501 comments

[ 2.2 ms ] story [ 274 ms ] thread
> The developers seem to have been earnest in their attempt to create a new kind of stablecoin , one that was only partially collateralized by a “real” stablecoin.

This space is a giant house of cards.

The financial crisis of 2008 showed us that you can say the same about the traditional finance system.

Crypto is reinventing the same system as traditional finance and hitting all the same problems that we encountered in the last 100 years.

At least here everybody who opens their eyes can see that it's a house of cards.

"They are doing it too" is a favorite argument of crypto-enthousiasts. I'd argue the answer here is not more madness (crypto), but a serious attempt to fix the traditional financial system.
Why bother -- it's so broken. We can just again, it makes way more sense.
But cryptocurrency's answer is usually not "how can we do better" but "how can we repeat the same mistakes in a shorter time span?"
Cryptocurrency is incrediably diverse at this point, so you would have to be more specific.
Is TFA specific enough for you? It appears to be about the inevitable outcome of imitating banks in an unregulated context. A top level comment here is about the outcry for regulation that this then produces.
A computer lets you make more mistakes faster than any other invention with the possible exceptions of handguns and Tequila. - Mitch Ratcliffe, 1992

1992.

The internet was the domain of colleges and government institutions. The Eternal September would begin one year later.

1992.

The Super Nintendo Entertainment System just came out to most of the world, with North America getting it the year before and Japan two years prior.

1992.

One whole year before Doom would come out.

1992.

Windows 3.1 when it was still a DOS shell was released.

We were beating our heads against 386 processors praying for 486s, hopefully with the math coprocessor so we could actually get something done.

Even then, we knew. And now it's nearly 30 years later and it's just as true then as it is today.

We basically have low inflation and a savings craze as a driver of a housing bubble in 2008 as people were looking for perfect, risk free bonds (no such thing can exist outside government bonds and even those are just best effort).

The people behind Bitcoin were basically thinking: Ok, our banking system failed because of low inflation and a savings craze. Let's make both of those worse so that it will never become possible to run an economy on top of Bitcoin.

Fiat banking failed because an aging population has a strong saving preference to the point that it chokes out businesses. The idea behind saving is that you release production capacity in the economy so it can be used on something else. The population isn't going to stop aging. The problem is going to get worse over time. There won't be a something else unless the government artificially uses the savings on that something else.

I think the point is that starting over will just create a new equally broken system. So then we'll have two broken systems. Humanity could've instead used all that time/effort/capital to continue improving on traditional finance as we have been doing over the past century.

The current financial system becomes more robust every time a black swan event like 2008 occurs.

Seriously. I posit that many of the programmers in the field have no financial background whatsoever, on top of whatever shaky software background they may also have (especially if they went to a bootcamp). Just hilarious to watch.
Developers used to “we can fix it in production, ship it” develop system where fixes can’t be shipped with expected results.
Even worse: unless you use a proxy contract, production code can't be updated period. Smart contracts are immutable, besides being able to self-destruct themselves.

And the unexpected results may be billions of dollars worth of assets lost. Like most of SV, most of the cryptocurrency space is "move fast and break things", but breaking things entails a little more than an app being down for a few hours.

I've worked in the space for a few years and can say it's been the opposite experience for me. Had the chance of working on a Haskell project with the original creators of Haskell, being taught QuickCheck by the creator of QuickCheck, testing economic ideas created by professors of Economics at top universities, and sponsored entire compilers and languages to help ensure the software was as solid as possible. One of my favourite tutorials was when we had Leslie Lamport come in to give us a talk on TLA+. There is so much money in the space you can have absolutely insane teams.
The existence of some “absolutely insane” highly-skilled, well-trained, well-funded teams in the field doesn’t mean that there aren’t also lots of poorly-qualified teams without the up-front funding for development trying to cash in on all the money sloshing around the field.
True, I'm just saying as someone who's been in the space for several years I've not come across too many of these. I think it's a stereotype that doesn't match with reality - at least from my experience.
Wow, sounds great. Where have you been working / which cryptocurrencies/services have you been working on?
This was with IOHK (iohk.io) on Cardano however due to relocating and work visas etc I'm currently working on my own projects in the Eth/Cardano ecosystems
It's like Ponzi schemes but everyone is Ponzi. Scammers trying to scam scammers. Like Vegas without the tourists, only hustlers.
Interestingly Mark Cuban got taken for a small amount of money by this and is already calling for regulation around stablecoins:

https://www.bloomberg.com/news/articles/2021-06-17/mark-cuba...

I read about it. Decided to try it. Got out. Then got back in when the TVL start to rise back up As a percentage of my crypto portfolio it was small. But it was enough that I wasn't happy about it.

But in a larger context it is no different than the risks I take [in] angel investing. In any new industry, there are risks I take on with the goal of not just trying to make money but also to learn. Even though I got rugged on this, it's really on me for being lazy. The thing about de fi plays like this is that its all about revenue and math and I was too lazy to do the math to determine what the key metrics were.

The investment wasn't so big that I felt the need to have to dot every I and cross every T. I took a flyer and lost. But if you are looking for a lesson learned , the real question is the regulatory one. There will be a lot of players trying to establish stable coins on every new l1 and L2. It can be a very lucrative fee and arb business for the winners.

There should be regulation to define what a stable coin is and what collateralization is acceptable. Should we require $1 in us currency for every dollar or define acceptable collateralization options, like us treasuries or?

To be able to call itself a stable coin? Where collateralization is not 1 to 1, should the math of the risks have to be clearly defined for all users and approved before release? Probably given stable coins most likely need to get to hundreds of millions or more in value in order to be useful, they should have to register.

Hypothetically, what he's suggesting may not even need to be government-backed.

An independent auditor, with reputation on the line, could, for a fee, offer independent coin analysis and risk assessment. Perhaps something similar to the Underwriters Laboratories model... knowing a coin was "Coincheck-certified" or something could give similar confidence to knowing the UL sticker on a lamp means it's a bit less likely to burn your house down.

That whole concept doesn't make any sense really. You don't have a lamp which can quietly turn itself into a plasma torch from a perfectly safe prior configuration. Yet any stable coin is an attractive nuisance basically - it involves keeping sizable money around doing nothing. As seen by pension raids that is a huge "steal me" sign. Even if you could keep it secure such an arrangement is fundamentally very entropic without it being a real currency with backing. It is still entropic but that is being used to sustain a nation state instead of bad finance which actively tries to avoid useful investments.
>An independent auditor, with reputation on the line,

I don't think this will matter. Moody's and S&P are two rating agencies that both failed to give useful info before the 2008 financial crisis. Their reputations weren't affected much as far as I can tell.

That's because most of the financial world stumbled.

The rating institutions won't take a big hit for blowing a call that 90% of the industry also blew.

Wow, billionaire gets rug pulled after promoting it just last week, and now he's calling for government regulation.
His wallet address is available online, by my math he lost about $8 million.
This has always been the problem with smart contracts. They are infact dumb contacts.

To program one you need to think about all the edge cases. The programmers here likely did want >0 here. The possibility that the thing feeding price data return zero incorrectly was higher than the price legitimately being zero in their minds.

There is no court or lawyer who can interpret the spirit of the contract.

> There is no court or lawyer who can interpret the spirit of the contract.

That's obviously the point, though. You are trading one set of risks for a completely different set of risks that might suit your use case much better; your counterparty being able to contest a contract in court could very well be a "bad" thing for you.

> your counterparty being able to contest a contract in court could very well be a "bad" thing for you.

Evading the law (whether the court or a regulatory body such as the SEC [civil] or DOJ [criminal]) is typically a "bad thing" for the person or people intending to or successfully doing so.

https://www.sec.gov/spotlight/cybersecurity-enforcement-acti... (SEC Cyber Enforcement Actions, control-f "blockchain" | "crypto")

https://www.ropesgray.com/en/newsroom/alerts/2021/March/The-... (The CFTC Signals New Era in Enforcement of Cryptocurrency Trading with Action Against Antivirus Software Pioneer John McAfee)

https://www.jdsupra.com/legalnews/doj-activity-on-cryptocurr... (DOJ Activity on Cryptocurrency: A Six-Month Review)

https://www.reuters.com/world/us/us-court-authorizes-irs-see... (U.S. court authorizes IRS to seek identities of taxpayers who have used cryptocurrency)

Are you saying the only time a contract is disputed is when the other party is evading the law? Nobody abuses the legal system to screw over people without enough resources to fight in court?
I'm saying the legal system takes authority. A smart contract doesn't avoid or override that authority.

https://digitalchamber.org/wp-content/uploads/2018/02/Smart-...

> Is A Smart Contract Always A Legal Contract?

> No. Because a smart contract is computer code, a smart contract may represent all, part, or none of a valid legal contract under U.S. law. Smart contracts function – in whole or in part – to give effect to legal contracts. Thus, smart contracts are the programmatic means by which some or all of the terms of the legal contract are performed. It is the underlying contractual terms that are given legal effect.

That legal contract and the contractual terms is what is evaluated and governed by the legal system. Smart contracts are fancy business logic snake oil salespeople are attempting to sell as the law of the land.

Not quite sure what you're saying, that you expect the DOJ to somehow overturn the judgements of smart contracts, with possibly anonymous participants or participants outside of the DOJ's jurisdiction?
I think the point is more that if you owe $200M to someone, a court is unlikely to accept "it's irreversibly stuck in a smart contract" as an out.
Sure, I don't disagree with that. For example, defrauding someone with a smart contract obviously doesn't offer the scammer legal protections.
Who defines fraud if the contract is contested?
Depends on which jurisdiction alleged fraud happens in. If the parties are anonymous or in "difficult" jurisdictions, it will be pretty difficult.

Fraudulent or not, though, you have a pretty heavy layer of protection as the money has already been transferred, and that money is not easy (close to impossible) to freeze.

Any reversal that happens will be necessarily by a threat outside the blockchain, as the governing body can't actually reverse the transaction. It's a second transaction.

(comment deleted)
I am against smart contracts because we do not know how to write software in that way. I like how they sparked a formal verification Renaissance of sorts but that did not help much either unfortunately (if the premise is wrong, no amount of proof will save you anyway).

However, if you let all parties review the smart contract (the source is on the chain, you can check it) and agree with it's workings and sign a 'human' contract saying you do agree and then it goes wrong, I think it should be an out. We do not have proper ways to sue for misbehaving software (it happens all the time but MSFT is climbing higher and higher): this is easier to verify but we are adults here: if you agree to put money in smart contracts, you should have verified the code. And if you think the code is flawed, do not put money: otherwise do not complain afterwards. It is not that hard.

> but we are adults here: if you agree to put money in smart contracts, you should have verified the code. And if you think the code is flawed, do not put money: otherwise do not complain afterwards. It is not that hard.

That's not how it works. Courts generally operate by ambiguous standard of what reasonable people and reasonable experts can actually do given the state of technology.

No reasonable software engineer can tell you that a piece of code is flawless. I don't think courts will agree on a system that has been shown through evidence to be highly flawed.

Sure, that will depend on the courts and specific case, as it seems it works exactly like this mostly. But if you inspected the code yourself and you put your money in anyway and it is gone, you might find that the court will not do anything at all. And who can you shout at then, the moon? I am saying that smart contracts are a special case: they are small pieces of code, if they have a bug, it usually causes major damage and, if they run on the eth chain etc and no one took public responsibility for deploying it, there is no one to sue. We have no way to write this type of bombs without flaws as you rightly say and because of the irrevocable damage and the lack of defendant in most cases, these contracts should not be used at all.

There are already (many) cases like this, but if I write some software and put it in github, someone else deploys it and people die; that is simply not my fault: it is the deploying person. In normal situations, this is easy to find the defendant here: but on the chain, you won't be able to: anyone can deploy anything and you won't know who it was. So unless you to end open source software, you have no case against anyone.

This reminds me of the Toyota Prius (and other models') un-commanded acceleration problem. Should car buyers examine Toyota's code, or should they assume that the gas and brake pedals work as expected?

It's not reasonable to expect software users (even other developer users) to understand or audit code in order to be able to use software -- for anything.

Yes, but not in case of smart contracts is the point. Prius it's source is not open and cannot be audited and is, definitely installed by Toyota. So Toyota is responsible. Smart contracts have none of this.

They are open source by definition and no one knows, by definition, who deployed them. It is a very different case.

The author of the code and/or its publisher are always responsible for software quality, not the users.

The fact that other people could audit the software does not absolve the original authors of the fact that they didn't.

Sigh. If this were the case, all open source is doomed. You are responsible if you deploy/offer it, not if you only wrote it. And the point is, in smart contracts, you will not normally know who deployed it.

If you put on github

Return x>0;

And I deploy this in a production environment that kills people with heart rate over 0, do you have any responsibility? No of course not. I do. You have none.

In short: if you put money into something as smart contracts, the only thing you have, and that is literally the intention of the pundits, is that you check the contracts and trust or not trust them. I do not know how this crosses over to other software that has different properties in this thread. That is not relevant. There is no one to sue or say they did a bad job here: you will not know. That is baked in.

As a career developer of more than 30 years, I still take the viewpoint that the person who wrote the code and/or approved it (both = developers) are 100% responsible for all bugs.

As I mentioned earlier in this thread, there is no such thing as bug-free software (even for devices that kill people, as you point out), because bug-free software is categorically impossible within comp sci.

Knowing this comes with great responsibility, even more so when dealing with life... or finances. The developers of this software, as is the case with Solidity and smart contracts in general, have foregone this responsibility.

Another egregious failing of all crypto schemes which I'm compelled to point out is that they fail to use any of their enormous profits to actually fix bugs.

When I was mainframe developer at IBM, the company spent millions of dollars (taken from clients, of course) to find and fix bugs. They paid people good money, including yours truly, for that work.

Today's crypto companies have no such ethics. They (Mr. Buterin, I'm looking at you) have no compunctions after profiting windfalls from their software inventions to actually invest in debugging or fix distribution (or even real error reporting) for the customers. Likewise, they ignore all the UI aspects (and problems) that their inventions have birthed.

This is not responsible software development. It leads to problems like IRON and others in the crypto space. As I said, it is the exact opposite of how, historically, important enterprise software development is done.

It's only for selfish reasons (= money hoarding) that crypto projects don't hire the best auditors and coders in the world to fix their code. They can certainly afford them.

Seems we are similar ages: I am 30+ years into commercial dev as well. I started with the Dijkstra school of development (under pupils of Dijkstra which my father is one) and found that this is not helping. I like it but more intellectually than anything else. I went more the Arthur Whitney way of practical computing without waste.

I vehemently disagree that just writing code makes your responsible for it's use. We are so bad at writing good code that all programmers would be living on the streets or in jail. And that is not malice, just how little we understand or underestimate complexity. Which becomes apparent if you indeed try to create some formal proof and give up after 30 pages.

I also believe your last statement does not recognize the vast issue there is with the smart contract world: I am more of the school of Erlang/OTP: just let it crash these days. If you cannot correct a state, we cannot write software for it. No matter the proofs and auditing. If we cannot correct an erroneous state, we are not capable of writing software in that system. And that is smart contracts. Not space craft where we often can upload a patch and steer the other way, not cars where we detect a deviation and correct it. Smart contracts are: if it's done it is irreversible and there are no programmers, provers or auditors who can predict or prevent that. Rollback must exist or this all will go to shit. Which is what will happen.

Edit: I actually do not believe cryptocurrencies have a chance unless there is rollback (something like refunds without merchant consent). I just cannot see what rollback means in this context: I read papers with scifi type of stories how this would work but it does not mesh with cryptocurrency obviously otherwise.

While we disagree on who is responsible for code, I do think we are saying the same thing about cryptos. If you can't fix software later, you're doomed because it all has problems.

Likewise, humans make mistakes in transactions and if they can't be undone... problems.

EDIT: I should clarify that I don't believe software authors are responsible for use, but rather for bugs.

> Likewise, humans make mistakes in transactions and if they can't be undone... problems

But that is saying everything is shit. I do not disagree but I do live in this world.

> EDIT: I should clarify that I don't believe software authors are responsible for use, but rather for bugs

I got that but what would it look like? In practice? As that seems impossible to me.

I'm not saying most transactions are wrong, but some are. So transactions may need to be corrected, just like code. And, in practice, they often are.

In practice, software companies take responsibility for bugs in three ways today, based on their business model.

Old line companies like IBM paid millions of dollars for people and tools to find and fix bugs and to distribute the fixes to customers. IBM did not wait for you to tell them you had a bug. Their system could tell you if you had a bug that someone else reported. And IBM would ship you a custom tape which fixed that bug and didn't break the rest of your software. Let's call that The Gold Standard. With money, it's certainly possible.

Option 2 is a company like Red Hat. Unironically, IBM bought Red Hat. The reason that, while open source gives you the option to look at the code, most companies don't really want to do that. In other words, Ford could make a lot more money focusing on making cars than they can by hiring people to find and fix bugs in (free) Linux software. Voila! Red Hat offers bug fixing and finding (and a plethora of other things enterprise customers don't want to setup) for a hefty subscription fee. Red Hat has many service offerings in the $10,000/month+ range. Once again, if you pay people, you can find and fix bugs.

Finally, option 3 is a company like Google. They don't really care if anyone else can get open source software to work. But... and this is a big but... they need it to work for themselves. Having built a very lucrative empire on open source (Android, for example), Google cannot afford to wait for "the community" to find and fix bugs. They must pay people and they must pay them well. And, this they do. So while the free open source isn't directly monetized by Google, it's worth their while to pay to keep it up to date and correct. Other companies like Netflix do the same thing.

So there are three ways you can do it today.

What irks me about projects like Ethereum is that, having all these real world models out there, its founder doesn't seem interested in finding or fixing bugs at all. He is relying on "the community" (we know that doesn't work, see #3) and not spending any of his own money on debugging or fixes. In all the real cases where you want fixes to happen (and you want CI/CD to get them to customers), "you", being the publisher or heavy user of such software, must pay.

That's what I mean about responsibility. It's where the buck stops.

I think we are in agreement and the implementations that can fullfil so what remains is: how can you find the person or group responsible for fixing or getting sued in blockchain land? I can put some malicious code on the eth chain: how will you find it was me. And that is with intent.

But we agree and I will reiterate: without rollback, current human coders cannot write reliable software. So in it's current state, smart contracts are a utopia and no one should trust them, with or without code audit. But if you still want to play a lottery of humanity vs complexity, read the code, think hard and put or not put your money. If you put your money, do not whine after you lost it. You might as well shout at your toilet for the same endresult.

Sure, but if you both sign a legal contract to obey the outcome of the smart contract then no one owes anything, because the smart contract says that the $200M is gone.

Obviously this doesn't allow you get around laws such as warranties but I don't see why it can't be used if everyone agrees to it.

In some cases, perhaps, but not all.

Fraud, for example, isn't legal even if you have a cleverly crafted contract that uses wording tricks to technically be true.

I would expect a court to take a dim view of a smart contract that has an obfuscated, non-obvious mechanism for someone to siphon off all the money in an undisclosed fashion. "Code is law", but so's "you can't defraud people".

Where’s the part where anybody defrauded anybody? This was clearly incompetence that benefited nobody (certainly the developers would rather not have TITAN implode and all of this USDC locked in a contract...). Embarrassing yes. Fraud? Pretty clearly no
It's an example of a scenario where you can't sign certain rights away. Not specific to TITAN.
How can it be "locked"? Can't they deploy a protocol update to the members of the compute pool?
Depends on how you write the contract. If you make a smart contract unilaterally updatable, then it's no longer decentralized and trustless, because people with admin rights can plunder it, or can be extorted, or compelled by authorities to turn over the capital.
That's not how US civil courts work. If a contract is flawed then a judgment can be rendered based on intent, equity, and other factors. There are centuries of common law precedent for this. The existence of blockchains and "smart" contracts changes nothing.
> Sure, but if you both sign a legal contract to obey the outcome of the smart contract then no one owes anything,

You are begging the question by presupposing that for every smart contract there could be a possible legal contract that can bind the people who sign it to the results of the smart contract.

If a smart contract is illegal, then any written contract that binds people to the results of that contract would be similarly illegal.

Contracts can be unenforceable for reasons that might not be obvious to people who don't do contract law, as well. For example, the concept of consideration is not especially obvious, that contracts are often not enforceable if both parties do not receive consideration, which leads to things like peppercorn payments. I know about that as a layman but a contract attorney would know of many more non-obvious things that must be checked out to avoid having problems actually enforcing the contract. It seems like it would be very, very easy to produce a smart contract which a court would later determine was not enforceable in the first place, and perhaps order reversal of payments or other things.

For one, as a general concept the parties to the contract need to actually understand the terms and courts will somewhat regularly throw a contract out if they think there were implications that were not apparent to one of the parties. Smart contracts seem like absolute minefields for this kind of problem.

Yeah, consulting a lawyer before drawing up an important contract is usually a very good idea for precisely these reasons. You can probably make small adjustments to a boilerplate without doing so, but that always adds atleast a little risk.
A very obvious example: in most jurisdictions, a contract signed by a minor can be rendered null and void by that minor (or their legal guardian) at any time.
A valid contract requires a meeting of minds such that inserting something designed to trick the other party inside a contract is pretty much always invalid.

If you sign a contract to abide by a smart contract that was designed in bad faith or misrepresented I fail to see how that's any different.

Even valid contracts are bound by the law. E.G. you can't sell yourself into slavery. Similarly, a smart contract can be a tool to execute the terms of a legal contract, but if it behaves in a way that would be illegal under a traditional contract I doubt any court in the US or Europe is going to recognize that as legal.

I admit enforcement is another issue entirely though.

... and a small band of programmers quietly sneak out of the room ...

If your mechanic installs the tires in the passenger cabin, no one cares about the mechanics' lien. Depending on the judge they might not even care about the fine print on the back of the invoice, because installing tires in the passenger compartment is that dumb.

(comment deleted)
> I'm saying the legal system takes authority. A smart contract doesn't avoid or override that authority.

On a blockchain, this is absolutely false. The nodes interpret smart contracts. The "legal system" needs to be applied by some kind of oracle or by force to a node operator.

Smart contracts are authoritative in their native environment.

> The "legal system" needs to be applied by some kind of oracle or by force to a node operator.

Yes, this is usually how it's done. Business logic is not a legal authority.

This is a strange statement. It's like saying that a forloop isn't authoritative because it hasn't been approved by a court.

"Legal authority" isn't a well-defined object in the evaluation of smart contracts. It is certainly not an authority in the sense that the EVM (or, for other blockchains, corresponding VM) code is.

Is this really a surprise? Nodes don't evaluate common law, they evaluate smart contracts.

That's one of the reasons for enthusiasm for blockchain tech. Not everyone believes in the legitimacy of the state, let alone that the legal system is somehow the proper authority for evaluation of disambigous source code.

>Not everyone believes in the legitimacy of the state, let alone that the legal system is somehow the proper authority for evaluation of disambigous source code.

This is something that I haven't been able to figure out about blockchain enthusiasts. Assuming the blockchain is wildly successful, it poses an inherent threat to the ability of the modern state to collect taxes. Why do blockchain enthusiasts, who already don't think the state is legitimate, not take the logical next step. A potentially existential threat illegitimate parties that have large militaries will end well for the blockchain how? To put it more glibly, how many divisions has bitcoin?

Or to paraphrase a US president (Andrew Jackson) when he didn't like a Supreme Court ruling, "make me. Oh right, you don't have an army. I do."
The key thing here is that nobody can force you to pay your taxes. If you refuse to pay you can be arrested and/or go to jail but the change here is that you can't force someone to give you money but you can compel them to.

I like to see cryptocurrency and crypto-assets as a pseudo force of nature. It's not really possible for governments to stop them and they pretty fundamentally change the game for most governments. I personally believe the result of this will be a shift to geoist taxes where taxes are paid on properties or paid by corporations.

The internet requires a bunch of physical infrastructure to operate and crypto requires use of that physical infrastructure. Physical infrastructure is definitely controllable by governments if they so desire. The CEO of Comcast isn't going to go to jail to ensure that Bitcoin is accessible to the average user of their network.
Sure they may try but I don't see how they could make Bitcoin any less accessible than Bittorrent is nowadays. Doubly so considering that if this was to become a legitimate issue cryptocurrencies could just update their peer discovery mechanisms to minimise the meaningful damage that governments or ISPs could do.

The cat is out of the bag and unless governments want to start seriously pushing into authoritarian territory there's very little they can do to stop it. Could China kill cryptocurrencies within their borders? Probably. Now could the US or countries within the EU? Probably not. Particularly in the US I can't see this ever happening. It's too close to infringements upon the first amendment that I can't see any meaningful legislation or regulations sticking.

Isn't this ultimately a 'might makes right' argument?
In the real world, “right” is only an argument used to help convince other people to use their “might” to support your side of the argument. Physical force always beats morality.
If you believe taxation is theft, and that governments are illegitimate, I just don't understand how you can go from that belief to "but if I do this one weird trick the people who threaten to use armed force to collect my taxes won't find some way to compel me".
I don't think it's a weird trick. Call me naive, but I think that there are plenty of statesmen (and -women obviously) who can see the writing on the wall and realize that their capacity to control reality doesn't extend to the ends of the universe.

The emergence of the internet is an incredible happening for humanity, and the gamble that the relic of the state will somehow cork it is probably not a wise one.

Nobody wants war - even the war profiteers don't want it in their hearts. Nobody wants violence or insecurity. At the end of the day, we're all here together on this little blue ball and we have to share power with each other and with nature.

To the extent that the internet is a phenomenon of nature - which I think it's a very reasonable view - it's hardly a "weird trick".

Not believing in the legitimacy of the state is like not believing in the gravity.
Parties to a contract exist in jurisdictions that do not see things this way, and even block chains are rooted in some form on physical media in legal jurisdictions.

In the case if IRON, the 0.75 in actual money exists somewhere, a bank presumably. Wherever that is, the jurisdiction might be friendly for IRON, or not, but there is in a very real sense no pure native environment for smart contracts. At a minimum, the parties involved will always exist in a physical legal sovereign jurisdiction that regards it's own authority as higher than the smart contract and has some ability-- perhaps limited, perhaps extensive-- to enforce that authority.

Contracts, at least in my jurisdiction, can come in all forms and colours. Even purely verbal contracts are valid, in fact. Those are hard to enforce, with nothing written it is always he-said-she-said when it comes to disputes. So I would be surprised if "smart-contracts" couldn't be litigated if push comes to shove. No way avoid the legal system. And that is a good thing.
Depends on how strong the cryptography is, no?
Depends a lot more on how much you're able to leave no unencrypted evidence.
It's common for people to take mechanical/technological steps to make sure agreements will be respected when they know that if they just wrote a contract they could not rely on the legal system to enforce it in a reliable or economical manner. This is not necessarily bad.

When I get my car fixed at the mechanic, I am paying for the service but at no time do I transfer ownership to him. One procure we could follow is for him to do the repair, give me my car back, ask for payment, and then pursue me in court if I refuse to pay. But instead, the procedure is that he just keeps the car in his garage until I pay. (If I want to call the police to get my car back, I can, but now I have to explain to them why I'm not paying, and enforcement is much easier.) This forces me to respect the agreement we made - repairs in exchange for money - in a more robust way than any contract ever could.

Most places recognize something called a "mechanics lien" that means the police won't get your car back either. Workmen usually have a legal claim to property that they worked on and have not been paid for. Sometimes it requires specific paperwork (more often with real property, e.g. a contractor can place a lien on your house but usually needs you to agree to it before they start work) but often it's implicit. I guess my point here is that this is a scenario with specific legal backing that goes way back into history, which smart contracts don't really have.
Yes, of course the reality and usefulness of this particular mechanism has now been legally acknowledged and incorporated into the law in some (but not all) places. But mechanisms like this arise organically and are put to use long before they are officially recognized. I expect similar things to happen with smart contracts.

In other words: things you might call "evading the law" in fact can be useful and then shape the law. If we were to adopt a principle like "anything that looks like it's trying to evade the law must be dismantled", we'd be worse off.

Strange emphasis on 'now'. From wiki, "Mechanic's liens in their modern form were first conceived by Thomas Jefferson, to encourage construction in the new capital city of Washington. They were established by the Maryland General Assembly, of which the city of Washington was then a part.[1] However, it is not likely that Jefferson single-handedly dreamed up the idea.

At the time Jefferson promoted the law, a lien-like privilege already existed in civil law countries like France, the Dutch Republic and Spain, with some laws even tracing their roots to the Roman Empire. And since control of Louisiana had passed between the French and Spaniards, and had largely adopted the French Napoleonic Code, there was a similar privilege concept in that territory."

It's not strange at all because "now" does not assert "in the past few years" or something. It's just in contrast to when the technique was first developed.

Like, do you think there was a long-standing issue with people not paying their bills because the liens weren't enshrined in law, and a bunch of clever legislators got the brilliant idea to introduce it? No! It's been happening since before laws were written down, and the formal laws were crafted to fit this existing custom.

Maybe you are mistaking what a lien is. A lien isn't when someone takes possession until they are paid, but a legal debt attached to the object in which the person attaching the lien claims partial ownership of that property until the debt has been paid. It does not require possession of the object. A mechanic can place a lien on your house for no payment. It 100% exists in law and requires the debt to be written down.
> Smart contracts function – in whole or in part – to give effect to legal contracts.

Except when they don't, which is... most of the time?

It's true (and I would hope obvious) that a smart contract doesn't play like a legal contract, but aren't the vast majority of them intentionally doing things that are orthogonal to contract law?

Or irrelevant to it? You can buy Beeples all day but you still don't own a copyright, and this doesn't seem to be a problem for anyone.

They said "typically", so they aren't saying it's true in all cases, but generally when a person is trying to evade some legal authority, it's probably not for reasons good for society.
They are trading one legal authority for another, and this is agreed upon up front. Both parties agree that the code is the legal authority before entering into a contract, which is much different from evading authority after the fact.

> but generally when a person is trying to evade some legal authority, it's probably not for reasons good for society

Reminds me of the "nothing to hide" argument, that only someone trying to commit a crime would need or want protection from the legal system. History paints a different picture.

>They are trading one legal authority for another, and this is agreed upon up front. Both parties agree that the code is the legal authority before entering into a contract, which is much different from evading authority after the fact.

The parties might "agree", but who cares? If they are in the US, for example, and the two parties have a smart contract that breaks US contract law, one of the parties can file a lawsuit and attempt to get their money back. You can't go to the judge and say "sorry, the code is the legal authority here".

Yeah I agree with that. Once the contract has executed, enforcement actions can certainly happen in meatspace. But do you not see the difference between:

1. A normal contract (legal or illegal) that requires outside enforcement in the first place to force parties to comply.

2. A smart contract (legal or illegal) that executes itself without outside enforcement and can be overturned later (not literally overturned, but a subsequent transaction can be forced) by meatspace mechanisms

The vast majority of contracts in (1) does not need enforcing, because it is in both parties interest (at least long-term) to perform. Yes, there is implicit enforcement to some extent, but then "non-society" which don't even have that are not pretty places to be.

On (2), sure we can find ways to have the execution fail. In fact, anything where there is not fully escrowed payment/collateral/etc. can fail to execute properly if the other side does have not what it needs to deliver/or does not make it available on chain.

> The vast majority of contracts in (1) does not need enforcing

Of course, people are very careful prior to entering those contracts, because they know how big of a headache it will be if enforcement is needed!

> In fact, anything where there is not fully escrowed payment/collateral/etc. can fail to execute properly if the other side does have not what it needs to deliver/or does not make it available on chain.

Well, sure, if you write a contract that makes it possible for one side not to pay up, then that might happen. Having software run escrow is basically the whole point..

Most contracts are so basic as to be invisible, so no, people are not very careful when they buy a chocolate bar, for example

If you want smart contracts to be only applicable to very narrow sets of problems so be it, but otherwise you need to be able to allow, for example, unsecured lending and highly uncertain payoffs at T0 (staying in the finance domain)

> people are not very careful when they buy a chocolate bar

Ok..sure, but I think it's sort of pedantic to bring up a class of contract that, obviously, nobody in this thread is talking about. It's a bad example anyway; even if you are being pretty careful it's simply not a risky transaction and therefor out of scope for complicated enforcement mechanisms like smart contracts.

I don't think smart contracts are very well suited to unsecured lending, at least not with available software. There would be no incentive to pay it back without some mechanism to force collections. Collateralized loans, however, is a great use case that exists already.

This is early stage tech, the scope is pretty small. I don't think anybody is arguing the contrary.

Freedom of contract is pretty well respected in the US, there are very few exceptions where carve outs are made where people are not allowed to contract freely. So its not clear what a “smart contract that breaks US contract law would be”, its much more likely for a smart contract to be a outright scam or illegal though, in which case good luck finding the funds or whom to sue.
Courts remain the legal authority, you cannot trade on for other unless provided by law (as in statute), and then it is back again to the courts to interpret. What did both parties really agree to? IANAL, but intentions and assumptions of the parties can matter - for example, quite a few things you cannot waive in some places, irrespective of what you agree or not.
I don't know. I'm not a lawyer, but I recall that when it comes to contracts, they often allow you to waive protections that the law would normally give you (e.g., specifying that conflict is resolved with arbitration) if both parties agree to it.

In the case of smart contracts, where both parties (if I understand it right?) agree that the code defines the contract itself, it seems like saying "... but I made a mistake" (or it has an error) would be very hard to prove. It would be like if you had written in a 3 year no-questions-asked return period into a car contract, rather than a 3 day one, and then tried to litigate when someone actually used that.

You can amend some legal requirements, but certainly not all. There are many, many restrictions on the types of contracts that are legally enforceable.

> but I made a mistake" (or it has an error) would be very hard to prove

I don't think it would be that hard to prove that the implementation of a smart contract doesn't match the clear intent. The bigger issue isn't the disputability of the contract, but the difficulty of identifing who you would take to court.

That is somewhat a US/Common Law perspective, in places with codified civil law might be tougher/different (but again, IANAL - just from experience doing complex contracts)
> hey often allow you to waive protections ... if both parties agree to it.

This is not really generalizable. Arbitration clauses for example waive one method of recourse in favor of another method of recourse, both already accepted by the courts. I expect you couldn't replace that with trial by combat and expect it to hold in court, but you might be able to argue that a different resolution process with historical precedent would hold - at least you could test it in court.

I'm not particularly knowledgeable on the topic, but there are all sorts of religious courts (at least in the US). Generally they coexist with the secular legal system.

https://www.pewforum.org/2013/04/08/applying-gods-law-religi...

Yes that's true, but again it's a case where (a) both parties agreed to (b) a recognized form of resolution, in this case mediation - you can do this with a secular mediator also. In general they don't "coexist" so much as they are subsumed within, as allowable forms of resolution, within prescribed bounds.

Important to note that the courts already recognize and/or have precedence for this, and also there are limits to what you can shift here. Finally if the resolution process is not acceptable to one party there are ways to bump it back to the courts.

None of this applies to "smart contracts", which aren't contracts in the legals sense anyway. There is no (yet?) agreement by the courts that this is a valid resolution method, and any issues of contractual law brought before a civil court will be resolved by legal principles, not source code. I suspect that the best you could hope for in the current setting is that the source code + associated communications speaks to intent.

There's no reason to believe that it is impossible that US courts and/or legislation would at some point give some legal status to a smart contract beyond above, but that's not the case today as far I know.

There are certain rights you can't waive. But that aside, the issue at hand is what happens when there is a mistake in the smart contract, unintended by either party? Who decides what happens? In this case IRON could even hypothetically claim (true or not) "nope, not a bug, the contract will stay in it's null indeterminate state, and in the meantime we'll be using that USDC as collateral for 30-year US treasury bonds. 2% isn't much, but it sure does add up nicely on $250+ million."

Or something like that. I doubt that's how it will go down here, but it will take a human judgement call or agreement-- not a coded contract-- to resolve this.

Agreeing the code is the legal authority means implicitly believing the code is perfect: no bugs, no unanticipated edge cases. Which is just not realistic. So when they arise, who decides what happens?
(comment deleted)
> Evading the law (whether the court or a regulatory body such as the SEC [civil] or DOJ [criminal]) is typically a "bad thing" for the person or people intending to or successfully doing so.

Oh wow. If only this were true. If only they were so diligent in punishing other kinds of things.

Here's something I read recently, from the aftermath of the Libor scandal: https://www.sec.gov/news/statement/stein-waivers-granted-dis... . Really highlights how crazy this whole thing is and how there are really two qualitatively different classes with two different sets of rules in our society.

(comment deleted)
I think the gp just meant that when a person comes to the attention of courts and regulatory bodies, that the person had the intention of evading these authorities will taken badly by them and likely result in more sanctions than just what would happen for breaking the various rules.

All the different ways people evade authorities is a large topic. But, you're right, friends in high places help.

Nonsense. There's severe punishment for acts that demonstrate clear malice (e.g. violence, possession of substances well-known to be illegal) and light punishment for ambiguous cases (making a subjective judgement call in a particular way), at every level of society. If anything the error is in the other direction - legislation that requires people to make subjective noisy judgments and get them right is futile and absurd.
Nope. Clear malice was proven beyond doubt in Libor fixing, in credits ratings fixing in the leadup to 2008, etc.

There's severe punishment for crimes committed by regular people, and no punishment for crimes committed by wealthy people, even if all things considered the latter manage to harm millions of people with their actions.

> Clear malice was proven beyond doubt in Libor fixing

Where? As far as I saw there was one bank that thought it was obeying a discreet request from the government, and a bunch of banks where traders said usual trader nonsense (which is "malicious" in a sense, but it's very much part of the norms and culture of trading and the expected functioning of a market, just like a good lawyer should make their case as strongly as possible regardless of their personal beliefs about what happened).

> even if all things considered the latter manage to harm millions of people with their actions.

Who was harmed? If there was any effect of Libor fixing, it was likely that people paid slightly lower interest rates on their mortgages.

Some chains/coins are backed and developed by fairly well defined "legal entities" (presumably for reasons related to securities law). I am waiting with popcorn in hand for the day someone loses money via smart contract and then takes the entity behind the chain to court to overturn it.

(We've seen disastrous bugs overturned by community-consensus hard fork but not to my knowledge by court order). Not yet, but it seems inevitable.

> Some chains/coins are backed and developed by fairly well defined "legal entities" (presumably for reaso). I am waiting with popcorn in hand for the day someone loses money via smart contract and then takes the entity behind the chain to court to overturn it.

I would very much like to see regulators purposely engage in these activities, and then directly pursue those within their reach. There's no reason to wait for more citizen victims when the model is proven and the government has the resources to set the stage to demonstrate the failure scenario. This is simply a more elaborate sting versus putting a car on the street to be boosted.

> You are trading one set of risks for a completely different set of risks that might suit your use case much better; your counterparty being able to contest a contract in court could very well be a "bad" thing for you.

There is no trade of risks. The judicial system is still going to assert their authority over contracts. Your counterparty will still be able to contest a contract in court. The guys with guns the court sends out to enforce their verdict are not going to be impressed with "code is the contract" and "blockchain". They will lead you to a (jail cell) block in chains (handcuffs) if you try to defy the court order.

Instead you are trading specification of contracts in a legal language where there has been centuries of experience in writing and interpreting those contracts, for specifying the contract in a new language that is still evolving and where there is not a whole lot of legal precedent on how to interpret them and how to resolve bugs.

These "smart contracts" are not decreasing your risk, but rather increasing it.

Bad news for you, then… your counterparty can’t still bring you to court.
> That's obviously the point, though. You are trading one set of risks for a completely different set of risks.

But that's exactly the point.

People are not able to interpret "smart" contracts. For normal contracts most people can understand the contract and if there is a dispute you have laws and courts who can interpret in every case.

In case of "smart" contracts even the contract developers more often than not seem to not be able to understand all consequences.

So if we are trading one set of risks for another it kinda seems to me to be a a really shitty tradeoff.

This is how ALL of Crypto works. A decentralized ledger means that you cannot call the CEO or CFO of the ledger and have a clearly fraudulent transfer revoked. That is the tradeoff.
What I think a lot of people don't appreciate yet is that computationally decentralised systems can still have legal single points of failure.

Lots of chains have holding entities or foundations (nominally for governance, really to justify their premine or "reserves") and seem rather vulnerable, especially if they pay the core developers.

The CEO of that entity won't take your calls but they are absolutely exposed to the whims of the legal system in their founding jurisdiction.

Yes. Trading off hundreds of years of experience and judicial tradition and precedent for a brand new shiny (just trust us programmers) system.

If the former system were to be irretrievably corrupt, teetering on the edge of collapse, and the proposed replacement were capable of replacing it then it would be worthwhile.

The existing international financial system is corrupt, the judiciary in most of our world is complicit, but it is not on the edge of collapse (look how brilliantly it sailed through the 2008 crises. It used its political power to get the middle classes to bail out the super rich). The proposed replacement (cryptro currencies) has no support from cryptographers (I am not one) nor finance geeks (that I have been). It is even worse that that which it proposes to replace.

Additionally in most of the Western World we have the democratic institutions that can be put to use to fix the system. Economists are slowly coming around to recognising the catastrophic mess that the current system is, how it is sapping our vitality as a community, enriching the few (hi Unicorn founders - fly to Mars please) and impoverishing the middle classes.

We can fix this. But we have to give up on single fixes (like crypto). This requires modern system thinking....

> has no support from cryptographers

I am a PhD student in cryptography, and judging by the papers I've read there is plenty of support from cryptographers, many of whom are directly involved in research and development. Silvio Micali is practically a founder of modern cryptography (and Turing Award winner), and he co-created the blockchain Algorand. There is also plenty of opposition, as the subject elicits strong opinions, but the assertion that cryptocurrency has no support from cryptographers is just false.

True. The universally quantified statement "No cryptographers thing X" is almost certainly going to be false.

Hyperbole on my part, oops. Sorry about that.

I am not a cryptographer, but I do pay attention to cryptographers. Well, some cryptographers.

So thanks to your helpful comment I looked up Silvio Micali. He has rather faint endorsement, but endorsement it is.

In fact, I can think of nothing more profitable for a cryptographer than designing a better cryptocurrency.
The fundamentals are all wrong though. Money is, amoung other things, a web of trust. Trying to remove trust from it is taking away some of what makes it money.

I do not think there is a solution in this space that works economically or financially.

What we need is a unit of exchange that: holds its value reliably, allows a lot of transactions, has low over head, allows anonymous transactions.

A central bank could build a system that does the first four, but they have no incentive to do the last.

If the current financial system really can fix itself and become better than cryptocurrency through democracy, then I don't really get what it has to fear from cryptocurrency. Under that hypothetical, cryptocurrency would be inferior, nobody would use it and it would die out. Problem solves itself.

And as a member of the middle class, I personally think it's a feature that cryptocurrency can't be inflated to bail out the rich. If banks knew that they weren't going to get bailed out, they wouldn't have taken as many risks and we would have avoided the whole crisis in the first place.

Not sure big banks, brokers, etc. fear cryptocurrencies. They are already starting to happily make money of those and sell products around them. Banks worked happily in the past with decentralized/local currencies, for example.

The concern might be more on the policy and regulatory side of the world.

> It is even worse that that which it proposes to replace.

Aside from the vocal minority of BTC maxis that jerk off to the idea of making a crypto-revolution, no serious developer in crypto wants it to replace the existing systems and institutions. We "only" want to create an alternative for the times and places where the current institutions are insufficient or dysfunctional.

Except when you can, e.g. the Ethereum DAO. Turns out crypto is just exchanging one shady cabal for an even shadier one.
No, not really. The Ethereum fork was successful because the majority of the users through absolutely decentralized consensus started following the forked chain.

Vitalik did not pass any legally binding decree to get people to comply, and the worst thing that happened to people who disagreed with the change? They got left to play with the other chain.

Well, to be fair, people write legal contracts without fully understanding what they are writing all the time too. I do disagree that people understand them on most cases.

Things are better on consumer law because it assumes from the start that people are stupid and have no idea what they are doing. But other kinds of contracts have quite large security risks.

Yes, and when normal contracts don't (because they can't) anticipate every possible scenario, there is a meta layer on top of that to resolve edge cases.

In the case of a smart contract, it can even happen that both parties agree in how things should take place when there's a problem! But bad code doesn't work that way, and you can find yourself in a null state of indeterminacy without a built in layer to resolve that.

The entire evolution of legal jargon can be viewed as an attempt to provide a linguistic framework whereby ambiguity is minimized and edge cases are anticipated. But human interactions are chaotic and all outcomes or scenarios can never be predicted, hence the need for a layer of human judgement.

That layer is imperfect, sometimes wrong, sometimes biased, but still necessary. I don't see how smart contracts can work without that sort of layer, but with a human judgment layer then they're not really smart contracts in the way people want such contracts to function.

Trusting any smart contract of sufficient complexity is like trusting that a code base has absolutely zero bugs and zero unanticipated edge cases. I just don't see that as realistic.

If a programmer at a bank or exchanged should have coded ">=" then I want 1) for them to easily be able to act on their intentions instead of their mistake or 2) the ability to bring in a 3rd party to interpret and resolve the situation if #1 doesn't work out.

> Trusting any smart contract of sufficient complexity is like trusting that a code base has absolutely zero bugs and zero unanticipated edge cases. I just don't see that as realistic.

You can do this to some extent using formal verification. Most code doesn't get formally verified because it's kind of a pain to do, and you can usually fix bugs later, but smart contracts are the perfect candidate for it since they are (1) mission critical, (2) naturally limited in size and scope, and (3) cannot be fixed after the fact. You can write perfect code if you have the right tools and do it carefully.

>You can write perfect code if you have the right tools and do it carefully.

Obviously you are not a programmer.

Is there something about formal verification of systems that I don't understand?
People make mistakes in their verification code the same way they make mistakes in their actual code.
No automatic verification would flag misunderstood business logic
There is something about this "business logic" that I don't understand:

>Because the TITAN price falls to 0 which we have unthought of, the contract will revert the redemption transaction.

Formal verification doesn’t help with bad assumptions that went into the design of the program.
That is absolutely true, but even legal contracts can't help you with bad assumptions that underpin the entire contract itself.
But with legal contracts there is a baseline common sense of things that will not happen.
Yes, that's sort of what I mean though: you can't avoid mistakes like that, but with legal contracts there is mechanism to resolve that issue with hundreds of years of experience and benchmarks and mechanisms for figuring out how to hand these things. It's messy and imperfect, but there's no achieving perfection human affairs.

Smart contracts don't have a mechanism if this sort. If you have an issue with them as in this case with IRON, your best hope is that IRON will find a way to handle it that satisfies everyone (which may be hard) or that the normal legal system is able to resolve it.

Both of those kind of negate the purpose many people want smart contracts to have in being free of sovereign legal systems and, once implemented, automated without the need for human judgement that may be biased or bad etc, so no longer able to be trustless. At best they simply automate portions of a contract, which is still a very good thing, but not really what enthusiasts are hoping for.

> You can write perfect code if you have the right tools and do it carefully.

And you are DJB.

Regular contracts don't have a built in layer to resolve issues either. As you say, it's a meta later above this.

Laws still apply to things handled with smart contracts. You can't say "well sure the escrow contact did the wrong thing but it's code so you can't come after me for your money back".

I agree that right now the legal system still applies.

The problem is that lots of smart contract enthusiasts embrace them for the same reason they embrace crypto currency: they see it as a way to avoid government institutions that they do not want to have to work with or trust. In fact they want the entire contract to be trustless: agree to the terms, implement them in code, and and since the rest is automated you don't have to trust that the other party won't follow through.

I don't see how that can actually work in an automated fashion. Whether it's traditional government or some other legal system or analog, you need a resolution layer above contract layer, but at that point you've lost a lot if what enthusiasts want in smart contracts.

I trust the alarm on my phone to wake me up in the morning, even though it's been programmed by flawed human beings. It's possible to reach sufficient reliability despite our flaws and bugs.
"Sufficient Reliability" still needs mechanisms to resolve the rare issues that occur. A 5 9's system still needs resolutions for the 0.001% scenarios. In the case of your phone's alarm if your phone crashes, runs out of battery, app cache gets corrupted, whatever-- you can intervene with your human judgement to determine an appropriate resolution. What mechanism do smart contracts have for 0.001%?

Your phone's alarm is also not a critical transaction worth a person's life savings or the wealth of a country or a transaction involving life-critical supplies etc. The bar is a bit higher here, and even the most reliable systems ever designed have the ability to insert human judgement when the rare issue happens. Smart contracts are supposed to be appealing because they avoid the need for biased/imperfect judgement in favor of something "trustless", or at least that's the vision many see for them.

Contracts can also have hundreds or thousands of clauses, making "sufficient reliability" a much higher bar than an alarm clock. Especially because many of those clauses entail human concepts that would be extremely difficult to translate into code: What is the algorithm for determining "force majeur"? That's a pretty basic clause that appears in many contracts, but I don't know where you'd even begin to get a computer to understand & properly identify such events.

I don't see a pathway to sufficient reliability in smart contracts anywhere on the horizon, save for very simple cases. Even then, here we have IRON, which should have been relatively simple as these things go, but failed because the simple case of "Titan has no value" was not considered.

ex-lawyer here: I can confirm it is possible to write buggy conventional contracts; I have done so on numerous occasions. I have missed the odd ',', or simlar lexical slips, in a clause. Fortunately no rockets or stablecoins crashed as a result. And yes, a judge would resolve this to the sound of mocking laughter in the courtroom.
Isn't this why laywers' have to get indemnity insurance?
It is. Being sued for professional negligence is hurty & we earn by inflicting pain on others not getitng hurt ourselves. A static type checker/formal verifier for legal contracts would be worth serious money.
eh, for a regular financial contract you need lawyers and judges. There is plenty of counterintuitive law that burns people.

For this one you need programmers and computers.

On both cases, if you go in blind or wing it you might get burned.

most lucid comment yet.
Yep, and programmers only have a few decades instead of hundreds of years to have built up generational knowledge of pitfalls and best practices, and even then traditional systems get things wrong.

I'm not convinced that programmers and computers can bootstrap to that level of experience very quickly. I think a decade ago I was more optimistic on that possibility, but a decade of repeating history has made me a bit more pessimistic on that ability and cynical about the motives of most people involved.

People use a lot of things in everyday life that they don't understand. I don't have to understand how a car works to use it, for example.
Anyone interested in codified risk should read about rai stones.
Hmm. I don't think this is the first legal contract of ambiguous intent. Surely any court would decide what the proper reading is and rule in some direction.
While it's certainly true that there are plenty of legal cases that hinge on the inclusion or omission of a single comma, or a single word, or something like that, by and large the courts (and the whole system) try and sort such things out through principles such as intent and least-harm.

This is particularly the case with ownership of money. If you've put money in a bank, and the bank says "sorry, due to a programming error you can't get your money back," that's on the bank. They are legally required to try and get you your money back.

Similarly, legal contracts (as opposed to defi smart contracts) must contain certain elements to make them legally enforceable. These include such elements as capacity (the capacity of the signer to enter into a contract, which can take into account whether they can fully-understand the contract) and adequate consideration (whether the contract is blatantly unfair to one party). So a contract that seems reasonable but might have some complex edge-case that requires extreme fine-grain parsing or auditing to see how you might end up with no money may not be legally-enforceable at all.

In the defi world, it seems like you're entering into a contract that's written in code, but there's no requirement to be able to actually parse and have the capacity to understand all the code that is written in the contract (or omitted, in the case of edge-cases the programers didn't think about). This seems like it wouldn't fly in any legal contract.

I've been saying for a very long time now to anyone who chooses to listen that a contract itself is a human construct - it is both temporal and physical and has location to be relevant and useful. Without all of those properties a contract ceases to useful to a human being under all edge cases.

So it is, in fact, a dumb contract. Humans want contracts that make them whole at the end of the day, that's the point of the contract: jurisdiction over the human realm.

How is that thing you've been saying relevant here or how does it lead to your 2nd paragraph? Smart contracts meet all your requirements for a contract just as PDF contracts do.
I believe the point the poster was making is that "smart contract" is a misnomer and contracts comprised of code should be more realistically called "dumb contracts" since they lack the intelligence to understand and compensate for context and intent.
They really shouldn't be called contracts at all, since intent ("meeting of the minds") is a fundamental part of contract law.

Imagine for example if a mortgage contract contained some bizarre inscrutable loophole that as-written would give the first 3rd party to notice it total control over over the house.

This would of course be laughed out of court because that part of the contract wouldn't be enforcable under contract law.

"Code is law" is more accurately written as "code is not law at all".

> They really shouldn't be called contracts at all, since intent ("meeting of the minds") is a fundamental part of contract law.

That's a really good point. They are arguably neither "smart" nor "contracts". Maybe a better term is "automated blockchain agents" or something similar?

It's a perfectly correct term. They're smart because they do some computation, just like a smart speaker or smart phone. They're contracts because they're an agreement between parties. Not legal contracts, but neither are OOP contracts or social contracts or any other kinds of contract.
I guess I can see your point, but I think the usage of "smart" to describe consumer electronics with computational capabilities is a very different usage. Contracts are not "dumb" technologies that are being "enhanced" with computation; contracts and software code are already the same kind of thing. The difference is that contracts-as-code can actually execute contractual obligations rather than just describing them. I wouldn't describe this enhancement as "smart"... perhaps a better term would be "automatic" or "autonomous".
Hard to read that from "a human construct - it is both temporal and physical and has location".
Yes, dumb contract indeed. I think a good term is "fire-and-forget", as once it's live there's no going back so you'd better make sure it does exactly what you want.
This is less about actually going to court and more about counterparties being able to give each other a bit of slack based on customs in the profession and what was “really” meant because they may need to work with each other again someday. The courts are for when negotiations fail.
Do you see no value in throwing these "dumb contracts" out there and seeing what happens? An expensive experiment for the speculators, but we got to the moon on a roman candle iterated a billion times, so I'm personally just curious about these programmable organizations of digitalized willpower.
I agree. It's software. Lots of software sucks and is buggy and vulnerable. Sometimes mission-critical software sucks and is buggy and vulnerable and causes catastrophes when it fails. A lot of it's malware. A lot of it's inefficient and/or useless.

But a lot of it's good, and more good things will come out over time. It's currently the equivalent of like 1998 in the smart contract space right now.

Programs have bugs in. This is something programmers should be aware of!
Also, if the price of TITAN is 0, then you really can't pay out 25 cents worth of it... It does seem correct that the contract should handle such a case differently than just trying to pay you out UNDEFINED DIVIDE BY ZERO ERROR count of TITAN
You just hit the nail on the head. I did not think about that.

This is the true reason they needed to special case <=0.

If you think about it, the special case should give holders the option to withdraw the 74c of USDC without any TITAN.

Clearly the programmers didn't fully think though what would would happen if TITAN reached and got stuck at zero value.

This is what I was thinking. It should be decoupled. Here are the rules for how many USDC you get and here are the conditions for your TITANs. On the TITAN there should have been a condition for over zero, and a totally separate condition/case for zero… or less than or equal to zero since we’re working on edge cases no one considered.
That's both a downside and an upside though - they do exactly what they say they will do. The issues occur when people don't realize exactly that they say they will do. To me it's just a different set of trade offs.

Also, it's worth noting that this contract wasn't audited, a baseline practice in the industry. Most larger contracts go through multiple waves of audits, while this was apparently released with exactly 0 (so hard for me to be shocked when there are issues).

> A code audit likely would have caught this (this type of bug is so common in software development, I’ve probably made it hundreds of times myself), but of course this smart contract was not audited. Only its sister-contract on the Binance Smart Chain, written in a different language, was.

Any experienced crypto investor knows that putting money into an unaudited contract that's less than a few months old is basically throwing that money away. There is another side to this, though, which is that protocols than have been around for a year or more without problems are quite trustworthy and become important building blocks for DeFi.
> have been around for a year or more without problems

> quite trustworthy

As someone being used to write fixes to code that is 20 or even 30 years old, I had to chuckle.

Yes, but these smart contracts are often fairly short (in essence, they shift value from one ledger entry to another), and not every bug is exploitable. They are also effectively paying a bounty worth hundreds of millions of dollars if you can find an exploit. It is not unreasonable to feel increasingly confident in their safety after some time.
This is precisely why Cardano is using Haskell for their language.
Yeah when I first read the Cardano stuff back in 2018, I was like "thank God someone gets it and wants to avoid the dumpster fire that is Ethereum"
That's the whole point. Code is law.

The alternative is our current, arcane legal system - only interpretable by lawyers who charge $600/hr.

$272 million dollars could buy a lot of lawyer hours.
Smart contracts don’t protect you from being sued. So, now you need both lawyers and programmers while still risking losing everything.
Not exactly. There are plenty of anonymous projects, developers and users.
Plus, even if they lose their anonymity, many are in places like Eastern Europe where suing them won't be so easy.
"Smart contracts and cryptocurrencies - great for anonymous people in Eastern Europe who want to avoid the law, less so for other types of people"

It's not an argument that's going to convert many people, but at least it's honest.

I don't think that's generally true. It is very useful for criminals in countries that don't extradite to the US, but

Many of those same people could make and were making money through other forms of cybercrime for years. Even without cryptocurrencies, new technology will always keep coming out that'll facilitate and potentiate more cybercrime.

To me, the answer there is and has to be geopolitical. Whatever crime they're committing, if it's against a foreign national, they have zero fear of repercussions, and that lack of fear is totally rational because there's basically no chance they'll ever face repercussions even if their real name and address is plastered in a million places. If they knew they could be extradited, or at least sentenced to serious prison time in their own country, and that there was a significant chance of it happening if they were to be identified, then I'm convinced most of them would behave differently.

> Code is law.

Law is law, code is code. They're two very different things. Code can't prevent someone from using violence to force you to overturn a smart contract's decision. The law can because it's enforced by the state. You could certainly choose to build a system of law that uses code, but code by itself cannot substitute for law.

> only interpretable by lawyers who charge $600/hr.

What do you think the going hourly rate would be for software engineers capable of writing bug-free smart contracts? If adoption takes off I'd bet that it will look a lot like the hourly rate of a good lawyer, or even exceed a lawyer's hourly rate given the impossibility of an appeal if the smart contract is poorly coded.

Also lawyers don't interpret contracts. They draft them and advocate on behalf of their clients in disputes. Judges interpret contracts, and are available as a public service paid for by taxes.

>Code can't prevent someone from using violence to force you to overturn a smart contract's decision.

You can hit the developers and the computer has much has you want but no amount of violence will fix the "_share_price > 0".

There's a reason it's called a legal code--both computer code and legalese are formal languages. The difference is that computer code is deterministically executable by a machine, while a legal code requires humans to carry out the actions it specifies (and humans are not deterministic machines, obviously).

The point where the two realms intersect is challenging but needs to be handled appropriately. It would be great if some of the terms of legally binding contracts could be delegated to automated systems. And when two parties do not actually share a common legal system, then code-based contracts can facilitate transactions that would otherwise probably never happen.

What about the crowbar attack? A couple of thugs show up at your house and tell you to hand over your private keys, or they'll beat you until you will. Code can't account for all the nuances of real life or being human
"Code is law"

except for the DAO fork of course, when commit rights were law.

That is what courts are for- to interpret the spirit of a contract. There is a point where hiding deliberate pump and dumps/ fraud/ ponzi schemes through complicated tokenomics or incompetence (we couldn't predict all the edge cases) no longer is an excuse. At this point, there is really no difference between the approach to launching these half baked algo/backed stablecoins and deliberate fraud. It could be easy for a court to make the decision that the contract was designed to be complicated on purpose to hide deliberate fraud, or at least could determine the devs were recklessly incompetent and still responsible.
Smart contracts is a horrible name. The better analogy (which has been around for years) is that they are the digital equivalent of (snack and beverage) vending machines.

As with vending machines, they have their use cases, but they aren't lawyer "smart" and they certainly aren't legal contracts. I'm not sure how much trouble a better name would have saved everyone, but it might have done a better job of setting expectations.

So is this event the digital equivalent of the bag of chips getting stuck on the row below it or the frustrated customer shaking the machine until it falls over and squashes them?
Looks like some very expensive chips got stuck in the machine.
"Self-executing contracts" removes pretty much all of the confusion
Not only that, but all the hashes will probably be broken at some point in the future. We thought MD5 was the be-all end-all of hashes back then, but here we are at SHA-512 thinking it's our masterpiece. Two decades from now it will probably be obsolete.
"Smart contract" has always been a bit of a misnomer. If they'd just called them "scripts" then people wouldn't complain about the lack of lawyers.
Everybody said the same thing about the 1987 automated trading crash. Get rid of those darn computers!

Sorry; decentralized autonomous finance is here to stay. There will be less disasters as we go along, but they will be much bigger.

This is why Cardano smart contracts will be so strong in August. The language running underneath it all is Haskell, a functional programming language where you can prove the code will work as intended. You won't have to constantly put out fires like in Solidity.
Smart contracts are neither smart nor contracts.

It's code which does stuff and if you want to be on the safer side of it, you allow time and liquidity to test them out.

If you want to assume risks and possibly higher rewards you get in early (ape, in crypto speech).

It's pretty simple.

What makes it complicated is that they are called smart contracts.

The classic "halting problem" in comp sci shows that no one can even determine all the edge cases, much less test for them. This is why all software has bugs and always will have bugs. The way smart contracts lock-up software and make it impossible or difficult to edit can only create more bugs and prevent them from being fixed when they're found. This is the exact opposite of how professional, enterprise software development handles updates!

The lawyer problem is even worse than not being able to interpret the contract. The code isn't even a contract, legally. When conflicts arise from these deals, courts will settle them the way they always have. They won't read code and then decide that "code is law." That's something programmers made up that will also never be true.

Perhaps I should explain why the halting problem is an issue.

In comp sci, the halting problem says we can never guarantee that, given some input, a program won't halt. "Halt" is another way of saying "stop without doing the intended thing," which is what we call a bug.

One of the ways this translates to everyday debugging is that humans cannot ever know the range of all possible inputs or conditions to a program. We don't have that ability any more than we can give someone a list of all the words that can be made with the letters A-Z.

If we cannot write down what all the possible inputs might be, we cannot be sure that one of them doesn't cause halting!

By the same token, as useful as they are, no set of regression tests can prevent all bugs for the same reason: it simply isn't possible to come up with a set of regression tests that is in any real sense "complete" (ie: ensures no halting).

The halting problem was proved mathematically by Alan Turing and applies to all Turing computers, so we know it applies to smart contracts. In fact, the inability of the developers to conceive of one possible input (a zero value from the oracle) is what led to halting in the case of IRON.

To make the problem worse, even knowing that halting (aka bugs) was a possible outcome (a likely outcome, even), not only did the company apparently not seek any outside code audit, they locked down the contract (because it's "law," lol) so that the code can't be fixed even though it's now known to be broken.

So there's the stupidest kind of programming ever. Smart contract is a name in the same vein as the Ministry of Peace in Orwell's 1984. It is anything but smart. It is known to have bugs (halting problem) and they cannot be fixed (locked down "by law," rotflmao).

40 years ago, financial innovation involved finding new affinity groups to sell credit cards to (and others I'm sure but that was a scam I saw firsthand).

It wasn't any more honest than this; it was just kept quieter with private meetings and less publicity for the collapsed scams.

I'd be looking for the banker-adjacent people in these. The folks that don't work for the banks directly, but consult; somehow always seem to have some extra connection to someone at the bank, related, married, side projects...

I wrote Skepticoin as a serious parody of Bitcoin. Articles like these about the "state of the art" of cryptocurrency make me wonder: would a parody of a more "modern" cryptocurrency even be recognizable as such?
This brings to mind Poe's Law (that on the Internet, any sufficiently advanced satire is indistinguishable from reality), so I would think not.
Doge says no
I can't imagine it'd be possible. There're a whole lot of Andy Kaufman-esque / kayfabe / "the most entertaining outcome is the most likely" things going on.

Literally no conceivable parody could work as an actual parody, I think. There are coins people are getting rich off of with names and logos like "Pregnant Butt", "CumRocket", racial slurs, etc.

There's absolutely no doubt in my mind that if it hasn't already happened, coins named "Scamcoin", "Rugcoin", "Ponzicoin", "This is a scam coin, please ignore", "If you invest in this you will lose all of your money and be the laughingstock of your friends, family, and communitycoin" could probably quickly reach million/billion-dollar market caps.

You could make a token with a smart contract which self-destructs itself at a random time, and explicitly disclose this fact, and it'd still probably get a huge market cap and retain it up until the day it explodes. Or you could make one that does this, don't disclose the fact, have millions of dollars flow in without a single person ever looking at the code, and get the same result. (Doesn't matter if you do or don't publish the verified source code; if you do, no one will look at it, and if you don't, no one will notice/care that you didn't before investing their life savings in it.)

Poe's law doesn't even quite describe it, because it's not that you can't distinguish between parody and sincere absurdity. There's just no difference between the two in terms of actual real-world outcome. Whether you make an intentionally or unintentionally terrible coin, and whether or not you're open about it and whether or not people are aware of it, it's still going to receive a ton of investment.

And it pretty much makes sense why this is and will be the case (unless the US government starts cracking down). People are buying because they find it entertaining and think other people will find it entertaining and buy and that they'll think other people will find it entertaining and buy, etc. And then they just wait until their initial investment multiplies a bit and they try to get out before the inevitable collapse. It's a fast-paced psychological arcade game. In some sense it's a distillation of Wall Street to its purest essence, for better and worse.

> Doesn't matter if you do or don't publish the verified source code; if you do, no one will look at it, and if you don't, no one will notice/care that you didn't before investing their life savings in it.

As someone who doesn't know much at all about crypto, it seems insane that apparently coins can be closed source? But how? How does the chain know what code to execute?

Ethereum apps are typically written in Solidity before being compiled to EVM bytecode. The EVM bytecode must be public, but one could keep the (more readable) Solidity code private, like distributing an executable without the source. I think it would be unusual though.
The Ethereum interpreter bytecode is stored on the blockchain, but the source code isn't. (It'd be inefficient both for storage and CPU cycle reasons.) Basically like storing a Python .pyc or Java .class file.

There's pretty much a rule of thumb that tokens should always be open source, in part because it's much easier to hide a backdoor if you don't publish the source, and also because cryptocurrency communities generally share the open source, high-transparency ethos. The #1 Ethereum blockchain explorer site has a system that lets you submit source code for a contract, and they verify that the source code compiles to the exact same bytecode.

You can very safely assume that if there's no source, it's malware. For every single instance I've seen where a project doesn't publish the verified source code, it's always been because the code is backdoored.

You can decompile bytecode, but scam projects will often add a ton of obfuscation or even specific things to confuse the decompiler and make it fail to decompile certain parts. Better decompilers will keep getting written, so you theoretically won't ever be able to truly hide what your code is doing even if you don't publish source, but it's sort of moot because verified source code is bare minimum "table stakes" for anyone (competent) to interact with your project.

The caveat being that most investors are non-technical and don't have a clue what any of what I just wrote means and will just invest in whatever if it has a name and a logo. But in that case, they'll invest in a scam project whether or not they publish the source code. And for the percentage who do at least know that no source = scam, they'll still invest in every scam that does have source code, which is most of the scams.

Generally is it reproducible build?
My understanding is it's always reproducible if you submit the compiler version and flags you used. The (EVM compiler version, flags, source code) tuple should always generate the same bytecode.

(Though I guess it would be hard to imagine how that wouldn't be the case, if you're assuming the same reference compiler is used and that each release, no matter how minor, has a different version. A non-deterministic compiler is probably a bad idea, unless you're trying to make a Malbolge-type language or something.)

In theory perhaps you could discover some major compiler issue where benign-seeming source code generates malicious bytecode for a certain version, and then use that specific version to deploy and verify your contract, but I'm not aware of any such issues. I imagine there would probably have to be an incredibly big fuckup for that kind of bug to occur.

Scamcoin hit a $70 million market cap within an hour, and PonziCoin absolutely would have hit a multi-million dollar market cap if the dev hadn't pulled the plug.
>Scamcoin hit a $70 million market cap within an hour, and PonziCoin absolutely would have hit a multi-million dollar market cap if the dev hadn't pulled the plug.

Fantastic. I genuinely was just coming up with those on the fly and did no research to see if any existed, but added "if it hasn't already happened" because I was still confident enough that some very likely did exist and very likely were successful.

My post with your reply feels a little like movie scene dialogue. (Perhaps Aaron Sorkin.) What a time to be alive.

bitcoin is a parody of itself

completely unusable as a currency, even maximalists cant seriously tell people to use it as such. "cryptocurrency" at this point means less useful than any currency in any mmo

Bitcoin totally failed as a currency, but it's still something. I'm not necessarily arguing Bitcoin is useful or valuable period, but the issue you refer to is more with the "cryptocurrency" name and public conception that that's what all this technology is. The core idea is reliable, secure decentralization and the things it can enable.

Coins that support smart contracts show that "cryptocurrency" isn't a great term. Even if you never try to use ether as a currency (and indeed, most people don't), Ethereum can and does still do lots of things completely unrelated to finance in any way, with ether just serving as computational fuel.

The interesting part is fully trustless peer-to-peer networks, not e-currencies. E-currencies are just an example of one thing you can run atop such a network protocol. They've already existed to some extent for a long time via protocols like BitTorrent, and these just expand on those ideas.

(comment deleted)
Technically it's a way to keep governments in check but the point isn't that you use an emergency solution all the time.

Homeless people buy a tent as a fallback for a house. That doesn't mean they want to live in a tent for the rest of their lives.

Some people see it that way. And it probably does serve that purpose to some extent in areas with very unstable governments, like some developing countries. But I'm doubtful that by the year 2121 Bitcoin or any other cryptocurrency will have kept the US government "in check" in any way. It's not impossible, but I'd heavily bet against it.

They may very well make/adopt some cryptocurrency as the new primary fiat by then, but I kind of see the idea of Bitcoin keeping the US government in check similarly to the idea of gun ownership keeping the US government in check.

Out of curiosity, can you describe an example of how it could potentially serve such a purpose, even in a hypothetical contrived scenario?

I'm quite skeptical of Bitcoin in general but I can't deny that Lightning Network has really started to take off as a means of payment, it's even a common sight in El Salvador to see Bitcoin accepted through LN, where transaction costs are in the fraction of a cent.
Just an anecodote:

I recently needed to buy something from a merchant, who was not able to acquire a traditional credit card merchant account, or a business checking account. I had three options to pay to that merchant: cash in the envelope, money order, bitcoin (merchant also run a promotion for bitcoin method of payment, discounting the total of the order by 20% when paid by bitcoin).

Bitcoin turned out the best option out of these three.

Dogecoin literally started as a parody.
Are all the people saying "hold it, we will get rich!!!" on Reddit joking? I honestly can not tell, but I'm not sure it's not a parody up to this day.

I mean, there are some people there basically saying "yeah, I brought $0.10 worth of it, now I just have to wait until I'm a millionaire", even those I can't decide if they are joking or not.

That reminds me of a discussion a while back on whether or not "Snow Crash" was a parody. The main character was named "Hiro Protaganist" who worked delivering pizza for the mafia and there was a character who could take on pretty much any number of people completely unarmed, plus had a nuclear bomb wired to a dead-man's switch which caused quasi-governmental organizations to leave him alone.

That's two items, but there's more. However, cyberpunk in the early 90s was so gonzo that it was not an obvious parody to many readers.

I think it's one of those things that's more complex than being one or the other. It's simultaneously a parody and also a somewhat earnest prediction of a not-super-far-fetched potential future world.
(comment deleted)
He wasn't completely unarmed, he had a knife that had an edge that was only one atom thick, IIRC.
For what it's worth, this isn't "the state of the art" of cryptocurrency.
This is good for USDC right? Because it's $262 million that they don't have to pay back?

>EDIT: I’ve since learned that the developer(s?) behind this are already the laughing stock of the DeFi community, having wrecked each of their 3 previous projects (now 4) — though this might be their biggest hit yet

And people poured $262 million into this?

They poured 1.33 X $262M at the very least as the stuck USDC was 75% of the collateral that still remains. But apparently a lot more than that even was poured in, in the first place.
Wait so USDC is linked to existing USD in a bank somewhere, so what's stopping coinbase from just nulling the locked usdc and minting 262MM new ones? Sorry if it's a dumb question Im not sure how stablecoins work.
Because those tokens are fungible, they can "blacklist" certain addresses and refuse deposits from them coming to their exchange, but they can't "null" some random addresses holdings.
>Wait so USDC is linked to existing USD in a bank somewhere

Yep, short of the fed issuing USD tokens directly that's always going to be how USD stablecoins work.

>so what's stopping coinbase from just nulling the locked usdc and minting 262MM new ones

Nothing, other than that they have zero incentive to do it. I doubt whatever goodwill they get will come close to the $262 million that they don't have to pay back.

> Yep, short of the fed issuing USD tokens directly that's always going to be how USD stablecoins work.

Or... you could just lie about the USD and issue a stablecoin anyway.

USDC represents a claim on USD, but why would Circle want to help out this contract and lose 262 million?

If a stablecoin issuer like USDC can make arbitrary decisions to null any USDC token and they use that power, that is a good argument for the point that they are not following aml/kyc on every hop or transaction of USDC, even though they are allowing the transfer of dollars behind it. USDC can be charged with violating money transmission / bsa / aml/ kyc requirements.

> but why would Circle want to help out this contract and lose 262 million?

Probably a rhetorical question, but they might decide that it's a price they can pay for trust in their system.

Not sure if I understood where the real value currently is though.

USDC's system didn't fail. The money transmitter (smart contract- IRON/TRON) failed, if the USDC is indeed 'locked' or not able to be transmitted. USDC can't be compelled by anyone to 'fix' this.

If USDC can revoke any p2p transaction of USDC, that means that they can revoke the transmission of movement of dollars/reserves that USDC token represents. Implicit in that, means they have ultimate control or authority of all p2p transactions or transmissions, and they are not doing kyc/aml on all p2p transactions, thus in violation of money transmitter laws.

I don't remember if there's a way to lock a specific token but I've read the contract and 1. It's behind an UpgradabilityProxy so it can be changed and 2. It includes functions to blacklist addresses and even temporarily pause all transactions.
Why should they? Suddenly they're over-collateralized by 262 millions, they might just as well spend that money.
As I get older, I do not understand how known scammers, especially the ones that raise millions over and over, get support time and time again. If not in jail, why do they still get jobs. I know some who just told me in my face that they were scammers of millions (or simply were happy screwing people even with viable ways out) and they raise money again, screw people again etc. People do use Google right? Due diligence?
I can recommend checking out Reddit’s /r/cryptocurrency and branching out to smaller altcoint subreddits. Read the comments. There are thousands of people just looking for that one weird trick to get rich.

As a sidenote, I almost always got out just before a crash by when I was playing with altcoins by waiting for people to get over the top enthusiastic in their subreddit and then selling everything. Might as well have been luck though, so don’t try it ;)

>There are thousands of people just looking for that one weird trick to get rich.

Increasingly I think they're the smart ones. I'm sitting here working my butt off for a few thousand dollars a month, while these guys raised hundreds of millions of dollars without even being able to grammar check a sentence. Who's the real sucker?

I was talking about the users giving them money, not the scammers/con artists.
Well, most these talks are marketcap for their coin or token. That is not actual value. Some of the biggest ICOs got only a fraction out of them or nothing at all.

They still get a lot for free scamming others. Just do not think that a 100m$ ICO means they raised that. They cannot get anything close to that out.

Don't compare yourself to just the ones that got lucky, that's the big fallacy of trading.
I was not even talking crypto but 'normal' CEOs. I mean a famous one was the guy (do not think he was the CEO but close to him?) from Groupon: he was a known scammer and yet, he gets bingo every time. And many many more.

Edit: whoops I never knew what became of Groupon but I see it was a massive scam altogether. Seems the investors could have known that from the first time they met the founders by just typing some names into Google. How does that work?

Reminds me of Kevin O'Leary. Buddy toppled a software industry at the height of the first internet boom. That's either a special kind of incompetence or something worse.

They almost always seem to get bingo; the companies and the people that rely on them take the hit.

https://www.nationalobserver.com/2016/02/18/news/did-kevin-o...

Ah yes, thank you, good one. It was a gold rush not unlike now with cryptocoins. Everyone shouted 'this time it is different' which I hear a lot now again. Things do not keep growing. Covid delayed the real crisis. I digress: yes people like this: how can you not do a basic amount of dd and at least ask some people about them?
>As I get older, I do not understand how known scammers, especially the ones that raise millions over and over, get support time and time again.

Con artists are good at what they do. People are a thousand times easier to hack than a database server. And there's no security patches for human emotion; we are full of 10,000 year old zero days.

Agreed, but if you are a VC you do basic DD right? And if there is a reddit group calling your new star CEO a scammer, you might check a bit? But yes, full agree.
I suspect that many VCs don’t do due diligence beyond “someone we trust is already in” and others assume they can get out before it collapses.
It's also a calculated risk. Every ICO in existence has its' detractors. But with so much free funny money floating around, the calculation is heavily outweighed towards FOMO.
The basic DD that a crypto VC does is to figure out just how big the market for suckers is at this point in time.
The basic way a con works isn't by presenting itself as not-a-con but by presenting you as being in-on-the-con. Lots of overlap there with semi-legit (though taking advantage of stupidity) companies.
They have charisma. Charisma is mind control. I'm pretty convinced that charisma can literally override the rational mind.

I've seen some pretty amazing examples of charismatic people spewing absolute nonsense with the audience hanging on every word like they are a genius. Put far more interesting ideas in the mouth of someone with no charisma and they are ignored.

Humans are merely clever. We are not truly intelligent.

Do you consider yourself intelligent, or merely clever?

Are you a slack-jawed puppet of the charismatics, or is it just everyone else?

Honestly? I think I'm occasionally intelligent but usually just clever.

I was being a bit hyperbolic for effect.

>Are you a slack-jawed puppet of the charismatics, or is it just everyone else?

To make this more than just a rhetorical question, one could take a poll - who took Adam Neumann seriously, because he seems to me like the epitome of a "charismatic" who walked away stupendously wealthy from a fiasco (WeWork) without serious penalties.

I don't think I'm smarter than everyone else, but I also don't think Neumann and WeWork were anywhere near something that made sense to me.

I can't say I would've done my research and learned things like this, if I had heard of them before the blow-up.

But now that I've looked at their website, I think I can say that the writing just has a low budget BS-y tone to it.

I'm not claiming to have an infallible BS detector. But this thing in particular gives me an overwhelming sense of they're trying to sound intelligent to people like me who don't understand a word.

They sound very like the writers of spammy financial news that clogs Google search results for public companies these days. The ones that aren't actually bots, I mean.

"Market shocks provide the best stress tests for stablecoin pegs, and IRON’s strong peg retention should go a long way to grow trust in our community. IRON has shown itself to be a shock-proof stablecoin, and the stabilizing protocol is now battle-hardened."

Probably a dumb question, but is there any possibility of temporarily getting the price to slightly above 0 in order to let people get their money out? For example, could some group with a lot of money offer to buy/sell a bit until the oracle considers it above 0, in exchange for some sort of compensation from the investors or devs?
Yep, and btw, how can the price of anything be exactly 0? This doesn't sound right either.
According to the graph in the post (https://miro.medium.com/max/6088/1*tzpAFvuxVeumWO8ENz_SZg.pn...), it's somewhere around 0.0961 as of that time, and I suppose the price oracle they're using rounds that down to zero, perhaps? Or maybe the contract is rounding it down? Either way, I agree it's odd that exactly zero would be reported even if it's very close to zero.

edit: Nevermind, I misread. It's -0.0961, apparently.

Well, a price can go negative [1], so I wouldn't consider zero to be surprising.

[1] https://www.cnbc.com/2020/04/26/why-oil-prices-went-negative...

A price can go negative for a physical thing which requires upkeep, but I don't see how a coin which imposes no obligations on an owner who just chooses to walk away, can have a negative price?
Oil went negative in the same way the price of my trash is negative: more of it was being produced than people wanted to buy, but the producer had to get rid of it because they couldn't stop production. As another commenter said, you can just walk away from a digital asset, so this isn't a problem. I can't walk away from my trash.
Price can be a number of things - current best offer from a seller, best offer from a buyer, mid between them, etc. (Stocks often report either the mid or “last trade” but the bid-ask spread can get wide for rarely traded securities, especially Lon-dated options).

I don’t know what the Oracle is using but it would be amusing if something else means the price is “stuck” at zero once it hits zero.

The article laughs at the developers but then gets things fundamentally wrong. The error isn't an off by one error, to begin with. Then, as you note, it doesn't make any sense for the coins to be locked. The oracle should always report a price above 0 and if for some reason it's not it should be relatively trivial to get it to
Their docs state that there should be a max supply of 1 billion iron titan tokens[0]. But according to coingecko, there are over 27 trillion in circulation[1]. I think that's probably where the trouble started, and at that amount, I doubt they'll be able to get the price up. I may be totally wrong though, I heard about this project for the first time today.

[0] https://docs.iron.finance/iron-finance-on-polygon/titan-dist...

[1] https://www.coingecko.com/en/coins/iron-titanium-token

edit:

On further inspection, it seems like they'd just need to get the price up to the 6th digit[3]. I'm not sure it's feasible though.

[3] https://github.com/IronFinance/iron-polygon-contracts/blob/m...

> Their docs state that there should be a max supply of 1 billion iron titan tokens[0]. But according to coingecko, there are over 27 trillion in circulation[1].

How on earth does something like this happen?

Well, we can already see they screwed up a basic piece of code in the IRON smart contract, so is that really so surprising?
I suppose yes and no.

Screwing up the maximum supply seems like an enormous blunder while I kinda understand the assumption that “price > 0” if they’re supposed to be backed by 75% usdc.

You might be confused. The "price > 0" refers to the price of TITAN. TITAN isn't backed by USDC at all. IRON is (ideally) backed by 75% USDC and 25% TITAN.
Oh you're right I am confused. I actually don't even understand the point of the price check in the first place. Why does the USDC portion of IRON tokens need to be locked in the smart contract based on TITAN price anyways?
>Why does the USDC portion of IRON tokens need to be locked in the smart contract based on TITAN price anyways?

It doesn't need to be. It's basically a bug in the code. They didn't consider TITAN price being 0 to be possible, so they didn't write their code in a way to handle it correctly.

A random guess for why they had the price > 0 check. They might have had code like this:

    // Returns (usdc_to_withdraw, titan_to_withdraw)
    def GetWithdrawalAmounts(iron_to_withdraw):
      usdc_price = 1  // guaranteed: USDC price in USD (aka USD/USDC)
      titan_price = GetTitanPrice()  // TITAN price in USD (aka USD/TITAN)
      iron_price = GetIronPrice()  // IRON price in USD (aka USD/IRON)
      usdc_to_withdraw = iron_to_withdraw * iron_price * 0.75 / usdc_price
      assert titan_price > 0
      titan_to_withdraw = iron_to_withdraw * iron_price * 0.25 / titan_price
      return (usdc_to_withdraw, titan_to_withdraw)
If you look at it like that, it's pretty obvious why they have the assertion that titan_price > 0. Without that assertion there's a divide by 0.

If you want to handle the ability to withdraw USDC even if the TITAN price is 0, you have to make the code more complicated. Likely not just this function, but the system as a whole, because it'll mess up all the accounting.

From the article:

"[EDIT: I’ve since learned that the developer(s?) behind this are already the laughing stock of the DeFi community, having wrecked each of their 3 previous projects (now 4) — though this might be their biggest hit yet]"

In other words: find a way to short their fifth project.
That seems like a poor idea when the collapse of this project was preceded by their failing token doubling in price before falling to zero. You’d need an unknown amount of collateral for an unknown period of time.
You can buy a lot if the price is zero.
I'm wondering the same. I don't know how the mechanics of blockchain oracles work, but it seems feasible that the oracle operators could report a price high enough for the contract to believe it's `> 0`.

Reasons why this might NOT work:

1. The oracle "broadcasts" the price to the network, which other services may rely on. Broadcasting a false price could hurt those services, and the oracle would lose credibility.

2. The oracle's price is somehow tied into other blockchain mechanics (i.e. it can only report a price that the network consensus agrees is true)

I'm not sure how #2 could be true, since the purpose of an oracle is to provide information that the blockchain can't determine on its own.

EDIT: More info on the price oracle in use here: https://docs.iron.finance/mechanism/pricing-oracle

Still not sure the exact mechanism, but #1 seems to be the concern. Chainlink can't readily tamper with the price feed that may be in use by others.

(comment deleted)
Here's a better question: Why?

This is exactly what crypto-enthusiasts claim is going to happen to the US Dollar and I've never heard mention of crypto taking pity on fiat by offering to give them crypto when the bottom finally falls out of fiat.

So why should anyone else be responsible for people who took a calculated risk that blew up in their face?

Yes, this sucks for them. But this shit happens. Don't throw good money after bad.

>Here's a better question: Why?

A calculated risk is that you put money into something which may end up losing all of its value; not that your collateral becomes locked in a safe with an accidentally lost key. They had a reasonable expectation that even if the value was totally lost, they wouldn't have their collateral locked forever. Their investment, yes, but not their collateral.

Sure, one always has to account for extreme scenarios when doing anything, like the risk of a critical flaw in the code. But to give another extreme gambling scenario:

Let's say you put your car up as collateral for a huge gambling bet. You of course take a calculated risk that if you lose the bet, you lose your car. Then let's say you back out of the bet after putting up the collateral, or you even win the bet, but there was a mixup at the casino and they thought you lost the bet and they took your car without you realizing it and it's on another continent now.

In both scenarios, you hope that you can at least get some kind of compensation from the people you entrusted the collateral to, since it was just a complete fuckup on their part. You know you're not guaranteed to get anything, but I think it's reasonable to try to ask for compensation. If you just took a bet and the value plummeted, then you know it's tough luck for you and just a standard high-risk high-reward scenario that you ended up on the losing side of, but this is something else.

(At least if I'm understanding this properly and the collateral really was purely collateral. Seems to be a bit complicated because they were attempting to make a... stablecoin... pegged to an intentionally volatile asset, somehow.)

>This is exactly what crypto-enthusiasts claim is going to happen to the US Dollar

It's mostly just Bitcoin maximalists who think that, and they're a small subset of people who own Bitcoin. This is Binance Smart Chain (basically a copy of Ethereum), and I'm sure some BSC/Ethereum users believe something similar, but it's a much smaller percentage than even Bitcoin's small percentage.

Also, I don't think they think every dollar is secretly embedded with nanobots that'll encase the bill in titanium after someone at the Fed trips and falls on a big red button, which is what would be analogous to this. I think they think the dollar will lose most or all of its value due to hyperinflation. I think that's a completely unfounded belief based on an unfounded philosophy, but it's a different and entirely unrelated thing.

> They had a reasonable expectation that even if the value was totally lost, they wouldn't have their collateral locked forever. Their investment, yes, but not their collateral.

They literally handed their money to a computer program that works outside of human control and cannot be interfered with... which means if something goes wrong no one can intervene and sort it out. This is a risk they took willingly. It's not the first time a computer program malfunctions, and won't be the last.

>which means if something goes wrong no one can intervene and sort it out

That's true in general, but in this rare case anyone's USDC can actually theoretically be recovered in full if the price ever manages to get just barely above 0 for a period of time and they pull it out during such a period.

If nothing can be done, you have to just take the loss. But here something can actually be done, and it's not like it's infeasible. Just hard.

Why can't someone "paint the tape" as they called it in olden days?

If it's possible, what would make it difficult? Or what would make it impossible?

I kind of thought that there isn't normally any requirement for any particular volume of trading to set a price.

"And, look, if the casino gets robbed, and you are chilling in the lobby, you’re gonna get robbed too. Obviously you’ll be sad about getting robbed. You came to gamble, maybe to get rich or else to have fun losing your money, and getting robbed does not satisfy either of those desires. But it could be worse. You were … at the casino? You were mentally prepared to lose that money anyway.

Similarly the expectation for anyone trading crypto surely has to be that it’s a risky volatile asset class where you can lose all your money in a variety of exciting new ways, and if you are parking some of that money in dollar stablecoins some of that expectation ought to carry over. If you want to put your money somewhere safe, there are banks and money-market funds and Credit Suisse supply-chain funds, and if any of them go bust then that is a potential financial-stability problem. If you want to put your money somewhere safe for crypto, there are stablecoins, and if any of them go bust then that is a brief distraction from the crypto exchanges losing their customers’ money in other ways."

> Here's a better question: Why?

Profit.

There are a lot of people with USDC locked up in the contract and they might be willing to pay a share of it to unlock it.

Here’s an arbitrage opportunity. Since the price of TITAN is 0, it only takes a small amount of $ to buy a vast amount of TITAN coins. Buy the locked out IRONs at a discount. Keep buying TITAN at $0 until it moves beyond $0 to satisfy the greater than 0 constraint on IRON. Cash out the IRONs.
I think that's why IRON is trading only slightly below the value of the locked collateral, instead of going down to zero.
I think it's foolish to assume that the price for any particular cryptocurrency is arrived at rationally.
>Non-collateralized stablecoins

read: "ponzi scheme". This is pretty funny.

You used to have to build your Ponzi scheme, now it builds itself and is fully automated. Such advances. Much technology. Wow.
We truly are witnessing the next-generation of Ponzi schemes.
Is that related to IRON somehow?

PlusToken was certainly a Ponzi, I don't see anything in this article that suggests IRON is/was one.

A Ponzi scheme requires a central actor like Charles Ponzi, you're quoting a description of a "purely algorithmic stablecoin" which implies no central actor to channel new investors' money to old, no central actor to defraud the new investors and by telling them they've gained money when they haven't.

I guess they are comparable in the way that they both require a inflow of capital, is that what you're saying? That would make them similar to pyramid schemes and startups too. "Ponzi scheme" is more specific than "scheme."

A ponzi scheme largely refers to a scheme where you invest capital to get access to the future inflow of capital, where that future inflow of capital comes from other investors who are hoping to access future inflows of capital, etc.

The difference between this and a startup is obvious- a startup intends to become financially independent at some point

It certainly doesn't largely refer to that. It requires a central actor to defraud new investors, promise investors returns that haven't actually been realized, channel their money to pay off the old ones. If you read up on why it's named a Ponzi scheme you can understand how they work.
> It requires a central actor

I see exactly zero existing definitions of ”ponzi scheme” that mentions any "central actor" so you seem to be creating an entirely new definition purely to avoid the "ponzi scheme" label.

Then you didn't look at wikipedia which mentions "the con artist" and "the operator of the scheme" several times.

If you're having to google the definition of the term maybe there's still a little more you need to learn about it.

I don't see either of those as at all synonymous with "central actor".

I would consider all the founders and early investors who knowingly promote the ponzi scheme as con artists.

I google the definition to charitably give your argument the benefit of the doubt. I don't see how you think phrases like the following make for effective communication or a strong argument:

> If you're having to google the definition of the term maybe there's still a little more you need to learn about it.

Why isn't "the operator of the scheme" synonymous with "the central actor?"

Either:

    1. I'm trying to dodge the label "Ponzi scheme" for a reason you haven't provided (maybe you think I have millions invested in this shitcoin?)
    2. This isn't a Ponzi scheme, and you don't know what a Ponzi scheme is
Which explanation is simpler?
> Why isn't "the operator of the scheme" synonymous with "the central actor?"

There can be multiple operators.

I see zero good reasons why decentralized schemes can't be ponzi schemes.

Your argument is akin to claiming that a three legged dog is not a dog because dogs have four legs.

I wouldn't be so uncharitable as to presume to know why you have chosen to make this argument.

I think your argument would be clearer if you took a step back and explained why you think that "central actor" is such a critical part of the meaning of "ponzi scheme" rather than a incidental feature common to ponzi schemes.

So why isn't "the operator of the scheme" synonymous with "the central actor?"

>I see zero good reasons why decentralized schemes can't be ponzi schemes.

Do you know who Charles Ponzi was or why Ponzi schemes are named after him?

Do you know what he did or what Bernie Madoff did? They operated the Ponzi scheme. That's why they were a critical part.

This money really was going into the smart contract, wasn't directly given to old investors, wasn't being siphoned directly into the operator's pocket, all unlike a Ponzi.

You don't know what a Ponzi is and you're trying to save face, I get it.

> $272 million worth of USDC is still locked up in in the contract. Why hasn’t everyone recovered their 74 cents?

Why didn't the masterminds behind this scheme walk away with that cash? Because it was a mistake. Not a genius scheme being run in the shadows.

You should work harder on understanding what other people are saying. I've tried to give you the benefit of the doubt several times but your tone keeps getting worse.

> Why didn't the masterminds behind this scheme walk away with that cash? Because it was a mistake. Not a genius scheme being run in the shadows.

Please fet your basic facts right. Nobody in this thread is accusing IRON of being a ponzi scheme. IRON was a partially collaterized stablecoin. The quote about how non-collateralized stable coins require constant growth is from the founders of IRON explaining why they made IRON collaterized.

> So why isn't "the operator of the scheme" synonymous with "the central actor?"

Already explained in my last comment.

> You don't know what a Ponzi is and you're trying to save face, I get it

If you really thought you had an argument, you wouldn't feel the need to descend to this level.

Technically it has to be run from the Ponzi region of France.
He was Italian, C− for effort
I think we're splitting hairs with the definition, it's not a ponzi but it acts like a ponzi. It's a weird distinction I suppose, I personally have no qualms calling it a ponzi scheme because new money is needed to pay old money.
A Ponzi scheme without anyone running it isn't a Ponzi scheme.

> new money is needed to pay old money

WOW that's a broad definition. Turns out my 401k is a Ponzi!

Do you know the difference between, say, a pyramid scheme and a Ponzi scheme? Or is "new money is needed to pay old money" the most nuanced understanding you have?

> A Ponzi scheme without anyone running it isn't a Ponzi scheme.

Citation please.

> Do you know the difference between, say, a pyramid scheme and a Ponzi scheme?

A pyramid scheme can make money for all participants but makes much more money for people high on the pyramid. Rising up the pyramid depends more on recruiting skill than time of entry.

A ponzi scheme doesn't actually make any money but merely redistrubtes money from later investors to earlier investors.

Your pension, if you have one is a ponzi. Your 401k is your money subject to special tax rules.
It's pretty common, in the US context, to call Social Security a "Ponzi scheme".

The label is also controversial, but it should be an undisputed fact that people call it that, and it's obviously not particularly similar to Madoff's scheme.

Similarly, it's not hard to find people calling (particularly public) pension funds Ponzi schemes.

Forget "central actors" or whatever.

A ponzi scheme is a description of a certain type of fraud. We can reduce it to it being the fraud of claiming new capital as investor dividends. It's a little more complex, but at its heart, that's what you got to do.

If there is no lie about the source of the money, it's not technically not a ponzi scheme.

If that's your definition, fine, but lots of people use it in a looser sense and have forever.

Nobody wins in an argument over which definition of a word or phrase is correct.

Whatever happened to the debates over whether something was ironic?

That argument can be used in a lot of contexts where people wouldn't. Regardless/irregardless, literally, gif, decimate, etc.

And I'm not saying don't say it's like one, I'm just saying it's technically not one.

Tether is also non-collateralised, they just pretend the money is in ‘corporate paper’. All of these stable coins are a fraud.
FRAX has so far pretty successfully pulled off a partially collateralized stablecoin
And this is why leetcode is important. Oh they use that in their interviews? They aren’t a true leetcoder then.
Does this contract have a money transmission license? Selling an IRON or a TRON for USDC is money transmission. BSA requires money transmitters to be licensed in states where they operate, as well as register with FICEN, etc. How can we enforce them to comply at the state level? Can an individual sue the states to enforce compliance on the people behind this smart contract? Those that have lost money might have an incentive to start wanting money transmission rules actually enforced.
Were the devs even American? From reading the article and their bad grammar, it seems not. If so these US regulations don't really apply/have any consequences.
> Non-collateralized stablecoins require continual growth to be successful. In the event of a price crash, there is no collateral to liquidate the coin back into, and the holder’s money would be lost, as seen with many past projects trying to utilize such design [sic].

Isn’t that just a Ponzi scheme?

It sure sounds like it, new money needed to pay the old money.
(comment deleted)
A definition so broad it's meaningless. There was no Bernie Madoff here, no fraudulent scheme, just very poor design and outright mistakes.

What you're describing is what they tried (and failed) to avoid. How can you make it to the "I’m wondering if this can last mathematically?" part of this article and still think there's a mastermind behind all of this?

No, much different, in a Ponzi scheme you're fraudulently claiming that the high returns you're delivering your old investors are real, and result from your investing acumen, when in fact they aren't real, they're just money from new investors that was never invested in the first place.

This is more like if you bought a lot of dollar bills that were 75% backed by gold and %25 backed by Dogecoin. They are comparable in that both keep working as long as no one tries to cash out, and money keeps coming in.

"They are comparable in that both keep working as long as no one tries to cash out, and money keeps coming in."

So...a Ponzi scheme?

No, much different, in a Ponzi scheme you're fraudulently claiming that the high returns you're delivering your old investors are real, and result from your investing acumen, when in fact they aren't real, they're just money from new investors that was never invested in the first place.

They are comparable in one way however.

So it's an honest Ponzi scheme?
Bernie Madoff went to prison for fraud, what would "an honest Ponzi scheme" even mean?

I think a lot of people saw The Wizard of Lies and "Ponzi scheme" is the only financial scheme they're familiar with, so it gets thrown around a LOT.

So what you're describing is that this is a next-generation Ponzi scheme where nobody goes to jail but a bunch of people still lose money.

But yeah let's keep arguing over semantic definitions.

No, this isn't a Ponzi scheme. That's the only thing I've said. I think you believe "Ponzi scheme" and "scheme" are interchangeable.

Usually the go-to lazy catchphrase is "we're just arguing semantics!" but "semantic definitions" is new.

To be charitable, I think it’s more likely that this is an entire area where regulation hasn’t caught up so we don’t have any common names available.

These coins are ponzi-like in that only the earliest of adopters have any chance and only if they know enough to get currency out without hitting an inflection point that brings down the whole thing. But that’s where the similarity ends - the mechanism is different, they don’t operate like a Bernie Madoff and they’re honest about the whole process.

This is something else and while it’s Ponzi-like, it’s a different beast. I don’t think there’s anything particularly wrong with expanding the definition of Ponzi scheme for now, just so we have something to educate some irrationally exuberant retail investors…

A Ponzi-scheme is a specific type of scam, it's not a generic word for any kind of unsustainable investment or scam.

This whole thread looks like someone saying "No, a boat is not a car" and the other going "but it does have an engine, right? It's a car. Let's not argue semantics"

It depends on how the coins are stabilized. If they are stabilized by generating new coins and those coins ate given away to current holders (as opposed to sold to establish more collateral), then this is precisely a ponzi scheme.
Matt Levine had a great writeup about this:

> If the price of IRON goes down from $1 (good) to $0.95 (bad), you just issue some TITAN (worth $65) to buy some IRON until it’s worth $1 again. And if IRON keeps going down, you just issue some more TITAN (worth $60) and buy more. And if IRON keeps going down … [you can fill in some more iterations here] … you just keep issuing TITAN (worth $0.000000035) and at that point you’re not accomplishing much. If you could sell 286 trillion TITAN at $0.000000035 each you’d raise $10 million. That’s probably hard. There are 285 million IRON (formerly worth $1) outstanding.

So probably not a Ponzi scheme but also not a scheme that was created by someone who can think two steps ahead.

No, much different:

In a ponzi scheme, the perpetrators will not willingly directly reveal that it's a ponzi scheme.

In cryptocurrency, the perpetrators are honest and transparent about it being a ponzi scheme, but surround it in so much techno-babble that they make it sound like a ponzi schme is what you WANT.

This is happening right now with the hilariously titled "SafeMoon" cryptocurrency. You can find posts on the subreddit openly asking people to buy a few million for $25 and 'gift' it to their friends and family.
The hot new Ponzi scheme is EMAX, which even has celebrity endorsement! What could possibly go wrong. If you want to see an endless number of other Ponzi coins, check out /r/cryptomoonshots
These are not Ponzi schemes. In a ponzi you have a mechanism to distribute money to early adopters in the tree. These are just pump and dumps but you create and pre-mine the asset before pumping it.

There were ponzis some years back like OneCoin and BitConnect.

So basically a Ponzi scheme where only the earliest adopters get paid and everyone is remarkably open about that?? :)
Almost every scam gives money to the early adopters. It would only be a ponzi if they claimed that there was some kind of a business/mechanism that’s generating the revenue when it’s actually coming from the fools downstream from you. Usually it’s something like a guaranteed double digit interest on your money. You put the money in and receive the reward (from other people’s money) and that’s a strong psychological trigger to put more money in. You just saw it work and you have the check from the ponzi to prove it!

If you just have a large amount of a worthless asset and you convince other people to buy it on the market to pump the price up (mainly via social media and “influencers” these days) and then you dump it at the top then you have a…

I think OneCoin would be classified as a Pyramid rather than "just" a ponzi - a lot of shady MLM promoters got very rich through the recruitment incentives
>In cryptocurrency, the perpetrators are honest and transparent about it being a ponzi scheme, but surround it in so much techno-babble that they make it sound like a ponzi schme is what you WANT.

I think this isn't quite right in all cases. I think some people know it's a Ponzi scheme and genuinely do want a Ponzi scheme. They just want to get in and out quickly. It's gambling. Sometimes you're a victim and you lose money, and sometimes it works out and you make money.

Its like the Uber of Ponzi Schemes.

The main innovation is that there's no one to sue. The founders can just print themselves a bunch of coins and remain basically anonymous.

They also bypass regulation, because its on the web?

Regulators are asleep at the wheel. This entire category of 'technology' should have been snuffed out years ago for the good of us all. Now, look around us as GPUs and other chips are out of stock, cities face blackouts due to coin mining, and the major use of these coins is to fuel ransomware attacks that take down critical infrastructure.

All entirely pointless - or even outright negative - activity.

It sounds exactly the case to me.
Isn't that how USD works too? It only holds value if people keep wanting it.
Yes, and the government demands that taxes be paid in it, so there will always be some demand.
If a code error that was made that was supposedly 'dumb' wasn't caught that tells me the people behind this acted recklessly. This code error being described wasn't just dumb, it was catastrophic- locking up all the collateral. Is this collateral locked up forever, what would make Titan trade above 0? The code wasn't even audited, suggesting no care by the devs before release. Doing money transmission without a license is criminal offense- jail and fines in this case are on the table- all it takes is actual enforcement from regulators.
> Doing money transmission without a license is criminal offense

Who did the transaction though? These people? The eth network? Was it considered money? And where? Do these people live there who did the transaction? I am not saying you are wrong but this 'war on X' attitude never was a great idea, it also does not work as it is not a singular entity that is to blame. It is a vast network spanning countries.

Ignorance or not understanding the money transmitter rules is not a defense.

Focus directly on the entity doing the money transmission in this case- the smart contract IRON. They take in USDC and give out IRON and TITAN. IRON and TITAN are money substitutes. Money transmission includes anyone by any means conducting exchange of one type of money for another. Functionally that is what this contract is doing. The code didn't write itself, there are people behind it that released it, and they wrote it to conduct money transmission (a specific purpose). You don't even need to bring ethereum into the conversation to prove they are in violation.

I'm not sure I understand your comment about 'war on X' but I think it is a problem when there is an arbitrary application of these laws and unfair dealing that we see by regulators within the crypto industry. Maybe this is natural (self interest), and maybe it isn’t entirely their fault (limited resources).

I saw a twitter thread from a lawyer saying the SEC doesn't determine if something is a security, the courts and congress do. Then why are we obsessed with the SEC’s opinion? I speculate that we just need court cases and we do not need the regulatory authority to bring the court case. Maybe that is the problem to solve.

> Focus directly on the entity doing the money transmission in this case- the smart contract IRON. They take in USDC and give out IRON and TITAN. IRON and TITAN are money substitutes. Money transmission includes anyone by any means conducting exchange of one type of money for another. Functionally that is what this contract is doing. The code didn't write itself, there are people behind it that released it, and they wrote it to conduct money transmission (a specific purpose). You don't even need to bring ethereum into the conversation to prove they are in violation.

If I write a smart contract and publish it to github, but someone else deploys it, is the other person doing the "money transmitting"? What if we don't know who actually published it (which is very possible since all you need is a small pile of ETH to deploy)?

Interestingly, this is actually what happened when curve (decentralized exchange) launched their token [0]. Some "random person" deployed the contract and then a few hours later curve said "yeah, that's our contract code, we'll use it". People hypothesize that someone from curve launched it in an attempt to avoid certain laws.

[0] https://cointelegraph.com/news/anonymous-developer-deploys-c...

If you just write the code that does money transmission and share it on github, not host it, not put it in production, then no you aren't doing money transmission, you just wrote some code and shared it. If someone takes that code and puts it in production, then they are doing money transmission.

I think people are trying to use the idea that ethereum works differently than AWS, but that doesn't matter. The point is the owners or writers of that code wrote it and put it out to the world with intent or purpose to do money transmission. They published that code, paid the gas fees to do so on ethereum. Now anyone can interact with it.

If you want to prove that ethereum is different please state step by step why it is the case.

> I think people are trying to use the idea that ethereum works differently than AWS, but that doesn't matter. The point is the owners or writers of that code wrote it and put it out to the world with intent or purpose to do money transmission. They published that code, paid the gas fees to do so on ethereum. Now anyone can interact with it.

The difference is that you have full control and ability to change the application that is deployed to aws. On Ethereum, you have whatever control you gave yourself, which in most cases is 0, you're not able to modify the application, or even take it down (this is desirable so people don't have to trust you).

To me you're not involved in the process if you have no control over the application that is doing the "money processing".

I have to disagree, but will consider your argument. I just don't think you can write code that does money transmission and publish it and say you are now not doing money transmission because you can't modify it after it is published. Paypal could write some code and publish it on AWS, perhaps they make it so that they can never modify it every again and imagine it functions just fine. Are they now not doing money transmission?
There is another issue though, on AWS, Amazon knows who you are. On Ethereum, unless you openly say you published that code, there is not many recourse to find you.
That is a separate question though- whether someone can be found.

Most large defi projects are not anonymous. Many have VC backing, are on discord, etc.

The line of source code cited in the post isn't immediately evident in the Iron Contracts repo:

require(_share_price > 0, “Invalid share price”);

https://github.com/IronFinance/iron-contracts

Is it in a different repo? Does it exist?

Not unlike many package repositories (PyPI etc.) and GitHub, the actual code a smart contract is running doesn't necessarily have any connection to what's in some GitHub repo. The only way to know is to look at what's on the actual blockchain.

(If verified source is published, you can see the actual code; else you'd have to decompile the EVM bytecode. But basically 100% of the time, if verified source isn't provided then it's a scam, so it's safe to just ignore things without source. And, of course, even if verified source is published, there's still a high chance any given contract picked out of a bucket will be a scam, but at least you can review the code and spot the backdoor.)

(comment deleted)
I found this article interesting, but the HN title ("Off-by-one error...") doesn't match the article's, or its conclusion?

The article mentions a boundary condition ("_share_price > 0"), not an off-by-one error.

The off by one error is that the condition should have been >= 0
(comment deleted)
"An off-by-one error or off-by-one bug (known by acronyms OBOE, OBO, OB1 and OBOB) is a logic error involving the discrete equivalent of a boundary condition."

And these are discrete numbers, so I don't see the problem.

A huge fraction of off by one errors are > vs >= or < vs <= in a for loop.

Now everyone with USDC locked in the contract has a strong incentive to push the TITAN price above 0, in order to unlock their coins. OTOH everybody wants to dump TITAN at any price, but again only at a price >0. There should be an equilibrium where TITAN is valued exactly 1 tick above 0, if there is a concept of “tick” in TITAN.
Since the price is not an integer, this is not an “off-by-one” error. No? It was the common mistake of writing `>` when `>=` was intended.
What do you think would be a better name?

I kind of agree with you, but then, since it would fit for integers, I can’t think of a better name and could live with some generalization of “off by one”. I’m not a mathematician but maybe something like “off by n; n -> lim 0”

Amoung my friends when we used to do ACM programming competitions we called it “Off by equals error” since it was actually a fairly common issue in those types of programs and it was useful to have a name for it.

“I think you are off by equals here”

I’m not sure. Since it is related to the distinction in mathematics between open and closed intervals (except on computers we have floats in instead of reals), maybe “interval error” or “endpoint error”. But not “bounds error”, of course.

EDIT: Or maybe “comparison error”. I like that the best. But calling it an off-by-one seems wrong, especially as what we usually mean by that is something more like not handling the last iteration of a loop correctly.

It's a boundary condition error.
Are prices really not integers? That alone seems a huge design flaw. BTC prices are integers (in units of Satoshis, which are smaller than BTC).
Oh, I don’t know. I was assuming they were some kind of fixed point number.
TTN is not at 0. It's at $0.00206950, which ought to pass what the poster claims is a bad > 0 error test. So what's really going on?
(comment deleted)
Did these people also write their ”smart contract” in anything resembling JS?
I have never read so much about nothing as I have when reading about some new coin. It's worse than a pyramid scheme. At least there, you end up with a decade-worth of skin cream.
You're talking about multi-level marketing. Which isn't quite a pyramid scheme (even though it is pyramid-ish).

Pyramid Schemes have the originators (the "top" of the pyramid) win lots of money, while the base (the "bottom" of the pyramid, where most people are) losers. And the top barely did any work to get there: they just took the money from people below them.

You are correct, good sir. As you point out, both are somewhat the same: your value increases as more people buy into the illusion of value.
Many MLM companies fit the legal definition of a Pyramid scheme (and have faced consequences from the FTC in some cases).

The general rule is that if the majority of money does not come from selling to retail customers (either directly or downstream), but rather from recruiting new members, then it's a pyramid scheme.

There really is no "general rule" as evidenced by the fact that companies accused of being MLMs have gone on as publicly traded companies for ages, while even billionaires and hedge fund managers have feuded about whether it is a scam.

See: Herbalife and Ackman vs. Icahn.

Or AFLAC. (I'm not saying they are an MLM, but I've been personally approached for a "job" that seemed to be sales with no qualifications needed and I wondered)

My general rule is paraphrased from the FTC website[1]

There's more detailed information on a different page[2] including the following quote which I think supports the general rule I listed in my original comment:

> ...[Amway's] sales plan was not an illegal pyramid scheme. Amway differed in several ways from pyramid schemes that the Commission had challenged. It did not charge an up-front "head hunting" or large investment fee from new recruits, nor did it promote "inventory loading" by requiring distributors to buy large volumes of nonreturnable inventory. Instead, Amway only required distributors to buy a relatively inexpensive sales kit. Moreover, Amway had three different policies to encourage distributors to actually sell the company's soaps, cleaners, and household products to real end users. First, Amway required distributors to buy back any unused and marketable products from their recruits upon request. Second, Amway required each distributor to sell at wholesale or retail at least 70 percent of its purchased inventory each month -- a policy known as the 70% rule. Finally, Amway required each sponsoring distributor to make at least one retail sale to each of 10 different customers each month, known as the 10 customer rule.

Lastly, just because people disagree about the nuances of the rule, does not mean the rule doesn't exist. I feel very comfortable with my original statement, and those in favor of e.g. Herbalife would vigorously argue that meet my definition of MLM, while those who think its a scam would argue that they don't meet it.

1: https://www.consumer.ftc.gov/articles/multi-level-marketing-...

2: https://www.ftc.gov/public-statements/1998/05/pyramid-scheme...

Herbalife was fined $200 million by the FTC a few years ago.

Bill Ackman declared: 'Herbalife has actually been shut down by the FTC, they just haven't realized it yet'

But Herbalife management, and Carl Icahn, said that the FTC had determined it was not a pyramid scheme despite the $200M fine.

The chair of the FTC denied that they determined it was not a pyramid scheme - but at the same time, they carefully didn't say it was.

I'm just saying you can't really treat the FTC as the ultimate authority, because even they don't know.

MLM is about concealing your status as a pyramid scheme from investigators, in the hope that either their resources are too limited to chase you or that by the time they do you've cashed out anyway.

On a forum I used many years ago a regular was forever pushing an MLM and I investigated how it worked, just to try to understand how screwed he was rather than out of any misunderstanding that MLMs are a good idea.

It was one of those health juice MLMs, and what I realised was very clever was that the business structure was set up so as to on the one hand make it less obviously an MLM, and then on the other hand ensure the scammers were insulated from the scam.

There's a pretty ordinary over-complicated compensation package, with tiers of distributors getting a percentage from those beneath them in a structure that sure looks like a pyramid - and imaginary "consumers" who buy at the supposed retail prices at the bottom of the pyramid. But the juice itself is bought exclusively from a separate company at an inflated price.

If the government shuts down the MLM company, few there were getting rich, it's just a handful of people out of an office somewhere. The big money flows into the juice manufacturer selling this awful tasting muck - and they can claim they know nothing about any pyramid scheme. Selling cheap juice for lots of money isn't a crime it's just capitalism.

> You're talking about multi-level marketing. Which isn't quite a pyramid scheme

Aunt Meg, is that you? I told you to stop it with the essential oils already.

She’s this close to getting her Lexus*

* (A lease in your name on Lexus that they will cover the payments on so long as you keep consistently bring in a statistically unlikely amount of product every month for the entire 72 months you were signed up for)

I missed out on the unregulated ICO rush because I thought you had to, you know, develop a new blockchain technology for your new cryptocurrency, which is really hard, and I was busy.

Much later I learned all you had to do was copy and paste a Solidity program and then promote it.

Guess I dodged an ethical bullet in my ignorance, but still...

You can create a new coin in a couple hours, the "hard work" is in selling and promoting it...
with bitclout it's now a couple seconds.
…and for Americans, not getting in trouble with the SEC.
Is "unthought" some trendy positive-vibes-only newspeak for "didn't think"? Or just an artifact of non-native english?
This may be a stupid question but: is it actually possible to have a price less than zero?

TFA suggests that this line:

    require(_share_price > 0, “Invalid share price”);
...should be "greater than or equal." But if the share price can't be negative then you'd want to just use an unsigned int and not pay for a require statement, right?

Isn't everyone passing around uint256's these days?

unsigned integers cause more problems than the additional range is worth.

If you ever run into negative prices you want them to be negative, not positive in the trillions.