I'm certainly predisposed to not like crypto so feel free to write this off, but why would anyone read this and still be interested in crypto? Someone just had $12,000 stolen from them because of...
I'm certainly predisposed to not like crypto so feel free to write this off, but why would anyone read this and still be interested in crypto? Someone just had $12,000 stolen from them because of a mistake on the level of accidentally pushing to master.
Sending money to the wrong address happens in the regular banking system too. There has been some discussion on Hacker News of scammers ripping people off when buying a house. Any time you enter a...
Sending money to the wrong address happens in the regular banking system too. There has been some discussion on Hacker News of scammers ripping people off when buying a house. Any time you enter a new account number for sending money, you should try it with a small amount and verify that it gets there.
However, either way, it seems like a pretty severe security and usability bug and should be fixed.
I know very little about crypto, but isn’t the point here that the $12,000 is inherently unrecoverable if the recipient chooses not to be nice? At least with traditional banking and finance there...
I know very little about crypto, but isn’t the point here that the $12,000 is inherently unrecoverable if the recipient chooses not to be nice? At least with traditional banking and finance there are central institutions (banks) that can sort out claims like this, and you’ll very often get the money back.
If you mean the end user, it's more like losing $12000 because you sent money to the wrong routing+account number at a bank, which is exactly why bank account numbers aren't serialized. If you...
If you mean the end user, it's more like losing $12000 because you sent money to the wrong routing+account number at a bank, which is exactly why bank account numbers aren't serialized. If you mean Uniswap letting this happen with their contract in the first place, that's more like pushing a bug up to prod that lets users deposit money in a default account that anyone could
withdraw from. Not sure what Uniswap's testing process is, but they clearly did their customers a disservice with this implementation.
I think one big takeaway here with regards to ethereum is that under no circumstance should it be possible to provision ETH to a transactor unconditionally unless you are working on a trusted fork of Ethereum and not the main blockchain. The dark forest metaphor is completely accurate, and the bots will take the money left on the table.
I have read that book but never thought to apply it to crypto. I thought "everyone is trying to steal from everyone else" and it's not true that literally everyone is trying to steal, but it's...
I have read that book but never thought to apply it to crypto. I thought "everyone is trying to steal from everyone else" and it's not true that literally everyone is trying to steal, but it's enough that it's a problem, and the dark forest metaphor is a great way of putting it.
I don't think I'll be putting a lot of money in crypto (and certainly not interacting with smart contracts, code that is public, immutable, and financial is a terrible combination), but how can...
I don't think I'll be putting a lot of money in crypto (and certainly not interacting with smart contracts, code that is public, immutable, and financial is a terrible combination), but how can this not be of interest? It's like hearing tales of the wild west while you're sitting back in Philadelphia. You probably don't want anything to do with the lawlessness... but it's a high risk high reward environment.
There are many stories like this one and they all fascinate me. It's like the world of HFTA but accessible to everyone and far less understood. Because of the high motivation and the script-ability of the environment we have very smart people putting in a lot of time to write automated bank robbers.
And if someone manages to find a way around the whole open-source-banking-backend-that-you-cant-update problem, smart contracts are an amazingly powerful tool.
That's fair. I'm really really risk averse, and it is kinda interesting to read about.
I don't think I'll be putting a lot of money in crypto (and certainly not interacting with smart contracts, code that is public, immutable, and financial is a terrible combination), but how can this not be of interest? It's like hearing tales of the wild west while you're sitting back in Philadelphia. You probably don't want anything to do with the lawlessness... but it's a high risk high reward environment.
That's fair. I'm really really risk averse, and it is kinda interesting to read about.
I'm certainly predisposed to not like crypto so feel free to write this off, but why would anyone read this and still be interested in crypto? Someone just had $12,000 stolen from them because of a mistake on the level of accidentally pushing to master.
Sending money to the wrong address happens in the regular banking system too. There has been some discussion on Hacker News of scammers ripping people off when buying a house. Any time you enter a new account number for sending money, you should try it with a small amount and verify that it gets there.
However, either way, it seems like a pretty severe security and usability bug and should be fixed.
I know very little about crypto, but isn’t the point here that the $12,000 is inherently unrecoverable if the recipient chooses not to be nice? At least with traditional banking and finance there are central institutions (banks) that can sort out claims like this, and you’ll very often get the money back.
Now you understand why cryptocurrencies are popular with libertarians, criminals, and almost nobody else.
If you mean the end user, it's more like losing $12000 because you sent money to the wrong routing+account number at a bank, which is exactly why bank account numbers aren't serialized. If you mean Uniswap letting this happen with their contract in the first place, that's more like pushing a bug up to prod that lets users deposit money in a default account that anyone could
withdraw from. Not sure what Uniswap's testing process is, but they clearly did their customers a disservice with this implementation.
I think one big takeaway here with regards to ethereum is that under no circumstance should it be possible to provision ETH to a transactor unconditionally unless you are working on a trusted fork of Ethereum and not the main blockchain. The dark forest metaphor is completely accurate, and the bots will take the money left on the table.
I have read that book but never thought to apply it to crypto. I thought "everyone is trying to steal from everyone else" and it's not true that literally everyone is trying to steal, but it's enough that it's a problem, and the dark forest metaphor is a great way of putting it.
I don't think I'll be putting a lot of money in crypto (and certainly not interacting with smart contracts, code that is public, immutable, and financial is a terrible combination), but how can this not be of interest? It's like hearing tales of the wild west while you're sitting back in Philadelphia. You probably don't want anything to do with the lawlessness... but it's a high risk high reward environment.
There are many stories like this one and they all fascinate me. It's like the world of HFTA but accessible to everyone and far less understood. Because of the high motivation and the script-ability of the environment we have very smart people putting in a lot of time to write automated bank robbers.
And if someone manages to find a way around the whole open-source-banking-backend-that-you-cant-update problem, smart contracts are an amazingly powerful tool.
That's fair. I'm really really risk averse, and it is kinda interesting to read about.