This week I looked through one of my slush piles, a collection of headlines about cryptocurrency, blockchain, and related “Oopsies”. The great land of Nakamoto seldom disappoints on this front! : – )
Oopsies R Us!
First up, we see that “Crypto Lending Platform BlockFi Attacked With Flood of Fake, Abusive Sign-Ups” [3]. Apparently spammers, likely bots, swarmed ths site, creating bogus new users, with naughty names. Tsk. Very grown up.
This issue actually has nothing to do with crypto, per se, except that this is a major “crypto lending platform” with millioins of dollars in play, which apparently lets anyone just create accounts. You have to wonder about just who might be using this service and for what. And what other details are they blowing off.
Last fall, we heard from the ever controversial MakerDAO (how are they still around?). I’m not really sure what all MakerDAO is up to, but apparently one of it’s “features” is, as James Creawley’s headline puts it, “MakerDAO Loans Can Be Gamed to Hold Out Funds From Liquidation” [2]. The details are obscure to me, but the gist of it is that it is possible to avoid repaying some loan, apparently due to a wrinkle in the complex and vague protocols.
Hmm. Software that has bugs because it is complex and ambiguous? That’s never happened before. : – )
And, of course, there is a never ending parade of just plain theft.
For example, the perhaps too aptly named, DODO decentralized finance platform was “Drained of $3.8M in DeFi Exploit” [1]. DODO is a lending service, providing instant, poorly secured loans of cryptocurrencies–unencumbered by human oversight. What could possibly go wrong?
The exploit is question was–wait for it–a bug in an executable contract. The bug allowed hackers to create “counterfeit” tokens, and then loan them to themselves, and cash out. With the magic of blockchain, the heist was executed in seconds. (I ti s reported that a lot of the stolen funds was traced and recovered.)
I think the thing that ties all these oopsies together is that they all are pretty normal software bugs. Hey, all software has bugs. It should not be trusted.
But, the fundamental tenets of Nakamotoism hold that cryptocurrency eliminates the need to trust other people and institutions. Essentially, Nakamoto replaces people with software, with the implicit claim that software can be trusted more than people.
OK, I’ll grant you that software can be trusted differently than people. In particular, software may be more predictable than people, and maybe more transparent. On the other hand, people can use common sense, and generally possess a butt to be kicked if necessary
Nakamotoan software is no worse than most, possibly better than average. But when there are zillions of dollars involved, and things move at zilloflop speeds, the implications of bugs are gigantic. So, no matter how “trustworthy” platforms and “smart contracts” may be, even small oopsies can drain millions in a few seconds.
Finally, note how these bugs were handled: actual humans took responsibility and intervened to make things right. If Emperor Nakamoto aimed to eliminate humans from the trust equation, he has not succeeded.
- Jamie Crawley (2021) DODO DEX Drained of $3.8M in DeFi Exploit. Coindesk, https://www.coindesk.com/dodo-dex-drained-of-3-8m-in-defi-exploit
- William Foxley (2020) MakerDAO Loans Can Be Gamed to Hold Out Funds From Liquidation, Startup Finds. Coindesk, https://www.coindesk.com/makerdao-loans-collateralized-debt-liquidation
- Sebastian Sinclair (2021) Crypto Lending Platform BlockFi Attacked With Flood of Fake, Abusive Sign-Ups. Coindesk, https://www.coindesk.com/blockfi-attacks-email-spam
Cryptocurrency Thursday