14 comments

[ 2.8 ms ] story [ 42.1 ms ] thread
Honestly, at this point, I somewhat agree with the notion that we should just be refunded our ETH.

I'd be happy to try something like this again, but I think the current iteration clearly needs work and should be dissolved / refunded so that we can make that choice at a later date.

What? It was clear from the very beginning to anyone who actually looked into what the DAO was and how it worked, except those wanting to strike it rich believing the crypto hype.

You're saying you trusted it, got burned, and are already looking forward to the next one?

The DAO was described as "the code of the contract is the absolute truth, any other description is just a guideline", which was hailed as a new miracle by the investors, and now that it doesn't mean mountains of gold the founding principles are suddenly not important anymore?

The "hacker" simply used the DAO as it was meant to be used (i.e. according to the smart contract code), and deserves the funds. If there is a hard fork, I hope he sues slock.it for controlling the DAO, and stealing the funds he is owed according to their own terms ("The contract is king").

> ...as it was meant to be used...

Actually, a bug was exploited.

By that reasoning, I should be allowed to legally contact Amazon customer service and socially engineer access to others' accounts, then place orders to be shipped to myself. If the customers call and cancel the orders as fraudulent, I should be awarded damages in a lawsuit against them.

It's also worth noting that, if you're a person that doesn't have any monetary interest in The DAO, you don't have any right to vote for anything, meaning you're no different than somebody standing near a poker table spouting out your philosophies about where others should put their money (aka in the industry as a railbird).

No, the DAO believers explicitly decided "f* the government, in code we trust" and wrote in their contract that whatever the DAO did, according to its code, was right.

You don't have such an agreement with Amazon.

Regarding your edit: I don't want to vote for anything. I'm simply pointing out that there is a (real-life!) agreement, and a party (slock.it et al.) not holding themselves to that agreement, and that I'd enjoy seeing that played out in court, where it belongs.

> "f* the government, in code we trust"

I never decided that.

The idea of distributed investments and unstoppable tools that are distributed isn't about "f* the government" or anarchism; it's about not letting anyone other than a consensus of ourselves manipulate us.

> I'm simply pointing out that there is a contract, and a party not holding themselves to that contract, and that I'd enjoy seeing that played out in court, where it belongs.

The point is, if we disagree, what can you do, if you don't have any interest or control over this (hint: nothing)?

You didn't invest in a "distributed investment and unstoppable tool that is distributed", you invested in a partnership with the DAO code explicitly stated as the (potentially legally binding) operating document. If you didn't share the values and conditions in that contract, you probably shouldn't have joined the DAO/partnership.

Regarding your last paragraph: I'm not sure why you're attacking me personally here.

I do share the values of The DAO, which is why I'm happy that things are being handled exactly how I would have wanted them to. I'm not sure where the confusion is arising from. I'm talking about next steps.

> I'm not sure why you're attacking me personally here.

Are you sure you're replying to the right person?

> Actually, a bug was exploited.

That's called a loophole in a contract, and folks exploit those all the time.

You're on the receiving end, which sucks, but based on the rules of the DAO, you have no recourse.

The entire presupposition, when putting money into this thing, was that the code was the contract. Period.

If you failed to audit the code to find the loophole, you signed on to a financial arrangement without fully understanding the nature of the contract.

If you don't feel you're qualified to evaluate the terms of the contract, maybe we've just discovered a reason why "smart contracts" aren't such a great idea after all...

> A good language for maintaining state machines would provide features for upgrading the security of a live contract.

This actually exists, if you code for it. You can make your contract call out to functions in other contracts, and repoint if you need to upgrade.

But that means your users have to trust you not to abuse the power, so it's a tradeoff.

> I believe that Ethereum overall will emerge from this in a few weeks, having been made much stronger as a result. It will have a newfound direction and charter that involves a slight pivot, away from "let's get DApps at all costs, let's make front-end programmers into smart contract writers," towards "let's build up the science of secure, smart contracts."

You know how they always say "if only we knew then what we know now about Internet security, then we would've definitely made the Internet secure by default in the 90's!"

Except, even if they did know, they probably wouldn't have gone that path. There's always a strong incentive towards making stuff "easy to use", and the more secure you want to make it as well, the more work you have to put into it, to a point where the developers may think that it has "enough" security and they shouldn't waste too much funds on making it more secure (even though it's not really enough).

The "advantage" something like Ethereum has now compared to the Internet in the 90's, is that thousands of sophisticated attackers could try to hack it from day one, thus showing Ethereum developers how naive they are early on.

This is good news, because we'd rather have something like this happen early on, then 10-20 years from now after all of the world's banks and governments adopt it, and instead of a $40 million heist, we have a $4 trillion one.

Give them a chance to recover funds. Maybe they'll comeback.
These notions sound eerily like what gamblers would say.