Kinda. You can't do a regular double spend, where you spend the same currency twice (And thus get twice the value out of it, kinda). You could spend the coins in ETH, and then spend the coins in ETC, two different currencies worth different amounts.
The catch is that there is no guarantee you come out ahead, like there would normally be with a double spend. The fork resulted in a price drop (That has now somewhat recovered), and ETC is not worth nearly as much as ETH (About a 10:1 ratio). So ETC+ETH is really not worth much more then ETH was originally before the fork, if it is at all - even if you spend both, you probably didn't make any money on the fork itself.
I don't have hard numbers. Let's suppose that you had 1ETH(old), then now you have 1ETH(new) + 1ETC, and you can expend both. The 1ETC(new) in the forked chain and the 1ETC in the unforked chain.
But the price dropped, so if you had $1 in the ETH(old) then now you have $0.80 in ETH(new) and $0.2 in ETC, so you didn't get free money, only free tokens that you can try to exchange for money in the right place.
(Actually, I guess that the sum after the split is lower because some investor ruined away, so the numbers can be $1->$.7+$.2 or something.)
And beware that since both have the same underlaying technology, then some can copy some transactions from one blockchain to the other, because the signature to transfer the coins is the same in both chains. The solution is to make two "tainted" versions of the coins that are disallowed to transfer in the other chain. Read the sibling comment about the "splitter function".
Ugh, yes. The minority who didn't want the hard fork have continued to use the old chain. They constantly try to promote it and troll the 'bailout chain'.
It was supposed to be a vote on whether to fork or not, then leave the deprecated chain behind. The vote for the fork succeeded, and all the developers of Ethereum and 99% of the developers for apps on the chain have decided to go with the vote. Everything is being done on the main chain, ETH, Ethereum. The old deprecated chain is now called ETC, they named themselves Ethereum Classic.
Why ugh? They want to support the old chain for ideological reasons, what's the problem with that? Isn't that the whole point of these blockchain systems (i.e. that a centralized authority does not control the system)? I am a pretty big blockchain critic, but schadenfreude aside, I think the eth/etc split is a decent demonstration of the fact that these systems have legitimate resistance to centralized authority, even when ethereum's influential creator is the authority. It's not stable and eth's buggy contracts are not reliable, but as far as blockchain money goes it has lived up to the ideals of the enthusiasts.
The vitriol in r/ethereum is an amazing sight. There are cult-like levels of declarations of support for either chain. It's astounding, considering both chains are basically the same system, and that prior to the DAO 'theft', everyone seemed to be proponents of the 'code is law' viewpoint. How quickly things change, and how little time it takes for people to switch their beliefs and villify those who still hold the old beliefs.
The ETH camp still defends the "code is law" principle. The point in which ETH and ETC proponents differ is how that principle should be prioritized relative to "the majority is always right" principle.
> It's astounding, considering both chains are basically the same system
They aren't at all. Immutable smart contracts are the basis of ETC and not ETH. It's only one difference, but it's a difference as fundamental as the difference between gold and dollars.
ETH is now a centralized currency. I have trouble seeing any purpose to using ETH now that it's centralized, given that existing centralized money/contract systems are much more mature. But given both ETH and ETC are too buggy for me to use, I've no skin in the game, so I'm happy to wait and see if some benefit to a centralized cryptocurrency emerges that I wasn't aware of.
Doesn't this episode illustrate that ETC could go the way of ETH, whenever the miners decide? ETH was always ETH, it just took a while for people to realize it.
Mathematically yes, there's nothing preventing ETC from doing the same thing. But ideologically, the lines have been drawn. At least for the time being, I think it's a safe bet that people who aren't committed to decentralization will just go with ETH instead of investing in ETC and voting for future forks.
Again though, I think the design of both cryptocurrencies is prohibitively error-prone, so it's kind of a moot point.
There was no real voting. A tiny tiny percentage of owners voted for or against the fork, mostly because there was no official voting system publicised.
Why couldn't they just fork to ETH (majority rule) and ETC (contracts inviolate) and let the voting mechanism be a currency exchange contract between the two?
If you prefer ETC, you trade all your ETH for ETC, and vice versa. The "winner" is the currency with the higher valuation, but everyone can still use whatever fork they prefer.
That's what is happening right now, but the currency exchange is happening on Poloniex, Kraken, etc, and the hashing power is following the exchange rate.
"DAO Hacker" and "getting away" are very loaded bits of language that point to an interpretation of events that differ, AFAICT, from reality.
The DAO contract was neither hacked nor broken. This individual used the features and functions of the contract in unexpected ways, but ways that were legitimate nonetheless.
This argument also rests on an assumption over and above the function of the system: that the result of executing a contract is immutable and thus beyond reproach. As was demonstrated, the result is subject to ratification by miners. To miners on the new chain, the DAO hacker is a hacker.
Certainly it was the case that ethereum contacts were advertised as immutable and beyond reproach, but if you bought into that, well... you'd be making the same error you see in your ideological opponents!
It is a separate question whether ethereum contacts ought to be immutable, but that requires a different type of argument.
The issue in my opinion is that the Ethereum maintainers actively helped create a hard fork to steal Ether from the so-called "hacker". This crosses a line.
Sadly, the DAO had major bugs and the time to do something about them was before it launched.
It's not the end of the world, though it does place Ethereum in the category of "easily corruptible human organizations" which makes it largely ineffective for the sorts of things that made it most exciting.
Ethereum may become more distributed which would make this sort of consensus more difficult to achieve, or it may be replaced by something that has a more corruption-resistant governance structure.
The basic idea underlying the holocaust, the Iraq war, and pretty much any human atrocity is that the ends justify the means. This is exactly the argument that hard forkers made. But, much like the Iraq war, the president should not have ever had the sole discretion to launch a war, nor should such a small number of interested people have the ability to launch a hard fork.
Apologies for the hyperbole, but I think it's helpful to illustrate the core issue.
The problem with that hyperbole is that it begs the question of whether or not this was even an atrocity at all. The ends don't justify an atrocity as the means, but that isn't the same thing as the ends never justifying the means.
Ends justifies the means is just a fancy way of saying that the cost/benefit analysis is favorable to the decider. That is a sane decision making framework. Presumably, you just disagree with the assesment of the cost.
> Ends justifies the means is just a fancy way of saying that the cost/benefit analysis is favorable to the decider.
I think it's more accurately defined as the decider acknowledging that the costs are not something he/she would typically approve of, but the desired or touted ends are so worthwhile for everyone (as determined by the decider on behalf of everone) that it's worth doing.
In other words, an un-democratic greater good argument. It turns out that there was majority consensus among ETH miners to do a hard fork, but only after the Ethereum maintainers signaled their bias by researching and writing the hard fork code.
the hacker actively exploited a flaw in the ethereum system to steal money from unwi{tt,ll}ing users. saying that that was okay because the platonic nature of smart contracts allowed it is saying that the means justified the ends, which does not work either.
> the hacker actively exploited a flaw in the ethereum system
This is not the case. There was not a bug in the Ethereum "system", it was a bug in the Slock.it smart contract code ONLY.
The smart contract code behaved exactly as written. There is nothing to interpret. Those who invested in that smart contract invested in it as written, and failed to have it properly vetted. Think of the fraud that is possible with poorly vetted contracts... It's absurd to think that rewinding the tape is any sort of legitimate remedy for code bugs in smart contracts.
>There is nothing to interpret. Those who invested in that smart contract invested in it as written, and failed to have it properly vetted.
What about the plain language of the marketing materials soliciting investment that was completely inconsistent with the code of the DAO.
It happens all the time in the world outside of smart contracts, where people rely on marketing materials (say marketing a car loan for 4%, but the contract provides for a substantially higher interest rate). You can make the same argument in those cases, that the individual should have read an understood the actual contract and not relied on the marketing material, in fact, the marketing material might even include a disclaimer, but that doesn't change the fact that the individual is likely to prevail in a court of law based on causes of action including, but not limited to: fraud, fraud in the inducement, unfair trade practices, unjust enrichment, breach of contract, etc...
What makes smart contracts so special that people can falsely market them to the public and not be liable?
Do you contend here that the "hackers" and the "marketers" are the same people? If that could be demonstrated, it would be an extraordinary revelation!
It is possible, but of course I don't know and it does not matter. Let's say I induce you into a contract based on fraud, (you give me $x to invest in opportunity Y), now the contact actually says any of the investors have access to the funds and can take them before they are invested in Y. Another investor takes all the money, legally you would be able to come after me and the investor who took the money, maybe under different theories, just as examples, you might go after me for fraud and breach of contract while you go after the investor who actually has your money for unjust enrichment.
>If the other investor wasn't an insider you wouldn't have a case against them. There's nothing unjust...
3rd party beneficiaries of contracts get sued all the time. Just to put it into perspective, you and I enter a contract where you give me $x to invest in Y, instead of investing in Y, I just give the money to a 3rd party who may not even be mentioned in the contract, the law would most certainly allow you to go after both the third party and myself.
Unjust enrichment is a legal term or art and a cause of action, not your or my definition of unjust. Here are the elements of unjust enrichment:
(1) a benefit conferred upon a defendant by the plaintiff,
(2) the defendant’s appreciation of the benefit, and
(3) the defendant’s acceptance and retention of the benefit under circumstances that make it inequitable for the defendant to retain it without paying the value of the benefit.
In other words when the 3rd party assumes your investment funds, all elements would be satisfied, whether or not they are a party to the contract.
Said in plain english, in the same privileged voice that discussed their intentions.
They were careful to state that if the code and their wishes/statements disagreed, that the code was the authoritative answer.
The Technological-Savvy-Investor (you called them a hacker) was induced to play a code-based Nomic for real money but was then cheated out of their prize by the conniving and dishonest administrators.
>The Technological-Savvy-Investor (you called them a hacker)
Why put words in my mouth?
>They were careful to state that if the code and their wishes/statements disagreed, that the code was the authoritative answer.
It what other area of contract law are people allow to solicit investment based on false representations/marketing and hide from liability based on a disclaimer that the marketing materials may be inconsistent with the contract? I appreciate that they had the foresight to realize their code was likely to execute in unexpected ways or at least ways inconsistent with their marketing/solicitation and they made those disclaimers, but it isn't novel in law where contracts are inconsistent with marketing material (which even disclose the potential inconsistency).
What was false and misleading? Didn't the DAO creators and enthusiasts insist up and down that the code is the irrefutable interpretation of the contract? Doesn't ethereum.org still state that smart contracts are "applications that run exactly as programmed without any possibility of downtime, censorship, fraud or third party interference"?
The only false representations I've seen have been from the Ethereum developers: by hard-forking to change the terms of the DAO, they have misrepresented Ethereum to everyone who invested in its ICO.
EDIT: I'm more interested to know whether or not the DAO "attack vector" was placed there intentionally. Then you might be able to argue that the developers acted in bad faith.
>Didn't the DAO creators and enthusiasts insist up and down that the code is the irrefutable interpretation of the contract?
Yes, but again this is not unique to the DAO. Moreover, it occurs all the time that marketing materials are put out with disclaimers that the marketing material is just that marketing material and that any inconsistencies between the marketing material and the contract, the contract prevails. It doesn't always make it so and there is good public policy reason why.
My analogies are always kind of shot down as it relates to the DAO, but I think they help flush out the legal reasoning. How about valeting your car, obviously there is an implied contract that you will pay the fee and get your car back (maybe even a verbal representation, "just bring the stub back and we will pull your car around") but what if the stub includes language (as they do) that you agree the valet will not be responsible for stolen property and then they don't bring your car back. Who knows who took your car? Maybe the valet, maybe the valet gave the keys to someone else, maybe someone legit broke in and stole your car without the valet being aware... even though you agreed to the contract/terms of the valet ticket it does not become a contractual right for valet to take your car, they could still be liable (potentially criminally in addition to civilly).
Moreover, representations remain false even with disclaimers acknowledging the representation may be false.
> Yes, but again this is not unique to the DAO. Moreover, it occurs all the time that marketing materials are put out with disclaimers that the marketing material is just that marketing material and that any inconsistencies between the marketing material and the contract, the contract prevails. It doesn't always make it so and there is good public policy reason why.
I don't deny this, and I agree in the general case. However, I haven't see any case where the DAO marketing materials did not state that the code was the terms and conditions. This was, after all, its defining feature. The marketing materials and public information were practically bragging about this, and all pointed to the contract state on the Ethereum blockchain so you could see for yourself.
> My analogies are always kind of shot down as it relates to the DAO, but I think they help flush out the legal reasoning. How about valeting your car, obviously there is an implied contract that you will pay the fee and get your car back (maybe even a verbal representation, "just bring the stub back and we will pull your car around") but what if the stub includes language (as they do) that you agree the valet will not be responsible for stolen property and then they don't bring your car back. Who knows who took your car? Maybe the valet, maybe the valet gave the keys to someone else, maybe someone legit broke in and stole your car without the valet being aware... even though you agreed to the contract/terms of the valet ticket it does not become a contractual right for valet to take your car, they could still be liable (potentially criminally in addition to civilly).
It sounds like you're getting at the officious bystander test. The thing is, when the whole community of developers and investors were going on and on about how the code is law, the answer to the question "Should the Ethereum developers intervene if the code does something we don't like?" could very easily have been answered by all parties with a resounding "NO!".
I encourage you to search through the Ethereum subreddit during the DAO's ascension, for example. You'll find cases where people were asking about what to do in this very situation, and the answer has consistently been to the effect of "whatever the code executes will be the outcome."
> Moreover, representations remain false even with disclaimers acknowledging the representation may be false.
Please point out a single case where the developers solicited investment using a false representation of the DAO. They were very clear, very open, and very loud about the fact that the code itself was the contract terms and conditions. The code is open-source as well, and lives on the Ethereum blockchain.
Honestly, I'm having a very hard time not seeing this as a bunch of investors losing money for their failure to do due diligence. Especially since the flaw that lead to the DAO's undoing was published years beforehand, in two places [1] [2]. Maybe there's a case for negligence to be made against Slock.it, but it sounded like they were otherwise clear, up-front, and honest about what it was they were soliciting investments for.
I was replying to the wrong post. I had wanted to make it clear that we were discussing the same person.
Amusingly, I did it explicitly to avoid the OP thinking I was putting words in their mouth.
> In what other area of contract law are people allow to solicit investment based on false representations/marketing and hide from liability based on a disclaimer that the marketing materials may be inconsistent with the contract?
The "code is law" was the main point of the marketing. They repeated it constantly.
> it isn't novel in law where contracts are inconsistent with marketing material
What was the inconsistency? That their goals didn't come true?
No problem, though we clearly arrive at different conclusions, I thought we were having a interesting conversation.
>The "code is law" was the main point of the marketing. They repeated it constantly.
To be a little pedantic that is a misrepresentation as code isn't the law, "law is law", at best "code/DAO is contract" (not the marketing material). Nevertheless, I am not denying their disclosures/disclaimers all along, just that legally the contract will not supersede inconsistent representations.
>What was the inconsistency?
Just to pull some statements from the DAO white paper:
"the DAO Token Holders can elect to ‘pull the plug’ on the Contractor at anytime and for any reason. This is a major advantage as it considerably minimizes risk."
-In the case of the contract that took the funds, the token holders, were not able to pull the plug (unless you consider the fork pulling the plug, but that is what most people are complaining about, but it was the intent for token holders to have - what I will call - this contractual right).
"This standard DAO framework is simple, decentralized and 100% secure."
-Again I believe where I say the funds were not secure because they were taken, I know the other side of the coin is that funds at all times were 100% secure because they were intended to be taken since that is what the code allowed. However, why even mention 100% secure, when really what they meant was what ever happens to your funds (invested, taken without being invested, etc...) you consented to contractually.
"The first, an informal vote on whether a DAO would like to switch Curator or not. The second, a confirmation vote to give a chance to DAO Token Holders to confirm the result of the first vote, or a chance for the minority to ‘split’ their DAO into two and retain control over their ETH."
-The whole concept of voting discussed at length (not the quote I gave above) is a misrepresentation, because investor funds were taken without their vote, and the protections (above) were not actually available to the investors. Unless, again you consider the fork the protection discussed in the white paper, but we know the objections to that.
>DAOs are formed by groups of like-minded individuals with specific projects and goals in mind.
The DAO/smart contract that took investor funds didn't include specific projects with goals in mind by like minded people, it siphoned off investor funds without consent/voting on the specific proposal or the protections as included in the white paper.
> To be a little pedantic that is a misrepresentation as code isn't the law, "law is law",
Which is already an overloaded term though. Personally I'm giving gravity precedence here as a law, and CFAA only second points...
In that sense, law is a precise and reliable description of what will happen. At that, the code is law. It diagrams (though obviously not clearly) the allowed states for the system.
But, that's just semantics. We know what they meant.
> "This standard DAO framework is simple, decentralized and 100% secure."
Rofl, 0 out of 3 isn't that good... But the issue is if those are actionable. Decentralized is the only objective claim there and it's trivially wrong. The rest have no standard in law that I know of.
Anyways though, they were totally and hilariously wrong, but I don't think they misrepresented the nature of the deal.
> However, why even mention 100% secure, when really what they meant was what ever happens to your funds (invested, taken without being invested, etc...) you consented to contractually.
Well, because most of these things (human endevours) have been destroyed by theft and fraud. We've got thousands of years of being suckered into trusting people and we're still screwing that up so there isn't much hope down that path. Being screwed by a smart contract is a pleasant change. :D
Even law is not above a re-interpretation. The Germans had a lot of «unlawful» laws. «But I followed the law» didn't interest anybody at the Nuremberg trials – and rightly so.
The issue isn't as much the rightness of the code - by that standard it was provably pretty not right...
I'm talking about the purported duplicity of the DAO founders. I think that they were naive, but clear in their statements. Their goal for the DAO was X, Y, and Z, but that it was enforced by code - not by their stewardship. And boy was that right.
I don't think they hid the facts from anyone.
Good point about the Nazis though. Many people forget that and fall back to legality as a defense, even still.
> What makes smart contracts so special that people can falsely market them to the public and not be liable?
This is indeed an interesting question. I think the obvious answer is nothing... Nothing makes them different.
Unless they are executed in a way that makes traditional enforcement methods useless. Which jurisdiction will legal enforcement occur in? Who has the ability to reverse the outcome of the contract?
This is both the horror and the beauty of decentralized smart contracts.
"Any and all explanatory terms or descriptions are merely offered for educational purposes and do not supercede or modify the express terms of The DAO’s code set forth on the blockchain; to the extent you believe there to be any conflict or discrepancy between the descriptions offered here and the functionality of The DAO’s code at 0xbb9bc244d798123fde783fcc1c72d3bb8c189413, The DAO’s code controls and sets forth all terms of The DAO Creation. "
> What makes smart contracts so special that people can falsely market them to the public and not be liable?
This is a separate question that should be addressed.
> Sadly, the DAO had major bugs and the time to do something about them was before it launched.
It boggles the fucking mind that they didn't run a small-scale test, with enough money to make it worthwhile for people to test the contract, but not so much that it would have created all of this drama.
Spending $10,000 to test a project that I've heard is worth $150 million seems like a no-brainer decision.
> It boggles the fucking mind that they didn't run a small-scale test
The issue was a semantic bug in the code, which was exploited by an unanticipated usage pattern. It is hard to catch this kind of error with testing, since the programmer is usually the one writing the test.
It is also (often) hard to catch subtle semantic bugs in code review too, unless the reviewer is looking for a known pattern of semantic bug.
There are some interesting things happening as a result -- formal verification, etc., but I am hoping that we end up seeing the emergence of an insurance market on smart contract behavior...
Ahh. Yes, that would have been an excellent thing to do. Even a binary future on "will the DAO be hacked" would have quickly revealed (via its price) the true risk, well before the dollar figure got so high.
I think that poses an interesting dilemma. Say somebody finds a flaw: would they really want to disclose it? If they doesn’t, and nobody else has found that flaw or any other of similar importance, they stands to benefit more by hacking the system when it goes into production.
Smart points but rsync's comment stands--this article takes a very one-sided tone. It doesn't even attempt to state why so many of the people involved don't think that punishing the "attacker" (their term!) is a priority. So it's also kind of half-baked, actually.
This is why computer security is a dog's breakfast and always will be as long as we can run crying to a judge. Your mistakes are your failures, not my hacks.
Even calling an SQL injection or buffer-overflow with malware payload a hack misses the point.
This is just an extreme example because there weren't invalid inputs, etc. Everything was used as intended but the intentions weren't very well thought through.
Broken, is an interesting choice of words, because by your very definition the DAO could never be broken it simply is whatever the code says it is, thus could never be broken.
However, as much as some people want to claim the DAO as executed is exactly what investors contracted for, it is not. The creators of the DOA solicited investment based on marketing material in plain language that was entirely inconsistent with the code of the DAO. Under the law one can't market and solicit investment based on representations that are untrue...that is fraud and but for the false representations many/if not all investors would not have invested. Moreover, it is generally not enough to include a little disclaimer at the end of the marketing material acknowledging the marketing may not be accurate and that the investors are investing at their own risk and in the DAO "as-is".
While I recognize that the law almost certainly disagrees, isn't ETH's "The Code is the Contract" ethos morally override any complaints people could make about unfair marketing?
If you're using Ethereum, you're implicitly buying into the "the code is the contract" philosophy; it's 100% 'caveat emptor'.
>isn't ETH's "The Code is the Contract" ethos morally override any complaints people could make about unfair marketing?
I am no moral authority, though I certainly have my opinions. I think the moral question breaks down to the following:
1. Do I have a moral obligation to perform a contract that I entered only as a result of fraud?
Let me ask you, what if you and I enter a contract where I will pay you $10 to pull a string of my choice and you agree. After you enter the contract I show you the string and it is tied off to a trigger on a gun pointed to someones head, does the contract ethos morally override my unfair disclosure? That is obviously an extreme, but how about if you had a elderly parent who was on their death bed and I told your parent the Will makes you the sole beneficiary but it really made me the sole beneficiary, would you have a moral obligation to allow the Will/contract to stand that overrides your complaint about unfair representations?
At the end of the day, people signed up for the DAO, but the DAO as executed was not what they signed up for, no matter how much people say that is the entire point of the DAO. If it were me I would feel no moral obligation to accept my losses as if it were losses based on a legitimate investment opportunity that simply didn't perform. I think people must determine for themselves what is moral, and while keeping ones word and fulfilling contractual obligations is a moral issue, it applies to all parties (the solicitor and investor), and that is why the law doesn't permit fraud, deceptive and unfair trade practices, contracts with minors, contracts with people who lack capacity to understand them, unjust enrichment, etc...
> Let me ask you, what if you and I enter a contract where I will pay you $10 to pull a string of my choice and you agree. After you enter the contract I show you the string and it is tied off to a trigger on a gun pointed to someones head
I think this analogy is very flawed, because I could inspect the DAO code before investing in it. The string doesn't lead off-stage.
Even if it is flawed, the contract never said I couldn't untie or cut the string before pulling it (or move the head away from the gun). So I remove the string from the trigger, pull it, and walk away with $10.
This illustrates the difficulty with rigid computer-enforced contracts. Clearly, both parties violated the intent of the contract by strict, bloody-minded adherence to its literal terms.
The cleverest, most obfuscated contract writer thus wins against everybody but the cleverest, most analytic contract disassembler.
> Even if it is flawed, the contract never said I couldn't untie or cut the string before pulling it (or move the head away from the gun). So I remove the string from the trigger, pull it, and walk away with $10.
Again, this is not an accurate analogy to the DAO contract, which I could fully inspect, and even theoretically run in a sandbox environment myself.
Your analogy is more akin to what actually happened, which is that people said, "nah, we didn't mean that", and re-tied the string to something else.
I agree that is the current state but if that is going to be the case for time to come, I doubt it will fly as every investor needs to be the cleverest. If nothing is learned by the devs and if all they do is make investers look less angry, this project is not going anywhere.
The same problem exists in non-networked investment vehicles. Clever people can create derivatives and convince less-clever people to buy them, not realizing that the math actually simplifies out to "heads, I win: tails, you lose".
The capital markets industry has never been able to keep clever people from making a little more money for themselves at the expense of a lot of money that would otherwise have gone to investors.
At least with ETH and its future competitors, the specific sort of cleverness that is required to profit is very close to the cleverness that I now possess.
Not saying I'd put a dollar that I can pay actual bills with into ETH right now, just that it seems more approachable to me than traditional investment, barring only the low-fee index funds.
But those are plenty good enough for me right now, as I tend to shy away from games of skill where merely good players are routinely slaughtered by expert hustlers.
The analogy was not to reflect the DAO but for the moral question:
>Do I have a moral obligation to perform a contract that I entered only as a result of fraud?
Further, I acknowledge it is an extreme, and offered a more real world example (which coincidentally includes the opportunity for review)...I represent the contents of a Will to your parent and they sign over everything to me because I told them it would go to you, sure they were on their death bed so it was more practical to rely on my representations (DAO marketing material) than read the Will/contract (DAO code) but they had the opportunity. Also lets assume there was no separate issue of lack of capacity in this example, because the would be a separate legal defense.
Why was the DAO as executed not what they signed up for?
The DAO executed was code. The language used to describe it is immaterial. It's code. To understand what code does, you read the code. Reading just the comments doesn't cut it.
The moral question isn't even interesting. It's irrelevant. We have exactly the same issue with existing legal contracts: if I tell you a contract is one thing, but it actually says something else, and you sign it, then you must perform the contract. It's your responsibility to read the actual contract before signing, not just listen to my description.
The only difference here is that the contract is in code not legalese. There's no moral case to answer. If you can't or won't read the contract then don't f*ing sign it!
>if I tell you a contract is one thing, but it actually says something else, and you sign it, then you must perform the contract.
That is actually the exact opposite of how the law works. If you enter a contract because of someones misrepresentations and you suffer damages as a direct result of those misrepresentations that is fraud and voids the contract.
There certainly could be differences in US and Australian law in this regard.
>I'm not sure I see the point of having words in a contract if it can be voided because someone said something different once...
It is not a simple as a one time statement being inconsistent with the contract, though the could be enough. Also there are many different theories of law I could pursue, but just one example:
Fraud in the Inducement[1]:
1. The defendant made an intentional action, statement, or omission
2. The misrepresentation was material to the decision to enter into a contract
3. The plaintiff reasonably relied on such misrepresentation, and
4. The plaintiff suffered some degree of injury, usually economic harm
And don't get me wrong I understand all the counter arguments as it relates to this single theory of law (but trust me there are more) which including: reliance on the marketing materials/solicitations were not reasonable because the included disclaimers to the effect the marketing materials were not accurate and the contract/code is controlling. In this case I don't think it would matter, because there is no doubt investors relied on these representations from the creators of the DAO including, the DAO was "100% safe", investments were subject to voting, there were safe guards allowing investors to "pull the plug" and get their investments back...not of that was true, was likely the reason investors invested and resulted in damages when it turned out they weren't true.
It appears that Aussie law is similar but different (I'm learning new things!):
An actionable pre-contractual misrepresentation occurs where a party makes a 'false representation' (orally, in writing or by conduct), the representation is one of fact (rather than a statement of opinion of law or a prediction about the future), it must be made to the other contracting party and it must induce the contract. Where established the key remedy is rescission (generally damages are not available unless the misrepresentation constitutes a tort - that is, it is also fraudulent or negligent - in which case tortious (but not contractual) damages may be available). Even where misrepresentation is established there are some limits on rescission - most significantly, if restitution is not possible the right to rescind will be lost. [1]
So yes, in this case, if the DAO contract was induced by a mis-representation of fact about the contract, then it could be rescinded.
I guess this will be an interesting aspect to Ethereum and "smart contracts" - if there is a legal right to rescind them, how does that work? Can you unwind the blockchain transactions to rescind the contract?
Thank you for cross referencing the Australian law, it does seem similar and as you noted the legal issue can trigger additional claims, and the same is true in the U.S.
To take a stab at your questions regarding how such a claim might play out in the U.S. Say investor A put money into the DAO, based on statements in the marketing materials (example "the DAO is 100% secure") and said funds were lost. Investor A could file a law suit in their own jurisdiction, the claims would include but not necessarily be limited to fraud in the inducement, and the parties name might include but not be limited to a) the company who owns slock.it, b) the individual(s) who wrote the code for the DAO, c) the individuals who wrote the marketing materials the investor relied on, and d) the unknown individual(s) who were responsible for writing the smart contract that appropriated the investors funds without a vote (this may sound odd, but it is a regular occurrence typically naming defendant(s) John Doe(s))
Now it is almost impossible to say how the lawsuit would actually unfold. One example, none of the parties answers the lawsuit and the investor plaintiff can obtain a default judgment. In this example, the investor/plaintiff may take the judgment against defendant #1 (company behind slock.it, which I believe is company based out of Germany) and try to have the judgement enforced in Germany. Again I can't say for certain how that would play out. Another example, could be the defendants actually answer and defend the lawsuit, in which case the investor/plaintiff must prove their case at trial (but as we know, judgement can be obtained before trial at a motion like motion for summary judgment, but that would be rare in contract cases) or more generally the parties would settle.
Now I'm just trying to give varying examples, and I can't stress enough this analysis is in no way exhaustive, the various defendants would certainly be able to raise defenses not discussed, the plaintiffs could bring claims not mentioned, and a default against John Doe(s) would be nearly impossible to enforce (unless at some point John Doe(s) identity comes to light. The major take away is the fact that the law provides remedies separate and apart from unwinding the DAO or getting the money back from the john Doe(s) who may likely never be identified.
The funds can be moved through other wallets, or exchanged (or washed), and it is unlikely any exchange is going to keep a constant eye on that potential chain of addresses... also, it is his/her ETC... despite how you see the stories framed.
For starters, it's not even clear if this constitutes theft or just a clever hack in a system that originally claimed "code = law". IIRC, the DAO hacker anonymously published a statement claiming that all the ETH was rightfully his, and any attempts to do otherwise would be met with lawyers.
I last saw this story when the fork looked like it was going to succeed. Did enough people really dig in their heels for the immutable chain that they're going to let the guy get away with robbery? Oh man.
Ah, hardcore libertarians. You're all completely mad, but I won't deny you're consistent.
The issue is more complex than that. The DAO was created and backed by people who are also Ethereum developers, and forking the entire block chain to save what many people consider to be a badly thought out and badly executed experiment is just as dubious as some of the things that were done to save mega-banks in 2008. It's a clear case of moral hazard among other issues.
Many of the people who are backing Ethereum Classic (the non-fork) are doing so because they like the ideas of Ethereum but want it to be truly independent. If the fork succeeds many people take it as a sign that Ethereum is a "proprietary" coin rather than a more open "nobody owns it" system like Bitcoin.
I have no dog in the fight but that's how I understand it.
> as dubious as some of the things that were done to save mega-banks in 2008.
That's a good analogy, but not for the reason you're thinking. The expert consensus on the 2008 bank bailouts is that they had to be done, because letting them fail would've turned the recession into another Great Depression, and that much harder to recover from. Does that mean bailouts are good and proper? No, bailouts are terrible. It means the right way to avoid the moral hazard would have been to better regulate the banks and never have let them get "too big to fail" in the first place.
I feel the same way about Ethereum. The DAO hack was a no-win situation, because these "smart contracts" should never have been created to begin with. They're always going to end up in situations like this, because they involve the affairs of messy, imperfect humans. The correct answer to the DAO mess was never to get into it in the first place.
> The correct answer to the DAO mess was never to get into it in the first place.
I don't think this is true at all. The DAO is (and was) a very cool idea. The only problem was that the code was complex enough that those who casually reviewed it failed to notice the vulnerability that the attacker noticed.
As for the financial crisis, it was a combination of an unexpected event and entrenched interests scrambling to benefit as much as possible from it. By definition, entrenched interests want a continuation of the status quo, and that is what happened. We think about how bad it would have been if some homeowners would have foreclosed, but we fail to think about the people who would have been able to afford a home at a great price.
We also fail to imagine the future crises that were made inevitable by the bailouts. If we wanted bankers to learn, we shouldn't have shielded them from the consequences of their poor decisions.
> The expert consensus on the 2008 bank bailouts is that they had to be done
Of a carefully curated set of worse choices, such as "A: Sit back and watch the banks keep going.", sure.
There are a ton of ways the bailout could have been done that don't involve giving money to the same people who screwed up before. For instance, let those banks fail but insure the individual depositors (trickle-down to insuring individual holders of MBS-backed retirement funds, etc.) and recapitalize a new set of banks.
> because letting them fail would've turned the recession into another Great Depression
Yes, letting all banks fail would. But there's no need to throw the baby out with the bath water.
> It means the right way to avoid the moral hazard would have been to better regulate the banks and never have let them get "too big to fail" in the first place.
Yes, we should try to regulate, but there'll always be new loopholes so we need to stop rewarding the bad actors when, not if, they find a new scam.
> [Smart contract]. They're always going to end up in situations like this, because they involve the affairs of messy, imperfect humans.
And yet your solution is to add another layer of humans?
> The correct answer to the DAO mess was never to get into it in the first place.
Like buying Enron. But not all companies are scams and not all smart-contracts will be ineptly written.
I think there is still a lot of dirt that has yet to be dug up regarding the creation of the DAO. For a decentralised system, it certainly had lots of websites quickly set up to promote itself, the ownership of them seemed (I think?) to lead back to the company Slock.it. The DAO was apparently also promoted on Facebook via paid adverts, yet no-one will admit to funding those. Meanwhile, slock.it were angling themselves to be the main recipients of DAO funds. Luckily, the stupid thing broke before they got their hands on the money.
If the code is the contract as they said, then what the guy did couldn't be robbery. If anything, the people who did the hard fork stole his rightfully earned ethereum.
There is a weird belief-system in the ethereum/DAO chatter that I can't quite place my finger on. Not even sure if "libertarian" covers it.
I've heard it said that these folks are a form social-darwinists who have decreed (in their sandbox) that "code is law" and that, as such, any and all manipulation of the working code is perfectly acceptable without regard to external factors such as ethics, intent, and reasonable behavioral mores.
Its like they've taken the WORST aspects of the real financial systems such as money begetting money, rampant speculation, intractably complex and arbitrary rules, etc and jacked it up to the Nth degree for their monopoly-money world and are now taking it dead seriously (and getting offended when people suggest that their "coins" aren't _really_ worth what they think they're worth-- because, yep, conversion to REAL money is a problem for them).
I like the concept of a crypto currency as a way to exchange goods, services (and possibly contracts), but the players thus far leave me completely turned off.
I think you are missing the point. If the code isn't the law, then what is?
The beauty of a "code is law" system is that its behavior is not subject to human interpretation and human biases... we can run a simulation on a test instance of the VM to test whatever scenario we choose, and we may review code and decide whether or not to trust it.
Systems like this are inherently adversarial. The idea of a "code is law" sort of system is that code could be developed to deal with the myriad adversarial situations in far more efficient and predictable ways than the way humans have historically dealt with them.
Legal uncertainty is a transaction cost and an existential risk in all contracts. In order for Ethereum to avoid this added cost, it would reduce the unpredictability of a contract's outcome. If a hard fork might happen to nullify a transaction, then anyone who is expecting to depend on it must add some uncertainty to his/her portfolio.
There there would still be risk of code bugs in a code-is-law system, but over time contract code would be discovered to be trustworthy in the same way that apache's source code is considered largely to be devoid of major security holes.
Well, in a decentralized distributed system, the "law" may not be clearly part of any jurisdiction, and enforcement may be impossible, making the law somewhat less helpful at resolving disputes.
Well, yeah, there's a reason I included the second paragraph -- it was intended to be directly applicable to the situation at hand, not just a general observation.
Whose law? Your country? My country? The USA, just because? North Korea because they have the most restrictive laws? All unworkable.
Your country's law applies to you, as you use the system, but not to the contracts themselves. If you contract for something illegal you can be tossed in your country's prisons but the contract can't be altered.
>
The idea of a "code is law" sort of system is that code could be developed to deal with the myriad adversarial situations in far more efficient and predictable ways than the way humans have historically dealt with them.
Then this debacle has been a spectacular failure on that front, and given the fact that no system can be perfectly secure, this will happen again in the future.
Everyone in the space who was paying attention knew the DAO was likely to be a debacle, which is a major secondary reason that many people opposed forking to save it. This is what moral hazard looks like in the world of cryptographic "smart contracts".
Well, clearly, the folks involved have not bothered to "run a simulation" to have predicted the situation where someone has made money out of nothing. He didn't "mine" it, he didn't invest it, he didn't exchange goods or services for it. He merely exploited an unforeseen complexity to his benefit and everyone else's detriment.
And that's the core reason this rubs people the wrong way: it smells like financial shenanigans. We don't like it when people do that stuff in real life, and we don't like it when it happens in a "funny-money" system that deigns to become serious.
The good news is that (as far as I can tell) no serious real money has been poured into or out of this system. If it has, the money was hopefully treated as a highly speculative investment-- thrill money if you like. Not counting Watt-hours and personal time as money, obviously.
> Ah, hardcore libertarians. You're all completely mad, but I won't deny you're consistent.
The key point is that while laws may be minimally, moderately, or highly flawed, the rule of law is the idea that we should have a proper way of changing them to prevent future events, not just decree one person an evil hacker and a group of other people victims.
The hard fork is like if a no parking sign was installed on a street and tickets were issued to everyone who had parked there the previous year, before the sign was in place.
Putting up the sign is not a problem, nor is enforcing the rule post-sign, the problem is making a decree that impacts what happened in the past.
A ban on ex post facto law is such a core concept in Western civilization that it's pretty shocking anyone would actually think such a rule is a good idea.
I suppose one thing that is a universal among humans is the strong desire to form corrupt groups to extract wealth from human systems.
>A ban on ex post facto law is such a core concept in Western civilization that it's pretty shocking anyone would actually think such a rule is a good idea.
Not really a fair comment IMHO. Western Civilizations also have the core concept that intent matters and that not every potential conflict/problem can be foreseen. Thus, you have vaguely worded laws that are subject to human interpretation (courts).
I understand that ETH billed itself as being above all that. So I can see why some are justifiably upset. I just think your comment about ex post facto law is a little misleading given that there is, in fact, a great deal of wiggle room afforded to the courts in the West.
While I think smart contracts are somewhat modeled after Western courts, the beauty of them is that they are predictable and deterministic. Doing various sorts of forks is quite messy, so perhaps the ideal smart contract system would have another layer between VM and forking.
I think the most interesting part of the DAO story is the 'white hat hackers' situation. Prior to the fork, these people also hacked the DAO, basically stealing all the remaining ETH that the original attacker had failed to take. It was justified at the time because they claimed to be a 'robin hood group', trying to save the money of DAO victims.
However, now the fork has happened, these same hackers have vanished, or disavowed anything to do with the hacking, despite the fact that they now control millions of dollars worth of other people's money. They 'stole' from the rich but now don't want to let go of their takings. I wonder how they try to justify their action/inaction now?
I was chatting in the DAO slack chatrooms early on ( before any of this hacking news ). I was looking to legitimately fund a company using the DAO software ( still looking for funding... )
Pretty much every developer there told me the thing was unsafe, untested, and should not be used for any real business ( yet ).
Ironically, many of them used that same answer as a justification for why a hard fork of Ethereum was reasonable... But clearly if there had been many investments and some had gone well and others poorly, the idea that it was a "practice round" and should be reversed would have been met with laughter.
I don't see this often discussed, but the DAO always seemed pretty shady, even prior to the hack. This was a system meant to function as an autonomous investment platform, but I couldn't find any details that explained exactly how the recipients of the investment funds were meant to be held accountable for the money they received. Ultimately, the eth would have needed to be cashed out into spendable money so that the business could pay for expenses and grow the company, but an eth contract is incapable of forcing the company to put fiat money back into the DAO and it's not a stretch to imagine a situation where the recipients do not agree to use the money in a fashion that is entirely inline with the intent of the investors or even fulfill any of the obligations stipulated as conditions of the investment.
This was a scam waiting to happen even if the contract did function as intended by the authors.
>This was a scam waiting to happen even if the contract did function as intended by the authors.
I have said this from the beginning. From a purely logical point as a potential investor, you should ask yourself, why would an autonomous investment platform (borrowing your phrasing) require all the funds up front?
In other words, look at kickstarter/gofund me, how skeptical would everyone have been if they asked for investors money before there was even an investment opportunity? Even with the fork, I think they should have returned everyone's money to them, and allow them to buy membership/voting right to the DAO for a nominal fee that would allow them to invest in future investment opportunities.
Indeed. It seems to me that the only concern was building hype for the DAO (in order to solicit further investments) and ethereum in general. I kept seeing claims about how smart contracts would enable autonomous corporations to pay employees and run factories and other clearly impossible things, everyone was so excited about the possibilities that nobody sat down to critically examine what is actually possible.
That wasn't insurmountable. First, most people thought of small kickstarter projects where social pressure would be enough and if the contract lost a few k$ here and there it wouldn't matter.
But the ultimate answer is that the company receiving the money could be bound by their country's law to do whatever they said they'd do. Presumably people would only vote to give them large amounts if they were accountable.
Right... that's precisely my point. The smart contract aspect adds no value to the arrangement, all it does is increase complexity and add the risk of stolen funds.
Meat-space is no guarantee of contract-performance. It replaces one set of risks with another.
There's risks of theft and mismanagement of funds in crowd-funding companies. Payment has risk - Paypal has frozen and seized many individual and project accounts, credit card companies are forbidden to let you donate to Wikileaks, etc. And hackers could still steal or burn some or all funds. And there's essentially no useful recourse here either. Sometimes the courts get revenge for us, but we're still usually out of pocket.
And a smart-contract with shares would offer a ton of features "for free". People could transfer ownership of their support (and the perk it represents), for example. And users could have total control of their promised funds until each phase comes due, via an escrow with an agent they trust.
As many people have noted, there was no need to pre-fund a crowd-funding site - it was just a novelty that people got silly with. A serious cloud-funding site could be a separate contract for each project. Without a single fat target and without any of the split-the-contract complexity.
This DAO bug-bounty is encouraging simple contracts more amenable to proof.
>Meat-space is no guarantee of contract-performance. It replaces one set of risks with another.
This is a false equivalency. "Meat-space" contracts aren't executable programs that can unexpectedly, anonymously, and irreversibly drain your bank account of 100 million dollars based on a legal technicality. In "meat-space" the legal system would have very easily halted this insanity instead of forking the entire banking system to evade the consequences of a single agreement. Smart contracts provided no benefit but severe consequences when the risks materialized.
There's risks of theft and mismanagement of funds in crowd-funding companies.
This is another false equivalency, "theft and mismanagement" is always a risk when you're lending people money, that's not the problem; the issue is smart contracts which add the additional risk of random hackers stealing all your money with impunity, a risk not present in "meat-space".
>* Paypal has frozen and seized many individual and project accounts*
Irrelevant.
> credit card companies are forbidden to let you donate to Wikileaks
Irrelevant.
> And hackers could still steal or burn some or all funds. And there's essentially no useful recourse here either. Sometimes the courts get revenge for us, but we're still usually out of pocket.
This is totally wrong. That kind of thing just doesn't happen. If a hacker steals your money the bank has an obligation to make you whole and the courts will absolutely see to it that you are made whole, especially if we're talking about hundreds of millions of dollars.
> And a smart-contract with shares would offer a ton of features "for free". People could transfer ownership of their support (and the perk it represents), for example. And users could have total control of their promised funds until each phase comes due, via an escrow with an agent they trust.
I've already explained why it's not "for free", but you haven't demonstrated "tons of features". Escrows and agents already existed long before smart contracts, so that's not a useful feature.
The bottom line is, smart contracts are an absurdly complex solution looking for a problem, of which some probably exist, but the DAO was not an example of one.
> If a hacker steals your money the bank has an obligation to make you whole and the courts will absolutely see to it that you are made whole
I didn't say the hackers would steal it from the bank, but even so that wouldn't matter.
Banks have no legal obligation except in a very few cases of certain types of card misuse. And how do the courts make you whole when hackers have sent money to Russia?
> especially if we're talking about hundreds of millions of dollars.
No, only if you're talking about hundreds of billions. Small and medium theft is ignored, large theft and incompetence may be bailed out if you'll take someone down with you.
> In "meat-space" the legal system would have very easily halted this insanity
This one slow-motion train wreck? Sure. Well, maybe. Unless the attacker had done something across jurisdictions, etc. Then it'd be years before anything, even freezing an account, could be done.
> "theft and mismanagement" is always a risk when you're lending people money
No, you don't get it. The point is to remove Kickstarter, etc. The projects themselves are still an issue of course, but that's at least the point of the exercise.
>>* Paypal has frozen and seized many individual and project accounts*
> Irrelevant.
Not at all, it's one of the risks inherent in the classical system. Every third project has a horror story about frozen funds and that's not counting what the individuals themselves go through before they donate.
>> credit card companies are forbidden to let you donate to Wikileaks
> Irrelevant.
Only if you wouldn't donate to WikiLeaks or a related project. But yeah, I can see how that wouldn't interest you.
> Escrows and agents already existed long before smart contracts, so that's not a useful feature.
Not trusted escrow, your funds could be frozen for reasons like donating to WikiLeaks, or simply stolen from the agent.
> but you haven't demonstrated "tons of features".
No, you haven't acknowledged them. You're a thirsty equine by a large body of water but I can't do this last bit for you.
> I didn't say the hackers would steal it from the bank, but even so that wouldn't matter.
Well that's what I'm talking about because that's what happened with the DAO and what happens quite regularly to blockchain wallets. If the DAO money was pooled into a bank account instead of on the eth blockchain then the money would not have been stolen by a hacker - end of story. The banking system also has additional measures in place to ensure that large unauthorized transactions can be quickly noticed and reversed, even across international boundaries, I know this first hand because I've personally reversed international bank transfers of much less than 100 million USD.
> No, you don't get it. The point is to remove Kickstarter, etc. The projects themselves are still an issue of course, but that's at least the point of the exercise.
I'm afraid you're the one who doesn't get it, my point is that "removing Kickstarter etc" is of dubious benefit because Kickstarter style businesses work just fine 99% of the time without the added risk of a hacker stealing everyone's money with complete impunity.
> it's one of the risks inherent in the classical system. Every third project has a horror story about frozen funds and that's not counting what the individuals themselves go through before they donate.
Having your money temporarily frozen by paypal is not even close to the same thing as having it permanently stolen by hackers.
> Only if you wouldn't donate to WikiLeaks or a related project.
This has nothing to do with my point which is "smart contracts add risk with nearly zero benefit". If you want to send bitcoin to wikileaks, nobody cares, that has nothing to do with pooling your money into a smart contract.
> No, you haven't acknowledged them. You're a thirsty equine by a large body of water but I can't do this last bit for you.
This is becoming absurd. Your list of features is literally two vague sentences.
1. "People could transfer ownership of their support (and the perk it represents)."
2. "Users could have total control of their promised funds until each phase comes due, via an escrow with an agent they trust."
--
#1. The utility is unclear. Why is this useful and why do you think this isn't already possible with a centralized system.
#2. Smart contract is not necessary for escrow.
Smart contracts do not make things better, they just add complication and risk.
This all reminds me of what happened to VeriCoin and the MintPal heist. A hacker stole millions in coins, but the devs of VeriCoin rolled it back and in one fell swoop stopped one theft but cut the floor out from under themselves.
What's needed is a cryptocurrency that cannot, under any circumstances, be rolled back. Otherwise crypto is a fiat currency just like all other modern currencies that can be manipulated.
Countries have hard-forked cash to invalidate large thefts.
> When Iraq invaded Kuwait in 1990, the Iraqi dinar replaced the Kuwaiti dinar as the currency and large quantities of banknotes were stolen by the invading forces. After liberation, the Kuwaiti dinar was restored as the country's currency and a new banknote series was introduced, allowing the previous notes, including those stolen, to be demonetized.
> the Central Bank of Kuwait (CBK) announced the withdrawal of Kuwaiti Dinar currency notes issued and placed in circulation up to August 1,1990, and the issue of currency notes of the new design against those notes withdrawn. The Bank also announced that they will not accept certain series of old Kuwaiti Dinar currency notes in different denominations in exchange of new currency notes so issued. The final date for the conversion into new design notes of valid old Kuwaiti Dinar currency notes, held abroad by individuals and banks was 30.09.91.
Oh yeah, that's a good point. Apparently something similar happened in Northern Ireland; the IRA stole enough money that the bank just printed new versions of the affected denominations: https://en.wikipedia.org/wiki/Northern_Bank_robbery
I've once heard an argument that one of the desirable properties of the legal system is that its decisions, even if bad, are considered as final by everyone. This sounds kinda similarly.
Ultimately, there's no such thing. A blockchain is simply a data structure that keeps you from editing it in place by changing old entries. If we agree to rewrite it, we agree...
And some forks are done simply by having the majority of the clients (or processing nodes at any rate) agree to make certain things invalid. Such as an attacker's loot address, etc. The chain is all there, unedited, but no longer has the same effective meaning.
We really need a community that rejects these proposals the same way they'd reject photocopied money.
133 comments
[ 4.1 ms ] story [ 59.9 ms ] threadThe catch is that there is no guarantee you come out ahead, like there would normally be with a double spend. The fork resulted in a price drop (That has now somewhat recovered), and ETC is not worth nearly as much as ETH (About a 10:1 ratio). So ETC+ETH is really not worth much more then ETH was originally before the fork, if it is at all - even if you spend both, you probably didn't make any money on the fork itself.
But the price dropped, so if you had $1 in the ETH(old) then now you have $0.80 in ETH(new) and $0.2 in ETC, so you didn't get free money, only free tokens that you can try to exchange for money in the right place.
(Actually, I guess that the sum after the split is lower because some investor ruined away, so the numbers can be $1->$.7+$.2 or something.)
And beware that since both have the same underlaying technology, then some can copy some transactions from one blockchain to the other, because the signature to transfer the coins is the same in both chains. The solution is to make two "tainted" versions of the coins that are disallowed to transfer in the other chain. Read the sibling comment about the "splitter function".
Though of course only one (ETH) is the 'official' Ethereum chain. But that in and of itself is being debated.
It was supposed to be a vote on whether to fork or not, then leave the deprecated chain behind. The vote for the fork succeeded, and all the developers of Ethereum and 99% of the developers for apps on the chain have decided to go with the vote. Everything is being done on the main chain, ETH, Ethereum. The old deprecated chain is now called ETC, they named themselves Ethereum Classic.
It's certainly fun to watch the fallout...
They aren't at all. Immutable smart contracts are the basis of ETC and not ETH. It's only one difference, but it's a difference as fundamental as the difference between gold and dollars.
ETH is now a centralized currency. I have trouble seeing any purpose to using ETH now that it's centralized, given that existing centralized money/contract systems are much more mature. But given both ETH and ETC are too buggy for me to use, I've no skin in the game, so I'm happy to wait and see if some benefit to a centralized cryptocurrency emerges that I wasn't aware of.
Again though, I think the design of both cryptocurrencies is prohibitively error-prone, so it's kind of a moot point.
If you prefer ETC, you trade all your ETH for ETC, and vice versa. The "winner" is the currency with the higher valuation, but everyone can still use whatever fork they prefer.
The DAO contract was neither hacked nor broken. This individual used the features and functions of the contract in unexpected ways, but ways that were legitimate nonetheless.
Certainly it was the case that ethereum contacts were advertised as immutable and beyond reproach, but if you bought into that, well... you'd be making the same error you see in your ideological opponents!
It is a separate question whether ethereum contacts ought to be immutable, but that requires a different type of argument.
Sadly, the DAO had major bugs and the time to do something about them was before it launched.
It's not the end of the world, though it does place Ethereum in the category of "easily corruptible human organizations" which makes it largely ineffective for the sorts of things that made it most exciting.
Ethereum may become more distributed which would make this sort of consensus more difficult to achieve, or it may be replaced by something that has a more corruption-resistant governance structure.
The basic idea underlying the holocaust, the Iraq war, and pretty much any human atrocity is that the ends justify the means. This is exactly the argument that hard forkers made. But, much like the Iraq war, the president should not have ever had the sole discretion to launch a war, nor should such a small number of interested people have the ability to launch a hard fork.
Apologies for the hyperbole, but I think it's helpful to illustrate the core issue.
Ends justifies the means is just a fancy way of saying that the cost/benefit analysis is favorable to the decider. That is a sane decision making framework. Presumably, you just disagree with the assesment of the cost.
I think it's more accurately defined as the decider acknowledging that the costs are not something he/she would typically approve of, but the desired or touted ends are so worthwhile for everyone (as determined by the decider on behalf of everone) that it's worth doing.
In other words, an un-democratic greater good argument. It turns out that there was majority consensus among ETH miners to do a hard fork, but only after the Ethereum maintainers signaled their bias by researching and writing the hard fork code.
This is not the case. There was not a bug in the Ethereum "system", it was a bug in the Slock.it smart contract code ONLY.
The smart contract code behaved exactly as written. There is nothing to interpret. Those who invested in that smart contract invested in it as written, and failed to have it properly vetted. Think of the fraud that is possible with poorly vetted contracts... It's absurd to think that rewinding the tape is any sort of legitimate remedy for code bugs in smart contracts.
What about the plain language of the marketing materials soliciting investment that was completely inconsistent with the code of the DAO.
It happens all the time in the world outside of smart contracts, where people rely on marketing materials (say marketing a car loan for 4%, but the contract provides for a substantially higher interest rate). You can make the same argument in those cases, that the individual should have read an understood the actual contract and not relied on the marketing material, in fact, the marketing material might even include a disclaimer, but that doesn't change the fact that the individual is likely to prevail in a court of law based on causes of action including, but not limited to: fraud, fraud in the inducement, unfair trade practices, unjust enrichment, breach of contract, etc...
What makes smart contracts so special that people can falsely market them to the public and not be liable?
There's nothing unjust, you have the same rights under the contract as they do, they didn't use insider knowledge, etc.
3rd party beneficiaries of contracts get sued all the time. Just to put it into perspective, you and I enter a contract where you give me $x to invest in Y, instead of investing in Y, I just give the money to a 3rd party who may not even be mentioned in the contract, the law would most certainly allow you to go after both the third party and myself.
Unjust enrichment is a legal term or art and a cause of action, not your or my definition of unjust. Here are the elements of unjust enrichment:
(1) a benefit conferred upon a defendant by the plaintiff,
(2) the defendant’s appreciation of the benefit, and
(3) the defendant’s acceptance and retention of the benefit under circumstances that make it inequitable for the defendant to retain it without paying the value of the benefit.
In other words when the 3rd party assumes your investment funds, all elements would be satisfied, whether or not they are a party to the contract.
> under circumstances that make it inequitable [...]
But if that's what the contract clearly said, where would the injustice be?
In lotteries one person walks away with all the money so that alone isn't enough.
Said in plain english, in the same privileged voice that discussed their intentions.
They were careful to state that if the code and their wishes/statements disagreed, that the code was the authoritative answer.
The Technological-Savvy-Investor (you called them a hacker) was induced to play a code-based Nomic for real money but was then cheated out of their prize by the conniving and dishonest administrators.
Why put words in my mouth?
>They were careful to state that if the code and their wishes/statements disagreed, that the code was the authoritative answer.
It what other area of contract law are people allow to solicit investment based on false representations/marketing and hide from liability based on a disclaimer that the marketing materials may be inconsistent with the contract? I appreciate that they had the foresight to realize their code was likely to execute in unexpected ways or at least ways inconsistent with their marketing/solicitation and they made those disclaimers, but it isn't novel in law where contracts are inconsistent with marketing material (which even disclose the potential inconsistency).
The only false representations I've seen have been from the Ethereum developers: by hard-forking to change the terms of the DAO, they have misrepresented Ethereum to everyone who invested in its ICO.
EDIT: I'm more interested to know whether or not the DAO "attack vector" was placed there intentionally. Then you might be able to argue that the developers acted in bad faith.
Yes, but again this is not unique to the DAO. Moreover, it occurs all the time that marketing materials are put out with disclaimers that the marketing material is just that marketing material and that any inconsistencies between the marketing material and the contract, the contract prevails. It doesn't always make it so and there is good public policy reason why.
My analogies are always kind of shot down as it relates to the DAO, but I think they help flush out the legal reasoning. How about valeting your car, obviously there is an implied contract that you will pay the fee and get your car back (maybe even a verbal representation, "just bring the stub back and we will pull your car around") but what if the stub includes language (as they do) that you agree the valet will not be responsible for stolen property and then they don't bring your car back. Who knows who took your car? Maybe the valet, maybe the valet gave the keys to someone else, maybe someone legit broke in and stole your car without the valet being aware... even though you agreed to the contract/terms of the valet ticket it does not become a contractual right for valet to take your car, they could still be liable (potentially criminally in addition to civilly).
Moreover, representations remain false even with disclaimers acknowledging the representation may be false.
I don't deny this, and I agree in the general case. However, I haven't see any case where the DAO marketing materials did not state that the code was the terms and conditions. This was, after all, its defining feature. The marketing materials and public information were practically bragging about this, and all pointed to the contract state on the Ethereum blockchain so you could see for yourself.
> My analogies are always kind of shot down as it relates to the DAO, but I think they help flush out the legal reasoning. How about valeting your car, obviously there is an implied contract that you will pay the fee and get your car back (maybe even a verbal representation, "just bring the stub back and we will pull your car around") but what if the stub includes language (as they do) that you agree the valet will not be responsible for stolen property and then they don't bring your car back. Who knows who took your car? Maybe the valet, maybe the valet gave the keys to someone else, maybe someone legit broke in and stole your car without the valet being aware... even though you agreed to the contract/terms of the valet ticket it does not become a contractual right for valet to take your car, they could still be liable (potentially criminally in addition to civilly).
It sounds like you're getting at the officious bystander test. The thing is, when the whole community of developers and investors were going on and on about how the code is law, the answer to the question "Should the Ethereum developers intervene if the code does something we don't like?" could very easily have been answered by all parties with a resounding "NO!".
I encourage you to search through the Ethereum subreddit during the DAO's ascension, for example. You'll find cases where people were asking about what to do in this very situation, and the answer has consistently been to the effect of "whatever the code executes will be the outcome."
> Moreover, representations remain false even with disclaimers acknowledging the representation may be false.
Please point out a single case where the developers solicited investment using a false representation of the DAO. They were very clear, very open, and very loud about the fact that the code itself was the contract terms and conditions. The code is open-source as well, and lives on the Ethereum blockchain.
Honestly, I'm having a very hard time not seeing this as a bunch of investors losing money for their failure to do due diligence. Especially since the flaw that lead to the DAO's undoing was published years beforehand, in two places [1] [2]. Maybe there's a case for negligence to be made against Slock.it, but it sounded like they were otherwise clear, up-front, and honest about what it was they were soliciting investments for.
[1] https://github.com/LeastAuthority/ethereum-analyses/blob/mas...
[2] https://forum.ethereum.org/discussion/comment/42100
I was replying to the wrong post. I had wanted to make it clear that we were discussing the same person.
Amusingly, I did it explicitly to avoid the OP thinking I was putting words in their mouth.
> In what other area of contract law are people allow to solicit investment based on false representations/marketing and hide from liability based on a disclaimer that the marketing materials may be inconsistent with the contract?
The "code is law" was the main point of the marketing. They repeated it constantly.
> it isn't novel in law where contracts are inconsistent with marketing material
What was the inconsistency? That their goals didn't come true?
No problem, though we clearly arrive at different conclusions, I thought we were having a interesting conversation.
>The "code is law" was the main point of the marketing. They repeated it constantly.
To be a little pedantic that is a misrepresentation as code isn't the law, "law is law", at best "code/DAO is contract" (not the marketing material). Nevertheless, I am not denying their disclosures/disclaimers all along, just that legally the contract will not supersede inconsistent representations.
>What was the inconsistency?
Just to pull some statements from the DAO white paper:
"the DAO Token Holders can elect to ‘pull the plug’ on the Contractor at anytime and for any reason. This is a major advantage as it considerably minimizes risk."
-In the case of the contract that took the funds, the token holders, were not able to pull the plug (unless you consider the fork pulling the plug, but that is what most people are complaining about, but it was the intent for token holders to have - what I will call - this contractual right).
"This standard DAO framework is simple, decentralized and 100% secure."
-Again I believe where I say the funds were not secure because they were taken, I know the other side of the coin is that funds at all times were 100% secure because they were intended to be taken since that is what the code allowed. However, why even mention 100% secure, when really what they meant was what ever happens to your funds (invested, taken without being invested, etc...) you consented to contractually.
"The first, an informal vote on whether a DAO would like to switch Curator or not. The second, a confirmation vote to give a chance to DAO Token Holders to confirm the result of the first vote, or a chance for the minority to ‘split’ their DAO into two and retain control over their ETH."
-The whole concept of voting discussed at length (not the quote I gave above) is a misrepresentation, because investor funds were taken without their vote, and the protections (above) were not actually available to the investors. Unless, again you consider the fork the protection discussed in the white paper, but we know the objections to that.
>DAOs are formed by groups of like-minded individuals with specific projects and goals in mind.
The DAO/smart contract that took investor funds didn't include specific projects with goals in mind by like minded people, it siphoned off investor funds without consent/voting on the specific proposal or the protections as included in the white paper.
Which is already an overloaded term though. Personally I'm giving gravity precedence here as a law, and CFAA only second points...
In that sense, law is a precise and reliable description of what will happen. At that, the code is law. It diagrams (though obviously not clearly) the allowed states for the system.
But, that's just semantics. We know what they meant.
> "This standard DAO framework is simple, decentralized and 100% secure."
Rofl, 0 out of 3 isn't that good... But the issue is if those are actionable. Decentralized is the only objective claim there and it's trivially wrong. The rest have no standard in law that I know of.
Anyways though, they were totally and hilariously wrong, but I don't think they misrepresented the nature of the deal.
> However, why even mention 100% secure, when really what they meant was what ever happens to your funds (invested, taken without being invested, etc...) you consented to contractually.
Well, because most of these things (human endevours) have been destroyed by theft and fraud. We've got thousands of years of being suckered into trusting people and we're still screwing that up so there isn't much hope down that path. Being screwed by a smart contract is a pleasant change. :D
I'm talking about the purported duplicity of the DAO founders. I think that they were naive, but clear in their statements. Their goal for the DAO was X, Y, and Z, but that it was enforced by code - not by their stewardship. And boy was that right.
I don't think they hid the facts from anyone.
Good point about the Nazis though. Many people forget that and fall back to legality as a defense, even still.
This is indeed an interesting question. I think the obvious answer is nothing... Nothing makes them different.
Unless they are executed in a way that makes traditional enforcement methods useless. Which jurisdiction will legal enforcement occur in? Who has the ability to reverse the outcome of the contract?
This is both the horror and the beauty of decentralized smart contracts.
The plain language marketing was that "the code is law". This was repeated many times in many ways and with cute little gifs, but most explicitly
https://web.archive.org/web/20160704190119/https://daohub.or...
"Any and all explanatory terms or descriptions are merely offered for educational purposes and do not supercede or modify the express terms of The DAO’s code set forth on the blockchain; to the extent you believe there to be any conflict or discrepancy between the descriptions offered here and the functionality of The DAO’s code at 0xbb9bc244d798123fde783fcc1c72d3bb8c189413, The DAO’s code controls and sets forth all terms of The DAO Creation. "
> What makes smart contracts so special that people can falsely market them to the public and not be liable?
This is a separate question that should be addressed.
There is absolutely no reason to type like this.
It boggles the fucking mind that they didn't run a small-scale test, with enough money to make it worthwhile for people to test the contract, but not so much that it would have created all of this drama.
Spending $10,000 to test a project that I've heard is worth $150 million seems like a no-brainer decision.
The issue was a semantic bug in the code, which was exploited by an unanticipated usage pattern. It is hard to catch this kind of error with testing, since the programmer is usually the one writing the test.
It is also (often) hard to catch subtle semantic bugs in code review too, unless the reviewer is looking for a known pattern of semantic bug.
There are some interesting things happening as a result -- formal verification, etc., but I am hoping that we end up seeing the emergence of an insurance market on smart contract behavior...
"Here's a box, it has $10,000 in it. If you break it, you get $10,000 worth of Ethereum."
Ahh. Yes, that would have been an excellent thing to do. Even a binary future on "will the DAO be hacked" would have quickly revealed (via its price) the true risk, well before the dollar figure got so high.
Even calling an SQL injection or buffer-overflow with malware payload a hack misses the point.
This is just an extreme example because there weren't invalid inputs, etc. Everything was used as intended but the intentions weren't very well thought through.
Broken, is an interesting choice of words, because by your very definition the DAO could never be broken it simply is whatever the code says it is, thus could never be broken.
However, as much as some people want to claim the DAO as executed is exactly what investors contracted for, it is not. The creators of the DOA solicited investment based on marketing material in plain language that was entirely inconsistent with the code of the DAO. Under the law one can't market and solicit investment based on representations that are untrue...that is fraud and but for the false representations many/if not all investors would not have invested. Moreover, it is generally not enough to include a little disclaimer at the end of the marketing material acknowledging the marketing may not be accurate and that the investors are investing at their own risk and in the DAO "as-is".
If you're using Ethereum, you're implicitly buying into the "the code is the contract" philosophy; it's 100% 'caveat emptor'.
I am no moral authority, though I certainly have my opinions. I think the moral question breaks down to the following:
1. Do I have a moral obligation to perform a contract that I entered only as a result of fraud?
Let me ask you, what if you and I enter a contract where I will pay you $10 to pull a string of my choice and you agree. After you enter the contract I show you the string and it is tied off to a trigger on a gun pointed to someones head, does the contract ethos morally override my unfair disclosure? That is obviously an extreme, but how about if you had a elderly parent who was on their death bed and I told your parent the Will makes you the sole beneficiary but it really made me the sole beneficiary, would you have a moral obligation to allow the Will/contract to stand that overrides your complaint about unfair representations?
At the end of the day, people signed up for the DAO, but the DAO as executed was not what they signed up for, no matter how much people say that is the entire point of the DAO. If it were me I would feel no moral obligation to accept my losses as if it were losses based on a legitimate investment opportunity that simply didn't perform. I think people must determine for themselves what is moral, and while keeping ones word and fulfilling contractual obligations is a moral issue, it applies to all parties (the solicitor and investor), and that is why the law doesn't permit fraud, deceptive and unfair trade practices, contracts with minors, contracts with people who lack capacity to understand them, unjust enrichment, etc...
I think this analogy is very flawed, because I could inspect the DAO code before investing in it. The string doesn't lead off-stage.
This illustrates the difficulty with rigid computer-enforced contracts. Clearly, both parties violated the intent of the contract by strict, bloody-minded adherence to its literal terms.
The cleverest, most obfuscated contract writer thus wins against everybody but the cleverest, most analytic contract disassembler.
Again, this is not an accurate analogy to the DAO contract, which I could fully inspect, and even theoretically run in a sandbox environment myself.
Your analogy is more akin to what actually happened, which is that people said, "nah, we didn't mean that", and re-tied the string to something else.
The capital markets industry has never been able to keep clever people from making a little more money for themselves at the expense of a lot of money that would otherwise have gone to investors.
At least with ETH and its future competitors, the specific sort of cleverness that is required to profit is very close to the cleverness that I now possess.
Not saying I'd put a dollar that I can pay actual bills with into ETH right now, just that it seems more approachable to me than traditional investment, barring only the low-fee index funds.
But those are plenty good enough for me right now, as I tend to shy away from games of skill where merely good players are routinely slaughtered by expert hustlers.
>Do I have a moral obligation to perform a contract that I entered only as a result of fraud?
Further, I acknowledge it is an extreme, and offered a more real world example (which coincidentally includes the opportunity for review)...I represent the contents of a Will to your parent and they sign over everything to me because I told them it would go to you, sure they were on their death bed so it was more practical to rely on my representations (DAO marketing material) than read the Will/contract (DAO code) but they had the opportunity. Also lets assume there was no separate issue of lack of capacity in this example, because the would be a separate legal defense.
What is your moral obligation?
We have no reason to think that Slock.it took the currency, or intended to (unfairly) get any share of it. Their statements look stupid but honest.
A better question would involve: "... but without me knowing, the banks simultaneously crashed, devaluing our currency so the payout is worthless ..."
The DAO executed was code. The language used to describe it is immaterial. It's code. To understand what code does, you read the code. Reading just the comments doesn't cut it.
The moral question isn't even interesting. It's irrelevant. We have exactly the same issue with existing legal contracts: if I tell you a contract is one thing, but it actually says something else, and you sign it, then you must perform the contract. It's your responsibility to read the actual contract before signing, not just listen to my description.
The only difference here is that the contract is in code not legalese. There's no moral case to answer. If you can't or won't read the contract then don't f*ing sign it!
That is actually the exact opposite of how the law works. If you enter a contract because of someones misrepresentations and you suffer damages as a direct result of those misrepresentations that is fraud and voids the contract.
I think you're talking about a retail position maybe? Or possibly there's differences between US and Australian law in this regard.
I'm not sure I see the point of having words in a contract if it can be voided because someone said something different once...
>I'm not sure I see the point of having words in a contract if it can be voided because someone said something different once...
It is not a simple as a one time statement being inconsistent with the contract, though the could be enough. Also there are many different theories of law I could pursue, but just one example:
Fraud in the Inducement[1]:
1. The defendant made an intentional action, statement, or omission
2. The misrepresentation was material to the decision to enter into a contract
3. The plaintiff reasonably relied on such misrepresentation, and
4. The plaintiff suffered some degree of injury, usually economic harm
And don't get me wrong I understand all the counter arguments as it relates to this single theory of law (but trust me there are more) which including: reliance on the marketing materials/solicitations were not reasonable because the included disclaimers to the effect the marketing materials were not accurate and the contract/code is controlling. In this case I don't think it would matter, because there is no doubt investors relied on these representations from the creators of the DAO including, the DAO was "100% safe", investments were subject to voting, there were safe guards allowing investors to "pull the plug" and get their investments back...not of that was true, was likely the reason investors invested and resulted in damages when it turned out they weren't true.
[1] http://www.legalmatch.com/law-library/article/fraudulent-ind...
An actionable pre-contractual misrepresentation occurs where a party makes a 'false representation' (orally, in writing or by conduct), the representation is one of fact (rather than a statement of opinion of law or a prediction about the future), it must be made to the other contracting party and it must induce the contract. Where established the key remedy is rescission (generally damages are not available unless the misrepresentation constitutes a tort - that is, it is also fraudulent or negligent - in which case tortious (but not contractual) damages may be available). Even where misrepresentation is established there are some limits on rescission - most significantly, if restitution is not possible the right to rescind will be lost. [1]
So yes, in this case, if the DAO contract was induced by a mis-representation of fact about the contract, then it could be rescinded.
I guess this will be an interesting aspect to Ethereum and "smart contracts" - if there is a legal right to rescind them, how does that work? Can you unwind the blockchain transactions to rescind the contract?
[1] http://www.australiancontractlaw.com/law/avoidance-misleadin...
To take a stab at your questions regarding how such a claim might play out in the U.S. Say investor A put money into the DAO, based on statements in the marketing materials (example "the DAO is 100% secure") and said funds were lost. Investor A could file a law suit in their own jurisdiction, the claims would include but not necessarily be limited to fraud in the inducement, and the parties name might include but not be limited to a) the company who owns slock.it, b) the individual(s) who wrote the code for the DAO, c) the individuals who wrote the marketing materials the investor relied on, and d) the unknown individual(s) who were responsible for writing the smart contract that appropriated the investors funds without a vote (this may sound odd, but it is a regular occurrence typically naming defendant(s) John Doe(s))
Now it is almost impossible to say how the lawsuit would actually unfold. One example, none of the parties answers the lawsuit and the investor plaintiff can obtain a default judgment. In this example, the investor/plaintiff may take the judgment against defendant #1 (company behind slock.it, which I believe is company based out of Germany) and try to have the judgement enforced in Germany. Again I can't say for certain how that would play out. Another example, could be the defendants actually answer and defend the lawsuit, in which case the investor/plaintiff must prove their case at trial (but as we know, judgement can be obtained before trial at a motion like motion for summary judgment, but that would be rare in contract cases) or more generally the parties would settle.
Now I'm just trying to give varying examples, and I can't stress enough this analysis is in no way exhaustive, the various defendants would certainly be able to raise defenses not discussed, the plaintiffs could bring claims not mentioned, and a default against John Doe(s) would be nearly impossible to enforce (unless at some point John Doe(s) identity comes to light. The major take away is the fact that the law provides remedies separate and apart from unwinding the DAO or getting the money back from the john Doe(s) who may likely never be identified.
ETC reddit[0] and ETH reddit[1] can provide some information for those interested in the debate.
[0]: https://www.reddit.com/r/EthereumClassic/ [1]: https://www.reddit.com/r/ethereum
Ah, hardcore libertarians. You're all completely mad, but I won't deny you're consistent.
Many of the people who are backing Ethereum Classic (the non-fork) are doing so because they like the ideas of Ethereum but want it to be truly independent. If the fork succeeds many people take it as a sign that Ethereum is a "proprietary" coin rather than a more open "nobody owns it" system like Bitcoin.
I have no dog in the fight but that's how I understand it.
That's a good analogy, but not for the reason you're thinking. The expert consensus on the 2008 bank bailouts is that they had to be done, because letting them fail would've turned the recession into another Great Depression, and that much harder to recover from. Does that mean bailouts are good and proper? No, bailouts are terrible. It means the right way to avoid the moral hazard would have been to better regulate the banks and never have let them get "too big to fail" in the first place.
I feel the same way about Ethereum. The DAO hack was a no-win situation, because these "smart contracts" should never have been created to begin with. They're always going to end up in situations like this, because they involve the affairs of messy, imperfect humans. The correct answer to the DAO mess was never to get into it in the first place.
I don't think this is true at all. The DAO is (and was) a very cool idea. The only problem was that the code was complex enough that those who casually reviewed it failed to notice the vulnerability that the attacker noticed.
As for the financial crisis, it was a combination of an unexpected event and entrenched interests scrambling to benefit as much as possible from it. By definition, entrenched interests want a continuation of the status quo, and that is what happened. We think about how bad it would have been if some homeowners would have foreclosed, but we fail to think about the people who would have been able to afford a home at a great price.
Of a carefully curated set of worse choices, such as "A: Sit back and watch the banks keep going.", sure.
There are a ton of ways the bailout could have been done that don't involve giving money to the same people who screwed up before. For instance, let those banks fail but insure the individual depositors (trickle-down to insuring individual holders of MBS-backed retirement funds, etc.) and recapitalize a new set of banks.
> because letting them fail would've turned the recession into another Great Depression
Yes, letting all banks fail would. But there's no need to throw the baby out with the bath water.
> It means the right way to avoid the moral hazard would have been to better regulate the banks and never have let them get "too big to fail" in the first place.
Yes, we should try to regulate, but there'll always be new loopholes so we need to stop rewarding the bad actors when, not if, they find a new scam.
> [Smart contract]. They're always going to end up in situations like this, because they involve the affairs of messy, imperfect humans.
And yet your solution is to add another layer of humans?
> The correct answer to the DAO mess was never to get into it in the first place.
Like buying Enron. But not all companies are scams and not all smart-contracts will be ineptly written.
Once the hacker or whitehats start selling, this could end up being a pretty significant transfer of wealth from BTC to ETH
Once the DAO hacker or whitehats start selling the price of ETC is likely to fall off a cliff. Should bring the fork episode to a conclusion.
Both of these factors improve ETH's prospects in the short term.
I've heard it said that these folks are a form social-darwinists who have decreed (in their sandbox) that "code is law" and that, as such, any and all manipulation of the working code is perfectly acceptable without regard to external factors such as ethics, intent, and reasonable behavioral mores.
Its like they've taken the WORST aspects of the real financial systems such as money begetting money, rampant speculation, intractably complex and arbitrary rules, etc and jacked it up to the Nth degree for their monopoly-money world and are now taking it dead seriously (and getting offended when people suggest that their "coins" aren't _really_ worth what they think they're worth-- because, yep, conversion to REAL money is a problem for them).
I like the concept of a crypto currency as a way to exchange goods, services (and possibly contracts), but the players thus far leave me completely turned off.
The beauty of a "code is law" system is that its behavior is not subject to human interpretation and human biases... we can run a simulation on a test instance of the VM to test whatever scenario we choose, and we may review code and decide whether or not to trust it.
Systems like this are inherently adversarial. The idea of a "code is law" sort of system is that code could be developed to deal with the myriad adversarial situations in far more efficient and predictable ways than the way humans have historically dealt with them.
Legal uncertainty is a transaction cost and an existential risk in all contracts. In order for Ethereum to avoid this added cost, it would reduce the unpredictability of a contract's outcome. If a hard fork might happen to nullify a transaction, then anyone who is expecting to depend on it must add some uncertainty to his/her portfolio.
There there would still be risk of code bugs in a code-is-law system, but over time contract code would be discovered to be trustworthy in the same way that apache's source code is considered largely to be devoid of major security holes.
The law is the law.
And, when effective steps have been taken to prevent real remedies under the law, then, in practice, the war of all against all is the law.
Well, in a decentralized distributed system, the "law" may not be clearly part of any jurisdiction, and enforcement may be impossible, making the law somewhat less helpful at resolving disputes.
Your country's law applies to you, as you use the system, but not to the contracts themselves. If you contract for something illegal you can be tossed in your country's prisons but the contract can't be altered.
Then this debacle has been a spectacular failure on that front, and given the fact that no system can be perfectly secure, this will happen again in the future.
Yes, and I would have hoped/expected the curators of the Ethereum ecosystem to have greater respect for moral hazard.
And that's the core reason this rubs people the wrong way: it smells like financial shenanigans. We don't like it when people do that stuff in real life, and we don't like it when it happens in a "funny-money" system that deigns to become serious.
The good news is that (as far as I can tell) no serious real money has been poured into or out of this system. If it has, the money was hopefully treated as a highly speculative investment-- thrill money if you like. Not counting Watt-hours and personal time as money, obviously.
The key point is that while laws may be minimally, moderately, or highly flawed, the rule of law is the idea that we should have a proper way of changing them to prevent future events, not just decree one person an evil hacker and a group of other people victims.
The hard fork is like if a no parking sign was installed on a street and tickets were issued to everyone who had parked there the previous year, before the sign was in place.
Putting up the sign is not a problem, nor is enforcing the rule post-sign, the problem is making a decree that impacts what happened in the past.
A ban on ex post facto law is such a core concept in Western civilization that it's pretty shocking anyone would actually think such a rule is a good idea.
I suppose one thing that is a universal among humans is the strong desire to form corrupt groups to extract wealth from human systems.
Not really a fair comment IMHO. Western Civilizations also have the core concept that intent matters and that not every potential conflict/problem can be foreseen. Thus, you have vaguely worded laws that are subject to human interpretation (courts).
I understand that ETH billed itself as being above all that. So I can see why some are justifiably upset. I just think your comment about ex post facto law is a little misleading given that there is, in fact, a great deal of wiggle room afforded to the courts in the West.
While I think smart contracts are somewhat modeled after Western courts, the beauty of them is that they are predictable and deterministic. Doing various sorts of forks is quite messy, so perhaps the ideal smart contract system would have another layer between VM and forking.
However, now the fork has happened, these same hackers have vanished, or disavowed anything to do with the hacking, despite the fact that they now control millions of dollars worth of other people's money. They 'stole' from the rich but now don't want to let go of their takings. I wonder how they try to justify their action/inaction now?
Pretty much every developer there told me the thing was unsafe, untested, and should not be used for any real business ( yet ).
Not very surprised about any of this.
I have said this from the beginning. From a purely logical point as a potential investor, you should ask yourself, why would an autonomous investment platform (borrowing your phrasing) require all the funds up front?
In other words, look at kickstarter/gofund me, how skeptical would everyone have been if they asked for investors money before there was even an investment opportunity? Even with the fork, I think they should have returned everyone's money to them, and allow them to buy membership/voting right to the DAO for a nominal fee that would allow them to invest in future investment opportunities.
But the ultimate answer is that the company receiving the money could be bound by their country's law to do whatever they said they'd do. Presumably people would only vote to give them large amounts if they were accountable.
There's risks of theft and mismanagement of funds in crowd-funding companies. Payment has risk - Paypal has frozen and seized many individual and project accounts, credit card companies are forbidden to let you donate to Wikileaks, etc. And hackers could still steal or burn some or all funds. And there's essentially no useful recourse here either. Sometimes the courts get revenge for us, but we're still usually out of pocket.
And a smart-contract with shares would offer a ton of features "for free". People could transfer ownership of their support (and the perk it represents), for example. And users could have total control of their promised funds until each phase comes due, via an escrow with an agent they trust.
As many people have noted, there was no need to pre-fund a crowd-funding site - it was just a novelty that people got silly with. A serious cloud-funding site could be a separate contract for each project. Without a single fat target and without any of the split-the-contract complexity.
This DAO bug-bounty is encouraging simple contracts more amenable to proof.
This is a false equivalency. "Meat-space" contracts aren't executable programs that can unexpectedly, anonymously, and irreversibly drain your bank account of 100 million dollars based on a legal technicality. In "meat-space" the legal system would have very easily halted this insanity instead of forking the entire banking system to evade the consequences of a single agreement. Smart contracts provided no benefit but severe consequences when the risks materialized.
There's risks of theft and mismanagement of funds in crowd-funding companies.
This is another false equivalency, "theft and mismanagement" is always a risk when you're lending people money, that's not the problem; the issue is smart contracts which add the additional risk of random hackers stealing all your money with impunity, a risk not present in "meat-space".
>* Paypal has frozen and seized many individual and project accounts*
Irrelevant.
> credit card companies are forbidden to let you donate to Wikileaks
Irrelevant.
> And hackers could still steal or burn some or all funds. And there's essentially no useful recourse here either. Sometimes the courts get revenge for us, but we're still usually out of pocket.
This is totally wrong. That kind of thing just doesn't happen. If a hacker steals your money the bank has an obligation to make you whole and the courts will absolutely see to it that you are made whole, especially if we're talking about hundreds of millions of dollars.
> And a smart-contract with shares would offer a ton of features "for free". People could transfer ownership of their support (and the perk it represents), for example. And users could have total control of their promised funds until each phase comes due, via an escrow with an agent they trust.
I've already explained why it's not "for free", but you haven't demonstrated "tons of features". Escrows and agents already existed long before smart contracts, so that's not a useful feature.
The bottom line is, smart contracts are an absurdly complex solution looking for a problem, of which some probably exist, but the DAO was not an example of one.
I didn't say the hackers would steal it from the bank, but even so that wouldn't matter.
Banks have no legal obligation except in a very few cases of certain types of card misuse. And how do the courts make you whole when hackers have sent money to Russia?
> especially if we're talking about hundreds of millions of dollars.
No, only if you're talking about hundreds of billions. Small and medium theft is ignored, large theft and incompetence may be bailed out if you'll take someone down with you.
> In "meat-space" the legal system would have very easily halted this insanity
This one slow-motion train wreck? Sure. Well, maybe. Unless the attacker had done something across jurisdictions, etc. Then it'd be years before anything, even freezing an account, could be done.
> "theft and mismanagement" is always a risk when you're lending people money
No, you don't get it. The point is to remove Kickstarter, etc. The projects themselves are still an issue of course, but that's at least the point of the exercise.
>>* Paypal has frozen and seized many individual and project accounts*
> Irrelevant.
Not at all, it's one of the risks inherent in the classical system. Every third project has a horror story about frozen funds and that's not counting what the individuals themselves go through before they donate.
>> credit card companies are forbidden to let you donate to Wikileaks
> Irrelevant.
Only if you wouldn't donate to WikiLeaks or a related project. But yeah, I can see how that wouldn't interest you.
> Escrows and agents already existed long before smart contracts, so that's not a useful feature.
Not trusted escrow, your funds could be frozen for reasons like donating to WikiLeaks, or simply stolen from the agent.
> but you haven't demonstrated "tons of features".
No, you haven't acknowledged them. You're a thirsty equine by a large body of water but I can't do this last bit for you.
Well that's what I'm talking about because that's what happened with the DAO and what happens quite regularly to blockchain wallets. If the DAO money was pooled into a bank account instead of on the eth blockchain then the money would not have been stolen by a hacker - end of story. The banking system also has additional measures in place to ensure that large unauthorized transactions can be quickly noticed and reversed, even across international boundaries, I know this first hand because I've personally reversed international bank transfers of much less than 100 million USD.
> No, you don't get it. The point is to remove Kickstarter, etc. The projects themselves are still an issue of course, but that's at least the point of the exercise.
I'm afraid you're the one who doesn't get it, my point is that "removing Kickstarter etc" is of dubious benefit because Kickstarter style businesses work just fine 99% of the time without the added risk of a hacker stealing everyone's money with complete impunity.
> it's one of the risks inherent in the classical system. Every third project has a horror story about frozen funds and that's not counting what the individuals themselves go through before they donate.
Having your money temporarily frozen by paypal is not even close to the same thing as having it permanently stolen by hackers.
> Only if you wouldn't donate to WikiLeaks or a related project.
This has nothing to do with my point which is "smart contracts add risk with nearly zero benefit". If you want to send bitcoin to wikileaks, nobody cares, that has nothing to do with pooling your money into a smart contract.
> No, you haven't acknowledged them. You're a thirsty equine by a large body of water but I can't do this last bit for you.
This is becoming absurd. Your list of features is literally two vague sentences.
1. "People could transfer ownership of their support (and the perk it represents)."
2. "Users could have total control of their promised funds until each phase comes due, via an escrow with an agent they trust."
--
#1. The utility is unclear. Why is this useful and why do you think this isn't already possible with a centralized system.
#2. Smart contract is not necessary for escrow.
Smart contracts do not make things better, they just add complication and risk.
What's needed is a cryptocurrency that cannot, under any circumstances, be rolled back. Otherwise crypto is a fiat currency just like all other modern currencies that can be manipulated.
But getting hacked is ok, right?
> When Iraq invaded Kuwait in 1990, the Iraqi dinar replaced the Kuwaiti dinar as the currency and large quantities of banknotes were stolen by the invading forces. After liberation, the Kuwaiti dinar was restored as the country's currency and a new banknote series was introduced, allowing the previous notes, including those stolen, to be demonetized.
https://en.wikipedia.org/wiki/Kuwaiti_dinar
> the Central Bank of Kuwait (CBK) announced the withdrawal of Kuwaiti Dinar currency notes issued and placed in circulation up to August 1,1990, and the issue of currency notes of the new design against those notes withdrawn. The Bank also announced that they will not accept certain series of old Kuwaiti Dinar currency notes in different denominations in exchange of new currency notes so issued. The final date for the conversion into new design notes of valid old Kuwaiti Dinar currency notes, held abroad by individuals and banks was 30.09.91.
http://www.island.lk/2001/10/11/busine02.html
The same is not true for a cryptocurrency system.
That would be quite difficult, if not impossible. You can always just create a new currency and ask everyone to switch.
And some forks are done simply by having the majority of the clients (or processing nodes at any rate) agree to make certain things invalid. Such as an attacker's loot address, etc. The chain is all there, unedited, but no longer has the same effective meaning.
We really need a community that rejects these proposals the same way they'd reject photocopied money.