How is it possible to steal ETH? In ethereum code is law. If the code is valid, whatever gets executed is the truth. All bugs, processor errors, and everything else about the environment are part of that code and are thus part of law. There is no higher power for ethereum beyond the code.
The people that transferred this wealth to their account are not thieves. They are not villains. They are smart people who saw a code path that resulted in a desirable outcome for themselves. Given both parties agreed that code is law, there is absolutely nothing unethical or immoral about what they did. They simply were more clever than the original holders of the ETH. They should be cheered on and rewarded for their smarts.
Code is law. As long as the original people were not physically harmed or coerced out of their funds, they never got robbed. Their ETH was simply transferred to another party in accordance with the laws both parties agreed to.
If what I say is wrong and code is not the law, than what is the point of ethereum at all? Might as well run on AWS or something.
> Given both parties agreed that code is law, there is absolutely nothing unethical or immoral about what they did
There is no rule that because something is legal makes it ethical and moral. It's amazing how common this sleight of hand is used to justify doing shitty things for personal gain.
I think you missed the point that GP was trying to make but, don't worry, I'll gladly explain.
Crypto enthusiasts (in particular those involved with ETH) continuously push this narrative that code is law, code is law. Other people, who are less naive, immediately pointed out how that kind of "contract" would not fly in the real world with real people, because, turns out that real people make mistakes all the time and it is nice to have a social structure behind it (like a true-ish framework of law) to save your ass when you actually mess up or things do not go as the parties involved in it wanted it to go.
I can give you an embarrasingly simple example that I think anybody could understand. You go to your favorite bank to pay for something, you tell the clerk you want to put $400 in someone's account but you hand out $500 in bills. The clerk (or you) could notice this and state "hey you gave me $500, but you told me you only wanted to deposit $400, here's $100 back", and literally nothing else happens. In the crypto world you would've just lost $100. (See the news from yesterday or so, about a guy who accidentally lost half a million dollars like this).
So then, crypto enthusiasts, instead of trying to address this issue, pretty much doubled down on their foolish stance that "code is law, code is law!" and everybody involved in it then knows (or SHOULD know) that they playing with fire regarding this. And people who play with fire shouldn't be surprised if/when they burn themselves and would look quite ridiculous if they start discussing about the ethical and moral implications of fire burning stuff when it does happen.
Just from a cursory search, nobody has really talked about "code is law" on ethereum for many years now since the dao thing, the only people who are zealous about that are using ethereum classic. In my experience, its become a sort of meme that people parrot whenever something like this happens.
Unless you are talking about cryptobros on twitter or something, but I don't think anyone considers what they say important.
Did a google search and also searches on ethereum and ethdev subreddits listed as part of the community, the stack exchange and research board from the link above. There were a couple legitimate discussions about it, none of which really came across as described by the OP.
I did do a search on twitter and also greater reddit, but those posts were in the same vein as wallstreetbets memestock investor posts which I assume people aren't using to base their opinion on this subject.
You're late to this discussion by almost six years, when it became clear to the Ethereum team and the people running Ethereum nodes that code isn't law, but consensus is. Consensus is indeed the "higher power beyond the code". By the way, the same thing applies to Bitcoin, and to every other decentralized "crypto" project out there.
Code is nothing but a way to implement a certain set of rules a majority agrees with. And the object of agreement can indeed change over time. This does not threaten the decentralized nature of the Ethereum network, or its capabilities as a core tool for all sorts of decentralized instruments that simply were not possible with anything that came before.
The Ethereum team must be well aware they are late by about 240 years. This reads like how government power is derived from the consent of the governed, but with some of the words switched out.
You are right! Bitcoin and Ethereum (in its first PoW phase) work in the same way. The "wave of consensus" described in the Bitcoin white paper is the true innovation that enables this kind of decentralized government. But the core principle is the same as that present in all agreements made in human history. This is just a new way to agree to things, but let's not discount it much, it's still a true innovation that enables things not possible before.
I hope we are saved by the crypto folks aversion to existing institutions such that they never mingle their ideas with the our present legal system to mechanically enforce their social constructs. A base under the control of a crypto superstructure is a form of hell I wish to avoid.
To be clear, by “wave of consensus” you mean consensus as defined by having the most CPU power.
From the Bitcoin paper:
> They vote with their CPU power, expressing their acceptance of valid blocks by working on extending them and rejecting invalid blocks by refusing to work on them. Any needed rules and incentives can be enforced with this consensus mechanism.
The "wave of consensus" refers to the fact that a decentralized network cannot have a definition of "current state" for everyone in the network. There's some sort of "undisputed state" because as blocks pile up, it becomes more and more impossible to alter the older blocks and also generate the amount of blocks required to overtake the original chain. That's the wave: new blocks propagate on the network, ensuring the older blocks can't ever change, but the newer blocks might be replaced by others in some cases. This is why there's a need to "wait for confirmations" in most crypto transactions.
The DAO hack says otherwise. Defeating the point of 'decentralization' and 'permissionless blockchains'.
> If what I say is wrong and code is not the law, than what is the point of ethereum at all? Might as well run on AWS or something.
Exactly. Even when 44% of Ethereum Nodes are running on AWS. Amazon's own announcement defeats the whole purpose of decentralization again and the idea of 'code is law'. [0]
That may be so, but in all real-world countries law is law, so it's reasonable to describe these actions as "stealing".
The value of Ethereum is not that it suddenly becomes moral to steal money from people. Or at least, that statement will have to be true if we want the real-world legal authorities to happily coexist with Ethereum.
The law is buggy, and Wild West banks that issue their own currency are rampant without a sheriff to handle misconduct. I wonder how many $B it will take to put into stable shape. Took a long time to create solid central banks whose currency could be widely trusted.
My questions are: Are the majority of victims in both exploits ordinary small-scale traders, investors in the companies that operate/promote these services and protocols, or other entities?
Is there any realistic hope to make the victims whole without the cooperation of the people responsible for the exploits?
> realistic hope to make the victims whole without the cooperation of the people responsible for the exploits?
This is exactly the problem that hundreds of independent groups of humans had faced throughout tens of thousands of years of history and to which all came up with the same solution: central authority.
The ledger is a central authority but with decentralized distribution. Central authorities can tell users what they can and can't do with their money, count their money, monitor, violate privacy, and impose sanctions, taxes, or trade restrictions on them.
While mixing 250 million dollars is near impossible in the short run, you could easily mix a million dollars a month every month for the next 10 years. Mixers aren't a full proof way to obscure funds but the FBI has outright admitted that it's nigh impossible to track it down.
Furthermore there are decentralized mixers that run on Ethereum so it's no longer possible to go after the operators of mixing services. tornado.cash has billions of dollars available to mix with which is more than enough to obscure millions of dollars worth of ETH at a time.
I don’t doubt that they could move the money but their bigger problem is a single misstep between the wallet and a bank account immediately putting an end to the scheme.
Assuming it's a lone wolf and not a criminal gang (suits on Wall St. or sex traffickers in Bulgaria).
Also, that's what patsies and false credentials are for. It's easier to buy new identities in other countries where money talks and ethics are flexible.
Then please stop bothering us with these specific to your kind non-issues (to us, at least)! I don't want to hear about them all day long as I stay away from this stinky pile and none of the hundreds of technologist I know wants to touch this with a ten-foot pole even or much less so - get involved in these scams and thefts. You have your own communities, so, please, stick to them and don't' pitch these Ponzi schemes to us everywhere! Well, obviously, nobody falls for them anymore, and there's no utility to sell them elsewhere, but, yeah, as any other pyramid scheme, you need a stable supply of stupid people to buy into the scheme. So, that's why you should be banned - otherwise, I would care less, but cut on the noise as it's really annoying and does not serve your self-serving, filthy, greedy goals! Do something meaningful with your lives! I know, there's no other way to buy child porn online except by using cryptos, but for any other earthly need, there are legit, faster, and cheaper payment methods!
I think you need to wake up and see what is happening in your lifetime.
Is this not hacker news? Is this not of interest to technologists?
I think you must know a bunch of not very interesting technologists, because I know countless technologists who are deeply passionate about decentralized monetary systems. They think the kind that reject all new technology as luddites. Which is what you and the nocoiner are. And we don’t like luddites on hacker news, because we are hackers. Savvy?
The wrong function call was made in a program, exposing it to a vulnerability that allowed a cryptographic validation bypass.
That had economic consequences as hundreds of millions of dollars worth of collateral was now worthless.
This is definitely of interest to hackers. If you ignore it the whole living on Solana blockchain thing, this Would be front page news in any cryptographic context.
Well, if you haven't noticed, the HN community does NOT like the type of human material in the craptocurrency space - people who would sell their mothers for a fraction of Bitcoin and then hodl it... or spend it on hookers! I've been mining Bitcoin before it was cool! But when I saw the type of sketchy characters overcrowding the space, I left the sinking ship! I get Bitcoin from time to time and I happen to sell them to the idiots at peaks! Like this last time, for example, I got my Handshake reward, turned it into Bitcoin, and sold at the all-time high - because it's not really hard to know when this is gonna fall... like a knife... but I'm not trying to catch it!
Neither you nor I represent the community, and there are those that like it and those that don’t. It’s funny, it’s almost like hackers are interested in different things. I am glad you are finding using cryptocurrency useful, despite disliking it.
Oh, and you do represent it? How can a hacker, per se, be interested in something that was most probably released by NSA by all indications and which offers just quasi-anonymity?! How can a hacker be interested in something so wasteful, slow, and expensive to transact?! Bitcoin is anything but a hacker's dream!
Hackers like a lot of things made by them, SELinux and Ghidra are two example. Very good products. SELinux protects billions of devices.
I don’t think the NSA invented Bitcoin, there is no evidence of this. It does however serve the purposes of information assurance mission by generating some real world metrics of the cost, in both energy and compute/memory, and also an early warning and bounty system on SHA2 and ECDSA sigs.
Google "How to Make a Mint: The Cryptography of Anonymous Electronic Cash" if you haven't already. Bitcoin is a honeypot for illicit actors. And so far it's been serving its purpose well - just like Tor.
The people that transferred this wealth to their account are not thieves. They are not villains. They are smart people who saw a code path that resulted in a desirable outcome for themselves. Given both parties agreed that code is law, there is absolutely nothing unethical or immoral about what they did. They simply were more clever than the original holders of the ETH. They should be cheered on and rewarded for their smarts.
Code is law. As long as the original people were not physically harmed or coerced out of their funds, they never got robbed. Their ETH was simply transferred to another party in accordance with the laws both parties agreed to.
If what I say is wrong and code is not the law, than what is the point of ethereum at all? Might as well run on AWS or something.