undefined | Better HN

0 pointsafidrya4y ago0 comments

In simple words, he should have called a smart contract's function which would withdraw his tokens and send real ETH to his address. Instead, he sent tokens to smart contract's address and they will stay there forever, not associated with any account. This complexity should be abstracted away by wallet's UI. Users don't have to call APIs directly. Also, this whole situation could be prevented by trying to send a smaller amount first.

0 comments

26 comments · 5 top-level

BatteryMountain4y ago· 9 in thread

It truly is laughable. Ever heard of "Return to Sender" in case of invalid events/transactions?

SwiftyBug4y ago

YES. Weren't these supposed to be SMART contracts? My email provider is smarter than that.

lobocinza4y ago

Every self-denominated SMART thing that I know of is DUMBER than the conventional thing.

sanderjd4y ago

"Smart contracts" was always a really bad name for this functionality.

1 more reply

lottin4y ago

A better term would be dumb contracts.

capableweb4y ago

First time I hear about IMAP/POP3 provider being able to "undo" emails after being sent. What provider are you using and how does that work behind the scenes? And no, gmails fake "we don't actually send it until you close the tab/wait 30 seconds so you can undo it" doesn't count.

3 more replies

noduerme4y ago

Yeah. Even in the original bitcoind API you would run a validation call on the address and the spend before actually committing it. Afaik you couldn't accidentally send coins into a black hole even if you tried.

riffraff4y ago

I think the address was valid, the problem is that there is no way of getting the coins out of it.

The same thing was done on the bitcoin chain, e.g. counterparty[0] was relying on a "proof of burn" which was basically "Send BTC to a black hole".

[0] https://counterparty.io/docs/faq-xcp/

1 more reply

RedShift14y ago

The thing is that is not an invalid transaction. The problem is in what happens _after_ the smart contract has received the money.

noduerme4y ago

As far as Ethereum is concerned it's valid, but the contract API is riding on top of Ethereum's blockchain. It's middleware. It's responsible for enforcing the contract. How does it have a giant black hole in it?

1 more reply

noduerme4y ago· 6 in thread

I've written middleware APIs for accepting currency in carts and casinos that interfaced with / polled bitcoind and other daemons. Why on earth would this person be calling APIs directly, and why would the daemon not just reject the transaction if it's an unexpected kind of token? Or if he added funds to the contract why not be able to remove them to the same address? I never dealt with smart contracts but even allowing this to happen without an error seems like a crazy, terrible design.

jazzyjackson4y ago

from the reddit comments, similar question, apparently every instruction adds gas fees to running the contract, so if you're going to use the contract a lot, you leave out any kind of validation.

>> Wow why didn't the contract creators think this through and block requests to the contract

> Because adding that check would increase the cost of every user transaction. All AMM swaps would be done with WETH so it’s the right call to not have it in there

dTal4y ago

There are, of course, other industries with financial incentives against safety features. We usually regulate them.

We can point and laugh at this one person, but according to the reddit thread they're the 265th person to make this mistake, and more than half of the money in the inaccessible account is not theirs.

2 more replies

XorNot4y ago

I really can't think of an expression other then "lol" to sum up my response here for just how incredibly stupid this is, as a "platform of the future".

A design which actively discourages robust programming and error handling in financial software. Wow.

1 more reply

ddingus4y ago

Good grief, this is like machine language for money

1 more reply

kwertyoowiyop4y ago

“Premature optimization is the root of all evil.” And now in a whole new way!

noduerme4y ago

Back in the day or at least when I ran my own bitcoin node, any call against the blockchain was free. This sounds like someone charging for hitting the API on a rented node, as opposed to an actual cost imposed by the currency to consult the blockchain (?) But maybe the contract-generators aren't even running their own node, just piggybacking on someone else's API. Sure. Cheaper.

1 more reply

bigtex884y ago· 4 in thread

In simple words, he should have done what everyone else does and used Uniswap or Zapper or Sushi or ANY exchange and swapped WETH for ETH that way.

This is just a dumbass user doing dumbass things. This is basic-level stuff right here. Don't interact with contracts directly unless you 100% know what you're doing.

UncleMeat4y ago

But people are allowed to interact with smart contracts. To obtain the WETH he needed to do that. This is a "why do we even have that lever" kind of situation. If my brokerage had a "permanently burn all of your money" button then it wouldn't be reasonable to just say "well, people shouldn't push that button."

We can even see this with the criticism of wire fraud. Wire fraud is a huge fucking mess that occasionally costs people their life savings. The entire setup is rightly criticized (heck, even by the crypto community) for having users interact with a highly error-prone system with huge consequences.

emteycz4y ago

People are allowed to login as root and delete their systems too. Yes, today's software doesn't make it easy - and the same can be said about this wallet/token; this was a complex sequence of steps in the wrong direction, not a missclick.

2 more replies

dpark4y ago

> This is just a dumbass user doing dumbass things.

I tend to agree. Dumbasses clearly designed this system if it allows money to be accidentally destroyed. Dumbasses doing dumbass things indeed.

throwhauser4y ago

> Don't interact with contracts directly unless you 100% know what you're doing.

But if you use any of the exchanges you described, you have to trust that they 100% know what they're doing.

It seems safer to avoid smart contracts and cryptocurrencies altogether.

Maursault4y ago· 2 in thread

> he sent tokens to smart contract's address and they will stay there forever, not associated with any account.

Wait... so the tokens are really still there, just inaccessible? In what way do the tokens still exist? What makes them inaccessible? Is there really no possibility of restoring the tokens? No possibility of cleverly hacking them out with the assumed myriad of unpublished security flaws?

pie_flavor4y ago

The tokens are a number in a hash-map of user to balance in the weth program. Any eth program ("smart contract") can be a user. All the smart contract that owns the tokens has to do is tell the weth smart contract to transfer them, or approve mister redditor to transfer them on the contract's behalf. But that contract wasn't built to do such a thing. And now that it's published, it also can't be updated to do such a thing. A new contract could be uploaded, but that new contract won't be the same user. So they're just gone for good. Hope that cleared things up.

triangleman4y ago

So, could the Ethereum community get together and agree to rewrite the blockchain and undo this transaction? Perhaps they could vote on it and have a hearing of the facts. Of course that introduces its own tyranny but is it possible?

2 more replies

sanderjd4y ago

It was a really bad design decision to have smart contracts have this "send to the address" capability, rather than requiring clients call a method that is explicitly defined.

j / k navigate · click thread line to collapse

0 comments

26 comments · 5 top-level

BatteryMountain4y ago· 9 in thread

It truly is laughable. Ever heard of "Return to Sender" in case of invalid events/transactions?

SwiftyBug4y ago

YES. Weren't these supposed to be SMART contracts? My email provider is smarter than that.

lobocinza4y ago

Every self-denominated SMART thing that I know of is DUMBER than the conventional thing.

sanderjd4y ago

"Smart contracts" was always a really bad name for this functionality.

1 more reply

lottin4y ago

A better term would be dumb contracts.

capableweb4y ago

3 more replies

noduerme4y ago

riffraff4y ago

I think the address was valid, the problem is that there is no way of getting the coins out of it.

The same thing was done on the bitcoin chain, e.g. counterparty[0] was relying on a "proof of burn" which was basically "Send BTC to a black hole".

[0] https://counterparty.io/docs/faq-xcp/

1 more reply

RedShift14y ago

The thing is that is not an invalid transaction. The problem is in what happens _after_ the smart contract has received the money.

noduerme4y ago

1 more reply

noduerme4y ago· 6 in thread

jazzyjackson4y ago

from the reddit comments, similar question, apparently every instruction adds gas fees to running the contract, so if you're going to use the contract a lot, you leave out any kind of validation.

>> Wow why didn't the contract creators think this through and block requests to the contract

> Because adding that check would increase the cost of every user transaction. All AMM swaps would be done with WETH so it’s the right call to not have it in there

dTal4y ago

There are, of course, other industries with financial incentives against safety features. We usually regulate them.

We can point and laugh at this one person, but according to the reddit thread they're the 265th person to make this mistake, and more than half of the money in the inaccessible account is not theirs.

2 more replies

XorNot4y ago

I really can't think of an expression other then "lol" to sum up my response here for just how incredibly stupid this is, as a "platform of the future".

A design which actively discourages robust programming and error handling in financial software. Wow.

1 more reply

ddingus4y ago

Good grief, this is like machine language for money

1 more reply

kwertyoowiyop4y ago

“Premature optimization is the root of all evil.” And now in a whole new way!

noduerme4y ago

1 more reply

bigtex884y ago· 4 in thread

In simple words, he should have done what everyone else does and used Uniswap or Zapper or Sushi or ANY exchange and swapped WETH for ETH that way.

This is just a dumbass user doing dumbass things. This is basic-level stuff right here. Don't interact with contracts directly unless you 100% know what you're doing.

UncleMeat4y ago

emteycz4y ago

2 more replies

dpark4y ago

> This is just a dumbass user doing dumbass things.

I tend to agree. Dumbasses clearly designed this system if it allows money to be accidentally destroyed. Dumbasses doing dumbass things indeed.

throwhauser4y ago

> Don't interact with contracts directly unless you 100% know what you're doing.

But if you use any of the exchanges you described, you have to trust that they 100% know what they're doing.

It seems safer to avoid smart contracts and cryptocurrencies altogether.

Maursault4y ago· 2 in thread

> he sent tokens to smart contract's address and they will stay there forever, not associated with any account.

pie_flavor4y ago

triangleman4y ago

2 more replies

sanderjd4y ago

It was a really bad design decision to have smart contracts have this "send to the address" capability, rather than requiring clients call a method that is explicitly defined.

j / k navigate · click thread line to collapse