|
|
|
|
|
|
by nicksdjohnson
3339 days ago
|
|
|
> 1. The halting problem states you can't predict what a turing complete program will do, until you run it. This means to some degree, that you can't predict what your "smart" contract will do, until it does it. Thus turing completeness causes security to be far, far harder than non turing completeness. This is how you lose the millions of dollars as the DAO did after it passed audits. While others have pointed out that this is wrong, it's worth amplifying: Turing machines are deterministic. You can run the contract locally and observe how it behaves, and it will behave the same way in the same environment elsewhere. If this wasn't the case, you couldn't have consensus at all. > 2. Competing implementations of consensus code in different languages greatly increases breakdown of consensus. (more millions have been lost over this, and it created a fork at about 10 percent the value of the old chain.) The DAO hard fork had nothing to do with a consensus failure. There's been one single short-lived mainnet fork due to a consensus issue, which was quickly resolved with - to the best of my knowledge - no financial loss. |
|
|
"Deterministic" != "feasible to reason about halting states for all inputs." Running it locally to see how it behaves for a handful of inputs is definitely not sufficient for claiming that the code behaves correctly (i.e. is "secure").
Recall that people lost money in the DAO not because they didn't test how the DAO behaved when they sent their Ether to it. They lost money because someone discovered the contract as implemented did not behave the way it was expected and advertised to behave. Had it been possible to reason about the DAO's halting states for all possible inputs, the re-entrance bug would have been caught and fixed before the DAO was released.