If you’ve ever written code, and if you’ve ever written a bug, then you will understand that code as law is terrible idea, especially when it comes to finance.
Yikes. Wasn't aware of that one. Thanks for sharing it.
I like smart contracts but you really have to be super careful with them, and ideally they should all be audited by a third party before launch, to help catch stuff like this. But even that's not a guarantee crap like this won't happen sometimes.
1) Upgradeable - where an authority has the right to replace the live contact at any time and rug-pull everyone. That's not trustless, and it's no better than running an app in AWS.
2) Non-upgradeable - where you simply have a self-funding bug bounty waiting to get popped. Even if they're audited.
They're not smart, and they're not interesting, to me anyways.
Re: Upgradeable contracts, there is often some governance method that removes the power from just one person, but there's usually also a time-delay, so that in theory at least, users of the contract can see that an upgrade has happened and remove their interaction with it if they don't like the new contract.
This is quite different from having money in a bank where policy changes and government seizures or freezes may happen without warning.
If there's some actual benefit, then crappy code that can be iterated is fine. Anything you do today with computer code was likely done worse in the past with worse code.
So what is the actual benefit of "peer-to-peer lending and pooled lending" that blockchain technology provides that makes it worth iterating through these early mistakes?
I'd guess the answer usually involves dodging regulations in some way. Which isn't blockchain specific, lots of 'innovations' in tech or business are basically workarounds that let you dodge taxes or regulations or exploit externalities.
The whole point of the legal system is that whilst it's defined as clearly as possible, there is always going to be some flexibility and interpretation, and a human element, so if someone finds a technical loophole but is clearly defrauding everyone they can still be put in jail. Of course, it isn't perfect, but the idea of law being absolute (as in code is law) is absurd as we lack the capability to consider every eventuality when we release code.
Yeah, but it's the absolutism that's the issue, not the buggy code.
When designing automated replacments for any business process you have to deal with the same 'exceptions'. You could just accept "computer says no" as the desired outcome in exchange for the efficiency, and let hackers take your money because "hey, they beat the system! It's theirs now" but that's a choice, not a limitation of the tech itself. Unless the tech's only benefit is that "computer says no" or "hacker took your money" is final, which doesn't actually sound like a benefit.
The problem is that if you allow overrides in the computer absolutism, corrupt governments will use these overrides to their benefit. And you’re back to the square one.
If the government is corrupt, then you've got problems regardless.
The general solution to this issue has been more and better democracy, which despite a lot of effort being spent undermining it, still seems to be the best solution available today.
I am a laymen who is skeptical of cryptocurrency tech, mostly because of what I'm seeing (hype, greed, fomo, and apparently no real use-cases).
If... crypto were to be able to reverse transactions... would that completely undermine the whole point of it and make it look absolutely stupid?
Do you think the solution to irreversible transactions would be to then have some kind of algo that would then send back a mistaken transaction after getting checked by some intermediary checkpoint? Would that then make the whole point of cryptocurrency also completely pointless?
What on earth are people dumping resources into all this as digital currency or even investment/ speculation vehicles if they don't address the irreversible transaction part, or try to compensate for it somehow? It seems utterly anxiety inducing otherwise, where you'd have to quadruple check, then quadruple check again, and then sleep on it and then quadruple check 4 more times before you do any kind of sizable transaction.
> It seems utterly anxiety inducing otherwise, where you'd have to quadruple check, then quadruple check again, and then sleep on it and then quadruple check 4 more times before you do any kind of sizable transaction.
That's mostly due to transactions being non-interactive. If the receiver has to prove their ability to spend the received funds before being allowed to receive them, then most of this anxiety disappears. Certain blockchain designs require transactions to be interactive in this way.
> If the receiver has to prove their ability to spend the received funds before being allowed to receive them
If I want to send you some crypto money in exchange for you mowing my lawn, how do you prove that you can spend the received funds? And if I accidentally send it twice, why would I care that you can spend them twice, unless I have some way to compel you to send half back?
> how do you prove that you can spend the received funds?
You prove it by producing a partial signature for the transaction (a transaction essentially requires a multisig by both sender and receiver).
> And if I accidentally send it twice
You couldn't send it twice because the transaction consumes an input utxo. Paying twice would require two different transactions with two different multisignatures.
> You prove it by producing a partial signature for the transaction (a transaction essentially requires a multisig by both sender and receiver).
Oh, ok, I misunderstood what this meant.
> You couldn't send it twice because the transaction consumes an input utxo. Paying twice would require two different transactions with two different multisignatures.
This assumes the receiver is trust-worthy, that they counter-sign the transaction if it was accidental. So if I accidentally pay twice for a single item, the seller can just sign both transactions and send me only one item, and I can't do much about it. Of course, they can also send 0 items, which is why blockchains can't secure transactions in a useful sense - you need the law and insurance and other social mechanisms for that.
I don't know exactly what you mean by 'code as law', and I'm sure there are extremists that think smart contracts make law obsolete, but they are just wrong. Fraud via smart contract is still fraud. Theft via smart contract is still theft.
There's nothing about having automatic processing of transactions that means you get to just ignore the legal system in your country.
And that's fine, proper and good. Automatic processing of complex transactions is phenomenally useful, even if it doesn't make legal systems obsolete.
Simplest example - with smart contracts transacting assets where the canonical record of ownership is on the blockchain, you can have a smart contract act as escrow for you, making sure that the transaction happens atomically without having to pay someone to hold the assets for you and release them once they have both. It is a better, more efficient solution than any that the traditional financial system has been able to come up with.
In fact, it is exactly linking the legal world and the blockchain world that means that you can apply some of the same benefits of immediacy and atomicity to more assets in the real world. All that is needed is for the legal system to recognise blockchains as the canonical record of ownership of real assets. The real world legal system makes blockchain technology more useful, not less.
With smart contracts there is only the code. There is no external trusted documentation that says what the intention of the code is. If the contract allows for an action to occur, then that action is permissible.
It's the old quote taken to an extreme, "The good news about computers is that they do what you tell them to do. The bad news is that they do what you tell them to do."
If there is a 'bug' that allows anybody to empty a smart contract, well it turns out that you were just hosting a complex coding competition with a prize.
> There is no external trusted documentation that says what the intention of the code is.
Working out what both parties intended a contract to mean and what it should mean, sometimes in contradiction of what it actually says is exactly what the legal system does.
You can't evade the legal system by writing your contract in a different form. Weirdly I think this idea comes from thinking law is code when it isn't.
A judge is supposed to read the smart contract source code and determine the intent?
The parties are frequently anonymous and have never interacted outside of the publication the smart contract to the blockchain and another party interacting with it. There is no basis for determining intent besides the code itself.
Are you thinking that the contracts have analogs to legal contracts? Usually (exclusively?) they only mediate transactions and behavior that is contained within the blockchain itself. There isn't an exchanging of assets that exist externally to the blockchain like real estate.
Although I think crypto fanatics think that the world will trend that way. Truly programmable money has never existed before. If more of our monetary infrastructure migrates to blockchains it will be interesting to see how current contract law adapts and is applied.
If you want to argue with 'code is law' proponent, ask them how they feel about the DAO hack and ensuing hard fork of Ethereum. That was an interesting case where the ETH community as a whole decided that code was not in fact law.
>A judge is supposed to read the smart contract source code and determine the intent?
If it's hard for a judge, it's presumably also hard for anyone using the smart contract.
>There is no basis for determining intent besides the code itself.
I'll bet you any frequently used contract has an associated website.
Basically, conducting your business on a blockchain doesn't exempt you from the law. You - the squishy human at the end of the transaction - are not on the blockchain, and neither is the author of any smart contract you might use. As long as the law recognizes blockchain assets as valid consideration in contracts, contract law trumps blockchain law.
Does participation in a smart contract imply any kind of legal agreement? You're essentially interacting with an api/bot that's being hosted by whatever blockchain community at large. Anybody can publish anything, and any unrelated parties can interact with it.
Here's a thought experiment for you.
If I were to publish a public webpage where you entered a routing number into a textbox and money was immediately transferred from my account to the specified account for the purpose of sending money to a friend of mine, but somebody else found the website and entered their routing number and drained my account. Would I have legal recourse?
This is essentially the Parity wallet exploit. The API was only slightly more complicated than the example above, initWallet().
It's an interesting paradigm shift. If contracts are automatically enforced, what features of the existing legal system are obsolete? If monetary/financial contracts are completely logically unambiguous in their execution and there is no need to appeal to a designated wielder of physical force to ensure their execution...
I think that notion, which sounds unrealistic to me, is what appeals to lot of crypto absolutists. It fails in a lot of the ways that smart contracts currently struggle, how to computationally, and in an unbiased way, relate crypto to the world outside of the blockchain. A good example of this is oracles, which are so flimsy in so many situations.
As you said we don't exist on the blockchain, the physical world doesn't exist on the blockchain, so how can we do away with our existing systems for mediating disputes, determining intent etc?
> A judge is supposed to read the smart contract source code and determine the intent?
If necessary, they can call on experts to provide testimony in such cases. It's probably not necessary all that often though because there's usually more relevant auxillary information to help work this stuff out. Who wrote this smart contract? Why are the parties using it? What information persuaded them to use it? Was the outcome of using the smart contract different to what a reasonable person would have expected?
This is exactly what courts are for! The fact that some of the procedure of the interaction has been mechanised does not mean the participants get to ignore the law.
>All that is needed is for the legal system to recognise blockchains as the canonical record of ownership of real assets.
Then theft via smart contract can't be theft because it acted on the canonical record of ownership. This also causes tons of other problems. What happens if someone loses access to their wallet? Now there's a house that simply can't ever be sold?
> There is no external trusted documentation that says what the intention of the code is.
No, if someone fraudulently updated a canonical record of ownership, then the legal system can provide remedies. If it were me, I'd write the smart contract to enable corrections in case of a legal decision but that's at the choice of whomever sets up the smart contract that provides the canonical record of ownership.
Same situation for if someone loses their keys. All these problems can be solved with appropriately written smart contacts.
OK, so ... which courts of which legal jurisdictions can correct which contracts? Are courts in Guinea-Bissau allowed to correct contracts between counterparties in the US?
This stuff is all normal when you're dealing with international contracts - it's not like nobody thought of doing international deals before satoshi.
Some of the answers do depend on the specifics of course. If the asset being traded is US real estate for example I would expect the smart contract to be set up so it requires a US court decision to correct the register.
My point is that there's an entire subbranch of the law, generally called private international law, that has been created to deal with conflict of laws and jurisdictional issues. You're implying that there are simple deterministic rules to determine those kinds of questions but in fact it's a meta-problem.
A terrible idea, or just terrible in practice, and in particular with the current state of tooling and understanding etc.?
For every lawyer relishing a loophole there's surely another wishing for a more codified less ambiguous language than even Legalese English.
(I'm no cryptocurrency advocate, hold a small amount, have never written a 'smart contract', I just find it interesting and somewhat compelling. As an idea at least, yes I've written bugs.)
"If you’ve ever written code, and if you’ve ever written a bug, then you will understand that code as law is terrible idea, especially when it comes to finance."
If your argument is that there could be bugs in the code, then how is this different from the law today? The legal system is rife with abuses and injustices. It most certainly has bugs as-is.
^ you will understand that code as law is terrible idea, especially when it comes to finance.
Why are we relying on code for controlling Safety-critical system? e.g. Nuclear Reactors, Autopilot of aircrafts, docking of two separate free-flying space vehicles, and weapon of mass destruction launch and control machines. All of them use "code", is finance more critcal than systems which are kill capable.
Why are we relying on code for controlling
Safety-critical system? e.g. Nuclear Reactors
Because humans can't perform calculations quickly enough to compute math millions of times per second?
Computers work well when there are a finite set of fixed, quantitative inputs and outputs: if x < 20, do y
Many parts of law are a lot more complex and can't be reduced to such formulas. Suppose you're suing an employer for wrongful termination. They say your job performance sucked and that's why you were fired. You say it was a hostile workplace, and when you tried to point that out you were fired in retaliation.
Go write some code to evaluate that. Let us know when you're done. Should be pretty exciting. Hopefully we can retain all of the judges and lawyers now that they're not needed any more.
All of that code usually has a human override, and it can be turned off, fixed and upgraded. Also, it isn't (in the main) in the public and under constant probing attack.
In the cases of those I'm familiar with, most code in the system does not need to be bug-free for safety, and the code that does is kept simple and heavily reviewed at the binary level.
For most contacts, it is not financially feasible to use the techniques developed for safety-critical software.
Well, nuclear reactor use dumb electronics overrides, and each time an operation is done inside, each operation is done with human supervision. Override mechanisms are regularly tested and used. If your override is not dumb/simple enough, and you rely on code, you have the 380 max.
What are the override, who are the supervisors for cryptocurrency?