Blockchain companies’ smart contracts are not smart

Rage Review : The investment cooperation between Goldman Sachs and the Libyan Investment Authority broke down and was brought to the London Court. There was also a case a long time ago when the Federal Energy Regulatory Commission fined JPMorgan Chase for profiting from the rules of the California power grid operator. These remind us of the recent DAO hacker attack, which lost $60 million. There are rumors about who is right and who is wrong, and everyone has their own opinions. According to the author, the existing law will not pay attention to the rules of DAO that are far away from the real world, and the behavior of using DAO code as the core judgment standard also violates the original intention of the code to serve humans. And if DAO chooses to modify the smart contract code, it violates people's expectations for idealized smart contracts. It is really hard to predict how this hacker attack will be handled.

Translation: Annie_Xu

London is hearing an incredible case in which the Libyan Investment Authority (LIA) has filed a complaint against its trading partner Goldman Sachs. In short, the LIA gave Goldman Sachs a sum of money and signed a complex contract that stipulated the circumstances and amount of money that Goldman Sachs had to return; but then all the money disappeared in an instant. This was a huge sum of $1.2 billion, so Libya was furious and decided to sue.

LIA provided many arguments in the lawsuit, but none of them proved that "Goldman Sachs owed us these contractual payments." The contracts stated the terms under which Goldman Sachs received the funds (mostly the price of some bank's stock) and the amount Goldman Sachs had to pay to Libya. The contracts were clear and there was no dispute over the interpretation of the contracts or the conditions under which the contracts came into effect. Everyone agreed that the total dollar proceeds were zero!

On the contrary, Libya said: These contracts do not represent our intentions, we did not understand them, we were deceived into signing the contracts, we were suppressed by a bunch of bankers from Goldman Sachs, and we were tempted by the bankers' early, mid-term and late-term profit guarantees. We have no experience, and we believe that Goldman Sachs will bring us profits. What we thought did not match the actual results.

Whatever you think of their dispute, our thoughts are complicated. On the one hand, their arguments are acceptable to the court, and the terms of the contract are important. In most cases, derivative contracts are like this: I pay the premium for the call option, and you promise to pay me if the price really goes up; if it doesn't go up, I have to admit that I'm out of luck. We know what we are doing and we get what we want. But many times, others don't understand and complain when they suffer losses. Usually one party says that I did what I should do and we both got what we wanted; the other party says that the transaction is unfair and asks for the terms to be modified.

Here's another one of my favorite stories. The California grid operator created a set of rules for generating, transmitting, and paying for electricity. The rules were really bad and stupid. If you read the rules carefully, you can get ridiculously high rates for electricity, not because the electricity you generate is worth that much, but because you find a way to exploit the rules. JPMorgan did just that, openly and honestly exploiting a stupid but clear provision in the rules. The Federal Energy Regulatory Commission (FERC) fined it $410 million for it. JPMorgan paid the fine. It's clear that JPMorgan did exactly what the rules said, but that doesn't mean it was allowed to do that. Because the rules are stupid, but people are smart, and it's wrong to exploit the rules.

Previously we discussed the DAO hack, a distributed autonomous organization based on the Ethereum blockchain that was supposed to receive investments and then invest in projects according to the wishes of investors and be governed by smart contracts. However, the DAO was accidentally hacked and about $60 million worth of ether was stolen. I and most people use the words hacked and stolen, but maybe that's not the case? You can see the interesting report about the DAO hack below.

"The hacker interpreted the contract terms normally and stole the users' money, but violated the will of the DAO. However, according to the legal contract of the DAO, there is no concept of theft, and the intention is completely unimportant. The only thing that matters is the smart contract itself. Therefore, there is no legal distinction between prescribed functions and illegal use. It is all a matter of cognitive perspective. For example, the recursive splitting function that we are not familiar with is itself a feature that users can use to introduce funds into the DAO subsystem. In a sense, this is no different from what Slock.it did at its own will, except that the former did not go through a voting system, but was derived from a smart contract. From the perspective of the original capital provider, this may be a big deviation from the original marketing strategy; but from the perspective of the DAO, there is no essential difference between the two. And the legal contract seems to choose to be based on the DAO."

That is, DAO is promoted as a distributed autonomous organization that gets investments and invests in other projects according to the wishes of investors and follows smart contracts. (I think the focus of DAO promotion is not that it is a new type of human organization that has not been tried before, but that it is over-exaggerated as risk capital based on voting). Websites and forums explain how DAO is used by people, what its security features are, etc. (Some technical explanations are made by Slock.it, which is related to DAO). But there is another interpretation template.

"The concept of DAO Creation is explained in smart contract code on the Ethereum blockchain at 0xbb9bc244d798123fde783fcc1c72d3bb8c189413. No other interpretation or document or discussion can modify or add any additional obligations or guarantees beyond those provided in the DAO Code. All interpretive terms or descriptions are for the purpose of disseminating knowledge only and cannot override or modify the description of the DAO Code on the blockchain."

Or let's take a look at what the DAO homepage described last month.

“The DAO existed in an immutable, unstoppable, and unquestionable computer code, was run entirely by its members, and was powered by the Ether that created the DAO tokens.”

The description itself is not important, it is the code that is important. The description did not cause the hack, it was the code (by definition, if the code can be hacked, we assume that the code caused the hack). The vulnerability in the DAO code was not a flaw in the code, but a flaw in the description. The description of the code was purely for fun. The DAO website failed to explain to investors that the code allowed hackers to take away $60 million using a recursive split function. On the contrary, the recursive split function is part of the DAO code, and therefore part of the DAO. Exploiting it is not hacking, and exploiting it to obtain funds is not theft; it is an act that follows the intention of the DAO. The only measure of its intention is the actions allowed by the "unchangeable, unstoppable, and unquestionable" code.

“Hacking” and “theft” are artificial, canonical presumptions about how the DAO code should be used. But the code doesn’t care. The code can’t be hacked, only exploited. There is no canonical explanation for its application. As one Twitter user put it, “So this is arbitrage?”

This is of course naive and stupid. This is not how human institutions work, but it is the ideal world of smart contracts that expects institutions to work in the future - "unchangeable, unstoppable, unquestionable", an ideal world of cold logical code without human bias, stupidity and interference. Human expectations are irrelevant, except for those that are accurately written into the code. Last time we talked about DAOs, I said this:

"The U.S. legal system has built a redundant but delightful system of safeguards so that investors can more or less get what they want. If you invest in a U.S. public company, you sign a certificate of registration and articles of association written in legal language. You also get a prospectus that explains the terms of the investment in plain English. Then no matter how you vote, what obligations the company has to you and what rights you have; the investment terms are influenced by these factors: federal securities laws, state laws, stock exchange listing requirements, insurance company investigations, public policy, customs and traditions. Even if the articles of association of the company you invest in stipulate that the board of directors can sacrifice you, these clauses are unlikely to be enforced because there is always room to deviate from the standard terms. If you use Ethereum for smart contracts, it is best to make sure that what the contract says is consistent with what you think. The contract itself is one thing, and the only thing that matters is that interpretations and expectations may be useful, but they have no influence. This is a sharp-edged world, and perhaps you can understand why idealists and technical idealists like this world, but investors cannot understand it."

A month ago, this hard-edged world hurt the DAO’s technical idealists, or at least their wallets.

The leadership of the DAO and the community of the Ethereum blockchain that created it are trying to freeze the hacker’s funds to fix the vulnerability and discuss next steps. But it’s not that simple.

“I don’t know how the court will rule, but it’s very likely that they will consider the hacker to be a legitimate operator that complies with the smart contract, and those who try to modify the smart contract afterwards are the ones who violated the law. And the hacker may file a complaint against Slock.it for this.”

I hope it will. There is no reason to believe that a court of ordinary judges following ordinary justice will agree with the DAO disclaimer. It is completely meaningless to simply post a disclaimer on a website saying that any advertising or expectations cannot "override or modify the DAO code on the blockchain." If the Goldman Sachs and LIA contract disclaimer said that the parties agreed and understood the terms of the contract, and that nothing they said or did outside the contract could override or modify the terms of the contract, the court would not have stopped the LIA case. It might have helped Goldman's argument, but the court only respects the facts of the real world, not just the content of the contract. If the DAO found out about the hack and went to court, I am not sure the court would agree that the hack was part of the system, just as FERC disagreed with JPMorgan Chase's view of its power trading. Although cryptocurrency, blockchain, and smart contract fundamentalists tend to place themselves outside the national legal system, the national legal system will not agree that things happened on the blockchain.

What’s most fascinating about the DAO hack is the way it exposed these problems. True smart contract believers don’t think there are problems; the system is perfect, and writing the problematic code and failing to anticipate the attack were minor human errors; they can just write a perfect smart contract in the future. For adamant smart contract believers, modifying the code after the fact, even if it is to meet everyone’s reasonable expectations of the DAO, is a betrayal of the ideal of smart contracts.

In addition, for those who interpreted the English description of the DAO and invested according to their reasonable expectations, their losses are very important. You can't really bet the future of the financial system on computers instead of people; you can't trust immutable code no matter what happens. The financial system should serve humans. If the code exploits humans, it deviates from the original intention of writing the code.