[stcredzero]

It's a stupid code mistake, but you wouldn't say the internet is a bad idea because some website got hacked.

But if you're setting up a situation where server after server is constantly compromised because of hard to discern reasons, then yes, that is a bad idea. Having an internet is something as obviously good as electrical wiring and highway bridges. Having a badly implemented internet is as obviously bad as faulty wiring and badly engineered highway bridges.

This stuff is making Ethereum sound like it was written by people as unqualified to make such a system as a dev who would use eval in nodejs code on a user supplied string is to implement an ecommerce site.

[heliumcraft]

Essentially this is the equivalent of a dev mistakely using an eval in the wrong place in a nodejs code. But all these articles are making it sound like the Ethereum team created the DAO and this issues affect Ethrereum as whole, which just isn't true.

[tremon]

The way I see it (continuing the simile): if you're writing something as critical as monetary transactions, everywhere is the wrong place to use eval in nodejs code. And when you're writing a dedicated language for monetary transactions, including eval in your API is just as wrong. The last part is why this issue affects all of ETH.

Solidify is a new language, specifically designed for Ethereum. If the response to contract issues like this is "but that's a known failure mode, don't do that", then that signals a problem with the language, not just the contract code.

[stcredzero]

If the response to contract issues like this is "but that's a known failure mode, don't do that", then that signals a problem with the language, not just the contract code.

It also signals a problem with the culture, with respect to the perceived amount of rigor required by the problem domain.