If 51% of the miners decide to fork, I think I will follow the majority and support the fork to get back the money from the attacker.
Satoshi had a term for that, he called it attacking the network: As long as a majority of CPU power is controlled by nodes that are not cooperating to attack the network ... - Satoshi Nakamoto (bitcoin.pdf) So, no, there has been no "hack" or "attack" so far, but Vitalik, Tual, and their cronies are working on one. Soft forks are 51% attacks. At best, when done for relatively-benign upgrade purposes, they demonstrate a vulnerability of the network and should still raise some level of concern that the developers and miners are able to conspire to pull off a 51% attack. When done transfer control over coins, that is outright theft. Smooth if forks are authorized by a protocol that was designed in the coin from the start, i.e. an ability to vote on changes by stake holders for a PoS coin (e.g. DASH), then that appears to not be a 51% attack. But otherwise I agree with you, and when you have the same group of devs from the ICO able to control the politik then they are essentially running the enterprise. There is a grey area where someone from the outside creates a fork and the users and miners spontaneously decide to switch over to it. This can be argued to be a feature of decentralization and open source, and necessary to correct deficiencies. Yet it is still a 51% attack. If done with proof-of-burn, then it is not a 51% attack. But your analysis of the issues here seems to be oversimplified because the law interacts with all this to create more complex scenarios. Please read this: https://bitcointalk.org/index.php?topic=1517223.msg15271289#msg15271289I'm not really sure that "authorized voting forks" are even compatible with Satoshi's original design at all. He wrote that the nature of the system required that its core properties be set in stone forever. Probably the ideas of governance and voting were considered by Satoshi(s) during the years of development, as they are pretty obvious ones to consider. A reasonable conclusion (and one I have reached somewhat independently) is that "set in stone" is required because there is no good way to differentiate between good changes and bad changes. Allow changes (e.g. by "voting") and the structure collapses in on itself. Limited time to read or comment more, will do so later. You are raising the point that PoS has security flaws, but I was treating that as an orthogonal concern. |
|
|
|
What is a DAO? In a normal corporation, the investors delegate control to a board of directors and the board decides whether to retain profits or pay dividends and hire/fire the CEO. In DAC/DAO/DO, the investors actively vote on issues. The distinctions between those three have to do with the structure of this control... Let's first review Vitalik's chart below: Notice on "Internal Capital" table, the horizontal line separating "Automation at the center" at the top from "Humans at the center" at the bottom is labeled "DO" for decentralized organization, because "DO" is decentralizing the "Humans at the center" but not automating the decisions of protocol at the center controlling the "Human at the edges" (where edges means who do the work). And the vertical line separating "Automation at the edges" on the left from "Humans at the edges" on the right is labled "Tools" because they are doing the majority of the work but not automating (thus still requiring human workers for) their operation. You can see that table is quite insightful and abstract. This is an example of why people think of Vitalik as genius. But it is all quite obvious if one were to sit down and think about deeply for a while as obviously Vitalik did.
Now I am going to demonstrate ( in a very sleepless and almost delirious mental state so please excuse the low quality of the prose) I am an abstract forward/deep/paradigm-shift thinker similar (but different of course) to what some people observe/praise about Vitalik. It is on the term "autonomous" that Vitalik's taxonomy gets murky (muddled) as he admits. It appears that Vitalik conflated "automation" with "autonomy". It appears that Vitalik thinks that we require automation in order to obtain autonomy. Here is the insight that occurred to me in the past 48 hours or so ( the days have all run together). Whereas, I am thinking the autonomy attribute is applicable to the "humans in the center" involved in the control. In other words, DVCS open source enables each human participant to be autonomous because each can have their own individualized repository. Automation has nothing to do with it. The key technological breakthrough for DVCS was the relative changeset logic, using a hash to identify changesets, and storing the repositories locally, which isn't automation but rather a protocol for destructuring to increase degrees-of-freedom, i.e. removing hierarchies. So whereas for Vitalik the distinction between a "DAO" and a "DO" is the former has complete A.I. automation over all decisions controlling the humans at the edges, i.e. like a master 1984 enslavement computer, I rather conceive that the "DAO" as destructuring (perhaps even automated) protocol which enables humans at the center to be autonomous. And the "DO" is many decentralized humans in the center, but they are bound together with less degrees-of-freedom in the structure enforced by the protocol that governs (i.e. by-laws for) their organization. For example, my understanding of DASH's protocol for stakeholders is limited, but I assume it is based on a majority vote and there is no way to opt-out other than to sell your stake (unstake your masternode deposit), and thus the humans in the center controlling it are not really autonomous, thus DASH is a "DO" not a "DAO". And The DAO wasn't autonomous either and that was its critical flaw (other than the bug that enabled theft of funds) in that individual humans could not autonomously elect projects (and splitting had flawed game theory), so it couldn't be anything more than a power vacuum (slush fund) with spoils to whomever could win in the voting game theory. The DAO was worse than if the participants had invested in individual projects separately, thus the only purpose of the DAO was a game theory around controlling the pooled funds. No individual autonomy for the investors. The Ethereum and DAO developers appears to be so strongly into automation ( and creating a master 1984 enslavement system? or is this just their Millennials Warcraft game A.I. culture?), that they built a DAO which was less autonomous than if each investor invested in projects separately from the DAO. A Dash consultant Ira Miller wrote something similar but with different conclusions to mine: https://medium.com/@gitguild/not-too-late-for-humans-to-save-ethereum-2f42f5fdfb75Vitalik goes on to compare DAO to Dan Larimer's DAC, with the key difference being that profits are not retained in the latter. Retaining profits in the collective pool lowers autonomy, so actually DAO = DAC except when it is a non-profit. Vitalik seemed to think retaining profit (i.e. the organization is profitable) is non-profit if the profits aren't distributed back to the humans at the center. Whereas, I think the distinction is that retained profits indicates a "DO" because the stakeholders are no longer empowered to take their capital away except by selling the token which is not the same because liquidity of the float is not the same as distributing profit, i.e. 20% of the stakeholders can't sell their tokens at once to protest a vote of the majority. The DAO offered a split feature but the game theory was flawed. I have more to write when I am not so delirious from lack of sleep. This is just a first draft to get some of my ideas written down. I'll need to expound on the differences between Ira Miller's perspective and mine. |
|
|
|
Anyone know more about the author's background? Any LinkedIn? I am curious because he said he works for DASH. I was in the midst of writing a similar post ( here is the post), but with somewhat different conclusions. |
|
|
|
No. He seems too bright to risk a perms-ban. It can't be him.
There are so many TPTB inside of TPTB, you'll never know which one you are dealing with. The red or blue pill. It's your decision. I can only be the matrix, I can't take your free will without your choice. |
|
|
|
If 51% of the miners decide to fork, I think I will follow the majority and support the fork to get back the money from the attacker.
Satoshi had a term for that, he called it attacking the network: As long as a majority of CPU power is controlled by nodes that are not cooperating to attack the network ... - Satoshi Nakamoto (bitcoin.pdf) So, no, there has been no "hack" or "attack" so far, but Vitalik, Tual, and their cronies are working on one. Soft forks are 51% attacks. At best, when done for relatively-benign upgrade purposes, they demonstrate a vulnerability of the network and should still raise some level of concern that the developers and miners are able to conspire to pull off a 51% attack. When done transfer control over coins, that is outright theft. Smooth if forks are authorized by a protocol that was designed in the coin from the start, i.e. an ability to vote on changes by stake holders for a PoS coin (e.g. DASH), then that appears to not be a 51% attack. But otherwise I agree with you, and when you have the same group of devs from the ICO able to control the politik then they are essentially running the enterprise. There is a grey area where someone from the outside creates a fork and the users and miners spontaneously decide to switch over to it. This can be argued to be a feature of decentralization and open source, and necessary to correct deficiencies. Yet it is still a 51% attack. If done with proof-of-burn, then it is not a 51% attack. But your analysis of the issues here seems to be oversimplified because the law interacts with all this to create more complex scenarios. Please read this: https://bitcointalk.org/index.php?topic=1517223.msg15271289#msg15271289 |
|
|
|
Well, he would lose in court and I personally never received a "cease and desist letter." If it forks, it's the community that's forking it....he'd have to send everybody a "cease and desist." And, the intent of the contract is what will take precedence in a court and it was obviously not intended for the exploiter to steal all our funds. Maybe he'd get one count of wire fraud per investor frauded....He should take the profits from his ETH short and run before a hot curling iron introduces his butt hairs to a perm, IMHO!
How would he lose? He did avid by the rules of the DAO smart contract, he did not modify anything as far as I know, so being strict the definition of decentralized smart contract, he did not do anything illegal... very tricky scenario. The argument is there is no one the court could pinpoint to enforce such a ruling on. The miners, exchanges, users, and devs would all play a role in the community outcome, yet no one can be identified as responsible for that outcome. Whereas, if the developers and foundation push for a fork and politik for a 51% attack on the protocol, then the attacker potentially accuse them of being in control of the enterprise and sue them. So that is why I say it is very risky for them to fork. OTOH, if they don't fork, they might be vulnerable to a class action suit from the n00bs who had their ETH taken from them by the "smart" (too smart = dumb) contract. This is why I made a thread to ask if the developers who have promoted this so carelessly without conspicuous warnings, could be in deep legal trouble now? They appear to me perhaps the easiest to target with a lawsuit, but IANAL so I am pondering what is their risk? But note the "attacker" may have committed an illegal action or at least violated contract law, so in that case is unlikely to reveal identity and sue. Thus I was thinking the safest is to fork, but that has the risk of the n00bs potentially accusing them of being in control of the coin and class action sue them for the exchange rate losses. So it seems those who created and promoted ETH and DAO (without sufficient warnings of risks) may have a legal quagmire, but IANAL so I am just hoping they have retained adequate counsel. Bitcoin is an interesting case here. In general, it seems to be much closer to a DAO than a DO. However, there was one incident in 2013 where the reality proved to be rather different. What happened was that an exceptional block was (at least we hope) accidentally produced, which was treated as valid according to the BitcoinQt 0.8 clients, but invalid according to the rules of BitcoinQt 0.7. The blockchain forked, with some nodes following the blockchain after this exceptional block (we’ll call this chain B1), and the other nodes that saw that block as invalid working on a separate blockchain (which we’ll call B2). Most mining pools had upgraded to BitcoinQt 0.8, so they followed B1, but most users were still on 0.7 and so followed B2. The mining pool operators came together on IRC chat, and agreed to switch their pools to mining on B2, since that outcome would be simpler for users because it would not require them to upgrade, and after six hours the B2 chain overtook B1 as a result of this deliberate action, and B1 fell away. Thus, in this case, there was a deliberate 51% attack which was seen by the community as legitimate, making Bitcoin a DO rather than a DAO. In most cases, however, this does not happen, so the best way to classify Bitcoin would be as a DAO with an imperfection in its implementation of autonomy.
|
|
|
|
Makes me a few hundred $$/mo. so I'm happy. It's a terrific investment for long term strategies.
If you are willing to share this, how much DASH do you have staked/deposited in order to get that ROI? |
|
|
|
I haven't studied the specific vulnerability in this case[1], but I think it has to do with the contract code doing mutability aliasing on global state. So this is an issue of synchronizing mutability aliasing. For example, imagine if some intended to be atomic operation[1] of a check for sending of ETH out of the contract had not set a global count of sent before some recursion which enabled sending more ETH out, thus exceeding the threshold. So the Reddit post seems to be somewhat clueless about the actual issue. Functional programming and static typing is orthogonal to the issue of dealing with global state and mutability aliasing. I had just finished analyzing this issue at the Rust-lang forum and in my private discussion with keane recently. Although Rust can statically check mutability aliasing, this is restricted to disjoint data structures. We concluded that some semantics can't be modelled with a static checker. Mutability aliasing is thorny issue and I am not familiar enough with Coq to know if it can model it. I would need to really dig into the details of this and study it before I can comment with high degree of confidence. |
|
|
|
so how can you shut down a decentralized autonomous organization?
Do you know any decentralized autonomous organization ? I don't .. Yes, DASH.org. The first DAO. The difference: Marketing that feature is taking a backseat to development. Doing it right I'd say. DASH does seem to be a functioning DAO where D is distributed but sure if it is decentralized control. The stakeholders apparently vote on the actions or management of the development of the open source. The stakeholders apparently approved to have % of the mining rewards paid to a foundation which then distributes the funds according to projects approved by votes of the stakeholders. However what is not clear to me is to what degree this is all enforced by smart contract protocol or done manually by the foundation. There are allegations however that the distribution of the DASH tokens were highly concentrated by an alleged instamine and subsequent masternode ROI scheme which may have further concentrated the tokens held by the core insiders. But I don't know if anyone has been able to prove conclusively that DASH is not really decentralized, although the suspicion is apparently strong amongst some especially Monero supporters. |
|
|
|
so how can you shut down a decentralized autonomous organization?
Do you know any decentralized autonomous organization ? I don't .. Yes, DASH.org. The first DAO. The difference: Marketing that feature is taking a backseat to development. Doing it right I'd say. DASH does seem to be a functioning DAO where D is distributed but sure if it is decentralized control. The stakeholders apparently vote on the actions or management of the development of the open source. The stakeholders apparently approved to have % of the mining rewards paid to a foundation which then distributes the funds according to projects approved by votes of the stakeholders. However what is not clear to me is to what degree this is all enforced by smart contract protocol or done manually by the foundation. There are allegations however that the distribution of the DASH tokens were highly concentrated by an alleged instamine and subsequent masternode ROI scheme which may have further concentrated the tokens held by the core insiders. But I don't know if anyone has been able to prove conclusively that DASH is not really decentralized, although the suspicion is apparently strong amongst some especially Monero supporters. |
|
|
|
|
please note the correction of the thread name above.
|
|
|
|
Wow. TPTB seems to have many adherents to do his talking for him. How can so many people be in his mind and know his thoughts? He must be very transparent in his enigmatic sort of way.
 |
|
|
|
Yeah just that you cannot legally give away stolen funds...so the miners would make themselves legally vulnerable.
Vulnerable to what, a lawsuit? That's about as fanciful as the idea the daoattacker will sue the Ethereum Foundation really. It would also bring in to question the whole legality and regulation (or lack thereof) of TheDAO. This doesn't mean I think they'll accept it of course. If mining is decentralized, I think it is impossible to enforce a court decision on the miners because new miners can pop up any where. You'd need some totalitarian total world control over the Internet and block the protocol. Doesn't seem plausible near-term in current state of the world. More likely any court decision would be enforced on the exchanges. New exchanges could pop up, but they can also be regulated. Perhaps any class action suit if any might attempt to name any of those prominant insiders who have profited by promoting and selling ETH such as Vitalik, Tual, etc.. I am not sure if a lawyer would advise that or not, and whether it could be successful. I hope they've retained counsel. Well, he would lose in court and I personally never received a "cease and desist letter." If it forks, it's the community that's forking it....he'd have to send everybody a "cease and desist." And, the intent of the contract is what will take precedence in a court and it was obviously not intended for the exploiter to steal all our funds. Maybe he'd get one count of wire fraud per investor frauded....He should take the profits from his ETH short and run before a hot curling iron introduces his butt hairs to a perm, IMHO!
How would he lose? He did avid by the rules of the DAO smart contract, he did not modify anything as far as I know, so being strict the definition of decentralized smart contract, he did not do anything illegal... very tricky scenario. The argument is there is no one the court could pinpoint to enforce such a ruling on. The miners, exchanges, users, and devs would all play a role in the community outcome, yet no one can be identified as responsible for that outcome. Whereas, if the developers and foundation push for a fork and politik for a 51% attack on the protocol, then the attacker potentially accuse them of being in control of the enterprise and sue them. So that is why I say it is very risky for them to fork. OTOH, if they don't fork, they might be vulnerable to a class action suit from the n00bs who had their ETH taken from them by the "smart" (too smart = dumb) contract. This is why I made a thread to ask if the developers who have promoted this so carelessly without conspicuous warnings, could be in deep legal trouble now? They appear to me perhaps the easiest to target with a lawsuit, but IANAL so I am pondering what is their risk? But note the "attacker" may have committed an illegal action or at least violated contract law, so in that case is unlikely to reveal identity and sue. Thus I was thinking the safest is to fork, but that has the risk of the n00bs potentially accusing them of being in control of the coin and class action sue them for the exchange rate losses. So it seems those who created and promoted ETH and DAO (without sufficient warnings of risks) may have a legal quagmire, but IANAL so I am just hoping they have retained adequate counsel. Bitcoin is an interesting case here. In general, it seems to be much closer to a DAO than a DO. However, there was one incident in 2013 where the reality proved to be rather different. What happened was that an exceptional block was (at least we hope) accidentally produced, which was treated as valid according to the BitcoinQt 0.8 clients, but invalid according to the rules of BitcoinQt 0.7. The blockchain forked, with some nodes following the blockchain after this exceptional block (we’ll call this chain B1), and the other nodes that saw that block as invalid working on a separate blockchain (which we’ll call B2). Most mining pools had upgraded to BitcoinQt 0.8, so they followed B1, but most users were still on 0.7 and so followed B2. The mining pool operators came together on IRC chat, and agreed to switch their pools to mining on B2, since that outcome would be simpler for users because it would not require them to upgrade, and after six hours the B2 chain overtook B1 as a result of this deliberate action, and B1 fell away. Thus, in this case, there was a deliberate 51% attack which was seen by the community as legitimate, making Bitcoin a DO rather than a DAO. In most cases, however, this does not happen, so the best way to classify Bitcoin would be as a DAO with an imperfection in its implementation of autonomy.
If 51% of the miners decide to fork, I think I will follow the majority and support the fork to get back the money from the attacker.
Satoshi had a term for that, he called it attacking the network: As long as a majority of CPU power is controlled by nodes that are not cooperating to attack the network ... - Satoshi Nakamoto (bitcoin.pdf) So, no, there has been no "hack" or "attack" so far, but Vitalik, Tual, and their cronies are working on one. Soft forks are 51% attacks. At best, when done for relatively-benign upgrade purposes, they demonstrate a vulnerability of the network and should still raise some level of concern that the developers and miners are able to conspire to pull off a 51% attack. When done transfer control over coins, that is outright theft. Smooth if forks are authorized by a protocol that was designed in the coin from the start, i.e. an ability to vote on changes by stake holders for a PoS coin (e.g. DASH), then that appears to not be a 51% attack. But otherwise I agree with you, and when you have the same group of devs from the ICO able to control the politik then they are essentially running the enterprise. There is a grey area where someone from the outside creates a fork and the users and miners spontaneously decide to switch over to it. This can be argued to be a feature of decentralization and open source, and necessary to correct deficiencies. Yet it is still a 51% attack. If done with proof-of-burn, then it is not a 51% attack. But your analysis of the issues here seems to be oversimplified because the law interacts with all this to create more complex scenarios. Please read this: https://bitcointalk.org/index.php?topic=1517223.msg15271289#msg15271289 |
|
|
|
Yeah just that you cannot legally give away stolen funds...so the miners would make themselves legally vulnerable.
Vulnerable to what, a lawsuit? That's about as fanciful as the idea the daoattacker will sue the Ethereum Foundation really. It would also bring in to question the whole legality and regulation (or lack thereof) of TheDAO. This doesn't mean I think they'll accept it of course. If mining is decentralized, I think it is impossible to enforce a court decision on the miners because new miners can pop up any where. You'd need some totalitarian total world control over the Internet and block the protocol. Doesn't seem plausible near-term in current state of the world. More likely any court decision would be enforced on the exchanges. New exchanges could pop up, but they can also be regulated. Perhaps any class action suit if any might attempt to name any of those prominant insiders who have profited by promoting and selling ETH such as Vitalik, Tual, etc.. I am not sure if a lawyer would advise that or not, and whether it could be successful. I hope they've retained counsel. |
|
|
|
Seeing how there was no attack but shitty code that allowed an observant individual to execute it as written
TPTB aka Anonymint had zero to do with it.
~BCX~
I bet you are wrong, only TPTB is smart enough to conduct such the hack. Oh, and probably Satoshi. Not hardly. It was plain as day in the code after Vitalik Buterin pointed it out in his post. The "exploit" was too well formed to have been just a bug. It was purpose built from the get go. Some one knew it was there the whole time. Strongly smells of an inside job. ~BCX~ TPTB was confident there was a bug in the SOL code, but he didn't take the time to try find it. Because he is not going to do something that will get his ass thrown in jail. TPTB doesn't have a vendetta against Ethereum. TPTB motivation is to earn $ in positive ways that help advance CC. TPTB is not a hacker from the dark side of the world. |
|
|
|
you sir do not understand why eth coin has value and will survive this. Eth coin still mines at a profit and is the cheapest way to mine BTC via simple sell your mined eth for btc.
please sir remember that intel, nvidia ,amd all desktop mining industry wants a good gpu mined coin that allows for discounts on your gaming gear.
The only thing I would concede is any gpu coin that turns a mining profit works for the above major companies so if a gpu coin comes out that is better then eth so be it miners will switch.
Is GPU mining the main reason that ETH has more value than Monero (which is more CPU mining friendly)  |
|
|
|
Luckily there is Common law. Contracts are all about consent; abusing a gap/hole/vulnerability in a contract is obviously non-consentual and thus illegal. Without such a legal framework, no contract in the world could exist. No contract is perfect.
Agreed. My father specializes in contract law, graduated top of his class at L.S.U. and was former West Coast Division Attorney for Exxon. I once was fretting over the fine print of a contract for a $205,000 license I sold for CoolPage in 2001, and he advised to not kill the contract negotiations because he said the court would not enforce a one-sided contract. So contract law interprets what is the intent, not just what is written in the contract. Do you mean the intent of the DAO is not to enrich somebody by $50 million by exploiting a hole in the coding? No. leopard2 and I mean that the intent of the DAO contract is roughly not to allow 1 user take all the value out without consensus voting. And contract law will likely enforce rule for that intent, regardless of an weakness in the code which prevents enforcing that intent. Edit: but note it is not clear whether the law could enforce it. |
|
|
|
So the miners having 51% mining power can decide the fork or any code any way. There is no moral hazard. There is no argument at all. You just need to convince the majority of the miners.
51% attack taking control of the protocol is not a hazard They could decide to increase the number of coins issued, install the ChainAnchor KYC on all transactions, etc.. |
|
|
|
He has inconsistencies in his logic. |
|
|
|
If the "attacker" offers to give back majority of the coins back, and he keeps a very small amount, I will oppose the fork.
So you might as well fork then, because this means for those future attackers that don't comply, you will support a fork. So if you represent the decision of majority hash rate, then no one can trust Ethereum to not 51% attack itself to fork the protocol. |
|
|
|
|
Show Posts
