Bitcoin Forum
November 06, 2024, 04:19:18 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 2 [3] 4 »  All
  Print  
Author Topic: Valid uses cases for Smart Contracts, Dapps, and DAOs?  (Read 4692 times)
qwik2learn
Hero Member
*****
Offline Offline

Activity: 636
Merit: 505


View Profile
June 16, 2016, 07:30:30 PM
 #41

Distributed Identity Project Wins $20k Hackathon Prize at Distributed: Trade Conference
Quote
Also notable was that all of the winners – as well as several other participants – chose the Ethereum blockchain platform on which to develop their prototypes.
...
The judges assessed the projects on a number of criteria, including the relevance of the problem being solved to supply chain challenges, its use of unique features of blockchain technology, the commercial potential of the application, the technical feasibility of implementing the application in the real world and the quality of the presentation of the project.
Read more:
https://godistributed.com/articles/distributed-identity-project-wins-k-hackathon-prize-at-distributed-trade-conference/
iamnotback (OP)
Sr. Member
****
Offline Offline

Activity: 336
Merit: 265



View Profile
June 17, 2016, 11:49:00 AM
Last edit: June 17, 2016, 01:28:42 PM by iamnotback
 #42

tokeweed, it is always about the marketing...

My talent is that I am am adept at technology, people motivation, and economic theory. I can often combine those three into new paradigm shifts. I am still trying to create my first big paradigm shift in the altcoin arena. I think I may have finally discovered it last night while I was sleeping. I awoke and realized I have figured out the killer app for smart block chains that millions of investors and entreprenuers really need which can not be serviced by a centralized solution such as Seedr or Kickstarter! The key insight came from studying my own insight into the key macro economic flaw of The DAO.

So after some more thought and discussions, I realized that Vitalik, Dan Larimer, and Tual have incorrectly conceptualized the conceptual structure and algorithm of a DAO and this is the reason that the DAO has insoluble design flaws and game theory flaws.

https://steemit.com/crypto-news/@dan/is-the-dao-going-to-be-doa
https://blog.slock.it/a-primer-to-the-decentralized-autonomous-organization-dao-69fb125bd3cd
https://blog.ethereum.org/2014/05/06/daos-dacs-das-and-more-an-incomplete-terminology-guide/

Note Vitalik's conceptualization is actually not wrong, but too abstract and what The DAO codified is what I think is incorrect. I like Vitalik's chart except DAOs have humans in control ("in the center") but they are governed by protocol (which is probably what Vitalik means by "automation"):



(Lol, there is that Millennials culture again, "AI (holy grail)" as if replacing all humans is a good or even plausible goal. It is not even wrong.)

My ideas address all of Daniel Larimer's above linked criticisms of DAOs.

I am not yet ready to reveal specifically what I realized, but asap I will. The hint is that the problems derive around organizing a DAO as separate projects and the loss of individual investor control through pooling funds and voting. The concept of the DAO that remains in my idea is of individual investor control which is necessary to provide the legal structure which is arguably not an investment security (not depending on any other entity securing the expectation of gains) so as to avoid regulation of raising funds for new ventures and operating those ventures. Vitalik I think sort of captures my idea in his section Decentralized Autonomous Corporations about the difference between a DAO and DAC. I am thinking more of a DAC, yet still my idea is a DAO not a DAC.

I am now seeking out how I can implement this idea pronto.
Jacques21
Sr. Member
****
Offline Offline

Activity: 350
Merit: 250


View Profile
June 17, 2016, 12:04:33 PM
 #43

The only valid use case for the DAO so far has been to steal shitloads of ETH
iamnotback (OP)
Sr. Member
****
Offline Offline

Activity: 336
Merit: 265



View Profile
June 17, 2016, 12:13:36 PM
Last edit: June 17, 2016, 01:12:33 PM by iamnotback
 #44

The only valid use case for the DAO so far has been to steal shitloads of ETH

I just wrote about that:

So the hard fork to recover the ETH means Ethereum is not decentralized. It is a top-down controlled fiat system.

I don't know if "top-down controlled" is the right description, its more like a democracy where the majority can vote to strip the minority of its rights.

Democracy is a top-down structure because it is a winner-take-all power vacuum.

But I see a very valid use case to raise money for and remove regulation from raising investment money for ventures. And giving decentralized oversight to investors replacing the function of a Board of Directors.

Note I had predicted yesterday this disaster:

Btw I agree that there haven't been really serious achievements from altcoins. Ethereum is an unfinished and highly unpolished work, that doesn't yet have a killer app. The DAO is an unmitigated disaster in the making.
iamnotback (OP)
Sr. Member
****
Offline Offline

Activity: 336
Merit: 265



View Profile
June 17, 2016, 03:24:58 PM
 #45

A DAO can't be about having the crowd manage every day-to-day event. That is what entities hire other entities to do as managers:

Seems they have published their own security flaw and didn't close it

https://github.com/slockit/DAO/pull/247/commits/b7038eacdc3b8bb07cfb6cb8bcc98dba9e2c9302

They had 2 Pull Requests that attempted to address issue. Here is other one

https://github.com/slockit/DAO/pull/248

Seems that one was never merged as well.



It's been a known problem publically since June 9th. If I can find the link I'll edit this post.

Additionally (I could be wrong on this) the DAO requires two weeks of voting to correct such flaws.
aidia
Sr. Member
****
Offline Offline

Activity: 257
Merit: 250


View Profile
June 18, 2016, 09:06:36 AM
 #46

it is hype for scam purpose only

In the case of DAO, Slock.it, and Augur, then that seems to be the case. There is no valid use case which isn't game theory broken for those. Expect The DAO to eventually collapse in a massive clusterfuck of theft and waste with most losing their money. Wise people would get the hell out of The DAO as fast as they can, because the DAO is broken in the sense that you can be jammed from exiting.

Decentralized crowd funding might be viable.

Gotta love this, made my day Smiley
iamnotback (OP)
Sr. Member
****
Offline Offline

Activity: 336
Merit: 265



View Profile
June 18, 2016, 03:35:17 PM
Last edit: June 18, 2016, 04:05:20 PM by iamnotback
 #47

I will expound on this soon:

You people thinking ETH will bounce back are "cooked" like seriously.. denial much? they fucked up worse then anything i have ever seen in crypto.
the fact you even compare it to BTC's problems in the past is just ridiculous.
like reality check the exchanges are locked up and it has lost already .5 billion... in like 48hrs!

Companies (even multi-nationals and some oligarchies) steal and waste $trillions all the time. Nation-states also. The goals of decentralizing the behemoths is orders-of-magnitude more valuable than some $millions experimental losses along the way.


I am going to say it straightly, 0.05 BTC.

There is a panic now, you guys are not wrong, hard-soft fork, eth pos etc. bla bla bla.

But after the dust, eth will see an all time high. Sorry.

The DAO bad news is a big challenge to ETH. If this matter gets resolved, there is a good chance that ETH will continue its uptrend.

If this bad news drags on, there is a good chance this coin will follow the footsteps of Litecoin.

Unless something else replaces Ethereum as the leading marketcap for smart contracts, then Ethereum will recover as Bitcoin did after the decline to $7 or $1. Litecoin apparently lost its main raison d'etre which was those who were pumping BTC to $1200 needed a highly liquid coin to exit into and it had served as a home for displaced GPU miners when Bitcoin ASICs appeared.

This is assuming there isn't some insoluble technical issues, such as this one I opined about:

The only way it is fixed is by the ecosystem maturing and having a wide diversity of smart contracts (many of which have been well vetted) so that the failure of any one of them can't impact the ETH price significantly. And I think also Ethereum might have a problem where bad contracts can infect other contracts, so that may prevent the ecosystem from ever being NOT TOO BIG TO FAIL (I need to research this more).

I had an epiphany also it was not to touch that link with a ten foot pole.

I practically wrote the Ethereum Paradox thread, so you are preaching to a former member of your tribe.

I don't intentionally promulgate technological bullshit.

So be careful. I think there is something very important coming as a use case in the smart contract area. I will be writing more about this soon.
iamnotback (OP)
Sr. Member
****
Offline Offline

Activity: 336
Merit: 265



View Profile
June 18, 2016, 10:35:21 PM
 #48

so how can you shut down a decentralized autonomous organization?

Do you know any decentralized autonomous organization ?

I don't ..

Yes, DASH.org.  The first DAO. 

The difference: Marketing that feature is taking a backseat to development.  Doing it right I'd say.

DASH does seem to be a functioning DAO where D is distributed but sure if it is decentralized control. The stakeholders apparently vote on the actions or management of the development of the open source. The stakeholders apparently approved to have % of the mining rewards paid to a foundation which then distributes the funds according to projects approved by votes of the stakeholders. However what is not clear to me is to what degree this is all enforced by smart contract protocol or done manually by the foundation.

There are allegations however that the distribution of the DASH tokens were highly concentrated by an alleged instamine and subsequent masternode ROI scheme which may have further concentrated the tokens held by the core insiders. But I don't know if anyone has been able to prove conclusively that DASH is not really decentralized, although the suspicion is apparently strong amongst some especially Monero supporters.
iamnotback (OP)
Sr. Member
****
Offline Offline

Activity: 336
Merit: 265



View Profile
June 19, 2016, 02:04:19 AM
Last edit: June 19, 2016, 01:02:44 PM by iamnotback
 #49

What is a DAO?

In a normal corporation, the investors delegate control to a board of directors and the board decides whether to retain profits or pay dividends and hire/fire the CEO.

In DAC/DAO/DO, the investors actively vote on issues. The distinctions between those three have to do with the structure of this control...

Let's first review Vitalik's chart below:

https://blog.ethereum.org/2014/05/06/daos-dacs-das-and-more-an-incomplete-terminology-guide/

Note Vitalik's conceptualization is actually not wrong, but too abstract and what The DAO codified is what I think is incorrect. I like Vitalik's chart except DAOs have humans in control ("in the center") but they are governed by protocol (which is probably what Vitalik means by "automation"):



Notice on "Internal Capital" table, the horizontal line separating "Automation at the center" at the top from "Humans at the center" at the bottom is labeled "DO" for decentralized organization, because "DO" is decentralizing the "Humans at the center" but not automating the decisions of protocol at the center controlling the "Human at the edges" (where edges means who do the work).

And the vertical line separating "Automation at the edges" on the left from "Humans at the edges" on the right is labled "Tools" because they are doing the majority of the work but not automating (thus still requiring human workers for) their operation.

You can see that table is quite insightful and abstract. This is an example of why people think of Vitalik as genius. But it is all quite obvious if one were to sit down and think about deeply for a while as obviously Vitalik did.



Now I am going to demonstrate (in a very sleepless and almost delirious mental state so please excuse the low quality of the prose) I am an abstract forward/deep/paradigm-shift thinker similar (but different of course) to what some people observe/praise about Vitalik.

It is on the term "autonomous" that Vitalik's taxonomy gets murky (muddled) as he admits. It appears that Vitalik conflated "automation" with "autonomy". It appears that Vitalik thinks that we require automation in order to obtain autonomy.

Here is the insight that occurred to me in the past 48 hours or so (the days have all run together). Whereas, I am thinking the autonomy attribute is applicable to the "humans in the center" involved in the control. In other words, DVCS open source enables each human participant to be autonomous because each can have their own individualized repository. Automation has nothing to do with it. The key technological breakthrough for DVCS was the relative changeset logic, using a hash to identify changesets, and storing the repositories locally, which isn't automation but rather a protocol for destructuring to increase degrees-of-freedom, i.e. removing hierarchies.

So whereas for Vitalik the distinction between a "DAO" and a "DO" is the former has complete A.I. automation over all decisions controlling the humans at the edges, i.e. like a master 1984 enslavement computer, I rather conceive that the "DAO" as destructuring (perhaps even automated) protocol which enables humans at the center to be autonomous. And the "DO" is many decentralized humans in the center, but they are bound together with less degrees-of-freedom in the structure enforced by the protocol that governs (i.e. by-laws for) their organization.

For example, my understanding of DASH's protocol for stakeholders is limited, but I assume it is based on a majority vote and there is no way to opt-out other than to sell your stake (unstake your masternode deposit), and thus the humans in the center controlling it are not really autonomous, thus DASH is a "DO" not a "DAO". And The DAO wasn't autonomous either and that was its critical flaw (other than the bug that enabled theft of funds) in that individual humans could not autonomously elect projects (and splitting had flawed game theory), so it couldn't be anything more than a power vacuum (slush fund) with spoils to whomever could win in the voting game theory. The DAO was worse than if the participants had invested in individual projects separately, thus the only purpose of the DAO was a game theory around controlling the pooled funds. No individual autonomy for the investors. The Ethereum and DAO developers appears to be so strongly into automation (and creating a master 1984 enslavement system? or is this just their Millennials Warcraft game A.I. culture?), that they built a DAO which was less autonomous than if each investor invested in projects separately from the DAO.

A Dash consultant Ira Miller wrote something similar but with different conclusions to mine:

https://medium.com/@gitguild/not-too-late-for-humans-to-save-ethereum-2f42f5fdfb75

Vitalik goes on to compare DAO to Dan Larimer's DAC, with the key difference being that profits are not retained in the latter. Retaining profits in the collective pool lowers autonomy, so actually DAO = DAC except when it is a non-profit. Vitalik seemed to think retaining profit (i.e. the organization is profitable) is non-profit if the profits aren't distributed back to the humans at the center. Whereas, I think the distinction is that retained profits indicates a "DO" because the stakeholders are no longer empowered to take their capital away except by selling the token which is not the same because liquidity of the float is not the same as distributing profit, i.e. 20% of the stakeholders can't sell their tokens at once to protest a vote of the majority. The DAO offered a split feature but the game theory was flawed.

I have more to write when I am not so delirious from lack of sleep. This is just a first draft to get some of my ideas written down. I'll need to expound on the differences between Ira Miller's perspective and mine.
iamnotback (OP)
Sr. Member
****
Offline Offline

Activity: 336
Merit: 265



View Profile
June 19, 2016, 02:46:20 AM
Last edit: June 19, 2016, 04:41:56 PM by iamnotback
 #50

An interesting read from a guy reddit.  He gave compelling arguments and it does make you think twice about the viability and security of the current smart contract plaforms and DAOs currently in circulation.

Source:   The bug which the "DAO hacker" exploited was *not* "merely in the DAO itself" (ie, *separate* from Ethereum). The bug was in Ethereum's *language design* itself (Solidity / EVM - Ethereum Virtual Machine) - shown by the "recursive call bug discovery" divulged (and dismissed) on slock.it last week.

Here's an excerpt of the post.

Quote
Complexity and "Turing completeness" are not the real culprit here - those are all good things that we can have someday. The real culprit is poor language design. Specifically, I would recommend using "functional" (rather than "procedural") languages for mission-critical code which will be driving "smart contracts" - and even better if a high-level "specification" language could be used, allowing formal derivation of a (verifiably correct) program in a low-level "implementation" language (ie, providing mathematical proof that the implementation satisfies the specification - and mitigating the problem where the high-level human-readable "description" is different from the low-level machine-runnable "code"). I suspect many people (raised in a world where JavaScript is the "assembly language of the web") might not know about some of the history and possibly related work. So take this as a stern lecture telling you to take a good look at the history of functional languages (and specification vs implementation languages) as used in mission-critical projects, including finance - which, even when using such tools, are still very hard to get right - as we can see from the decades-long history of failures of major projects in defense, healthcare, aerospace, etc.

I don't think language design can fix "reentrancy-safety". The problem is Turing-completeness which is unbounded recursion. That is not something you can entirely solve with the language design.

If your smart block chain project doesn't know how to explain what I am talking about here, then you should not be investing because they probably don't really know what they are doing. They think they can just slap on a programming language to a block chain. Sorry! The problem is fundamentally insoluble and any breakthrough will have to be a paradigm-shift!

All these Block Chain Alt devs are recreating the mistakes that mathematicians and software engineers have discovered years ago.

And that we all told them back in late 2013 not to do it. I personally told Charles. Vitalik invented "gas" and thought that was sufficient.

Quoting myself from 2011:

Fundamentally, Turing-completeness is one concise requirement, unbounded recursion.

I had already explained why that Reddit post is incorrect:


I haven't studied the specific vulnerability in this case[1], but I think it has to do with the contract code doing mutability aliasing on global state. So this is an issue of synchronizing mutability aliasing.

For example, imagine if some intended to be atomic operation[1] of a check for sending of ETH out of the contract had not set a global count of sent before some recursion which enabled sending more ETH out, thus exceeding the threshold.

So the Reddit post seems to be somewhat clueless about the actual issue. Functional programming and static typing is orthogonal to the issue of dealing with global state and mutability aliasing. I had just finished analyzing this issue at the Rust-lang forum and in my private discussion with keane recently. Although Rust can statically check mutability aliasing, this is restricted to disjoint data structures. We concluded that some semantics can't be modelled with a static checker. Mutability aliasing is thorny issue and I am not familiar enough with Coq to know if it can model it. I would need to really dig into the details of this and study it before I can comment with high degree of confidence.

[1]http://hackingdistributed.com/2016/06/18/analysis-of-the-dao-exploit/
https://www.youtube.com/watch?v=RHcLKrkwPLQ#t=730
https://github.com/LeastAuthority/ethereum-analyses/blob/master/GasEcon.md#case-study-the-crowfunding-contract-example
https://blog.ethereum.org/2016/06/19/thinking-smart-contract-security/
http://hackingdistributed.com/2016/06/16/scanning-live-ethereum-contracts-for-bugs/#what-about-the-recursive-race-problem-in-thedao
iamnotback (OP)
Sr. Member
****
Offline Offline

Activity: 336
Merit: 265



View Profile
June 19, 2016, 12:42:05 PM
Last edit: June 19, 2016, 02:32:59 PM by iamnotback
 #51

Vitalik
https://blog.ethereum.org/2016/06/19/thinking-smart-contract-security/

"However, it does show that there is a fundamental barrier to what can be accomplished, and “fairness” is not something that can be mathematically proven in a theorem"

well yes it can:

If you hold a system will function in a particular way and it does then that is fair, and you can mathematically prove it
https://www.reddit.com/r/ethereum/comments/4opjov/the_bug_which_the_dao_hacker_exploited_was_not/
TL;DR - Complexity and "Turing completeness" are not the real culprit here...

How many times am I going to have to repeat myself and link to my explanation that the quoted Reddit above is INCORRECT!

https://bitcointalk.org/index.php?topic=1505886.msg15273470#msg15273470 <--- click & read please

Vitalik is correct. The Reddit post is not. Period.

Turning-complete programming on a block chain can't be guaranteed to be secure. There will always be a gap between "intent" and "execution".

The fundamental reason is tied into the Halting problem, in that one can't prove an absolute negative, e.g. prove that no dinosaurs are still alive any where in the universe. It is undecideable.

Fundamentally this is the Second Law of Thermodynamics and the fact that time is irreversible so entropy is unbounded. The only way that wouldn't be the case would be if the speed-of-light was not finite, but then the past and future would collapse into the same infinitesimal point of nothingness and nothing could exist.

Theorem provers such as Coq produce output that is not Turing-complete. Yet that isn't even relevant, because "intent" can't be absolutely quantified in code or specification because interpretation is relative, i.e. the only account of history which is 100% certain doesn't exist (people will disagree on what happened because no one was every where in real-time, i.e. the speed-of-light is finite).

If you can't grasp this, don't fret. It requires a high level of intellect and also understanding of several fields including computer science and physics.

The bottom line is that Turing-complete programming on a block chain is "a can of worms" which is what we all told Ethereum since back in 2013 when Vitalik first proposed it.


Published on may 18th

Ethereum Contracts Are Going To Be Candy For Hackers

http://vessenes.com/ethereum-contracts-are-going-to-be-candy-for-hackers/

It isn't "tarnished forever" if the problem is confined to where it originated. That was the whole point of a "Turing Complete" scripting language - to isolate one contract from another and from the underlying platform itself as I've explained here and in previous posts in that thread.

I responded to your linked post as quoted above:

The very architecture of a smart contract blockchain makes the logic of the "Turing Complete" scripting language independent of the logic of the blockchain on which it runs. Kind of like the separation of executive a legislative powers in states. If you decide to p*ss all over that principle just to save yourself embarrassment and investors in a known risky asset from taking a haircut then you just kill it for everybody.

Incorrect! Turing-completeness is unbounded recursion. Thus it makes it impossible to encapsulate scripts from each other and from internal recursion, etc.. It is the opposite of your incorrect assumption!

You should stop spreading lies about computer science that you do not understand.

iamnotback (OP)
Sr. Member
****
Offline Offline

Activity: 336
Merit: 265



View Profile
June 19, 2016, 03:04:26 PM
 #52

The issue now is with DAO, not Ether.

Incorrect.

Okay. That is too technical. It is beyond my understanding. Do you mind explaining it in layman terms or, at least in bachelor's level?

Does this help?

http://ebiquity.umbc.edu/blogger/2008/01/19/how-dr-suess-would-prove-the-halting-problem-undecidable/

Scooping the Loop Snooper
an elementary proof of the undecidability of the halting problem

Geoffrey K. Pullum, University of Edinburgh

No program can say what another will do.
Now, I won’t just assert that, I’ll prove it to you:
I will prove that although you might work til you drop,
you can’t predict whether a program will stop.

Imagine we have a procedure called P
that will snoop in the source code of programs to see
there aren’t infinite loops that go round and around;
and P prints the word “Fine!” if no looping is found.

You feed in your code, and the input it needs,
and then P takes them both and it studies and reads
and computes whether things will all end as they should
(as opposed to going loopy the way that they could).

Well, the truth is that P cannot possibly be,
because if you wrote it and gave it to me,
I could use it to set up a logical bind
that would shatter your reason and scramble your mind.

Here’s the trick I would use – and it’s simple to do.
I’d define a procedure – we’ll name the thing Q –
that would take any program and call P (of course!)
to tell if it looped, by reading the source;

And if so, Q would simply print “Loop!” and then stop;
but if no, Q would go right back to the top,
and start off again, looping endlessly back,
til the universe dies and is frozen and black.

And this program called Q wouldn’t stay on the shelf;
I would run it, and (fiendishly) feed it itself.
What behaviour results when I do this with Q?
When it reads its own source, just what will it do?

If P warns of loops, Q will print “Loop!” and quit;
yet P is supposed to speak truly of it.
So if Q’s going to quit, then P should say, “Fine!” –
which will make Q go back to its very first line!

No matter what P would have done, Q will scoop it:
Q uses P’s output to make P look stupid.
If P gets things right then it lies in its tooth;
and if it speaks falsely, it’s telling the truth!

I’ve created a paradox, neat as can be –
and simply by using your putative P.
When you assumed P you stepped into a snare;
Your assumptions have led you right into my lair.

So, how to escape from this logical mess?
I don’t have to tell you; I’m sure you can guess.
By reductio, there cannot possibly be
a procedure that acts like the mythical P.

You can never discover mechanical means
for predicting the acts of computing machines.
It’s something that cannot be done. So we users
must find our own bugs; our computers are losers!
GreenBits
Legendary
*
Offline Offline

Activity: 1148
Merit: 1048



View Profile
June 19, 2016, 03:14:51 PM
 #53

The issue now is with DAO, not Ether.

Incorrect.

Okay. That is too technical. It is beyond my understanding. Do you mind explaining it in layman terms or, at least in bachelor's level?

Does this help?

http://ebiquity.umbc.edu/blogger/2008/01/19/how-dr-suess-would-prove-the-halting-problem-undecidable/

Scooping the Loop Snooper
an elementary proof of the undecidability of the halting problem

Geoffrey K. Pullum, University of Edinburgh

No program can say what another will do.
Now, I won’t just assert that, I’ll prove it to you:
I will prove that although you might work til you drop,
you can’t predict whether a program will stop.

Imagine we have a procedure called P
that will snoop in the source code of programs to see
there aren’t infinite loops that go round and around;
and P prints the word “Fine!” if no looping is found.

You feed in your code, and the input it needs,
and then P takes them both and it studies and reads
and computes whether things will all end as they should
(as opposed to going loopy the way that they could).

Well, the truth is that P cannot possibly be,
because if you wrote it and gave it to me,
I could use it to set up a logical bind
that would shatter your reason and scramble your mind.

Here’s the trick I would use – and it’s simple to do.
I’d define a procedure – we’ll name the thing Q –
that would take any program and call P (of course!)
to tell if it looped, by reading the source;

And if so, Q would simply print “Loop!” and then stop;
but if no, Q would go right back to the top,
and start off again, looping endlessly back,
til the universe dies and is frozen and black.

And this program called Q wouldn’t stay on the shelf;
I would run it, and (fiendishly) feed it itself.
What behaviour results when I do this with Q?
When it reads its own source, just what will it do?

If P warns of loops, Q will print “Loop!” and quit;
yet P is supposed to speak truly of it.
So if Q’s going to quit, then P should say, “Fine!” –
which will make Q go back to its very first line!

No matter what P would have done, Q will scoop it:
Q uses P’s output to make P look stupid.
If P gets things right then it lies in its tooth;
and if it speaks falsely, it’s telling the truth!

I’ve created a paradox, neat as can be –
and simply by using your putative P.
When you assumed P you stepped into a snare;
Your assumptions have led you right into my lair.

So, how to escape from this logical mess?
I don’t have to tell you; I’m sure you can guess.
By reductio, there cannot possibly be
a procedure that acts like the mythical P.

You can never discover mechanical means
for predicting the acts of computing machines.
It’s something that cannot be done. So we users
must find our own bugs; our computers are losers!
.

Too long, did actually read; now head hurts and nose is bleeding.


But seriously, thank you, that Turing completeness shit was jibber jabber nonsense until that poem. I get it now  Grin
iamnotback (OP)
Sr. Member
****
Offline Offline

Activity: 336
Merit: 265



View Profile
June 19, 2016, 09:18:13 PM
 #54


I'm with you and thanks for putting it more eloquently than I ever could. I invested in DAO and agree that it should cut its loses for now. I still believe in a DAO and all that it will stand for, basically giving the little man the opportunity to invest whee only VC funds could in the past. Why others are so virulently against this right is beyond me. One day I expect after all this is blown over there will be a DAO2.0. Just with better coders.

Also, I don't know if better coding is the answer ultimately. Things need to progress on the basis that smart contract code will fail, not that it won't. There are a huge amount of use cases where the value doesn't actually have to be held by the contract.

toknormal, very astute. That is indeed part of the solution.

Minecache, the problem with The DAO is not only bad code, but also the design was game theory broken as well.
iamnotback (OP)
Sr. Member
****
Offline Offline

Activity: 336
Merit: 265



View Profile
June 19, 2016, 10:15:04 PM
Last edit: November 17, 2016, 06:17:48 AM by iamnotback
 #55

The issue now is with DAO, not Ether.

Incorrect.

Okay. That is too technical. It is beyond my understanding. Do you mind explaining it in layman terms or, at least in bachelor's level?

Does this help?

http://ebiquity.umbc.edu/blogger/2008/01/19/how-dr-suess-would-prove-the-halting-problem-undecidable/

Scooping the Loop Snooper
an elementary proof of the undecidability of the halting problem

Geoffrey K. Pullum, University of Edinburgh

No program can say what another will do.
Now, I won’t just assert that, I’ll prove it to you:
I will prove that although you might work til you drop,
you can’t predict whether a program will stop.

Imagine we have a procedure called P
that will snoop in the source code of programs to see
there aren’t infinite loops that go round and around;
and P prints the word “Fine!” if no looping is found.

You feed in your code, and the input it needs,
and then P takes them both and it studies and reads
and computes whether things will all end as they should
(as opposed to going loopy the way that they could).

Well, the truth is that P cannot possibly be,
because if you wrote it and gave it to me,
I could use it to set up a logical bind
that would shatter your reason and scramble your mind.

Here’s the trick I would use – and it’s simple to do.
I’d define a procedure – we’ll name the thing Q –
that would take any program and call P (of course!)
to tell if it looped, by reading the source;

And if so, Q would simply print “Loop!” and then stop;
but if no, Q would go right back to the top,
and start off again, looping endlessly back,
til the universe dies and is frozen and black.

And this program called Q wouldn’t stay on the shelf;
I would run it, and (fiendishly) feed it itself.
What behaviour results when I do this with Q?
When it reads its own source, just what will it do?

If P warns of loops, Q will print “Loop!” and quit;
yet P is supposed to speak truly of it.
So if Q’s going to quit, then P should say, “Fine!” –
which will make Q go back to its very first line!

No matter what P would have done, Q will scoop it:
Q uses P’s output to make P look stupid.
If P gets things right then it lies in its tooth;
and if it speaks falsely, it’s telling the truth!

I’ve created a paradox, neat as can be –
and simply by using your putative P.
When you assumed P you stepped into a snare;
Your assumptions have led you right into my lair.

So, how to escape from this logical mess?
I don’t have to tell you; I’m sure you can guess.
By reductio, there cannot possibly be
a procedure that acts like the mythical P.

You can never discover mechanical means
for predicting the acts of computing machines.
It’s something that cannot be done. So we users
must find our own bugs; our computers are losers!

.

Too long, did actually read; now head hurts and nose is bleeding.


But seriously, thank you, that Turing completeness shit was jibber jabber nonsense until that poem. I get it now  Grin

Let me provide a simplistic explanation of the Halting problem.

We have a program P which inputs the source code of other programs and the result of P is the result of the analysis of whether the input source code loops forever or terminates (i.e. halts).

We have another program Q which inputs the source code of a program and calls P, then prints "Loop" and terminates if P reports "Loop", otherwise Q loops.

So we call Q passing the source code of Q to itself, but this is a paradox because P can't decide what the result would be. If P's result is "Loop", then Q terminates. If P's result is "terminates", then Q loops. We have an inconsistency in both cases.

This shows that it is impossible to make a compiler that acts like P, i.e. it is impossible to analyze whether programs with unbounded recursion terminate or not, because recursion is decided (unbounded) at runtime and not at compile-time. Thus at compile-time the result of the question is undecideable.

QED.
iamnotback (OP)
Sr. Member
****
Offline Offline

Activity: 336
Merit: 265



View Profile
June 20, 2016, 12:59:20 AM
 #56


I haven't studied the specific vulnerability in this case[1], but I think it has to do with the contract code doing mutability aliasing on global state. So this is an issue of synchronizing mutability aliasing.

For example, imagine if some intended to be atomic operation[1] of a check for sending of ETH out of the contract had not set a global count of sent before some recursion which enabled sending more ETH out, thus exceeding the threshold.

So the Reddit post seems to be somewhat clueless...

[1]http://hackingdistributed.com/2016/06/18/analysis-of-the-dao-exploit/
https://www.youtube.com/watch?v=RHcLKrkwPLQ#t=730
https://github.com/LeastAuthority/ethereum-analyses/blob/master/GasEcon.md#case-study-the-crowfunding-contract-example
https://blog.ethereum.org/2016/06/19/thinking-smart-contract-security/
http://hackingdistributed.com/2016/06/16/scanning-live-ethereum-contracts-for-bugs/#what-about-the-recursive-race-problem-in-thedao

So now the experts finally figure out that the vulnerability is more general as I had written above as quoted. So who is the expert here. Wink

So any state influencing the logic of any procedure non-atomically is vulnerable to attack if interrupted by a call to an arbitrary contract.  This goes far beyond the “write functions that are reentrant” suggestion: instead write functions that either don’t call out to arbitrary contracts or make no assumptions about their control flow or state after doing so.
iamnotback (OP)
Sr. Member
****
Offline Offline

Activity: 336
Merit: 265



View Profile
June 20, 2016, 01:01:56 PM
 #57

Smooth and I discussing the optimum way of funding/launching development, and the Nash equilibrium of block chains.

Ethereum, Blockstream (Bitcoin core), BitShares, DASH all break Nash equilibrium.

I agree with smooth, there should be no DAO nor governance (i.e. no voting, not even from miners) in control of forking the block chain. The DAOs should only be for decentralizing projects and organizations (including corporations). DASH and Bitshares have this incorrect PoS+governance design and Ira Miller@DASH is incorrect about automation being unrealistic or evil:

so how can you shut down a decentralized autonomous organization?

Do you know any decentralized autonomous organization ?

I don't ..

Yes, DASH.org.  The first DAO. 

The difference: Marketing that feature is taking a backseat to development.  Doing it right I'd say.

DASH does seem to be a functioning DAO where D is distributed but sure if it is decentralized control. The stakeholders apparently vote on the actions or management of the development of the open source. The stakeholders apparently approved to have % of the mining rewards paid to a foundation which then distributes the funds according to projects approved by votes of the stakeholders. However what is not clear to me is to what degree this is all enforced by smart contract protocol or done manually by the foundation.

There are allegations however that the distribution of the DASH tokens were highly concentrated by an alleged instamine and subsequent masternode ROI scheme which may have further concentrated the tokens held by the core insiders. But I don't know if anyone has been able to prove conclusively that DASH is not really decentralized, although the suspicion is apparently strong amongst some especially Monero supporters.
iamnotback (OP)
Sr. Member
****
Offline Offline

Activity: 336
Merit: 265



View Profile
June 21, 2016, 12:16:49 AM
Last edit: June 21, 2016, 12:48:49 AM by iamnotback
 #58

Research paper has a section that mentions some smart contract use cases:

http://publications.lib.chalmers.se/records/fulltext/234939/234939.pdf#page=12

Note that paper above is claiming some classes of programming errors can be avoided in smart contracts by using dependent and polymorphic types. But as I wrote upthread, that won't eliminate semantic bugs such as game theory bugs. See for example §4.3 Misaligned Incentives in the following paper:

http://eprint.iacr.org/2015/460.pdf#page8

Generally speaking, as I explained by example of the Halting problem, the runtime entropy of a Turing-complete machine is unbounded. Thus there are an unbounded number of ways to create errors, regardless of any fancy typing system and programming paradigm.
FalconCrypto
Sr. Member
****
Offline Offline

Activity: 273
Merit: 250


View Profile
June 21, 2016, 12:57:05 AM
 #59

Research paper has a section that mentions some smart contract use cases:

http://publications.lib.chalmers.se/records/fulltext/234939/234939.pdf#page=12

Note that paper above is claiming some classes of programming errors can be avoided in smart contracts by using dependent and polymorphic types. But as I wrote upthread, that won't eliminate semantic bugs such as game theory bugs. See for example §4.3 Misaligned Incentives in the following paper:

http://eprint.iacr.org/2015/460.pdf#page8

Generally speaking, as I explained by example of the Halting problem, the runtime entropy of a Turing-complete machine is unbounded. Thus there are an unbounded number of ways to create errors, regardless of any fancy typing system and programming paradigm.

I totally agree with you. More to follow...
iamnotback (OP)
Sr. Member
****
Offline Offline

Activity: 336
Merit: 265



View Profile
June 21, 2016, 02:39:30 AM
Last edit: June 21, 2016, 03:51:34 AM by iamnotback
 #60

Mircea Popescu, the pragmatic genius hacker who drained the DAO in order to defend crypto-currency against retards who want to centralize crypto-currency, has written something about contracts which I entirely agree with. In fact, my conceptualization of the way a DAO should be constructed is based on the similar insight, and I arrived at my insight independently and before reading the following epistle.

Let's not forget the Spaniards traded to the native a mirror for his acreage, then employed the force of contracts to enforce the absurdity.


Traditionally, contracts are instruments of torture. People agree to be married (thus entering into, of course, a Marriage Contract) and then have to suffer their spouse whether they'd like to or not.

...

The problem with this holy institution that has carried us so very far and fed us so very well is that it has costs, and those costs have the unfortunate property that they mount with use.

...

Why would the cost of enforcing a contract increase with the amount of contracts already entered into ? Well, because as people use them people also look for ways to abuse them. As these ways are found they have to be patched. As the patches are applied new holes are found, so new patches are issued. Sometimes the patches work better in some cases than others, in the end it's not even obvious which would be the proper case a contract falls into, the administration of all this has some costs and moreover due to the adversarial nature of contractsvii there's always someone with an incentive to argue absolutely anything, no matter how "insane". Besides, what's insane anymore once we have contracts ?

...

I know plenty of people who have dispensed with even entering into contracts altogether, as a point of principle. Silicon Valley deals would be anywhere between one third and two thirds undocumented to any degree - only when companies are about to go public does a mad rush commence to retroactively document years' worth of... contracts, they would be, except they weren't. Why not ? Because contracts are just too damned expensive, both to enter into rationally and then to enforce against the other party. The attempts mostly end up as a competition of "who has the largest bank account" and therefore can afford the best lawyers, and since this is known at the outset the only real believers in the entire contract-with-enforcement construct are, predictably, the very large corporations.

...

And so here we are today : contract litigation is a great way to earn a living as a lawyer, a premier way to generate that mostly fake "social mobility" and a great way for Apple, Samsung and obviously the US government to fill their otherwise idle time during board meetings. Most common claims are not pressed, and in the rare instance they are pressed would end up in something called "Small Claims", which is much akin to the lost and found box they used to keep in train stations and movie theatres.

...

Who today would or will be able to set aside the perhaps justified objections of the disenfranchised parties (which would necessarily exist) to create a new code, and somewhat reset the clock ? Nobody, practically speaking, it'd have to be done by "consensus" and "negotiation" which is to say it'd be much better for it to not be done at all. In short, this great dragon called Contract has flown as far as he can. He is old now, and tired. His bones ache, his mood is sour, he will soon go below the ground. We will forever remember it, or at any rate I will, but for what he was in his youth, and that youth was much, much before your parents were being born I would think.

So what now ?

Well... I'm glad you asked. There's a spiffy young fellow I'm betting on : the GPG Contract. He's also a. an agreement b. reached by willing participants. But that's all.

What do I mean "that's all" ? I literally mean, that's all. A contract which is entered into by willing participants and won't be enforced. Nonsense ? IKR!

Except not really. Obviously entering into a GPG Contract thinking it's an Old Contract is nonsense, and will get you burned. In fact the history of "scams" in the Bitcoin space is pretty much this, people behaving with what should really be GPG Contracts as if they were Old Contracts, and then discovering midway through that... well... it doesn't really work that way.

All this aside, non-enforced contracts, contracts which the participants uphold out of their own free will rather than at the behest of some third party or by the point of the sword of some blind demigoddess are a thoroughly fascinating turn of events. For one, they are fundamentally human, they're one step up on the stairwell of freedom. Do it if you think it's right is certainly a lot more empowering, civilised and overall good than "do it or else". For the other, they allow all the enforcing to happen before the actual contract is entered into. Old contracts contain unknown future costs, nobody can ever tell you exactly how much will you have to pay in legal fees to recoup this five hundred owed on whatever deal. GPG Contracts don't have any future costs at all. The cost of enforcing one after the fact is always going to be zero, pretty much because there's never going to be anything you need (or indeed can) do.

And it doesn't stop here. I have always thought the principal utility of Bitcoin is that it renders any sort of mandatory taxation model unviable. I am firmly persuaded that as Bitcoin takes holdix taxes will have to return to what they were in ancient Greece : willing donations to the state treasury, and something people openly took pride in. This shift will bring about all the improvements we were vainly trying to achieve in the old money paradigm, such as public accountability and reasonable expenditure in one fell swoop : good luck getting people to donate to the police department if they don't like the police. And good luck with the welfare programs, for sure.

Add to that a shift of contracts from the old model to the new and suddenly you have - and I mean this quite literally - a new Renaissance. Man at the center of all things. Man, the willing enforcer of his own promises. Man, the willing contributor to the wealth of an obviously much reduced, but by that fact probably much nicer, lovable and huggable cute little state.

I'm crying with joy over here, my toes are curling in untold glee, I have little doubt that I shall live to see this, all of it. And for the first time in many, many years I feel again like the world is worth living in.

Techno-anarchism. Amen!
Pages: « 1 2 [3] 4 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!