Pages:
Author

Topic: ETH = Game Over - page 27. (Read 40482 times)

newbie
Activity: 42
Merit: 0
June 19, 2016, 02:08:11 PM
ETH is down and maybe out. But let's stop kidding ourselves. We all know all that these cryptocurrencies are just a bunch of cryptolottery tickets.  All that fancy schmancy coding just to operate a lottery.

There are still another 500+ cryptocurrencies left. Anybody who loses money in these lotteries had it coming. Gamblers need to learn that the odds favor the house, not the gambler. And if you don't know who the house is, it's probably not you.
sr. member
Activity: 336
Merit: 265
June 19, 2016, 01:44:53 PM
This stuttering "genius" is your leader? Vitalik was clearly flustered by the question. Must listen to this! And look at the body language of Gavin Wood and the other guy on the podium.

"I am 99.999% certain this is bug free."

https://www.youtube.com/watch?v=cahj4WJtp20&feature=youtu.be&t=42m52s

The Naive hubris is very dangerous within Vitalik.
legendary
Activity: 1120
Merit: 1008
CryptoTalk.Org - Get Paid for every Post!
June 19, 2016, 01:12:06 PM
Only refering to current successfull hack on DAO network is enough for eth price to fall half and imagine what will be market sentiment after they see second successfull hack made today https://www.reddit.com/r/ethtrader/comments/4ot3vi/warning_another_successful_attack_recursive_split/

This could drop price of ethereum to ground, even softfork seems not be enough to stop all of this hacked eth becoming tradable. Shocked
legendary
Activity: 1358
Merit: 1014
June 19, 2016, 01:11:33 PM
It's ETH problem too. Who created ETH? Vitalik Buterin. Who panicked and start acting like a central banker trying to stop all trade of ETH to stop people from panic selling ? Vitalik Buterin. Therefore, this sets an ugly precedent and makes the creator of ETH someone that you can't trust.

Acting as a judge without any legal protection for being an arbitrator!

Vitalik et al are playing with fire as I pondered upthread:

https://www.youtube.com/watch?v=RHcLKrkwPLQ#t=3864

Especially listen at 1:06:15! And listen at 1:11:15 where the attorney says Vitalik (et al) is creating dangerous legal liability for himself (themselves) by being the judge!

The likely party to be sued are those who can be identified and have a pot of money.

Where did you get that video? It shows as hidden so I didn't see it in andreas's youtube channel.
Interesting, will look at it while i walk in the treadmill later, its two fucking hours long tho, it will take 2 days.

Anyway, Vitalik suffers from delusions of grandeur, this is clear by the fact that he wanted to work under turing complete system even tho he was advised that it was a mistake by a lot of people. It's better to admit limitations and work around those limitations trying to get a robust system, that is why everyone should be all in on BTC since its the best we have on crypto thus far, everything else is highly experimental.
sr. member
Activity: 336
Merit: 265
June 19, 2016, 01:06:27 PM
It's ETH problem too. Who created ETH? Vitalik Buterin. Who panicked and start acting like a central banker trying to stop all trade of ETH to stop people from panic selling ? Vitalik Buterin. Therefore, this sets an ugly precedent and makes the creator of ETH someone that you can't trust.

Acting as a judge without any legal protection for being an arbitrator!

Vitalik et al are playing with fire as I pondered upthread:

https://www.youtube.com/watch?v=RHcLKrkwPLQ#t=3864

Especially listen at 1:06:15! And listen at 1:11:15 where the attorney says Vitalik (et al) is creating dangerous legal liability for himself (themselves) by being the judge!

The likely party to be sued are those who can be identified and have a pot of money.
legendary
Activity: 1358
Merit: 1014
June 19, 2016, 01:05:02 PM
Excellent writeup. To be honest, ETH has no chances to ever fully recover. Sure, you can expect the price to go up and down for a while, since there is a lot of people involved with deep pockets, but in the long run the thing is done for. Vitalik is acting as if he was Ben Bernanke with all that "hey guys, stop the exchanges" insanity. This is just too deep of a fuckup to recover. I just hope that everyone was able to sold their ETH on Poloniex before it got locked.

I thought the problem was DAO, not ETH. That's like blaming dollar as a currency if some big bank or investment using dollars fails. Sure, it will hurt in the short term but in the long term, why not go up again? BTC has recovered nicely from the same disasters in the past. Mt. Gox hack was 10x worse than this, no, and here wee see BTC climbing to 1000 again. One has to have balls to buy ETH now but it will probably make many people earn lots of money buying cheap ETH now.


It's ETH problem too. Who created ETH? Vitalik Buterin. Who panicked and start acting like a central banker trying to stop all trade of ETH to stop people from panic selling ? Vitalik Buterin. Therefore, this sets an ugly precedent and makes the creator of ETH someone that you can't trust.
legendary
Activity: 994
Merit: 1035
June 19, 2016, 12:20:26 PM
"I am 99.999% certain this is bug free."

https://www.youtube.com/watch?v=cahj4WJtp20&feature=youtu.be&t=42m52s

The Naive hubris is very dangerous within Vitalik.

We all make mistakes. This mistake costs quite high. I hope Vitalik and other programmers will learn a good lesson.

Its not just a mistake . The whole concept is flawed and DOA! Those that understand security realize this. This is just the start of "hacks".
hero member
Activity: 752
Merit: 501
June 19, 2016, 12:18:27 PM
"I am 99.999% certain this is bug free."

https://www.youtube.com/watch?v=cahj4WJtp20&feature=youtu.be&t=42m52s

The Naive hubris is very dangerous within Vitalik.

We all make mistakes. This mistake costs quite high. I hope Vitalik and other programmers will learn a good lesson.
legendary
Activity: 994
Merit: 1035
June 19, 2016, 11:59:47 AM
 "I am 99.999% certain this is bug free."

https://www.youtube.com/watch?v=cahj4WJtp20&feature=youtu.be&t=42m52s

The Naive hubris is very dangerous within Vitalik.
HR
legendary
Activity: 1176
Merit: 1011
Transparency & Integrity
June 19, 2016, 09:34:51 AM
Published on may 18th

Ethereum Contracts Are Going To Be Candy For Hackers

http://vessenes.com/ethereum-contracts-are-going-to-be-candy-for-hackers/


"Some popular services, ones with 100s of thousands of dollars flowing through them, are distressingly bad (as in "everyone loses all their money" bad) with no way to mitigate, by design."

This one takes the ignorance and idiocy of the sheople to yet another level ("donkeys" in this particular case).
sr. member
Activity: 336
Merit: 265
June 19, 2016, 09:29:07 AM
It isn't "tarnished forever" if the problem is confined to where it originated. That was the whole point of a "Turing Complete" scripting language - to isolate one contract from another and from the underlying platform itself as I've explained here and in previous posts in that thread.

I responded to your linked post as quoted above:

The very architecture of a smart contract blockchain makes the logic of the "Turing Complete" scripting language independent of the logic of the blockchain on which it runs. Kind of like the separation of executive a legislative powers in states. If you decide to p*ss all over that principle just to save yourself embarrassment and investors in a known risky asset from taking a haircut then you just kill it for everybody.

Incorrect! Turing-completeness is unbounded recursion. Thus it makes it impossible to encapsulate scripts from each other and from internal recursion, etc.. It is the opposite of your incorrect assumption!

You should stop spreading lies about computer science that you do not understand.

legendary
Activity: 994
Merit: 1035
June 19, 2016, 09:04:36 AM
Published on may 18th

Ethereum Contracts Are Going To Be Candy For Hackers

http://vessenes.com/ethereum-contracts-are-going-to-be-candy-for-hackers/
legendary
Activity: 3066
Merit: 1188
June 19, 2016, 07:03:27 AM
Yes, the poorly written code allowed them to LEGALLY get the coins.  This is not a hack, just poor coding.  Eth can NOT recover from this.  Tarnished forever.

I couldn't agree more. It's a long term zero whose short term scandal and investigation - there will be an investigation - is going to hurt Altcoins in general, perhaps even hastening the ultimate demise of many.


It isn't "tarnished forever" if the problem is confined to where it originated. That was the whole point of a "Turing Complete" scripting language - to isolate one contract from another and from the underlying platform itself as I've explained here and in previous posts in that thread.
HR
legendary
Activity: 1176
Merit: 1011
Transparency & Integrity
June 19, 2016, 06:11:43 AM
Yes, the poorly written code allowed them to LEGALLY get the coins.  This is not a hack, just poor coding.  Eth can NOT recover from this.  Tarnished forever.

I couldn't agree more. It's a long term zero whose short term scandal and investigation - there will be an investigation - is going to hurt Altcoins in general, perhaps even hastening the ultimate demise of many.
hero member
Activity: 854
Merit: 1009
JAYCE DESIGNS - http://bit.ly/1tmgIwK
June 19, 2016, 03:55:18 AM

a) All blockchain software is evolving, just like bitcoin may needs to change block-size soon. Any blockchain could come up with the future option to only require most nodes to verify history for a minimum of x years, while other full 'archive nodes' get extra reward.
Evolving into what? Bitcoin wont change the blocksize because its the only variable that gives it stability.


b)Storage gets cheaper per Tb daily. 'Farmers' (/'MAID/STORJ/SIA Miners')  may soon be putting together rigs with 20 SSD cached 16Tb Harddrives

But ETH doesnt have a hardcap except Gas, so the fees would rise much faster on ETH than on bitcoin. And if they lower it, then the blockchain will grow even faster, so no technology can catch up to it later.


Quote
c) Wreckless? Prove it.  On Github about  2200 Bitcoin Bugs were documented to be fixed and  1300 for Ethereum.  Few other crypto economy projects have 150-500 bugs fixed while most are below 150 - so is TheDAO! (only 37 yet)
Just because bugs werent detected that deosnt mean they arent there. There are most likely many more hundreds of 0 day bugs in it waiting to be discovered.


Quote
g) Centralized, how exactly? More than Ripple?
h) They are not deciding it nor are they able to.
They are only taking their responsibility to inform the public about the options that the public has. And these are obvious options that could apply to many other Blockchains (Crypto currencies) too and at any time.
i) not even the bitcoinXT propsal killed bitcoin, did it?Wink
Dont compare it to ripple. I`m pretty sure they called to action all nodes and exchanges to tell them what to do.

Now they might not obey them ,but still its a command & control currency.

BitcoinXT had barely any legitimacy, the ETH devs obviously have a lot in ETH.




Quote
j) It was a temporary idea during evaluating the incident.  They made sure to cancel this request within 2 hours, since it was not necessary.
https://www.reddit.com/r/ethereum/comments/4oif2x/dao_attack_exchanges_please_pause_eth_and_dao/
Exchanges did not or hardly react on this.

Ok so it was temporary, i can accept that, so i will remove this point from the OP.

Still not the best course of action in my opinion, but at least it was short lived.

I understand the urgency and the heat of action, but still this was a command & control approach.



Quote
k) There are more possible solution and mild ones. This is mainly about a TheDAO bugh - the only thing serious is that the subject of discussion also hold ~4.5% of Ethereums market capitalization = ~3 month worth of Ethereum's mining production = inflation  
(- Still  Rather tiny compared to the speed Etherum was rising in the last two years despite inflation.)
It was the trust that was broken, the trust in devs, the trust in their skills and the trust in their decentralization promises. That causes more damage than just the missing ethereum.

legendary
Activity: 2114
Merit: 1040
A Great Time to Start Something!
June 18, 2016, 09:49:00 PM
Prices are falling again on btc-e (slowly for now), and look to be set up for another huge step down!!
Do you think I am simply trolling to try to buy cheaper ETH?  Grin



If you are than you wouldn't hint at it. Trolling or waiting to dump some more mETH.

Good discussion here- https://www.youtube.com/watch?v=Swdb-Z_4JmI

I am 5 minutes in, and it looks good, but "2 hours 15 minutes" of precious time to hear details about a ride on the Titanic?
Thanks, but...  Maybe I can find 5 more minutes.

Edit: I'm 20 minutes in and it is a good discussion, thanks.
sr. member
Activity: 336
Merit: 265
June 18, 2016, 09:36:10 PM
#99
An interesting read from a guy reddit.  He gave compelling arguments and it does make you think twice about the viability and security of the current smart contract plaforms and DAOs currently in circulation.

Source:   The bug which the "DAO hacker" exploited was *not* "merely in the DAO itself" (ie, *separate* from Ethereum). The bug was in Ethereum's *language design* itself (Solidity / EVM - Ethereum Virtual Machine) - shown by the "recursive call bug discovery" divulged (and dismissed) on slock.it last week.

Here's an excerpt of the post.

Quote
Complexity and "Turing completeness" are not the real culprit here - those are all good things that we can have someday. The real culprit is poor language design. Specifically, I would recommend using "functional" (rather than "procedural") languages for mission-critical code which will be driving "smart contracts" - and even better if a high-level "specification" language could be used, allowing formal derivation of a (verifiably correct) program in a low-level "implementation" language (ie, providing mathematical proof that the implementation satisfies the specification - and mitigating the problem where the high-level human-readable "description" is different from the low-level machine-runnable "code"). I suspect many people (raised in a world where JavaScript is the "assembly language of the web") might not know about some of the history and possibly related work. So take this as a stern lecture telling you to take a good look at the history of functional languages (and specification vs implementation languages) as used in mission-critical projects, including finance - which, even when using such tools, are still very hard to get right - as we can see from the decades-long history of failures of major projects in defense, healthcare, aerospace, etc.

I don't think language design can fix "reentrancy-safety". The problem is Turing-completeness which is unbounded recursion. That is not something you can entirely solve with the language design.

If your smart block chain project doesn't know how to explain what I am talking about here, then you should not be investing because they probably don't really know what they are doing. They think they can just slap on a programming language to a block chain. Sorry! The problem is fundamentally insoluble and any breakthrough will have to be a paradigm-shift!

All these Block Chain Alt devs are recreating the mistakes that mathematicians and software engineers have discovered years ago.

And that we all told them back in late 2013 not to do it. I personally told Charles. Vitalik invented "gas" and thought that was sufficient.

Quoting myself from 2011:

Fundamentally, Turing-completeness is one concise requirement, unbounded recursion.

I had already explained why that Reddit post is incorrect:


I haven't studied the specific vulnerability in this case[1], but I think it has to do with the contract code doing mutability aliasing on global state. So this is an issue of synchronizing mutability aliasing.

For example, imagine if some intended to be atomic operation[1] of a check for sending of ETH out of the contract had not set a global count of sent before some recursion which enabled sending more ETH out, thus exceeding the threshold.

So the Reddit post seems to be somewhat clueless about the actual issue. Functional programming and static typing is orthogonal to the issue of dealing with global state and mutability aliasing. I had just finished analyzing this issue at the Rust-lang forum and in my private discussion with keane recently. Although Rust can statically check mutability aliasing, this is restricted to disjoint data structures. We concluded that some semantics can't be modelled with a static checker. Mutability aliasing is thorny issue and I am not familiar enough with Coq to know if it can model it. I would need to really dig into the details of this and study it before I can comment with high degree of confidence.

[1]http://hackingdistributed.com/2016/06/18/analysis-of-the-dao-exploit/
https://www.youtube.com/watch?v=RHcLKrkwPLQ#t=730
https://github.com/LeastAuthority/ethereum-analyses/blob/master/GasEcon.md#case-study-the-crowfunding-contract-example
https://blog.ethereum.org/2016/06/19/thinking-smart-contract-security/
http://hackingdistributed.com/2016/06/16/scanning-live-ethereum-contracts-for-bugs/#what-about-the-recursive-race-problem-in-thedao
full member
Activity: 608
Merit: 100
June 18, 2016, 09:18:22 PM
#98
...What a wonderful decentralized currency where a few people decide what happens and the entire network is subjugated to the decisions of a few. Not to mention Ethereum already has big blockchain, soon ethereum will turn into a centralized bank , if it doesnt die before that.

Here are a few important things:

1) the blockchain grows 375 Mb /day.
...
Soon only a few datacenters will be able to operate ETH.
a) All blockchain software is evolving, just like bitcoin may needs to change block-size soon. Any blockchain could come up with the future option to only require most nodes to verify history for a minimum of x years, while other full 'archive nodes' get extra reward.
b)Storage gets cheaper per Tb daily. 'Farmers' (/'MAID/STORJ/SIA Miners')  may soon be putting together rigs with 20 SSD cached 16Tb Harddrives

Quote
2) The development is wreckless, they spend more time on going to PR events than to actually engineer the code well, first wallet softwares were buggy as hell, took years to sync, which is fair because bitcoin was buggy also at first. However instead of promoting a buggy as hell client, they should have focused on development first and then marketing.

c) Wreckless? Prove it.  On Github about  2200 Bitcoin Bugs were documented to be fixed and  1300 for Ethereum.  Few other crypto economy projects have 150-500 bugs fixed while most are below 150 - so is TheDAO! (only 37 yet)
Quote
3) Ethereum is too complex, and the more complex something is, the more attack surfaces it has. An ideal cryptocurrency has to be simple and secure. And ETH has many more 0 day bugs that we dont know of yet, so this wont be the last hack. It came out far too fast because of PR pressure. The devs should have stayed 1 more year reviewing and researching the code and make the coin secure in that time, before pushing it out to the public.
d) Was Bitcoin too complex x years ago?  how many?
e)they spill "0 day bugs"?  
f)What happened was a TheDAO Bug, a slip-of-the-pen/eye kind of bug.
Quote
4) It's already centralized as hell, the devs can just reverse transactions like this. Sure reversing a hack is obviously good right ?, but the road to Hell is also paved with good intentions. Abusing power comes in small increments. First they only reverse hacks, and then later you find out that everyone will become censored.
 
g) Centralized, how exactly? More than Ripple?
h) They are not deciding it nor are they able to.
They are only taking their responsibility to inform the public about the options that the public has. And these are obvious options that could apply to many other Blockchains (Crypto currencies) too and at any time.
i) not even the bitcoinXT propsal killed bitcoin, did it?Wink
Quote
5) ETH devs want to impose capital controls on ETH holders. The ETH devs don't respect the free market.

The lost cost were already supposedly locked in a child DAO, so then why are they not allowing people to trade? Because they know that people would sell their ETH fast.
...........
j) It was a temporary idea during evaluating the incident.  They made sure to cancel this request within 2 hours, since it was not necessary.
https://www.reddit.com/r/ethereum/comments/4oif2x/dao_attack_exchanges_please_pause_eth_and_dao/
Exchanges did not or hardly react on this.
Quote

There are 3 options for ETH and in the next 27 days the devs and the ETH community will have to decide on one of them, and in my opinion the results will be the following:

1)  They decide to not hardfork in which case the thief gets away with the loot but atleast the integrity of ETH is preserved. The result will probably be a massive selloff of ETH and loss of future confidence in the ETH devs as they failed to provide secure code, it will seriously impact the future growth of ETH which they may or may not recover from.

2) They decide to hardfork, in which case all confidence will be lost in ETH, and it will probably deal a fatal blow to this currency's future, and it will shows as an example how a decentralized currency may not be so decentralized, and a warning to all future altcoin devs to change their attitude. It will impact BTC as well, and many media shills will try to put dirt on BTC's reputation as well.
k) There are more possible solution and mild ones. This is mainly about a TheDAO bugh - the only thing serious is that the subject of discussion also hold ~4.5% of Ethereums market capitalization = ~3 month worth of Ethereum's mining production = inflation  
(- Still  Rather tiny compared to the speed Etherum was rising in the last two years despite inflation.)
Quote
3) They wait the full 27 days and in the last minute they decide 1) or 2). In this case, the panic and uncertainty will just magnify the negative effects caused by their decision, and whichever they decide upon, the effects will just be much worse.
Yes:) but who gave you the idea they would want to be lazy for the next weeks?
Quote

So by logic they should decide 1) and announce it fast, since the longer they wait the more uncertainty they cause by the inaction.

That's just my honest opinion.


I really think people should just switch over to NXT, because it's far more decentralized and it has better developers. When last time a hack happened in NXT, the developers didnt reversed the transaction. Because in the NXT community the decentralization, transparency and fungibility is the number one priority, that supercedes everything else. The police can catch the hacker with any other method and recover the funds, but the decentralization is sacred.
Good luck!


legendary
Activity: 1050
Merit: 1000
June 18, 2016, 09:08:35 PM
#97
I don't understand how people invested in a coin coded by a 20 something year old who made up his own coding language.

Coding genius? Seriously? There's thousands of kids around the world who are "coding geniuses", a lot of them start in their teens and is a hobby. I for one, learned coding in different languages when I was in my teens but have stopped short of my 20s and enjoyed life instead. It's not that hard, it just takes a bored teenager with some sense.
legendary
Activity: 1418
Merit: 1002
June 18, 2016, 09:07:27 PM
#96
this is ETH right now:

http://imgur.com/bRIfKae
Pages:
Jump to: