 Hello everyone and welcome to the special edition of the let's talk Bitcoin show only this time We're talking Ethereum as you know we're show that covers a lot of different topics joining me today Adam B. Levine Stephanie Murphy Hi there And the series of guests will be joining in the next 25 minutes or so We're going to be talking about the DAO We'll talk about the soft fork for Ethereum that was meant to freeze the funds that had been taken by an attacker on the DAO and Why that soft fork was aborted and what happens next? We'll start off with a quick discussion, and then we'll start bringing our guests in so Adam Stephanie Welcome to the show. I'm really excited to have you on this live show. This is a really fast developing situation Normally we record and release a show About a week after we record it, but things are moving so fast in this one Decided to do it live Yeah, this is something we've been talking about a lot lately, although we haven't released all the content yet But it seems like the hits just keep on coming. There's drama every day with this Not that we're here to talk about the drama We're here because it's interesting and we want to talk about the technical stuff as well as maybe the Economic implications and other stuff like that, but yeah, this does seem to be changing by the minute Yeah, indeed so Do you want to we started here? Andrea is just looking at the feed I can tell that it's my face plastered up there, and we're not actually looking at who's talking So I think you need to turn me off presenting Oh, the joys of the recording. Let's talk Bitcoin show live. Haha. This is why we don't do video guys Oh, so there we go. Well, I'm still trying to figure out how to be a cameraman. We're gonna talk about the actual technology so Let's start with a recap of what happens during the last week. First of all, we had the first major kind of ad hoc Fossil was intended to be the first in a two-step process of Restitution for the Dow token holders And so the plan originally was to do a soft fork in order to freeze the funds in place to Allow the attacker to withdraw the funds which will happen sometime in August because of delays during the Dow contract and Once the funds were frozen in place This was going to be followed shortly by a part of work to do some kind of refund Dow some kind of restitution or refund contract to pay back All now I don't know if you guys heard about this soft fork and the developments of that But the Ethereum team moves really quickly in this particular case And of course part of the reason is that the clock is ticking. So have you been paying attention to this over the last week? Yeah, I have I've been really fascinated by what's going on with With the Dow and with the response to it and it's been sort of interesting watching because we have all these assumptions from the kind of work that we've done in Bitcoin so far and Ethereum has some fundamental differences on one of the things that's different about Ethereum is that You know if you're gonna do a fork you can or a soft fork or hard fork You don't necessarily have to roll back all of the transactions that have happened as you would in a linear Situation like Bitcoin you can kind of just pick and choose what you want to Disinvalidate but mostly it's just been interesting seeing How difficult it is to try and create a censorship scenario in a censorship resistance system and kind of all of the Twisting and flailing and justifications that are going on as a as a way to try and make this okay Both ideologically and technologically because technologically it's turning out to be much more complex to do this Unintended thing simply because it's it's unintended. So that's that's where I've been for that's where things have kind of Settled for me is like there are a lot of paths forward None of them are good at this point and it seems like everything is so much more complicated than we think it is upon first looking at it It's on that's not restricted to Ethereum. That's just in general these technological problems or you know other types of problems So um, yeah, I mean like so the the soft fork I I've followed it, but I'd love to get a basic explanation from you Andreas about kind of What what it was about that that was the problem that makes it so that that's like a gotcha where you can't do that now because the pivot away From talking about the soft fork as the obvious thing that we're just gonna have to do has been very fast And the last like 48 hours we've gone from we got a soft fork right now too We got a hard fork right now and nobody wants a soft fork anymore. So how did we get from here to there? Well, I mean that's that's a really fascinating story I think we we need to clarify some terms There may be some viewers on the list who are not familiar with what these terms mean exactly And I'm gonna give you an overly simplistic explanation a soft fork is a backwards and forwards Compatible change that does not require everyone to change the software in order to remain within consensus But it does change Some of the rules for validating transactions a hard fork by comparison is one that is discontinuous with the past and that it is not compatible with clients that do not upgrade and if clients do not upgrade they will no Longer be able to validate past the point of the hard fork and are effectively out of consensus So the proposal was to do a soft fork and the soft fork was very targeted to Basically freeze the funds and the way this was done is to add a rule in the consensus rules starting with block 1,800,000 and this rule would say if there are any Attempted calls or transactions that reference the Dow or any of its children that all are based on this specific code hash signature anything that's referencing this code has signature is now invalid and should not be mind and One other thing to note is the the voting mechanism now you probably know that in Bitcoin We've had two major vote voting mechanisms. The original voting mechanism was a process by which the block version is Incremented to indicate to allow For and And once you have Say 75% of the last thousand blocks then it becomes activated once you have 95% of the last thousand blocks Then it becomes enforced We've recently we're about to switch to the version bits mechanism that uses Multiple parallel bits to to allow independent forks But the mechanism for voting in Bitcoin is indicated by the block version and one thing people need to understand is the mechanism for voting in Ethereum is different And it's based on the ability for miners to modify the gas limit So gas is the is the virtual currency that Ethereum uses to charge Participants for transactions that we'll get back to this because gas is also at the at the core of why this amount of service attack is working and At the moment or before the fork started gas was about 4.7 million that means that you can have In a single block Contracts with a sum of complexity or gas spent to compute them of up to 4.7 million So it's equivalent a bit to the block limits we have in Bitcoin But it's a computational limit on the complexity of the transactions and contracts within Ethereum And the way for miners to vote is to move that down So what they they say is if by the time we get to this block which in this case was 1,800,000 The gas limit is less than 4 million That means the miners agree to this change and it will be activated if it's more than 4 million They don't agree and we move on as if the vote never took place So the vote takes place at a specific block and only once snapshot in time And at that moment if the gas limit is below 4 million the feature is activated That's the mechanism they've used for voting About four or five days ago. We saw the first Clients go into miners and They're upgrading to support the fork and gradually we start seeing the gas limit go down And that means that the miners are now voting to make this happen. They're voting in the affirmative For this soft fork. Here's a little tip that that's amusing. The way the clients work is they set their target to pi 3.1415 As the gas limit so to get below 4 they had to set a specific target. So they set it to pi just because Cod we're such geeks in this space. It's awesome And so Yeah, why pick a why pick a number like 3,000 3,800,000 when you can pick something as cool as pie, right? So the the the next thing we know within two days gas limit is a pie boom and We're still three days before the vote is going to actually be taken and the network is solidly behind the soft fork Gas limit is a pie. It's below the 4 million Thresholds which means that all we have to do now is wait for Thursday afternoon and the soft fork will be activated and then researcher Professor Cornell a min goon sir who's done a lot of work in various vulnerabilities in the Dow various game theoretical scenarios for For example the stalker problem and some of the other Problems within the Dow and also selfish mining. Yeah, also selfish mining within Bitcoin. That was from them Yes, indeed. So even goon sir who has been doing a ton of really really influential and important security research Came out with a tweet and said hey We have discovered a denial of service attack vector that affects the soft fork We're doing some testing details to come soon and then yesterday morning dropped posts which detailed exactly how Because of this soft fork because of the blacklist introduced into Ethereum that says you cannot Do any transactions that involve the Dow code hash There is a vector to do a sustained very effective very cheap denial of service attack on the whole Ethereum chain It would basically lead presumably or as a worst-case scenario to a theorem mining empty blocks and crowding out all other transactions For as long as the soft fork is isn't in activation a true nightmare scenario because it would have to be an activation until at least mid august Or until at least the hard fork is activated so and then within Less than 10 hours the the gas limit shot right back up to 4 million and then up to 4.7 million and basically the soft fork was Aborted with extreme prejudice And and now we're back to okay. What do we do now? That's what happened So why was the soft fork problematic it seems like you know it seems like a denial of service attack is by its nature a spam attack, right and Both the you know Bitcoin systems and Ethereum and every other cryptocurrency out there necessarily has a system for dealing with spam Transactions, so why is that insufficient in the circumstance? Right, so here's the problem basically Up to now Ethereum really has a situation where there can be two outcomes to a contract or a transaction It either executes in full and has sufficient gas or it runs out of gas The gas is charged and the and the transaction throws an exception that it exceeded gas or perhaps There's another exception so I can either execute in full successful completion and be charged for the gas that it consumed Or it can throw an exception which could be insufficient gas if it runs out or some other exception some error The contracts have built in in which case it's charged whatever gas is consumed and that's done The way it's charged gas is a transaction that shows that there was an exception goes into the the blockchain which consumes that gas The software created a New scenario a third scenario now a transaction could be rejected completely or a contract execution Could be rejected completely if it mentioned the Dow contract if it basically Activated the Dow contract or tried to spend for the Dow contract or call a function in the Dow contract at any time and And so what that means is that Contract could start doing all kinds of execution if you're a minor You've got the meter running and you're counting gas and you're counting gas and you're counting gas And then after spending whatever amount of gas the contract wants it goes hey I'm not gonna call the Dow and the minor has to say oops Can't do that. You're an invalid transaction, but at that point they can't charge for the gas and That means my pledge of giving you lots of gas is meaningless It's like me walking into a restaurant and waving a stack of bills is saying look at how much money I have But you're under a law that says that you can't take money from anyone who says the magic word Dow So sit down. I have an entire dinner. I order the porta house steak I Get your best bottles of wine and then build time comes and I go oh by the way Now and and and you can't take my money at that point. So I just run out of the restaurant Yeah, okay There's got to be other ways to do this though. I mean that that's what that's what you come to is though I mean like is that they're got Where you don't create a new type of transaction where someone does a bunch of work and then gets to the end and can't actually collect on it, right? well This is where it gets a hell of a lot more complex because that that means that the the simple soft fork more complex More complex right the simple soft fork on its own boy Was was fundamentally flawed because of this and the really interesting thing is So you might say well, how about we just test all of the contracts look at them and say You know, let's check the code before we run it and decide is this calling the down or not, right and And You know to do the static analysis you you'd have to look at the code and it brings up a fundamental question Which is can you tell what a computer program will do and whether it will terminate in a specific way? before you run it and Whether it's possible to simulate to the lower cost and in fact, we have an answer to that question Alan Turing gave us the answer to that question. It's called the halting problem And he basically said that if the language is Turing complete You cannot analyze the outcome of the halting problem and less you simulate and do a complete run Of the program and the only way you know it helps is if it helps and if it doesn't you don't know if it's just about to Halt or won't ever Turing completeness is the reason why we can't predict if a contract is going to call the doubt Which which is really a very interesting aspect of this because it now demonstrates the the security challenge that Turing completeness in the language brings to a blockchain Execution environment has now been demonstrated in practice in a very practical way Because of this denial of service attack And and it's going to open a whole lot of questions About the future implications of this Well, yeah, the thing that I've been thinking all along is like maybe Satoshi had a reason for not putting Turing completeness in Bitcoin It just seems like this I'm able to understand maybe like half of what you're saying and it just seems like this is all so complicated the concept of smart contracts in general like people are going so fast so soon and The more complexities are introduced in the system the more chances there are for screw ups I mean like nobody even noticed this vulnerability In the soft work like good things someone caught it or else like the whole Ethereum could have just gone down in flames And the DAO would be like taking Ethereum down with it basically So yeah, I don't know it just it as a regular Joe kind of user It turns me off even more than I was turned off before from wanting to use Ethereum smart contracts and let me piggyback on that Yeah, so let me piggyback on that Um, I think the particularly interesting part is that all this complexity We're talking about here Stephanie is it's complexity that they're attempting to add to Ethereum in order to solve this problem If we're just talking about the pure smart contract part, it's hard to predict what they'll do But fundamentally, this is a problem entries correct me if I'm wrong here That seems to be caused by trying to fix the DAO rather than anything fundamentally complex or difficult No, that's doesn't fly with me because it's inevitable that that's something like the DAO would have happened You know what I'm saying? I think the DAO is just an inevitable consequence of but it's a question of if you fix them like Ethereum I Don't disagree with that. I agree with you that I think that there are contracts Certainly that people will build that they don't understand the full implications of what they're building because they're complex absolutely But fundamentally the complexity we're talking about here has to do with them trying to break Ethereum to change the way that Ethereum works In order to undo this stuff that's happened with the DAO So if you if you don't try to do that then yeah You still have the argument against Ethereum that this stuff is complex and things might go badly And you really can't predict what's going to happen unless you you know develop this more like a nuclear Reactor than you do like a JavaScript application but But but that's the point is that like the complexity here is all about Trying to fix the DAO by fixing Ethereum in order to allow you to fix the DAO rather than So like by its nature that denial of service attack doesn't exist. It's only if you try to fix the DAO that that exists Yeah, I mean that that's the really critical thing to realize I think it's it's we have to be fair here in recognizing that this is a fundamental issue of trade-offs right and It's not a matter of Best security there's no such thing as absolute best security security is a trade-off It's a risk-reward trade-off and the question is what is the use case and for that use case? What is the best trade-off between security and in this case complexity and so Bitcoin takes a very specific position on that? but it does so at the expense of complexity which means at the expense of what it can do in its smart contract language which limits it quite significantly and That may be fine for reserve currency and may be fine for many applications And there's a lot you can do within the limited scripting language Ethereum simply is making a different trade-off and it's saying we will take a more Higher complexity turn complete approach with a trade-off that has insecurity because we believe that the use cases that that enables If properly executed with the maturity that they need Are worth it if you know what the same thing applied to Bitcoin for the first several years We saw several really nasty gnarly bugs In Bitcoin, I think if anything the one argument you can make is that The Dow was too big too soon, and I'll agree with you on that But I don't think it fundamentally shows that the Ethereum trade-off in security is flawed It just shows that it's not yet reached the maturity level where it can succeed as a trade-off for contracts of that complexity I think the use case is still wide open, and we're gonna see it experiment, but as Adam said the reason this is happening is because the fix which was kind of rushed That creates this exceptional transaction blacklist which Makes a transaction invalid. It doesn't throw an exception which would account for gas, but makes it invalid Effectively allows someone to simply invoke a Dow function at any point in time and get out of paying gas The worst part of this by the way the other implication that may not be immediately obvious is that this means that you can pledge a Very high amount of gas in your contract knowing that you won't pay it because at some point you invoke the magic word that gets you to dine and dash and And that means that if you pledge a really high amount of gas That contract is going to get prioritized by the miners, and they will spend time running that contract. So Imen Guncero who's gonna come on as a guest. I hope in the next few minutes We're gonna have him join is going to talk about it one of the examples he had in his post about this is It's very simple. It's a for loop and you know for zero to a million Sha three this number basically it makes miners hash something a million times and All that does is it waste computation and at that point, you know, they're counting I'm sure they're racking up a giant gas bill Which means that that prior transaction is very lucrative or appears very lucrative and you you go through all of this Computation the miners tied up doing this computation, and then they get to the next line it goes down and And the whole thing is invalid and they have to start with a different transaction which may be the same one again in a different form and What that means is that if you pledge enough gas which you can keep Re-plaging because you never spend it from block to block you can have the miners tied up for 15 seconds On every block just trying to figure out that one transaction So that no other transactions are mined so this this very subtle interplay between gas being both the preserver of Turing completeness by imposing a computational limit on transactions and The fact that by invalidating a transaction it runs for free and the fact that gas is used to prioritize the most important Transactions converge to create this unique opportunity for a denial of service, which would have been fundamentally disastrous for Ethereum, you know Stephanie do you want to go? I have a pivot a little bit and go for it Okay, before we pull on the guest. I don't think we're gonna run the last recording We did because this sort of is superseding it and we're talking about many of the same things here Or I might take part of it. I'm not exactly clear But anyways, I just wanted to bring up for the conversation that we're gonna have with the guest Again the idea that maybe the thing really that we've learned here is that smart contracts fundamentally that if the benefit of a smart contract is that it's an uncensurable contract then That is a little bit odd in terms of who it serves and might actually serve people who are doing bad things or socially Taboo things or whatever You know essentially the people who are best served by a new solution are the people who are worse served by the existing solution The people who are worse served in hindsight by something like the existing legal system is criminals who would like to use the existing legal system in order to Legally take money from people who they don't earn it from and so a smart contract seems like it enables that in a way That's just about better than anything else one can imagine And so that was kind of the way I had from sorry go ahead Stephanie Yeah, if they can find loopholes and technicalities in it then yeah It makes it super easy to exploit and that's also my concern Like do we all now have to be lawyers and coders to understand what we're signing in on to when we get into a smart contract? I just see a lot of people a lot of potential for people to get screwed over especially people who Are the same people who are currently marginalized by the legal system because they can't afford a lawyer or whatever They want to do certain tasks without Without going to court Right it seems like the smart contract aspect of it helps the person who's doing the bad thing because they can't be censored and We see all these all the stuff that's in the now We're attempting to do with the Dow is an attempt to censor the things that the attacker did which we consider to be Attacks but the smart contract considers to be just part of the contract whether intended or not So that's the thing is that in a conventional situation if the Dow had been a company and the people had been invested in it Real money and it had been in a bank or whatever then this would not could not have happened and Contract you could Other things happen. You've got to realize that it happens. Yeah, it's just different In the broader world, you know your ability to actually have recourse to justice and predictability of contract is Something that is a unique privilege of the society we live in which is a tiny minority of the world So again as with Bitcoin, you know, and my Slogan there at the other six billion Reliability of contracts outside of a completely corrupt judicial system May be an application that is far more important and censorship resistance of contracts and freedom of association with contracts Maybe something that is far more important in countries where the rule of law the judicial system the ability to bribe judges and Prevert the course of justice or simply the inability to have any recourse whatsoever because it gets it takes three years and very much money a lot of money to Get in front of a judge and and you never get a result. So, you know, trust me I lived in Greece it took three years to get to court for anything people just didn't bother with the judicial system because it was Highly fickle very very slow and very very expensive. So when you live in us in a country like that This might be a much better approach to to solving the problem Assuming we have good templates it feels like that's kind of the missing part of this Maturity is the basic part of this, you know law didn't just come into, you know, people didn't write to law and say, okay That's it. We've covered all edge cases. No Even in traditional law you have a law and then all of the edge cases are explored through a series of precedence second cases that Clarify the minutiae. Yes, but okay, but if the plaintiff is dead, here's what happens Oh, but if the plaintiff died without a will here's what happens but if the intense and the And you know, are they really subject to this jurisdiction or that jurisdiction all of these nuances get worked out by Desperation over centuries and so the really powerful part of smart contracts is not the smart contracts as Stephanie said that you the coder slash lawyer can personally inspect what you're looking for is Contracts that have behind them the maturity and weight of having worked against a variety of attacks for years and years and have been inspected by Dozens and dozens of coder lawyer security specialists and can be relied on through the test of time And if you build contracts like that with the same Mature iterative process great if you just throw out the soft fork in a week to fix the the thing that the dial That was thrown out in a month you could run into trouble. So It's not fun being the guinea pig to figure that stuff out and like if this If these kind of public disasters keep happening I think it's going to be difficult to find guinea pigs to work all these bugs out not at all not at all I don't think it's going to be difficult to find guinea pigs at all I think the demand for these types of applications and the risks that people are willing to take because if it does work and Then the reward is is quite high and the same thing applies to Bitcoin You know who's going to be the guinea pig who invests in fake internet money in 2010? Well, I'll introduce you to some of them I know them they're friends of mine. They're millionaires So sometimes being the guinea pig pays off quite nicely How about we bring some guests in and continue this discussion with a broader group everybody up for that? Sounds good. Yeah for it. Okay fantastic. So our first guest professor Eamon Gunsira from Cornell, hello Hi, Andreas. It's great to be on board. Thank you for having me here. Oh, thank you so much Let me introduce two more of our guests and then we'll go into a broad Discussion our next guest left areas Cara pets us leads technical lead for the slocket project and one of the people who has been working day and night on the Dow He's probably quite tired. It's been a very long couple of weeks left areas. Welcome to the program I wonder so I have to be here and also tone base tone is Trader and financial analysts who can bring us a market-based perspective Tone welcome to the program. He may be away from keyboard right now. Tone. Can you hear us? All right, we'll get back to tone and adjust the second Amen can may Mackle you even I actually go by good good. Okay. Good. Thank you good clarification. Good So you discovered this denial of service vector. You probably didn't see our conversation earlier But I tried to explain it as best I could as this ability to basically shout down any time in the contract and not have to pay any gas and Basically, whatever your bill walls up to that point You can just walk away for it kind of like a dine and dash scenario you go into the restaurant You wave a set of bills But the restaurateur is bound by this law that says that if you say the word dial during your dining experience They can't take your money So even though they think you're a paying customer you eat the porter house You drink all of the wine and then at the end of your meal you go down and leave So that's a that's the techno illiterate version of that And one of the things that we found fascinating is that this cuts to the crux of Turing completeness which is the reason you can't do effective static analysis to find if someone's going to call the down is the halting problem And so this is the trade-off that during completeness Creates and gas is supposed to be the mechanism by which you prevent this and and this is at the heart of that Problems you want to tell us a bit more about it? Sure. Okay, so I say in general Andreas. I'm an academic and I typically have nuanced opinions and so It's going to be a little difficult to pin me down So let me first start out by saying that most people misunderstand the halting part problem so It is not the case that because of the halting problem. We are unable to analyze programs, right? I can I analyze programs for type safety all the time every time anybody writes job We analyze it. I know how to write programs that are analyzed for whether or not they halt Right. I know how to write in case in point the Berkeley packet filter is a language in which you write little snippets of code That should drop into your operating system to process packets and and you can easily make sure that That those snippets of code do halt the easiest way to do this Of course is to make is to check the code to see if it contains any backwards branches, right? That's very easily analyzable. I can write that and check it So it is not the case that we are completely dead stuck in the water And it is not the case that touring completeness of the underlying language is some kind of an impenetrable barrier. So So let's let's dispense with that. It's so if anybody who's watching this is thinking Oh my god, Ethereum is dead and because they're so flexible. They they face this halting problem and it's unfixable There's a whole lot of Bad inferences going on there. The halting problem says that you cannot have a universal program that is able to analyze all legal inputs and decide if all legal input programs Halt or not. So you know what? I don't have to analyze every legal input I can have conservative analysis if necessary and Conservative analysis can say look, you know There will be cases when I can't tell if you halt or not because of the halting problem And when I can't tell I'll just assume you don't halt and I will just say don't run So so you know, so let's dispense with that. But the bottom line of it is static analyses themselves are costly and And then running the program to see if it does something bad whether it dines and dashes Is is also costly because people can structure their programs to spend to waste a lot of cycles and then dash by calling them So so then we're stuck in there in this in this universe where the soft fork opens up a DOS vector And there are lots of people out there who might come out and attack Ethereum by pushing these kinds of DOS attacks into the network and that would cause a lot of problems And that was the crux of our our note that if the soft fork were to trigger then it would actually cause Potential issues. I don't know if that made any sense at all But you know as I said it was going to be a nuanced argument that the theory is does not pose a fundamental problem But that that particular soft fork implementation is problematic And I don't know of a better soft fork implementation at the moment So again, I'm sorry I missed some of that because I dropped my connection and I read on my screen To my horror it said the broadcast has stopped I was like, oh no, but fortunately the broadcast did not stop just for me So this was a localized problem and the decentralized Hangout continued without me. So I'm rejoining this chain and I'm hoping to find out what happened by examining the history. So if I can See what I did catch from the halting problem is not a we can or we can't but certainly the fact that It's complex to do static analysis of The contract to discover whether it might call the Dow and you can obviously obfuscate the address Again to explain to our audience how this would work because this is a fairly dynamic language One of the things you could do is say and you can do this in Bitcoin too. You could say You know, here's the Dow address minus one and that doesn't look like anything interesting in the code And then you can say take that add one to it and then call it and suddenly you're calling the Dow And if you just look at the code, you can't see you can't just do a search and replace You know to see if the address is in there because it's very easy to obfuscate in real code You probably do an X or something like that so the real issue is that Even if you could do static analysis that imposes a burden on miners And if the burden is just the static analysis that already is a vector for a limited denial of service. Is that correct? Absolutely, that's right. I mentioned this when you were cut off. Yes, okay And so as a result and so explain this to me which I this is the part I didn't understand the fundamental issue here Is that by virtue of making it into a blacklist that makes the transaction or contracting vocation in valid? You can't bill for the gas Why why wasn't the soft corp fork written in such a way as to throw an exception if you call the Dow? Because if you throw an exception in a contract and and perhaps my understanding of left areas might be able to help us here If you throw an exception in a contract you still pay for gas, right? And the what's recorded in the in the blockchain is that is that an exception was thrown Why wouldn't the term the the execution terminated at the moment that the Dow is in folk and throw an exception called? your doubt and And then charge the gas up to that point. That's a great suggestion But if we implemented that that would no longer be a soft fork the core idea behind the soft Work is that code that is unpatched unmodified that's running out there We'll look at this transaction will execute it as normal as it would before Before you know as it would until today until lecture tomorrow morning That is before the soft fork activates. There is a particular way. We would execute this code Those unpatched nodes that are running the old version They they would execute it and they would come to some some some output state the core idea in a soft fork is to Make those code make those nodes continue to work and continue to believe the same thing as everyone else Right at this throw exception clause. Yes, you're right Well, then the the miners that are throwing that exception will say okay Well, this is where this computation ended because it invoked the Dow But then the unpatched code the one that is The minority in the in the soft fork They will actually say well it called the Dow and I'll just go ahead and call it and I will then you know start to carry out Dow functions And then you'll have a divergence of states inside the net network people who've been patched We'll think one thing that is this thing ended here by calling the doubt and the other guys will think well We're doing that things now. We're creating splits. We're draining ether. This account now has some cash in it There's a new proposal. There are more children dowes and so forth and that will just wreak havoc because you we just split consensus So that is a hard fork But you're absolutely right that the hard fork as you described is very very clean and very simple to implement If we were to go to a hard fork, we just have to say everybody now has to update their code And I'll say do we're in a clean crisp nice world again And that's a whole state to be in So to talk a bit more about that left area, so I don't know if you can join us at this point You have you made a suggestion yesterday you posted on the ethereum reddit something that I think was Very interesting and very insightful. There is a specific timeline Up to I think you said July 15th things are relatively clean in execution of a hard fork because none of the Deadlines that are in the Dow codes the delays that are imposed in creating new splits, etc Actually come to fruition. So what we have today the children that exist today That's the extent of the complexity after July 15th More splits can be activated And things could get significantly more complex and implementing a hard fork. Can you tell us a bit about that scenario? Yeah Essentially after July 15th Money will be able to go out of the now because the split will be able to Finish proposals in order to transfer money out so money would leave the ecosystem So any hard for proposal after that would have to take into account exceptions for all of those so that they refund it twice this is why July 15th would be something like The softest deadline for the easiest implementation of a hard fork so right now all of the cash is basically stuck in both the parent Dow the original Dow and Child dowels it was split off It's important to note that a lot of people started split proposals on the day the funding ended I remember there were four almost immediately the first four proposals were split proposals and Those have a certain period of time before they can pay out a reward which basically withdraws into ether And you're saying those first proposals trigger their reward period around July 15th Yes, it's the very first proposal was a split and It's creation phase will end around July 1st of July 2nd so The owner can start a normal proposal to transfer his money out of his child now So that would take 14 days and that all adds up to July 15th. Okay, and once that happens now you have Something that originated from the Dow being converted back to ether and entering the general economy And that's where it starts tainting everything else So you can't just claw that back if somebody just to explain to our audience if somebody use that to buy Something or even converts it on shapeshift to Bitcoin or something like that And then you claw that back you're gonna have a ripple effect across the entire Economy is that correct? Yes, yes, you would not touch that so the idea is to put an exception and say everything except for that money that left Exactly, and then you would have to be putting exceptions for everyone that would be executing their split So you would have to ask the community to not transfer anything out of the ecosystem so that the hard forks would take place It would be it would get it still do about complicated Which is something that we can avoid if we act Quick enough All right Good, what do you think of this proposal? Is is this the is this the next step is that where we're going this clean hard fork as soon as possible by July 15th I think that would be the best outcome hard forks are fantastic because They typically are going to be Resolved very quickly if you're on the minority side you will come to your senses and and join the other side They give us clarity about what is implemented in the system They it's possible to implement them in a way that does not open the system to further attack and other potential vectors So they I support a hard fork in whichever way Possible and socially also, you know, I think everybody is kind of tired of the core wars that are being played out on the Ethereum blockchain and You know this attack counter attack white hat down and so forth these are very complex and they involve all sorts of legal complications also and But just socially as somebody who's involved in the community they wear all of us down So we should just get we should just achieve some clarity and move on with it And I urge everybody to to jump on board and and make their decision known and and And come up with a plan a consensus plan. It's not going to be a hundred percent consensus But I think I see a fair fair amount of Group think forming around the hard fork All right, so this hard fork is now more than just a theoretical plan I've shared a couple of links in the showcase for those who want to study this further The first proposal came from Gav wood He proposed I think it was a pull request or commit into parity Which is the east core client for Ethereum and this is the hard fork proposal that changes three files probably only about 30 or 40 lines of code and and what it does is it enumerates the child down's and the parent down and Changes all of the balance and within it. It has a Specific constant which is a new contract code. So the idea here is revert all of the money into The parents now if I understand it correctly But then replace the parent down's actual code that governs that With a very very simple one one or two line refund Dow that allows people to call one function, which is refund that gives them whatever tokens they put in now the whole point of this is to do it with as much simplicity as possible and by maintaining all of the state of the Dow token holders which already exists in the Dow contract and only changing the Code so it just has a refund function. You minimize the amount of work You need to do in the hard fork is that a good understanding of what? Gavin is doing left areas done. What do you think? Yeah? I think that's a good summary Gavin's Is a pretty rough sketch at the moment that the thing that's crucially missing is the payback the payback The new or the thing that replaces the Dow. I did not see it at least in the version I looked at that's not in there. Yeah, so but you know other than that the rest of it is there And it's a nice sketch. It's a it's a fine idea. I think and yeah, we should move on with that Do you anticipate any other potential attack vectors? Or is that why you want to see the actual refund contract to make sure that it that it is really tight and has no possible Exploitation absolutely the second is the latter. Yes, we should see that contract. There is plenty of time to to work on it and iterate on it until it's bulletproof and And we can go with that So that means we have 10 12 days to do Review and testing within the community to argue back and forth and then to have some finalized code in place Sometime, I'm assuming the Ethereum community will not want to leave this to the absolute last moment Just in case there are more complications So there's maybe 10 days of review possible here before this has to be put to a vote Yeah, I think so There are lots of rat holes that any community can run into I hope that this discussion will proceed in an orderly fashion. I think the Ethereum community You know, I came from the Bitcoin community I've been very impressed by how civilized scientific And just generally nice the entire discussion has been I hope it stays at that level and I hope we make orderly progress towards a resolution We've seen and I think in the with the Bitcoin maximum block size debate We've seen what happens when people start bike shitting and and sort of coming up with Gazillion different little proposals and so forth So so I hope we can sort of keep our eyes on the ultimate goal here Which is you know say four weeks from now we want Ethereum much stronger and everything resolved and this whole saga behind us So so let's get there. It's there's so much cool stuff to do. There's these there are so many exciting daps to write This is going to be a great world and Let's just sort of get there as quickly as possible without too much in fighting I don't know if Tone can hear us if you're there Tone if you'd like to jump Can you guys hear me? Yeah, we can hear you. Thanks for joining us Tone. I mean We're hearing here the the next step is probably going to be a hard fork the community seems fairly Confident united around it you you have been a critic of Some of the fungibility issues and the implications the precedent that such a move sets Can you tell us a bit about? What you're concerned about in this particular scenario? Well, that's the thing. I know you guys are have just been discussing the technical issues over Resolving the issue with the Dow To me the entire concept of Ethereum doesn't make sense And I don't think we want to get into that here which is why it's a little hard for me to I guess take the opposite side of the solution that is being proposed with the Dow because Because again to me the underlying layer of Ethereum I don't see a future there now as far as let's hard work Like I'll go ahead and dress. Yeah, let's let's not go down a rat hole of whether if here in itself is viable So let's set an assumption that for some people and some use cases Ethereum is the way they want to go. Do you see this particular hard fork affecting them or markets? I do because the professor just mentioned if they don't do it. There could be legal ramifications but how come if they go on and get it done there won't be any legal ramifications because The question that I posed. I think that they after the Dow was hacked Was what law did the hacker break? he exploited a smart contract and the way the Dow was put together and I read all of those articles that explained the Dow and One of the ways that they explained why the Dow was legal to begin with Was they went out of their way to claim that it wasn't an entity of any kind It wasn't an organization of any kind So the question that I keep asking and actually there was a letter from the hacker I don't know if it was from the real hacker or somebody pretending to be the hacker and that letter actually came I think a day after I mentioned it on on a different podcast What laws did he break? Who did he take this Ethereum from and I'm still waiting for a good answer Because I think the only one that has a legit legal case Would be the hacker that exploited the smart contract Because I'm not sure what law he break or who did he steal anything from Yeah, we had a really interesting discussion we had a couple of legal experts, so I'm not a lawyer I don't think anybody else here is a lawyer, but we did have in our previous L LTV live when a show we did We had two attorneys Brian Klein and Pamela Morgan who both have enormous experience in the smart contract and blockchain space and and they're not you know They're not people who simply talk about the law without understanding smart contracts They both work in the space and use these technologies One of the things that they they both agreed on is that in the absence of an entity that doesn't mean there's nothing there but the law has defaults fallbacks and And just like you know if you open I believe Pamela Morgan said if you open a Google doc and you don't pick a font You get area 11. It doesn't mean you don't get a font at all. You still get area 11 That's just the default that you get whether you don't want it And if you open an entity and create an entity without selecting a formal entity to incorporate It's a general partnership that means that any one of the dial token holders has standing in most jurisdictions To bring a case not just on their own holdings, but as a general partner through their fiduciary responsibility bring a case against The attacker on behalf of everyone in the partnership And so if this actually did have a legal implication two things would happen one the attacker would have to establish their identity in order to make a claim against against anyone who has participated in this hard fork and And then they could quite easily be countersued by anyone who has even one dial token On behalf of the entire dial and it would go in front of a judge and they would have to say You know what was the intent of this contract was the intent to hand it to the first person who discovered a bug and drained it Or was the intent to create a general partnership for funding and you know the judge is not going to say Oh the contract said you could do it. Therefore you could do it. They're gonna look at the intent That the participants believed a reasonable person believes when they signed up for this So the the Dow attacker is not going to get very far with the lawsuit other than getting themselves in a big fat mess On the other hand if nothing happens the Dow token holders do have calls perhaps to sue a bunch of different people for Various reasons if they lose their money So it's like who do you fear most the person who can't? Identify themselves because they'd be in a world of trouble or the Dow token holders who have a Particular case under the intent of the contract and I think we're gonna see the community is already saying We're gonna take the intent rather than the letter of the contract and that may be a departure from the original intention of the Dow But it is it does seem to be the consensus of the community Well, that would actually be a very interesting situation and Because the all the holders of the Dow Might also want to again. I don't want to get into legal issues here, but they also have to keep in mind the tax Remifications, I'm not sure if all those are those are donated a theory of have paid their taxes on the Ethereum Appreciation so there could be legal modifications all around or for for any side to identify themselves But I'm not too worried about that I'm not too worried about that tone the way things have gone with this with this now The fork the attack the counter-attack and the hard fork by the time it's done I think for 2016 most of us are going to declare a capital loss on our ether I'm not too worried about the tax implications. It hasn't helped the price so far I would love it if the main thing that we're worried about were tax implications That's exactly and sorry that this point that it's wonderful to have that as our problem So let me ask you a tone if the hard for it goes through does that give you reason to believe that The community can solve its own problems and therefore you're interested in a theorem or want to buy it more than before Or does it disappoint you about the theorem and prove that the doll showed the theorems weakness? I mean, what's your reaction to this is the heart in the community No, I think it disappoints me because it shows that it that it's not an immutable ledger again in my opinion because the community can get together and Change it so to me. That's very worrisome. This happened Several times already in other crypto currencies and even within the Bitcoin space I forgot the name. I really should have looked it up. But about three years ago. There was a wallet Company the Bitcoin wallet and they also had a situation where the wallet was hacked and they were able to reverse Those Bitcoin transactions within the wallet. They were able to go into the new Holders wallet. They were able to reverse the transaction. Sorry They were able to get those bitcoins back from a hacker that hacked the wallet Yeah, but they didn't change the chain in that particular case No, they didn't change the chain of Bitcoin, but it spelled the end for that wallet They thought they were doing a good thing by get by reaching into the attackers wallet and taking the Bitcoin out But that showed the community that was using that wallet said hey This wallet isn't very secure if the creators of the wallet are able to do this even though They did it with good intentions To return the Bitcoin from the hacker back to the people he stole it from It was the end for that wallet company Because everybody else pulled out their Bitcoin from it so I so did to me this is Similar in that the ability to do this and to separate the hacker from that Ethereum I I think shows a weakness in that if they can do it once they can do it again and You don't know who's gonna be in charge later on Okay, so this is a slippery slope So this is the slippery slope arguments if you can you must if you must you do and then you do again and again and again And it's simply a matter of what is too big to fail. I'd like to look at the technical aspect of this again, so This this question is for Lesteris and Good if you look at the the hard fork I'm looking at one line in particular which which to me says everything you need to know about this Which is line a hundred and forty six of each hash Dot RS, and I'm gonna try and paste it in the hangouts But I'll read it to you first and the line says state dot transfer balance the first parameter is child and The second parameter is main Dow and then the numeric parameter is the balance that's in there I Want to talk about that line because I think that's not one line demonstrates one of the interesting but also fairly fundamental Differences between Bitcoin and Ethereum This is something that most people haven't yet grasped and it's a fundamental difference Which is Ethereum is not a UTXO based system. It is a ledger balance based system That means you're not tracking the provenance of specific chunks of digital cash You're tracking balances in specific accounts, and that means that you can do things like take ten off here Add ten here in a state transition Which you can't really do in Bitcoin. So this one call is basically reassigning ownership of a specific balance from one contract to another and In reassigning this the miners who are writing who are running this code don't have any keys or any signatures or Anything because these balances exist under the ownership of a contract not an individual pair of keys Am I making this clear is this really a fundamental difference and does it does it have any implications for the fungibility of Ethereum? So with that is definitely a fundamental difference in the sense that when we do the hard fork and change the balances It we do not have to unroll everything to the morning of the hack the transactions that took place Only Ethereum blockchain that are unrelated to the Dow hack remain unaffected. We don't have to recompute history We don't have to go back and and do a lot of hard work To recapture what happened. This is in contrast as you said with Bitcoin where in Bitcoin For example when the fork happened the unintended fork happened in the Bitcoin blockchain back in 2012 April 2013 2013 okay, sorry April 2013 it was So back then when that happened there people had to get on the phone scramble and And unroll a set of transactions and then re-roll them back into the blockchain And that was a major episode so in Ethereum. It's a little easier because of the way the sort of the balances and the state is represented on on the theorems blockchain and So when we were having this original discussion before you guys joined I made the claim that Ethereum there was no such thing as best security. There's best security for a use case. It's a risk reward trade-off always and so Ethereum is making a different risk reward trade-off It's making a different security versus use case trade-off and saying that We will make some compromises in the fundamental security and fungibility of the currency And the ability to make changes in order to enable these use cases right greater complexity. I Disagree and we are sorry. Okay. I don't believe that's that's technically true So let's see. Why is that not technically true for the following reason? It is not the case that miners dictates the entire contents of your blockchain The it's it's it's the entire community that dictates the entire the contents of your blockchain Today we could you know as Suppose so I think the thing that you're worried about the reason why you think that this is a risk to fungibility is you might be worried or one It's maybe not you but but some of the listeners might be worried that a 51% of the Ethereum miners will get together and reassign You know balances willy-nilly to enrich themselves or whatever That is not going to fly if a miner were to come up with a new block that takes money away from some random person Say you and gives it to some other random person say me Or to the miner himself or whatever If that were to happen that block would not be respected by the economic majority of the network The merchants the service providers only theory in blockchain who actually consume the blocks would say you know That lot of good work that you did there Well, we're not going to accept your block that enriches yourself And so that block would not be respected by anyone That's why this whole process of a hard fork is a lot harder than convincing just the miners if it were a Process of convincing the miners while you're dealing with hundreds to thousands of people but now instead we have to convince the entire community and You can see that you know the people who say you know Oh, Ethereum has issues and it's not as decentralized. They're wrong You can see how hard it has been to to affect this kind of change just by the amount of effort that has gone into it This is as decentralized as things get and Let me also mention the analogous attack also exists for Bitcoin. It does absolutely Because you could have miners Simply decide to create a hard fork exception that says this UTXO Without validation of the input or the script sake on the input is now going to create a new output with a new owner But you would need to do a hard fork as in the case of Ethereum here And then you would have to have every future miner honor the fact that for all of the other transactions You validate the signatures except for this one where we're doing a confiscation Transaction and this UTXO is not validated and as you said the only thing that's stopping people here is that Consensus is a broader community. There are components to consensus merchants exchanges wallets users Miners and developers there are five different constituencies to consensus and they all have to agree Otherwise miners are mining blocks that have no economic value that for Bitcoin or a third that is not redeemable at any exchange You cannot buy anything at any merchants so Absolutely, you're absolutely right. So it's at the end of the day What gives what upholds any set of rules is the social consensus across these five different constituents that you mentioned and And if those all five they all decide to change something then they will change things on you And you know one could even change the 21 million cap on bitcoins If you could get all of those people to to agree and good luck with that, right? So similar vein I think the Ethereum change that this particular hard fork happens to have a lot of support behind it So so that's good. I think in my opinion because we're gonna have a clear crisp end But but I don't believe that the the community will be as willing to to go along with other hard forks That's not going to be on the slippery slope You can say things like we're going to do this once because it's so early on and this was unanticipated And we've learned from this and in the future. We're going to go to a different better world We're going to make sure for example that contracts Have escape hatches in them. We're going to make sure that Programs are you know vetted better or maybe have invariance associated with them that auto trigger the escape hatch Where the contract shuts down and goes into a simpler mode for example or any number of other things, right? There will be researched on how to build smart contracts. I mean if you think about it This this entity ended up collecting an enormous amount of wealth and value about 220 m, right? that's a lot of money and Very little research ended up going into it if you think about the slocket team It's only six people working for about a year So that's that's fantastic effort, but you know that that's not sufficient for building Something that would house 220 m right the six guys building a safe that holds 220 million You know just physical in the physical world. I wouldn't really trust that safe You really need a bigger team for it. So so in a similar vein I think this underscores the need for better techniques for For for creating smart contracts, and I think we're going to get there as a result of this Nobody will want to see a repeat of this Absolutely, so so the slippery slope argument for you doesn't hold I think the Comparison we offered in our previous show was this is a bit like the 2001 Supreme Court decision where you had one paragraph Saying here's why we're going to pick the president and then ten paragraphs saying here's why you should never take This is a precedent for anything else and I think that is possible as a Social contract. I want to also give left areas a chance to jump in here Now you mentioned that six people in one here went into doing this dial contract, and I've actually watched Left areas working, and I believe he's put almost one man here of effort just in the last two weeks Working around the clock He's done a remarkable amount of work in in trying to to to make the best out of this particular situation left areas I'm sure more dows will exist I'm sure more dows will be written Are there any lessons that you think purely from a technical perspective ignoring the the you know Maybe there should have been limits on the total amount or maybe the political situation should be handled differently That's not your domain, but What are the technical lessons from this? What would you do differently if you were writing a new dial contract today? What have you learned? Yeah, I would like to say that the Dow was Started by slug it's true But it was an open source project and we made many calls to the community before the loans To take a look at the code and many people did But yeah that particular exploit was was not seen unfortunately that thing that hacker used So as to your question Yeah apart from putting a cup That would have been so in retrospect looking back right now. That's like the number one thing I would Personally never write Contract that would not have Some escape has that I would be able to control me or some a multi-seq of people What we what we saw from this is that essentially You need to be able to react fast to Any news that may come out of this like a maker now for example They are very fast because They had control of of the Dow when this Of their down when this exploit was published They managed to pull down their own doubt because they They could if there is no No escape huts and if there is a 21 day period that is required in order to Know for today period in order to upgrade Then that opens a very big kind of warms as far as security is concerned Yeah, thank you Let me chime in on this Andreas So there are there are settings where you definitely do not want an escape hatch or or any kind of Interference mechanism at all. So what's an example a simple example is if I'm playing some online game on you know Blackjack whatever on the Ethereum Blockchain I want to make sure that the payout will take place absolutely no questions asked So we definitely that is a clear case where you want the the assurance that you can get from from Autonomous execution But there are other cases where you actually want some kind of both Automatic escape hatches as well as there are cases where you want human intervention as well and let me make the case for them I'm not going to say I don't know where the Dow fits But but let me sort of try to riff off of what left there is said It's in my opinion I think when you have something so complicated as complicated as the Dow with Internal balances with the extra balance field with the ether it holds with the children with the reward tokens With the money flowing and through the reward tokens and so forth I think it's it's prudent to have what we call Assertions in the code for example the money flows in and the money flows out should be balanced The money flowing into any child Dow should be in proportion to the tokens that actually started that down Or any any number of assertions of this kind I can imagine If one or two if I were writing this code I would insert these assertions and if they are violated for any reason whatsoever They they would encode my expectations my intent in some sense And if they're related because of unforeseeable circumstances Somebody used this recursion bug in the Dow's case and ended up getting far more ether than their proportion of Dow tokens So I would then in that case have some automatic measure That interferes and says Hunker down stop whatever you're doing put the Dow into a mode where it stops stops progress and limits the amount of loss And I think it's possible to do this without necessarily opening up game theoretic attacks without opening up other issues Denial of service vectors and so forth Maybe you open up some denial of service vectors But I think this is prudent is actually you don't in this case and that would have caught this particular attack And then finally Let's not confound the two there are times when you want an escape hatch Or you want some kind of an appeal to human authority in the same way that Sometimes you really need to ask a human to say you know we're about to do something. Is this a sensible thing to do? I don't know that the Dow is Is this kind of an operation? But I think the slocket team did think that the human element had to be introduced they introduced the human element in the form of curators on the front side of the operation when the proposals are coming in and So that was that was their thinking And I don't know how effective the curator process would have been because I never saw any sort of a formal document on What the curators were supposed to check for and do so we can debate whether the Dow was structured well But I can see having gone through the Dow experience. I think we're beginning to understand that smart contracts You know this dream that they operate autonomously forever and ever without intervention You know that doesn't apply to every single contract on earth, right? So I want that to apply to the blackjack example. It should all you know the rules are never going to change There's going to be no unforeseeable circumstances. I should always get my payout It should apply to Say money money forwarding agent that is distributing royalties, right? I wrote a program. I'm getting cash I wanted to beat up the appropriate way But So when it comes to something as complicated as the Dow I think you do want some some kind of assertions that lead to automatic programmatically driven hunkering down To to guard against violations of the programmers themselves And I think left there is today would be in a much better situation if if the code had those kinds of checks in it We're learning a tremendous amount from all of this, right? And finally, I think you know, we're learning that there are some cases where you you do indeed have to interact with the legal The sort of the authorities on the legal system outside of the blockchain I don't know that I'm pretty sure that it's not going to be possible to toss aside, you know, umpteen thousand years of legal You know development in the legal world and just come up with your own code is law universe and And I think there's that intersection. We're going to figure out how to do in a much much better way So these first attempts are very valiant efforts, but we're finding out where they fail So I'm asking some questions from the participants on Q&A if you have questions use the Q&A feature within Hangouts in order to Submit your questions and I'll ask them from our various panelists as well as Other guests who may join us in a few minutes Lifteris Gunn said something really I think critical here Is he said in the case of a contract as complex as the Dow? to me complexity is at the core of this issue, which is that until we have many many many iterations of simpler components of various smart contracts that are heavily tested in real life experience and Provides, you know strong precedent that they are robust Is there a cap on how complex we can make smart contracts at this level of maturity? Is that one of the takeaways from the Dow that it was simply too complex for the timing? well, I mean the Dow was meant to be We try to really make it simple, but yeah, it ended up much more complex than Then it should have been that's for sure Yes, I would think that we should try to keep smart contracts at this point as simple and as modular with reusable libraries as possible and Safety should be the number one concern of course. I mean if there is anything anyone should take from this What happened it should be that security should be the number one concern in every smart contract So about the assertion-based programming that Professor Steer mentioned it's it's it's it's really really interesting and it's it's a nice way That this can be addressed in the future in many contracts in many smart contracts There are other people who are working also on formal proofing of contracts At this point Others suggest the even language is different than Solidity. There is there's a whole brave new world out there to experiment with That would make security the number one priority here Yeah, one of the things that I'd like to note also for our audience Gav Wood wrote an article. I think it was yesterday that he posted on medium about Programming practices of separating the conditional parts of the code from the state transition parts of the code to make it much simpler to both read and potentially do static analysis of the code and Using the existing functions within Solidity, but rewriting the code so that all conditionals are expressed as modifiers Which are applied to functions in the declaration and Within the functions, you only have state transition Code, I think that was a really interesting approach to a much more defensive style of programming and certainly a lot of the assertions that Good was talking about would would apply to these to these modifiers Do you think we're learning how to? program all over again at a whole different level of Scrutiny and rigor and discipline than we've ever done before because of this new model Absolutely, Andreas You know my original background in grad school was writing kernel code operating systems code and we all considered that difficult because if you have a bug in the OS then you have a very visible failure It's a cult Seq fault in blue screen of death everyone The b-sod when you see that, you know, it's It's very embarrassing for all concern But but that's nothing absolutely peanuts compared to what happens when you've got programs that are managing money flows and then money flows that are quite significant by now and This I think both scary and invigorating. This is really really cool Like we managed to build something that is amazing in its nature We're able to write these programs that do exciting things And and it requires us to bring our a game into the So it would it won't cut it to just sort of you know write an app the same way I write an app for an iPhone You know if it crashes on the iPhone, okay, no big deal. Sorry, you know, here's your $150 back These things are are really really, you know, they kind of significant failures as we saw and So they require an added level of scrutiny and I think we're going to get to get that You know in once we get over the Dell episode All right More questions from the audience. We've got some questions about fungibility again Let me just quickly introduce griff green if you can hear us pipe up Griff is commuted to organize or force lock it. Lyftarys may have to depart Because he has actual work to do other than us sitting around chatting about things. So Thank you so much for participating Lyftarys griff. Welcome to the program Yeah, thank you Andreas. I'm actually at your school right now in Cyprus About to walk and get the first diploma ever in digital currencies. So I'm pretty excited about that. I actually I got a lot of perspective on this whole thing because coming down here I flew through Istanbul and of course we know With the terrorist attack that happened there and you know It really gave me a lot of perspective on we take ourselves so seriously with all the stuff that's going on And is a tragedy. I've even heard people call him a terrorist the attacker and saying we can't negotiate with terrorists well It was just a really really brought me down to earth and put me in my place about how important some of this stuff is that we That we go screaming about all day. Hey griff very nice to meet you here and congratulations on the degree So I'm from Istanbul. It's very very good to hear that you made it out of there all safe and sound We all were very worried. I spent half an hour making phone calls yesterday and you know, and I was dealing with all these trolls you know doing their trollish thing on Twitter and And meanwhile, you know, I'm making all these phone calls to see if the family and friends are all alive And it really puts you in your place and puts yours sort of puts all these concerns You know in place so these people are getting really upset about a rewrite of the the theory in blockchain you know there are much much much more serious things going on and what we should really concern ourselves with is making the world a better place and You know for some absolutely means avoiding these kinds of you know the attacks and so forth and for us It means building new systems that have cool functionality Yeah, push in progress forward All right griff. I've got the same question. I asked if there is before what are the lessons learned from the socket team Because of this what what are the lessons in complexity and security review in the scope? And size of the funds raised and how would you do things differently if you end up doing them again with a new doubt? Yeah, I'm confident that we will try to do it again with the new doubt And I'm confident that we will have a lot more community involvement and support throughout the entire process You know as far as the security stuff left to us and comb and and the security guys on the team. They're really You know, they're the experts on this. I'm I am I'm just getting my degree right now So I can barely talk about the lessons learned through the code but I can't talk a lot about the culture and the organization you had brought up the curators and Different things there wasn't really a guideline on how things should go I actually think we spent a lot of time adding fail safes and security precautions into the code and at the expense of Really developing the culture around the code and the cultural code that is involved in something as complex as a Decentralized autonomous organization can't be understated What do the Dow token holders need to do? You know, is there a guidebook for them? The curators what do they need to do all of these things were left? Well, you know when we did this when we set up the Dow Well when we set up the Dow framework, we really wanted to have an arms length away from the Dow that was Design choice to the point where we didn't even name the Dow it's got stuck with the name the Dow because we wanted the Dow to name itself and That was kind of our process the whole way. We wanted the culture to develop around the Dow We wanted the voting mechanisms We wanted that to develop within the Dow and if it would have been a smaller project that probably could have progressed nice and slow but because of the scope it really was It was a tragedy that I mean obviously this this this bug had nothing to do with the culture around it But it was a tragedy that there wasn't more cultural development going in first and foremost to figure out what? Everyone what everyone's part is in this and that was the number one thing I learned of it But I'm coming from it from the perspective of a community organizer You know trying to fit these pieces together and communicate between everyone I want to take your comments about culture and I want to go a bit tiny bit deeper there if you read the Dow hub org today and you look at the way the Dow was pitched I think the culture had a lot to do with both the overall exuberance and The the really sudden downfall from grace pardon my Comment here, but I'm gonna be direct with you the Dow the way it was described contained a Significant amount of hubris it was supposed to be code is law that floats above all jurisdictions The ultimate independent and autonomous systems that requires no not even requires but disdains human interaction is completely censorship resistant is meta and above and floating and all of this kind of very very ideological very very purist very We are above the common concerns of the judicial system We don't have terms and conditions read the code. That's the only thing that's binding That was a pretty big Potard and you're hanging from it now because you set up the expectation not you personally, but I feel like I did most motion for Remember saying any of that stuff Well, I read read the read the website it says You know the the the the white paper and the documentation is not binding and means nothing It's all in the code. The code is the only thing that's binding. This is not an NT This is not a company and the Dow is revolutionary the Dow is Uncensored ball and on ultra ball, etc. Etc. There was a very big kind of push to push this as something that was completely Above traditional governance techniques and that ended up Being a very different outcome from what was Promoted in at least that website and I don't know if you wrote any of it. I don't care That's not the point. The point is the culture overstretched here. The culture went big for a You know, we're going to be completely separate from jurisdictions and human affairs and governance systems You know completely free from all of these constraints and that ended up Being a significant difference from reality Yeah, you know, it's interesting because the real governance that does govern the Dow is Ethereum the Ethereum network is kind of the Jurisdiction that the Dow lives in as we're seeing now with the soft fork and hard fork debate And I don't think there were many people who saw that I mean slocket doesn't own dowhub.org does not our Jurisdiction either Again, it was an open-source project and lots of parties came in to write that documentation And I definitely did edit some of it, you know, because I I do get in there But I didn't create most of the content and I don't know that slocket had a huge I think we we were working with the community as much as we could and dowhub.org is run by community members, so This is quite interesting because I know from the very beginning there was an attempt to make the Dow arms length and to Basically make sure that it wasn't in any way connected, but there's a really interesting shift there You know the expression goes that success has many fathers, but disaster is an orphan You know just up until up until the hack Slocket and some of the executives within slocket Were when they were being hailed as heroes the arms length. Oh, this is in toss It's an open-source community a tether a tether. That's wasn't heard so much I mean, I really don't know where you're listening to I've seen a really significant shift suddenly everybody's backtracking from this now I know that slocket from the very beginning said very clearly. We don't control this. This is not the Dow We didn't even create this contract and that was very smart. I agree with that but it seems like the removal of Any association happens a lot more rapidly after the hack No But sorry sorry to timing like this, but From the very beginning We were stating it that we had nothing to do with the dough. I mean and that apart from yes, of course running The biggest part of the code but We didn't Sweets in our attitude the attitude of the community did sweets. I mean, yes, very much. So yes, that's very true That is something that happened We didn't change. So what I want to make sure that everyone understands here is that we didn't change our attitude at all But the community yes They did change the attitude and they did try to want to blame and they did try to blame slok it that's why then Slok it appear to be defensive because we had to state specifically that we really do not control never controlled and do have the doubt and the nonsense but Yes, I mean you're absolutely right and I've certainly seen that in other communities And in Bitcoin very much. So the speed at which a hero becomes a villain In communities like this and the speed at which the the fangs come out When there's a problem and people's money is is is absolutely shocking and you can go one day You're like the greatest geniuses who ever lived to have created this fantastic fundraising opportunity that will fund all of these development Projects for a theorem and trust me I wanted to see it succeed because I actually I still believe that the Dow is a fantastic vehicle to do funding if you get it right and then a day later You're the worst people who ever existed and and you know you're getting crucified on reddit You know I was very funny though because when we were trying to put proposals out every time we put out a proposal It would get slaughtered in reddit slack I mean I don't feel like we ever had a leg up on this situation We actually put together a 1.5. I think it was 1.5 million dollar. Yeah, that was saying we're gonna have 24 hours 24 7 You know Oversight on this like pay us to look at this code and audit it and have three people may always managing it And it just it was a disaster there the whole community said you're it you guys are crazy You're trying to blackmail us for something or who knows you know they had all sorts of I mean reddit is Conspiracy and conspiracy theories come out immediately In all of these and so do the trolls. I know we've all experienced that Eventually we had to cut it down to we will give a Will hire them basically at their rate to to be the point person of security for the Dow And we couldn't even get that proposal through because of different cultural issues around curators and things like that So I and when we were putting out the universal sharing network proposal and and because we were pitching it to some of the private community Members it was getting slaughtered. You know people did not like us asking for money I mean if if we were I don't know that we were ever heroes in the Dow to be honest Until recently are you we're heroes until the first proposal dropped? I think when the Dow was raising a lot of money You certainly work and and then the tide turned viciously and very very rapidly But let me can I say something about this please go and jump in no I have no expertise in this area. I'm just somebody watching from the sidelines But you know I see that as a success of the Dow It captured the sort of the common sentiment and the common sentiment when it comes to issues like this is very sensitive to perceived conflicts of interest and This is true in life like when you actually live a little bit you realize that what's much worse than an actual Conflict is the perception that you might be benefiting from some some conflict of interest that you will abuse your Privilege situation the society that brought you to where you are today Wants to make sure that you live up to those ideals You know I'm a semi-public person as a professor and I know that because of the power I have over students I have to be double extra special nice to them and I tried my very best to do that And it's a similar situation for slocket. I believe the community made you heroes and I believe that as a result You know your conduct was scrutinized much much more so that 1.5 million dollars suddenly looks like an enormously large number You know in retrospect, you know 1.5 million for the protection and security of 220 Isn't really much but maybe the crowd's new other stuff griff. Maybe they thought that that's Should have been done by somebody independent of the creators and maybe That was part of the proposal there were bug bounty there were External audits another first one the first one had I mean most of the money actually wasn't going to slack it It was going to other people We were going to hire three people and that was the money that went to slack it and then the rest was all Community-based or external things and when that when that was thrown down We were approaching anyone and everyone who would do security audits for the Dow to you know Propose make proposals. So that's so let me also at the technical level. There are also issues with this We know from social choice theory that if there are people in the Dow as investors And I believe all of you are investors with your own money in your own creation They shouldn't also be beneficiaries Of the same vehicle right you I can't be voting to send money to myself That should not be happening and if that is happening then the game theory gets really really complicated and And so that too is something that works against you guys I mean these are just sort of you know in retrospect we can see this happening I'm trying to just sort of you know explain what might have been happening in the minds of the crowds But from my perspective this is really the crowd saying you guys really need to keep I mean I know you worked really hard to keep yourselves at arms length But the perception that you could ever benefit from the Dow that is I think what poison that relationship So if you do this again, my advice would need to come up with some scheme by which the creators Get some payment for all their efforts But but not through this whole proposal scheme and so Yeah, there are even more arms length than before I'm gonna I'm gonna just jump in here and Suggest that we start wrapping things up Over the next 10 minutes, and I want to get some final statements The final question we have from one of the audience here and Adrian asks why can't we just fix it move on? Let this be a real lesson not The attitude it was just a prank bro To me, I think this is this is the critical outcome of this if in the end this is fixed It provided a massive bounty which then became a massive opportunity to do security research Which then tested? Ethereum's governance model and Consensus model to the hilt and really put it under pressure the pressure of real money real pissed off people Creating conspiracy theories it tested the community their ability to have reason debates And it's still testing the ability to come to consensus without fangs coming out Honestly, the Ethereum community has done an amazing job at keeping the conversation civil I think that is to the testament of this community and so now let's look at the future. What happens next? I think we're gonna see a hard fork before July 15 Based on something very similar to the code that Gav has proposed or others will come up within geth And we'll get a refund now And then the the only damage done to this is to the pride of some of the people involved Everybody else gets their money back and we learned some really tremendous lessons that can only be learned Experimentally and through the application of real Environments real game theoretical models real strategy real conflict In a real scenario you can't learn this in a simulation, so I'm optimistic for the future What do you guys think what comes next? I'm also super optimistic. I think If we can put the Dal Saga behind us with a hard fork of some kind ideally because that is the clearest way of putting it behind us Then we will be in a different world where we can focus back on the process of creating new daps and that's going to be fantastic The promises there are so so enormous That that we should get to that point by the simplest most expedient manner in the simplest most expedient manner possible The only danger I see ahead is one where we go into this morass where we constantly debate you know the color of the bike shed of the fix of the various little features and so forth and If we don't get into that trap if we could put this behind us I think there's a great future waiting for us ahead and that future involves exciting apps Better security more understand the better smart contracts that are easier to understand and reason about and all of these things Will will give us a better world Lifteris from a technical perspective about what happens next. Are you optimistic? What I have seen from from the developers and from community also that would support those developers I can definitely see a hard for coming and So it's just party. It's so there is a python implementation by Vitalik and there is also C++ implementation From what I saw just a few hours ago Just to start testing so I think that by July 15th We will have something and from then and on we can you know put this whole mess behind us and focus on building beautiful decentralized applications continuing developing the ecosystem lend lessons and Go ahead on September to DevCon To yes DevCon to and you know Discuss how we should proceed with the team from here and on Griff do you want to give us your take on the community and culture and what lessons that's given us on where we go next? Yeah, and I definitely want to answer the guy's question too about why we can't fix it Because it is a good question a lot of people actually have told us You know a lot of people that got involved in this really just wanted to get involved because of the universal sharing network The thing that's locked in is really excited about and what we're really primed for and the Dow is a stepping stone too And that we can't really I really think we learned so many lessons that fixing it would be First off it would look horrible I don't think anyone would really like that idea like that idea except for the diehards because You know there's some trust issues right now that's like it needs to deal with and there's and there's a It would be it would it would really add to that conversation of too much hubris from the slocket team because I think I think by fix it They don't mean reconstitute the Dow to run proposals, but instead fix it in terms of Refunding everything and and then cleaning the slate. Oh, okay. Well, yeah I mean I've heard other people say just just fix the fix the Recursive bug and then continue on but but yeah on the other side of it Obviously a hard fork. I'm I'm really optimistic I've been so impressed with the behind-the-scenes workings of Ethereum is really a refreshing thing people are talking, you know calm and asking curious questions and Really figuring out saying that yes, I disagree with this, but I understand that that might be Is better to have consensus and it's been really incredible to see how the community works And I hope it continues to work as Ethereum grows bigger because I think Ethereum early on or sorry Bitcoin early on was probably similar They they lots of people were working together. They were the underdogs They felt like they were an underdog So it's easy to unite around that common cause and as it gets bigger if Ethereum scales like The community hopes I hope we can continue this calm and peaceful approach And I think a hard fork seems seems pretty solid, you know as long as the testing works You know, I was definitely dismayed from the soft fork situation and the DDoS attack that goon came up with and and a lot of a lot of people came up with but So so yeah, I'm cautiously optimistic as long as the consensus grows around the hard fork Then we will just fix it, but if there is a consensus issue I really hope we don't push the hard fork because that would be much that would be really Really real tragedy if somehow this caused more problems than than it already has All right, and on that note I would like to thank The two hosts who had to depart early Adam Levine Stephanie Murphy who joined me to do this live Q&A broadcast our guests so far Professor emin goon sir from Cornell who discovered the DOS the Nile of service Vector as well as a number of other security issues in a number of things including Bitcoin Thank you very much for joining us today and giving us your input on this professor sir Griff Green Who joined us from Slock it community Organizer for Slock it left there is Cara pets us the chief technical lead within the Slock it team who's been working tirelessly on the dial code and developing a lot of the Thought leadership around how we solve the technical issues Behind this and all of our audience who gave us questions. Thank you again for participating We'll probably do another one of these as more things develop and see if we can condense as much learning as we can Out of this scenario. Thanks for joining. Yeah. Thank you Andreas Thank you. Bye. Bye