Hacker News new | past | comments | ask | show | jobs | submit login
Saving Nanocap Speculators from Themselves (nyuu.page)
41 points by apsec112 22 days ago | hide | past | favorite | 15 comments



This is my post!

The case studies used here are the smallest of small fries and the implementations are very simple. but similarly simple implementations have been used in more exciting and destructive cases. like the "squid game" coin. the squid contract actually had almost no functionality in it. Squid code said, roughly: "I am a coin, you can trade me. For all other functionality, I do whatever [some other address] tells me to do". Then, when you look at that other address, its code there is unverified, & when decompiled reveals fee-setter shenanigans and stuff of that nature.


Did any of the smart contract stuff turn out to be legit? Any of it at all?


No, because to everyone's _complete shock_, it turns out it's actually pretty hard to write code that doesn't have bugs in it, and in the case of a "contract", that makes the mistaken behavior binding (except of course if you have everyone with a stake collectively vote to decide that something never happened, which means that any group that owns a combined 51% stake effectively owns the entire 100%).

Don't get me wrong, there's plenty to criticize in the legal system(s) that are currently used in society, but having disputes resolved via a human-based mechanism rather than a technical one isn't one of them. Smart contracts aren't even just the usual "trying and failing to apply a technical solution to a social problem", they're a failed technical solution to an _entirely invented_ new problem that no one had before.


It's true, smart contract security is a tough problem, but the reality is that with formal verification, security audits and big bug bounties many have gotten it right. There are many protocols that have held billions in stablecoins for years with no issues. Some examples: https://defillama.com/

Smart contract hacks are really not as common as they were 5 years ago when security practices were an afterthought.

Regarding your seconds point on blockchain rollbacks, although technically possible on proof of stake networks with a 66% consensus it's simply not something that happens in reality as it goes against the goal of blockchains. The last time it happened was the 2016 DAO hack in Ethereum, 2 years after ethereuum mainnet launched, which was so controversial that the network split in two. "Ethereuum Classic" still exists to this day


I haven't seen any use case of them that I would consider legit (they're used for messing with other smart contracts/DEXes), but flash loans are a cool idea: You can borrow coins only if you return them within the same transaction. Obviously very low risk for the lender, so you're essentially paying to borrow someone's liquidity for a tx.

I'd say the decentralized exchanges (DEX) themselves and some other DeFi (decentralized finance) features are legit innovation though.


As far as I'm aware, the only quasi-legit services in the space are DEXs - smart contracts whose purpose is to allow users to trade tokens for other tokens. They aren't outright scams in their own right (at least, most of the big ones aren't), but they also facilitate a lot of the scams described in the article.


Idk.

Before bored apes and the like made a cesspool of the space, I was part of a project that built a system that did contractual management of IP using entirely on chain resources.

It enabled, for example, the specification and creation of certificates that could be propagated/“duplicated” a certain number of times traceable to an original certificate holder allowing limited licensing rights, etc. It is actually an extremely capable system for specifying and enforcing intellectual property rights with much less need to rely on litigiousness.

Over 10Kloc of independently audited contract code with over 100Kloc of tests giving 100percent coverage, as well as extensive wargaming of incentives etc. It’s really an excellent system, just sitting there waiting to see if one day the space can be taken seriously. Despite the current SOTA, programmable money and contractually controlled digital certificates have great potential to improve governance and reduce the need for coercive force in societies.

But, this is why we can’t have nice things.


The problem I see here isn't that the space has been poisoned by scammers. It's that bridging on-chain state with real world state is fundamentally impossible without sacrificing a lot of the blockchain's guarantees (you need some centralized, trusted party to act as a bridge) at which point you may as well let your bridge just be the sole source of truth and run a conventional (publicly-readable if necessary) database.

> specifying and enforcing intellectual property rights

The incentive to care and participate in the real-world, court-enforced intellectual property system is that if you don't and you piss off enough people, goons with guns will show up and take you/your stuff/money away. Those goons can behave like that because they have the legal system's approval to do so and thus don't risk their own freedom.

Let's say this thing existed - what's the incentive for someone to care and participate into that system? Do you have your own goons with guns? Do you convince the conventional legal system to send their own goons? In both cases, why not just skip the blockchain then and let you run a conventional database, since what actually matters is your choice to send goons to enforce the desired state (and their willingness to do so), and not necessarily what some blockchain says?


Obviously blockchain doesn’t replace meatspace governance, which ultimately relies on a monopoly of coercive force.

But you can contractually bridge technological measures and the courts (electronic signatures are a common example) and programmable money could be used by governments to reduce frictions that do not serve any useful purpose, handle intrinsic taxation, self-banking, and on-chain credit systems.

Obviously the crypto-sovereign fantasy is unworkable, but technology can greatly reduce frictions and facilitate cooperation by reducing reliance on trust. Not needing to trust because trust is enforced by a technological system is a very effective tool.

The object would be to use blockchain to facilitate the functions of governance, not to replace them.


Prediction markets are big too


I have yet to see a smart contract worth the paper it’s printed on. ;)


stablecoins, prediction markets, decentralized exchanges and decentralized lending markets have worked pretty well


For whom?


The rug pullers, of course.


Filecoin? Not sure if that's considered a "smart contract" since it's not eth-based.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: