Bad Code Has Lost $500M of Cryptocurrency in Under a Year

[AGD]

https://topbitcoin.lv/bad-code-lost-500-million-cryptocurrency-year/

Cryptocurrency can be lost in a variety of ways, from hacking to forgotten passwords and failed flash drives. But in dollar terms, one of the biggest causes of crypto losses is bad code, and it’s not usually the fault of the coin’s developers. Instead, third parties, including shoddy smart contract developers and shady exchanges, are to blame for losses that have reached half a billion dollars in the last seven months.

Last week, news.Bitcoin.com reported on the demise of Bitgrail, which contrived to lose $170 million of nano cryptocurrency. While the precise sequence of events that caused the catastrophic collapse of the exchange with the assets of thousands of customers is still being confirmed, poor code is being blamed. As reported at the time:

There are rumors that Bitgrail became insolvent following a withdrawal bug that was discovered by some users and then shared in Discord and other chat groups, causing the wallet balance to gradually diminish. One user explained: “There was a bug on Bitgrail where if you placed two orders you got double balance added to your account. You could then withdraw while the orders were up and steal the coins. You had negative balance in the end but you could just make a new account.”

Bad Code Has Lost $500 Million of Cryptocurrency in Under a Year

In the aftermath of the incident, this theory has been bolstered by allegations that a bug was indeed responsible, and not in nano’s code, but in Bitgrail’s. One source asserted: “There was a bug, on the withdraw page. But this check was only on java-script client side, you find the js which is sending the request, then you inspect element – console, and run the java-script manually, to send a request for withdrawal of a higher amount than in your balance. Bitgrail delivered this withdrawal. How many people did this? Who knows.”

There was another bug, you could request a withdrawal to your address – from another user-id, from another user-account. That would cause the other users balance to have “missing funds” or “negative balance”. Bitgrail bomber solved this bug by manually entering the “correct” numbers in his database. This is what you get for using a PHP website coded by same skill-level as CfB of IDIOTA.

Even the Best Cryptocurrencies Aren’t Immune to Poor Code

The cryptocurrency most commonly associated with catastrophic bugs is ethereum. That’s not due to its underlying code, but on account of the smart contracts that can be built on top of the ethereum framework. First there was the DAO, which led to ethereum being forked right out the gate, and then there was the Parity bug that caused 150,000 ETH to be stolen, followed by the other Parity bug that caused $168 million of ETH to be locked up.

In the past couple of weeks, ethereum bugs have surfaced once more, albeit on a smaller scale. Proof of Weak Hands (PoWH) was a joke scamcoin which turned into an actual scamcoin after a bug led to the loss of 900 ether worth $1 million that had been sent to the contract address. The developer then disappeared after receiving death threats from investors aggrieved to discover that the joke Ponzi they were buying into was even less legitimate than it had seemed.

PoWH has since spawned a new scamcoin called ethpyramid which is for “strong hands only”. To the question “Is Ethpyramid secure?” the site responds “Yes. Our dev team put a lot of time into refining and testing this contract to make sure your tokens are safe. Internal functions of the contract are not accessible to the end user.” There’s also PoWH420, “the world’s dank autonomous and self-sustaining 420 pyramid scheme”.


Even if joke coins and their joke developers are taken out of the equation, it’s evident that cryptocurrencies are only as strong as their weakest link. While altcoins such as ethereum and nano have undoubted potential, like every other crypto they’re hostage to bugs lurking in wallets, smart contracts, and exchanges. One bad line of code is all it takes.

[1714888827]

1714888827

[1714888827]

1714888827

[Nrcewker]

i think investors should learn from this . i see mostly peoples are looking for cheap development companies but they forget they will get what they paid for ..

when you starting a exchange company for God Sake hire a professional company where educated peoples worked but they will charge you more money then a individual or freelancer developer but they can give you good work

[HeRetiK]

Seeing how security and actual software engineering often comes as an afterthought, instead of serving as a fundamental requirement, it comes to very little surprise to be honest. I guess that's the downside of the comparably low entry level when it comes to developing crypto related software (as opposed to, say, traditional finance, military and aircraft applications).

Properly handling immutable, decentralized transactions is hard and mistakes are costly without recourse. Even moreso when it comes to smart contracts. It seems like a lot of companies and developers haven't yet fully fathomed the implications of what processing irreversible scripts and transactions really means.


I mean...

“There was a bug on Bitgrail where if you placed two orders you got double balance added to your account. You could then withdraw while the orders were up and steal the coins. You had negative balance in the end but you could just make a new account.”

What the. Actual. Fuck. That would be bad enough in traditional finance or actually any online application that handles money. But in crypto such a bug becomes fatal.

The cryptocurrency most commonly associated with catastrophic bugs is ethereum. That’s not due to its underlying code, but on account of the smart contracts that can be built on top of the ethereum framework.

Here's the next thing. Granted, if Solidity where more strict and rigorous its developer base would likely be much much smaller. Nonetheless I'd argue that such strictness would be required to allow somewhat reliable smart contracts. With Solidity it may not be a code issue, but it's definitely a design issue. I don't follow Ethereum all that much, so I might be missing parts of the big picture, but what I always ask myself is: If blockchain veterans such as the Ethereum development team is unable to design a sound smart contract platform, how can we expect blockchain rookies -- which is what most of us are, given how young crypto is -- to implement reliable smart contracts on that very same platform?

Sorry if this post comes off as ranty, I guess irresponsible code just kind of grinds my gears.

[AGD]

Seeing how security and actual software engineering often comes as an afterthought, instead of serving as a fundamental requirement, it comes to very little surprise to be honest. I guess that's the downside of the comparably low entry level when it comes to developing crypto related software (as opposed to, say, traditional finance, military and aircraft applications).

Properly handling immutable, decentralized transactions is hard and mistakes are costly without recourse. Even moreso when it comes to smart contracts. It seems like a lot of companies and developers haven't yet fully fathomed the implications of what processing irreversible scripts and transactions really means.


I mean...

“There was a bug on Bitgrail where if you placed two orders you got double balance added to your account. You could then withdraw while the orders were up and steal the coins. You had negative balance in the end but you could just make a new account.”

What the. Actual. Fuck. That would be bad enough in traditional finance or actually any online application that handles money. But in crypto such a bug becomes fatal.

The cryptocurrency most commonly associated with catastrophic bugs is ethereum. That’s not due to its underlying code, but on account of the smart contracts that can be built on top of the ethereum framework.

Here's the next thing. Granted, if Solidity where more strict and rigorous its developer base would likely be much much smaller. Nonetheless I'd argue that such strictness would be required to allow somewhat reliable smart contracts. With Solidity it may not be a code issue, but it's definitely a design issue. I don't follow Ethereum all that much, so I might be missing parts of the big picture, but what I always ask myself is: If blockchain veterans such as the Ethereum development team is unable to design a sound smart contract platform, how can we expect blockchain rookies -- which is what most of us are, given how young crypto is -- to implement reliable smart contracts on that very same platform?

Sorry if this post comes off as ranty, I guess irresponsible code just kind of grinds my gears.

A lot of good reasons to stick with Bitcoin, esp. Core and keep running full nodes and I also would trust smart contracts a lot more, if they would be based on the the Bitcoin blockchain than on any other shitchain.  In my opinion ALL of the > 1000 Alts are rather the result of missed financial/fame opportunities than a real technological progress.

[jshark]

  In my opinion ALL of the > 1000 Alts are rather the result of missed financial/fame opportunities than a real technological progress.

Couldn't agree with this more. I get some people have had great ideas, I believe ETH is one of them, but SO many alts are just guys/teams with a get rich quick plan.

[HeRetiK]

A lot of good reasons to stick with Bitcoin, esp. Core and keep running full nodes and I also would trust smart contracts a lot more, if they would be based on the the Bitcoin blockchain than on any other shitchain.  In my opinion ALL of the > 1000 Alts are rather the result of missed financial/fame opportunities than a real technological progress.

Yeah, a lot of the stuff that I've seen happening with the alts (eg. IOTA and its self rolled crypto or that whole Parity debacle... twice) and some of the hardforks (eg. B2X's insta-death and the BCH difficulty fluctuations) during the last year made me really appreciate the way Core handles things. Sure, progress may seem slow, but it's slow for a reason. Stuff's done when it's done. You can't just move fast and hardfork things. I mean you can, obviously, but its not necessarily a development and design philosophy that I personally could get behind.

Same with turing complete smart contracts. It just seems like such. A bad. Idea. Regardless of the underlying blockchain.

Maybe with some improved tooling, rigorous testing and a solid development approach this could work, alas who has time for that when there's a marketing campaign for your upcoming ICO to be run?

I love watching the altcoin and token space, but for every good idea there's a metric shitton of wtfs going on. And those whitepapers. So much fluff, oh so much fluff. Jesus.

[BenOnceAgain]

Seeing how security and actual software engineering often comes as an afterthought, instead of serving as a fundamental requirement, it comes to very little surprise to be honest. I guess that's the downside of the comparably low entry level when it comes to developing crypto related software (as opposed to, say, traditional finance, military and aircraft applications).

Properly handling immutable, decentralized transactions is hard and mistakes are costly without recourse. Even moreso when it comes to smart contracts. It seems like a lot of companies and developers haven't yet fully fathomed the implications of what processing irreversible scripts and transactions really means.


I mean...

“There was a bug on Bitgrail where if you placed two orders you got double balance added to your account. You could then withdraw while the orders were up and steal the coins. You had negative balance in the end but you could just make a new account.”

What the. Actual. Fuck. That would be bad enough in traditional finance or actually any online application that handles money. But in crypto such a bug becomes fatal.

The cryptocurrency most commonly associated with catastrophic bugs is ethereum. That’s not due to its underlying code, but on account of the smart contracts that can be built on top of the ethereum framework.

Here's the next thing. Granted, if Solidity where more strict and rigorous its developer base would likely be much much smaller. Nonetheless I'd argue that such strictness would be required to allow somewhat reliable smart contracts. With Solidity it may not be a code issue, but it's definitely a design issue. I don't follow Ethereum all that much, so I might be missing parts of the big picture, but what I always ask myself is: If blockchain veterans such as the Ethereum development team is unable to design a sound smart contract platform, how can we expect blockchain rookies -- which is what most of us are, given how young crypto is -- to implement reliable smart contracts on that very same platform?

Sorry if this post comes off as ranty, I guess irresponsible code just kind of grinds my gears.

I wholeheartedly agree with you.  I couldn't believe that there was apparently a client-side JavaScript exploit on that Bitgrail exchange, where that was the only check it had to verifying an accounts balance!?!  Seriously, code that runs in someone's web browser, wtf?  That type of foolishness wouldn't make the cut for a web game, to say nothing of financial transactions of real value.

In my view, best-practices standards are needed for security and code audits.  There are many attempts at this out there, it needs to be pulled together, structured and maintained like RFC or BIP standards are, and proliferated through the field.  Especially considering we are dealing with a rapidly evolving technology, these standards need to be maintained on an ongoing basis.  I know the steps I take to lock down a server today in 2018 are different in quite a few ways than they were in 2014, for example.

My organization is going to be looking at this issue because it's a real problem that needs some coordinated focus.  We're conducting our launch fundraiser right now with an Ethereum ERC20 token, but I have real concerns with the stability of that platform moving forward.  A deep dive is in order with some consultations with the gurus before I make any long-term decision I'll live to regret on platforms.  In some ways it's a shame, the Ethereum platform does seem good "on paper", but has some real flaws that need to be met before I would place the kind of trust in it that you do to a financial institution.

If a bank lost $500M in a year, people would be in jail!  (Well, maybe not here in the U.S., but only because the banks own our government [for now]).  But who would bank with a company that was so careless with funds it has custodial control over?

I might sound ranty back, but it's only because it's so outrageous.

Best regards,
Ben

[Wind_FURY]

Some services with less than competent developers should not be working in something that holds millions of dollars.

But other projects with supposedly "competent" developers and still have caused coins to be stolen or lacked deserves to be hanged. They have no excuse.

[ciro1]

Majority of the cases were properly calculated and scam. Investors would never be able to know and even if they do, not much can be done. I believe all these issues would be things of the old in crypto.

[HeRetiK]

I wholeheartedly agree with you.  I couldn't believe that there was apparently a client-side JavaScript exploit on that Bitgrail exchange, where that was the only check it had to verifying an accounts balance!?!  Seriously, code that runs in someone's web browser, wtf?  That type of foolishness wouldn't make the cut for a web game, to say nothing of financial transactions of real value.

It seems like both developers and investors tend to forget that they are handling real, actual money. Would you leave a suitcase full of cash in the middle of the street? Would you give your credit card data to some random stranger on the internet? That's what basically happens in crypto all the time.

In my view, best-practices standards are needed for security and code audits.  There are many attempts at this out there, it needs to be pulled together, structured and maintained like RFC or BIP standards are, and proliferated through the field.  Especially considering we are dealing with a rapidly evolving technology, these standards need to be maintained on an ongoing basis.  I know the steps I take to lock down a server today in 2018 are different in quite a few ways than they were in 2014, for example.

I absolutely agree with you. As much as I love that whole wild west, new frontier vibe that crypto is swinging, I so very much appreciate the formal approach that Bitcoin and some of the alts have taken.

To be fair, handling crypto is especially tricky. Holding what equates to actual cash on a computer system is unprecedented prior to cryptocurrencies. Even if you were handling payments there was usually some form of rollback available, should things go awry. Not so with crypto, yet it seems to be partially held to lower standards than finance which is insane.

Nonetheless we've come a long way since MtGox. It's almost as if the market has begun to realize that crypto is a billion dollar business now.

My organization is going to be looking at this issue because it's a real problem that needs some coordinated focus.  We're conducting our launch fundraiser right now with an Ethereum ERC20 token, but I have real concerns with the stability of that platform moving forward.  A deep dive is in order with some consultations with the gurus before I make any long-term decision I'll live to regret on platforms.  In some ways it's a shame, the Ethereum platform does seem good "on paper", but has some real flaws that need to be met before I would place the kind of trust in it that you do to a financial institution.

Hats off to you for critically evaluating technologies. I know this approach should be the standard, however it unfortunately isn't, which makes me all the more glad to hear that there are still organizations and companies out there that take a sane and prudent approach at blockchain techologies.

If a bank lost $500M in a year, people would be in jail!  (Well, maybe not here in the U.S., but only because the banks own our government [for now]).  But who would bank with a company that was so careless with funds it has custodial control over?

I don't think that European banks are much better in that regard.

Referring to "But who would bank with a company that was so careless with funds".... I honestly think that consumers are at least partially to blame on that matter. If people would avoid shoddy exchanges in the first place, a lot of these dramas could be avoided.

[NITCoinOfficial]

This industry is very fresh. You should always have double-check code reviews with your team, if not quad-check it. This is why hackathons and bug-bounty programs exist. It should never be the responsibility of one, team work is very important. Everyone is trying to quickly get into the industry and try to make money, however ethical issues should also be kept in mind. The stronger your code is, the better your reputation is, the better your product will be.

[cellard]

I wholeheartedly agree with you.  I couldn't believe that there was apparently a client-side JavaScript exploit on that Bitgrail exchange, where that was the only check it had to verifying an accounts balance!?!  Seriously, code that runs in someone's web browser, wtf?  That type of foolishness wouldn't make the cut for a web game, to say nothing of financial transactions of real value.

This is why I have always taken extra measures when accessing anything that had to do with bitcoin, namely using a VPN or Tor so in order there is a leak, they couldn't get your IP, and also disabling javascript. I have never trusted exchanges, and I still don't to this day, specially now that they ask for a god damn selfie while holding your ID. It's a matter of time some day we are going to have a HUGE leak on a big exchange database, and everyone that gave a picture of them holding an ID will have this picture attached to their bitcoin addresses and then sold on the darkweb for extortion or some sick shit. I was never looking forward to that.. no thanks, which is why I always used fake names on Poloniex for example, and just left any exchange that forced me to give them my data (Bittrex doesn't even let you trade between altcoins anymore without full verification... fuck them!!)

Never trust anything, it's all compromised, everyone just wants to steal your bitcoin. I can't wait for atomic swap decentralized exchanges so I don't need to trust exchangers and the scammers running these while having javascript on.. ridiculous.

[nullius]

A lot of good reasons to stick with Bitcoin, esp. Core and keep running full nodes and I also would trust smart contracts a lot more, if they would be based on the the Bitcoin blockchain than on any other shitchain.

Yeah, a lot of the stuff that I've seen happening with the alts (eg. IOTA and its self rolled crypto or that whole Parity debacle... twice) and some of the hardforks (eg. B2X's insta-death and the BCH difficulty fluctuations) during the last year made me really appreciate the way Core handles things. Sure, progress may seem slow, but it's slow for a reason. Stuff's done when it's done.

On reading OP, my own first thought was of the whining in certain quarters about Core’s relatively slow pace and “it’s done when it’s done” policy.  Also directly related is persistent calumny over their cautious desire to avoid hardforking the chain, and do so only if necessary—following research of what could happen, and how to prevent “oopsies”.  I even once saw somewhere an explicit suggestion that Core should follow the amateurish wannabe cool kid Silicon Valley 2.0 motto of “move fast and break things” (!).

Whereas to the best of my knowledge, Core is the first and thus far, only open-source project wherein a tiny little bug could directly destroy liquid value equivalent to a hundred billion dollars in a microsecond.  I appreciate the “it’s done when it’s done” approach.

It seems like both developers and investors tend to forget that they are handling real, actual money. Would you leave a suitcase full of cash in the middle of the street? Would you give your credit card data to some random stranger on the internet? That's what basically happens in crypto all the time.

There is pertinent idiom, “Other People’s Money”.  I’ve mostly seen it applied by people who are critical of Bitcoin altogether, on grounds of the amount of ridiculously stupid code which idiots deploy to (mis)handle Bitcoin.  Of course, that’s like criticizing computers because most software of all kinds is trash (and so are all popular CPUs!).  Solution:  Don’t entrust your bitcoins to ridiculously stupid code, and don’t use services which do.

The cryptocurrency most commonly associated with catastrophic bugs is ethereum. That’s not due to its underlying code, but on account of the smart contracts that can be built on top of the ethereum framework.

Here's the next thing. Granted, if Solidity where more strict and rigorous its developer base would likely be much much smaller.

It’s not only a matter of Solidity.  IIUC, the exploitation of loopholes in the DAO contract (not a “hack”) applied some interesting “features” of the Ethereum VM itself.  Anyway, the whole concept of bolting a Turing-complete VM onto a blockchain is sheer lunacy.

This is why I am drooling over the concept of Simplicity (PDF) for Bitcoin.  A powerful smart-contracts DSL with formally verified properties, which is designed to support writing of formally verifiable contracts, is exactly what we need.

[bob123]

“There was a bug on Bitgrail where if you placed two orders you got double balance added to your account. You could then withdraw while the orders were up and steal the coins. You had negative balance in the end but you could just make a new account.”

What the. Actual. Fuck. That would be bad enough in traditional finance or actually any online application that handles money. But in crypto such a bug becomes fatal.

Not just that.
Bitgrail Shitgrail had 2 more bugs:

1) You were able to withdraw twice the amount when following this procedure:

• Request withdrawals
• Wait for email confirmation; Don't confirm.
• Request a second withdrawal (same amount)
• Wait for email confirmation; Click on the link and confirm
• Success. You just received 2 withdrawals

2) You were able to withdraw an amount you didn't have as balance:

• Request a withdrawal
• Realize the check for the maximum amount happens client-side instead of server-side
• Manipulate the javascript (yes, javascript.. WTF)
• Profit. You just withdrew a way bigger amount, leaving your balance on Bitgrail Shitgrail at a negative amount

Those bugs don't happen by accident.
Such bugs appear when the coder has zero (really: ZERO) knowledge.

But its not like hes only unable to code properly, no.

Francesco - Shitesco - Firano claimed 17 million nano got 'hacked' and 'stolen' from his cold wallet.



To sum it up: Shitgrails owner is not just a bad coder, he seems to have zero knowledge on how to perform an exit scam properly.
The FBI already has been informed and investigations are starting. He will get what he deserves.

[HeRetiK]

This is why I am drooling over the concept of Simplicity (PDF) for Bitcoin.  A powerful smart-contracts DSL with formally verified properties, which is designed to support writing of formally verifiable contracts, is exactly what we need.

Oh yes. Solutions such as Simplicity are exactly why I give Bitcoin a better chance of survival than most of the alts. The academic work being done around Bitcoin is amazing. It might not be as flashy as the snakeoil that some of the alts are selling, but at least it has substance.

Not just that.
Bitgrail Shitgrail had 2 more bugs:

1) You were able to withdraw twice the amount when following this procedure:

• Request withdrawals
• Wait for email confirmation; Don't confirm.
• Request a second withdrawal (same amount)
• Wait for email confirmation; Click on the link and confirm
• Success. You just received 2 withdrawals

2) You were able to withdraw an amount you didn't have as balance:

• Request a withdrawal
• Realize the check for the maximum amount happens client-side instead of server-side
• Manipulate the javascript (yes, javascript.. WTF)
• Profit. You just withdrew a way bigger amount, leaving your balance on Bitgrail Shitgrail at a negative amount

Those bugs don't happen by accident.
Such bugs appear when the coder has zero (really: ZERO) knowledge.

[...]

That reads less like bug descriptions and more like a checklist of what not to do. The second point -- not entrusting critical verification to client-side code -- is literally one of the first things that gets drummed into your head when learning web development.

[nullius]

[...discussion of Bitgrail bugs...]

Those bugs don't happen by accident.
Such bugs appear when the coder has zero (really: ZERO) knowledge.

Sorry, I can’t resist—that sounds funny to me, much time as I’ve spent thinking about a different type of zero-knowledge.

I presume that if the Bitgrail devs manufactured a vacuum cleaner, it wouldn’t suck.

This is why I am drooling over the concept of Simplicity (PDF) for Bitcoin.  A powerful smart-contracts DSL with formally verified properties, which is designed to support writing of formally verifiable contracts, is exactly what we need.

Oh yes. Solutions such as Simplicity are exactly why I give Bitcoin a better chance of survival than most of the alts. The academic work being done around Bitcoin is amazing. It might not be as flashy as the snakeoil that some of the alts are selling, but at least it has substance.

“Snakeoil” is a good word for many most the numeric vast majority of the alts.  As for “flashy”, I’d say that plenty of the current and potential future features in Bitcoin (and Lightning!) are exactly that.  However, unlike snakeoil, they take longer to develop than the fifteen-minute attention span of the average social media reader; also, they’re not being hyped promoted by armies of social media sockpuppet shills and, in this forum, signature-spammers.

Developing good ideas takes time.  Developing them into reliable implementations takes more time.  Patience is a forgotten virtue, and was never known at all to the peculiar brand of technical incompetents who enjoy tossing about Other People’s Money.

[LoyceV]

Just my 2 Satoshis: I've disliked Ethereum ever since their one Unique Selling Point ("code is law" for smart contracts) got thrown out of the window after The DAO failed so hard they had to abandon their core principles and hardfork to get their money back. It proved that smart contracts are worthless if you don't understand them, which makes them worthless for almost everybody. In the case of The DAO, even the developers didn't understand the code, the only person who understood it was called "the attacker". Ironic!

I never expected Ethereum to go up in value this much after this fiasco. In my opinion, it would have been only logical to abandon the failed project. Many people didn't seem to care, and losing $500M within a year proves that once again.
Ethereum is now mainly used for ICO Token sales, which are almost exclusively very shady money grabbers. But greed wins from common sense over and over again.

Seeing how security and actual software engineering often comes as an afterthought, instead of serving as a fundamental requirement

Well said! PR is everything, create a token, a website, and a story, and people throw tens of millions of dollars at you!
Only a very small share of all cryptocurrencies put development first. Then again, it makes sense for the majority to only join crypto for quick cash. I'm really curious what will be the next phase in money grabbing, now that we've seen shitcoins, Token sales and hard forks.

[nullius]

This needs to be in a stickied FAQ somewhere:

Just my 2 Satoshis: I've disliked Ethereum ever since their one Unique Selling Point ("code is law" for smart contracts) got thrown out of the window after The DAO failed so hard they had to abandon their core principles and hardfork to get their money back. It proved that smart contracts are worthless if you don't understand them, which makes them worthless for almost everybody. In the case of The DAO, even the developers didn't understand the code, the only person who understood it was called "the attacker". Ironic!

In the abstract, what the so-called “attacker” did was no different than a smart lawyer finding a gaping loophole in a contract.  It was fully authorized use of a computer network in the exact manner which the network was declared to be intended.  Per the legally binding terms of the DAO:  “The terms of The DAO Creation are set forth in the smart contract code existing on the Ethereum blockchain at 0xbb9bc244d798123fde783fcc1c72d3bb8c189413.  Nothing in this explanation of terms or in any other document or communication may modify or add any additional obligations or guarantees beyond those set forth in The DAO’s code.”

Following those terms was not an “attack”.  It most certainly was not a “theft”!  It was only the fully foreseeable result of declaring that “code is law”, and then writing low-quality code-law with unknown, unverifiable properties.  If you dare do that because you want a flashy media event with bucketloads of investor money suddenly pouring in, then prepare yourself for your doom by meditating on the cosmic (and comic) inevitable consequences:

This is why I am so enamoured with the Bitcoin Simplicity concept, which I linked to above.  It is serious research with the goal of producing mathematically provable contracts.  We need advanced smart contracts which have no code-loopholes, just as verifiably as “2+2=4” has no loopholes.  For in Bitcoin, code truly is law.  In Bitcoin, there shall never be the disgusting sham of a so-called “irregular state change”.  In Bitcoin, there is no central authority with the ability to mandate such a thing!

(I do think that centrally managed pretenders with mathematically unverifiable “smart” contracts are fully suitable for use as toys, such as CryptoKitties.)

I'm really curious what will be the next phase in money grabbing, now that we've seen shitcoins, Token sales and hard forks.

More of the same, probably for awhile.  The people who do such things are not very creative.

Edit 2020-11-17:  Fixed broken image, added image attributes.  No previous edits, and no other changes.

[zonezICO]

Seeing how security and actual software engineering often comes as an afterthought, instead of serving as a fundamental requirement, it comes to very little surprise to be honest. I guess that's the downside of the comparably low entry level when it comes to developing crypto related software (as opposed to, say, traditional finance, military and aircraft applications).

Properly handling immutable, decentralized transactions is hard and mistakes are costly without recourse. Even moreso when it comes to smart contracts. It seems like a lot of companies and developers haven't yet fully fathomed the implications of what processing irreversible scripts and transactions really means.


I mean...

“There was a bug on Bitgrail where if you placed two orders you got double balance added to your account. You could then withdraw while the orders were up and steal the coins. You had negative balance in the end but you could just make a new account.”

What the. Actual. Fuck. That would be bad enough in traditional finance or actually any online application that handles money. But in crypto such a bug becomes fatal.

The cryptocurrency most commonly associated with catastrophic bugs is ethereum. That’s not due to its underlying code, but on account of the smart contracts that can be built on top of the ethereum framework.

Here's the next thing. Granted, if Solidity where more strict and rigorous its developer base would likely be much much smaller. Nonetheless I'd argue that such strictness would be required to allow somewhat reliable smart contracts. With Solidity it may not be a code issue, but it's definitely a design issue. I don't follow Ethereum all that much, so I might be missing parts of the big picture, but what I always ask myself is: If blockchain veterans such as the Ethereum development team is unable to design a sound smart contract platform, how can we expect blockchain rookies -- which is what most of us are, given how young crypto is -- to implement reliable smart contracts on that very same platform?

Sorry if this post comes off as ranty, I guess irresponsible code just kind of grinds my gears.

I wholeheartedly agree with you.  I couldn't believe that there was apparently a client-side JavaScript exploit on that Bitgrail exchange, where that was the only check it had to verifying an accounts balance!?!  Seriously, code that runs in someone's web browser, wtf?  That type of foolishness wouldn't make the cut for a web game, to say nothing of financial transactions of real value.

In my view, best-practices standards are needed for security and code audits.  There are many attempts at this out there, it needs to be pulled together, structured and maintained like RFC or BIP standards are, and proliferated through the field.  Especially considering we are dealing with a rapidly evolving technology, these standards need to be maintained on an ongoing basis.  I know the steps I take to lock down a server today in 2018 are different in quite a few ways than they were in 2014, for example.

My organization is going to be looking at this issue because it's a real problem that needs some coordinated focus.  We're conducting our launch fundraiser right now with an Ethereum ERC20 token, but I have real concerns with the stability of that platform moving forward.  A deep dive is in order with some consultations with the gurus before I make any long-term decision I'll live to regret on platforms.  In some ways it's a shame, the Ethereum platform does seem good "on paper", but has some real flaws that need to be met before I would place the kind of trust in it that you do to a financial institution.

If a bank lost $500M in a year, people would be in jail!  (Well, maybe not here in the U.S., but only because the banks own our government [for now]).  But who would bank with a company that was so careless with funds it has custodial control over?

I might sound ranty back, but it's only because it's so outrageous.

Best regards,
Ben

Do you think certain practices such as TDD/pair programming/ and certain languages such as using a functional like Haskell/Lisp/F#/Clojure/Elixir/Erlang would've prevented these types of situations to begin with?  While anybody working with the web HAS to be proficient at JS, due to bugs from mutable state and potential tight coupling, I've really been reluctant to dive deep into C++/Python/(anything JS related Node/Solidity) when by just using another language, all of these potential threats are mitigated by default of the language.

Plus, as you mentioned, people would be in jail for losing large amounts of money, the potential liability a company has, to me at least, makes this a no-brainer. 

This thread is just another reminder of how important clean code principles are. 

Z

[nullius]

Seeing how security and actual software engineering often comes as an afterthought, instead of serving as a fundamental requirement, it comes to very little surprise to be honest. I guess that's the downside of the comparably low entry level when it comes to developing crypto related software (as opposed to, say, traditional finance, military and aircraft applications).

Properly handling immutable, decentralized transactions is hard and mistakes are costly without recourse. Even moreso when it comes to smart contracts. It seems like a lot of companies and developers haven't yet fully fathomed the implications of what processing irreversible scripts and transactions really means.
<snip>

Do you think certain practices such as TDD/pair programming/ and certain languages such as using a functional like Haskell/Lisp/F#/Clojure/Elixir/Erlang would've prevented these types of situations to begin with?  While anybody working with the web HAS to be proficient at JS, due to bugs from mutable state and potential tight coupling, I've really been reluctant to dive deep into C++/Python/(anything JS related Node/Solidity) when by just using another language, all of these potential threats are mitigated by default of the language.

As a general rule, good programmers can write good code in whatever language they happen to use; and bad programmers will write bad code in any language they try.  Moreover, no formulaic technique will turn idiots who don’t know what they’re doing into software engineers.

Bitcoin Core is the gold bitcoin standard for reliable Bitcoin software.  It is written (primarily) in C++.  Programmers such as gmaxwell, sipa, and others who write excellent code for this project have no need to switch to another language, unless they find technical reasons which would make another language a better tool for the job.  Also, they have no need to be taught “certain practices”—whatever they do, it is evidently working.

I myself write in C.  In my experience, one ready means for me to find a fool who has scant, shallow understanding of technology is to wait for someone to give me a popular speech about “memory-safe languages”, or whatever.

On the flipside, the idiots who created the software disasters in this thread could have been writing in pure Haskell—they still would have created disasters!  Morons who even think of using client-side validation code for financial transactions are innately incapable of writing good code.

There is no magic bullet for creating the software engineering of which HeRetiK speaks.  And those who believe that the former exists, will never do the latter.

One exception to the aforestated general rule is such a thing as smart-contract code which lives on the blockchain.  That code must be absolutely free of bugs—including as of compiler bugs, etc., which can undermine even perfectly-written code.  For any relatively complicated program, the only means to guarantee bug-free code is to mathematically verify its properties.  That is why I am so excited about the Bitcoin Simplicity research, as discussed above; but that is still in the early research stages.

Plus, as you mentioned, people would be in jail for losing large amounts of money, the potential liability a company has, to me at least, makes this a no-brainer.

I think the first step is for people to stop grabbing onto crypto-nonsense, from fly-by-nights who bang out shoddy code for Bitcoin, to ICOs of any kind.  There is an incentive to write awful quality code, when people actually buy into it.  As LoyceV observed only a few posts ago:

Seeing how security and actual software engineering often comes as an afterthought, instead of serving as a fundamental requirement

Well said! PR is everything, create a token, a website, and a story, and people throw tens of millions of dollars at you!
Only a very small share of all cryptocurrencies put development first. Then again, it makes sense for the majority to only join crypto for quick cash. I'm really curious what will be the next phase in money grabbing, now that we've seen shitcoins, Token sales and hard forks.

(P.S.:  Please trim your quotes.  Thanks.)