Hacker News new | ask | show | jobs
by mannykannot 3498 days ago
>Now this is more a matter of dispute, but I wouldn’t say the hacker stole the funds...

Verification is Ethereum's Achille's heel. Everyone seems to trust that someone else will verify that the contracts they participate in will work securely as intended, and the DAO showed how well that works.

If Ethereum ever gets used as its proponents imagine, with multiple interacting contracts in progress at any given time, rolling back an error will not be nearly as easy as it was in the DAO case (and that was not particularly easy.)
1 comments
aminok 3498 days ago
That's every system's Achille's Heel. It's a human fault.
link
mannykannot 3498 days ago
The point is that in Ethereum's case, the extent of the problem is vastly underestimated by almost all of the participants. In most other cases, it is a risk that can be mitigated or accepted, but in Ethereum's case, it undermines the fundamental premise ('trustless' contracts.)
link
mbrock 3498 days ago
I think Ethereum users will mostly converge on a limited set of useful cookie cutter contracts and simple combinations thereof. New types of contracts will hopefully be received with skepticism, as "The DAO" should have been. So the premise isn't really undermined. It's just that the focus on writing custom contracts in a programming language will diminish as the basic framework matures.
link
mannykannot 3498 days ago
That is not the vision Ethereum was sold on.
link
mbrock 3497 days ago
There was always a pretty limited range of basic use cases for smart contracts: crowdsales, auctions, debt registries, currency tokens, multisig wallets, etc.

As people begin to use Ethereum for real-world organizations, they will of course prefer to use popular, tested, verified implementations of these basic contract types.

I'm not sure what vision you refer to, but anyway, original visions aren't binding!

link
mannykannot 3497 days ago
>they will of course prefer to use popular, tested, verified implementations of these basic contract types.

That worked out so well with the DAO. There was, of course, at least one person who did take the trouble to do his own investigation of its security ;-)

Perhaps you could point us to some verified implementations of these basic contract types (together with the arguments for their veracity, of course.)

link
aminok 3498 days ago
It's something that will change with experience.
link
mannykannot 3498 days ago
It certainly will - people will realize that the fanciful dreams are not feasible.
link
aminok 3497 days ago
And others will realise the possibilities opened up by Turing Complete contracting.
link
mannykannot 3495 days ago
Unless Ethereum can solve its verification problem, its biggest opportunities will be for scammers.
link