[RichardHeart]

I think it means a lot of people are going to lose a lot more money than $1 Ether would have meant.

1. The halting problem states you can't predict what a turing complete program will do, until you run it. This means to some degree, that you can't predict what your "smart" contract will do, until it does it. Thus turing completeness causes security to be far, far harder than non turing completeness. This is how you lose the millions of dollars as the DAO did after it passed audits.

2. Competing implementations of consensus code in different languages greatly increases breakdown of consensus. (more millions have been lost over this, and it created a fork at about 10 percent the value of the old chain.)

3. You can buy things with bitcoin. What can you buy with ETH? If you can't buy anything with a currency, it's not a currency.

Thus, human resolved chain rollbacks? Check. Failed consensus between implementations? Check. Passed audit yet totally failed smart contracts? Check. No place to spend them? Check. New tokens given out all the time forever? Check.

Every dollar that goes into bad ideas is taken directly from the good ideas. Smart contracts can never be smart until oracles are solved. Oracles aren't solved. ETH has all the technical odds and history stacked against it, however some how, the people that bought them aren't dumping.

There's a saying that the market can stay irrational longer than you can stay solvent.

[benchaney]

> The halting problem states you can't predict what a turing complete program will do, until you run it. This means to some degree, that you can't predict what your "smart" contract will do, until it does it. Thus turing completeness causes security to be far, far harder than non turing completeness. This is how you lose the millions of dollars as the DAO did after it passed audits.

The Halting Problem states that you can't create a general purpose algorithm for predicting what an arbitrary program in a Turing Complete language will do. This is very different.

[RichardHeart]

"The naïve Ethereum people think they've cleverly sidestepped this with the notion of "gas" but actually all they're doing is cheating with this messy kludge: because simply saying "we'll arbitrarily make the program stop running at some point" does not make "smart contracts" written in Ethereum "decidable" - as we've seen, these contracts can still blow up / go wrong in other ways before they run out of gas." https://www.reddit.com/r/btc/comments/4p0gq3/why_turingcompl...

[benchaney]

This comment is simply incorrect. The gas limits do make smart contracts decidable. It is a mathematical fact. Bringing the idea that things have gone wrong with Ethereum as proof to the contrary is completely absurd. Things have also gone wrong with Bitcoin [1]. Is it undecidable now too?

[1] https://en.wikipedia.org/wiki/Mt._Gox

[makomk]

Indeed. All you have to do is test every possible input, in much the same way that any computation on a real computer is technically decidable because the limited amount of RAM means that it can only have a finite number of states. Neither of those limits actually makes solving the problem feasible in practice.

[benchaney]

>Neither of those limits actually makes solving the problem feasible in practice.

That's the point. Theoretical limitations has no bearing on solving the practical problem. That is why RichardHeart's original point [1] is wrong.

[1] The halting problem states you can't predict what a turing complete program will do, until you run it. This means to some degree, that you can't predict what your "smart" contract will do, until it does it. Thus turing completeness causes security to be far, far harder than non turing completeness. This is how you lose the millions of dollars as the DAO did after it passed audits.

[jude-]

Pretty sure the parent was saying the opposite. Testing every possible input is infeasible, since the number of possible inputs (and number of possible states) is HUGE.

[jude-]

> This comment is simply incorrect. The gas limits do make smart contracts decidable. It is a mathematical fact.

This line of reasoning does not help me write better code, and does not address the parent's concerns. Using this argument, I can say that every single program I will ever run in my lifetime is also decidable, since eventually the computer I'm using to run it will stop working. This of course does not mean that I will write bug-free code, nor does it mean that I will write code that is feasible to prove correct.

What I want is a decidable programming language where it is always feasible to reason about the smart contract's halting states for arbitrary input. Bitcoin and its derivatives let me do this. Ethereum does not.

[nicksdjohnson]

Sure it does - the marvelous thing about a turing-complete virtual machine is that you can write a decidable language that compiles to EVM bytecode.

[jude-]

Sorry, I didn't qualify "always feasible" well enough. What I meant was, I want it to be feasible to reason about the halting states of every single smart-contract that will ever interact with my code. Not just the ones that I write, but also the ones that are reachable from my smart contract's call graph, and the ones that call into my smart contract.

If I can do this, then I can feasibly reason about how my code will react to other peoples' inputs (e.g. I can prove the absence of DAO-like re-entrance bugs). The fact that Ethereum allows smart contracts to be written in undecidable languages means that this is not feasible in practice.

[MarkPNeyer]

To elaborate:

You can look at some programs with your mind, and tell quite clearly what they'll do.

You can't write a _program_ that will look at other programs, and always give a correct answer.

[ellius]

"3. You can buy things with bitcoin. What can you buy with ETH? If you can't buy anything with a currency, it's not a currency."

This is the one that really sticks out to me. What do people need any of this for? I think they did a fine job pitching the value of smart contract / blockchain technology. But why do I, or a bank, or society need anything beyond those?

The tech may be useful, but what 99% of these discussions come down to is whether you think a decentralized currency and disintermediated payments system have value. I don't really see the need for the vast majority of society to have the former in the long run, and I think the latter is actively harmful and impractical. Like you pointed out, you're inevitably going to have these code failures, disagreements, etc. Those are basic failures of any human-designed and human-negotiated system. As far as those go, I still prefer to wager my business on the time-worn technology of English common law.

As far as the tech goes, yes, banks should get behind some of this. Their infrastructure is garbage and could well benefit from associations of private chains and the like.

[erikpukinskis]

> What do people need any of this for?

I can write an app for managing a business, fund it, and then walk away forever. Ethereum is a platform for hosting autonomous corporations.

[iamatworknow]

Is that something we want? Because it doesn't sound like something I want.

I like that there's some level of the human element in the personal transactions I conduct with businesses, and I don't think I'm alone given how hackneyed the joke about bypassing automated phone support systems has become. If something falls outside company procedures there's usually someone who can help me out by bending the rules or deferring to a superior who can make an exception, or at the very least explain why it can't be done. Empathy plays a role.

If the entire business transaction is automated sure, maybe the more mundane everyday processes run smoother, but if there's an exception that wasn't accounted for you're shit out of luck.

[kolinko]

> I like that there's some level of the human element in the personal transactions I conduct with businesses, and I don't think I'm alone[...]

I'm quite sure the same argument was being used by many brick and mortar stores at the dawn of e-commerce.

In certain businesses empathy matters, in many of them it doesn't. There are also businesses that would never be built without the blockchain - and that's the most interesting part.

[iamatworknow]

>I'm quite sure the same argument was being used by many brick and mortar stores at the dawn of e-commerce.

It was, but even then every e-commerce company has a chain of escalation that, at some point, ends at a human who isn't controlled by an algorithm. Setting your business logic and "walking away" as the original comment said wouldn't have that escalation path. If it does, then how is it much different from the way things work now?

[rocqua]

The main 'value' of ETH is in buying 'gas' for your smart contracts. Basically, you need ETH to use the Ethereum network.

So it makes more sense to view it as a commodity.

[RichardHeart]

I've been in crypto since 2011. If critical mass/adoption/press/uptime/wallets/ matter to you, then there's you know what. The problems ETH has had would be predicted by anyone looking at their choices. They will continue to have the same problems for the same core reasons. Good news for people long ETH though, it seems the market doesn't really care about the downtime, or forks, or risks of dual codebases or the halting problem of turing comleteness in smart contracts. Hell, they dont' even care about user wallet adoption, or retailer adoption, so, it would seem that the price can just keep going up without really hitting any of the metrics other crypto's have cared about.

[nicksdjohnson]

> 1. The halting problem states you can't predict what a turing complete program will do, until you run it. This means to some degree, that you can't predict what your "smart" contract will do, until it does it. Thus turing completeness causes security to be far, far harder than non turing completeness. This is how you lose the millions of dollars as the DAO did after it passed audits.

While others have pointed out that this is wrong, it's worth amplifying: Turing machines are deterministic. You can run the contract locally and observe how it behaves, and it will behave the same way in the same environment elsewhere. If this wasn't the case, you couldn't have consensus at all.

> 2. Competing implementations of consensus code in different languages greatly increases breakdown of consensus. (more millions have been lost over this, and it created a fork at about 10 percent the value of the old chain.)

The DAO hard fork had nothing to do with a consensus failure. There's been one single short-lived mainnet fork due to a consensus issue, which was quickly resolved with - to the best of my knowledge - no financial loss.

[jude-]

> While others have pointed out that this is wrong, it's worth amplifying: Turing machines are deterministic. You can run the contract locally and observe how it behaves, and it will behave the same way in the same environment elsewhere. If this wasn't the case, you couldn't have consensus at all.

"Deterministic" != "feasible to reason about halting states for all inputs." Running it locally to see how it behaves for a handful of inputs is definitely not sufficient for claiming that the code behaves correctly (i.e. is "secure").

Recall that people lost money in the DAO not because they didn't test how the DAO behaved when they sent their Ether to it. They lost money because someone discovered the contract as implemented did not behave the way it was expected and advertised to behave. Had it been possible to reason about the DAO's halting states for all possible inputs, the re-entrance bug would have been caught and fixed before the DAO was released.

[nmca]

Formal analysis will help sort this out. Larry Paulson trained up these guys: https://www.imandra.ai/

And similar tech can be applied to smart contracts. Would have spotted the DAO bug. Not ready for prime time yet, but will be around the same time as sharding maybe...

[jude-]

That's much easier said than done. If formal methods were practical, we'd be using them already everywhere else.

[jaibot]

I routinely pay for things with ethereum - and if the target only accepts btc, then I can just shapeshift.

The "Halting Problem" is a red herring here - eth transactions are technically not Turing complete since they automatically halt when they run out of the finite supply of ether attached to the transaction. Saying that ethereum isn't feasible because of the halting problem is like saying cars aren't feasible because an object in motion stays in motion - there are countless practical ways to manage it, and if nothing else stops you, in the end you'll definitely run out of gas.

[mikejarema]

Here (and when I see people generally using the term) is the meaning of "shapeshift" simply that you go to shapeshift.io and exchange from one cryptocurrency to another?

[jaibot]

Yup!

[m3ta]

Theoretically ETH can easily replace bitcoin as a payment method for anything that can be bought with BTC currently. I would imagine some people investing in ETH are expecting that to happen.

[geppeto]

You can buy ICOs with eth.

Did you ever consider that the currency part of cryptocurrency was a misnomer and has nothing to do with the value of the asset?

[leashless]

To be fair, BTC had a lot of problems in the early years too.

And note I'm trying to be technology agnostic as we build out the VC firm and the Internet of Agreements organisation - I am not of the opinion any of these systems are going to scale cleanly. I think we will need to go back and build it from scratch on an abstraction like pi calculus and work it up from there, not try to accelerate the Proof of Work systems by increments.

Only time will tell, though. I'm flexible on this.

[Jenya_]

Vitalik Buterin (founder of Ethereum) and his tweet about Turing completeness (now I only need to understand what a "rich statefulness" is):

https://twitter.com/VitalikButerin/status/854271590804140033