I haven't followed Ethereum since the whole DAO debacle. I was very excited about the technology but the way the whole hard fork/Ethereum Classic thing was handled really turned me off. Has progress been made on formally verifying contracts or anything like that? And why aren't more people bothered by the whole hard fork thing?
I supported the fork because it was the rational decision to make under the circumstances. I never invested in the DAO or cared about the investors. The simple fact is that the theft was significant enough to cause an unacceptable and pointless security risk to the network.
Fortunately for us, there was a built-in delay in the DAO contract which provided the foundation and community with enough time to engage in public debate and determine the best solution. That solution was to carefully recover all the funds from the attacker without creating any negative externalities on innocent bystanders. In this sense, it was not a rollback as no other transactions were affected. Consensus was achieved on this goal and the community resolved the situation as expected. Despite all the ignorant comments and trolling, the truth is the HF worked out brilliantly.
The extremists, fundamentalists, and other ideologues who rallied to defend the theft because of their false notion of immutability and demented claims about "bailouts" never came close to understanding the severity of the situation. They never had the moral high ground nor the stronger end of the argument. I'm very pleased they didn't get their way.
In my view, the foundation and community handled the DAO debacle in a responsible, decentralized, open-minded, and respectful manner. I was not turned off in the least by the hard fork decision. In fact, it only strengthened my conviction and trust in the Ethereum project.
Yep, TheDAO fork represents one of the best things about the community, which is a)ability to make rapid, high pressure decisions, yet still offer fair choice to everyone.
People forget that the ETC exists and is viable for anyone who wants it.
Everyone needs to stop talking about developer losses and whatnot. They gave us a choice, there is 100% consensus on the ETH chain, and there is 100% consensus on the ETC chain. If you want to blame anyone, blame the users. But the dev team has been incredibly top notch and professional all around.
That's interesting. My problem with Ethereum was they seemed to think that the need for trust, based on social interaction, could be completely eliminated through software contracts. That seemed to me to be impossible, in part because you could never write a software contract that would respond correctly in every possible situation that might arise.
I am glad to here that I misunderstood how Ethereum works, and when thing go south human beings can intervene to get them back on track again. That's not perfect but it still seems to me that for many sort of matters it still would be a lot better than how the world presently works.
I think the current Bitcoin situation is really showing that rapid, organized hard forks when problems occur is an extremely good thing. Bitcoin is currently frozen in time, since there are two major competing clients, and neither dare make any incompatible changes for fear of creating a fork, and right now neither has a majority.
A decentralized cryptocurrency is a lovely ideal, but in the dirty real world, Ethereum and its ilk will win out.
The problem is not with forking to develop the protocol. Certainly, that is a good thing, and BitCoin's inability to do so is a serious issue.
The problem is forking to undo a specific transaction. That should never happen. The fact that so many people over-invested in a risky experimental project that they felt they had to sabotage the protocol to protect themselves reflects very poorly on the community.
Technically, no transactions were undone, but the fork agreed to new rules set in the future. The users of the new version also had a choice if they wanted to support the fork or not, the majority went with the fork.
Ability for a community to set and agree to new rules is healthy for a blockchain and it makes it more likely that Ethereum can evolve and successfully hardfork to Proof of Stake (PoS) mining in the future.
Nice whitewashing. While you are technically correct that no transactions were undone, in practice a theft was (largely) reverted. You are also misrepresenting "users' choice" with regards to supporting the fork. If you make a transaction and everyone moves onto a different chain in order to effectively cancel your transaction, that's censorship of transactions. Censorship was a good choice in this case, but let's not pretend it's something it wasn't.
> If you make a transaction and everyone moves onto a different chain in order to effectively cancel your transaction, that's censorship of transactions.
If you don't like what NYT says, and you cancel your subscription and subscribe to WSJ (and let's just say that millions of people do the same thing, possibly due to some event), have you effectively censored NYT then?
The fact is, censorship has a meaning, and the way you're using the language, abuses that. We didn't censor Ubuntu when because of their unity decision lots of people moved to Linux Mint or to other distros.
We didn't censor Digg when it lost a huge traffic to Reddit after the v3 changes.
Uber wasn't censored when after the controversial immigration changes by Trump, people started to delete uber app and ride Lyft.
Censorship is when an organization forces your speech from all effective expression.
Will ETC be invoking censorship when they hard fork to eliminate the upcoming Ice Age baked into the Ethereum protocol?
Your analogies about choice do not really play here. This is about telling someone "we didn't cancel your transaction, everyone just decided to move onto a chain where it doesn't exist". (Also, you are correct that I was abusing the term 'censorship'.)
Look back to the screenshot in my post. Censorship is when you conceal information. The screenshot clearly specifies a yes/no choice without leaning to any choice. (it specifies you can use any chains you want, both buttons are blue).
If only the bitcoin core developers were as brave as that to put something like this in their client and let the community reach consensus! "Hi, we are over capacity. Do you want bigger blocks? Yes / No". Instead, we see any post that doesn't fit their narrative deleted. Now that's censorship.
I'd be concerned. But the community already accomplished that by recklessly creating the situation in the first place, from which there was no truly good outcome.
I understand and my knowledge of cryptocurrencies is very limited, but from what I understood, there was no "bug" in Ethereum itself; there was a loophole in the DAO contract script that someone exploited. To my uneducated-about-cryptocurrencies mind, hard-forking based on that sets a terrible precedent, and shows that users of the currency are willing to have that happen again if a similar situation arises, giving me absolutely zero trust in the system.
I haven't kept track of this very much, and am curious: why might the fork not have happened if Ethereum was older? Assuming the undesirable transaction happened relatively close the the point of forking, only a small number of descendent transactions would need to be reverted, right?
No transactions were reverted. The rules were changed so the account with the "stolen" ETH could be drained to an address without the owner's approval.
But for this to happen, a hard fork was needed and if enough of the miners would have rejected that, it wouldn't have happened.
In part, this is exactly what happened. The hard fork was done but a group of miners used code without the new rules, therefore creating a separate blockchain.
Ethereum is the Ethereum blockchain where the DAO hacker was drained, Ethereum Classic is the Ethereum blockchain were their account wasn't drained (lots of turmoil followed on the ETC chain but that's a different issue).
>A decentralized cryptocurrency is a lovely ideal, but in the dirty real world, Ethereum and its ilk will win out.
So basically you're saying centralized, institutionally backed and controlled currencies are better, or at least you're saying that hard forks are ok. Ok great. We have the dollar for that. Why even bother with cryptos.
We have the dollar for that. Why even bother with cryptos.
Network-based trust decentralization, even with limitations on its effectiveness, does provide somewhat provable insurance against state actors. Currently, state actors and state actor based monopolies are the biggest barriers to financial service innovation and essentially seek a continued global monopoly on financial systems access and financial systems derived intelligence feeds, largely self-justified with 'four horsemen of the internet apocalypse'[0] FUD[1].
People don't realize that bitcoin is small-scale. If a powerful government had an interest in overtly or aggressively disrupting it, it'd be dead overnight, on both technical (51% attacks) and practical grounds ("rubber hose cryptanalysis"; large portion of mining power is China-based, where they already have a massive network censorship appliance).
The blockchain is not an effective "insurance against state actors" on the macro scale.
Bitcoin is doing very well for those wanted an uncensored decentralised currency. If you want to make many transactions for small amounts at a time, you want to use something else.
I think of it like physical gold, but with more utility - you don't use it for day to day transactions, but as a store of value it is very good.
I would ask an opposite question, why were so many people bothered? When the fork happened, Ethereum was just a baby (and still is). It was barely out of Alpha (Frontier) stage, in very early Beta stage.
Letting the hacker walk away with millions at that point would have been silly. It was enough Ether to give the hacker the funds to DOS the system to death for years to come if he wanted to.
> Letting the hacker walk away with millions at that point would have been silly.
The issue is, the person wasn't a 'hacker' in any meaningful sense of the word.
Etherium claims to be "a decentralized platform that runs smart contracts: applications that run exactly as programmed without any possibility of downtime, censorship, fraud or third party interference" (from etherium.org). That is, an Etherium program doesn't implement a written contract, it is the contract.
Despite this lofty goal, the core team saw fit to hard-fork the chain because they didn't like how a particular program was executing. The claim that the 'hacker' had 'stolen' funds from theDAO is ridiculous - you can only steal what doesn't belong to you, and ownership of theDAO's Ether is defined by the program itself!
More broadly, the hard-fork seems to imply that an Etherium contract is really made up of two contracts. One contract is the program itself, which explicitly spells out what is and not allowed. The other contract is an implicit understanding of what the program 'should' do, and exists only in the minds of the creators of the contract. The issue arises when this implicit 'contract' is used to override the real contract - flying in the face of how Etherium claims to work.
A much better solution would have been to try to address the underlying issues in Solidity - perhaps requiring future contracts to explicitly allow recursion? I personally question the decision to use a Turing-complete language to express contracts in the first place.
Turing-complete language is just the base layer. You could build more limited languages (decidable languages) on top, which are more appropriate for smart contracts.
There is a new decidable language that compiles to EVM bytecode: https://github.com/ethereum/viper
Visually it looks similar to Python. The language is not turing complete, and one of the advantages of this is it's easier write bug free code and easier to verify that the code is doing what you think it's doing.
The reason why the entire EVM is turing complete (and not more limited) is because making it decidable instead is harder than making it Turing complete and would have made the protocol more complex:
https://github.com/ethereum/wiki/wiki/White-Paper#computatio...
A Turing-complete language is base layer: you can build any paradigm you want on top.
If the hacker really thought he hadn't committed theft, he could have revealed his identity and sued the developers. My guess is he would have ended up in prison that way.
Since the hack, various small improvements have been made to Solidity, the Foundation hired someone to work full-time on formal verification, there's the new Viper language which is easier to verify, and the community has gotten a lot more serious about coding standards and security audits.
> he could have revealed his identity and sued the developers
TheDAO very explicitly states that you can't do this: "Your use of the Software does not, in and of itself, create a legally binding contract in any jurisdiction and does not establish a lawyer-client relationship. Your communication with a non-lawyer will not be subject to the attorney-client privilege and (depending on your jurisdiction) may not be entitled to protection as confidential communication."
Honestly, though, I have absolutely no idea what would happen in a legal case involving 'smart contracts', as I don't think there's any precedent involving treating computer programs as contracts.
> Honestly, though, I have absolutely no idea what would happen in a legal case involving 'smart contracts', as I don't think there's any precedent involving treating computer programs as contracts.
Smart contracts aren't legal contracts, though they may be evidence of the existence and content of one.
Of course, strictly speaking that's true of the written documentation of a contract, too.
That quote doesn't seem like good news for the hacker, since it seems to say the contract code is not a legally binding contract (and therefore doesn't govern legal ownership).
Like I said in another comment, there was no bug in Ethereum, there was a loophole in the DAO contract script. In my mind, this is somewhat akin to creating a new currency, and then when a major bank trading in/holding that currency gets robbed due to lax security, the bankers decide that everyone needs to round all the currency up and rewind time and pretend like that never happened as a solution. Who's to say that won't happen again? I know that the DAO is instrumental to the early success of Ethereum, but what if some other major third-party is attacked in a similar way in the future? Are we just going to hard-fork every time something like this happens? What happens if/when Ethereum takes off, and eventually is used for elections or something? Will undesired election results cause hard-forks by the dissenting party? It just seems like a slippery slope to me, with no solution other than "well let's hard fork it now and reserve the right to hard fork it again in the future".
It also concerned me that it sure seemed like nearly everyone who was in favor of the hard fork had invested in the DAO and nearly everyone who was against it had not.
Consider it a light preview of the chaos is to come when courts get involved and make rulings about required transfers of assets and decide to hold people in contempt when they claim they technically can't transfer them.
The inability to undo financial transactions based on ownership claims instead of hard currency flies in the face of centuries of expectations of modern society.
Evidence of past ability to undo transactions via hard-forks will create "interesting" legal conundrums for anyone trying to claim to a court it can't be done.
In practice, courts will say "pay the expected value of replacing the loss in USD", as they've always done for transactions that can't be undone. Permanent transactions are not a new thing to the legal system - if, for example, you sell a one-off art piece to someone else, then they sell it to someone else, and a dispute arises between the first two actors, the solution could not be to return the art piece.
For monetary transactions that's fine. But they are not the only type of smart contracts. Consider the people trying to e.g. bootstrap systems for using the blockchain as a share ledger for a company for example. There the court will just say "X is the owner of those shares. Ensure the record reflects that." If the system they have chosen for the ledger can't let them rollback a transfer because of a bug, that is the company's problem.
There are a lot of potential circumstances where people will need to find human workarounds for the supposed immutable nature of these blockchains because courts will simply say "this is how it is; make it happen". The above example is "simple": The company can worst case just pass a board resolution to replace the ledger and/or reissue it.
But it is a demonstration that the immutability of the ledger will often be irrelevant, in the face of a court that says "this is the truth now".
Surely if you're able to undermine the trustless nature of them, they weren't trustless in the first place - i.e. you're merely trusting a possibly larger group of people to fail to come to an agreement on changing the protocol.
If a rogue journalist gets "Donald Trump is great" article published in NYT, bypassing the Editorial board, and 95% of the audience and Editorial board leaves and subscribes to a 'New New York Times' paper started by the same editorial team, has it undermined 'Free Speech'?
Has it undermined their motto "All the news that's fit to print"? Keep in mind, the old NYT still exists with 5% of original capacity.
forks are part of the protocol but the vast majority of them are tossed away due to the miner incentives to stick with the most popular chain. a hard fork happens when there's either a widespread bug that conflicts with older/other clients -OR- when there's a consensus failure in the population using the chain.
in The DAO's case, there was a consensus failure in the population but the majority decided to go along with a recovery. There were good reasons to go either way but most people decided this was an experiment, it's early stage, and a move to PoS would be more difficult with a wealthy attacker. I invested but did not want to fork because I was willing to take on the risks. I lost out but I still stick with the main chain because what matters is where we're going with this not where we are. It was a valuable lesson for the community, devs have heavily stepped up investment in security and stability, I doubt anything like it will happen again as even those who were in favor now understand the damaging effects it can have.
still, if you look at the effects it's pretty interesting. You now have ETC and ETH and the market caps for each have waved to reflect the interest in the two competing ideologies. this means blockchains resolve failure through replication and the social effects that happen after can retroactively decide who the winner is or, as it is in this case, you now have two compatible technologies going different directions. ETC is staying PoW, ETH is moving to PoS, both have different governance attitudes and the split has been mostly amicable. not too bad.
edit- I should note this is also true of Bitcoin. the only reason it hasn't split is because its miner and user culture strictly adhere to immutability. if the population decided immutability didn't matter, it wouldn't. there are points of resistance to push back on the way people are but ultimately these things don't run themselves. they depend heavily on incentives.
> I doubt anything like it will happen again as even those who were in favor now understand the damaging effects it can have.
That's one my my main concerns - the hard fork has set an incredibly dangerous precedent. Etherium has shown that it's willing to jettison the idea of 'code as contract' whenever the code ends up doing something 'bad'. In the case of theDAO, 'bad' meant anything from "people losing a lot of money" to "we found a 'bug' in an experiment that still isn't ready".
Consider the "dangerous precedent" to be their first run-in with the realities of human society: We've long ago decided we did not want to be subjected to mindless, letter-of-the-law application of rules.
Substantial amounts of case law deals with exceptions and courts ruling on how to make things good in situations where there were disagreements between people over what the rules were meant to be, and most of them will not go away just because there's a computer program that can decisively tell us what the outcome of executing the rules exactly as written will be - a court can, and does, for example find that the rules contradict the law, or that the rules are so one sided that they imply there is no meeting of minds and therefore no valid contract.
Substantial amounts of literature lampoons the very idea of static rules to govern behaviour. E.g. Asimovs three laws of robotics represents not an ideal to strive to, but the backdrop that let him spend story after story showing how seemingly straight-forward rules and be circumvented, coopted, or hav unintentional side effects.
As societies we decide to make concessions and wave away rule breaches all the time when it seems like the right thing to do.
Systems that mindlessly apply rules in ways that are hard to reverse are going to have tough run-ins with societies where every enforcement mechanism includes expectations of being able to override rules.
This is my big problem with systems like Ethereum: Courts will eventually demand some transaction or other to be undone. If the other party can't be coerced into doing it, sooner or later they will issue decisions to e.g. some service provider or software developer to do it. When they can't do it, odds are bad decisions will get made. And eventually badly written contracts will create conditions where there is no way for contracts to get undone in ways that will satisfy the courts. It's going to take a long time to settle how to handle this in a sane way, and I'm willing to bet someone will eventually end up in prison in the meantime either because the courts fail to understand the technical limitations built into the system, or because they do understand them and decide someone is responsible for some transaction anyway if they chose to use such a system.
you have to look at the full precedent though which is that forks can be used to keep a chain nimble and if you do disagree with where the majority goes you can still use the unaffected chain with others who feel the same. I don't mean to downplay, there are very serious effects that come from unforeseen forks and they should be avoided, but the dogmatic view just doesn't hold any weight with me anymore. Bitcoin will fork eventually. It's mostly fear and apprehension that has kept it where it is.
> you have to look at the full precedent though which is that forks can be used to keep a chain nimble and if you do disagree with where the majority goes you can still use the unaffected chain with others who feel the same
That's probably true in general, but the idea of 'code as contract' is supposed to be one of the defining features of Etherium. If the project wants to move away from that, then it should stop pretending that smart contracts are "applications that run exactly as programmed without any possibility of downtime, censorship, fraud or third party interference."
This all makes sense to me as these cryptocurrencies mostly remain experiments with minimal effect on the real world, but what happens if one of them takes off, as they all aim to? Society can't handle its underlying currencies forking and splitting all the time. Why should I trust Ethereum ever again after the DAO hard-fork?
I would argue that today ironically the chance of Ethereum forking again due to a poorly written contract is much lower than it was a year ago. Many lessons were learned and the community is much larger. Also many people who supported the Dao fork, would be against the fork today, because there is no more excuse that "we are early and we don't know how to write secure contract code".
The recursion thing was an interesting loophole, and we now know to avoid it when writing contracts. What if there is another interesting loophole that we haven't yet discovered, and that gets exploited? You say,
>Also many people who supported the Dao fork, would be against the fork today, because there is no more excuse that "we are early and we don't know how to write secure contract code".
but what you really mean is, we've identified a single "attack vector" and now know to avoid it. And, in the process, we've set a precedent that the discovery of any sufficiently large-scale-affecting (or core developer-affecting?) "attack vector" can potentially result in the software contracts being overridden by human action, i.e. a rollback and hard fork. Thus, I personally see no reason to trust the Ethereum network, even though it's full of really cool ideas and technology.
> What happens if/when Ethereum takes off, and eventually is used for elections or something?
Not meaning to be snarky, but does anyone seriously believe that? Sometimes I do think software-engineers should go and try to understand processes of non-techies a bit more.
> I would ask an opposite question, why were so many people bothered? When the fork happened, Ethereum was just a baby (and still is). It was barely out of Alpha (Frontier) stage, in very early Beta stage.
Was this fact communicated out to the people who invested $150 million in Ethereum? Attracting a hundred million dollars in investor money, then failing and saying "woops! that was just a test run.", I'm not surprised some people were bothered a bit.
The crux of the matter is that some people were way too confident about the viability of their product, and as a consequence a lot of investor money was lost. One or more programmers somewhere were too impressed with their own skills, without the ability/willingness to see the weaknesses.
I disagree. When the Ethereum protocol changes as a consequence of a weakness in the DAO, they are essentially the same entity. I agree that the point of Ethereum is to be the lowest layer protocol, and thus independent from what runs on top if it (like the DAO), but this clearly isn't the case when the core protocol changes as a result of a bug in an app running on top of it.
I am bothered by it and steer clear of Ethereum, although the basic premise & ideas behind Ethereum interest me. There have been (4) hard forks so far. Of great concern was how the DAO fork/vote was conducted, this article provides a good summary:
I wouldn't be surprised if ETC gains more popularity for adhering to the decentralized principles but I have no idea who is at the helm in terms of development for ETC.
ETH has seen a tripling in their value in the last few months. Definitely, the platform is a serious one, with serious goals and isn't a "shitcoin" (1000+ coins that fork bitcoin and pump and dump). They have buy-in from some major/bluechip players in the tech industry.The creator of ETH has stressed that ETH is a new technological experiment and volatility is part of the norm. So don't throw your life savings into it.
ETC has hardforked since then also, and will hardfork again in order to defuse the upcoming difficulty bomb. Hardforks, although not ideal, are needed at this point in time in order to facilitate technological progress
One side claims the blockchain immutability has been breached by draining the black hacker's DAO.
The other side claims, it hasn't been as there has been no rollback of transactions. In that view, it was just an additional special case rule added to the code that removed the usual restriction for one specific address.
Whatever side's opinion you share, there is one good thing that has achieved by this hard fork. The community has been split along those lines and the group that went Ethereum Classic is for the most part no longer involved with Ethereum.
Besides small bickerings on Twitter, there is no drama about this anymore and the Ethereum community is no longer concerned about this event (although not the obvious problems with the complexity of smart contracts but that is an on-going effort).
Imagine if Bitcoin would have split up along the SegWit / Big Blocks lines. We wouldn't have had a standstill for 3 years and we would have been spared that constant drama.
"Bailout" generally means you paid off some group of people by taking money from taxpayers. In this case, the only person who lost money was the thief. I'd call it a recovery of stolen funds.
I was not invested in TheDAO but supported the fork mainly because (1) to anyone who's not a blockchain purist, if you can recover a stolen $50M you obviously should, and (2) it was early days, and the precautions the contract authors should have taken were undocumented and basically unknown to the community, so I thought more leeway was justified. Even the official documentation had similar flaws.
Because most people aren't lawyers whose job it is to defend bad actors and deflect blame on to good actors for enabling the bad actor to carry out their bad act in the first place.
If you're arguing there should have been no hard fork, then you're defending a person whom you know is guilty of an $80m robbery.
You can claim that technically it wasn't robbery, and they just found the money unattended while searching for unattended money in a bank, but any reasonable person would interpret that as theft.
Meanwhile, as you're fixated on how wrong Ethereum was to protect itself from a significant % of ETH falling in to the hands of a bad actor, there's a much larger issue in the cryptocurrency world right now which is mining centralisation in cryptocurrency and Bitcoin in particular. It was viewed as merely theoretical once upon a time but now it's very much an issue and crippling the use of Bitcoin as a currency and as a project. Status.im is just one example of that. It could have been built using Bitcoin but it's using Ethereum because it's the more progressive platform / currency / blockchain / ecosystem.
An interesting project that tries to tackle governance and the formal verification aspect of smart contracts is Tezos (https://tezos.com). I find their approach very appealing and I think it has the potential to grow big, while retaining a solid foundation. It's worth reading their position and white papers.
