilling party to another based on
| unanticipated loopholes.
| wnevets wrote:
| > what's the point of cryptocurrencies in the first place?
|
| To funnel cash to regimes like North Korea
| lupusreal wrote:
| > _If you believe in cryptocurrencies, you can 't run to the
| courts when people use them as designed_
|
| Shouldn't, but _can_.
|
| Anyway, you're assuming most of these crypto people are true
| believers in the technical attributes of crypto currencies,
| but I think most of them don't understand or care about that
| and are just trying to get rich.
| echoangle wrote:
| Is that how it works legally? If you hack into computers using
| a zero day, did you also just access the computer according to
| the way it was programmed? Just because you can do it
| technically doesn't mean it's not fraud/something else.
| cherryteastain wrote:
| If that's not how it works, where's the line for what is
| fraud and what is not? Once you move away from the "code is
| law" principle, companies have the perverse incentive to
| define fraud as "any transaction that results in negative PnL
| for me", which is exactly what happened here.
| freejazz wrote:
| What does one have to do with the other? Fraud is
| "intentional deception to gain an unfair or illegal
| advantage, often resulting in financial or legal harm" what
| does that have to do with code? What could code even do
| about fraud?
| cherryteastain wrote:
| If fraud is "intentional deception", who did this guy
| deceive? Everything was out in the open.
| freejazz wrote:
| What does that have to do with my question?
| dan-robertson wrote:
| Isn't, in the US system, the definition of fraud built up
| through a combination of legislation and case law from
| previous 'grey area' cases? I think most laws tend to have
| some balance between what is easy to define/understand and
| what is desirable to allow/disallow.
| echoangle wrote:
| ,,Code is law" isn't a thing. Go tell a judge that your
| hacking is legal because the code allowed it. That's not
| something that's allowed by law.
| archontes wrote:
| Imagine I write a contract and empower an AI to execute
| it. I put $10,000 in a bank account and write, "I'd like
| a nice car."
|
| I do this of my own free will, at my own hazard. I know
| I'm playing this game. I have intentionally elected to
| use a system that will execute without any further
| intervention or oversight on my part. Verbally, I state
| that I am confident enough in the writing of my
| instruction that I feel secure in whatever outcome it may
| bring.
|
| The system automatically executes and someone has sold me
| a very nice remote control car.
|
| I sue that person.
|
| Why should I have standing?
| olddustytrail wrote:
| Like buying from eBay?
| cherryteastain wrote:
| I am well aware that "code is law" has no weight in
| actual law. The point I tried to raise was, given the
| following sequence of events:
|
| 1. You deploy a smart contract to the ethereum blockchain
|
| 2. I interact with your smart contract in some manner
|
| how do we define whether the manner of interaction in
| step 2 is fradulent or not?
|
| "Code is law" is one interpretation by crypto enthusiasts
| to define under what conditions interacting with the
| blockchain is fraud; in their definition, it's never
| fradulent.
|
| Let's assume "code is law" is nonsense, as many comments
| here say. Then, under what conditions do we define
| interacting with the blockchain as fradulent? What is
| fraud and what is not fraud?
|
| Edit: In the blockchain we can even formalize this. The
| ethereum blockchain at block K has a certain state S_K. I
| submit a certain transaction/set of instructions T to the
| blockchain which is mined as block K+1. How do we define
| a function isIllegal(S_K, T)? (Assuming block K+1
| contains EVM instructions from my transaction T only)
| danielvf wrote:
| The physical universe advances from state to state, but
| we define still can call certain behaviors illegal.
|
| https://xkcd.com/1494/
| cherryteastain wrote:
| Alright, please go ahead and define under what legal
| pretext this guy's behavior might be illegal.
|
| There are other cases where interacting the blockchain is
| illegal in a very clear manner. Example: if I know an
| Iranian or North Korean entity has the keys to an
| Ethereum wallet, and if I send USDT to that wallet as a
| Western citizen, that is very illegal due to sanctions.
| danielvf wrote:
| There is a US indictment which lays out the basics of the
| which laws Medjedovic is accused of breaking.
|
| https://www.justice.gov/usao-edny/pr/canadian-national-
| charg...
| echoangle wrote:
| You're never going to find a binary function that tells
| you if something is legal or not, in the end it's up to a
| human judge to decide. But imagine setting up a search
| engine and I enter " Robert'); DROP TABLE INDEX; --" as a
| search term. Would you say that's a crime? That's a
| perfectly fine thing to search for, right?
| cherryteastain wrote:
| Yes, perfectly fine, and the fact that you can paste that
| string into this website without being put in prison is
| testament to that!
| Hizonner wrote:
| > You're never going to find a binary function that tells
| you if something is legal or not, in the end it's up to a
| human judge to decide.
|
| ... but the whole point of cryptocurrency, or at least of
| smart contracts and "DeFi", is to reject that and try to
| build a parallel system. That's presumably based on a
| belief that you _can_ write code that behaves the way you
| intend, regardless of whether you really can do that or
| not.
|
| So perhaps the judge should decide "Well, you signed up
| for that when you tried to opt out of having human
| judgement govern your deals. Have a nice day.".
|
| And in fact perhaps there should be formal statutory law
| that makes it clear that's what the judge is supposed to
| decide in any case that isn't itself "borderline"
| somehow. Which the case at hand shouldn't be.
| echoangle wrote:
| If I put up a sign ,,trespassers will be enslaved" on my
| property and then force people who trespass to work for
| me, would that be fine because they knew what they were
| getting into? You can't just create your own justice
| system which contradicts the real one by making
| contracts.
| Hizonner wrote:
| You _can_ give away your money by making contracts.
| IanCal wrote:
| > ... but the whole point of cryptocurrency, or at least
| of smart contracts and "DeFi", is to reject that and try
| to build a parallel system.
|
| No, it isn't. It might be some peoples desire around it,
| but by no means all (or even most).
| Hizonner wrote:
| It doesn't add any other value whatsoever, so I'm having
| trouble with that assertion.
| Xelynega wrote:
| That's neat, but the bitcoin whitepaper opens with:
|
| > Abstract. A purely peer-to-peer version of electronic
| cash would allow online payments to be sent directly from
| one party to another without going through a financial
| institution. Digital signatures provide part of the
| solution, but the main benefits are lost if a trusted
| third party is still required to prevent double-spending.
|
| Why do you think you can dismiss the obvious claim that
| cryptocurrencies are a form of decentralized finance with
| a "no, it isn't"?
| mschuster91 wrote:
| > Let's assume "code is law" is nonsense, as many
| comments here say. Then, under what conditions do we
| define interacting with the blockchain as fradulent? What
| is fraud and what is not fraud?
|
| The thing is, laws can have issues and bugs as well, just
| like code! And we have courts to judge not just when
| someone outright breaks a law but also when someone is
| skirting on the edges of the law.
|
| Take Germany's "cum ex" scandal for example. Billions of
| euros were effectively defrauded from the state and on
| paper the scheme appeared legally sound, but in the end
| it was all shot down many years later because the actions
| of the "cum ex" thieves obviously violated the spirit of
| the law.
|
| The only difference is that blockchains are distributed
| worldwide and there is no single entity that can be held
| accountable and forced to execute or reverse any given
| transaction.
| TimPC wrote:
| The context is completely different though. Building a
| normal computer app is not an attempt to do anything
| without government or legal structures so it makes sense
| that normal computer apps would be protected by
| government or legal structures.
|
| It doesn't really make sense for people to build smart
| contracts that are intended to be an extra-judical
| agreement where the code enforces the rules and then run
| to government whenever something they don't like happens.
| What is the purpose of smart contracts at all if you
| still need the entire legal apparatus around them?
|
| What does agreeing to a contract that inherently implies
| trying to work around the need for government in
| contracts means? What does it say about intent?
|
| If for example, the firm that lost money had been saying
| "Code is Law" in their previous pro-crypto statements and
| had explicitly talked about smart contracts being extra-
| judical it seeems there intent would be to avoid legal
| intervention entirely and it would require a fairly high
| bar to argue that any bug could result in a lawsuit.
| cellis wrote:
| It may not pass muster with a judge in some backwater,
| but with one in the Northern District of California or a
| jury of their HN peers, it might. Laws are what we make
| them.
| crispyambulance wrote:
| He should have taken the significant and generous 10% bounty
| the first time around. He now has to face law suits by well-
| funded finance firms.
| DangitBobby wrote:
| It seems like he simply faces a very wealthy existence in
| countries that don't give a shit about US laws.
| knodi123 wrote:
| Assuming he can get his hands on the tokens and then
| convert them to local currency. Not impossible, but it's
| worth noting that he still hasn't managed.
| Aurornis wrote:
| > He did not steal anything. He beat the fund (Indexed Finance)
| at their own game.
|
| As popular as this idea is online, it doesn't work that way in
| the courts.
|
| Intent matters in issues of the law. The "finders keepers"
| rules don't apply in legal matters in the real world.
|
| If someone logs into their bank and notices that changing the
| account number in the URL lets them withdraw from other
| people's accounts, no court is going to shrug it off and say
| that it's the bank's fault for not being more secure. Likewise,
| finding a vulnerability in a smart contract doesn't
| automatically give someone the right to any funds they collect
| from exploiting it.
|
| We all know the "code is law" arguments about smart contracts
| are just marketing bluster. The lawyers do, too.
| mjr00 wrote:
| The big difference is that those are centralized systems
| owned by corporations, and accessing them in a way which
| you're not supposed to, such as by changing a bank account
| number or exploiting a zero day, is a crime.
|
| With DeFi it's different; the code is public and
| decentralized. There was no unauthorized access to anything
| here. From my reading of what was done, it was essentially
| taking advantage of the poor trading strategy of Indexed
| Finance.
|
| I'm not going to pretend to be a lawyer, but I don't see a
| lot of parallels between this and e.g. using SQL injection to
| obtain unauthorized access to a system.
| ajb wrote:
| I'm not a lawyer either, but I suspect the technical
| structure is not determinative. Contract law has certain
| features. These technical constructs purport to enable
| contracts to be written and executed such that subsequently
| the courts cannot but find that what the code did is final
| and there is no possible legal reconsideration. Clearly,
| this is the prior expectation of the parties, but whether
| it is the case under all circumstances is a function of
| contract law (and other applicable law) not the technical
| constructs. The code is not what will finally be
| determinative.
|
| To give an analogy, it's like writing code in a high level
| language and saying that it will prevent side channels such
| as spectre. But such side channels are a function of the
| hardware, not the high level language. The hardware in defi
| is ultimately the law, not the servers.
| ryanjshaw wrote:
| > I suspect the technical structure is not determinative
|
| Correct. The courts care about intent, structure is
| secondary.
|
| This is the classic "you don't get to walk into my house
| just because you found an unlocked door" that HN users
| struggle to understand when the digital equivalent is
| under discussion e.g. an unsecured API.
| mjr00 wrote:
| > This is the classic "you don't get to walk into my
| house just because you found an unlocked door" that HN
| users struggle to understand when the digital equivalent
| is under discussion e.g. an unsecured API.
|
| Except this is not how DeFi and dApps work. The network
| is decentralized. At no point was any unauthorized access
| to a system performed. This is not the same as entering
| private property through an unlocked door, or using SQL
| injection to gain unauthorized access to a system.
|
| This is not to say Medjedovic is innocent; he made
| extortionist threats, and gleefully admitted he stole
| money from people, so wire fraud charges seem obvious. As
| you say, the courts care about intent, and his intent was
| clear. _But_ you can 't apply the normal charges of
| accessing a computer without authorization here.
| stef25 wrote:
| > his intent was clear
|
| Would it be fair to say his intent was to enrich himself
| by using this platform's features ? And bonus points: "is
| that a crime" ?
| ryanjshaw wrote:
| His intention was to defraud the DAO; similar case that
| resulted in conviction:
| https://www.justice.gov/archives/opa/pr/man-
| convicted-110m-c...
| mjr00 wrote:
| You can look through the indictment yourself -
| https://www.justice.gov/usao-edny/media/1388036/dl?inline
|
| Among other bits:
|
| > MEDJEDOVIC understood that his conduct circumvented the
| intended functioning [...] MEDJEDOVIC discussed a plan to
| "steal crypto," referred to the exploit as involving
| "glitch" and "fake" liquidity, and described the code for
| the exploit as a "rape."
|
| > MEDJEDOVIC also prepared a "POST-EXPLOITATION" plan for
| himself, which included, among other things, " _KEEP the
| configs_ Burn the evidence, including the histfile" and "
| _Book flight to:_ Pack Bags," as well as another file
| labeled "Decisions and Mistakes," in which he wrote,
| "Going On the run / Yes / Chance of getting caught<Payoff
| for not getting caught"
|
| > Immediately after obtaining the flash loan, MEDJEDOVIC
| wrote "Raping Now" in the public event long for the
| transaction.
|
| There's _extremely_ strong evidence that he believes he
| 's committing a crime, and specifically "steal[ing]
| crypto" in his own words, so yes. And when you have
| records effectively saying "I believe I am committing a
| crime", it becomes a lot easier to convince a jury you
| committed a crime.
| ryanjshaw wrote:
| Thanks for this; so we have: wire fraud, money
| laundering, and an interesting charge "unauthorized
| damage to a protected computer" that sees the Ethereum
| EVM as a distributed computer...
| mjr00 wrote:
| Yeah, this one is very interesting; the charge is for
| "intentionally caus[ing] damage without authorization to
| one or more protected computers, including the Ethereum
| Virual Machine (EVM), which was implemented through,
| among other nodes, a full Ethereum node running in the
| Eastern District of New York."
|
| This seems ambitious. The implications seem quite dire;
| if I'm running a full Ethereum node do I have the ability
| to say which smart contracts are "authorized" to execute
| on my implementation of the EVM? If I see a smart
| contract do a trade I don't like, is someone committing a
| crime against me? I don't think this will stick if
| Medjedovic ever goes to court.
| ryanjshaw wrote:
| My example was an meta comment about how HN users confuse
| means vs motive.
|
| In this particular case, however, we're talking about
| fraud not unauthorised access, see a very similar case
| here which resulted in a conviction:
| https://www.justice.gov/archives/opa/pr/man-
| convicted-110m-c...
| Hizonner wrote:
| The _intent_ of the whole underlying system is that the
| _intent_ of all the parties be described by code of the smart
| contracts. Which are _intended_ to be composable, _intended_
| to be used in unanticipated ways, and _intended_ to operate
| independent of any human oversight. The system is also
| _intended_ to avoid all ambiguity by enforcing the contracts
| exactly as described by the code... and to provide certainty
| of transactions and prevent them from being undone after the
| fact.
|
| Everybody involved knows all of that, and claims it as a
| positive feature of the system. At least until they find out
| that it's actually hard to write bug-free code.
|
| There may indeed not be a legal "meeting of minds" (although
| there very well also _may_ )... but from an _ethical_ point
| of view, everybody involved knowingly signed up for _exactly_
| that kind of risk. And honestly it would be good _public
| policy_ if the law held them to it. Otherwise you get people
| trying to opt out of the regular legal system up until it 's
| inconvenient.
|
| There'd be more of a case if he'd exploited the underlying
| EVM implementation. But he didn't. He just relied on the
| "letter" of a contract, in an environment that everybody had
| _sought out_ because of unambiguous to-the-letter
| enforcement.
| paulcole wrote:
| > intended to be used in unanticipated ways
|
| Am I an idiot or is it unclear why this is the intention?
| DavidPiper wrote:
| I assume OP means it in the sense that the system intends
| novel uses that the designers didn't necessarily
| consider. Same with programming languages (or language in
| general), for example.
| ryanjshaw wrote:
| You're assigning a set of beliefs to an entity that doesn't
| hold them. The authors of the code are pursuing the matter
| in court i.e. they see smart contracts as an _efficient
| decentralised solution_ to a complex problem _within_ the
| existing legal framework.
| golol wrote:
| Exactly this. If what is written on the blockchain is not
| the law in the context of anything involving blockchains
| and DeFi, then the whole idea of blockchains and
| _decentralized_ finance is pointless.
| stouset wrote:
| The entire point of cryptocurrency contracts is supposedly
| that "code is law". Running to the courts as soon as someone
| does something you didn't intend only highlights that people
| don't actually believe this.
| ceejayoz wrote:
| We've known this since Ethereum forked in the DAO debacle.
| stouset wrote:
| We have, it's just yet another counterexample that tanks
| the arguments of True Believers.
| ipsento606 wrote:
| > If someone logs into their bank and notices that changing
| the account number in the URL lets them withdraw from other
| people's accounts, no court is going to shrug it off and say
| that it's the bank's fault for not being more secure
|
| When you open a bank account, there is an actual contract and
| regulatory framework that governs how you use the account. A
| URL parameter is an implementation detail that no more alters
| the contract than a broken lock on a vault would alter the
| contract.
|
| But when you interact with a smart contract, the smart
| contract _is the contract_. What you are allowed to do is
| defined by what the smart contract lets you do. You don 't
| need to open an account, agree to T&Cs or sign any other sort
| of contract to interact with the smart contract.
|
| If the smart contract is not the contract, how would you
| propose we can determine what the real contract is?
| ryanjshaw wrote:
| > when you interact with a smart contract, the smart
| contract is the contract
|
| This is one viewpoint but certainly not the only viewpoint
| and definitely not the viewpoint of the authors of the
| contracts in question.
|
| Smart contracts are a novel method of executing contracts,
| but like all contracts the parties involved and the
| contract itself is subject to legal oversight in the
| relevant jurisdictions.
| danielvf wrote:
| The camera shows night in the Wild West.
|
| A masked man creeps through the shadows of a sleeping town.
|
| He looks both ways, then uses a knife to unlatch a door from
| the outside. He slips into near pitch blackness. He moves
| confidently in the darkness - he's worked for this bank before,
| checking on their security from theft.
|
| Out comes his lock picking tools - the bank president's office
| door opens with a quick rake. Cheap lock.
|
| Inside, with no windows to betray him, he lights a candle.
| There in the corner stands the safe. He knows it inside and
| out, and has been practicing. Five minutes later, the lock is
| picked, and he loads up the gold, cash, and bonds inside.
|
| He puts the candle out, slips back outside, and returns to his
| room at the lodging house, climbing in through the window.
|
| The next morning, with the discovery of missing gold, the town
| looks like someone kicked over a fire ants nest. It only takes
| 30 minutes before people start wondering about "bank security
| expert" who had just been in the bank every day.
|
| A crowd heads over the boarding house, growing in size as it
| goes.
|
| "Did you steal our money?", they ask?
|
| "ABSOLUTELY NOT," he replies, "I merely used my immense mental
| powers to out hink several flawed physical security measures,
| breaking no laws of physics, in such a way that the gold, cash,
| and bonds previously belong to you are now in my possession,
| and now belong to me. No theft has taken place, only the
| movement of certain levers, of which anyone who knew how could
| move, and the movement of afterwords of certain goods."
|
| "So you stole our money!!", the town shouted.
|
| "No, no, I just interacted with the universe according to its
| very own publicly available rules. No theft has occurred!"
|
| An old cowhand, covering him with double barrel, spoke up,
| "Walll, guess he's right. We deserved to lose all that money.
| He did nothing wrong at all."
|
| Everyone left, impressed with his genius.
| DangitBobby wrote:
| Yes, running transactions for asymmetric benefit allowed by
| code on a platform underpinned by a technology whose
| proponents espouse "code is law" is at all comparable to a
| man picking a lock on a bank safe. Very astute.
| danielvf wrote:
| In this case the only person espousing the idea of "code is
| law" is the hacker. Neither the blockchain's builders, nor
| the hacked protocol, nor the users are saying that.
|
| "code is law" is a meme that primarily lives on hacker
| news. Only a tiny fraction of crypto people believe it or
| say it.
| ceejayoz wrote:
| This is revisionist history.
|
| https://www.bitget.com/news/detail/12560604358718
|
| > In April 2016, in Switzerland, the Slock.it team was
| introducing their ambitious plan: The DAO, a
| decentralized investment fund governed entirely by code.
| "Imagine a fund with no board, no CEO," founder Christoph
| Jentzsch explained, "all decisions are made by token
| holders through smart contract-based voting. This is the
| ultimate realization of 'Code is Law'."
|
| https://x.com/VitalikButerin/status/1188511660387889153
| olddustytrail wrote:
| Is the "Slock.it team" not a tiny fraction of crypto
| people?
|
| I find it difficult to believe they're a large majority.
| ceejayoz wrote:
| The DAO was not some small, fringe project in the crypto
| world.
|
| Per Wiki:
|
| > As of May 2016, The DAO had attracted nearly 14% of all
| Ether tokens issued to date.
|
| Vitalik Buterin is, uh, pretty notable, too.
| meepmorp wrote:
| > The camera shows night in the Wild West.
|
| > A masked man creeps through the shadows of a sleeping town.
|
| > He looks both ways, then
|
| ... walks into a casino, realizes there's a flaw in how they
| shuffle and deal cards, and then makes a shit ton of money
| exploiting this weakness.
|
| After losing a shit ton of money because they didn't plan for
| someone to play the game in an unexpected way, the owners of
| the casino demanded the money back.
|
| "Did you steal our money?", they ask?
|
| "ABSOLUTELY NOT," he replies, "I didn't get any non-public
| information, I didn't manipulate the deck, and you have yet
| to point to a single hand that was not played entirely within
| the stated rules of the game. You're just mad because I
| noticed that you fucked up and bet accordingly."
| olddustytrail wrote:
| They all beat the shit out of the asshole and took their
| money back.
|
| "There's always another moron tries that one", they laughed
| as they walked away.
| Yizahi wrote:
| Code is lol. Oh, sorry, meant to say Code is Law. :)
| moralestapia wrote:
| Indexed Finance's mistake was not being Vitalik Buterin and
| then putting on a sad face and ask for the shitcoin to fork to
| a version where they didn't screw up.
| sksxihve wrote:
| Code is law went out the door with the ethereum hardfork after
| the dao hack.
| stefan_ wrote:
| Funny, because it would never have happened if it was court
| ordered.
| Calwestjobs wrote:
| (realizing that im so old. if this is what i totally forgot,
| what else of this magnitude of signifince i do not remember
| anymore. that i was part of/ was involved/ it affected me.)
| aqme28 wrote:
| This makes no sense. I agree with you that code is not law,
| but the incident you're talking about wasn't law but
| community-driven consensus.
| darepublic wrote:
| The code is law thing is a grey area. But I am open to the idea
| that this young man did not break any rules, just found flaws
| in the system. In the same way that card counting should not be
| against the law just because it resulted in the house being
| disadvantaged. These things should be addressed with patches to
| the rules, not legal action.
| Calwestjobs wrote:
| be careful with card counting, most casinos do "business" in
| such way that there is NO advantage for player. no matter
| what player does.
|
| so all american youtube sagas about doing card counting in
| PRESENT time are fraud to dupe people into thinking that it
| is possible to card count. NOW TODAY.
| StanislavPetrov wrote:
| Card counting is still possible (albeit a bit harder) in
| the present day - the mathematics are the same. Most
| casinos use more decks and don't deal as deeply into the
| shoe, but it is still entirely possible to gain a
| statistical edge over the house, which is why casinos will
| still ban you from playing blackjack if you are playing
| with an advantage(counting, varying your best sizes greatly
| based on the count, sitting out and watching until the deck
| gets deeper, ect). They will never ban you from games like
| Roulette, where you there truly is no way to gain an
| advantage over the house regardless of what strategy you
| use.
| reaperman wrote:
| > Roulette, no way to gain an advantage over the house
| regardless of what strategy you use.
|
| These days that's probably true but it has been done:
| https://www.roulettestar.com/people/joseph-jagger/
| selcuka wrote:
| He was a smart man:
|
| > After the second day, Jagger kept a clear head and
| decided that enough was enough, and left Monte Carlo to
| head home to Yorkshire with his winnings.
|
| > When he got home, he retired from the Mill and invested
| some of his winnings into property.
| KoolKat23 wrote:
| It's not really a grey area, there is a tacit contract with a
| mutually understanding that they will use the code to fulfil
| certain items in the contract, it doesn't take away the need
| to fulfil the rest of the parties obligations.
| gamblor956 wrote:
| In the real world, code is not law. Computers are not a magical
| gateway to another reality where existing laws and rules no
| longer apply.
|
| What matters is if Medjedovic engaged in activities that would
| be illegal in the process of acquiring the funds from Indexed
| Finance. A theft is theft whether it is physical or digital;
| victims aren't required to have perfect security and criminals
| are not allowed to exploit weaknesses to just take something
| that belongs to someone else.
|
| Medjedovic is accused of exploiting "glitches." From a legal
| perspective, that would be no different from a thief exploiting
| a "low" wall or an unsecured window. Glitches aren't
| invitations any more than an open window. In other words...not
| a defense. (And in the U.S., specifically see the Avraham
| Eisenberg case, which is basically the same fact pattern.
| Eisenberg lost. His sentencing was postponed to last week but
| appears to have been postponed again.)
|
| Then he skipped town after he was ordered by a court to put his
| tokens into escrow. If he truly believed that "code is law" and
| that the tokens were rightfully his, he wouldn't have skipped
| town. At that point...his own actions demonstrated that he
| didn't believe that what he did to acquire the tokens were
| legit. (The Fugitive notwithstanding, innocent people don't
| run.)
|
| Then he "exploited glitches" for another DeFi. See above.
|
| Then he attempted to launder the tokens...with some guy he
| found on the internet. Someone who legitimately believed that
| they legally owned the tokens would have hired lawyers, not
| money launderers, to gain access to their property. (Aside: any
| money launderer willing to launder money for a stranger is
| almost certainly undercover law enforcement...)
|
| Then he moved to a country without an extradition treaty, and
| in the past few months has been spouting racist far-right
| nonsense in the hopes of getting pardoned.
|
| Is he guilty? His own actions say that even he thinks he is.
| garfield_light wrote:
| Irrelevant, his thoughts in the matter or him being a
| shithead don't make the unintended use of a smart contract
| illegal or not. This is just usual case of Wilhoit's Law by
| shitcoin peddlers.
|
| > There must be in-groups whom the law protects but does not
| bind, alongside out-groups whom the law binds but does not
| protect.
|
| They are outside of regulatory scrutiny but god-forbid
| someone uses the same excuses to take their funny money.
| poochkoishi728 wrote:
| He can believe the tokens are rightfully his, and still
| believe that authorities don't see it his way. Like if you're
| in Salem and know you're not a witch, you'd want to take off
| too and chill in no-extradition treaty countries, so you
| don't get boiled alive by people with different outlooks.
|
| I like the analogy of an unsecured window. It doesn't seem to
| apply to a hypothetical (idk specifics of this company)
| purely private company in some crypto-friendly country that
| doesn't have any ties to the rule of law.
| TacticalCoder wrote:
| https://www.justice.gov/usao-sdny/pr/former-security-enginee...
|
| From that link:
|
| _" U.S. Attorney Damian Williams said: "Today, Shakeeb Ahmed
| was sentenced to prison in the first ever conviction for the
| hack of a smart contract and ordered to forfeit all of the
| stolen crypto. No matter how novel or sophisticated the hack,
| this Office and our law enforcement partners are committed to
| following the money and bringing hackers to justice. And as
| today's sentence shows, time in prison -- and forfeiture of all
| the stolen crypto -- is the inevitable consequence of such
| destructive hacks." _
|
| The undisputable matter of fact is this: there have already
| been several cases of people who thought they could invoke the
| _" (smart contract) code is law"_ argument to outsmart judges
| and the legal system.
|
| But that's fantasy. In practice these people, when caught, go
| to prison.
|
| > Indexed Finance is an unlicensed investment firm. The
| promoters knew the risk ( decentralized finance) and now they
| want to blame someone who outsmarted them at their own game.
|
| And DeFi exchanges are "unlicensed brokers". And yet I posted a
| case where the hacker who "outsmarted" them is now in prison:
| how smart one has to be to end up in prison right?
|
| Post me a case where an "unlicensed investement firm" sued a
| thief who "outsmarted them" and where the judge decided to let
| the thief walk free.
|
| For I posted a case from justice.gov to prove my point.
| programjames wrote:
| Next we're going to learn that winning Poker Bots with an "all
| in" strategy is defrauding the competition.
| cvoss wrote:
| This is a tiresome argument. Stealing is a moral concept first,
| and a legal concept second. You can steal without breaking any
| laws, the same way you can be a bad person without breaking any
| laws.
| PaywallBuster wrote:
| https://www.coindesk.com/policy/2024/04/18/mango-markets-exp...
|
| Avi Einsenberg did the same with Mango Markets,
|
| got away with 110M and is now looking at 20 year sentence
|
| And Mango was being sued by the SEC too
| https://www.sec.gov/newsroom/press-releases/2024-154
|
| > SEC Charges Entities Operating Crypto Asset Trading Platform
| Mango Markets for Unregistered Offers and Sales of the
| Platform's "MNGO" Governance Tokens
|
| > Pair of affiliated entities separately charged for acting as
| unregistered brokers
| KoolKat23 wrote:
| It depends if acted in accordance with the terms of the
| contract then it's fine but if he did something not covered by
| the contract it's theft.
|
| If I run an unmanned lemonade stand out front and leave a pile
| of money on the table, and say take your change, if you take
| more than what you're owed that's theft regardless of how easy
| it was.
| cherryteastain wrote:
| My personal belief is that this was not fraud and "Code is Law"
| works. Yet, this guy is a perfect example of how intelligence and
| wisdom are not the same. He was clearly smart and dedicated
| enough to pull off this sort of trade successfully multiple times
| in a row, and probably all he had to do to get away with it was
| keeping his mouth shut. Or at the very least not get convicted by
| default on contempt of court charges by ignoring a court summons.
| neuroelectron wrote:
| Court was outside its jurisdiction here. The fact that the case
| went forward shows that he was about to be railroaded by
| corrupt authorities.
| cherryteastain wrote:
| Agree, but the wisdom here is in recognising that once you
| made $65m in seconds at someone else's expense they will try
| to recoup that amount by any means necessary.
| neuroelectron wrote:
| He isn't working completely alone. He was able to borrow
| some "wisdom" and skedaddle.
| steve_adams_86 wrote:
| It is a good example. Unfortunately most 18 year olds don't
| possess a whole lot of wisdom yet. This guy was basically a kid
| when he did this.
| hinkley wrote:
| That German general who talked about keeping stupid industrious
| people away from your armed forces never met a clever enough
| fool.
|
| Clever fools are how you get Jurassic Park.
| perihelions wrote:
| Previous thread,
|
| https://news.ycombinator.com/item?id=31478795 ( _" The math
| prodigy whose hack upended DeFi won't return funds"_ (2022) --
| 399 comments)
| tlogan wrote:
| Code is not law. Law is law.
| pixelpoet wrote:
| law : code :: word problem : mathematical notation
| freejazz wrote:
| Has that been your experience interacting with the law?
| Calwestjobs wrote:
| well judge said something like indictment do not age like
| fine wine, but judge forgot that crypto does ;)
| tomrod wrote:
| :::goedel's incompleteness theorem
| m101 wrote:
| How this works in traditional finance is that the big funds would
| screw the small guy that beats them (especially if they're from a
| foreign country). They claim that they use unfair or illegal
| practices, but the reality is that they're not that different to
| their own.
|
| Ultimately the rules are written by people who look legitimate,
| and/or those who capture regulators.
| kazinator wrote:
| You can't "steal" crypto; it's all just a scam that operates
| outside of the law.
|
| I mean, sure, we can use the language of theft and crime
| figuratively, just like when we talk about animals. For instance,
| "the wolf stole a chicken from the coop".
| tim333 wrote:
| The case of SBF suggests you can and it's not outside the law
| enough to prevent 25 years of jail.
| bigyabai wrote:
| If SBF had merely stolen cryptocurrency, then the FTX
| exchange wouldn't have collapsed entirely. SBF stole customer
| funds on a line of infinite credit and infinite liquidity,
| basically lying to customers that he owned the asset they
| wanted when in reality he defrauded them for speculative
| gain.
| neuroelectron wrote:
| "The house always wins," is the law he broke.
| perdomon wrote:
| Based on this article, it doesn't sound like he did anything
| illegal (initially). He saw an opportunity and took advantage of
| it not unlike high frequency trading in the late 90s/early 2000s.
| Decentralized markets operate in a space that's inherently risky
| -- if they don't want to get exploited, hire better engineers or
| get out of the game. Begging the government for help when you got
| bested isn't how decentralization works.
| Sonnigeszeug wrote:
| Contract is code, you don't need anything anymore. It solves all
| the problem.
|
| _Something happens_
|
| We need to use the system which we want to replace...
| TrackerFF wrote:
| One universal law is that if you steal from people with more
| money than you, you're screwed. And the more money they have, the
| worse off you are.
|
| But on a serious note, whenever you read about some people that
| have either managed to outright steal crypto, or find some
| vulnerability which hasn't been legality tested...and they just
| pack their bags, hoping to live life free, forever after. It just
| seems so naive, too naive with how smart these individuals
| otherwise tend to be.
|
| I think it is fair to say that once you'll cross a threshold,
| could be a million. could be 10 million. could be 50 million. All
| depends on who you've taken it from, you'll realistically be
| hunted for life.
|
| The people that do get away with these things, are state
| sponsored operators - but they don't walk away with tens of
| millions in loot, either.
|
| EDIT: Reading the article, this guy sounds like a real piece of
| work.
| dandanua wrote:
| > One universal law is that if you steal from people with more
| money than you, you're screwed. And the more money they have,
| the worse off you are.
|
| If someone has more money than you, you're screwed. Period.
|
| This is how it works in the fascists world order, which is
| increasingly dominating these days.
| throwway120385 wrote:
| If you want to know the future of humanity, just imagine a
| bot stamping on a human face forever.
| archontes wrote:
| I can't tell if this is a typo or not, and it's perfect.
| racl101 wrote:
| I thought it was deliberate. Clever play on an Orwell
| quote nevertheless. Hmmmyes.
| CPLX wrote:
| From 1984 to 2024
| tempfile wrote:
| "Code is Law" is a profoundly immature idea, and I am surprised
| anyone other than children take it seriously. The law is not, and
| never has been, something that is read literally and taken at
| face value. This is the entire reason that judges and lawyers
| exist.
|
| Saying "The code let me do it, so it should be legal" is a bit
| like if I leave a "free to a good home" sign on a plant pot
| outside my home, and it leans on my car. It does not mean you are
| permitted to take my car, no matter how "obvious" it seems to you
| that it should.
| Dumblydorr wrote:
| Someone who disagrees with you is a profoundly immature child?
|
| Your analogy is confusing, you're comparing a free plant on the
| roadside to 63 million dollars on a crypto exploit?
| tempfile wrote:
| Not always, just in this case :-)
|
| What's actually confusing in the analogy? Are you actually
| confused or just pretending? The point is that just because a
| sign says something under a literal reading, it doesn't mean
| that it's what was intended, or what's binding. If there's a
| piece of paper on my car saying "free to a good home", I
| _probably_ didn 't intend that you can take my car (or my
| house, or whatever). It's not very different to the fact that
| a 0-day exploit on your bank's web server does not entitle
| the thief to your money.
| jxjnskkzxxhx wrote:
| A lot of people who disagree with me also happen to be
| profoundly immature child. I didn't say that one follows from
| the other, you added that.
| throwway120385 wrote:
| just in case though, I usually hang the sign on signposts in
| the public right of way in case someone tries to steal my car.
| thomassmith65 wrote:
| This was satisfying to read: "Code is not law.
| Law is law," Mr. Gottlieb wrote in a lengthy thread to Mr.
| Medjedovic on X in late October, 2021. "And what you did was
| not a 'clever trade.' It was market manipulation. It's illegal.
| And people go to prison for it."
|
| Tech exceptionalism is eternal. It takes the occasional Napster
| or PirateBay failure to disabuse a generation in the tech
| community of the triumphalist nonsense it talks itself into
| believing. But then the next generation comes along and doesn't
| know better.
| lelandbatey wrote:
| While satisfying, that quote is also hilariously one-sided in
| it's perspective. I imagine that lawyer in the courtroom
| saying something like the following:
|
| > Yes, my client did take a stack $100 bills and leave it on
| the sidewalk atop an elaborate contract proclaiming that
| those $100 bills should be given to the very next person
| going by the name of "John" who found this stack of $100
| bills upon the sidewalk, including specific language stating
| that anyone, even an unforeseen party meeting such criteria,
| would be entitled to that money. And indeed, my client signed
| and dated that document in triplicate. Yes my client did go
| to great lengths to write such a detailed and specific
| contract, and he was quite sure that such a contracts terms
| would be sufficient to ensure that only my clients brother,
| John Williams, would be entitled to the money, that same John
| Williams who lives across town. The brother would never find
| that money though, because the villainous, criminal, thief of
| a man _John Smith_ stole that money from off the sidewalk
| when walking out of Smiths front door! Smith would have you
| believe that he was _merely_ fulfilling the terms of a
| fortuitous open ended contract foolishly entered into by an
| idiot who failed to think critically about the terms said
| idiot entered into. That, however, is not important! I am
| here today to say that the terms of such a contract are not
| what is relevant, what is relevant is how upset my client is
| that he no longer has his money. I can prove that Smith stole
| that money, no matter what the documents signed by my client
| say! Those contracts are not law, only the law is law. What
| Smith did was not a "clever deal", it was theft. Which is
| illegal, and people go to prison for it.
|
| A bit over dramatic, but that's how the lawyers statement
| reads to me.
| ip26 wrote:
| Are you familiar with what happens when large sums of money
| are erroneously deposited in your bank account? Such as due
| to a payroll error?
| lelandbatey wrote:
| I am indeed aware that in such situations, since the
| depositor has not publicly and loudly declared their
| intent to deposit that money into my account, nor
| informed me that they will be depositing that money into
| my account, nor has the depositor published a contract
| that I've engaged with stating they need to send me that
| money, that such a situation would be interpreted as an
| accident by any reasonable person, including the legal
| system.
|
| However, we are talking about a system where a party _has
| loudly and publicly stated that they 'll move money under
| certain public conditions_ and a third party has walked
| up and said, "I meet those conditions, I am owed said
| money", and the computer dutifully agrees. We are
| currently looking at the foolish party who has entered
| into a contract trying to get out of that contract
| because they no longer like it's terms. Unfortunately for
| them, human law mostly sides with contracts, even when
| those contracts are represented in code.
| tempfile wrote:
| Even allowing for such a contrived example, would it be so
| bad if the money was taken from John Smith? The contract
| writer was an idiot, sure, but John Smith is an idiot too
| for just taking the money and expecting to be able to keep
| it. To say otherwise is to say we want to encourage people
| to take money they didn't earn, to avoid reporting it to an
| authority, because they'll be able to get away with it. It
| is also to say that the punishment for stupidity is
| whatever happens to be the consequence, rather than a fair
| punishment reasoned out by society.
|
| (I am against prosecution in this case, but I think he
| should have most of the money confiscated)
| globular-toast wrote:
| Lots of things have never been, that doesn't make them a bad
| idea.
|
| Your example is in the real world where there are things like
| weather and other variables that can't be accounted for. It's
| necessary for law to be based on common sense in such an
| environment.
|
| But why can't we imagine removing this element of ambiguity? In
| a computer system you can account for all variables and
| completely define the environment. This would make
| interpretation of the law much easier which is surely a good
| thing.
|
| But this kind of thing needs formal verification to work
| properly, which we are not good at. Trying to do it without
| formal verification is silly. But the broader idea is by no
| means "childish".
| tempfile wrote:
| I can't imagine removing this element of ambiguity because
| programs are not perfect. They are a representation of some
| mental process, and they frequently contain mistakes. They
| are also, as you admit, unable to capture states of the real
| world accurately. Unless your smart contract is unrelated to
| the real world (in which case, why bother with it?) this will
| be a problem.
| globular-toast wrote:
| The idea with formal verification is it would make it
| possible and feasible to prove a program is correct. But
| this is a hypothetical and until that is possible it
| doesn't really work. It might never be possible. So today I
| do agree with you. It just turns into a game of "ha-ha, you
| didn't read the contract closely enough!"
| prvc wrote:
| The entire space of smart contracts falls within the intended
| functionality of the systems that implement them, which make this
| particular use of them conceptually unlike things like buffer
| overflows.
|
| Calling it a "hack" or an "attack" as this article does (while
| strawmanning the opposite case) is a deliberate attempt to muddy
| the waters, and is a failure of journalism.
| neuroelectron wrote:
| It reminds me of the Sam Bankman-fried case, but it also quite
| different. SBF thought the abstractions would protect him from
| the law when he clearly was misleading investors and using code
| to abstract away his fraud. However, in this case, the code/fraud
| was presented and used as intended. While I believe SBF was
| innocent of defrauding his early investors who were foolish to
| trust such a system, he was guilty for other reasons.
|
| Andean Medjedovic's case shouldn't have even made it to court and
| he had no obligation to leave his crypto or cashed out legal
| tender with some "custodian" and spend the next several years of
| his life as a beta tester for establishing case law. This wasn't
| just "code is law," more accurately, "under the stipulations of
| the contract, code is law."
| pcthrowaway wrote:
| This is completely different from the SBF case. SBF was lying
| about things, it was more like a Bernie Madoff type scheme. As
| a CEO he had fiduciary duties he neglected.
|
| This guy won a game of poker against the house, and now the
| house is mad.
| BlackFly wrote:
| He should have accepted their offer of 10% as a bug bounty.
| Certainly crypto folk love to act like unregulated markets but
| this smells like market manipulation to my armchair education and
| even if the market tries to play both ways, the courts won't. I
| do hope that the Ontario court fights the extradition, because
| the American laws leveled at him seem bogus by Canadian standards
| (wire fraud, extortion and money laundering) but that tort case
| might be legit.
| Calwestjobs wrote:
| thing is, if you get rid of 90% of money, what money will you
| use for lawyers services if those .... sue you anyway?
| garfield_light wrote:
| >He should have accepted their offer of 10% as a bug bounty.
|
| If I was in his shoes I wouldn't trust them. They can just try
| to put me on jail anyways.
| danielvf wrote:
| My favorite is one of the text files on the attacker's computer:
|
| A file labeled "Decisions and Mistakes," in which he wrote,
| "Going On the run / Yes / Chance of getting caught<Payoff for not
| getting caught / (NA) / Risk is typically underpriced in modern
| world.
| 0cf8612b2e1e wrote:
| That is just terrible opsec. The millisecond the money has
| moved, you need to destroy all of that equipment.
| danielvf wrote:
| Don't worry, he also had a ""POST-EXPLOITATION" plan.
|
| Which included, among other things, " _KEEP the configs_ Burn
| the evidence, including the histfile _Book flight to:_ Pack
| Bags"
| rozap wrote:
| Wait, I thought cryptocurrencies aren't securities? Why are our
| tax dollars being spent investigating this? If they're not
| securities (like coinbase etc would like us to believe), then he
| didn't do anything wrong and there are no other rules - code is
| law. If they are securities, then why are there so many illegal
| exchanges operating in plain sight?
|
| Once again, crypto folks are all about decentralization until
| someone outsmarts them, then they go crying to daddy government
| to bail them out.
| wmf wrote:
| This doesn't change the big picture but some are securities,
| some are commodities, and some are collectibles.
| Barrin92 wrote:
| I'm not entirely sure what makes you think there's no financial
| regulation or laws you can break outside of securities trade,
| because there is and which is why he's charged with wire and
| commodities fraud, Hobbs Act extortion and money laundering.
|
| Code is not law, the law is the law.
| commandersaki wrote:
| Similar situation with two brothers that gained millions on
| Ethereum by coercing bots:
| https://www.arnoldporter.com/en/perspectives/blogs/enforceme...
| moktonar wrote:
| Placing trust on software is the root of all evil..
| netvarun wrote:
| https://archive.is/kVsvc
| stainablesteel wrote:
| the movie about this guy is going to be awesome
| baq wrote:
| Just another day of crypto bros speedrunning finance.
| ForHackernews wrote:
| > Not everyone agrees. "Code is not law. Law is law," Mr.
| Gottlieb wrote in a lengthy thread to Mr. Medjedovic on X in late
| October, 2021. "And what you did was not a 'clever trade.' It was
| market manipulation. It's illegal. And people go to prison for
| it.
|
| Boy the crypto industry better pray that market manipulation
| isn't illegal in DeFi-world or they're all going to prison.
| egypturnash wrote:
| _They are part of the team representing Cicada 137 LLC_
|
| I wonder if this is any relation to Cicada 3301.
| https://en.wikipedia.org/wiki/Cicada_3301
| msvcredist2022 wrote:
| almost definitely a relation in name only
| Calwestjobs wrote:
| yes it is and biggest surprise is? he is suing himself ! XD
| TrapLord_Rhodo wrote:
| "The silver lining to all of this is that Trump promised to stop
| the persecution of crypto people," Mr. Medjedovic wrote on
| Signal. "Like, half of the people involved in this
| resigned/stepped down recently."
|
| Very interesting that he gives praise to trump after all this
| hassle from the US government. Why is the US even involved in
| this? It's a canadian dude and a canadian exchange.
| lamadruga wrote:
| How do these people get caught? Isn't crypto supposed to be
| anonymous or something?
| ycombinatrix wrote:
| Some coins are designed to provide a degree of anonymity.
| Bitcoin & Ethereum do not.
| ryao wrote:
| The article says "he took credit for it on the social media
| platform X".
| sn9 wrote:
| I'd love to hear Matt Levine's take on this.
| turbocon wrote:
| Oooo entirely agree, I do suspect he'd come down on the "law is
| law" side however it's not clear to me a law was actually
| broken.
| Calwestjobs wrote:
| he is in france territory which is not french Guiana.
| Validark wrote:
| How dare some peasant actually win at a game they were meant to
| lose? That's illegal!
| AlexanderTheGr8 wrote:
| I followed this case when it happened. It was $16M at the time,
| not sure how it became $65M now. I suppose it doesn't matter -
| any number above $100k probably grants the same punishment*
|
| Interesting side-note : the people he took/stole from - they
| offered him 10% if he returned the rest. He said no in a tweet
| trolling them.
|
| Contrary to the opinions in this thread, I think he was smart to
| run away. Remember that he did this from Canada, not the US.
| Countries don't have the same extradition treaties with Canada
| that they do with US.
|
| If he had stayed, he would almost certainly be convicted. No
| court can possibly understand "code is law". Courts' job is only
| to interpret the law, not make the law. And the law was not
| written for crypto. You cannot fit a square in a circle without
| distortion.
|
| What I think would have happened is the courts, rather than
| introducing novel precedent, would have preferred to just rely on
| existing case law and declare him a criminal.
|
| Another interesting side-note : the judge presiding the case made
| a public comment asking the guy to come back to Canada promising
| him a fair trial. The guy didn't show up - maybe he didn't
| receive the message.
|
| Overall, even with the benefit of hindsight, we still can't be
| sure if he was smart to exploit this or not. Forced to live in a
| few countries but with a lot of money.
|
| * It's because (1) laws were designed when numbers were lower (no
| one had $16M to steal); (2) humans can't visualize big numbers
| (individually, $16M is just as big as $65M in my head)
| dgs_sgd wrote:
| It went from $16M to $65M because he did more hacks after the
| initial one.
| poochkoishi728 wrote:
| Doesn't seem worth it. Live as a fugitive, with your face
| publicly known, so you always have to watch your back from
| criminals who'd jump at the chance to extort you once they
| found out who you are.
| RandomBacon wrote:
| "extort" is a pretty benign word for torture. I'm pretty sure
| there are criminals that will kidnap him and then cut off
| fingers one by one and do worse things until he gives up the
| money.
| djeastm wrote:
| He made the mistake of not already being wealthy before he
| manipulated the currencies. It's truly funny reading this when
| the US stock market is manipulated at will. I'm not trying to be
| political, just remarking on the absurdity of it all.
| bogota wrote:
| O look another amazing and riveting discussion on emerging
| technology with real world implications... o wait it's just a
| bunch of cranky people complaining about crypto.
| hoppp wrote:
| Clever lad but horrible opsec. Sounds to me like Indexed Finance
| had bad business logic and they had it coming.
|
| There was no break in or exploiting, it was a trade using flash
| loans, fair enough if you ask me. A platform trading hundreds of
| millions should invest in proper security audits
|
| What's the lesson? Maybe tornado cash the gas tokens before doing
| stuff like this and definitely never post it on social media or
| acknowledge that you did anything. Be smart and have good opsec
| Jean-Papoulos wrote:
| There's a reason the guy is on the run ; it's because what he did
| is market manipulation and that's illegal.
|
| However, cryptocurrencies are unregulated so you can easily argue
| that the laws usually governing the markets don't apply.
| Unfortunately for him, I don't think the judge will want to set
| that precedent...
| concats wrote:
| A lot of people seem to argue that the original intent was for
| disputes to be handled by the courts. That is, governed by laws
| outside of the crypto's smart contract implementation. And thus
| the company is right to seek judicial help and label this act as
| theft. Alright, sure, on its surface that doesn't seem like an
| unreasonable position. After all, we all trust the courts right?
|
| But, if this really was agreed upon by most of the parties
| involved, shouldn't the smart contract have include giving the
| courts a master-key that allows them to override the blockchain
| when necessary? Undoing fraudulent transactions and such. Can we
| really argue that everyone expected disputes to be handled by the
| courts if this wasn't implemented?
|
| There is no technical reason why it couldn't have been done, as
| far as I can tell. It would not be great for PR perhaps, since it
| sort of goes against what a lot of the original crypto
| enthusiasts believed in: decentralization and protection from
| future hypothetical tyrannical governments. But at least it
| wouldn't be half as hypocritical as what we have today.
|
| Of course, if you designed your crypto like this, with a court
| controlled backdoor, you'd unfortunately have to stop calling the
| whole thing decentralized. But if that's the intent, and everyone
| agrees to it, what's the issue?
|
| I'm trying not to pass any value judgement on the "Canadian math
| prodigy" in this scenario, on the whole I don't care much about
| the isolated incident, but rather on whoever wrote the smart
| contract trying to both have their cake and eat it too.
|
| I find crypto really fascinating from a technical and
| philosophical standpoint, but I'm not too fond of how it's been
| adapted by society as mostly a sort of get-rich-quick scheme.
| ur-whale wrote:
| https://archive.is/kVsvc
| ThatsAllForNow wrote:
| Is there a technical write up of exactly what he did?
| avodonosov wrote:
| > a U.S. company named Cicada 137 LLC sued Mr. Medjedovic in
| Ontario. The identity of the person or people behind the company
| is unknown, but Cicada said it lost US$9.69-million worth of
| digital tokens to the exploit. (It's common for significant
| investors in cryptocurrency to shield their identities.)
|
| > Mr. Medjedovic left home after receiving death threats
|
| So, crypto-dealers hiding their identiyty and issuing death
| threats now appeal to law.
| rimbo789 wrote:
| Isn't all crypto theft?
| yapyap wrote:
| > They are part of the team representing Cicada 137 LLC
|
| That's a reference I haven't heard in a bit
| Pxtl wrote:
| I've been following this story because he's a local boy, I
| actually met him very briefly once, back when he was just a kid.
|
| The article is skimming over some of the darker sides of his side
| of the story - like how allegedly his code and conversations are
| generally peppered with racist rants (I haven't seen any examples
| of such). The boy seems like a horrible case of internet
| poisoning - like, a brilliant mathematician child completely
| mangled in the head by 4chan/gamer discourse.
|
| One part of his first heist that isn't mentioned often is that
| Indexed Finance says he was actually working with them and
| contributing to their codebase before he pulled his exploit.
| NiloCK wrote:
| Some info on the attacks themselves:
|
| https://rekt.news/indexed-finance-rekt https://rekt.news/mango-
| markets-rekt
| Xmd5a wrote:
| in-depth twitter thread:
|
| https://x.com/cryppinfluence/status/1889268223528538113
|
| This in particular:
| https://x.com/cryppinfluence/status/1889268417108332733
|
| This is the stuff of legend.
___________________________________________________________________
(page generated 2025-04-16 17:02 UTC)