Nice work, but honestly I'm not sure why they bother.
The article states that the purpose of these smart contracts is:
"Stake your tokens with us and you could be the next cryptocurrency millionaire"
That's an obvious scam. Anyone who gave real money to such a cause has already lost it. So why is the author giving away his time to help the scammers?
'Yield farming' has been very popular the past few months. Compound Finance was the first to kick off the hype by giving away their governance tokens to people that used their platform. You can compare it to Facebook giving you some of their stock by being an active user.
The end game of those governance tokens is for them to control the whole platform, so absolutely no changes can be made to the platform without being voted in by the token holders. All of this is enforced trustlessly on the blockchain through smart contracts. As a token holder you really own part of the platform.
This is a very powerful concept, so a lot of people are interested in buying those governance tokens outright. So what you can do is put your money in one of those platforms, receive governance tokens and sell them to people that want to buy them outright. You can make quite good money doing this.
Now a lot of projects popped up that basically had nothing to offer, yet people were still buying their governance tokens, meaning you could still make money by putting your money in there and selling those tokens to those people quick before those tokens became worthless, basically an advanced game of chicken.
So what I'm saying is not all of those 'stake your money and receive tokens' are outright scams. There are some very legitimate projects being built that give away governance tokens. Uniswap comes to mind, the most popular decentralized exchange, doing over half a billion in volume yearly. There's of course a lot more nuance and not everything works as it should yet, but there's a lot of interesting stuff being built every day.
I just don't understand the entire article - who is this guy? What is he doing? Why is he doing it? What are the dozens of different acronyms in this article and what do they mean? Who owns the 9.6M dollars and where was it at the risk of going?
Maybe this is a good article for someone deep into crypto, but for myself, as a casual morning read - I have no idea what happened.
What I pieced together from the referenced “dark forest” article, ethereum cryptocurrency allows you to upload programs (smart contracts) that specify under what conditions cryptocurrency changes hands. If there are bugs in these programs, the money can be stolen. Fixing the bugs after the fact is only possible with new contracts, and there are bad actors constantly scanning the newly uploaded contracts, copy them while making themselves the beneficiary. This is fully automated. To bypass this they gave the contract directly to a miner, so it is only publicly visible after it is run/completed. I can imagine the appeal of working on this, it is really a specialized type of unpaid white hat security researcher.
The money was in limbo due to a bug in a contract. There are contracts (monsters) that scan for such bugs and situations to profit from them. The guy tried to save the money from the monsters and failed.
The situation was worse since it happened already in the mempool where the pending transactions reside.
I am dabbling a bit in the Tezos currency and environment and find this 2 language projects interesting aimed to increase safety: https://github.com/metastatedev/juvix (alpha) and https://archetype-lang.org/
Not saying it might have helped in the concrete case.
Honestly I just read through it like it was a cyberpunk short story. His heart is pounding as he collaborates with super-hackers all over the world in an effort to rescue some desperate person's millions. All of the jargon was totally lost on me but gave it a certain flavor.
My personal take on it is that between the anime avatar, the constant verbiage, the hero complex and the relectance to properly document things, it feels more like kids playing at finance than actual professional.
I literally just saw someone advising people to liquidate their 401K to buy uniswap. Whether they explicitly say it is a get rich quick scheme or not, this is the message the marks are receiving.
Wow. Did that person give an explanation why?
I follow "blockchain world" fairly closely and I really fail to see much value to UNI. But I have seen people speak quiet exuberantly about it. I am wondering what their thesis is.
Two things: if digicoins have a deservedly bad reputation, maybe it shouldn't be defended. And: if this is defending their reputation I'd hate to see what attacking it looks like. I have never wanted less to be involved in cryptocurrency or been more skeptical of it's future than now having finished reading this article.
Yes, if you're an enthusiast, it seems like good, technical fun.
But I have no idea how an "investor" could read this and think they can price the risk correctly. This isn't even the wild west of finance--this is intergalactic space.
It's way safer and less complex than you would expect. Most staking contracts are a copy-paste of two basic staking contracts (from synthetix and sushiswap), so it's enough to do a text diff and see what was changed, which is trivial. For more complex contracts that do something more, funds at risk are the best bug bounty there is - in the current environment if something had >$10M for a month and wasn't hacked, it most likely can't be trivially hacked. Bzrx, the single most incompetent defi platform, was hacked just two weeks after a relaunch for $8M - most likely someone was waiting from the start for it to get enough funds to make the hack worthwhile.
Almost no hacks happened during the entire yield farming craze.
Key word trivially - some contracts are custodial, so if someone hacked the owners (or they turned out to be scammers) funds could be stolen, which arguably has a reverse Lindy effect in the beginning. Fortunately people are starting to demand at least timelocks and/or multisigs. Another risk is how well liquidations function during a price crash, for protocols that need them.
The current risk premium was and still is absurdly overestimated, but that was a good thing (for me) as without it three or even four digit APYs wouldn't last a day, but thanks to the unwarranted risk premium they lasted about 2 months. During the short peak three weeks ago it was possible to make even ~8% per day (on millions of dollars - good liquidity), completely risk free (trivial staking contracts). The great crypto bullrun of 2020 already happened and few outside of ethereum even noticed.
You will see billions flow into defi on ethereum as others realize the real level of risk too (which guarantees those astronomical returns are never going to return - but even 10% apy on dollars is good in the current environment).
In total, I did this with about 40 different farms. There was a time when there were several new ones every day. For a while it was pretty much a 24/7 job as maximizing apy required constantly jumping to some new hype. I was constantly afraid of depositing into a contract that would allow the owner to steal everything, but the worst I noticed were locking bugs + two contracts that allowed the owner to mint infinite tokens (of these two, only one used it to clean the liquidity pool).
The list of farms in that reddit post is obsolete (I think only sushiswap is still running, but with low roi), in general this particular way of making money has run its course.
"In total, I did this with about 40 different farms. There was a time when there were several new ones every day. For a while it was pretty much a 24/7 job as maximizing apy required constantly jumping to some new hype."
My friend made over $500k from the Uniswap airdrop, he woke up on Thursday and realized he had another half million dollars. He sold it all immediately for stablecoins, and actually missed out on another $750k if he had waited a few hours and sold at the UNI peak.
So yes, it is crazy and complex and difficult, but the rewards are vast for those that dare enter the world.
Every transaction is two-sided. I don't follow the crypto markets in detail any more, but if there was a "UNI peak", then someone who dared to enter the world exchanged stablecoins for Uniswap at about the time UNI peaked. That daring transactor might not agree that the rewards are vast.
Timing markets at the hour level is fraught with risk and cannot generally be done without information not known to the broader market.
I gave you everything you needed to know! Uniswap airdrop! $500k profits! The rules of the airdrop are published! If none of this makes sense to you then you aren’t even remotely in the crypto space. Uniswap is the biggest dex in the world! Do 20 minutes of googling
I believe I already know everything I need to know here. I am concerned not about myself but those susceptible to being persuaded by statements a la “my friend made 6 figures” with no further substantiation, especially in these troubled times.
His friend didn't "make" the money. The token was airdropped to every account that ever used the exchange or has provided liquidity. I had two accounts with a couple of transactions each - bam a nice surprise of a few thousand USD worth of value. It's very odd and unexpected. I never make money off of crypto but perhaps it just pays to be in something new. Right time and right place as they say.
I just don't understand - where is that money coming from? You said you suddenly and unexpectedly got a few thousand USD - that sounds to me like someone on the other end, somewhere, just got scammed out of few thousand USD? It can't be just investor money being randomly deposited into accounts "for the lulz"?
The USD figure is more akin to valuation of a company than that amount of USD in hard currency. Probably not inclusive of expenses and risks associated with converting it into cash.
How that value is earned and calculated are interesting questions.
Nobody got scammed. It's pretty much like an IPO. The project distributed tokens, not dollars. Coinbase and a few other exchanges listed them and trading started with the tokens fetching a certain price. I sold some on Coinbase, got money - that's it. The token is a "governance token" and I, personally, don't see much value in it but I do not follow this too closely. In theory the token gives the holder a future say in the direction of the projects and maybe a cut of the profits.
Not directly, but to a hypothetical criminal with millions of USD in illegally obtained currency investing into tokens, hyping said tokens (including, of course, giveaways) and then selling tokens on a peak could look quite compelling. I presume typically laundering loses money, but in this case it could even be possible to make a profit.
I have no reason to believe that the commenter misrepresented anything. It is entirely plausible. If their friend was a liquidity provider then the value of friend's airdropped tokens would have been much greater than mine.
Being a liquidity provider is not free so we’re back to some guy claiming “my friend made half a million! rewards are vast for the brave!” and the question “but on what investment?”
I believe it’s more than fair to request specifics since we can’t know whether poster’s solvency depends on a token appreciating in value—after all, if it does, what’s a better way to maintain token value than promise millions on a public forum?
Yes - you are yet another person speaking authoritatively on a subject while knowing basically zero. As an added bonus you freely admit you have no intention of learning anything, either! I have my public name here and my reputation in the industry carries my statements.
You paste the same comment everywhere. If you don’t want to trade crypto, don’t! This is the riskiest asset class around. Another benefit of our voluntary society - the freedom to use index funds.
Wrong! UNI was airdropped for free to all previous users of uniswap! No one lost anything. And in any trade, both sides have a coincidence of wants, so no one “loses”.
That’s probably the argument that the Wolf of Wall Street used to defend his boiler room schemes. “The penny stock company issued 100M new shares for free, no one lost anything, we sold them to people who had a coincidence of wants.”
Defi yield farming is too dangerous for people who are not deep into the space. It's like listening to hedge fund traders talk shop and hear the type of trades they do to make alpha.
If you want to dabble in crypto, make a Coinbase account and go 50/50 BTC and ETH, and don't sell until you retire.
If you want to play with the fast money Defi, then you need to do a lot of self-study and learning.
Wrong, there was never any luck involved. The single worst case scenario was that the token price dumps to 0 immediately after I deposit, which would mean I don't even make the gas fee back. Didn't happen.
Stay away from putting money into unique smart contracts that haven't been running for a long time with a lot of activity. Stay away from smart contracts that are custodial (where the creator is given privilege to all depositors' funds).
> But I have no idea how an "investor" could read this and think they can price the risk correctly. This isn't even the wild west of finance--this is intergalactic space.
To be a successful investor, you don’t necessarily have the price the risk correctly, you just have to price it better than others.
I imagine someone successfully investing in crypto can read stuff like this fluently.
Anyone "successfully" investing in crypto got in at least 4 years ago or when we the last big run up was and just held in a reputable exchange or in their own wallet that they secured well.
They don't need to understand anything really except how to deposit 5000+ in a reputable exchange. I think this makes up most successful crypto investors.
Many "investors" are working very far outside the law, are used to very high levels of risk and desperately need different ways to keep their assets out of view from authorities.
I still don't understand what's happening at the core of this and the other dark forest post from a few weeks ago. How exactly are these bots front-running/stealing the ethereums?
My understanding:
-these bots scan the smart contracts that are waiting to be executed by the miners
-the bots find vulnerabilities (another grey area in my mind) in the contract
-the bots adjust the destination address of where the contract is supposed to send the the ethereums
-then the bots continually execute the vulnerable smart contract code
Imagine that everyone agreed that just one slow computer would handle banking, contracts, and the stock markets for the entire world. This gets rid of any pesky concurrency issues. To move money from person to person, or to execute contracts or programs, you write up a sticky note with what you want to have done, sign it, and attach some money to it. Once every couple minutes, the computer administrators come out, collect a couple notes with the most money on them, and feed those into the computer.
The Dark Forest attack is possible because everyone can see all the notes on the board waiting to be processed, and everyone can simulate exactly, precisely what the really slow computer will do with a given note.
Suppose you found someone wanting to sell TSLA stock for $5 and someone wanting to buy it for $400. You would write up a note to buy it for $5 and sell it for $400, and stick it on the board. However, the moment you put the note on the board, the attackers and their automated telescopes have simulated that this note results in the holder having $395 more than they started with, and gave nothing away in return. The attacker then simulates an alternate future in which they post the note instead, and verify that they get the money. It works! So the attacker copies your note, signs it themselves, puts a much bigger wad of cash on it than you did, and slaps it up on the board.
When the operators come out, they collect the attackers note first (more cash) and by the time your note is run, the opportunity is no longer there.
Great summary of one of the major problems with trading (and related financial activities) on public blockchains. The root of this particular issue is that transactions are not processed sequentially but ordered by how much someone is willing to pay.
Having spent much of my professional life designing and building trading systems, and despite the problems with current blockchains, I’m convinced there’s something here and blockchain technology can massively improve finance in a number of areas (cost, pace of innovation and openness/fairness of access being the big ones). What we’re looking at now on Ethereum and other platforms is a set of early experiments, and some weird (and often unsavoury) artefacts of the fact that technical research and experiments are intertwined with, and creating, financial assets and economic systems.
At my company, we’re working on the hard problems required to do this properly, and one particular area of research that we’ve contributed is a “fairness” protocol that can be added to the consensus layer of decentralised systems to provide a better alternative to ordering by fee for financial trading and that would prevent this sort of issue. We’ve published a paper describing this research at [1] if you’re interested, and a more accessible talk by the author, Klaus Kursawe, on the topic can be found at [2].
Disclaimer: my company is building a decentralised trading protocol for serious, professional use cases, and the linked research is part of our effort to achieve this mission.
Great analogy! The only thing I would add is that, if your arbitrage trade takes away too much money from an account belong the core devs (which would be like, the regulators responsible for the computer), they would retroactively undo that transaction in the computer's logic (force a hard fork).
> (which would be like, the regulators responsible for the computer)
no one is responsible, that's the whole point. The thing runs by itself and game theory keeps it afloat - not a group of people. Else it's just like a company.
That said, the protocol isn't finished and you have people involved in maintaining and upgrading the protocol. Which is in no way forced down upon everyone: once they have an update everyone is free to choose to run it or not.
These people have influence (you could argue too much) about the future of the protocol.
> if your arbitrage trade takes away too much money from an account belong the core devs
This is not why these decisions were made at all, because some core dev instested in the DAO.
Bottom line: The core ETH team used their political influence to escape the consequences of "Code is Law", the very same criticism they made of existing legal systems -- that outside parties can come along and void the plain meaning of contracts and laws. That is the height of hypocrisy.
The decision-making and communities of Ethereum (this goes both for the clients, the blockchain, the foundation and the larger community) looks completely different today compared to 2015. There has been a lot of lessons learnt, debate and churn since.
If they same thing happened today, it'd play out completely differently.
See the Parity Multisig hack, for one.
Finally, it's a stretch to call the dao hack "arbitrage trade".
>Finally, it's a stretch to call the dao hack "arbitrage trade".
It is absolutely not. It is exactly the same from the value judgments of the ETH project, specifically "Code is Law". The DAO specifically went as far as endorsing that the software execution takes precedence over the reading of the English functionality spec.
The ETH system, but the core values of ETH, should do exactly what your arb contract specifies, and exactly what the DAO contracts specify, even and especially if that's not what the writer originally intended. To selectively reneg on that principle would be wrong for the same reason as doing it on an arb contract.
> the simultaneous purchase and sale of the same securities, commodities, or foreign exchange in different markets to profit from unequal prices.
What’s being bought and sold? Who’s the counterparty?
I’m not arguing right and wrong, just that you can’t call any permissionless extraction of value from a contract “arbitrage trade”.
And again, incorrectly assuming that 1) it somehow sets a precedent 2) the people making the decision then are the same that would be making it today 3) the overlapping people would make the same decision today as then 4) the EF and core devs have a strong authority on these matters
There’s always ETC if you want to stay on the timeline where the DAO hack executed as specified without being overridden. No one forced anyone to fork.
It sounds like the whole system has a huge public goods problem. In the real world stock market, buying TSLA is a signal that you believe the price is good, and if you're a big enough investor, your buy might move prices up before you complete. In this world, other people can steal that signal and move the price before your transaction even starts. Isn't this a design flaw?
There are ways to make marketplace contracts which allow buy and sell orders like this that aren't vulnerable to front-running. It's possible to have the buy and sell orders happen off-chain and then be settled on-chain later (Loopring works this way; there are other benefits to this system too such as speed of execution and lower fees), or for a marketplace contract to require orders to be preceded by a precommitment transaction, which includes a hash of the upcoming order, so the upcoming order can't be frontrun because the frontrunner would need to do their own precommitment transaction first.
Note that a marketplace contract like this isn't the only kind of smart contract; it's not the case that all smart contracts have the potential for front-running vulnerabilities. For example, there are smart contracts that do things like manage community funds and require people to vote on how the funds are spent, which don't do anything that could be vulnerable to front-running.
And then the OP is about privately asking some of the slow computer's owners to run your sticky note without showing it to everyone first. If this is good, why not let everyone do it?
It's much simpler than that. (Also, you appear to have a few concepts mixed up. For instance, one doesn't execute smart contracts, but rather transactions. Smart contracts just sit there until someone sends a transaction to one, at which point it executes that transaction.)
What the bot does is that it checks each transaction that is waiting to be executed and simulates sending that transaction itself on a private blockchain forked from the real network. If the simulation results in a profit, it frontruns that transaction -- i.e., it sends the transaction itself for real, but bidding a higher price than the original sender did, so that its transaction will get executed rather than the the original transaction it's copying.
It doesn't need to perform any sort of vulnerability scan; it just mimics other people exploiting arbitrage or vulnerabilities and pays more to get there first.
Similarly, it doesn't need to adjust any destination addresses. It's just looking for arbitrage opportunities or vulnerabilities that will direct ether to the sender. Smart contracts are entirely capable of getting the address of the message sender, and using that as a destination to send ether to. So the bot doesn't need to adjust the transaction data at all, which would be substantially more complicated.
You put your gold in a box and stuck it in the ground in a ranch in the middle of nowhere. No one knows there is gold in a box in the ground so it's safe. But people know that other people but gold in boxes and stick it in the ground.
One day you go to get it so you load up your pickup with gold digging equipment and drive to the ranch. On the way are spotters. They see your truck has gold digging equipment. They see that the road you're going down leads to the ranch. It's obvious what you're going to do.
They load up their faster Ford Ranger and blaze down the road. You can't catch up. They have a faster car. You get there. They have taken your gold.
If you hadn't gone there, the gold was relatively safe. Maybe some day someone happens on it but realistically probably not.
But you went. By looking for it you revealed you were looking and you revealed where you were looking.
My understanding of the front-running issue in these two cases is that a human being found vulnerabilities in particular smart contracts, which would allow anyone to claim the value protected by a particular contract. The human beings wanted to use these vulnerabilities to transfer the value somewhere, such as to an escrow account or to the original owners of that value. However, since the vulnerabilities allow anyone to do this, the front-runners could take this value for themselves by noticing the humans' attempt to execute the transactions, and then more quickly executing the exact same transaction with a different destination.
You can't take advantage of a "normal" cryptocurrency transaction this way because the "normal" transaction is like a super-minimal smart contract that's designed to pay only one hard-coded recipient. Therefore, that transaction either happens or doesn't happen, but its recipient can't be altered. Nor can you take advantage of a non-vulnerable smart contract this way, because the non-vulnerable smart contract can't be triggered to perform an action that its creators would consider inappropriate. But for a vulnerable smart contract, there's a series of events that would cause it to send value to an arbitrary address (and not in exchange for some other adequate compensatory value). It's this case where the front-runners want to find a way to swap in their own addresses for these transactions, and that's also why obfuscation could deter that -- making it hard for the front-runners to notice that that was possible.
I think it's an important detail to point out that legitimate transactions mostly aren't vulnerable to the "Dark Forest" issue. A lot of comments I'd seen on the original "Ethereum is a Dark Forest" blog post seemed to be under the impression that this was a general Ethereum issue affecting normal users.
Arbitrage trades and related activities like MakerDAO keepers would be legitimate transactions vulnerable to this (essentially someone else extracting the value from their discovery). Granted that is a very small subset of users.
Liquidation contracts and Arbitrage contracts do check the caller and would not allow to be executed by non-approved senders. This raises the bar, so that you can front run only contracts that you can implement and deploy.
If anyone could just replace an address and execute a profitable transaction by being first on existing contracts, surely miners would be doing it already, no?
> If anyone could just replace an address and execute a profitable transaction by being first on existing contracts, surely miners would be doing it already, no?
Basically a human realizes that smart contract X is broken, and tries to enlist others to fix it. However, given the decentralized and generally shady nature of crypto, the process of disclosure also means a bad actor could get wind of the bug before it's addressed, and use the exploit to steal all of the money.
Thus, you have white hats racing to siphon money out of a buggy, immutable contract which also happens to be worth millions of real dollars. It'd be funny if there wasn't so much real money involved.
I love that they're continuing the Dark Forest analogy! Makes me also realize I never want to dip my toe in crypto like that. It's like an amateur going up to an entirely unregulated wall street and expecting to earn some quick cash.
Amateur has nothing to do with that. Ethereum, and "smart contracts" in general, are built on such shaky foundations that unless shakiness is what you're looking for, you have nothing of interest to find there.
Because there is no real formal verification process for smart contracts, it's extremely easy to slip bugs into the contract code, the contract itself is generally immutable (can't fix bugs), and the effects of a breach are generally catastrophic and irreversible.
You are incorrect. Contracts are immutable but you can upgrade your application. There are different patterns, one where you make a shell contract that has pointers to contracts with actual business logic.
Also, there are patterns where the user needs to confirm that yes they want to use the new version.
> there is no real formal verification process for smart contracts
Not following here, instead of process you mean no requirement to do so? The process is pretty clear and simple, there's a few different frameworks being built for smart contract formal verification along with the traditional methods working fine.
What was the last bit of code you wrote or used that was formally verified?
Yes. Stay away from Ethereum altogether if for investment and simply put amounts you are willing to invest into Bitcoin.
Ethereum DeFi currently ongoing is extremely risky and insecure in the longterm for various reasons. The open smart contracting is super dangerous, the Ethereum blockchain is way too bloated, the fees are shooting up, and it was designed to be a shared computer, an EVM for running things. Bitcoin is an investment and sound money. They do not compare and don't have the same end goals.
The word you want here is "ethereum" not "crypto". Crypto is cryptography, and even if you want to redefine it as 'cryptocurrency' the sheer reckless yolo incompetence and scammyness of ethereum is not especially representative.
I think "crypto" can mean cryptography or cryptocurrency depending on context. Every cryptocurrency I've seen has a Dark Forest, even if it's not as bad as Ethereum.
For example, if you create a private key using something guessable [1], point a camera at a QR code [2], or make a wallet using software you didn't write yourself [3], you can expect your money to irreversibly disappear faster than you can react.
What IS a "representative" cryptocurrency, then, if the #2 by market cap is not representative?
Would it be Bitcoin, used for such time-honored business as drug purchases and hiring contract killers? Would it be Tether, the fiat currency for people who think that central banks are excessively transparent?
The one extra element that Ethereum brings to the table is computationally much more powerful contracts, which makes it technically intriguing, but also adds another level of scammyness and incompetence to the enterprise.
Perpetuating myth and propaganda that even the US government doesn't say about Bitcoin, I see.
Did you pay attention to the recent Bloomberg article about cryptocurrencies being the best gaining asset class of 2020, or the article about the $2 trillion dollars worth of laundered money being done using traditional USD and banks? And how much money was laundered through Bitcoin again? A money that is very hard to hide. Bitcoin has smart contracting so it would appear you're just regurgitating things you've read rather than reaching into an in-dept knowledge on this subject.
> cryptocurrencies being the best gaining asset class of 2020
And tulips were the best gaining asset class of 1636. The existence of speculation is not proof of the soundness of the underlying asset.
> trillion dollars worth of laundered money being done using traditional USD
The difference being that I have firsthand knowledge of honest economic activity being conducted with USD. I see practically zero evidence of cryptocurrencies being used in any honest economic activity, other than speculation.
> Bitcoin has smart contracting
Yes, but my understanding is that Ethereum can handle much more complex contracts.
In terms of ethereum, do you mean ethereum smart contracts? The ethereum platform, as defined by it's creators, is actually quite technical. Anyone who spends the time to learn the Solidity language and what it takes to deploy a smart contract is free to, so yes there can be legitimate, illegitimate, poorly designed or well designed smart contracts, just like other software programs.
interesting read - seems like the solution to the dark forest is equivalent to a dark pool in traditional finance?
the logical conclusion is that within a few months we'll have dark pools run by miners who will process your transactions without broadcasting to mempool, in exchange for an increased gas fee. and, within a year, we'll find out that some dark pools sold order flow to those HFT's anyways, a la UBS https://sites.law.berkeley.edu/thenetwork/2015/01/29/ubs-dar...
The transactions still have to be valid (accepted by majority) to get consensus.
It's just that some subset of valid transactions are exploiting vulnerabilities in poorly written contracts. In this case, you want to make dead sure that your "good" exploit runs first.
I agree. Due to specialized compute taking over mining and economies of scale most cryptocurrencies don't do what they say and are manipulated by their big pools (like this) consistently.
All this research into smart contracts and crytpocurrency may seem pointless and a waste of time. It is very risky to dabble in, and I don't think assigning value to these "bitcoins," or whatever they may be called, will be the lasting effect of all this research. Perhaps some new programming language, or something we haven't even thought of, could be the result of these people working on the outer edges of current knowledge.
Love whitehat crypto postmortems like this. They always read like heist movies.
Curious about the use of SparkPool to bypass the mempool and get the transactions minted directly into a block. It looks like anyone can sign up and contribute their hashrate to SparkPool. Is there a risk of malicious miners running workers in their competitors' pools and then frontrunning?
AFAIK only the pool operator can see the full set of transactions for the block being mined. Pool workers only get to see the block header for the new block. This header only contains the hashed root of the transaction tree, and so they are unable to front-run private transactions in this way.
Makes me think of salvage operations, and then raises the question of how do people get paid? They're providing a valuable service. I think in shipping there are both conventions and an ability to quickly negotiate that allows contracting for a salvage ship to rush to the aid of a grounded or sinking container vessel.
Yes, there are. It's the Lloyds Open Form.[1] "No Cure - No Pay". This is the standard deal for salvage operations, and is well over a century old. It's very simple, since it's intended to be executed by someone on a sinking ship. It's sufficient for the captain of a ship in trouble to contact a "salvor" and say they accept the standard Lloyds Open Form. A message "ACCEPT SALVAGE SERVICES ON BASIS LLOYDS STANDARD FORM LOF 90 NO CURE NO PAY ACKNOWLEDGE" is enough.
Contractors’ basic obligation: The Contractors identified in Box 1 hereby agree to use their best endeavours to salve the property specified in Box 2 and to take the property to the places stated in Box 3 or to such other place as may hereafter be agreed. If no place is inserted in Box 3 and in the absence of any subsequent agreement as to the place where the property is to be taken the Contractors shall take the property to a place of safety.
The Contractors’ remuneration and/or special compensation shall be determined by arbitration in London in the manner prescribed by Lloyd’s Salvage Arbitration Clauses in force at the date of this agreement.
That's the deal.
You need some agreed way to resolve how much the job is worth for this to work. The Lloyds Open Form is an agreement to do the job and discuss later how much it's worth. That's generally settled by insurance adjusters. It's much like the aftermath of auto accidents.
How much does the salvor get? 15% - 35% of the recovered value, reports Lloyds.[2] Of course, salvors work under tough conditions. They have to have equipment and people ready 24/7 to go somewhere and do something. That's expensive. Some classic worldwide names exited in the past decade. Mammoet and Titan both dropped out.
All this is against accidental losses, not against an adversary. Where there's an opponent, it's a much tougher problem. Marine salvage is vs. the ocean. Whether this model can be made to fit programmed contract problems or ransomware is a big question. One worth pursuing.
The people helping here did it for compensation in the form of good will with key players and/or potential future customers of their respective crypto products.
If you're going to use two similar looking services for something using ETH, do you go with the one by some no-name or the one created and championed by community heros?
"Smart contracts" has always seem incredible dumb to me. Code that controls how money being transferred that cannot be updated or changed even if a bug is found.
Awesome design. It is like the opposite of what I would want to control my money in any transaction.
Very interesting story, it really does sound like a scifi thriller to me.
It also makes me wonder what type of legal battle would ensue if a blackhat were to have taken all of these funds instead, I'm not sure I've seen any public high-profile cases like that yet.
I offer that anyone who did the work that these researchers did would have also been “rightful owners” of that money.
This is the consequence of programmable money; there’s no getting around it, and, in my opinion, people shouldn’t want to. Rescuing people and brands who don’t put the effort into security from the consequences of their own mistakes isn’t a net benefit.
I'm all for anonymous teams, but look at the hoops this person had to jump through just to get in touch with them to report the bug.
When you're anonymous, all you have is your brand, and theirs should have burned to the ground for this entirely preventable error.
I agree with this. The whole "value" proposition of cryptocurrency is that there is no governing authority, no undo, no takebacks, the code is the only law. If that's _not_ what you want, you should 100% be using a bank instead.
All that "rescuing" people who have fucked up does is make the system seem more artificially reliable than it is. Providing a failsafe to people who have very deliberately and explicitly eschewed failsafes (at extreme effort and by subverting the system itself, no less) seems rather pointless and paternalistic.
i tried writing some toy Ethereum smart contracts circa 2016. at that time it was immensely difficult to write them in a secure way -- even a simple "hello world" level Solidity contract could easily have exploitable bugs if you don't code in an extremely defensive style.
i'm told things have improved since then -- can anyone who's used Solidity more recently comment on this? is it true?
this, plus the fact that putting information from the real world onto the blockchain unavoidably requires some trust, seemed like the two big problems then, and it seems like they haven't really been fixed.
Well, what are the fixes? Writing "smart contracts" is not meant to be for anybody but very seasoned developers. Also if you write a contract and do not get it audited by 3rd parties than nobody will (or should) take for anything other than a toy application. That's just the nature of writing immutable code that potentially transfers a value.
About Solidity in particular - I think most people would say it's not the best. There are endeavors to develop better languages but Solidity has become quiet deeply entrenched in the Ethereum world. Everybody is busy with much more pressing issues - like scalability.
And yet the marketcap of the funds locked in a subset of contracts on Ethereum is almost 10 billion today (https://defipulse.com/) and I have been using a popular contract wallet for a while to hold my funds and transact with friends. So clearly it cannot be nearly as catastrophic as you mention, no?
Sure, but it is still redeemable value for an attacker, yet attacks are relatively scarce. Or scarce enough for people to keep putting money into it. That's the point I was trying to make.
I know what you mean by "no underlying assets" but I'd say it's arguable. Does BTC (WBTC) have value? By this time it seems like it does. There are also billions of dollars of "stablecoins" on the network. Are they a valid underlying asset? So far it seems like they are... Things have no underlying value until they all of a sudden do, I think that's the story of Bitcoin. A story of value too.
what i recall was that there were many pitfalls even to do something simple, and this event suggests that even experts may find it difficult to avoid mistakes.
part of the challenge was just the inherent weirdness of the ethereum execution environment, where the functions you write can be directly called by an adversary, and they can set up their own version of the stack however they want.
it didn't seem like the language helped to mitigate the inherent difficulty however.
People say the same thing about manual memory management, garbage collection and memory leaks, but to be honest, something about conceptually leaving out the UX of such a powerful tool (like memory allocation) always rings hollow.
If writing "smart contracts" is to remain not for "anybody but very seasoned developers" how can that not seem like anything but a giant gaping hole in the conceptual abstraction itself? Do you think people say the same thing about payment processors? What do you think would happen if Stripe approached its API the same way? Sure, one is a proprietary payments processing system and the other is an entire decentralized virtual machine for contracts. I get that.
But implying that "everybody is busy with much more pressing issues" despite admitting "most people would say it's not the best" really implies a blind spot. Successful technologies end up building layers where folks who aren't "very seasoned developers" can't hurt themselves. Pretending that these layers don't exist or emerge or deliver value is omission.
One of my good friends has a saying, "Humans are really good at optimizing the hell out of the wrong thing." I can't help but think that when reading about any sort of heroics involving blockchain.
This is all very interesting to read about, but in the same way epic battles in Eve Online are interesting to read about but not participate in. I hope the author doesn't think this article is functioning as an enticement to use ETH myself, because it's only confirming for me that I never, ever want any of my money near that shambling wreck.
I quickly want to point out that we've recently seen a surge in uniswap/bancor based "liquidity pools" (all projects copying each other). The main idea here is that you can lock up your crypto in a smart contract - which is considered "secure" as to no one can steal it (audited code by reputable companies and such). If true the risk is very small with things like impermanent loss, which doesn't apply to all pools.
The idea here is that your money is provided liquidity and you'll get paid a portion of the fees as well as some new token which can have a very high value (for a fleeting moment).
This is important to realize when looking at the crazy marketing around these projects, if it's based on uniswap you can reasonably sure your principal won't get stolen - regardless of the scammy and weird marketing.
I was wondering why the article kept repeating details in re-worded ways as if they happened to other people. I didn't even realize that different parts were by different authors.
Oh! That explains how they managed to get beachy cocktails in the middle of the night. I was very confused too.
Overall, though, I do think DeFi has potential. Every attempt to anchor blockchain stuff to the real world (supply chain validation etc) seems to founder on the fact that non-blockchain solutions already exist. Providing new functionality on the blockchain seems to be more successful.
Nice read! That’s why I respect whitehat hackers, to be tempted by ~10million and then proceed doing the right thing. I wonder if they got a reward/bounty for managing to save all this ETH.
cryptocurreny != investment scam.
It's just another way to transfer and store value.
Interacting with automated contracts is an interesting extension to that system which can make things alot more complex.
The 'dark forest' comes from a kind of man-in-the-middle attack where anyone can see the order book and exploit it, by putting their own slightly better orders in. Hence the need for co-operation with a closed order book (miner) to get the transaction in safely.
The article states that the purpose of these smart contracts is:
"Stake your tokens with us and you could be the next cryptocurrency millionaire"
That's an obvious scam. Anyone who gave real money to such a cause has already lost it. So why is the author giving away his time to help the scammers?