> But in our email exchanges, he argued that he'd executed a perfectly legal series of trades.
In real finance, there is an understanding that technical loopholes can exist, since not every outcome can be foreseen when writing laws, but the legal system can frequently prosecute against a series of actions which are, individually, legal, but which together are taken in order to achieve something illegal.
That is, modern finance and the law also attempt to deal with intent.
But in the Ethereum smart contracts world isn't the whole premise that the code is the law? That we don't need any of these pesky courts or banks or auditors or anything: the code is the law, and the decentralized blockchain will enforce it.
With this worldview, if the attacker simply exploited poorly-written code to find a loophole, how do the owners of Index have a leg to stand on?
This is a thing that confused me about smart contracts. I don't see how they can exist without a judicial system. They do seem to have some uses under that framework. Like the system is auditable so you can prove if someone cheated and changed a contract out from under you (and you lost your copy), but that's only a minor improvement on the current system. The US has a lot of legal policy that is based on spirit of the law because it is well recognized that humans are imperfect and never will be. It then seems silly that people who are fully aware of failure analysis/engineering would design a system where the mode of failure is easily exploitable.
The legal system has failure modes that are just as easily exploitable, but humans can intervene and reverse the failure, make people whole, etc.
The problem with smart contracts isn't that there are bugs, but that buggy results are final with little to no recourse, by design, unless you get everyone to agree to hard fork the chain (rolling the "bad" transactions back and eplacing the buggy contract) and/or the implementation (if the bug was in the platform rather than the contract).
The legal system has a similar principle of not being liable for conduct that predates a ruling or law that forbids it, but it also has the principle of agreements being interpreted according to common sense understanding by a person with ordinary skill, and where skill differences exist between them the non-expert's interpretation is the one given precedence.
These meta rules don't have equivalents in smart contract systems, which makes them brittle. The only way smart contracts end up being used for non-trivial purposes is if they are made explicitly subordinate to the existing legal infrastructure in ways that will gum up the works, or if smart contracts are subject to mandatory formal verification possibly including game theoretic 2nd order effects.
Yeah, you're totally right. I'm very curious to see where things settle out. How does one ever infer intent from a system with anonymous contributors? We do live in interesting times.
If the kid in the story had speculated about his attack it would be an opinion. His attack demonstrates that it is fact. Contrast this with your opinion that the courts will decide his actions were illegal.
You're reading things I didn't claim. I don't have an opinion on what the courts will decide, I basically said we don't know. My claim is factual and it will be regardless of the outcome.
AFAIK the legal system still applies to crypto; the recourse when somebody hacks your smart contract is the same as when somebody defrauds you; you sue. Except with smart contracts you have more traceability as to what happened.
And you don't need to make the smart contract explicitly subordinate to the law, they are as a matter of fact, because everything de facto is. This idea that code is law and crypto exists in a vacuum is complete delirium (although a popular one and sign that the scene has a lot of room to mature)
The legal contract of the EVM is “you are allowed to execute any computationally legal sequence of instructions on the EVM”. At least that’s how it has always been presented.
People who post smart contract code on the EVM are equal users of a shared computation infrastructure. If they want to put legal terms on who can use their smart contract and what for, they should need to make their own blockchain platform, because they certainly don’t own Ethereum.
The law already regulates mistakes in traditional markets. If you accidentally sell your shares for a fraction of what they are worth, you cannot go to a judge and ask them to return the “stolen” shares. When you subject yourself to a mechanistic market system, the predictable operation of the system is more important than any participant’s bad fortunes.
> The legal contract of the EVM is “you are allowed to execute any computationally legal sequence of instructions on the EVM”.
Where is this contract? I've never seen it. The rest of your argument is based on this premise. The "legal contract" of a computer program is the same, yet we have laws on what you can and can't do to other people's computer programs.
> The law already regulates mistakes in traditional markets. If you accidentally sell your shares for a fraction of what they are worth, you cannot go to a judge and ask them to return the “stolen” shares.
Someone taking all the money from a smart contract you gave money to is not like your fictional example of a person selling their shares for the wrong value.
The jury just needs to believe “this person stole something,” and there’s a good chance they’ll judge accordingly. At least there’s a good enough chance that it will happen that it will likely lead to an out of court settlement.
I think a lot of the appeal of crypto/smart contracts is that they are final with little to no recourse, humans can't intervene and exploit failure modes which individuals using the so-called contracts can't defend against.
Corporations and wealthy individuals with influence in the writing of this legal system, with massive amounts of financial resources, with negligible moral agency, and with limited criminal liability find very different utility in the ability to use the legal system to roll back contracts, to enforce them, or to ignore them.
Those who find themselves on the other side of this power disparity would often prefer to risk a potentially buggy but inviolate contract than one which they expect to be abused against them.
> Those who find themselves on the other side of this power disparity would often prefer to risk a potentially buggy but inviolate contract than one which they expect to be abused against them.
There is no way that AT&T, Comcast or Bank of America will ever agree to a smart contract written by an ordinary customer. As always, the companies will write their own contracts, and customers will either accept them, or leave. And if the company has monopoly power, tough luck.
so what happens if the company's smart contract has a bug in it, and the customer takes advantage of it?
In an analogous situation, if a shop mis-labels the price of an item (let's say, they forgot a zero or two for a $1000 item), the customer theoretically has the legal basis to purchase it at the labeled price. How is this scenario any different to a block chain contract with a bug?
If a site has prices stored on the frontend and a user edits the price to make it lower, do you think the user has a legal basis to receive the item at their new specified price? I don't think many jurisdictions would say they do.
Further, in many places your example itself falls apart.
> If a site has prices stored on the frontend and a user edits the price to make it lower, do you think the user has a legal basis to receive the item at their new specified price?
There was a case like that in the early days of online shopping, which was actually decided in favor of the customer. The prices of items in the shopping cart were stored in form fields, and the customer edited them before placing the order. The court considered that a counter-offer which was accepted by the store. (It probably wouldn't go that way today; for one thing online stores have gotten smarter about trusting data from the client.)
That's a bit different from simply editing the client-side view and never informing the merchant about the change, of course.
I want to know what kind of contracts people entered into before this where they thought they were being abused by a big corporation?
This seems like a noble endeavor, but not an entirely practical one. Both sides of a transaction have to agree to these smart contracts, so where is this an advantage (outside of internal crypto trading)?
A bunch of those many-to-one individual:corporation contracts (like phone service) are in such imbalanced markets that you'd have to overcome the power balance problem in order to get the other party to adopt the "smart" contract.
But if you can overcome the power balance problem, you can just fix the contracts directly anyway without them being smart?
I don't know what jurisprudence you live under, but under English common law (also America, Canada, etc) - which, I must say, I also always denounce and rarely defend - inequitable negotiating power between parties to a contract is considered by courts when adjudicating whether parties have broken it or can be awarded damages. We don't have a system where big powerful organizations can just dictate contracts to powerless individuals and then later enforce them.
Unfortunately US courts have taken a very dim view towards adjusting balance of power.
For example, I don't think there's anywhere else where the mere act of purchasing a product or service can result in you giving up the right to sue the company in court and be forced to enter arbitration with an arbiter of the company's choice.
That's ridiculous. If we're talking power disparities and differences in resources, corporations could just code up standard smart contracts with loopholes in them that allows the corporations to steal from their customers. It's not like customers have the resources to carefully audit the smart contract and make sure there aren't any backdoors that the corporation has written in to exploit.
During the financial crisis Goldmans traded against the trades of their customers, who were making trades Goldmans had recommended they make. They made a few hundred million on it. Goldmans that is, not their customers.
That's like saying corporations can release complex open source code with backdoors in it and the userbase won't notice. Are there any big instances of this happening?
> I don't see how they can exist without a judicial system.
Smart contracts don't have to exist outside the judicial system. Smart contracts are simply a way to automate transactions in a way that's efficient, transparent, and credibly neutral. Yes, we may still have to invoke courts for the 0.01% of transactions that are clear exploits. But the other 99.99% of the time, it's a much more efficient system than using written contracts to handle normal, everyday outcomes.
Even without blockchains or smart contracts, we already have automated systems that execute transactions based on algorithmic rules. If you blatantly exploit a vulnerability in those systems, then courts will generally punish you. That doesn't mean that automated systems are pointless, because 99.9% of the transactions aren't exploits. That's still a huge win, because it means we don't have to have our lawyers email redlines back and forth every time we want to trade an S&P index futures contract. (Near) fully automated transactions are 1) orders of magnitude more efficient, 2) expose general purpose composability where one automated system can be predictably inter-connected with another.
When you put an automated transaction system on-chain, you drastically increase the advantages of both, because you're embedded in an open application network with credible neutrality. A smart contract exchange like Uniswap can process about the same amount of volume as a centralized exchange like Coinbase, but the difference is that Uniswap only needs about 50 employees, whereas Coinbase needs 5000. That's primarily because Coinbase runs inside a silo'd network. That entails replicating many functions like user account management, that aren't necessary for an application like Uniswap that piggybacks off the credible neutrality of a decentralized consensus layer like Ethereum.
There's definitely way more real world contracts than smart contracts, and I'd be very surprised if the percentage of real world contracts that ended up with hundreds of millions of dollars being stolen on a daily basis is anywhere near the same ratio as it is for smart contracts.
Smart contracts, to date, have proven themselves to be truly idiotic inventions.
> The US has a lot of legal policy that is based on spirit of the law
Yes, but that's a wrong and unfair way to define and apply laws.
> humans are imperfect
Smart contracts and "code is the law" mantra don't contradict this. You're imperfect and you commit a mistake, you lose. You find a mistake in someone else's code, you win.
This is much better than the current legal system where we are all collectively forced to adapt to, or even pay for, someone else's mistakes.
>> The US has a lot of legal policy that is based on spirit of the law
>Yes, but that's a wrong and unfair way to define and apply laws.
Sounds like you're interpreting how to define and apply the law there based on what you feel is the right and fair way to do so. Seems a bit paradoxical.
I've seen this argument regarding smart contracts several times now, and I don't think it makes any sense. It's like robbing someone in real life, then claiming you did nothing wrong because you didn't violate the "laws" of physics. Those are two entirely separate things.
In the world of smart contracts code is indeed law, but that doesn't change the fact that in the real world law is law, and the fact that you used a smart contract to commit a crime doesn't make it any less a crime.
But that is the premise of smart contracts. Sure, it doesn't excuse you from the law if your contract is to pay someone to shoot someone, but it's supposed to be the final word on the actual financial transactions that happen within the contract.
Plenty of crypto hypers say the same. E.g. from a quick search of "Smart Contract advantages," the very first article, by a law firm:
> Guaranteed Outcomes: Potentially the most attractive feature, smart contracts could offer a way to substantially reduce or completely eliminate the need for litigation and courts. This is because when parties commit to using self-executing contracts, they bind themselves to the rules and determinations of the underlying code, rather than exposing themselves to interpretations med by parties outside of the contractual relationship.
Smart contracts allow for guaranteed outcomes. Some commentary added by a random law firm does not mean that guaranteed outcomes == no need for litigation and courts.
Just think of non-smart contract parallels. If a bank had an ATM, the premise is that this ATM will execute a series of commands and allow you to withdraw/deposit/transfer funds. If a nefarious back actor found a series of user input that allowed them to withdraw millions of extra dollars, do you believe that the ATM provider will have no legal recourse? What about electronic slot machines?
The difference is that the ATM provider did not explicitly promise that the “code is law” which directly implies that they want to and aggressively argue that they are waiving their legal recourse as long as they were valid user inputs.
In contrast, basically nobody outside of the blockchain space would waive their legal recourse in such a manner and thus would have legal recourse if the intent of their system was bypassed.
To go on to then argue that a legal system should not allow one to waive those rights as it would be idiotic to do so is a perfectly valid legal/moral/justice position, but also directly contradicts basically the entire purported value proposition of everything in the blockchain space whose primary “positive” differentiating factor is that “code is law” and they have waived those rights. To not allow them to do so basically invalidates their entire purpose.
Essentially, either let people bind themselves to “code is law” and suffer the consequence of their choice, or ban it at which point you lose decentralized trust and censorship-resistance making them no different than traditional implementations except that they are slower with higher operational costs.
Where and when did the defi protocol in question explicitly state "code is law"? No one is waiving legal recourse when they're using Web3. I'm not a lawyer but I'd be very surprised if one could even "waive legal recourse" just because it's blockchain all the way down vs mySQL.
I believe you're making this claim because _some_ crypto proponents believe "code is law" and because your personal logical framing is that web3 has no value add outside of being able to operate without legal recourse thus it must operate without legal recourse.
First, even if web3 had no useful value add, it doesn't mean it ought not exist. I can create a SaaS company that does exactly the same thing another company does just with my own logo and API documentation. Does non-uniqueness invalidate my company's existence? What if I forked an open source SQL database and slapped my name on the repo? Have you heard about something called substitute goods? I don't see why Pepsi can't exist in a world where only Coke is the norm.
Second, web3/blockchain/defi does have benefits outside of traditional web2/finance. The ability to not require depositing your funds into an account to transact on a protocol, for instance, is a clear value add. The ability to buy/sell NFTs without a middleman (if they choose to eschew a middleman) is a novel and potentially valuable value add as well. There are countless other applications of web3 that I won't delve into but these concepts can and should operate within bounds of legal recourse.
> No one is waiving legal recourse when they're using Web3.
I've seen quite a few people do this. May not everyone, but a lot. The "commentary added by a random law firm" is the general sentiment I understood when people were hyped up on smart contracts. There's an industry of smart contract programmers who write code under the assumption that there may be no recourse (to the legal system) if they introduced bugs.
If your attitude represents the sentiment of "web3" these days, it is really a very hilarious backtrack on the previous (hyperbole) claims...
A true non-smart parallel is this. You and I agree on a sporting event between humans. Because I want to construct a fantasy, let's just say it's a three-point basketball contest between adolescents (under 13).
The observer will pay $100 dollars per blocked shot, and earn $1 per 3 point play made. All the games are played 1v1. To the untrained basketball player participants, this may seem to be a fair game. After all, it's quite rare in a real basketball game to see a 3 point shot blocked. So they sign the contract, fully agreeing to pay $100 per blocked shot and earn $1 per made 3 pointer.
To game this as a participant, I go to the ends of the earth ( I hear Sudan and the Netherlands are both nice this time of year ), and find a 6'8 ,215 lb boy and recruit him to play for me. He proceeds to block every single shot in every contest, winning hundreds of thousands of dollars and bankrupting the organizers. Just to further weight this, I also hire an opposing player who is only 4'3 to shoot as many 3 points as possible as quickly as possible.
Now, they signed the contract and agreed to it. They didn't have a clause for height, or any sort of caps, and now they have unlimited downside. How would the legal system handle this? Do you think they would release the participants liability? Perhaps, but not likely if they didn't sign the contract under duress. They fully agreed and had consideration ( the $1 per 3 point made ).
It's a contrived example, but it's useful to show that technicalities can be exploited in real world contracts just the same as smart contracts.
I'm not extrapolating on the premise adding my own commentary. The parent commenter asserts an axiom (that we all purported agree with) and then links an observation to said axiom. I'm merely stating that the observation is not part of said axiom.
In a world where you're falling back to the legal system, why do I care if your buggy ATM is powered by a "smart contract" or by "regular" code? Why even do you care?
(There have been exploits in both ATMs and smart contracts, after all.)
I primarily care because I think there's money to be made.
But I also think the shift directionally makes sense. Traditional finance (really most transactions for that matter) have moved towards fewer middlemen dependent, more democratized forms of transactions (e.g. wealthy folks can call their traders to buy/sells stock -> open to middle class -> no need to call traders -> no fee no minimum online trading). To me, not requiring institutions to maintain custody of my funds is a value add.
But most importantly, it could just be something different (that fails or doesn't fail, who knows). I don't think the web3 space NEEDS to eschew legal recourse because 1) that's not the only supposedly value add and 2) because it doesn't NEED to provide any value add for that matter. Perhaps web3 can just be the Pepsi the web2's Coca Cola. Only time will tell.
That may be the premise, but has that actually be held up and recognized as such in courts in major countries? Like are there precedents regarding this?
At that point it's no longer a premise (for those particular countries), but until then it's just a supposition.
I think courts are wary to wade deeply into a new financial system like this but at the same time I find it hard to believe that the judiciary and the legislature would rule (in the long run) that they have no ability to "make things right".
If crypto grows as as many people suggest and you have some significant percentage of the country that has savings or investments tied to these smart contracts, if there is a loophole like in this case, you'd have lots of people writing their local or national representative about this. I find it hard to believe that politicians would tell the people they represent "tough luck code is law".
> be held up and recognized as such in courts in major countries?
Only having a slight understanding of crypto, if local courts are required, what's the point of crypto? Why not use the existing financial systems, where all of this is built in?
> [a crypto bro] criticized the team for turning to a centralized institution like the courts for help
But that's exactly the flaw of smart contracts, and why its promises will never work.
The hard part of contracts was never execution. The hard part was always conflict resolution and abidance by fair rules (i.e. "laws"). The hard part is what creates the overhead.
Smart contracts never solved the hard part. They remove the solution to the hard part, claiming the hard part is not needed at all. But the problems these solutions solve are the hard part. Pretending they don't exist is not "solving" anything.
There are so many examples of this. A minor can't enter into a contract. Severely mentally disabled can't either. Someone with a gun to their head can't either. It doesn't matter if they enter into a million dollar contract. That contract is invalid.
Eventually there will be smart contracts with assigned arbitrators capable of undoing dependent smart contract transactions, with the right to execute granted by a separate smart contract, which is controlled by a vote to be taken by a randomly selected set of peers in the community, who must first watch in total a video of the aggrieved and offending parties position their argument.
And arbitration contracts that can arbitrate the arbitration contracts, and so on.
And perhaps a smart contract to allow the amendment of existing contract, by vote of a group of wallets who’ve been elected by another smart contract, who’ve been elected by another smart contract with a larger pool of voters, and so on, until all stakeholders in the contract have had the chance to cast a vote, whose duration as a voter is limited to a 2-4 year term, before requiring another voting round.
Maybe. But you still need an override from real courts, when the contracts fail.
That's what courts are for. When someone finds an exploit in the smart contract there must be a "no that's clearly not what anyone meant. Nobody actually wanted all the money in the world to go to Hacker McHackerface".
If your assumption is that one of these contract layers is "perfect", then it's not realistic.
Thats why you have the arbitration contract… to allow an arbiter to undo the work, with the reasoning “this isn’t what was intended”
But anyways that was in jest; the crypto community will eventually recreate the same systems and bureaucracies already in play today as they run into all the edge cases that occur with traditional currency (fundamentally: currency carries provenance and is only fungible until its not, and the transfer of funds between two parties does not actually involve only the two parties — and lawyers write excessively defensive, excessively long contracts for a reason).
Crytocurrencies != smart contracts. The original premise of bitcoin was essentially to create a decentralized fiat currency. As its value grew the thesis then changed to equate more of a decentralized digital gold/inflation hedge that's easier to store and authenticate than actual gold.
So that's one use of crypto.
In the non Web3 world, we typically have to rely solely on the financial institution providing the service to make transactions. That is, we have to have a Paypal account to withdraw from Paypal. We can only buy/sell Robux on Roblox, etc. Smart contracts allow us to essentially utilize any provider we want without the provider having custody of the funds at any given time.
I can go to any dex I want and transact without depositing funds. The dex also cannot agree to perform a transaction and hold my funds hostage, like how Paypal screws over some of their merchants with their "internal investigations." I can also buy/sell coins that the dex mints (e.g. ORCA coin) anywhere I want. It's not tied to a single account nor is it tied to single exchange.
And that's without getting into NFTs, flash loans, LPs, and other features of Web3.
>In the world of smart contracts code is indeed law, but that doesn't change the fact that in the real world law is law
I think some confusion arises because that "smart contracts" only make sense if code really is law, in the sense that any transaction executed by the contract -- even unexpected, surprising transactions -- is considered to be fully consented to by all parties interacting with the contract.
I agree that that's a terrible idea - bugs can always exist, and having no recourse when millions of dollars are lost due to a coding error is a huge and unreasonable risk.
But otherwise -- if, ultimately, courts can force "smart contract" transactions to be unwound if they are found to be exploitative, unintended or otherwise invalid -- then what's the point of having smart contracts in the first place? What's the value proposition? Why not just use regular contracts?
The same argument could be made about an escrow account. Just because the account gets payed to one party by the third party doesn't mean that the second party couldn't sue the first for the money back. Assuming the third party made a mistake or (more in line with smart contracts) if the escrow was set up in a way were the pay out was just with relation to the escrow terms but wasn't in line with the contract terms between the 1st and 2nd party they'd be likely to get redress.
There's still a very real use for smart contracts in that you change what bad actors can do to act badly. Before they may have been able to breach a contract by ignoring invoices now they breach a contract by exploiting a smart contract loophole. Basically your shuffling the trust and risk around which can be a useful tool. i.e. it can be quite costly to enforce (and do due diligencece on) a contract with someone in another country so the cost and technical risk of setting up a smart contract may be much more preferable than the posisbility of having to legally enforce redress for breach in a regular contract.
This claim makes no sense.
In the real world, crimes have very specific definitions. Most are physical, in fact.
For example, robbery is when, with intent to commit theft, you take property by force.
Anything else is not robbery.
Theft by taking is: when a person unlawfully takes or, being in lawful possession thereof, unlawfully appropriates any property of another with the intention of depriving him of the property, regardless of the manner in which property is taken or appropriated.
(The above is georgia, robbery/theft/etc are state crimes so defintions vary a bit)
Again, it requires doing so unlawfully (or converting unlawfully).
If doing what this person did isn't unlawful in the real world, it's not theft, it's not robbery, it's not anything.
So you have to find a crime that actually matches what happened.
It's not wire fraud - that would require " false statement, promise, or misrepresentation in order obtain money or something of value from someone else."
etc
So what crime do you believe this actually is?
(So far i've only seen a civil lawsuit, and while there is a warrant for his arrest, that's for refusing to move the tokens to a neutral third party, or show up to court :P )
In addition to sounding like textbook embezzlement, I don't think there's any reason to believe that "theft" as define by that very broad Georgia definition couldn't apply here (the "unlawfully" is to exclude certain property appropriations explicitly permitted by law like bailiff seizures or deposit retentions from the definition, not to mean it's not theft if you keep someone's property against their will without breaking any other laws. I don't think it ceases to be "appropriation" of funds simply because you provide something worthless as an exchange either, particularly not with that last clause)
I will admit have avoided trying to follow the entire rabbit hole of details on this case. So feel free to point out where i've missed some facts.
From what i've seen I doubt it would be considered theft for the simple reason that the tokens that were bought/sold didn't belong to anyone else in particular who you could say it was appropriated from. He also paid for all of it, and paid the fair value at the time.
In fact, he paid very high prices for the initial tokens (860 times initial value at one point).
Then gave away a bunch of tokens.
Then waited for an algorithm to do something dumb around the pricing, and then swapped the tokens.
Who exactly did he appropriate property from here?
He paid for all of it, and paid the prices the market demanded. The algorithm did something dumb, but that is no different than some trading bot algorithm doing something dumb and selling for less than it should, which happens all the time.
As for embezzlement, it requires a trust relationship - it's a violation of a fiduciary duty.
I don't think he had one?
So far, i've not seen any criminal charges here, only civil ones.
Certainly prosecutors are slower at this sort of thing, but i'll be interested to see what happens.
According to the linked article, he contributed code to the exploited contract (and was even paid for it!). That sounds like a trust relationship, and layers of obfuscation around swaps and "paying fair price" arent going to change the fact the intended net effect of the trades was that all the value in the contract was transferred to him. Big difference between a trading bot doing dumb stuff and trading bots using exploits a contractor engineered to cleverly transfer all the assets under management to himself.
Yeah, maybe embezzlement then, but still not theft.
Depends on what the exact relationship was - most companies go to amazing legal lengths to ensure that they disclaim any relationship between themselves and their contractors.
Which is not going to cut in their favor.
There have also been plenty of instances of folks much closer to having relationships + knowledge and not being found to be illegal (though rarely there has been civil liability). IE financial advisors exploiting inside knowledge of their clients portfolios + what their companies are up to to make trades that advantage their companies at the expense of their clients.
As for the rest - the intended net effect of almost all trades in finance is to cleverly transfer the value of everything you can to yourself ;). The only question is whether he had a relationship that makes that illegal or not.
Respectfully disagree. I think I've seen several times the belief(from crypto supporters) that the code is the code is the code, and these are the rules that we play with.
The "laws of physics" analogy doesn't match up. I feel like it would be more appropriate in an anarchist society (physics are the only laws, thus everything that obeys physics is game).
This feels more like discovering an exploit in a video game. It's up to the devs to patch it, or tournaments to outlaw, but if you find something out, you can use it. We agree to play by the rules, but if someone comes up with something last minute, they can win.
Just because there are crypto anarchists doesn't mean that all crypto proponents are anarchists. And smart contracts (not sure why they're in quotes in your comment) can depend on real law and still operate fine (e.g. I'm sure NBA Topshot would file a legal case again Dapper Labs if they did something significantly damaging to their brand/NFTs, etc.).
> Just because there are crypto anarchists doesn't mean that all crypto proponents are anarchists.
That's obvious correct but what's the point? The whole discussion here is that there exists these "crypto anarchists" and their ideal world seems ridiculous to at least a couple people here...
That's not how the law works though, at least not in any country I know of. If you exploit flaws in computer code to steal something of real-world value, that's a crime.
We're all bound to the laws of physics, just as in the world of smart contracts all are bound to the laws of code. But none of that changes the existence of the laws of men.
(Replying to this one, but the sibling comment feels similar in vein).
- I'm not really saying the crypto-side argument is right, really just trying to clarify my perception of what they're saying re: the comment above me.
- The physics thing is really just a comment re: when it's hypocrisy and when it's not.
- FWIW, theft in crypto isn't super well-defined to me re: the laws of men either. Maybe someone who knows current law better than me can explain, but calling a function in a contract that sends updates from one pseudonymous address to another... I don't actually know if current written definitions of theft covers that, or needs some court to interpret it as theft. We kind of understand it as people, but I honestly don't know if "laws of men" as written, do.
Under common law jurisdictions (and as I understand it in the US too), "intent" of the accused is an important element of the crime. The definition is broad enough to cover crypto theft, but it might require the court to interpret whether the alleged actions were done with "dishonest intent" etc.. which can be a rather subjective thing.
Higher courts, due to their inherent ability to set precedents, usually also consider broader policy concerns eg. whether the decision makes sense from enforcement perspective, how the ecosystem might be affected etc..
If you do a promotion for giving away free food, and your smart contract accidentally allows someone to get a free sandwich every minute instead of once a day, is it so obvious that someone using your promotion more than once a day is "stealing"?
Ever use a different email address to sign up for a different free trial, say? Let alone people sharing Netflix accounts... where do you draw the line around "stealing" here?
Actually, we are only bound to the laws of physics within the limits of our understanding. As our understanding grows, those laws become less and less restrictive. I think it's an interesting analogy or parallel for the case we are discussing.
I would argue that this wasn't really a code flaw. They made a synthetic asset that calculated its price in a dumb way. That happens plenty often without code, and gets exploited by savvy buyers without code.
The crypto community does seem inclined towards a law of the jungle approach. It's amusing but unsurprising that the wannabe Shere Khans go running to the legal system when they learn they're actually prey.
I think the problem is, if you put a sign saying "Feel free to break in, I dare you, if you manage to get in the house then you're free to take anything you want!" then you can't later complain when someone does exactly that.
(Well, maybe you can still complain, IANAL, but it gets a lot murkier.)
This comes down to the intent, doesn't it? It would be different if you had no sign but on the door that opened if someone pushed it because it was badly designed.
People on HN argue this with openly accessible APIs fairly regularly "ah but the machine let me do it, they must be OK with it" and I think that goes down badly in court.
That might be useful in a civil case, but I don't see how it would apply to a criminal case. "If you do X, it is not considered fraud" isn't going to legally bind the criminal justice system in any way.
In the real world law is law, but I think it's still not entirely clear whether smart contracts can be considered legal contracts and how to judge if any particular smart contract is one.
If this smart contract is considered a legally binding contract, then, yes, this would likely be illegal despite the proverbial "letter" of the smart contract not being broken. If it isn't, then it may not necessarily be illegal (but possibly still could be).
I think legally speaking you’re correct, they would need to pass some sort of law or ruling saying that smart contract code can not be ruled incorrect/fraudulent/negligent etc. which nobody is going to pass, so a judge will just laugh at the idea that crypto is above the law.
A smart contract is a piece of code running on a public permissionless blockchain. The developers who deployed that code do not own it. Medjedovic had as much the right to take money out of the smart contract using the contract's logic as Kellar and Day.
Being blockchain developers, Kellar and Day know these facts very well, but they persist in their hypocrisy because it is in their financial interest to do so. They are betting on a non-technical jury being convinced by a good lawyer that Medjedovic "hacked them" or "stole their funds" (which is not at all what happened here).
Probably? A priori there is nothing wrong with someone who owns a large amount of a certain asset transferring it into a liquidity pool in exchange for a different asset.
It gets more murky if a founder explicitly lies to investors in order to get them to buy their token. Fraudulent misrepresentation is problematic in most jurisdictions, but this has nothing to do with the mechanics of the "rugpull" itself.
Here's a recent case where the SEC litigated misappropriation of funds among other things:
"According to the SEC's complaint, the defendants misappropriated nearly $4 million of investor funds. The SEC also alleges that Chiang and Tippetts misused additional Sharenode investor funds by spending at least 133 bitcoin to list NSG tokens on an unregistered trading platform and to fund a team of captive traders to trade NSG tokens amongst themselves to create the false appearance of a robust market with increasing prices. These traders allegedly created the false impression that more than $2.5 million worth of NSGs were traded daily on BitForex during the first 60 days and that the price of NSGs was steadily increasing due to investor demand. According to the complaint, however, the manipulation scheme collapsed when investors tried to sell their NSG tokens, because there were no actual buyers, causing the token's trading price and volume to fall precipitously."
This isnt exactly a classic "rugpull", but it does make it fairly clear that you cant just take customer funds and use them however you'd like just because its a cryptotoken and you have access to the smart contracts controlling it. You really shouldnt use customer funds in furtherance of additional frauds, like these people did here.
That doesn't really turn on any crypto-related concepts at all, but rather false/deceptive disclosures about the security itself. That actually would be equally illegal to do with regular securities too - you don't fuck around with disclosure documents, that's an absurdly easy way to go straight to jail.
> These traders allegedly created the false impression that more than $2.5 million worth of NSGs were traded daily on BitForex during the first 60 days and that the price of NSGs was steadily increasing due to investor demand. According to the complaint, however, the manipulation scheme collapsed when investors tried to sell their NSG tokens, because there were no actual buyers, causing the token's trading price and volume to fall precipitously."
This is also the fund owners doing something nefarious - that doesn't mean that somebody else executing a transaction according to the contract and the market could be held accountable because the fund's customers lost money. Someone has to be on the other end of every transaction, that is how a market works.
Rugpulls, as in projects attracting funds and then absconding with them, are different from exploits in that they involve outright lies / deception. There's a (moral, at least) difference between bad intent and honest incompetence. The attacker didn't ask anyone to contribute the funds that he appropriated.
But if we're talking about bad intent, then we could easily argue that Medjedovic (the hacker) acted with bad intent in this case. It goes both ways. If code is law, then hacks would be legal but so would rugpulls. If code is still ruled by law, then rugpulls and hacks can be judged by things like intention.
That dichotomy doesn't exist, because everything is ruled by law. But the courts look at the entire situation as well, and you'll find that having actively lied to people or not does make a difference in fraud cases.
> With this worldview, if the attacker simply exploited poorly-written code to find a loophole, how do the owners of Index have a leg to stand on?
They don’t. They simply have to accept it as a bug bounty successfully collected and paid out, and treat it as a learning experience and evolutionary process. Do better next time, if there is a next time.
Good luck making that argument in court. Intent is key, and if this is not the intent of the "smart" (lol) contract, "finder's keeper's" is not a legal defense. The legal system doesn't care about your blockchain arguments.
A smart contract deployed on a public permissionless blockchain is not owned by anyone. Only the contract's logic determines how one can interact with it. This is a fact.
It doesn't matter who can make the best argument in court. A good enough lawyer can convince a stupid enough jury of pretty much anything.
Let's say that I place a vending machine in a public space, such as a street or a park. The public is able to interact with it by inserting FIAT coins to purchase DRNK. Someone clever figures out a way to interact with the vending machine to extract DRNK at less than it's intended FIAT price. Two questions at this point:
(a) Is this a theft from the person who placed the vending machine? Why or why not?
(b) How is this different from a smart contract on a blockchain?
That sort of depends on what the exploit is, right?
For example, if DRNK costs $1 per unit, but I find out that by putting in $1.25 I get 2 units, have I actually exploited the machine? Is it not reasonable to assume that discount was intended?
Now, of course, if I'm prying open the machine with a prybar then we could argue that's just theft. But, putting money in the machine and getting units out is the intended interaction.
Similar to how if a gas station accidentally puts the price of gas at $0.20 per gallon, even though everyone knows that's probably a mistake, it isn't on them for taking advantage of the artificially low price.
So, that's what I'd say the difference is. A smart contract defines all the interactions that are valid. Thus, it is impossible to interact with a smart contract in a way that is "invalid" or "stealing". That'd be different if the user could modify the contract (apply a prybar) however, that's sort of the point, that you can't modify the contract to fix it.
If the contract said "all your deposited crypto goes to cogman10" would we call that a theft when someone put their crypto into that contract? Perhaps if I misrepresented the contract, but then the whole point of these contracts is they are visible to anyone that wants to read/use them.
> For example, if DRNK costs $1 per unit, but I find out that by putting in $1.25 I get 2 units, have I actually exploited the machine? Is it not reasonable to assume that discount was intended?
What if you remove the last part? What if you know, clearly, that your interaction what not what the designer wanted?
> So, that's what I'd say the difference is. A smart contract defines all the interactions that are valid.
Implementations are not specifications. What do you mean by "valid"?
> What if you know, clearly, that your interaction what not what the designer wanted?
Well, then they should have designed a better vending machine, shouldn't they? It may be unethical but I certainly wouldn't call it illegal. Again, back to the gas analogy, I don't think someone pumping gas at $0.20 is breaking the law even though that's clearly not the intent.
> What do you mean by "valid"?
None of the interactions for this attack were using the system in a way it wasn't meant to be used. It wasn't exploiting code. It was buying and selling assets in a way that enriched the attacker. That is a valid interaction.
Also, the whole point of these contracts IS that the code is the specification. That's the whole point of crypto in general. Trust nobody and let the blockchain determine truth.
> What if you know, clearly, that your interaction what not what the designer wanted?
This is what I like to refer to as “stupid tax”.
I’ve had cases where I put money into a soda machine and it gave me a drink plus more than I deposited into it. Or kicked out more than one item because one was stuck and my purchase obviously unstuck it.
Does this make me a criminal?
As an aside I used to work at a place with a soda machine that was basically like a slot machine with slightly higher payouts than one in Los Vegas. This was at a grocery warehouse and the drinks were at cost so “losing” your bet cost like a quarter. Probably designed that way, who knows?
And what if the vending machine measures coins by weight, and you so happen to have a "coin" that is just a properly-weighted blank. You're still interacting with the vending machine as technically intended. But by not inserting the correct amount of money, you are not interacting with it as intended by the creators.
The smart contract implements a technical intent, just like the vending machine. But that technical intent will always have limitations. Some exploits are non-destructive, such as properly-weighted blanks. Some are destructive, such as crowbars. But let's not pretend that they aren't, in fact, exploits.
That'd make sense IF this attack was one that was along the lines of "Hey, I did an injection attack on the contract which caused it to do something bad".
However, that's not what happened in this attack. This attack was far more akin to the "getting 2 units for $1.25" that I described. In fact, that's exactly what it was at the root of it. At no point did the attacker actually exploit code.
The technical and explicit intent was followed to a T here. The attacker got a loan (perfectly within the intent) bought a bunch of the index (again, within the intent) sold a bunch of a underlying stock of the index (Again, within intent), sold the index, and sold the loan. Nowhere in this process was there a "this violates the essence of the contract".
And, let's be frank here, it's not like the attacker didn't open themselves to a huge liability. Anyone that saw this attack in progress could have bought sushi coin or UCI and ultimately drained away the income this attacker was earning, potentially putting them on the hook for a pretty massive loan.
Now, would such a scheme be legal if this were actual securities and not crypto? Nope, because we put more protection around real securities in the US and other countries. However, crypto went out of it's way to make itself above the law and outside of securitifaction. That, in fact, was the entire point of crytpo, to be something governments COULDN'T regulate.
The article makes it very clear where things were exploited. Especially the circumnavigation of the new token limit seems pretty relevant to the discussion of whether this was playing within the intent.
If he’d wanted, Medjedovic could now have traded $3,200 worth of Sushi for DEFI5 tokens worth $1,172,000. And had he simply done that, Indexed would have been fine. The protocol places limits on the amount of a new token that users can swap into the pool, so he would have been able to extract only about 1.5% of the pool’s value—which, given transaction fees, wouldn’t have been profitable for him.
Instead, Medjedovic’s script took out another flash loan consisting of $2.4 million worth of Sushi tokens. And rather than swapping them into the pool, it gifted them to it—a seemingly irrational move that Indexed’s algorithm wasn’t designed to handle. The “donation” overwhelmed the pool and circumvented its usual trade limit for new tokens. This allowed Medjedovic’s program to freely trade overvalued Sushi for undervalued DEFI5 tokens, then cash those out for the pool’s underlying assets, pay back the loans, and keep the rest, now worth $11.9 million. The attack on the CC10 pool brought the total haul to $16 million.
> A smart contract defines all the interactions that are valid.
A smart contract defines all the interactions. Whether they are legally valid is another matter. In contract law, usually the intentions of the parties (at the moment of agreeing to the contract) are taken into consideration. In most other cases, the legal system has rules to determine the validity. The customary practices of the crypto ecosystem is something they might take into account, but it's not necessarily a final outcome.
I'll try to steelman the code-is-law argument (not really sure how I feel about it myself):
In the case of the smart contract, you don't own the vending machine. It doesn't have an owner, it just "is". If it did have an owner, that person is probably violating all sorts of securities laws in countless jurisdictions. That's at least part of the point of all this smart contract stuff.
To make the analogy a little more apt, let's say the smart autonomous vending machine 1) lets people buy DRNKs by inserting money, 2) incentivizes people to refill it with DRNK by spitting out money, 3) once a month spits out money to the amused landlord, and 4) was deposited by aliens who disappeared without trace.
Presumably the smart vending machine would continue on its merry way like this until it either broke down or someone figured out a way to jimmy the lock. Looks like the later happened. Though everyone is upset, it's not clear who has the right to prosecute.
> If did have an owner, that person is probably violating all sorts of securities laws in countless jurisdictions.
That's probably what upsets me most about this story. These developers want to have it both ways: it is decentralized finance and nobody owns the contract as long as we are making money, but we want all the laws and regulations of traditional finance to protect us if things don't go our way.
I am saying this as someone who is pro-crypto. There are trade-offs to this technology. We need to pick a lane be prepared to deal with the consequences.
Frankly, I don't think it's up to you to pick a lane. It's the wild-west at the moment because the technology is new. But it won't be long before the law catches up and crypto will be subject to it the same as everything else.
Publishing a piece of code on a public blockchain cannot be made illegal. The Court of Appeal already ruled that code is speech making this a first amendment issue [1].
Decentralized finance is here to stay as an alternative to the traditional system. Some things are just impossible to regulate.
Perhaps not in the US (but many countries have no such constitution), but redeeming said tokens for fiat currency could still be made illegal, which would dramatically reduce the usefulness of such a a system.
The "laws and regulations of traditional finance" also protect them if things "go their way". They're not trying to "have it both ways", the law protects everyone in all scenarios.
In practice, the law would protect them if they were the owners of the exchange. But here the "exchange" is just a public piece of code that all participants agree to interact with. I can't even begin to imagine the legal hoops they would have to go through to run a centralized regulated exchange.
Imagine in your example the vending machine has a variable pricing and lowers its price if nobody purchases soda. Is it theft to wait longer than the designers thought people would wait and purchase the DRNK at price lower than the machine owner thought they would.
I think a better example is a claw gambling machine. You pay Fiat for a chance to grab fiat out of a pool.
If you come up with a strategy whereby you can grab more or all of the Fiat in a way that the game/machine designer and other players did not anticipate, is that theft?
Alternatively, people are playing a modified version of Poker with rules they don't understand, and someone understands the rules better and gets their money, is that a crime?
I mean, all these smart contract people basically advertise this scenario as a feature not a bug.
Ianal and don't know how a court would see it, but the way smart contracts are advertised would probably give you a fighting chance to make this argument where in normal finance you would have no chance.
Can they make a strong case about what their intent was?
Do they have some legal agreement with the hacker that the judge can use to divine their intent and the hacker's violation of it beyond reasonable doubt?
Or might the hacker and his clever lawyers have an equally strong case that whatever the code allowed was the "true" intent, that the code is the ultimate arbiter of intent, regardless what Index might have said otherwise?
I kind of hope it does go to court, will be interesting to see what the opposing legal teams come up with.
The courts have found that a written description of the contract is legally binding even if the smart contract has a bug that allows things that were intended to be disallowed. Further the courts held the right to decide whether something was allowed or not allowed on their own judgement regardless of the smart contract, asserting the primacy of the law and jurisprudence over cryptonerd utopian fantasy.
I’ve long lost my references to the cases, I tried to Google around for a bit but didn’t turn it up. However I did find this analysis from Harvard law that says more or less the same thing, start with the section:
What is the “Final” Agreement Between the Parties?
"Code is law" is a dream that is not actualized. It's not actually law, it's just code. I'm pretty sure law enforcement will gladly prosecute for a lot of these "hacks".
Indeed it cannot be actualized, as it connects to the real world.
This is why things like "land registry on the blockchain" will never happen. When a court decides that a sale of a house was unlawful, then the blockchain is wrong and irrelevant.
Code isn't law. Law is system that ultimately sends people to your house and puts you in a locked house that you're not allowed to leave, and lets other people live in "your" house now.
In other words, "code is law" only if it complies within the existing framework of our laws. IMO, this still leaves a lot of room for creative applications of smart contracts.
Could be. But then any smart contract system needs to acknowledge this overarching law, and give it "super user access", if you will.
And these systems could exist. But they are not the systems that are being designed. They are in fact antithetical to the stated goals of all of these cryptocurrencies and smart contract systems.
What specific law was broken? In the US, generic "hacks" generally fall under the computer fraud and abuse act, which is notoriously vague about what qualifues as "authorized". Perhaps some other lawvis applicable. But I cannot think of any that are obviously on point. Nor can I think of a clear precedent that clarifies the issue.
Yes, but the I believe similar cases have appeared where the courts have found against the objectivity of smart contracts. I think, ultimately, the point of regulating the financial markets is not to protect investors, but to protect the economy. And if a smart contract undermines the security of our financial system, then that smart contract may simply be illegal.
Until this pans out in an actual court this is basically a strongly worded vaguely threatening letter from a lawyer. If they actually had him dead to rights they wouldn’t be posting their legal theory publicly and asking pretty please give it back or else these other people we’re not at all affiliated with and have no control over (but don’t pay attention to that fact) might put you in jail.
Like high frequency trading players front-running trades, faking liquidity, manipulating prices, and changing infrastructure to benefit them to really screw people that want to buy or sell stocks? Never heard of anyone getting prosecuted by the legal system for that (besides for taking HFT code with them, but never for screwing a normal buyer or seller).
Edit:
It would be great if there was more moral in finance, but I think that's wishful thinking and doesn't really distinguish traditional finance or Defi. The only nice thing about Defi is that everyone can see what's going on in contrast to what happens when you do something in traditional finance.
He contravened their "intent" to make more (fiat) money through speculation, simply put. If they actually wanted to promote decentralization and openness, they would not be undermining trust in it and impeding its adoption by invoking the legal system at this stage. All they gain from suing over this is making things hard for the kid who did the trade, and a remote possibility of "recovering" some of their previous valuations in fiat.
Contracts are contracts and law is law. Law can overrule contracts. Smart contracts just let you have executable terms which allows greater composition and commoditization.
Am I missing something or did Medjedovic simply use unforeseen actions in the implementation of the contract as arbitrage and did not have an agreement to not attempt such actions?
Do not see any 'unauthorised access' in that case i.e not the classic definition of 'computer hacking'. However if the case does end up progressing I do wonder what form a defense will take.
> But in the Ethereum smart contracts world isn't the whole premise that the code is the law? That we don't need any of these pesky courts or banks or auditors or anything: the code is the law, and the decentralized blockchain will enforce it.
It's like the people who invented smart contracts never heard of the incompleteness theorem.
As the article mentions, there is a difference between the utilitarian and the libertarian view of DeFi / smart contracts. In the utilitarian worldview, the legal system still exists to handle disputes / exploits, but in the absence of such legal disputes, smart contracts allow you to automatically execute contracts without needing human overhead to manually execute them.
They accidentally repaid their loan early, which was explicitly allowed in the contract. The hedge funds were under no obligation to pay them back, since the money was now rightfully theirs.
Yes, exactly. They sent the money to their creditors. Had they accidentally sent it to someone who they didn't owe money to, the courts would order the money to be returned.
Yeah like the other guy replied, they intended internally to send it to a wash fund but mistakenly (due to a UI glitch) paid the debt back to the lenders. Now that UI glitch was their fault too, so...the courts said, cry all you want.
And they're a gigantic bank, it's the original digital business, every banker knows a single arithmetic error is dangerous.
I agree that this case was obviously ruled on incorrectly. The institutions broke the law (stole) by not returning the money, and the judge wanted to give a hot take instead of a legitimate ruling. Not allowing someone to retrieve money or property which was clearly given to you by mistake is theft. The end.
> so called “tax havens” actually have a role to play in the world economy.
So does the mafia and the child slaves corporations like Nestlé profit from, they all have "a role to play in the world economy". But it's about the morals and ethics and the hypocrisy of western institutions that allow these loopholes for the super rich in order for them to protect their wealth from taxation.
I never hear "code is law" from defi protocols, their ToS, or really from anyone. It's only the detractors of Web3 who tout this false logic of "code is law" so I guess you're screwed.
Examples of code NOT being the law: Some defi protocols have made those affected by a hack/loophole whole again with their own funds. Some defi protocols explicitly exclude certain jurisdictions like the US from accessing their protocol. Surely if they all belived "code is law" they wouldn't give a fuck, right?
> Examples of code NOT being the law: Some defi protocols have made those affected by a hack/loophole whole again with their own funds.
That's a terrible example. If the code really weren't law, they'd reverse the transaction, or force the hacker to give back the money, like a court could.
Since the code is law they're stuck, and so just hand the victim some money out of their own pockets, to try and eliminate bad press and keep people's trust.
That's because the transaction isn't reversible/is hard to trace the funds. It's not that "code is law" in the sense that smart contracts are extralegal. They would and should have legal recourse if the person were caught.
And coins like USDC can blacklist addresses and comply with regulatory asks. It's hard to buy your argument that smart contracts are extralegal when there are operators that comply with legal authority.
This was an interesting read. The case is now in limbo until authorities can locate Medjedovic or he decides to appear.
“I did not steal anyone's private keys. I interacted with the smart contract according to its very own publicly available rules. The people who lost internet tokens in this trade were other people seeking to use the smart contract to their own advantage and taking on risky trading positions that they, apparently, did not fully understand.”
Reminds me of the standard advice of "don't roll your own cryptography." There are a lot of subtle nuances that make it hard to get right. When you have well-funded teams of absolute novices writing rules for complex games with money on the line, this is what happens. Rather than just having user accounts taken over and having to do a mea culpa, the reward isn't lolz or dark web money, it's actual money, and a lot of it.
It’s a heck of a catch-22! Reject the judiciary system and shun government interfere… or open the door to continually expanding government oversight. Remain the primary target for big “crime” hacks and lose trust and value… or join the current system and lose value?
> Medjedovic added that he'd taken on “substantial risk” in pursuing this strategy. If he'd failed he would have lost “a pretty large chunk of my portfolio.” (The 3 ETH he stood to lose in fees was worth about $11,000 at the time.)
This is misleading, either intentionally or due to Medjedovic's incompetence.
You can fork the current head of the mainnet blockchain to localhost and try infinite permutations for free to see what the next state of the blockchain will be. And then if you like that state, you can then pay to send the working transaction to the mainnet to make that same state occur, in a sure bet. (nearly sure fire bet as in some cases, someone could replace the mainnet transaction in route, but they wouldn't necessarily know what to look for or change if its a distinct kind of transaction)
Medjedovic either didn't know this, because his skills didn't translate as well as he thinks, or Medjedovic knows this and hasn't come up with a stronger argument to support his actions yet (of which there are plenty) and actually is relying on public sympathy to support his actions.
Either way, there is an opportunity for broader education on how these exploits can be cooked in something akin to a "hyperbolic time chamber" or quantum reality without anyone's knowledge, ready to hop back into our dimension fine tuned and ready to cause maximum effect, all within the ~15 seconds between blocks if necessary, as the state changes per block.
If anyone could perfectly predict what was going to happen in the next state then those with this ability would only ever make money and never lose it. Yet this can't happen. In the real world there are sniper bots and all sorts of other things that another agent could do in parallel with your own script, which would lead the outcome to be uncertain.
You don't even need to perfectly predict the next state to make risk-free attempts; you merely need to submit your transactions using flashbots (which operates a gateway directly to the miners). You pay a portion of your profit to the miners as an incentive to include your transaction, and if your transaction fails for any reason it fails atomically and is not included in the block, meaning you have paid no gas and your attempt is thus risk-free. One caveat is that this only works if the transactions can be assembled into a bundle within the same block.
MEV is something different though? GPs (excellent) point is that anyone can play out the effects of their transaction locally ad infinitum, and chose to transact once they're convinced of its behavior. Of course, this can't account for the response of other actors, but the point stands that Medjedovic (should have) been taking far less risk than implied by that quote.
Another thing to note is that all the quotes from Medjedovic are directly to a journalist (at Bloomberg, the article was there a few days ago), which leads me to think there are intentional omissions towards the journalist. It is new that this level of detail is reported about happenings in the crypto space, from traditionally and previously non-crypto publications. It had usually been confined to "broad market selloff, here's a bunch of hot takes from our gloomy college friends on how it goes to zero!" instead of "specific incident within a crypto community, here's what happened". Medjedovic on the other hand is only seen as taking advantage of situations, such as a journalist that is perhaps merely enthused by the crypto asset economy at a publication that needs someone looking at it, but maybe not well versed in it or having editors that would notice either.
Medjedovic stood to lose all of the ETH he was paying in transaction fees (which could have easily been 3 ETH) if someone decided to frontrun his transaction. If that was most of his ETH, that does sound "significant" to me.
Yeah, typically MEV shielding == sending directly to a mining pool that promises that not frontrun it. It's not a guarantee though, the miner could decide to still frontrun, or a small reorg could occur, and another actor could replace the transaction.
> It's not a guarantee though, the miner could decide to still frontrun
The transaction bundle will fail if the success criteria is not reached (often a certain level of profit), so the worst that happens is that the profit margin falls to that level or the transaction is not included with zero cost to the sender
Exactly, flashbots and similar implement a gateway for submitting transactions directly to the miners. The transactions are only included if they succeed, because part of the transaction transfers payment to the miner for including it and another part of the transaction guarantees success only if it is profitable enough for the submitter. The transaction bundle is not mined unless it succeeds and thus avoids paying gas for failed attempts.
My point is that this is something the flashbot service does before submitting the transaction. There is nothing technical stopping them from submitting it or frontrunning it (besides destroying their reputation). In addition, when uncles and reorgs occur, the rest of the network sees the transaction, and hence could frontrun it / submit it and have it fail.
> but they wouldn't necessarily know what to look for or change if its a distinct kind of transaction
which means non-trading transactions would look so different that someone playing with higher gas wouldn't know what to replace in the bytecode within the 15 seconds between blocks
and the user also has the choice of sending directly to a miner just like the MEV people do, to skip the mempool
which is looks like he did (but not sure, just noticed his contract mentions MEV)
I took "fail" to mean someone seeing his transaction in the mempool and frontrunning him, exploiting the flaw for themselves before he could. AKA Ethereum's "Dark Forest." Not that the transaction would fail as in a bug or something. I'm sure he knows how to simulate transactions locally if he could figure all this out.
> You can fork the current head of the mainnet blockchain to localhost and try infinite permutations for free to see what the next state of the blockchain will be. And then if you like that state, you can then pay to send the working transaction to the mainnet to make that same state occur, in a sure bet.
Yeah good observation. But instead of arbitrarily hashing a algorithm used in consensus to find a block, this would be hammering specifically constructed bytecode at a smart contract’s ABI endpoints to see how many other things get effected.
He used some form of MEV shielding but not clear in which way (like if it went straight to miners) but its improbable that the transactions he formed would have been able to be frontrun
Forget about the exploit itself. Why are people trusting two young nobodies (Day and Kellar of Indexed Finance) with so much money in the first place? Ok, so Day has some decent academic credentials, but he's just one person. Who was doing risk analysis? Which independent experts analyzed their algorithms? Which accounting firm audited them? Where's the oversight? These two guys whipped something up, threw it out in the wild, and the masses fed tens or hundreds of millions of dollars into it without a care in the world.
Because people want to and decided the risk was worth it to them? If a consenting adult wants to deposit their money into a system that they have full visibility into, why should we stop them?
> This is how crypto operates. Buyer beware.
This statement rings very true for me, and perhaps is the bit we agree on. With crypto there is no "oversight" that blocks you from depositing your funds into unsafe contracts, etc. It's up to you as the user to do your own research before depositing funds.
There are many projects within crypto that ARE well built, and have been carefully tested, analyzed, slowly released to the public, etc. I like having the ability to make this choice myself instead of relying on some gatekeeper to decide what I can do with my money (cough "accredited investor rules").
To state it directly, the vast majority of the population doesn’t have the capability of assessing risk in speculative investments and is disproportionately susceptible to fraud. You give the example of “investing in startups” without also describing that most startups fail.
It’s not a perfect analogy but it’s the same reason we have laws that require seatbelts. In theory this impinges on the liberty of adults, but in practice the it obviously saves lives.
When people commit harm to themselves out of ignorance, I think it’s reasonable for a government to step in.
Note that I think it’s reasonable to fundamentally disagree from a libertarian standpoint but I don’t see many reasonable people arguing against seatbelt laws.
> It’s not a perfect analogy but it’s the same reason we have laws that require seatbelts. In theory this impinges on the liberty of adults, but in practice the it obviously saves lives.
At the risk of going off-topic, I think that seatbelts isn't a good analogy because I don't think we require seat belts to protect people from themselves. It is to protect other people. When you are unbelted, it is far more difficult to maintain control of your vehicle when things start to get even a little bit exciting. You can't worry much about car control when you're getting tossed out of your seat.
I would say helmet laws are a closer analogy, because AFAICT that is almost entirely about protecting people from themselves.
even from a utilitarian stance, the tradeoff for making the system "safer" is that investors miss opportunities that they see but can't take.
something is wrong when you can only buy virgin galactic, not spacex, because of burdensome regulations. the gap between the haves and have nots widen as you must be an accredited investor to buy the biggest winners this decade.
something is wrong when you can buy penny stocks, but experimental defi products exclude the us market because of regulatory concerns. the latter is much more transparent than the former.
Personally, I think we should allow individuals to take a short, inexpensive (free would be nice) class that would grant them Accredited Investor status.
It’s the Libertarian fantasy. Crypto bros, many VCs, angels, and other mini napoleons think they can solve the world’s problems without addressing any of their personal problems, studying history, taking responsibility for their actions, engaging in community building, or hiring people with spines. Which is why crypto and ilk keep reinventing every scam and repeating the mistakes of the past that directly led to regulation.
"Libertarians are like house cats: absolutely convinced of their fierce independence while utterly dependent on a system they don't appreciate or understand."
No idea who said this originally but it continues to be true. Abandon the system, and they find it was there for a reason.
It's this very attitude, that omly the annointed elite should be allowed to do anything, that draw people to crypto. Now personally I would avoid this scheme like the plague for other reasons. Smart contracts are hard to get right, and especially the ones that rely on very complicated game theorethical considerations for correct operation. And further an index fund of tokens whether manually or automatically managed sounds like a bad idea since I don't believe in the underlying tokens.
This isn't a hack, it was straight arbitrage. I distinguish them because there was at no time a transfer of administrative power or control over the contract or targets infrastructure to Medjedovic.
In a smart contract, I'd make a legal distinction between syntactic parsing and calculation, which has to do with the purity of functions and data. An arbitrage would be fair game if it levered an unanticipated calculation, whereas a recent example where the contract was only checking the last several bytes of a destination address key would be a parsing exploit. Medjedovic's arbitrage as described appears to be a pure calculation advantage, and not exploiting a parsing error, and so this is very reasonably fair game.
He used logic endogenous to the contracts, with no exogenous control of the systems running the contracts. When you exploit a buffer overflow, you are breaking through (sabotaging) a parser as a means to manipulate the raw memory and machine - whereas this arbitrage is closer to something that lies somewhere between clicking on a link someone provided but had some unspoken intention about you not using it, and a SQL injection or other evaluation error that yields an index. (edit: Actually, it's more like saying something really funny and unexpected on a platform that hasn't banned that kind of humor yet, and they're just mad about the consequences. we could even see a future where the distinction between a hack and arbitrage will be the complexity class of the algorithm and whether it represented a scheme that was Turing complete)
Unfortunately, in Canada they'll go after him just as a fugitive now, and there is no shortage of political actors who will want to make him the perfect example villain for their hysterical policy objectives. This is one of those increasingly classic situations where a really smart kid gets system-involved and can't comprehend how insane it is because the legal system and politics are not subject to mere reason. If he has the money, fleeing before charges were laid was probably even rational, as there is no reason to expect the legal system is equipped to deliver justice in something so new.
> If he has the money, fleeing before charges were laid was probably even rational, as there is no reason to expect the legal system is equipped to deliver justice in something so new.
Except what's next? Live in hiding in a foreign country? Craft a new identity and find new chains to exploit? I suppose 18 years old is a good time to learn that you can have all the money in the world, but it won't do shit for you if you can't spend time with the people you want to.
I'd wager this individual could get much more satisfaction out of developing novel, interesting mathematics that do actual good for humanity, surrounded by a group of like minded high performing individuals. But he seems to have thrown hopes of that out the window. It's sad, really.
Regarding these like minded high performing individuals surviving in institutions - after a couple of sigmas and making some money, it can become difficult to value their esteem. Canada is full of people who have fled their home countries with their money, foreign capital flight drives our entire real estate and supercar markets, wealthy fugitives as a lifestyle choice are probably more common than we expect.
Yeah, but tradfi has this problem too: sometimes it's hard to tell the difference between straight up trading, and spoofing/otherwise manipulating the market. Maybe the moral of the story is this, that free markets are a myth, and crypto is just making this even more clear.
Arguably, the myth is that markets are efficient. That is to say that the clearing price is the expression of all the information available to participants is a fiction.
This idea of the Turing completeness, or maybe complexity class of your transaction logic determining whether it is an endogenous logical arbitrage trade, or an exogenous manipulation scheme may have some really appealing features.
Hypothetically, if the steps of your transaction logic operate on or recurse over feedback into and from the market, you are in fact, "manipulating," it. I'd wonder how describing manipulation in terms of recursion limits and feedback would impact the definiton. Whereas, if you are precalculating or front running some periodic market function, you are arbitraging it with endogenous market information and that makes it "legit."
Where this guy might be vulnerable in that model is the question of how far upstream of his actual transaction did he get before the feedback loop he was operating over is not considered a part of that market - and whether his arbitrage was legit because it was between markets.
He isn't only accused of fraud. He's also accused of market manipulation, and the trick he used here is practically a textbook example of market manipulation.
> If he has the money, fleeing before charges were laid was probably even rational, as there is no reason to expect the legal system is equipped to deliver justice in something so new.
TFA claims he was originally offered to keep 10% (over a million dollars) from this hack, free and clear. Not agreeing to that deal meant willingly putting himself at the mercy of said legal system. Talking about a single decision as rational in isolation is disingenuous.
This is like a casino offering to let you leave with 10% of your winnings because their dealer didn't shuffle the deck. Not an reasonable expectation.
I will go back to this idea of an endogenous logic calculation vs. exogenous parsing errors description, where so long as he did not misrepresent the identities or sabotage the functions of any of the sources or destinations of the funds he used in his system, he should be in the clear.
It would be interesting to verify whether his technique had this "functional purity," that I've named and am balancing my argument on tho.
Probably nobody is reading this thread anymore, but I remembered an analogous situation in a casino with a slot machine (it credited $1 inserted as $10) and the people who kept playing it for that reason were potentially liable for fraud.
> This is like a casino offering to let you leave with 10% of your winnings because their dealer didn't shuffle the deck. Not an reasonable expectation.
If the casino has Mafia backing, then maybe it is reasonable...
>He used logic endogenous to the contracts, with no exogenous control of the systems running the contracts
The same description can be said for using XSS to steal someone's cookies. XSS doesn't escape the JavaScript virtual machine similar to how you aren't escaping Ethereum's virtual machine. Technically the code allows you to inject arbitrary JavaScript, but that behaviour wasn't intend to be possible by the designers of the site.
Your level of abstraction as an end-to-end operation I would agree with and it's a better example than mine, but the theft metaphor is not accurate because he literally paid the market price for every single step along the way in mining fees and transaction costs. For every token purchase and exchange, there was another person on the other side of that trade.
The argument I'm using is that the casino didn't shuffle their deck and a player calculated an advantage. He didn't have hidden cards, a secret view of anyone elses. I'd like to verify that aspect of the strategy though as it's potentially a powerful heuristic.
I didn't intend to make a theft metaphor. I think a big factor on why this wasn't fair game is when he abused the bug to send tokens manually instead of interfacing with the smart contract which caused it to allow him to withdraw tokens worth ~366 times what he sent. Using a bug to bypass a restriction seems sketchy.
"But passivity also created risk. If there was a problem with the code, someone could exploit it directly, without needing to bypass any human safeguards. And limiting blockchain interactions to cut costs entailed a trade-off: When a smart contract—a script that executes automatically when certain criteria are met—has fewer steps, it can leave more room for security vulnerabilities."
So much of this reminds me of Chesterton's Fence, where "innovative" solutions are deployed by people who never put forth the time and effort to fully understand how the existing system came to be the way that it was - and the problems that it had to deal with and solve along the way.
I'm not trying to sing the praises of finance and banking; there's much there that is broken. (I'm also not a fan of crypto or NFTs.) But I am saying that many of the "old" ways came about in response to a litany of problems that are neither obvious nor intuitive, and you need to understand why it works the way it does before putting out a new solution.
What is interesting to me is how it shines a light on the regulatory framework of the non-crypto economy. If you read up on edge cases, there is a lot of people deciding if something is "fair", and my notions of fair and a particular judges notions of fair are often at odds.
To steal from Frank Zappa: Legal isn't the same as allowed, allowed isn't the same as fair, fair isn't the same as just, and just isn't music.
There are lots of stories lately about stolen NFTs. The podcast ReplyAll did an episode where they tracked down the current owner of a stolen NFT. He had sympathy for the original owner but he had no intention of turning it over.
I don’t get why purchasing a stolen NFT is different than purchasing a stolen guitar from a pawn shop. Shouldn’t the previous owner be able to use the courts to demand the return of the item that was stolen from them?
Or is this just something that hasn’t been tested yet?
The whole point of an NFT is that the ownership is on the blockchain and guaranteed by said blockchain - if the courts can "force" return of the NFT than the NFT isn't actually synonymous with the ownership, and so then is kinda pointless.
There are 2 different issues here. Do courts physically have the ability to change the blockchain so that an NFT goes to a different wallet? No. Do courts have the ability to arrest someone when they ignore a court order to transfer an NFT? Yes. I don't think the courts really care about some pure intentioned "code is law" argument, because they tend to think law is law.
With the ledger being public, it could be very simple for courts and police to deal with it given the appropriate legislation.
Mark the result of theft or other illegal transactions, and any subsequent transaction as dirty.
Make any exchange, any vendor, any trader, and any user check with a government database before or immediately after receiving a payment, with penalties prescribed by law.
You immediately limit stolen crypto to the black market.
Except crypto is decentralized, and you can use mixers, which are not owned by anyone, to anonymously move coins from a blacklisted wallet. There is no mechanism in decentralized crypto to freeze an address, and I don't think the crypto community would adopt such a blockchain.
Blacklisting doesn't have to be a feature of a blockchain. It's enough if most countries decide to make it illegal for anyone to spend coins received from a blacklisted address. It's not easy to enforce of course, but people would be afraid they get in trouble if they're ever deanonimized, and businesses could be required to report their trades, just like taxes.
This will force creation and use of wallet reputation checkers for most users of cryptocurrencies. Mixers will not want to be left holding all the blacklisted coins, since that causes them financial loss. Therefore mixers will launder coins at a very high premium (lemon market) and compete on developing their own systems for reputation checks and escrows to reduce their risk of being left with coins nobody wants.
Everyone already knows mixers are holding illicit coins. It doesn't matter because mixers don't actually "want" anything. They're just code in the ether. You send your coins to an address along with a receiver address and the smart contract sends coins to the other address. How do courts stop that without shutting down exactly what makes blockchains valuable?
If a bank robber wanted to swap blacklisted $100 bills with you, would you? Would you just swap them at their face value, or at a discount knowing that it gives you a non-zero risk of having negative legal consequences?
Mixers will have to change their policies in order to avoid becoming a market for lemons in which everyone loses.
I do not expect governments to worry a tiniest bit about destroying value of an anti-government technology.
mixers are currently a market for lemons. No one uses a mixer on clean crypto. Hasn't been a problem, but I guess the government could start banning exchanges from accepting crypto that has ever been used at a mixer, although eventually won't it all pass through one?
> Just blacklist any coin downstream of a blacklisted coin.
What does this mean? If a single blacklisted coin is put in a mixer then every other coin mixed together is blacklisted? You've just banned mixers. Eventually every single coin will be able to be traced back to a blacklisted wallet, so you've also just effectively banned crypto in the long run.
> No legal entity would be able to hold or trade blacklisted coins.
Mixers don't have to be entities though. No one owns them, no one is responsible for them. They're just code someone uploaded one day and promptly forgot about.
But the NFT was actually stolen, she was phished for her seed phrase, and the criminal moved ownership of the nft to their wallet, and then sold that to the person who was interviewed on the podcast.
It’s no different to a thief stealing your bike then selling it to someone else on a street corner. Just because that person is the current owner and thinks they legitimately purchased it doesn’t make it rightfully theirs. In fact it’s even worse because it’s trivial to identify who the rightful owner is in this case, and if you buy an NFT you can look back at exactly who has owned it previously.
Now imagine if this was the deeds to your house on the blockchain.
That doesn't make sense. An NFT exists purely in the realm of reality. It has a real (non-fungible!) representation as 1s and 0s and it's etched into "the blockchain". That's just as "real" as the atoms that makeup a bicycle. Arguably, much less valuable, but still real. At the end of the day, the NFT is represented by atoms as well.
If you steal my bike, that's theft. If you steal my DVD collection, that's theft. If you steal my steam account, that's theft. If you steal my NFT, that's theft.
Ownership is a legal concept and the blockchain says nothing about that. It merely records transactions and says nothing about the right to do those things.
For example, if the court orders you to turn over your Bitcoin holdings to creditors in a bankruptcy proceeding and instead you transfer them elsewhere, you are probably going to jail. When you transferred them, the coins were in your possession, but you weren't the rightful owner.
Correct, blockchain itself doesn't mess with ownership.
But NFTs and certain smart contracts are meticulously designing a custom form of ownership for themselves. That's what changes things. And this would be true even if they didn't use blockchains!
If you throw out all that custom ownership logic, you lose the core of what makes an NFT an NFT. Now it's just a few dozen bytes that anyone can mimic.
> smart contracts are meticulously designing a custom form of ownership
Not sure what you mean by custom form of ownership. If you are talking about fractional ownership, even that isn’t new.
Contracts around ownership are built on top of legal system. Smart contracts provide automation around defining and execution the contracts. That’s cool and can be super low cost, but apart from the automation, there isn’t much that’s different from traditional contracts. They can still be challenged in court.
For example, if you had a contract that, upon your death, transferred all your money to your nurse, your spouse could still challenge that in court if the contract was created under duress or created when you weren’t of sound mind.
Ownership can’t be defined outside of the law. Ultimately these are boring old contracts in a digital form and they may or may not be valid. The validity can’t be determined within the NFT, smart contract, or blockchain. Some code may initiate a transfer of something and that gives you possession of it, but ownership isn’t guaranteed.
For example, you can write a smart contract that would watch for divorce papers being filed by your spouse and upon filing, you would transfer your Bitcoin balance or NFT to some other wallet. A court isn’t going to fall for that. You will be found to have hidden community assets (ie assets you don’t entirely own).
If it goes from a wallet you control to a different wallet you control, neither system would say ownership changed, so I'm not sure how that example helps.
Another point of comparison I'll bring up is cars, where if you let someone have your keys then you have limited or zero recourse in many situations where they do something bad.
I think most of our disagreement is about the word ownership. I think many of the times you've used that word, it would be more accurate to say possession.
Your car example is a good one. If somebody has your keys (either with permission or stolen) and they take your car, they have possession of it but at no point do they own it.
Another example - lots of companies have crypto wallets and own Bitcoin and other currencies. Corporate wallets are controlled by agents of that company. The people who know the keys don't own the crypto, the company does. If an employee transfers from a company owned wallet that they control to a wallet they own, that's theft the same as if they had wired money to an overseas account of theirs.
Possession and ownership can align, but they don't have to. Smart contracts can be legally binding, but that isn't guaranteed. None of this exists outside of our legal system.
> I think most of our disagreement is about the word ownership. I think many of the times you've used that word, it would be more accurate to say possession.
But also I'm saying that a foundational pillar of NFTs is that possession on the blockchain is the only thing that matters.
It's possible to disagree with that pillar, but removing it would destroy a huge chunk of what NFTs are.
If you want me not to say 'ownership' for that concept, that's fine.
Also I'm not making this claim about crytocurrency in general. It's only specific subsets.
Ok so if I hacked into your computer and stole your private keys, I get to keep all your Bitcoin? Even if you know it was me and have irrefutable evidence? Even if I admit to it? You wouldn’t consider asking the courts to use real force to get it back?
Bitcoins aren't specifically designed the way I described. It's reasonable to invoke normal contracts and courts with bitcoin.
This is a situation specific to NFTs and people that are going super hard on smart contracts.
And even if I was a true believer in NFTs, yeah I'd probably ask the courts to do that, but doing so would be a betrayal of my beliefs and evidence that the foundation of NFTs is very shaky. The idea that I would do something hypocritical in such a hypothetical situation doesn't change the argument I made in my previous post.
This is why I struggle understanding the mainstream usecases for crypto. Will it forever be bound to the "only put in what you can afford to lose?" mindset?
Or are people banking on another layered solution which has arbitration, disputes, clawbacks, etc - all built within the blockchain. (I remember EOS discussing something like this)
Note: I understand that risk is present in any financial endeavor, but knowing that the courts can help you does de-risk the amount people will feel comfortable investing.
> if the courts can "force" return of the NFT than the NFT isn't actually synonymous with the ownership, and so then is kinda pointless.
That's just the thing, isn't it? Courts have zero interest in upholding whatever boneheaded ideals that NFTs are meant to represent. Receiving stolen goods is a crime, and that's something courts are entirely geared towards resolving.
Is there really any question about whether or not courts can force the transfer of an NFT or impose penalties?
Say you hold most of your wealth in some cryptocurrency and are going to file for bankruptcy. Do you think the courts will tell your creditors that the Bitcoin is beyond reach? I suspect they wouldn’t treat it differently from any other asset.
That the blockchain is interpreted as a record of ownership is irrelevant. It merely records what has happened and says nothing about the nature of those transfers.
One of the points of digital assets is that the code is the contract, so whatever the code says is what was agreed to. There can be no cheating (in theory) hence no need to resort to courts etc.
Which is why the big players the smart contract that was exploited in this article just accepted the loss and moved on? Oh wait, the two largest losers here BOTH went to court independently.
The cryotocurrency community supports the "code is law" talking point only until serious money is lost. Then they go the courts for redress under actual law, or they fork the blockchain.
That's true if you are litigating the enforcement of the contract through traditional legal systems. Crypto enthusiasts want to be completely divorced from those.
The courts haven't even determined whether anyone even "owns" an NFT, so no.
--
For the downvotes, I'll add some further explanation: you have access to the keys in order to perform a sale of "your" NFT, but no US court (I am unsure of other countries) has yet ruled in a case that clarifies whether a person actually owns an NFT. For example, they have not ever ruled against someone who has "stolen" an NFT. Therefore, there is no case law that says whether a person legally "owns" an NFT.
Don't just take my word for it:
> Ultimately, an NFT owner has access to the underlying asset, but they may lack exclusive access to or control of the asset, let alone ownership of the asset or any intellectual property (IP).
A judge is not deciding whether something is "fair" they are deciding whether it is illegal to the letter and/or spirit of the law. The reason this is at odds with us is that many things are legal that are not "fair".
The specific danger here legally is trying to apply general laws into an unregulated market. It's a bit like borrowing money from your mate and then trying to take him to court because he's asking for too much interest.
They are, or at least purport to be, fair at some level or through some mechanism most people may not immediately percieve.
When something really isn't fair, even by some indirect means or when accounting for some other imperative like geneneral societal necessity, then they are at least understood to be failures not successes.
This story though... it actually provides a good example of indirect fairness. Well yes and no, there's a point and also a counter to that point, net result throw up my hands glad I'm not in crypto:
Point, it's fair: You got robbed and think it's unfair that there's no recourse. That downside is just the fair price of being in that game at all, which you pay in trade for not having to deal with the traditional system and "the man". You have to absorb the occasional loss from a mistake as just a feature of the environment like the risk of your shipping boat sinking because the ocean is not a safe place. The only protection possible is pay an insurer or maintain your own emergency escrow or something, not any kind of police or rule-daddy.
Point, it's not fair: They are not in fact free of the man, and so they are not really getting the true freedom they are paying for by assuming all responsibility for their own risk.
Well, this is going to send us down a rabbit hole but the reverse is also true: there are multiple interpretations of a given law and the judge tries to use their judgement to square the law with the facts.
(Rabbit hole because I sense this is a debate lawyers have all through law school, and there are various schools of thoughts about the nature of the law etc)
> What is interesting to me is how it shines a light on the regulatory framework of the non-crypto economy. If you read up on edge cases, there is a lot of people deciding if something is "fair", and my notions of fair and a particular judges notions of fair are often at odds.
Yeah, that's by design. If your "notions of fair are often at odds" with someone else's notions of fair, and a judge needs to intervene to resolve the dispute, then things may not break your way.
> His profile on one social network included a quote from Kurt Vonnegut's Cat's Cradle about the futility of humanity's quest for knowledge: “Tiger got to hunt, bird got to fly; Man got to sit and wonder ‘why, why, why?' Tiger got to sleep, bird got to land; Man got to tell himself he understand.”
Hey! He’s just like me.
> But did Medjedovic do this, or did the algorithm? Barry Sookman, a lawyer in Toronto specializing in information technology, says it's a distinction without a difference: “Individuals are responsible for the activities of technologies they control.”
This of course goes both ways — aren’t the index fund creators responsible for their technologies too?
That's not the position taken by Indexed Finance's creators:
"When Kellar and his co-founders created Indexed, they imagined it as a step forward for DeFi, or decentralized finance, a blockchain-based movement that purports to offer a more automated, less intermediated version of borrowing and lending, asset trading, and portfolio management. Some proponents take a utilitarian view of DeFi, considering it an improved version of traditional finance, with its fee-taking middlemen and sluggish human decision-making. Others are more libertarian, seeing DeFi as an escape from the existing system, a way of circumventing the rules and restrictions imposed by governments or corporations. Then there are the skeptics, who think it’s all a grift.
Kellar, who describes himself as “very progressive,” fits squarely into the utilitarian camp."
This was fascinating to read, but I think the guy is ultimately innocent. He executed a series of speculative trades using the platform's rules and mechanisms. It reminds me of the 2013 case of some guys who took advantage of a software bug in a video poker game. “All these guys did is simply push a sequence of buttons that they were legally entitled to push.”
This sounds very much like the same thing, and since digital currency is not heavily regulated, some might say at all, I think the outcome, while unfortunate, is not illegal.
Sadly Day & Keller and others will likely haunt this poor kid with lawsuits and frivolous attacks, but in my book he did not break the law.
As I understand it, Indexed behaved as a sort of ETF for crypto, that had automated their creation/redemption mechanism.
Importantly they had automated the creation/redemption mechanism poorly. Here's the operative passage:
By eliminating human managers, Indexed could forgo management fees like the 0.95% its bigger rival, Index Coop, charged for simply holding its most popular index token. (Indexed would charge a fee for burning tokens and swapping assets within a pool, but those only applied to a small fraction of users.)
It also saved on costs by limiting the number of interactions between the platform and outside entities. For example, when Indexed needed to calculate the total value held within a pool, instead of checking token prices on an exchange such as Uniswap, it sometimes extrapolated from the value and weight of the largest token within the pool, called the “benchmark” token.
This way, it reduced the fees it paid for transactions on the Ethereum blockchain. Kellar saw full passivity as a “natural extension of the way index funds already operate.”
Kellar was wrong.
In bringing down the costs, they eliminated the very thing that might have prevented the transactions that cost them all the money. The trades were legitimate, just unfortunate for the holders and to ask the courts to reward the incompetence of the management of indexed is to ask the courts too much.
> In their complaint, lawyers for Kellar and Day argued that two particular steps of the attack violated statutes against market manipulation and computer hacking. One was swapping almost all the UNI tokens out of the DEFI5 pool, the otherwise irrational trade that distorted the pricing such that Medjedovic could buy tokens out from under Indexed users, who were forced by the algorithm to sell. “The only purpose of that trade was to mislead token holders to part with tokens on terms they never would have agreed to,” says Stephen Aylward, a lawyer representing Kellar and Day. “We say that's a form of market manipulation.” The same argument applied to Medjedovic's interaction with the CC10 pool.
> The second illegal transaction, they argued, was when Medjedovic overwhelmed the pool with free Sushi, thereby tricking the algorithm into letting him bypass the size limit on certain trades. Aylward calls this “an intentional act by Andean to disable a security measure, like disabling the security system at a bank.” He argues that this falls under Canada's “extremely broad” legal definition of a hack, which can be interpreted as “subverting the intended purpose of a computer system.”
If the law is held to have supremacy over “smart contracts” and implicit intent is held to be more important than explicit terms, than this undermines not just a major argument for smart contracts but a major argument as to why crypto as a whole is valuable.
Enforcing a contract through a written contract & traditional finance vs a smart contract becomes a mere implementation detail since in either case somebody can come crying to the courts when they lose money. Smart contracts are only interesting if they’re a form of binding arbitration. If smart contracts are not binding, they just become poorly written contracts.
Smart contracts being binding honestly might need to be legislated.
> If the law is held to have supremacy over “smart contracts” and implicit intent is held to be more important than explicit terms, than this undermines not just a major argument for smart contracts but a major argument as to why crypto as a whole is valuable.
No, it really doesn't. There are 2 questions that you are conflating here:
1. Can the courts force a user to return funds made via a valid smart contract transaction?
2. Can the courts force a blockchain to reverse a transaction that was made.
> Enforcing a contract through a written contract & traditional finance vs a smart contract becomes a mere implementation detail since in either case somebody can come crying to the courts when they lose money. Smart contracts are only interesting if they’re a form of binding arbitration. If smart contracts are not binding, they just become poorly written contracts.
Can you elaborate on why this would be the case? To me there is a large difference between a system (like credit card settlement) that can have transactions revoked easily after settlement, and one that can only be revoked by another separate transaction that the sender makes. To me it comes down to a mix of probability of reversal, and who can actually do the reversal (only the sender in the case of a blockchain system).
>2. Can the courts force a blockchain to reverse a transaction that was made.
The courts already can't necessarily force a transaction to be reversed as it is. The money can be gone long before they get involved.
>To me there is a large difference between a system (like credit card settlement) that can have transactions revoked easily after settlement, and one that can only be revoked by another separate transaction that the sender makes.
There's a good deal of irreversible transactions, such as inter-bank transfers in traditional finance. It's also my understanding that most "Reversals" are just new transactions or cancellations of pending transactions. I don't see a HUGE difference in how an inter-bank wire transfer works and how sending somebody crypto works except that in the case of crypto it's the wallet/account holder in full control.
I'll acknowledge there are differences, which impacts the probability of reversal and who can do the reversal, but I still feel it borders on the edge of "implementation detail". It only feels like a truly profound difference if you want to make a transaction a bank would normally interfere with, like a ransom payment, payment for fraudulent goods/services, drug deal, money laundering, funds being sent to political dissidents, or similar. Whereas the idea of smart contracts bypassing the expense of the courts entirely seemed like a much more broadly useful notion.
Even then, a binding contract is still subject to what is contractually enforceable, which could break the functionality and purported benefit of a smart contract.
The funny thing is, based on the architecture of these types of systems, they aren't the operators. Arguably the miners are the operators, otherwise only the users are the operators.
> One was swapping almost all the UNI tokens out of the DEFI5 pool, the otherwise irrational trade that distorted the pricing such that Medjedovic could buy tokens out from under Indexed users, who were forced by the algorithm to sell. “The only purpose of that trade was to mislead token holders to part with tokens on terms they never would have agreed to,” says Stephen Aylward, a lawyer representing Kellar and Day. “We say that's a form of market manipulation.” The same argument applied to Medjedovic's interaction with the CC10 pool.
Shame you can't manipulate an unregulated market. It's not illegal to do irrational things. Hell, even the regulated markets say, "The market can remain irrational longer than you can remain solvent."
So for the first claim, they are arguing that forcing a leveraged short squeeze is market manipulation? There seems to be lots of straightforward counterexamples that it's not - that's an extremely common tactic the big guys use to squash little guys in the regulated markets. The little guys "would never have agreed to part with those securities on those terms" and the squeeze is often deliberate, transient, and leveraged.
Their complaint hinges on an interpretation of what the correct level of abstraction for describing the transactions is. Their argument, "to mislead token holders to part with tokens on terms they never would have agreed to," is literally a counterfactual that presumes both fictional market conditions as well as intentions of anonymous owners.
The second argument is an analogy, "disable a security measure, like disabling the security system at a bank," and the limit expressed in the code was definitely an expressed preference by the contract author, but if they wanted it to be a legal contract subject to human interpretation, they would have specified this in English. Instead, they created a software tool, and they did not take into account how that tool might be used by the public.
The argument about this is whether code written for the express purpose of partipating in risky transactions can be imbued with any other coherent intention. The closest analogy would be that Medjedovic was at their gambling table and was counting cards, except there was no policy keeping him out of there, or against card counting.
I'd tend to agree with you. People with money and power will push for laws that protect them though. But this situation is why I'm skeptical of these kinds of contracts - too much potential for problems.
If you discovered a significant shortcut to hashing and then went back to block 1 and re-mined every block until your branch was the one with the most proof-of-work, I'd have a hard time trying to claim that your branch wasn't the legitimate one, according to Bitcoin's own rules.
I suspect in this hypothetical scenario, however, the bitcoin developers would write a new rule.
Uh... yes? Are you seriously trying to imply that would be legal?
If someone ever cracks modern encryption, that doesn't mean they can do whatever they want with everyone's accounts everywhere. If you find an exploit and exploit it, that's illegal.
No, but that's not the same. Signatures and checks are covered by terms & conditions (and law) that you must follow.
A better anology is if you figure out a mathematical advantage within the rules of a casino game, are you allowed to win? I believe you are, as long as it's within the rules of the game. And the casinos are smart enough to create rules against any lasting mathematical advantage.
I know how to pick locks. The locks are designed to open when pins are raised by a certain amount. Doesn't mean I have a right to anything I can unlock.
The intention of the system is to work to as security. Just because you find a way around the security doesn't mean that you are now immune to the law regarding ownership. When SHAX gets cracked, that doesn't give the person figuring it out a right to transfer all the money out of your bank account just because they figured out the math.
If private keys are proof of ownership then what's the difference between keys generated before vs keys generated after. If both keys are valid then both have then both are proof.
Private keys are not proof of ownership, they are a technical implementation detail. That crypto has been poorly designed so that keys are all people have to prove ownership is a failure of design but doesn't fundamentally change the divisibility of ownership and access. This is easily observed with a shared wallet, for example coinbase's. If an employee stole their keys, I assure you that employee would enjoy a jail yard view for the next lifetime.
He was in communication with the IF team, and contributed something to their system, so it's possible that he defrauded them and inserted malicious code into the protocol, not just interacted with the protocol.
"In their complaint, lawyers for Kellar and Day argued that two particular steps of the attack violated statutes against market manipulation and computer hacking."
So now they want crypto to be treated as regulated securities, but let me guess, only when it benefits them...
Most want the law to benefit them if they suffer harm, even if it can be argued to be self-harm. Most pay little attention to the law if no harm is taking place... unless the law will cause harm. This isn't unique to DeFi
What's unique to DeFi is that they're trying to circumvent there laws trying to prevent harm to others, while still wanting to be protected themselves.
For all the people shouting "Way to go!" and "The money is his!" I think you should remember he's currently a fugitive, and would need to spend the rest of his life living this way.
If that's what it takes to live the "code is law" dream, count me out.
I like the very web3 middle ground where the attacker negotiates with the company and returns a part of the money, the rest being the lawful reward for reporting the vulnerability.
To make my stance very clear - this is an absurd and hilarious practice and feels similar to ransom, with the hacked entity putting "white hat hackery" on the table as an option to get some of their money back.
Plus his family aren’t choosing to live their lives in hiding. What part of the smart contract is going to prevent acts of violence against them? Seems like he was relying on maintaining anonymity and now that that’s out the window his family is on real danger. $16-17 million is a lot of dough and it would cost a lot less than that to hire some kidnapping & ransom specialists to visit his family.
There's something delicious in a critical part of the arb relying on a mechanism the contract authors included to reduce gas fees. Not only are we enshrining code as law, we're playing code golf with it first!
I have a compromise. Allow hacks of cryptocurrency to be prosecuted, but when they are, the also prosecute the creators of the cryptocurrency for making unregistered securities and for any fraudulent marketing of the cryptocurrency, or any failure to disclose risks, or for not following financial regulations.
This is another example of make risks public and reward private. They are arbitraging the financial system and trying to have the freedom of cryptocurrency, but when things go bad, want law enforcement to come fix it.
"They discovered that the Ethereum wallet used to transfer tokens during the attack was connected to another wallet used to collect winnings in a recent hacking contest by a participant who sometimes identified himself as UmbralUpsilon. Pulling up the participant’s registration, they saw that it linked to a profile on the collaborative coding platform GitHub."
Opsec really isn't that difficult, you just have to give it some thought.
I'll keep saying it -- a "smart contract" is nothing nothing nothing at all like a real contract, it's a stupid little piece of vending machine code that just operates. If we're going to argue the ridiculously dumb idea that smart contracts are, in fact, legal contracts -- congrats to the kid because he is 100% entitled to that money.
Indexed gets no sympathy from me; guy exploits a bug in the code. Awfully predictable that these would-be DeFi fanboys go crying to a centralized legal authority when things don't go their way.
They were holding $17m in funds and only paid 2 unnamed security auditors?
Yes, getting a proper audit for a Defi Protocol is expensive (probably 8 person weeks at $20-30k/week or ~$200k), and every good audit firm has a 3-6 month waiting period. But when you’ve got 100x that to lose, it’s a drop in the bucket.
The fact that Ethereum code is public seems to weigh in favor of allowing him to get away with his "hack". For any other financial instrument, we rely on verbal descriptions of how it will be conducted and behave. With Ethereum, the code speaks for itself -- for better or worse. This leads to a rather absolutist dog-eat-dog rationality that I don't much like, but also don't see how to avoid.
> For any other financial instrument, we rely on verbal descriptions of how it will be conducted and behave.
My brokerage sends me plenty of prospectuses and other documentation that I don't read that describes exactly that. I depend on the regulators and the lawyers of other clients that have a lot more to lose than I do to make sure they stick to the rules.
Code is law. He deserves every cent, because it’s all as worthless as the rest of the crypto sector will be in a few months. He deserves the money because he illuminated the true state of crypto by example in a sea of fraud.
It looks like if you fall foul of big merchant banks and stock traders you can have the full force of the DOJ land on you, but crypto is not important enough.
I'm cheering to see the grift coming apart. Yes, some people are losing. But the early the grift falls apart, the fewer future people get destroyed by it.
I'd rather cheer seeing crypto fail, then stand by and watch it suck in vulnerable person after vulnerable person in perpetuity.
Also, I absolutely do cheer the losses of bad people. If a scammer or ethnonationalist loses their hard earned winnings.... Good.
Its the same. You have an irrational fear/hatred of decentralized peer-to-peer money. Grifts unwinding is a thing, but don’t throw out the baby with the bath water here.
I fully intend on using Bitcoin for the next few decades, both as a saving and international remittance system.
It’s from a place of spite. Don’t be spiteful, it makes you a bad person.
If you really hate crypto projects so much, rather than complain all day long about the crypto-bros getting rich off of their tokens, just hack the smart contracts themselves and the project should offer a bounty if not beg for a negotiation for that and once the project creators fix the bug, you keep the rest.
easier said than done. you can be sure that when news breaks of a contract being hacked it was only after maybe dozens, if not hundreds, of contracts had been tried and failed, by many hackers all over the world. Also, likely illegal: Code may be law but the judge may not see it that way.
I feel like the fact this person, per the article, is a white supremacist who used the n-word in his code repeatedly is under-discussed here. Folks here jumping through hoops to rationalize why what he did is actually demonstrative of either flaws in crypto or the purity of arbitrage come off seeming very tone deaf.
What exactly are you proposing here? That we have a different set of financial and legal rules for despicable people? Or that the financial and legal rules everyone is subject to should be based on how they impact a specific despicable person?
If a despicable bigot is facing the death penalty for stealing a bag of chips, would it be ‘tone deaf’ to say that’s an unfair punishment?
Yeah, the attacker resides in Canada, so even if found guilty he's looking at easy jail time at the worst. All he has to do
is wait a few years and the $ is his. not like in the US in which feds hand out decade+ sentences like candy on Halloween.
Maybe. That actually raises some interesting questions, come to think.
A key factor in an offence is the location of the offence, which usually determines jurisdiction and the relevant laws.
In the classic example of hacking an American bank from Canada, the offence occurs on the American bank's servers in the United States. That's relatively clean and simple, legally.
With an Ethereum smart contract ... I'm not even sure where to begin. Where does the offence even occur, legally speaking? What aspect of fraud by a non-American, against an American resident by executing an adverse smart contract, occurs under the jurisdiction of the United States, if any?
> It would take weeks to figure out precisely what had happened, but it appeared that the platform had been fooled into severely undervaluing tokens that belonged to its users and selling them to the attacker at an extreme discount.
Q: is the programming language these things are written in powerful enough and have sufficient data access for the developers to include sanity checks that would halt trading automatically if something is happening too far out of the norm such as an unusually high volume of attempted night discount sales? Or maybe that would just block extreme discount sales if there have been too many of those recently?
More to your point, you can always have more logging, slow things down to make them safer and allow communities to react in a timely manner, but it's far from trivial. The real problem is that any mistake can be fatal from the defender's point of view.
> It also saved on costs by limiting the number of interactions between the platform and outside entities. For example, when Indexed needed to calculate the total value held within a pool, instead of checking token prices on an exchange such as Uniswap, it sometimes extrapolated from the value and weight of the largest token within the pool, called the “benchmark” token.
> This way, it reduced the fees it paid for transactions on the Ethereum blockchain.
This cost-saving mechanism ultimately allowed the hack to take place.
i found the address and i take everything back and declare the opposite, that address is not random at all.
-- original post --
> The Ethereum address used for the attack included the number ... shorthand for ...
So Bloomberg thinks people choose the numbers in their wallet addresses and are responsible for any perceived numerological meaning. Are they for real?
Sure the guy could have sat there recreating addresses until one includes this number, but i consider it more likely this is the result of searching randomness for patterns they want to find.
Someone noticed the pattern in the randomness and Bloomberg includes it, as it makes the antagonist more evil and the story more interesting.
> The Ethereum address Medjedovic used for the attack included the number “1488”—shorthand for a neo-Nazi slogan—and he’d written the N-word into the code itself, 16 times. A Twitter user called him the “Dylan [sic] Roof of Balancer Pools,” a reference to the mass shooter who killed nine Black people at a church in Charleston, S.C., in 2015. Medjedovic liked the tweet.
Here’s another:
> Medjedovic apparently flirted with extremist ideas: The classmate says he heard him speak favorably about White supremacy and eugenics.
He is clearly a white supremacist, how is this “searching randomness for patterns they want to find”? This is speculation, but it wouldn’t surprise me if this guy generated lots of addresses until he got one that did have 1488 in it.
Are there any good resources someone can point to on getting into the code and mechanics of this? The article was a nice read, but probably distills the real stuff behind some journalistic simplification.
I think of this like if you empty the 'take a penny, leave a penny' tray into your pocket. It's clearly allowed by the terms to take the pennies, but it's also clearly immoral.
Can someone explain how you can take out a ~$150m flash loan? (Did he post $300m collateral?) Did he only need 3 ETH for that or were the ETH only used for the transaction fees?
So flash loans must be repaid before the next block is mined, so you don't need to post any collateral, just the interest. If the loan isn't repaid in time it automatically unwinds and you lose the interest payment.
The 3 ETH was the gas fees for the transactions. (Some went to deploying the attacking contract, some went to contract interactions afterwards.)
With a flash loan, the funds must be returned by the end of the transaction, or the transaction fails. This makes the completion of the transaction the collateral, as if it fails at any point, all transactions (including the loan) get reverted.
The philosophical wishes of those protected under the law does not change the law.
What if someone wishes for full protection of the law and publicly asks for it beforehand, but then gets involved crypto/DeFi — would they then "deserve" the law's protections while others involved in crypto/DeFi do not?
The Ethereum address Medjedovic used for the attack included the number “1488”—shorthand for a neo-Nazi slogan—and he'd written the N-word into the code itself, 16 times. A Twitter user called him the “Dylan [sic] Roof of Balancer Pools,” a reference to the mass shooter who killed nine Black people at a church in Charleston, S.C., in 2015. Medjedovic liked the tweet.
Completely counter to every experience I’ve had working with Waterloo people. My sample group always seemed smart, interesting, kind.
Absolutely, they are guilty, but they won't take any responsibility.
When you deploy a smart contract on a permissionless blockchain, you don't own the smart contract or the funds that it controls.
These developers are hypocrites who don't believe in the basic premises of this technology. It is easy to preach the virtues of decentralization when it makes you money and run back in the arms of daddy government when things don't play out in your favor.
They are guilty of implementing a mechanism that was broken by design, and wasting customers' money. They hadn't been hacked or stolen from - the "attacker" didn't need to hack any particular security mechanism, he was just smarter at how their market worked than the owners.
Smart contracts are badly named lambda functions. They need the same regulation as any other code, the difference being, the regulation can come in the form of more lambda functions.
The judiciary could write the latter any time they got the right technical input. The question really is - what’s worth putting in the effort right now?
And those answers are coming soon.
But we shouldn’t conflate smart contracts with legal contracts in discussions.
Good luck to the judge. Commodities laws still apply so this will be interesting to follow.
They had to sue or they would be sued themselves (which they might regardless), but there is no law restricting you actually from inflating the market value of an item (or a security). Their advantage is that he doesn't have a lawyer (or claims to) -- which is a stupid move; and that they froze his gains (another stupid move). If a hack is actually involved under Canadian law we shall see but a civil lawsuit is not unlikely to dictate that.
He misled their market maker, not the holders. Of course without reading the case one can not say anything and has an incomplete view, but they are trying to shift blame here.
There is precedent of course, when Oil futures went negative and in the end brokers paid the difference -- as their software wouldn't allow people to trade non-negative ranges.
tl;dr: I think they are still on the hook for the lost funds back in the E.U./U.K.
I agree, but with the caveat that code is the letter of the law only. As it currently stands, there is no way to resolve a dispute, ambiguity, or unintended consequence with smart contracts in the same way that a court of law would handle such issues with a conventional contract. There is no room for interpretation and all smart contracts must be understood as such.
A common misconception about law/contracts is that they are static. You can technically "not break" any laws and still be held accountable by a court of law.
The people who genuinely believe "code is law" are stunned to learn that: a) humans won't act "rationally", b) regulations exist for a reason, and c) no, the law is law, code is brittle.
d) I genuinely believe that Medjedovic should show up in court to test that theory.
The only thing interesting about this case is how incompetent he was, while having his entire brand and identity be based on intellectual superiority. He should have used a virgin address and Tornado cash. He should have not needed to risk any funds for failure, as he should have tested the transaction in a localhost staging environment for free. Him getting doxxed is the only thing that allows this theory to be tested, whether he, or we, believe it was legal, it is now unnecessary liability. Instead, everyone knows who he is, that he's spiraling mentally, a judge in his hometown jurisdiction froze his addresses and the funds within it (which is a legal abstraction that does not freeze the funds but makes it illegal to move them until the order is lifted, in his favor or not). Just piling on the liability.
I think “code is law” is a decent crux of a more fleshed out defense, I think the Canadian attorney for the project founders is grasping but I’m not as familiar with the direction courts go there, I would prefer to see something similar play out in US federal appeals court (which is sadly after the drama of trials court and how opinions calcify throughout). It would be great and beneficial to see a transcript of how the “Sushi flooding” is argued the context of a broad computer access abuse law.
> The only thing interesting about this case is how incompetent he was
I'm astonished at how poor his OPSEC was. He could have taken any number of precautions to shield his identity -- did he really think that deleting the messages on Discord would be sufficient?
"Code is law" really seems to me to be a philosophical position that can only be held by people who haven't fully internalized Gödel's incompleteness theorems.
