Category Archives: Distributed Autonomous Organization

Shock Report: “Smart Contracts” Are Subject To Interpretation

To hear enthusiasts for “Smart Contracts”, they are magic. The meaning of the contract is enshrined in code, and executed by computers. Cryptographic signatures and blockchain protocols assure that the contract is executed correctly and honestly. Once written, no human intervention is needed or, indeed, possible.

Entire businesses are created on this basis, so called Distributed Autonomous Organizations. Once created, these DAOs chunk along mechanically, executing business “autonomously”. No one disagrees about the results, mistakes and conflict are not possible.

This is better than magic. It’s the magic of capitalism raised to the power of magic!

What could possibly go wrong?

In the very drafty basement of this castle in the air lies the claim that these executable contracts are not only always and completely correct, but also accurately and unambiguously express the intentions of the humans involved.

The former would be an historic first in the history of software, and the latter would be an historic first in the history of human thought.

You don’t have to take my word for it.

This month, the International Swaps and Derivatives Association (ISDA) issued a whitepaper, “Smart Contracts and Distributed Ledger – A Legal Perspective” [1]

The ISDA is a group that publishes standards for contract language for derivative contracts. These people define what “is” is, and what “means” means.

With all the nitter-natter about doing derivatives trading using executable “contracts” on a blockchain, the ISDA has taken up the question of just hos “contract-y” these so-called contracts may be.

The report is rather long and dry, and generally extremely well thought out.

The key point probably is:

Certain operational clauses within legal contracts lend themselves to being automated. Other non-operational clauses – for instance, the governing law of a contract – are less susceptible to being expressed in machine-readable code. Some legal clauses are subjective or require interpretation, which also creates challenges.” (p. 3)

Basically, some “smart contracts” are simple bits of code that do something. But an actual derivative contract has a lot more in it that “operational” clauses, and you can’t leave them out. Furthermore, it’s those “non-operational” parts that are the subject of interpretation and dispute. Very few law suits are about account numbers or dollar amounts, they are always about whether and how rules apply.

The bottom line is that “smart contracts” will be subject to interpretation and dispute, period. The question is how to make them work well.

It is important to note that the ISDA report is talking about contracts in the legal sense of the word, an agreement recognized by law. While enthusiastic techies may imagine that they can declare their code to be outside any conventional legal system, it is generally the case that judges will decide what they have jurisdiction over. Code that isn’t recognized in a jurisdiction is probably not a contract in that jurisdiction, no matter how cunning it is.

Which means that the ISDA’s opinion is relevant, to say the least.

The “non-operational” language includes common phrases such as “good faith”, and “ordinary practice”. The report points out that these terms are intended to be subject to interpretation, if only because it is never possible to state all possible future conditions. They also point out that these terms may be interpreted differently by different authorities, which is why it is important to specify which authority will rule.

The report suggests hybrid contracts, part of which are machine executable, and part of which are interpreted by humans. This will require standardization of executable contract code, so the contracts will work everywhere. In short, the report concludes that ISDA has a critical role to play.

  1. International Swaps and Derivatives Association, Smart Contracts and Distributed Ledger – A Legal Perspective. 2017.


Cryptocurrency Thursday

Coindesk’s Crypto “Consensus 2017”: Lot’s Of Talk, Not Much Consensus

Last month saw Coindesk’s “Consensus 2017”, one of, if not the biggest Cryptocurrency and blockchain conferences. Everyone who is anyone was there (well—not me). It’s all too much, I can’t even work through the Coindesk reports, let alone all the presentations, panels, and demos. (Coindesk’s summary recap is here.)

There was a lot of excitement, although I haven’t seen much new technology or actual businesses. The promised land is still just over the horizon, as it has been for several years.

Even the generally enthusiastic Coindesk recognized some of the excess, with headlines like . “Consensus 2017: Even Academics Can’t Keep Pace With Blockchain Change”. A report on the separate Ethereum-centric Ethereal Summit has the memorable headline, “’Spiritual Experience’: Hot, Wild Ethereum Summit is Sign of the Times” <<link>> Castor comments,

If there were a sign that blockchain may be overhyped, or that the industry is in the midst of a massive bubble, the Ethereal Summit may well have been it.


The most significant news from the Consensus meeting itself was a somewhat opaque diplomatic communiqué from the Digital Currency Group, announcing a Bitcoin Scaling Agreement.

This is the latest step in the two plus year-long process that is attempting to deal with the perfectly routine engineering issue of adjusting a data structure to keep up with traffic. This issue has demonstrated the dysfunction of the so-called “consensus” governance of Bitcoin, and has nearly broken Bitcoin into multiple competing currencies.

So, “agreement” would be welcome.

Unfortunately, this grand announcement in fact announced that the same steps agreed to February 2016, which were never executed. This group has endorsed a plan that has been languishing for more than a year. (And there is no implementation in sight.)

As Coindesk reports, the underlying technical, business and political issues remain. The technical issue is pretty straightforward, but there are many people and companies using the protocol and network, and their interests conflict.

The decentralized decision-making process has been unable to find sufficient common ground to date, and has exposed deep divides in the “community”. The standard “consensus” process in such a case is for dissident factions to “fork” and do their own thing. That would mean two or more incompatible versions of Bitcoin, multiple protocols and virtual networks. This kind of fork works (sort of) for software, but isn’t a great model for what is supposed to be a universal shared resource.

So, things are not only “hot and wild”, but also on fire and adrift. (And QC will cause it all to fall down with a big thud within a couple of years.)

“It’s doomed, I tell you. Doomed!” 🙂

  1. Amy Castor,  Spiritual Experience’: Hot, Wild Ethereum Summit is Sign of the Times Coindesk.May 20 2017,
  2. Digital Currency Group. Bitcoin Scaling Agreement at Consensus 2017. 2017,
  3. Pete Rizzo and Alyssa Hertig Bitcoin’s New Scaling ‘Agreement’: The Reaction Coindesk.May 24 2017,


Cryptocurrency Thursday

A Bad Idea Implemented with A Bad Idea

Let’s be clear. I find gambling to be boring and stupid myself, and I don’t admire gambling businesses that are built the weaknesses of people. Casino and other on-site gambling is a bad idea, but at least it gets people out in the world a little bit. Online gambling is a really, really bad idea, enabling people to feed their worst inclinations in the privacy of their own home.

You won’t b surprised that I’m not a big fan of the new initiative by an opaque company called Better Gaming, who are building an Ethereum Slot Machine: a slot machine that uses Ethereum smart contracts.

The innovation here is that this game is running entirely in a smart contract. No servers are required to operate the game, unlike existing online casinos.

Running “entirely in a smart contract” isn’t quite accurate: there is no server, but much of the logic runs on your local device.  However the logic of the gambling machine is implemented with smart contracts, which is the main point.

Readers of this blog know that I have a low opinion of “smart” contracts, Ethereum or otherwise. So, I’m especially excited to see this poorly designed technology used to implement the inherently bad idea of a slot machine. Not.

Obviously, the game itself isn’t innovative. They have gone to great trouble to replicated the behavior of these ubiquitous one-armed bandits. The “innovation” is to eliminate the server, in a fully decentralised and provably fair.” system.

For once, this Distributed App (Dapp) is actually solving a real problem: trusting your online gambling provider not to cheat is, well, a gamble. Gamblers can’t win, but they want to lose honestly.

The game’s logic has to be wholly processed within the smart contracts so that anyone who wants to can see that the game is playing by the rules and can’t cheat

Of course, they are also “solving” another problem, how to run an unregulated gaming operation, “off shore” from everywhere. Cryptocurrency is, if nothing else, a perfect digital “poker chip”, easy to move around, and not tracked by annoying tax agencies or vice squads. This slot machine isn’t taxed or regulated, and all the money goes…who know where it goes?

To give them their due, there are a couple of legitimate technical innovations in this product (at least according to their write up).

First of all, they made the user app asynchronous from the blockthain. It’s extremely important to give instant gratification to the lab rat gamer, and the blockchain has too much latency to always respond instantly. So they worked out protocols to mask the delay, presumably with caching on your local device. This is a significant achievement, and certainly caught Corin Faife’s attention in Coindesk. If this is successful, it may be a model to emulated by every Dapp.

A second technical feature is the random number generation (RNG). As Donald Knuth pointed out all those years ago, “Random numbers should not be generated with a method chosen at random.” [2] This group uses the blockchain with its pseudorandom hash in its random umber generation. I’m not sure what their method is, exactly, but this is a rather clever idea because the hashes are already very solid pseudorandom numbers.


Overall, this is yet another example of how bad ideas sometimes inspire brilliant software. This sounds like it will be a very solid implementation of a bad idea (a digital slot machines), and it will make excellent use of a bad idea (Distributed apps using Ethereum contracts), with some creative technical wrinkles. Sigh.

One sign that this is technology whose time has come: the Better Gaming  folks are already making legally licensed online games, and presumably making money.  Yet they believe it is worth building with this new tech, even though they are well aware that the powers-that-be will not easily approve it.  They should get credit for a gutsy technical gamble, and it shows just how promising this technology is.

it’s so new that we don’t expect regulators to fully grasp nor appreciate the implications overnight and there will need to be lots of discussion and negotiation before existing gaming jurisdictions license such activity.”

  1. Corin Faife, Watch This Ethereum Slot Machine Make Payouts in Real Time. Coindesk.April 21 2017,
  2. Donald Knuth, The Art of Computer Programming: Vol. 2: Seminumerical algorithms (3 ed.). Boston, Addison-Wesley, 1997.
  3. Jez San, 1st Demonstration of real-time casino games built with Ethereum Smart Contracts, in Medium. 2017.


Cryptcurrency Thursday

2016 Roundup: Cryptocurrency & Blockchain

In my continuing effort to follow developments in cryptocurrency and blockchains, I posted some three dozen items to this blog on the topics of cryptocurrency, blockchain technology, “smart contracts”, and the sociotechnical communities around these technologies. (Click on the tags above to retrieve posts on these topics.)

This year featured some dramatic illustrations of the inherent weaknesses of the “distributed consensus” mechanism for governing real world systems where money may be on the line.

As I wrote in July, it has been a master class in how things can go awry.

The Ur-cryptocurrency, Bitcoin, remains paralyzed by the inability of the “consensus” mechanism to move forward on perfectly ordinary engineering problems. The “one-cycle-one-vote” approach has proved n practice to concentrate wealth and power, in a way that can block changes that would benefit the network and community as a whole. (However “innovative” this technology aims to be, it has not “disrupted” this familiar pattern.)

As I put it in July, Bitcoin is on the brink, and remains in peril of disintegrating or fading from use.

At the same time, Ethereum acted out a different malfunction. Despite authoritative warnings, the distributed autonomous organization called (confusingly) “The DAO”, rushed into service. I wrote a post predicting disaster and queued it to be published the next day. Before my post appeared, the DAO was fatally hacked, as predicted. The DAO crashed and took Ethereum with it.

While Bitcoin has been paralyzed by “consensus”, Ethereum went another way and a small group responded to the catastrophe with a series of dramatic fixes. The changes had the effect of rewriting history to undo the “bad” transactions, which completely undoes the fundamental principle of the blockchain.

These actions were controversial, and the “consensus” mechanism led to a split into old and new, patched and unpatched versions of Ethereum. Sigh. Once over the Rubicon, Ethereum has done a patch a month, each one basically rewriting history or changing the rules to fight off attackers.

With these vivid examples of how blockchain and cryptocureny technology can go off the tracks, it is scarcely surprising that many of the serious players are examining “private” blockchain systems which are technically similar but may feature different governance processes. Serious development is occuring in Fintech and Supply chains and so on. Grown up stuff, for sure.

All this makes the headlines about Bitcoin’s “price” (i.e., exchange rate against the US dollar) seem silly—which it basically is.

Cryptocurency and blockchain technology is growing up, and I think we will continue to see more developments of blockchain technology (and related “smart contracts”), but most likely in the context of “permissioned” or private blockchains, run by coalitions of organizations with governance based on establishing trust and authenticity. This is not your father’s blockchain, and that is a good thing.


Cryptocurrency Thursday

Formal Verification for “Smart Contracts”?

Speaking of formal verification of software, I note that in the blockchain community, “smart contract” enthusiasts are now discovering that they might need some serious rigor in their executable contracts. A few slight problems, such as the complete collapse of The DAO, due to, well, logical bugs in the “smart” contracts.

The goal of “smart” contracts seems to be to eliminate those faulty and dishonest carbon based units, in favor of the cold, clean, logic of machine code. In their naïve enthusiasm, many people seemed to think that a Turing complete language is a good thing for these contracts, apparently knowing little about formal logic or languages.

Anyway, most people now realize that writing executable contracts is difficult, and, no matter how smart you think you are, you probably can’t write perfect code, at least not without assistance. So, let’s use formal verification to, as Pete Rizzo puts it seek “smart contract certainty”.

Rizzo is reporting on the Ethereum developers summit , which was said to be a lot more sober this year, after their catastrophic spring. Rizzo indicates that multiple speakers discussed formal verification, “as a way to inspire confidence” in the software and protocols.

They are certainly correct that formal logic must play an important role in this technology, and I suppose that it might be a valuable sandbox for formal tools. (Of course,  this is hardly news to Wall Street.  Financial wizards already employ clever logicians, who don’t really talk about what they do to earn their millions.)

My own view is that formal logic may help reduce stupid bugs, though it will generally make the systems opaque beyond human comprehension. This is a really bad thing for the overall goal of assuring that the contracts do what the people want them to, and any confidence in such systems may well be misplaced. If you can’t understand it, how can you trust it?

As the joke goes, “Let me make you an offer you can’t understand”.

In any case, these contracts must exist in the real world, which is neither on-line nor formally verified. I think that the big problem with many financial systems isn’t that the contracts aren’t executed accurately, but that the contracts are rigged by the rich to rob the poor. Automating the process is scarcely a solution to that problem, at least not for us poor people.

It will be interesting to see what can be done in this area. Can you actually create “provably correct” executable contracts that (a) are believable and (b) do something nontrivial.


Cryptocurrency Thursday

Platform Cooperativism and Blockchains

I’ve been more than a little worried about people interested in building a democratic “sharing economy” who fervently embrace blockchain technology, and most troubling of all, enthuse about distributed autonomous organizations (DAOs).

The attraction isn’t difficult to understand: blockchains are open, decentralized systems that cannot be owned or controlled by corporations or states. They also work by “consensus”, which certainly sounds like the political structures envisioned for post-capitalist society.

So, some say, let’s build our new platform cooperatives using blockchain technology, and organize as a DAO or similar.  A better world, and technically sexy, too!

To directly quote one example, Backfeed (“A Social Operating System for Decentralized Organizations”) “relies on blockchain technologies to provide an indirect coordination mechanism for people to collaborate and cooperate, without the need for any intermediary authority or centralized agency.”   This is, as they imagine it, “decoupled from the rigidities of hierarchical structures.

What’s wrong with this idea?

This month Mitar Milutinovic posted a thoughtful comment at “The Internet of Ownership” blog, on one of the key points: “One Person, One Vote or One Dollar, One Vote and Blockchain”.

He points out that the same terms and concepts of “democracy” are used to describe popular democracy (one person, one vote) and shareholder democracy (one dollar, one vote). A small-d democrat can favor one, the other, or both forms of governance, and each might have its place in some circumstances. But they are scarcely identical, and, indeed, may have conflicting or opposite results.

The point, of course, is that Nakamoto-style “consensus” is “one cycle, one vote”, which correlates pretty directly to “one dollar, one vote”.  Milutinovic warns that “we have to be wary of attempts of everything being transitioned to this type of voting because we might lose true democracy of “one person, one vote” without even noticing. This is often not conscious and is just a consequence of uncritically applying blockchain technology to the problem.”

He points out that blockchain based “one dollar, one vote” are just as susceptible to concentration of power as any other, which has been seen in the governance troubles of the Bitcoin and Ethereum networks.

He concludes that “we have not really solved the problem of a decentralized true democracy where each user person would have only one vote and where we would have an open membership. We still do know how to do achieve both at the same time.”

In short, blockchain technology “solves” this problem by substituting a form of populist plutocracy for democracy, which is not really a solution at all.

Yes, indeed. He’s nailed this point nicely.

I would add that the model of “consensus” used by blockchain based systems is a very peculiar form of “agreement”, based on secession and/or segregation. “Agreement” via “separate but equal” networks. This is a dark and dangerous twisting of the language of “democracy”, and seems to be based on a poorly thought out, nihilist rejection of the possibility of human agency.

As Vlad Zamfir put it to IEEE Spectrum, faced with the failures of human governance, people are turning to the blockchain to be “a tool that we put outside of our jurisdiction in order to have it govern us.”  The whole idea is to create an ungovernable robotic system, “operating solely with the steadfast iron will of unstoppable code(to quote the  web site of the now defunct “The DAO”).

I also have noted that these concepts do not necessarily even work. The concentration of power Milutinovic complains about leads to disastrous mismanagement, as illustrated in the Bitcoin blocksize disaster and the Ethereum DAO catastrophe. I would say that it is not only concentration of power, but also the lack of accountability inherent in the entire idea of “autonomous distributed” decisions. If no one can be held responsible for the results, then it is inevitable that the system will crash under the weight of blocking minorities (Bitcoin) or backroom deals (Ethereum) or other variants.

As Milutinovic says, “when somebody talks about voting, consensus, and democratic decentralized technologies, listen very carefully if they are talking about “one person, one vote” or “one dollar, one vote”.

Hear, hear!


Cryptocurrency Thursday