After one hour, wire transfers sent in error are no more recoverable than crypto.
How the thieves knew so much about the process and timing is supposedly being investigated, but no one is holding out much hope. And the attorneys have a strong incentive to cover up any evidence of intrusion on their side, assuming it was their infrastructure infiltrated.
I’m not sure I fully understand, in retrospect, the desire to shave off inconvenient corners for large life events you do so rarely. I think there’s real wisdom in some of these things being so slow and old school.
I saw a variation of it first hand at a company I once worked at. The scammers gained access to the lobby of the building, removed the post and replaced it with invoices with different bank account details on.
As an attorney I used to look at a lot of boilerplate skeptically but is a RE attorney told me I had to sign in the presence of a clergy, my mother and law, and three local stray dogs I'm marching my butt to a pet store and making some calls without a question.
Same. I’ve seen people but one car over another just because it was available nearby instead of a half hour bus ride away. How many times in your life do you buy a car that an extra half hour is significant?
> Here’s how these scams usually go down: A thief hacks into a real estate or title company’s computer system and then studies the transactions, from the language used to the format of the wiring instructions. When the scammer strikes, he or she will often pose as someone from the real estate or titling company to instruct the buyer to wire funds to them.
The receiver account can still be seized by government institutions though, something much harder with cryptocurrencies.
I really don't get it, because I have to provide my ID every year or so for verification. I really don't get how these scammer can get away with that, but obviously every time.
That is hardly an advantage for the victim. Come to think of it, that's a (rare but realistic) threat for normal, licit commerce.
I receive several cold scam calls per day and I’ve known people who have done things like purchase a home and been inundated by fake calls from “the underwriter” and other scams.
Is there no mail and telemarketing fraud enforcement any more?
A lot of scams do feel like low hanging fruit that would be easy to track down. I think there is a lack of will and capability for resolving "small" scams of up to a few thousand dollars which can be crippling for individuals.
In my view, this mess is temporary. It's caused by a partial transition from an old system (manual via solicitors, cheques, and bank managers) to a new one. The old one was pretty reliable, but involved a lot of expensive people. The new one is like operating in the matrix. When communications happens electronically, the checks built into the old system break down and it's near impossible for a human to know if a electronic message is real.
It is not near impossible for a computer to know of course. A computer validate a series of cryptographic assertions anchored at the titles office relaying what bank to credit, and it can do with far greater accuracy than the old "human relationship" system, and it can do it in factions of second. But right now we use the new system to communicate because it self evidently more efficient to do so, and still use the checks from the old system to validate those communications.
You see this all the time. Phishing fraud, where accounts are sent fake invoices from what appears to be a valid supplier is essentially the same thing - humans using eyeballs to verify an electronic document is valid (which is essentially impossible), as opposed the supplier just signing it and the bank account details it contains.
It's almost comically bad. I was asked by the accounting section of one of the top computer contracting organisations to verify I controlled another bank account. They demanded a bank statement to prove it. Problem: the details on the bank statement were inaccurate. I raised a ticket with the bank to get it fixed, but as seems to happen depressingly often the bank screwed it up. So in the I downloaded PDF, edited it, rendered it to TIFF, added noise, and sent it. It was accepted of course.
Right now most organisations are wide to being exploited because they are communicating electronically, and using eyeballs to validate the result. They seem oblivious to the idea The Matrix wasn't just a move, it was a prophecy. And now the future it prophecised has arrived.
It will change, but only after quite a few companies have been ripped a new one.
When I’ve bought residential property in the past, there have always been various fees to pay in advance, using the same bank details. So when it comes to the final big payment, I’ll have already had the bank details for weeks, and have already used them to send previous payments. Double checking the payment instructions by phone just before making the payment helps too, as that allows confirming the account and the final amount.
It's a principal-agemt problem. Real estate agents hire their friends to do escrow.
And we already know the solutions to that
My advice to anyone buying or selling is to get the attorney's phone number from a known good source in advance, and call them to verify the wiring instructions before submitting. Also compare the bank account name down to the character with the real one (although I don't know how hard it is fake this). Your bank should read off the bank account info you're sending to before you give the confirmation to proceed.
Depending on how sophisticated the scammer is, the MiTM between communication can be transparent to the victim.
This is fraud. It might not be recoverable immediately but it merits a police report. And maybe with that report you can have the receiving bank take action
No affiliation besides having a friend who works there.
And it's yet another party that can get hacked.
The solution is for the parties to talk too each other to verify their relationships, instead of replacing all the trusted people by random websites.
Remember that all complex systems operate in a degraded state. If there's ever a way that only part of a complicated swap executes correctly the trade can get really far out of position. People in Ethereum land will say things like "the smart contracts can't possibly execute if all of these conditions aren't met!", but I can assure you that lots of extremely fault-tolerant systems built by very smart people (like electronic stock exchanges) have failed in very surprising ways.
Weakly collateralized flash loans are just faster leveraged tools with all of the tradeoffs that entails.
YMMV, there's definitely a lot of money to be made.
https://www.youtube.com/watch?v=SjbPi00k_ME << Relevant.
To make an analogy, imagine that instead of DeFi, we were talking about skyscrapers. Imagine that thousands of engineers funded by millions of people who believed in them were building 25 kilometer tall towers using technology that they discovered in Isaac Arthur videos. And they were doing it today, before any of the technologies like active support structures had been properly matured. That's what's happening here. It's not that building towers is bad or unsafe, and it's not that the technology behind 25 km towers is fundamentally unworkable, but it IS the case that you shouldn't be doing it just yet given our current engineering knowledge.
Defi is insanely cool, insanely powerful, and it will dramatically change the landscape of society. But given the state of today's technology, if your product is anything fancier than Uniswap (sorry Maker, sorry Curve, sorry YAMs, sorry Augur, etc), it's not safe and it's ahead of its time. A lot of these projects are repeats of things like pets.com. Great idea, but it was too early (Amazon eventually fulfilled the vision though).
If crypto is building poorly-engineered space elevators to get out payments to and from the sky, maybe the current system is throwing them in artillery and parachutes and hoping they land where you aim.
As a person who has been around this tech since 2011, can you explain what exactly it is you find so fascinating about this other than the seemingly absurd amounts of money some people have made so far?
This all just seems like a reshased version of the DAO to me and I have ignored it entirely.
Substitute "software" for DeFi. Every single day we're playing with fire through low quality code and bad security practices. DeFi just exposes the real financial costs and consequences of terrible software development. How many countless dollars and hours and data have been lost through bad code?
Instead of fearing from the risks we should quantify and analyze them.
Or, another way: each exploit and oops only improves the system, rather than being a signal of its failure.
And let's be honest, the competition is still "Oops, I accidentally sent $900M to the wrong party." [1]
The counterargument there is that Citibank is currently pursuing a resolution in the courts to that issue, and if they win they will get their $900M back. If you flub a DeFi transaction, you're shit outta luck.
This is not necessarily true. If the system architecture is highly complex and poorly designed, each exploit will result in a patch which will only make the system more complex and more brittle. IMO this is exactly what is happening with Ethereum.
But the analogy is closer than you think. People still get badly burnt by real fire every day. Without coal fired power stations, blast furnaces and internal combustion engines we would not have modern society. If currently thinking is correct, without cooking food on fire there would be no intelligent hairless apes contemplating a future when DeFi actually does something useful.
PS: As the article says, transaction fees are of the order of $10..$20 per trade. DeFi trades derivatives in crypto currencies that have found no useful niche whatsoever (bitcoin being an exception, if you regard being the currency of choice for illegal activities as useful). In that environment, the only people who are reliably making money are getting those fees.
We've already been through this with algorithmic trading in stocks: the flash crashes of 2010-12. Some were way bigger in terms of damage than the entire crypto market.
So yes "there will be blood" but you'll see all of the DEXs and other mechanisms eventually implement the same techniques that NASD and the stock market implemented to fight it: limits on price movement, kill switches (probably automated), market pauses etc.
Any well-written smart contract has protections against front-running. For about a year I audited them for a living, and front-running opportunities are definitely something we looked for.
The simplest way to circulate commercial paper for daily transactions is the Benjamin Franklin paper money system which involves appointing public loan officers throughout a nation to issue equity loans to anyone in possession of unencumbered interest in durable real property which they are willing to pledge as collateral which the public can auction in the event of non-payment.
This way money is placed in circulation so that the interest paid for the first use of legal tender is publicly collected and immediately spent back into the economy and so that the total quantity of money expands dynamically in proportion to the aggregate quantity of physical durable capital.
Real and Useful: people can use the money as a store of value, medium of exchange, and a unit of account - and enough people believe in it.
[1]: transitively it affects users too, but it's a bit different either way.
Ethereum is still a "world computer", but it's a world computer for high-value transactions, which are generally financial.
Ethereum is an unstoppable world chat room (ledger), maybe.
And yes, ethereum has more potential for problems, it's a much more complicated system than bitcoin. Their current goals are proof of stake (getting away from energy wasting mining) and scalability. Bitcoin is great for what it's great for, being digital gold, but it's pretty far from replacing Visa, ethereum actually has a shot at that.
Viable model checkers for basic software contracts existed since the 80's, and the modern incarnations are insanely powerful (Z3, ...) + quite approachable (Rosette, ...). They're used to tackle software verification problems magnitudes harder than "money can only go from here to there in this tiny software contract": race detection in distributed file systems, bugs in hardware circuits, security holes in big javascript libraries, etc. I think of these same not-very-secret tools every time I see one of these articles, and yet the engineering fails keep happening.
A few teams deploy tech here, including built on the above, but it seems like most do not. I'd say mind-blowing, but at this point... mind-numbing?
I do appreciate the author being frank about how bad the status quo is.
EDIT: To give a sense of this -- the same people will talk about meticulous cold storage key exchanges with someone always being there to watch, driving into the desert for bootstrapping secrets, and then for their actual operations, deploy unverified contracts.
Model checkers can tell you thinks like 'there are no underflows' and 'these two pieces of code are identical', but if you want to know whether there is no arbitrage or front-running, you're well past the capabilities of the state of the art. It's not merely a matter of spending $500k on CI and auditing.
And then you've got a separate issue, which is that the space is super competitive and moves extremely fast. If you spend 6 weeks getting your new contract audited, you may well miss the window where people will care about the project you launched. I don't think this is a healthy culture, but it is one that many teams are trying to compete in. And therefore they ARE willing to bet millions of dollars without taking any time to audit, because the expected value of deploying faster is higher than the expected value of deploying more safely.
For projects that are comfortable moving more slowly, formal verification IS a big focus, and the cryptocurrency industry has been a material driving force in many security related technologies such as reproducible builds (Gitian), reproducible bootstrapping (Guix), and software verification methodologies.
* I would agree that paying consultants to audit contracts is prohibitively expensive. It's the equivalent of paying pen testers to do your unit testing & security engineering - that's a costly way to do your basics
* I disagree that model checkers can't check for stuff like front-running. It's not textbook, but close: the first papers on model checkers were specifically temporal logic for stuff like ordering issues. That was ~35 years ago! Contracts are similar in size, and both computers + solvers have gotten exponentially better. For my day job, we do TLFOPS for $0.20/hr, in Python.
* Reproducible builds, bootstrapping, etc. are real... but the 20%, and skipping the 80% I'm talking about. Verifiable VM IRs + verifiable contract lang subsets + contracts verified against them. Yes, we've seen sw supplychain attacks against some projects. More than that? Buggy contracts, buggy contract libs, & buggy blockchains.
I get that crypto startup people don't know this stuff, but you can hire 1-2 devs (= $500K) that can. Even if verifying against full abstraction is likely out of reach due to the security mess that is the ETH VM & friends, chiseling out subsets and running the model checking equiv of fuzzers isn't hard. The status quo of not doing it makes it look like an industry of folks not running unit tests before pushing to prod. (See: article.) It's not that hard. As more money gets into any company here, my expectations go higher, even if that industry's haven't.
I imagine this will happen after the low-hanging fruit (the front-runners described in this article) is gone.
Providing formal security proofs may be forever out of reach, but if the tools get expressive eventually it'll be a battle of who can throw the most CPU at the solver, to the point where no cost incentive remains.
Either way, it will spur developers to use these tools before their attackers do.
Although they, or their predecessors, didn't necessarily do the former in the first few years of Bitcoin. Lots of exchanges, including the very biggest, were compromised and robbed.
Maybe there's a cycle where particularly terrible outcomes help to create a new consensus on basic safety precautions.
But yep, after looking at the hoops verification folks are having to jump through to run safe contracts on insecure blockchain VMs, maybe doing something else with your $ can also make sense.
Thank God it's just a game.
You're just used to the stupidity, so it's easier to scrutinize the new things. But there are people out there who take those downsides seriously. And sure, you're always trading old problems for new, different problems, but it's nice to have the choice between those trade-offs for once.
ugh. It's not what you know, it's who you know
That said, this looks like a very interesting and rewarding system to hack. But it seems to serve little purpose. The other comments comparing it to Eve Online are spot on
"Better yet, if you happen to know a miner (we didn’t), you could have them include the transaction directly in a block, skipping the mempool—and the monsters—entirely."
In the bitcoin ecosystem, as far as I know, basically everyone can be a miner, right ? If you are running the bitcoin client you are mining and there is no particular barrier to entry to mining ... just run the client and mine.
How is the ethereum ecosystem different ? If they could avoid all of these complications by mining, why didn't they just fire up their miner ?
The number of blocks being mined is constant for the entire mining ecosystem, so you are basically competing with all the other miners to create a new block.
But bitcoin transactions are orders of magnitude less complex. So you don’t get these “frontrunners” at all.
I agree with the other comments on here. Blockchain/crypto has always made me uncomfortable. I think it's a mix of the slimy get rich quick aspect of it that draws a lot of people and the cyberpunk/dystopian rhetoric around it.
I also think it's telling that even though Blockchain has been this hyped thing for 6+ years at this point, we haven't really seen it actually be used for anything outside of cryptocurrency, which in and of itself isn't used for much outside of speculation. On the other hand, machine learning is used in everything now and makes a lot of stuff better.
It definitely sounds like there's an additional major innovation that needs to happen with this stuff before it's really usable.
Did you know that the Neural Network has been around since 1958 [1]? Machine learning is not a technology that is just 6 years old. The latest AI trend is also not the first or second time that AI has been through a massive hype cycle.
The problem with the cryptocurrency space is that it's financial innovation. And just like financial innovation on Wall Street, this tends to draw out the slimiest people in society, because if you get someone to believe in your product they may well leverage their mortgage and throw their life savings at you. It's crushing to see people do this, especially because pretty much only the malicious projects get hyped up that much.
But that doesn't mean that there isn't any truly groundbreaking innovation out there. Cryptocurrency changes the fundamental scalability of society. A key bottleneck for human society is trust - at some point a system gets large and corrupt, and it becomes difficult to keep bad actors from imparting a large amount of negative influence. But cryptocurrency allows us to design systems that don't require any trust at all. They _cant'_ be corrupted, because a combination of incentives and cryptography keep everyone safe.
As this blog post shows, there are still a lot of rough edges out there, but the technology is innovating rapidly. I do think the hype is probably 5-10 years ahead of the technology, but in the grand scheme of technology (think of how long it too Arpanet to mature, or Neural Networks to mature) that is not much time at all!
[1]: https://www.computerworld.com/article/2591759/artificial-neu...
I would like this to be right but then I ran into
https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3197300
which discusses economic limitations to the incentives for blockchain mining. (One part is that if a cryptocurrency gets too valuable, the value of a double-spend attack could exceed some models of the reward for honest mining. Another part is that if you have unregulated derivatives, you can own a negative amount of cryptocurrency, which means that your financial incentive can be to actively damage the cryptocurrency rather than helping it. Satoshi's paper seems to assume that you can only own a positive or zero amount of bitcoin rather than a negative amount, when arguing why miners are incentivized to be honest.)
(This is also true for the ability to short, or insure, any asset -- you can be financially incentivized to damage it -- but elsewhere this incentive is partly countered by law enforcement investigations of some trades and insurance claims where people profited significantly from accidents, disasters, or scandals. Smart contracts on blockchains let us build insurance and derivatives markets where you can bet against things without identifying yourself. In fact the whole underlying discussion here is about how the person who claimed this particular asset in Ethereum is anonymous and probably can't be punished for doing so, even if we believed that the claimant wasn't entitled to make this claim. That could be equally true if the person were collecting an insurance contract payout. That's potentially fine if contracts can't create new incentives to cause harm, but maybe not so awesome if they can.)
>But cryptocurrency allows us to design systems that don't require any trust at all. They _cant'_ be corrupted, because a combination of incentives and cryptography keep everyone safe.
This article definitely doesn't describe a system that lives up to that ideal at all. Which is why it's so scary - when you remove manual oversight you're essentially saying "Hey, if you can hack this, you win!"
The original person lost $12k by a mistake of their own, namely sending it to the wrong place. I wouldn't call that fraud. That this money is then in a weird unintended limbo and can be picked up by anyone who noticed, and someone tried to whitehat get it and give it back, and they failed, does still not make it fraud IMO.
It's a different system with a different set of tradeoffs. I don't think it's accurate to just call it "worse".
Did they ? Why is it fraud ? If you kill my orc in WoW and steal my gold, is that ... what ? Theft ? Fraud ?
Are liquidity bots fighting over broken ethereum contracts more or less abstracted from reality than WoW gold ?
The problems described in the article are very particular to the Ethereum cryptocurrency and its implementation of smart contracts.
So, you "feel uncomfortable". I too, felt bad about the described situation, and that's a reason not to use Ethereum's smart contracts.
But cryptocurrencies are already useful outside smart contracts, and IMO it is a mistake to confuse both.
This is being spearheaded through the UN and the ID2020 alliance.
As a developer that uses the EVM quite often, this had me laughing out loud!
That matches my experience with pretty much everyone!
And yet there are still the people doing things I could never think of doing and doing it very quickly. I want to get to that place.
That turns into open source contributions in packages that affect far more than EVM.
And some truly lucrative knowledge and utility. Except people want to debate utility whereas nobody batted an eye at mobile even though people only use like 5 of the hundreds of apps they have. (People made fun of apps getting big checks but it was all in fun, or congratulated individuals developers making 5-6 figures from app stores, but mention a dapp on a blockchain and everyone looses their minds)
If you have multiple such bots, would they fight over the loot, increasing the reward until it's all given to the miners?
Are there any logs of rejected transactions that existed in the mempool? Is there evidence of such fighting?
Here is a $188 transaction fee - looks like they were trying to "mine" compound from a $5 million flash loan? https://etherscan.io/tx/0x0d5def630cd20a1a24389982e99801e011...
There is/was also so-called "back-running" where bots spammed many transactions with the same gas price as a target transaction: https://github.com/ethereum/go-ethereum/issues/21350
What is the point of "back-running?"
I don't mean to offend people who do love blockchain tech, in many ways I don't blame you. But is this feeling I have somewhat common? I'm not even sure how to justify it.
1) Proof-of-work systems are pure, unadulterated energy waste (and an ecological disaster as long as we depend on fossil fuels). They cannot, ever, be allowed to become significant in the economy, lest our future will be building a Dyson sphere around the Sun just to power everyone's ability to pay for a hot dog on their way to work.
2) There are a lot of naive ideas about how economy and society works surrounding major cryptocurrencies.
3) The main users of cryptocurrencies are (AFAIK) criminals and amateur financial speculators.
4) Statistically, you can expect any random startup in this space to be a scam.
It's a wild west. Trading unregulated money tends to disproportionately attract the worst kind of people.
1) Yes, proof of work is terrible long-term, mainly because its cost scales with the market cap of the cryptocurrencies it secures. Ethereum is switching to proof of stake, which uses a normal amount of electricity and forever solves this issue
2) There are also a lot of excellent ideas and projects. For example, Gitcoin, quadratic funding, quadratic voting https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3243656
3) It's true that there are many scams/crimes in crypto, and that many or most holders of cryptocurrencies are speculators. What makes crypto different from tulips is that many speculators believe that crypto will come to power large portions of the world's financial and economic infrastructure.
4) Whether a random crypto startup is likely to be a scam depends entirely on your filters and definition of "startup". If you limit your population to projects or tokens with some level of social validation, such as being top-ranked on coinmarketcap or backed by in-industry VCs, then there're hardly any scams at all. Ethereum now has hundreds of quality teams working on many different parts of the ecosystem. For example, the DEX space (decentralized exchanges, eg. https://uniswap.org/) is very different than the layer-2 scaling space (eg. https://optimism.io/)
5) [It's a wild west...] Respectfully, this is an unkind or perhaps bigoted statement. I have many friends in crypto who are thoughtful, kind people. They think deeply about the ethical implications of the systems we're building. The same is true of many leaders in the space.
But as I like to keep an open mind about new tech, I always wonder if something like this could have been said about the early days of Linux:
1) Open-source is pure unadulterated theft of other peoples' work. This model cannot ever be allowed to become significant in the software economy.
2) That people who are into open source have naive ideas about how economy and society works.
3) That the main users of Linux are into other shady activities like hacking (the bad kind) and ripping other people's work.
The main reason I think the analogy doesn't hold that well is that we are now a decade into crypto with few signs of adaptability, while within a much shorter duration you could say that Linux was already showing signs that it was going to lead to a paradigm shift in the software industry.
Having just typed this I realise that one can argue that within a decade the market valuation of bitcoin (whatever that means) reached $200B which is a spectacular achievement, and one can argue that that is its way of showing that it will be a paradigm shift of something in finance.
The more you pollute, the richer you get. I can't understand why nobody talks about this.
Proof of Work gets a bad reputation because people have a hard time wrapping their heads around why it is useful. People don't complain about all of the energy that goes into making concrete, or transporting people around, or making houses cooler, because the impact of these things is more direct and less abstract.
But proof of work has a massive benefit that - as the market shows - well outweighs the cost. Thanks to proof of work, a group of counter-parties that are all fully mutually distrusting can interact with eachother without electing a mutually trusted subset or finding a trustworthy third party to facilitate the transaction.
Within the rest of society, trust is extremely expensive. Large financial institutions are only able to operate within the context of a massive court system with a massive law enforcement arm and necessarily privacy violating technologies like KYC. Proof of Work allows us to throw all of that away and use something much simpler and more privacy preserving! You trade one expense for another, and in many cases, Proof of Work transactions are able to succeed in areas where banks could never reasonably get established. That is _massive_ value added to society. And yes, the cost is this giant proof of work engine that burns a lot of electricity. But it's not _waste_, it's serving a key purpose that nothing else is able to serve.
In areas where trust is cheaper than Proof of Work, you should use trust instead of PoW. But the world is full of places and opportunities where PoW is by far the cheapest way to get something done.
> 3) The main users of cryptocurrencies are (AFAIK) criminals and amateur financial speculators.
The problem is that to fix this, we need governments to wrap their heads around this.
Cryptocurrencies exist as a thing that allows people to engage in pseudonymous financial transactions over the internet. It's going to be really hard to put the genie back in the bottle. Particularly for black market transactions, because then you can't even ban the currency since they'll just ignore the ban on the currency at the same time as they're ignoring the ban on the product the currency is being used to pay for.
Which means that the best thing we could do is out-compete it using a more traditional financial system. When the existing KYC laws have already been voided by the use of cryptocurrency, just admit the loss, stop yielding a competitive advantage to the system which is destroying the environment, and let people have pseudonymous bank accounts and smart contracts and so on, in ordinary banks and based on the trust in ordinary banks and governments rather than the trust in proof of work.
That would destroy the utility of cryptocurrency, and it could be the only way to really do that.
It means that you have to take precautions instead of the government telling you what you can or can't do (using money they took from you anyway).
The energy concerns are valid. I hope that the cryptocurrency that ends up winning is energy efficient.
Not really a fan of crypto overall (although I own some eth as a hedge in case it takes off), not contesting your other points.
Also think what all those engineers could do with all that effort.
[1]: https://news.bitcoin.com/the-bitcoin-network-now-consumes-7-... [2]: https://www.bbc.com/news/technology-48853230
Maybe it's something about blockchain tech, but I have the nagging feeling that HN is just getting old and complacent. If this community had existed, in 1995, on a BBS, it probably would have found nothing but fault with the emerging web.
I can't understand why a tech-minded person would find blockchain repulsive. It's (in the case of Ethereum) the biggest and most powerful distributed computing environment. BTC has a history of no major losses or exploits in 10y of existing in the most adversarial environment I could think of.
HN meanwhile: let's get totally over-excited by a new ePaper reader with drawing functionality.
The community appears full of -as another commenter put it: “Blockchain culture is full of Ferengi-style near-religious greed”. Crypto-anarchists with an axe to grind about inflation and monetary policy/government spending.
I find the technology fascinating, if woefully inefficient. It’s a novel idea whose use case doesn’t seem to markedly improve things for the average user, but introduces a number of downsides.
> the biggest and most powerful distributed computing environment
That does what exactly? Wasting energy to determine if I can transfer $0.3 to my friend to demo it? Suppose you wired them and ran scientific studies/simulations. You’d probably get more useful results out of the energy you just spent.
Perhaps at some point someone will design a distributed blockchain system that (a) isn't a total power hog and (b) provides some sort of human curation that I can do so that I'm not hosting someone else's NSFL picture collection.
Until then I'll just watch from the bleachers.
right now, i'm not personally a huge fan of proof of stake because of the 'nothing at stake' problem, but one will eventually take off.
Storing everything forever perpetually on the blockchain just doesn’t seem like a feasible or good idea to me, and the wasted computation to do anything is annoying. The whole space seems filled with people who hold similar views about economics: all inflation is bad; all government and financial intervention in the economy is bad; all our money problems would be solved if people could just trade with each other, etc.
Also, pet peeve-many times I’ve heard blockchain enthusiasts talk about this idea that you can just put your data on the blockchain and pay a reasonable free and people will keep it there forever, you can move all your business computation to the blockchain by paying people who perform the computation. Nevermind how much of an outrageously poor idea that is: why on earth would I store my data on there, encrypted or otherwise? Why would I want random people carrying out business critical computation for me? Some of the chains are already pretty huge, can you imagine how big they’ll balloon out to within 6 months if businesses started lumping all their stuff on there, let alone 10 years. Storage being cheap is the “throw more hardware at it to make it go faster” off blockchains and is in no way a good fix, not is it in any way preferable to running your own machines.
Well, I am working in big old industry outside the USA and we just bought a data ingestion solution from... Palantir! The NSA company which is basically a spy arm of the US government.
If it saves a buck, companies will do way dumber things than move to blockchain in an instant.
Also, storing data on the BTC or ETH chains isn't economically feasible - there are chains especially for that and usually, you just store the SHA-256 hash of your data on chain to prove authenticity while storing the data off-chain.
This can't be true since there are major cryptocurrencies that are inflationary, for instance Monero.
1) the optimal supply of money is externally determined by the needs of commerce for liquidity,
2) new money can be created to meet the needs of commerce through public loans secured by real property pledged as collateral without any fixed artificial limits on supply
3) money may be circulated with an expiration date to discourage long term hoarding,
4) general governments should retain the ability to suppress the private issuance of bank notes and regain public control of the circulating medium of exchange in order to emit unsecured notes to pay for defensive war expenditures in the event that it cannot obtain loans from private banks and it is existentially necessary to do so
So some of the ideals espoused by blockchain activists may clash a bit with that.
- Document storage and attestation
- Supply chain and provenance
- making digital art non-fungible in the sense that copies exist but ownership of an original as well
- Resource allocation in IoT by creating M2M markets
I think the reason people dislike blockchain so much is because the promise that blockchain will do DoEverythingBetter™ is not very convincing.
All things considered, this industry is pretty small... but it's an industry. It's already been around a decade and could easily last for many more.
In that time, people who work in the blockchain space will bring those ideas, concepts, and ideologies to other industries.
When you think of it that way, looking under the surface for interesting ideas does not seem so far fetched. I think this post did a great job telling a story about the new and fascinating concepts.
(excluding people like Vitalik, who are more analytic and less dogmatic, of course)
(Someone will reply that you're supposed to use a layer 2 protocol for that, but that looks insanely complex for most people.)
The common use-case on Ethereum is sending tokens from A to B, and that can't be front-run or falsified by a bot. This is the original use-case of crypto: sending around symbolic tokens that represent money.
Ethereum also has a lot of other usages though, and here is where it can get hairy. For instance, exchanges exist (Uniswap) where you can swap Token A for B. However, your intent is an Etherereum transaction which can be read by bots as you publish it and can be front-run if you are not careful.
In this case, someone basically misplace money: instead of sending it to an account, they put it onto their car rooftops, up for grabs. And then, some Mexican stand-off happened: the bots wouldn't notice but once the white-hat hackers moved, the bot would try to grab the money faster.
Ideally, the white-hatters would have crafted their Uniswap interaction in one transaction - they are atomic and the bots wouldn't have a chance to interfere. But it got late and they tried to hammer away the problem and allowed the interaction to spread over two transactions.
As such, the permissionless-ness of it, where anyone can send value to any one or thing, for any purpose, evokes disgust.
It's basically libertarianism, institutionalized as a technological platform and network, and if it succeeds, it means the ideological camp you identify with will have suffered a crushing and lasting defeat.
Blockchain is like a solution without a problem. The only thing that can be done with blockchain that can't be done without (i.e. decentralization) is something that mostly has no application in the real world. And there is no need for it because the technology for that exists since over 2000 years. If it was needed, someone would have done it already long ago.
But who knows, perhaps at some point in the future a use case will emerge.
Uniswap itself is a pretty interesting protocol:
> Uniswap is an exchange protocol that allows users to trustlessly swap ERC20 tokens. Rather using the traditional order book model, Uniswap pools tokens into smart contracts and users trade against these liquidity pools. Anyone can swap tokens, add tokens to a pool to earn fees, or list a token on Uniswap.
https://docs.ethhub.io/guides/graphical-guide-for-understand...
It seems like the money could have been safely claimed using a tiny amount of crypto. Something like creating this contract:
contract Example {
function Example() public {
if (keccak256(msg.sender) == HARD_CODED) {
do_transfer();
} else {
do_something_terrible();
}
}
Writing bug-free code is hard enough, but this adversarial environment is fascinating and takes it to another level.
In the third book we are treated to some pseudo-dialog between an attacker and their supervisor(s) deciding whether to preemptively attack an area of space (trying not to spoil here) and the options on the table - a tiny kinetic strike at near light speed vs. the "flattening" that they eventually decide upon are both presented as nearly zero-cost...
I'm excited (and slightly terrified) to consider a future where autonomous agents rent compute time to host themselves, provide 'services' autonomously within the cloud to earn funds, and then periodically reproduce by splitting their wallet and moving it to a new host. Add in the ability to mutate (or even hire humans to implement directed mutations), and I think this hits all the requirements for my definition of 'what is a living organism'.
If it's the latter, that's kind of a shit move.
I feel like the dumbest of all (and maybe it's normal it's far away from my area of expertise). But seriously this sound more like a sci-fi plot that actual engineering.
Stop talking down on people just because you don't understand their jargon. Either keep quiet and learn or don't judge at all.
If someone can take the transaction you just sent and somehow jump in front of you to execute the same one, your system seems fundamentally broken.
While I could articulate -and genuinely believe in- a raison d'être for the alt-finance tools created by blockchain systems, the premise and concrete value of the exceedingly sophisticated mechanisms in ethereum continue to elude me.
Given the primitives of account & transactions through distributed ledgers, one can construct a wide variety of services and use cases that interface with the real world on the user side and on the 3rd party service side.
Are there any services and use cases in ethereum-land that are actually oriented towards users? Because it seems to me that the only group getting measurable value beyond education are actors seeking to extract profit from "legitimate" value store or flow.
And I thought getting away from them was the entire point of Bitcoin et al. for the ordinary man.
But how could you guarantee the miner was trustworthy, and wouldn't just take the money after you told them.
Hmm...what if we could come up with some sort of smart contract...
(recursion ensues)
It's not necessarily always good for the bots either. They can be exploited and tricked as well.
Is the money really "locked up"? No money actually enters these systems; whenever someone buys a token with money, there was someone else selling that token for money, and the money went from the buyer to the seller, who is free to do anything with that money.
anyway, yes there is money locked in the lending platforms. most of it is used as collateral, which is locked when borrowed against. the reserve ratios are high (60-80%), so unlike a regular bank, no money is "printed" when lent.
"real money" does enter these systems. people spend resources to acquire real money which is subsequently traded then locked into these platforms. also, while a lot of ethereum tokens are simply minted with no real backing, some are mined (even erc20), which again people dedicate finite resources to
We also couldn’t have been sure that a method that could recover $10 would be able to recover $12,000. Bots won’t bother to snipe opportunities that are too small (they have to put a little money at risk to even try).
Finally, there was a nagging worry that demonstrating this kind of transaction for the bots could “teach” them to look for this opportunity, which could lead them to this money even before we tried to pick it up (since they could scan the blockchain for it). I had heard that these bots sometimes used recent transactions as “hints” to look for new profit opportunities. It sounded like a wild idea, but all of this was pretty wild.
If you're a blockchain naysayer [1], I'd invite you to go read this paper to measure how deep, rich and complex the world of smart contracts is, and at the very least get a feeling that you may simply not know how uninformed your negative opinion is.
With cryptocurrencies, you want to "slow" the system down. You want more redundancy. You want less efficiency. It's the only way to fight the automation monsters. Bitcoin is money. Ethereum is a fun and experimental Dark Forest.
But no, they had to make it Turing-complete. That failed quickly. Remember the DAO debacle. That should have been a teaching moment. But no. Because the people burned were insiders, the whole Etherium blockchain was split to rescue them.
https://solidity.readthedocs.io/en/v0.7.0/search.html?q=port
The more I see people burning themselves on “smart contracts” the more I realize how deeply thought through bitcoin’s design is. Creators have thought of so many things in advance, it’s outright creepy.
I used to work in the space in the blockchain tracing space - I helped build one of the first intelligent tracing systems that could handle tokenized assets on ETH.
I have zero regrets leaving the space...
Perhaps starting with a general accusation of the community is not the best method. But I'll move on... There are things that are very important to understand about blockchain. The most important one is that the technology and the systems built on it are _extremely_ young. Blockchain is like the 80s of computing. I would compare it to editing Unix system settings with "nano" to adjust a basic setting of your operating system - lots of horror stories for sure. The big difference is that people are out there to make money off of your mistakes. Yes, it can be a hostile environment. As the article alludes to - full anonymity of transactions is still in the pipeline! I do no know a single blockchain project out there that allows to interact with contracts anonymously yet. If blockchain is still alive a few years from now (and I have little doubt about that) then things like Optimism (mentioned in the article) will have made a whole array of shortcomings obsolete. Awesomeness does not happen overnight, it took _decades_ for the internet to become the ubiquitous integral thing that it is now.
Actually, I'm glad the author used Uniswap as an example, because it is a simple and powerful system that would not have been possible without blockchain. (Aside: Uniswap is actually one of the first products to create a POC of running on top of Optimism's Optimistic rollups, so they are no unaware of issues). It was conceived initially by Vitalik himself and implemented as an Ethereum grant. The basic idea is that a contract controls two pools of tokenized assets. The assets are provided by people who get a cut when a trade happens. The price of assets being exchanged is equal to the ratio of their quantities in every pool. That is it!!
Now, why do I think that a system as Uniswap is awesome. Right now most tokens are either tokens for other projects or USD. As the variety of tokenized assets grows (for example some Japanese banks are looking to create a digital Yen, and there are clues that suggest it might be on Ethereum) what you get is an extremely simple no-middlemen system for exchanging things of value. Now, in theory, any programmer can write a program, say, for currency exchange in one evening - no middlemen, no 3rd parties to trust, no banks, no clearing houses and a basic API anybody can integrate. The system is not perfect, and that's what the article is about. But the concept can be revolutionary.
The blockchain money-grab is disgusting to look at. But do not throw the baby out with the bathwater.
If you’ve ever done any business (sales/purchasing), you’ll soon see that trust is not really a problem. Trust is only a problem in single-transaction deals (two entities trade once and expect to never trade again), which is pretty rare. Even in that weird case, branding and reputation are actually quite good ways of providing trust.
In fact I would go further and say that the only entities that are impervious to the “conventional” approach are governments, by virtue of being monopolies.
I’ve heard amazing tales of what blockchain should be able to do, but so far it looks like they’ve failed in everything they’ve set up to do.
Blockchain currency (I’ll generalize a bit) was supposed to be a store of value. They are so bad at this that they’ve become an investing bubble, and one of the assets with highest volatility out there.
I’m still waiting for useful demos of blockchain technology that aren’t contrived situations or just smoke and mirrors for startups to get funded.
If the VM can change, but the code can't, it's gonna be hard to maintain.
A visual explanation of how someone made 12,000 USD in a single Ethereum transaction with front-running.
Also, I have never seen a project simultaneously so intelligent and so devoid of wisdom (or vision) as Ethereum. Its complexity is going to turn people insane. It's a case of the blind leading the blind; making things up as they go.
OTOH, in the long tail case where we see a revolution in monetary policy theory, early crypto adopters can stand to make ridiculous amounts of money.
There’re front running resistant decentralized exchange PoCs on Ethereum. It’s only a matter of time (and governance) before we could have this technology on Ethereum.
Mine too and Hyperion andandand :)