Category Archives: “Smart contracts”

More on Blockchain for Supply Chains

I have written about the use of blockchain technology for provenance and supply chains. This is, indeed, a reasonable use case for blockchain technology, if not as compelling as some may think.

But in cryptoland, even the most reasonable ideas can inspire gob-smacking nonsense.

Case in point: Pindar Wong writes at Coindesk about “Blockchain’s Killer App? Making Trade Wars Obsolete” [1].  Huh, what?

This is the familiar supply chain use case.  But what does this have to do with trade wars?

Basically, I think there is a dramatic misunderstanding of what the term “Trade War” means. It means national policies that inhibit trade, especially in physical goods.  It has nothing at all to do with the technical operation of markets.

Wong wants “trade warriors” to use blockchain technology “to reduce trade friction and improve cross-border relations”.  But these frictions and relations are fundamentally political, not technical or economic.  And, tellingly, this article is in the context of strategists in Hong Kong exploring “how to fully digitize trade among the 65-plus countries involved in China’s ‘Belt and Road Initiative’.”  The B&RI is the very model of twenty first century trade war, not to mention neo-colonialism.  (I understand why HK is anxious to find a pivotal role in this initiative.)

Anyway, what is Wong actually talking about?  It’s pretty confusing.

One thing he is talking about is simplifying and automating supply chains. This is a familiar use case, though it is usually supposed to assure the provenance of goods. In this permutation, blockchains actually help trade wars, because smuggling is suppressed.

The ”trustless” blockchain requires some form of trust.  In this case, Wong describes model systems deployed in China.  Characterized as “open, bottom-up, opt-in”, they are actually Chinese government approved standards. Naturally the HK group propose extending these to the B&RI.  “Trust us, we’re from Hong Kong.”

Another innovation, indeed the biggest innovation he talks about is moving supply to demand, i.e., shipping raw materials and IP to the consumer, and manufacturing locally, on-demand.  A blockchain would be one way to keep track of the IP and return royalties and so on.  Basically, when I buy a Samsung mobile phone, it is fabricated in a local factory, and part of the sale gets credited back to Samsung via the blockchain.

This is a highly imaginative scenario, but there are a whole lot of questions. Why would an enterprise want to operate this way?  Why would a government let this be done this way?  I don’t really know.

Wong makes a good point that current WTO rules would have trouble dealing with this approach, at least initially.  But I don’t see any overwhelming difficulties.

More to the point, a blockchain is a pretty minor part of the overall picture. This entire scenario depends on some kind of international legal framework, which is the entire point of the WTO. The WTO of some successor will define the legal framework that the blockchain implements.

The whole idea of a trade war is that nation states have their own policies, which discriminate in favor of local interests. Nothing in Wong’s scenario changes this political picture. Replacing the WTO with an opaque Chinese hegemony such as the B&RI, is scarcely a realistic solution, blockchain or no blockchain.

Taking Wong’s overall point, it is interesting to think it is likely that using a blockchain does not make trade warriors “powerless”. In fact, to the degree that blockchains are transparent and trustworthy, they will make it far easier to implement discriminatory trade policies.  In short, nations will be able to use blockchain based provenance to implement “smart trade wars”.

Blockchains will actually empower a new breed of highly efficient trade warriors.

  1. Pindar Wong (2018) Blockchain’s Killer App? Making Trade Wars Obsolete. Coindesk,


Cryptocurrency Thursday

Yet Another “Blockchain for Provenance” System

In the short decade since the Nakamoto paper [5] cryptocurrency enthusiasts have put forward a variety of use cases for blockchains and cryptocurrencies.  It is notable that most of the exciting use cases aren’t actually in the canonical paper itself, and most of them have yet to prove out in the real world. (And the most successful use cases are the ones not put forward as good examples–extortion, dark commerce, money laundering, etc.)

One of the perennial favorite use cases is Provenance:  tracing goods from source to consumer.  For companies, this is “logistics” or “supply chain”, for ordinary consumer this is about quality control.  This the same problem that scientists (and anyone) faces with data quality—where did this data come from, and what has been done to it?  In the latter form, this is called “provenance” and we were struggling with solutions a long time ago (before Nakamoto, Ante Bitcoin) [3].

This month yet another company touted this use case at the Ethereal Summit in NYC [1] .  The presentation by Viant traced a Tuna from Fiji all the way to the conference sushi plates.  Tagged with RFID, records of the sales and transportation of the fish are on the Ethereum blockchain, so everyone can check that the fish they are eating is “moral”. (How it can be “moral” to harvest increasingly rare wild animals and fly them half way around the world beats me.)

This is the yuppie version of Provenance (making sure that my luxury goods are authentic and “moral”), but the technology is the same as any supply chain.

Looking at Viant’s web site, they seem to have a reasonable grasp on the problem.  They have a logical model of provenance that includes “four pivotal aspects of an asset: Who, What, When, and Where”.  The model includes “Actors” and actions, and “Roles” that define permissions.  IMO, this is the right stuff (See [3]) .

They also have RFIDs to tag and geo track, and apps to implement operations (e.g., sales to distributors).  These are certainly the right technology, and they are lucky to have ubiquitous mobile devices and “the cloud” to implement these concepts we pioneered in the late twentieth [4].

So what does blockchain technology bring to the table?

First of all, it is used as a shared database, essentially a bulletin board.  The cryptocraphically signed and immutable records provide an unfudgeable trace of the object’s life.  And the blockchain is available to anyone, so ordinary consumers can get the authenticated traces of the object. (More likely, any third party can create apps that deliver the information to consumers – no normal person monkeys around with the blockchain itself.)

The second feature is the use of Ethereum “smart contracts” to process the transactions. This technology lets the company post standard scripts for, say, transfer of an asset. The script is available anywhere, and executes the same way for everyone.

These features are, of course, available from conventional databases and file systems as well.  But the Ethereum blockchain is available to everyone, and is maintained by the Ethereum network rather than dedicated servers.  This is the third advantage of the blockchain—deployment (no need for server farms), availability (no server access required) and maybe cost (TBD).

It is interesting to point out one feature of Nakamotoan blockchains that is not really used here:  trustlessness.  While the system boasts that it is decentralized and therefore “trustless”, this is misleading.

Provenance is literally all about trust. The point of tracing the object is to assure that it is what it is supposed to be, and that requires knowing who did what, etc.  Furthermore, it needs to establish a trusted trace, with each actor and action attested by a trusted source.

Using a blockchain, or, indeed, any digital system, is not sufficient to achieve this.  The company will tell you this.  The RFID can be removed or destroyed.  Actors can make mistakes or be suborned.  On the blockchain, false records look the same as correct records (and can never be removed).  Trust involve real world protocols, including authentication of identities.

In this area, the blockchain may actually be a liability. The “trustless” data cannot be trusted.  Part of what the company is doing with the “smart contracts” is overlaying a network of trusted records on the trustless blockchain.

There are other potential draw backs of using a blockchain in this use case.

Let’s talk about privacy.  Think about it. It’s not clear just how “moral” it is for anyone in the world to know where every bit of sushi came from and ended up.  Individual fishing captains don’t necessarily want any kid on the Internet snooping on their business, not to mention rival captains and possible criminal gangs.  And the caterer doesn’t necessarily want random people, competitors, or criminals tracking their business. And so on.

Second, there is no way to correct mistakes. Even if the software is always correct (which is unlikely), people make mistakes and are dishonest. If bad information gets onto the blockchain, it can’t be removed or corrected.

So, imagine that a bad actor somehow gets a bunch of bad fish entered as OK fish.  The blockchain shows that this is “moral tuna”, even though it isn’t.  Even if we find out about the fraud, the blockchain could still have the evil records forever.

One last point.  Viant is one of I don’t know how many companies trying to implement this kind of Provenance.  With all these variations out there, it will be extremely important to have interoperability standards, so you can combine tracking from a number of sources.  (See the W3C PROV working group.)

Using standards would seem to be both obvious and compatible with the philosophy of decentralization.  After all, if the only way to do tracking is to use Viant’s proprietary data model and software, then a key advantage of the decentralized blockchain is out the window.

Overall, Viant and others are doing the right thing.  It remains to be see whether using a blockchain will be a net win or not.  And all of them should implement the standards we started developing back at the turn of the century.

  1. Alyssa Hertig (2018) Moral Food: A Fish’s Trek From ‘Bait to Plate’ on the Ethereum Blockchain. Coindesk,
  2. Robert E. McGrath, Semantic Infrastructure for a Ubiquitous Computing Environment, in Computer Science. 2005, University of Illinois, Urbana-Champaign: Urbana.
  3. Robert E. McGrath and Joe Futrelle, Reasoning about Provenance with OWL and SWRL, in AAAI 2008 Spring Symposium “AI Meets Business Rules and Process Management”. 2008: Palo Alto.
  4. Robert E. McGrath, Anand Ranganathan, Roy H. Campbell, and M. Dennis Mickunas. Incorporating “Semantic Discovery” into Ubiquitous Computing Environments. In Ubisys 2003, 2003.
  5. Satoshi Nakamoto, Bitcoin: A Peer-to-Peer Electronic Cash System. 2009.


Cryptocurrency Thursday

Ethereum Contracts Are Buggy!

CryptoTulip of the Year for 2017, Ethereum is still thrashing around.  It seems like there is another great idea for totally remaking the system every week or so.  Indeed, sometimes there are so many ideas flying around it is hard to see how it can all stick together in a single system.

Nevertheless, confidence and enthusiasm remain high, even though they still haven’t figured out how to deal with last year’s big “oopsie” that left millions of dollars worth of Ethereum unreachable.

Personally, I don’t really think that a gang of unelected philosopher kings is really going to solve the problem.  (Plato advocated this back in the day, but it has never worked as advertised.  “Wise dictators” are usually just dictators.)


Meanwhile, out in the real world….

Several exchanges reportedly have “paused” Ethererum contracts in response to reports of bugs. In fact, they basically stopped support for the problematic ERC-20 protocol completely.

Wow!  Crypto exchanges acting almost like real, grown up businesses!  What a concept!

Of course, I have to wonder, “why now?”

The particular bugs in question are just the latest of a long line of such bugs. So why were they allowing ERC-20 in the first place?

All snarking aside, this development actually raises some very important points.

First of all, the bugs in question aren’t necessarily a flaw in the protocol, they are mainly just bad programs.  There will always be bad programs.  There is no such thing as a bug free programming language, and there can never be one.  If using Ethereum contracts depends on all contracts being correct, then it will never work, it can never work. Never.

Second, despite the decentralized protocol, and the fact that “no one” is in charge, in the real world the end-to-end system does have people in charge, and can respond to problems. In this case, the operators of the exchanges have intervened to protect their customers and their business.

Unfortunately for some users, the response is a draconian ban on the whole ERC-20 protocol. In this case, I don’t see much alternative.  It’s impossible to really tell if some ERC-20 contract is a problem or not.

Third, note that just because the blockchain is decentralized and immutable doesn’t mean that everyone has to agree on what to do with it.  The ERC-20 protocol and code is still there, indeed, it will be there until the heat death of the universe. But a lot of people can’t use it because their exchange does not honor the protocol.  Ironically, the “decentralization” that assures there is no one who can “censor” the blockchain, also assures that there is no one who can “censor the censors” of the blockchain.

This kind of behavior could be problematic in the long run. If part of the network accepts some contracts and not others, then how can anyone really use the system.  This is sort of a really soft ‘fork’ that effectively splits the network Even though there is a single technical system, it is used differently by different sub networks.

Ethereum is certainly pushing hard to repeat the CryptoTulip of the Year in 2018!

  1. Nikhilesh De (2018) Crypto Exchanges Pause Services Over Contract Bugs. Coindesk,
  2. Rachel Rose O’Leary (2018) Ethereum Infighting Spurs Blockchain Split Concerns. Coindesk,
  3. Rachel Rose O’Leary (2018) Ethereum Is Throwing Out the Crypto Governance Playbook. Coindesk,
  4. Rachel Rose O’Leary (2018) Ethereum’s Dialogue Divide Is Slowing Answers to Its Toughest Questions. Coindesk,


Cryptocurrency Thursday

Ethereum in Space!

Cryptocurrencies have attracted far thinking people, including utopians ideas of “disrupting” money.

But the farthest thinking must involve getting off the planet or even out of the solar system altogether.

NASA is tasked with thinking about and developing concepts for space exploration, and they are certainly aware of the need for decentralized protocols.  NASA missions, by definition, go far beyond Earthbound infrastructure, not to mention beyond the possibility of direct human control.  (Even human spacefarers can only control things within a tiny sphere.)

Many research teams are investigating autonomous systems, which can operate without direct programming from Earth.  This year, Professor Jin Wei Kocsis  of the U. of Akron is looking at Ethereum “smart contracts” as a model for part of the system [2].

[T]his project intends to develop a resilient networking and computing paradigm (RNCP) that consists of two essential parts: (1) a secure and decentralized computing infrastructure and (2) a data-driven cognitive networking management architecture.

Ethereum is a decentralized more-or-less secure infrastructure, with both storage and computation.    Ethereum-style executable contracts are decentralized and Turing complete.  One could imagine Ethereum nodes on a constellation of loosely cooperating spacecraft, and one can imagine Ethereum contracts executing in such a network.


As Samburaj Das remarks, “Details remain slim” [1].

But we can speculate.


The overall goal is “autonomous” spacefaring, i.e., pushing as much sensing and decision-making to the spacecraft.

I hope to develop technology that can recognize environmental threats and avoid them, as well as complete a number of tasks automatically,”  Professor Jin Wei Kocsis quoted in [1]

Reading between the lines of the abstract, it seems likely that the system is expected to incorporate data from many sources, e.g., from planetside radar and swarms of spacecraft.  In such a scenario, the spacecraft needs to get data from many sources and automatically combine and filter it to keep a current assessment of hazards and possible responses.  It is also possible that the assessments (i.e., the computations) might be shared, so the whole system can learn and refine awareness of the whole area.

The scenario I describe is often solved using some form of shared memory, e.g., as a scratchpad or chalkboard shared among many nodes.  Clearly, a blockchain can function as such a shared memory, with the advantage of being completely distributed and robust regardless of nodes dropping out or communication problems.  Ethereum executable contracts offer the additional advantage of distributed computation, which can filter and analyze data on the blockchain.

This is surely the essence of how Ethereum will be used, presumably integrated as storage for their control algorithms.

There are other features of Ethereum that may or may not be important or even relevant for this project

It is possible that the cryptographic signatures may be useful as well.  Data on the blockchain is signed and can’t be fiddled with.  Cryptographic signatures mean enable the network to potentially detect and ignore intruders, errors, and false signals.

Speculating further, it is possible that the Nakamotoan distributed consensus mechanisms may be useful in the event that not all nodes are known or trusted.  The blockchain is a ledger designed to be trustworthy without relying on specific nodes to be correct or honest.  Out in space for years with no supervision, being able to trust the data even if you can’t trust the network nodes is probably valuable.

In summary, there is certainly a case for a distributed memory, and something like Ethereum is a useful testbed for these ideas.

On the other hand, I’m not sure if the currency aspects of Ethereum will be particularly useful, or if so, how.

I wonder if the incentives for miners make sense for this use case.  Would autonomous spacecraft want to operate as miners, or would they rely on other nodes (e.g., motherships and dirtside servers)?  It seems unlikely that the energy budget of a spacecraft can afford the costs of mining.

In the case of Ethereum, there is also the question of “gas” to run contracts.  This is extremely important for the correct operation of executable contracts (among other things, it assures that a contract will not run forever).  How are autonomous spacecraft going to be provisioned with Ether to buy gas?  Surely it isn’t reasonable to upload Ethereum coins from Earth.

Perhaps they going to buy and sell data or other services with their peers?  Maybe.  But this seems kind of out of scope, and potentially a huge resource hog for a very constrained system.  (It would be bad to be churning away doing some kind of micro transactions, and not have enough CPU time to actually do the navigation, no?)

(Combining these two possibilities:  maybe the spacecraft will charge for downloads.  “You want the data I collected?  That will be 100 ETH, please.”)

I imagine that these questions are some of the things the research will investigate.

Let me be clear. I know that Ethereum is just a testbed, not proposed to actually use on a mission.

It isn’t likely (or even possible) for Ethereum to be used in real spacecraft.

But Ethereum can help identify the features for a distributed storage and computation system that could be used.

I’ll add that distributed algorithms and storage are scarcely new to NASA.  NASA has been exploring these architectures for a long, long time [4,5].  Nevertheless, it is very interesting to see how these contemporary systems might be applied to specific missions.

  1. Samburaj Das, NASA Researches Ethereum Blockchain Tech for Deep Space Exploration, in Ethereum News. 2018.
  2. Loura Hall, RNCP: A Resilient Networking and Computing Paradigm for NASA Space Exploration, in NASA -Early Career Faculty Awards. 2017.
  3. Alex Knisely, Researcher and NASA work to help spacecraft avoid floating debris, in University of Akron – News. 2018.
  4. J. Russell Carpenter, Decentralized control of satellite formations. International Journal of Robust and Nonlinear Control, 12:141-161, 2002.
  5. Wei Ren and A Randal Beard, eds. Distributed Consensus in Multi-vehicle Cooperative Control: Theory and Applications. Springer Publishing Company, Incorporated: London, 2010.


Space Saturday

Tracking Bitcoins, Mitigating Evil

Bitcoin was designed to be difficult to regulate, in the same way that gold is difficult to regulate. Possession (of a private key) is ten-tenths of the law as far as Bitcoin is concerned, and it can be very difficult to tell exactly how a particular Bitcoin came to be possessed by a particular individual.

This relative opacity is one of the properties that makes Bitcoin and other cryptocurrencies so attractive for criminals, extortionists, tax evaders, and dark markets.

From the point of view of believing Nakamotoans,  untraceability is a feature.

From the point of view of the law and society in general,  opacity is often considered a bug. Civil society in general has little appetite for unregulated financial systems, so Bitcoin will never succeed unless it can be brought into civil society and the rule of law.

This month researchers at Cambridge University describe how an old legal principle might be applied to Nakamotoan cryptocurrency to rein in abuses and “make Bitcoin legal” [1].

The researchers point out that many Internet technologies have been put forward as “outside the law”, but this is an assertion not a fact.  The fact is that “the law” decides what the law is and how it is applied.  No one gets to simply secede from the legal system, at least not without resort to pure power politics.

“we have repeatedly seen a pattern whereby the promoter of an online platform claims that old laws will not apply.”

“The key is making online challengers obey the law – and the laws may not need to change much, or even at all.”

In the case of Bitcoin, the researchers explore how conventional financial controls, especially anti money laundering rules, could be applied to Nakamotoan cryptocurrency.  They conclude that it is surprisingly straight forward and does not require changes to the network protocols.  I.e., the legal system can adapt to cryptocurrencies as they stand now, without any cooperation or consent from programmers or users.

There is a common legal principle that one may not profit from the fruits of crime.  Similarly, you cannot receive goods from someone who does not legitimately own them.  If someone gives you a stolen coin, it must be returned to the original owner (and you may well be out of luck).  Thus, it is very important not to trade in ill-gotten goods.

It is often the case that the monetary fruits of crime are passed along mixed in with other money.  In the case of Bitcoins, this kind of mixing occurs rapidly and across the whole Internet.  This presents a dilemma for the law.  The funds are “partly” stolen, but which part can be confiscated?

The Cambridge team discusses the history of this problem.

Theft and misuse of Bitcoins are a significant issue, to the point that even most Bitcoin users are concerned.  If there is a significant risk that your assets may be stolen (or misplaced), with no possible recourse, then cryptocurrency is unattractive for many uses.

Philosophically, Nakamotoans generally do not want government guarantees (e.g., registration of ownership) or other conventional mechanisms for protecting assets.  An alternative would be for courts to enforce rules, e.g., to allow recovery of stolen or extorted Bitcoins.  But how would courts adjudicate such a case?

In the past, the general legal approach has been to consider the funds “poisoned” by the presence of illegal money.  Someone who holds the funds will have to pay a penalty proportional to the illegal funds.  This stands as a deterrent to dealing in potentially “toxic” assets.

One way to do this is to consider all the money to be N% illegitimate, i.e., to confiscate part of the value of the whole batch.  This approach can be used with Bitcoin, though it is a blunt instrument.  Anderson et al. indicate that a very large proportion of Bitcoins would be touched by such “pollution” (5% in one sample–one in every twenty!)

They propose an alternative mechanism that echoes an approach used in nineteenth century English law:  First-in-first-out.   The idea is to trace the flow of coins and to assign an order to each transaction.  The first coin taken out of an account is equated to the first coin put in, and so on.  When a stolen coin is spent, that transaction is identified and the payment is illegal.  This is a sort of “reverse lottery” – an unlucky user ends up losing.

This approach is much more precise way to identify and deter accepting ill gotten money.  The paper argues that this is quite possible with Bitcoin, using the public blockchain and crime reports.  Furthermore, the FIFO principle works even when “mixers” are used to conceal the origins of the Bitcoins.  In the end, when this legal doctrine is applied, accepting Bitcoins from a mixer risks losing the entire payment in the unpredictable event that you receive coins designated “poison”.

This approach isn’t “centralized”, and it doesn’t break Bitcoin.  It doesn’t even change Bitcoin. It just wraps Bitcoin in a legal framework.  Honest users would have a way to behave honestly (use honest exchanges), crime could be punished, and the system functions as efficiently or inefficiently as now.

“In short, we might be able to turn a rather dangerous system into a much safer one – simply by taking some information that is already public (the blockchain) and publishing it in a more accessible format (the taintchain). Is that not remarkable? “

It is difficult to overstate how important it is for Bitcoin and other cryptocurrencies to get “legal”.  Whatever the technical merits of Nakamotoan technology, it cannot succeed outside the law.

  1. Ross Anderson, Ilia Shumailov, and Mansoor Ahmed, Making Bitcoin Legal. Cambirdge University, Cambirdge, 2018.
  2. Andy Greenberg (2018) A 200-Year-Old Idea Offers a New Way to Trace Stolen Bitcoins.,



Cryptocurrency Thursday

Cryptocurrencies: Yet More Warnings From The Academy

I have noted that the cryptocurrency community has a troubling history of ignoring academic research, even when it ­raises troubling warnings.  In a previous post, I noted that Professor Malkhi warns that the new Ethereum protocol is not secure—and the developers shrug.  And so on.

Now that cryptocurrencies are finally on the academic radar (I’ve been trying to get researchers interested for several years), these incidents are coming fast and often.

IOTA Flaming Out?

 IOTA is an interesting technology that seeks to really implement microtransactions, which they imagine will be useful for the Internet of Things (which they call the “Internet of Ownership”).

As I noted earlier, they whipped up their own hash function, which is a Really Bad Idea ™.   Considering that even half-clever rubes out here in Illinois (me) were aware of this issue as early as last August, it’s quite worrying that they were still using it in December, and then strongly resisted a report of a discovered flaw.  In fact, they accused the academic researchers of fraud and threatened legal action—for daring to report the problem to them.

Not even a shrug, but instead a ferocious counter attack intended to suppress the bad news.


IOTA is a peculiar bird.  They say they want to tackle the challenge of microtransactions which Nakamotoan blockchains really do not handle well.  And they tell the world they are a blockchain / cryptocurrency technology.

But they have no blocks and no chains.  And they have their own weird protocol and until recently, their own home-brew hash function. Notably, the system actually relies on centralized services to work.

They also say they are “open source”, though parts of the system are proprietary.  (Given the experience with the hash function they did publish, I can see that they don’t want people critiquing their code too closely.)

Hmm.  A centralized system with closed source?  That doesn’t seem very blockchain-y to me.

And they are tackling the IOT, which has grievous, deep, and wide security challenges.  Wow!

So what do they have?

They seem to have some technology that is tackling microtransactions (though we can’t really tell what they are doing), and a whole lot of PR.  They seem to be amply stocked with ego, as well.  That part is very Nakamotoan.

Is this something that you would trust?  Probably not.

Ethereum Contracts Have Problems

Ethereum’s “smart contracts” have always been a faith-based technology.  Faith that software can be trusted more than humans.  Faith that people can write error free code. Faith that people on the internet are generally honest.

Since the DAO disaster and ensuing oopsies, you’d think people would lose faith.  But that never happens, and Ethereum was awarded the CryptoTulip of the Year for outstanding achievements in Cognitive Dissonance.

There have been fixes and proposals for improved logic for “smart contracts”, though academic researchers have been trying to climb that particular mountain since Turing’s day.  In the real world, error free programs are so rare as to be unknown.  For that matter, despite millennia of effort, conventional contracts are still imperfect, and always contain escape clauses to deal with disputes and unforeseen developments.  Spoiler alert: “smart contracts” aren’t any smarter than any other contract.

This month researchers from National University of Singapore report a study of Ethereum contracts visible on the blockchain [1]. In general, it is very difficult to analyze the logic of Ehtereum smart contracts because they are complex (running custom languages in the Ethereum Virtual Machine), open-ended (i.e., a contract can call other contracts and services), and execute on any node of the Ethereum  network (i.e., in completely unpredictable environments).

“Contracts are relatively difficult to test, especially since their runtimes allow them to interact with other smart contracts and external off-chain services; they can be in- voked repeatedly by transactions from a large number of users” ([1], p.1)

Instead of logical analysis of each contract, the research studied traces of the contract execution, looking for aberrant behavior that likely reflects a bug.  They examine three patterns that they characterized as greedy, prodigal, and suicidal.

  • ‘Greedy’ contracts lock funds indefinitely.
  • ‘Prodigal’ contracts leak funds to other parties.
  • ‘Suicidal’ contracts are susceptible to being killed by any user.

The comprehensive study scanned over 900,000 (!) Ethereum contracts, executing the logic repeatedly and flagging potential problems.  They found problems in 34,000 (!) some contracts (over 2,000 distinct contracts—there are many replicates in the pool).  Close checking a sample of some 3,000 flagged contracts, they found 89% were confirmed as true bugs.

By my calculation, that’s close to 1 in 3 existing Ethereum contracts that have potentially catastrophic problems.

This is a really cool study.  The researchers likened this to randomly pushing buttons to see what happens, and they heroically pushed all the buttons many, many times.  (Sort of like the current administration’s approach to running the US government.)

It is interesting to note that on the supposedly “transparent” blockchain, less than 1% of the executable contracts had source code available. The study had to analyze execute the bytecodes—which is way harder than analyzing source code.  (But studying the actual bytecodes also revealed bugs in the language and virtual machine that would not be apparent from the source code alone.)

The opacity of these contracts highlights the fact that when you use an Ethereum contract, odds are you are “trusting” the code and other (unknown) people, because you can’t necessarily check the contract. In this supposedly “trustless” system, “faith” replaces “trust”.

Anyway, the result that these contracts contain many serious bugs is scarcely news to anyone who knows anything about programming. In fact, the fact that so many contracts didn’t have problems is really surprising.  Actually, this simply means that there are surely many more bugs that this study wasn’t scanning for.

It will be interesting to see how the Ether heads respond to this report.  My guess is they will shrug.

It is clear that the race for the 2018 CryptoTulip of the Year is wide, wide open.  So much bogosity, so little time to find it all.  But there are more and more competent researchers and actual grown ups investigating the vast acreage of CryptoTulips.

  1. Ivica Nikolic, Aashish Kolluri, Ilya Sergey, Prateek Saxena, and Aquinas Hobor, Finding The Greedy, Prodigal, and Suicidal Contracts at Scale. xariv, 2018.
  2. Mike Orcutt, Ethereum’s smart contracts are full of holes, in MIT Technology Review. 2018.
  3. Morgen Peck, Cryptographers Urge People to Abandon IOTA After Leaked Emails, in IEEE Spectrum – Tech Talk. 2018.



Cryptocurrency Thursday

(Note: This post was edited March 17 to clean up multiple spelling and typos.)

Cryptocurrency Governance: Ethereum Leads The Way

In many ways Ethereum has surpassed the patriarch of the unhappy crypto family, garnering the CryptoTulip Award for 2017 .  As noted in the award, Ethereum is particularly noted for its whipsawing cognitive dissonance.

This week, Rachael Rose O’Leary gives a nice rundown on the dissonance surrounding EIP867, the proposal for a standard process for “returning funds”—by rewriting history [3].

The proposal itself is not especially innovative or radical, at least for most contexts.  But in the cryptoworld, the very idea is deeply contested, and has attracted fierce arguments and resistance.  O’Leary characterizes the dispute as reflecting two different Nakamotoan (Buterine?) principles:

  1. Code is Law
  2. Code is a Process

One of the curiouser concepts coming out of the Nakamotoan tradition is the slogan that “code is law”.  This is the principle underlying “smart contracts”, and the Distributed Autonomous Organizations built on them.  Technically, the idea is that the immutable, “write once” ledger is the sole and final “truth” of the system. If it’s on the ledger, it’s valid, else, not.

Applied to executable contracts, this means that once entered in the blockchain, the code is, by definition, correct—whether or not puny humans agree.  Furthermore, since the code and its results are immutable, they are beyond appeal, at least technologically.

These days, even talking about or planning for the possibility of appeals is anathema to many true believers.

I’ll note that the “code is law” slogan implicitly defines “law” as a set of impersonal, automatic, and immutable mechanical rules.  While humans have never yet achieved the superhuman state of being able to flawlessly write and execute unambiguous rules, some people seem to hope that computer code can provide this sort of “law”.  (The many oopsies already seen in Ethereum certainly raise questions about the supposed virtues of code.  This might have something to do with the fact that code is written by fallible humans.)

The “code is a process” view described by O’Leary is more aligned with the viewpoint of users, and with the notion that the code is there for a purpose and the purpose is “the law”.  In particular, the ledger and executable contracts are there to fulfill the intentions of the users.  From this point of view, tf and when the code does not meet the intentions of the humans, it is the code that is wrong, not the puny mortals. In this world, the mechanized processes (“the code”) are part of an overall system, not the ultimate and complete definition of it.

This “code is process” view is, of course, pretty similar to conventional business and engineering practices.  Inevitably, the determination of “correct” results depends on the opinions of the humans involved.  There may be quite a few people involved, and they may not agree with each other. For this reason, in this real life scenario, there always needs to be processes for judging and deciding cases.  You might say that “process is the law”.

The bitter spat about EIP867 is actually about the very nature of cryptocurrency systems.  Should we trust code more than humans? Can we trust code more than humans?  Are cyprotocurrency systems mechanical devices moving data around according to immutable rules?  Or are they people-to-people systems for transacting whatever business the people want?

One of Nakamoto’s “disruptive” idea is to evict people from the system.

(I think the syllogism implicitly is something like:
“People can’t be trusted”. 
“Therefore, remove the people from the loop.”
“Ergo, the system can be trusted.”)

Ethereum is finding that the people aren’t so easy to evict.

These fundamental questions are mutually contradictory, and therefore difficult to resolve in a single system. It falls upon the Nakamotoan-style “governance” process of Ethereum, adopted from open source software. Decisions are made through a propose-comment-revise-agree process, with final agreement in the form of de facto “consensus”—if you run the code, you “agree”, and if you don’t agree, you don’t accept the code.

To date, the savage talk in Ehterland shows that this governance process is not capable of deciding these issues. This has also been true in Bitcoinland .

I’ll note that the Nakamotoan concept of “consensus” in practice actually means “if you don’t like it, you can split off your own branch”.  This isn’t exactly what most of us mean by the term “consensus”, it is much more like “religious schism” (or apartheid)..  The resulting splitting is certainly “disruptive”, but not really in any good way.

While I would (and have) characterized the governance of cryptocurrencies as catastrophically flawed, Oleary reports  Ethereum founder and opinion leader Vitalik Buterin thinks it is “not that bad”.  He thinks the problem is “poor communication” [1].

What we got here is a failure to communicate.” (from Cool Hand Luke (1967))

With all due respect, I think Sensei Vitalik is flat wrong here.  The controversy is not about the way the proposal is presented, it is about the fact that such a proposal should not even be possible, in a Nakmotoan, code-is-law, world.  Worse, the fact that the powers-that-be have ruled such a move to be in-bounds reflects a deep disagreement about what the game is. (And it doesn’t help that there is a whiff of “insider trading” involved as well.)

No amount of explanation or communication can fix this kind of fundamental disagreement.

As Ethereum thrashes so visibly, it is important to say that these issues are endemic to Bitcoin and every other Nakamotoan cryptocurrency. However, Ethereum’s successful pioneering of “smart contracts” has pushed the community into extremely visible confrontations with the flawed logical foundations of the whole “code is law” movement.

Interesting times.

  1. Rachel Rose O’Leary (2018) Ethereum Governance ‘Not That Bad’ Says Buterin Amid Fund Debate. Coindesk,
  2. Rachel Rose O’Leary (2018) Hard Fork Refund? Developer to Appeal Ethereum for Hacked Millions. Coindesk,
  3. Rachel Rose O’Leary (2018) High Stakes: Ethereum’s Fight Over Lost Funds Explained. Coindesk,


Cryptocurrency Thursday