 to talk about tonight is smart contracts and why Haskell is particularly relevant to insolidity directly. I believe that that is too low level with basic premise. So prior to last month nobody really knew about this or cared about this and then suddenly there was this the down thing. You guys have all heard about this right? This was the message from the attacker slightly snarky just the way I like it. So people said you know it turns out that Ethereum and the Dow have turned into the world's largest bug bounty program. So that was pretty funny. Days after that the tally was like okay now we need to think about security. This is the funny thing about all software right? The lifecycle of products is functionality, reliability, convenience, price about security. So we sort of shoehorn security into a system that we've already built and that's the way things always will be because it's about functionality first and it's insecure that's the one people are going to use. If you have another product that cares about security first and functionality second nobody's going to use that. So this is just part of the human condition ever since the garden of Eden we've had to make this particular compromise. So the tally has gone and listed a number of classes of bugs that exist. Software developers come from a culture where they move fast and break things right? What's the worst that could happen? You write some code and then you load the web page and the web page doesn't quite work. So you go back and you write the code again and then it works the second time like all right I fixed it and if you're really responsible you're like okay I'm gonna check it on my phone now before I decide it actually works. It's like oh it works on my phone okay let's commit and then somebody else says oh it doesn't work on Android right? So that's the way people are of software development has given us a world in which everything sucks all the time sometimes it's Amazon like losing 66,000 dollars a minute sometimes it's like the Japanese spacecraft that just uh It should be solved in fury right? Did the Japanese just fuck it up? They fucked up. They blew 286,000 right? So the Dow's like that's only 100. Or you know like a bunch of people died because back in the 80s a critical 200,000 to this poor individual and this happened several times. And so you know this goes on the Mars tie-by-order too is another example of how software screws up and that's like he has a phd in MRI so we're like we'll get results. There are all these bugs right and like baggage handling so she could go through and read this entire list of bugs it's like pretty entertaining and you would think that even the space guys would get it right but sometimes they don't so there's but like you would think ways to write software than this because then Facebook is like we need better ways to write software. So so there are a number of solutions that the world has come up with like so that's nice right but that's like when your spacecraft crashes we will tell you that your spacecraft crashed. That's great but how do we how do we fix that ahead of time? There are companies like Coverity that come by Synopsys and they help to prove that your Pentium doesn't analysis vacations, dyno analysis, this is a thing and typically this is used for situations where once you've burned your code into the CPU you can't upgrade the CPU so they do it for hardware for chips. Sometimes they go for spacecraft start using some of these techniques which itself foundations therefore you get so they have gone to just look at all the contracts that are in the blockchain and find the buggy ones and then you can exploit that. That could be your full-time job. I think it's a sign that here's the best practice let's not write that bug. Humans are way too fallible so programmers and we will just put out a master's thesis on smart contracts through type of involvement. It's actually what you were thinking right so Haskell is the one so clearly this is there's a trend of thought in this direction so this there's actually a strain of this work that goes back several years even before the down even before the theory people have been thinking about smart contracts just in terms of like real world contracts how do we derivative contracts these are actual contracts in there in the least that you're seeing in the real world Haskell programmers are instinctively used to. So what kind of software does not have bugs that's what it's supposed to do is you have a lig up on top computer science we are always terrified of physicists and the physicists are always terrified to have petition to software I think this is the hierarchy of smugness is this roughly correct is this what you intend to think to Haskell programmers are like morally superior to Java programmers is they're like okay but they're morally superior to the C programmers for example because it's higher level right but it turns out that Haskell is only just like halfway up this hierarchy. I mean I paid with either but I honestly cannot tell that I did really programming them it's so complicated actually writing a decent complete system takes a long time so I just want to make you aware that proving something correct is much different from exploring whether there is something that could work or even demonstrating that it could possibly work because design space is potentially infinite and before you would do anything that ever end and so if you're attracted by this whole idea you can read this book and get stopped by it but I want to focus on one thing that you said the type is the theorem and the proof is the program has anybody heard of this idea before so this idea is called the isomorphism or isomorphism relates functional programming right that's the reason we all have this random Greek letter in there like let's have anonymous functions be lambdas so let me go back to real quick let me go back to where we were right so this hierarchy of smugness is actually it's basically like basic dot adding features and you add features and you add features and then you end up with something that is extremely morally superior like way more smug so for example cock is a proof assistant this is what mathematicians use to write proofs right and then they're like you know we use cock because Haskell is too low level for us in fact what we do is we compile cock to Haskell they just they extract your vocabulary or Haskell code and this is how you eventually turn it into C and then you've got all these things so this is a language that we use to specify behavior rather than implement behavior most of what we do is implementation if you can start the specification you should be able to extract the implementation from it so this is start the lambda calculus and you end up with functional programming so keep this in mind because when you come back to the different programming languages you can say to support functional and object so this is kind of my quick list of translation function to a programming program does that make sense to everyone the curry howard and said you know it feels like writing math lisp also took this idea so let me zoom out from the whole calculus programming language thing for the theory and back before the dow about how to write computable contracts just general purpose the real world contract they live on the blockchain it should be possible to represent the company we should go and computerize all this stuff let's encode simple business contracts before we do so all these ideas are out there and so what is this new couple deals with let's do something so you want deontics so let me open may do something that is the basis for your calculus you can say somebody must not do something we must do something somebody must not do something to say that somebody may do something is equivalent to saying that it's not true that somebody must not do something so that's your not not which turns into permission right so this is a different calculus that lets you think about what you are supposed to do cases both the temporal use of visits their core so it is it turns out that it is possible to model this right it's like a has to be true and b has to be true else you have some sort of breach or reparations so let's look at so this is i'm just introducing the idea of the model logic being the basis for some kind of contracts the basis for functional programming the basis for contract programming and that is the piece that's missing from etherea and the dow all basically doing the equivalent of assembly and javascript when they shouldn't be doing the equivalent of pascal so this phd just came out a few years ago so very exciting and he uses basically under some circumstance within a certain amount of time and if they do that then you recursively go to a different plot where everybody gets in english and that is where is the model logic basically you see here is the fragment of just normal logic although there is also this so that's pretty pretty much statements can be so we have either fulfillment so the some something has to be done by somebody two types of choices one is that you make the choice or contract makes the choice so if the the amount due is more than thousand dollars then you give the receipt otherwise maybe not and there is external choice which means that somebody else makes a choice and you need to adapt to it so you need to give somebody a choice it's like with options on the national markets that you can have an option that gives you right to have after certain time meanwhile that this language is sufficient to take any real world contract and translate it into a formalism that total contract normalize it then say here are all the bugs in your contract it is not a total contract because there are so many code paths where you just have like a null pointer it's undefined i'm sure we've all read contracts where it's like we're going to do something and you're going to do something and that's your happy there's like there's no exception handling and if it fails you just breach right and then you have a lawsuit so if we can have better exception handling the contracts we're like i do something you're supposed to do something and you don't do that something then we actually handle that scenario then there are going to be fewer lawsuits really simple like so all of this stuff is actually available on the uh internet so the guys who did this you want to see if we can prove it in something that's closer to agda i mean this agda and haskell are actually very close so maybe we can upgrade this to agda we want to compile it to a theorem we want to run formal proofs and we also want to compile it to english means that there should be some kind of tiering equivalence between your contract written in haskell agda and this you'd also be able to extract the same source code and then it becomes really cool to have bilingual contracts because that is a multi-billion dollar industry itself if you're in your business across country boundaries you usually have to have this is something that these are the goals of the project we want to write this dsl the extension of the so that's kind of the project our opinion that's the migration life from the existing like real world contract will be a smooth migration to the ethereal formal language contract because for like for example the javascript and somebody trying to compile some better language to javascript and but people still might not use those better language to but instead use the to to get it right is that we'll be able to yes so the question was what happens when the lawyers decide that we are intruding on their business yeah look at a law firm right law firm has really went into the idea of doing all the stuff by hand why because the corporate side right they've got a bunch of lawyers writing contracts during dispute resolution and there is there is a correlation between these facts we see exactly this some countries have a constitution and they have legislation other countries just have common law and case law it is also possible for people to say look we as private parties choose to subscribe to this infrastructure as opposed to that infrastructure in the same way that a lot of people choose to run windows right you choose your operating system and so it may be possible to just import that basically have your own private set on private interface layer that abstracts away it becomes a localization problem which is possible to use l4 to write contracts it's also possible to use l4 to write regulations you see function calls you see anonymous functions you see if that nails case statements like something that you'd want to put curly braces around or do some indentation and just turn it into a function with proper types are you a citizen parents were citizens where were you born were you born in a country that was a british colony so they wrote so it should be possible to apply this kind of thinking to there's a very small team of people there are things that the dow packers should keep this one into rule of law i would say i don't okay whether it's enforceable for technique the first it's totally virtual it's all inethers and the second thing it has been contract itself he's done so so well i don't really very very important in in the room we can explain to me the difference between intentionality and extensionality which is that extensional logic things that are quite so objective we might say intentionally at some point in the future these are less objective and so what we're really saying with the dow attacker people would say look even if the dow attacker keeps his money that takes us all the way back to like the 17th century amish decide that they don't want to interact with this person right and that's a kind of intentional cons attacker got the money that's an extensional truth but nobody likes the attacker and translate an intentional situation to an extensional situation is that it's not such a crazy idea if you think about it on currency right if it's possible for every country to have its own currency and why shouldn't every individual and there are consequence for the dow attacker is that even the ethereum the exchange rate somebody goes like this and all of the to their personal currency is now worthless and all of the value stays in the original currency you can trade your currency with people who are willing to trade with you so it would be like those lame PGP key parties right and the state that you live in the fiat currency might be legally obliged to trade with you so you always have like if you're a nation of if you're a national of some country then you have to be able to interconvert with single dollars so that might be one long term solution but that's right imagine a closed world you want to borrow some money back says great we're going to do 10 percent interest doesn't exist and so every so often Greece will go bankrupt individuals go bankrupt banks need to get bailed out so this is another like design the system didn't really three years ago people said you know they they thought this through and they're like maybe that's not such a good idea formal systems has full address i hope i've inspired you to go and learn some of these incredibly superior languages some researchers from