Thursday, June 23, 2016

The DAO - Ethereum incident: if you can't stand the heat, stay out of the kitchen !

Ok, I admit: I may be a payments or banking dinosaur and an old school kind of guy. I have personally witnessed the emergence of new payment methods (POS, I-pay, VbV, purse, online-purse, Paypal, EMV, etc) as well as the failure of banks (Icesave, DSB). And I have a keen interest in the history of banking and finance.

With this background I have been intrigued by the Ethereum-DAO incident and its further follow up. What now seems to happen is that an undemocratic, interest driven community that hasn't secured or enforced proper governance and safeguards, is taking the right in their own hands when some digital assets of theirs appear to move in different places than envisaged.

Lay-out of options to solve the issue
Pondering the issues at hand was stimulated by this very good presentation by Gavin Wood last Monday at the Dutch Blockchain Conference. See below



In the presentation Gavin Wood presents 3 options:
- do nothing
- soft fork by community
- hard fork by community.

How logical the 'community' approach appears to be, I couldn't escape at noticing that the concept of community is limited to those directly involved as owners/investors in ether. All of those people were aware that they're investing in a very speculative, new technology and digital asset.

Gavin introduces the concept of moral consensus by the people, rather than the machine, to solve the issue. This consensus is not really the people, he explains, but the miners. In my view this means that the bottom line is that the interested actors take the right into their own hands to cheat the attacked back out of his possessions.

What's missing: the legal consensus
What's truly missing in the discussion is a fundamental fourth 'community' option:
- owners of 'stolen' ether  call the police (in whichever jurisdiction) so that a judge may determine whether or not this is a theft or otherwise.

Any system existing on earth, is always under some jurisdiction which allows formal legal arbitrage on differences of opinions as to whether this is theft. And lacking the proper arbitrage rules in this obviously not so smart contract, this is the domain where the Ether and DAO community should revert to.

Any other road than turning to the formal/legal mechanisms to solve this issue, constitutes a power batlle between interested parties. One party claimed to offer autonomous smart contracts without human intervention (but slides back as soon as they lose money on it) and another party took them up on the offer and fights back to keep the first party to their offer.

If you can't stand the heat, stay out of the kitchen
From a macro point of view, I don't see a reason why a response in forking by the ethereum community is justified. We're just witnessing a private, risky enterprise doing not-so-smart-things with not-so-smart contracts. This will mean that a limited remit of private investors (that know that they are risk investors) lose their assets to someone else.

As tough as it may be to see someone mess up your assets/system in front of your own eyes, it is hoewever the ultimate consequence of a philosophy in which one proclaims that is exclusively the machine that drives the asset moves.

So as this all happens, you just better buckle-up, take the hit and make sure there are no more accidents waiting around the corner. And if you're not up for it, it's time to leave the play under the motto: If you can't stand the heat, better stay out of the kitchen. When seen from a financial history perspective this whole incident is just one silly drip in the ocean of follies that has ever occured.

Up next: proof it or put in arbitrage
In a practical sense, the lesson is easy. Either have full formal proof of smart contracts, allowing you to  check all possible states of the implementation, or include an arbitration and third party mediation into the smart contract.

It's not a new concept: I've been speaking with Ian Grigg numerous times on the relevance of arbitration for smart contracts (see also his blog on this). So with this incident, the lesson will surely sink in somewhat faster.