The DAO FAIL

[MySecondCunt]

It depends on whether he gets sued in a jurisdiction that goes with "the spirit of the contract" or "the letter of the contract".

That doesn't work for smart contracts: the whole spirit of the contract is to follow the letter of the contract. No exceptions.

The present theft is committed by exploiting a flaw in the coding. Is that also a letter of the contract?

If code is definitive (code is law), define the following:
"flaw in the coding"
"the spirit of the contract"
"jurisdiction"
ty

[Spoetnik]

@MySecondCunt
AGREED !
And love the name LOL

..rest of the Tards ?

..some FUD for YOU !
and some FUD for you..
Some FUD for you also !

No i did not forget about you too
..some FUD for you too.

[btc_zero_sum]

not sure if troll or for real, just like the "attacker letter", but because of this i need more popcorn




https://twitter.com/maguraaa/status/744161853891305473

[bones261]

@MySecondCunt
AGREED !
And love the name LOL

..rest of the Tards ?

..some FUD for YOU !
and some FUD for you..
Some FUD for you also !

No i did not forget about you too
..some FUD for you too.

Keep feeding this troll with FUD.



So tasty. ETH/DAO FUD is the best ever.

[LoyceV]

It depends on whether he gets sued in a jurisdiction that goes with "the spirit of the contract" or "the letter of the contract".

That doesn't work for smart contracts: the whole spirit of the contract is to follow the letter of the contract. No exceptions.

The present theft is committed by exploiting a flaw in the coding. Is that also a letter of the contract?

The coding is the contract, so by definition the coding is the letter of the contract.

[spartak_t]

Let's stick to the subject, which is:

[CjMapope]

ROLF Signed message from the ethereum "hacker" http://pastebin.com/CcGUBgDG Eth = best scam ever

sig dosent validate =  nope

either way, i find it just funny OP "called it" basically. tho i never touched ETH for the reason i find WAY too many holes in solidarity,
DAO? meh, it was a way for stephan taul that greaseball to fund his slock.it (a dumb idea noone will admit) so o well, RIP good riddance imo

[iamnotback]

ROLF Signed message from the ethereum "hacker" http://pastebin.com/CcGUBgDG Eth = best scam ever

sig dosent validate =  nope

either way, i find it just funny OP "called it" basically. tho i never touched ETH for the reason i find WAY too many holes in solidarity,
DAO? meh, it was a way for stephan taul that greaseball to fund his slock.it (a dumb idea noone will admit) so o well, RIP good riddance imo

Verify it with Keccak:

https://bitcointalk.org/index.php?topic=1517223.msg15273789#msg15273789

[CjMapope]

ROLF Signed message from the ethereum "hacker" http://pastebin.com/CcGUBgDG Eth = best scam ever

sig dosent validate =  nope

either way, i find it just funny OP "called it" basically. tho i never touched ETH for the reason i find WAY too many holes in solidarity,
DAO? meh, it was a way for stephan taul that greaseball to fund his slock.it (a dumb idea noone will admit) so o well, RIP good riddance imo

Verify it with Keccak:

https://bitcointalk.org/index.php?topic=1517223.msg15273789#msg15273789

o snap, your right. i fell victim to the SHA thought also, thx
hmm, now THAT makes this interesting, there's a sure chance miners could be profit motivated to vote to not fork wow im interested to see how this ends up in the next 30 days, hmmm.
i personally will vote for a fork, i understand it kills the decentralization, but can't help but agree that the attacker CANNOT be allowed to keep those funds. ETH is young, people forget that. shit happens

[LoyceV]

Let's stick to the subject, which is:

Nice summary to point at where it hurts.
The more I think about it, the more I believe smart contracts end here! Raising 174 million dollars from people who don't understand the contract clearly shows it's not possible to understand a contract. It's kinda like most people don't understand (or even read!) the full terms of their mortgage, but at least that is covered by conventional law, and banks have been fined for misleading consumers.
The smart contracts are in a way like Open Source Software: most users don't check it, assuming someone once in a while has a look at the source. For the smart contract, that "someone" turned out to be "The Attacker". He looked at the source, found a "feature" nobody knew about, and decided he'd take 50 million bucks. Even if he wouldn't have taken the money, someone else would have, as the Smart Contract can't be changed.
Who here has ever read the actual "The DAO's Smart Contract"? I tried to Google it but can't even find it. There's an explanation but that's not the actual code.
Even if you did read and fully understand the Smart Contract, would you want your money to be in the hands of a voting system that gives decision power to people who don't understand the contract?
For these reasons it's now my opinion Smart Contracts failed before they were even really used.

Blockchain Company's Smart Contracts Were Dumb:

The descriptions didn't matter; only the code did. The descriptions didn't allow for today's hack, but the code did. (By definition! If the code could be hacked, the code allowed for the hack.) Any vulnerabilities in the DAO's code were not flaws in the code; they were flaws in the descriptions -- which were purely for entertainment purposes.

[coinyard]

ROLF Signed message from the ethereum "hacker" http://pastebin.com/CcGUBgDG Eth = best scam ever

sig dosent validate =  nope

either way, i find it just funny OP "called it" basically. tho i never touched ETH for the reason i find WAY too many holes in solidarity,
DAO? meh, it was a way for stephan taul that greaseball to fund his slock.it (a dumb idea noone will admit) so o well, RIP good riddance imo

Verify it with Keccak:

https://bitcointalk.org/index.php?topic=1517223.msg15273789#msg15273789

o snap, your right. i fell victim to the SHA thought also, thx
hmm, now THAT makes this interesting, there's a sure chance miners could be profit motivated to vote to not fork wow im interested to see how this ends up in the next 30 days, hmmm.
i personally will vote for a fork, i understand it kills the decentralization, but can't help but agree that the attacker CANNOT be allowed to keep those funds. ETH is young, people forget that. shit happens

I am a miner. The hacker can keep 1,000 Ethereum to himself and return the rest to the community. If he does that, I will vote no. Otherwise, I will vote for the fork.

[hv_]

Predictable.

There is no real usecase for ETH, no real killerapp, but a big shiny hype.

DAO was just the bubble of the bubble, rushed in to ride the hype without good review.

People should always think of risks, but be free to invest at last.

[toknormal]

On balance, if I were Ethereum, I'd probably just leave it alone.

The investor bailout option is fraught with greater moral hazard than the non-bailout option because you're setting a precedent where stuff gets rolled back because the community didn't like it.

Kind of gives the blockchain the feel of a toy. A game of monopoly that's not real where you can just go back a few moves and scrub out history if you didn't like what happened.

People can argue all day about the practical implications but it's the symbolic implications that are of far greater significance to the future. If the fork goes ahead I doubt any serious big hitter contract users will ever touch this technology.

[toknormal]

...also, the 3.5 M Ether is better off in the hands of the "attacker" who seems a clever sort of chap than being returned to the DAO investors who will probably just dump it.

[anthonydar]

...also, the 3.5 M Ether is better off in the hands of the "attacker" who seems a clever sort of chap than being returned to the DAO investors who will probably just dump it.

I will vote for the 3.5 million to be returned to the original DAO holders. He can keep 280 Ethereum. If more, I will support hard fork.

[toknormal]

I will vote for the 3.5 million to be returned to the original DAO holders. He can keep 280 Ethereum. If more, I will support hard fork.

That will kill the whole veracity of smart contracts for evermore and migrate the rot to the entire Ethereum coin supply.

The people who should take the hit for this are the DAO investors. They took a risk and lost. If the blockchain does not properly reflect that fact then you have a useless technology which will be valued accordingly.

[toknormal]

P.S. In crypto, there are no "rightful owners".

Contrary to the banking credit world where posession and ownership are distinct, in crypto, ownership is unambiguously defined by possession. That is a cardinal quality of the blockchain that asserts its role as "bearer instrument".

If the mining community acts to disaffirm this principle - albeit in a meta currency layer - it will create an ambiguity that will haunt Ethereum for the rest of its existence IMO.

The lesson to be learned here is that Ethereum blockchain and Ethereum (Solidity) applications are distinct entities with distinct levels of reliability. If I write a piece of code in solidity (say to develop a coin) and I f*ck it up and loose my investors money does that mean I can get the Ethereum foundation to do a rollback and cover my a*ss ?

If not, why not ?

[sadyas]

P.S. In crypto, there are no "rightful owners".

Contrary to the banking credit world where posession and ownership are distinct, in crypto, ownership is unambiguously defined by possession. That is a cardinal quality of the blockchain that asserts its role as "bearer instrument".

If the mining community acts to disaffirm this principle - albeit in a meta currency layer - it will create an ambiguity that will haunt Ethereum for the rest of its existence IMO.

The lesson to be learned here is that Ethereum blockchain and Ethereum (Solidity) applications are distinct entities with distinct levels of reliability. If I write a piece of code in solidity (say to develop a coin) and I f*ck it up and loose my investors money does that mean I can get the Ethereum foundation to do a rollback and cover my a*ss ?

If not, why not ?

Miners are there to protect the integrity of the monetary system. If the thief cannot be caught in the real life, then we have to take back our money with a fork.

[gilangIDR]

This incident makes eth falling down. at the beginning we are sure eth could be a successor bitcoin. however, now that hope seemed to disappear. most of the coins had been taken by an unauthorized person.

[toknormal]

Miners are there to protect the integrity of the monetary system. If the thief cannot be caught in the real life, then we have to take back our money with a fork.

You will also have to pay the price of doing that which will be to have undermined one of the technology's core properties for evermore and make it toxic for any future serious players.

Bitcointalk is one thing, where people are aware of the subtleties of the background to this case. Major investors who have never heard of "smart contracts" up till now will not touch it with a bargepole once they learn that immutability can be compromised in this way - whether by mining consensus or in any other strategy. Your job as a miner is to consolidate history, not rewrite it.

Further, instead of confining the loss to DAO investors where it belongs, you will now be imposing it upon the entire Ethereum holder community.

Best to study historical precedents in this area:

http://www.coindesk.com/bitcoin-protected-vericoin-stolen-mintpal-wallet-breach/