[invitations_for_slack]

The Synereo team shares in the disappointment this attack has caused the decentralized community.

Despite being a major ETH and DAO holder, a part of me does not believe a rollback should be performed. We wanted “unstoppable applications”? We got them.

But my better angel says, if the position is – control is entirely in the hands of smart contracts, not smart people – that’s foolish. We must have both. Ethereum is now learning a lesson that Synereo took to heart from the beginning.

A rollback will set a precedent. This is a decision that is crucial to the growth of the decentralization movement and to the trust in the decentralization community. We should own up to the results of our experiment, and learn from them.

Synereo offers a social model; one that integrates measures of compassion in its code. Our reputation mechanism assures trust in people is still required, while tying the control assigned to them in formally-verified smart contracts – making that trust much harder to abuse.

We have and will continue our partnership with Ethereum to ensure the decentralized community can feel confident in the code we all deliver.  

– Dor Konforty, CEO Synereo

 

== ==

Related media:

Greg Meredith, Synereo CSO, Explains Law and Compassion

Dor Konforty explains Synereo’s reputation-based DAO

 

  1. One of the main reasons the DAO Hack affects us all is Ethereum .
    The Dao Project manifesto cites the following concept and ideas behind it :
    Transparency
    Democracy
    Decentralization
    Voluntary participation
    Non-exclusion
    Privacy and the right to anonymity
    Non-aggression

    And these ideas or at least some of them were expressed in form of software in many technologies mainly Bitcoin as a currency and precisely the Blockchain .The hack of DAO is to Ethereum what the MtGox hack was to bitcoin a price crash could be imminent but more importantly the loss of trust in the system .The Ethereum foundation will definetly try to solve this issue the initially came up with the hard fork to prevent the thief of fencing the stolen Ether but the idea of the hardfork wasn’t warmly welcomed by other partisans because it breaks the core priniciples of Ethereum and Dao .
    Here we find ourselves facing a dilemma is it good or bad to break the foundation of a system for the good of the system itself ?

  2. RadicalAchraf,

    The hacker violated the principle of non-agreesion. He attacked, and destroyed The DAO before known issues could be fixed. Ironically he was enabled by the transparency of The DAO.

    Hard forks are a necessary part of blockchain evolution. The mechanism is democratic. The system is broken and needs to be fixed. Miners ought not think the victims of the attack have to lose due to unintended consequences of an immature system. We ought not be building a synem where humanity becomes a slave to our technology. Continuing with a bad system is wrong. We must employ higher principles using practical wisdom.
    http://www.ted.com/talks/barry_schwartz_using_our_practical_wisdom?language=en

    Jim

    • You can’t blame the hacker for a security vulnerability. The non aggressive point of DAO is like a fail safe to prevent an attack of the kind of the 51% majority attack that threatens Bitcoin.
      The question that should be asked is why the developers didn’t spot it before did the hacker why there wasn’t a security audit… As I said this hac’the is similar to the mtgox hack nothing different besides the nature of the stolen goods.

      • There was in fact a security audit. The bug was spotted and publicized 2 days before the attack in github and on daohub due to the transparent nature of the problem. The vulnerability was publicized weeks before. This is a very different case than the mtgox hack. Long before the hack there was an overwheling sentiment in dao.consider.it to shut down the dao due to security issues. I suggest the problem was there was no means to act swiftly in the case of the known problems.

        It’s hard for non programmers to understand the difficulty for a human being to consider every possible consequence of a piece of code in every possible state of the system. Even proof of correctness techniques used today fall short of considering every possible consequence of all possible inputs. This brought to mind a ditty that circulated the internet and was published in Info World back in 1983.

        “No program is perfect,”
        They said with a shrug.
        “The customer’s happy–
        What’s one little bug?”

        But he was determined,
        The others went home.
        He dug out the flow chart
        Deserted, alone.

        Night passed into morning.
        The room was cluttered
        With core dumps, source listings.
        “I’m close,” he muttered.
        Chain smoking, cold coffee,
        Logic, deduction.
        “I’ve got it!” he cried,
        “Just change one instruction.”

        Then change two, then three more,
        As year followed year.
        And strangers would comment,
        “Is that guy still here?”

        He died at the console
        Of hunger and thirst
        Next day he was buried
        Face down, nine edge first.

        And his wife through her tears
        Accepted his fate.
        Said “He’s not really gone,
        He’s just working late.”

        — The Perfect Programmer

        Every programmer related to that story.

        Thankfully there is hope. Synereo is innovating a new blockchain technology that does both static compile time verification and formally constrained behavior at run time based on mobile asynchronous process calculus. Instead of telling the computer how to do something we specify the desired behaviour formally constraining the program to product the required outcome. If for example there is a possible deadlock situation that might occur, the program would not even compile. Traditionally, these situations are often not found until they actually happen and the cause may never be found.

  3. I think that if your system is still is in some kind of ‘beta’ version, you are not breaking any foundational ideas by a re-start.

    The systems must allow for mercy and human intervention where necessary. This has to be built into the system, of course. If that was overlooked, then again, your first priority is to get the system running properly, so that it can uphold and enable the ideals you’ve set out for it.

    There is an analogy with the counter-intuitive action of a mother putting on her own oxygen mask in a plane emergency, before helping her child. The reason is that the child cannot be depended upon to take the role of helping its mother if she passes out. In that case, both may die.

    So, you want to save the principles? Save the system first, or they both may die.
    The system had flaws, and therefore already not operating according to principles.
    Fix them, and get back to operation.

  4. I’m concern with one thing: repetition. As far as I can see, they never asked the community about how to proceed in this case, they just made a bailout. Can we imagine the point that Bitfinex ask Poloniex to shut down the exchange because they had an attack? If we can’t imagine, that’s because the way we perceive bitcoin is different and today, I realized Vitalik is acting in a centralized way.

    In short terms, they did the right thing because they trying to protect the users but in a long term, how can I be so sure Vitalik is not using this strategy to look my contracts or censoring me? Please, don’t give the bullshit theory of “Vitalik can be trusted” or sort of. That’s why I love cryptocurrencies: because I don’t have to trust people, I trust numbers. They made something very dangerous in a long term. Period.

  5. Vitalik and the ethereum development team can act on it’s own or do a consensus and see what the majority want, from a certain point of view a bailout is logical and possible as it’s not the DAO money it’s the investors money. Whether this will happen again it’s something that we cannot predict. But if they are breaking the fundamental principal of decentralization to fix a mess that’s entirely up to them but I believe that as long as ethereum isn’t mature enough it’s better not to risk a lot of money on it it took Bitcoin sometime to reach the maturity level where it is ethereum is still young as a project and needs time to evolve maybe the future of smart contracts is good maybe it’s not only time would tell.. For now implementing formal verification and secure code is probably the most crucial that needs focus the rest is going to come on it’s own

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>