You are viewing a single comment's thread from:
RE: Ethereum to implement hard fork to save funds stolen from The DAO
It's not a certainty a hard fork will be implemented. Some people believe in decentralization for decentralization sake no matter what happens to the people or the community interests.
I think trust is very important and maintaining trust is important enough in these special circumstances to do a hard fork. The percentage that the hacker would get in ETH is too high, the possibility of it being an inside job is too high, it's not ethically acceptable to allow hackers to be rewarded because it sets a precedent which could create incentive for hackers all over to find exploits and rob smart contracts.
If one hacker can get and keep over 100 million dollars with a simple exploit like this then what kind of lesson will others learn?
Not to put money in unsafe smart contracts
All Turing complete smart contracts are fundamentally unsafe. This is because at the deepest levels they cannot be logically consistent. This means you cannot get a clear yes or no answer as an output so the behavior is never exactly as expected. This unexpected behavior is the cause of bugs.
The only real answer is to have functional decidable language security where you have consistent logic. You have to give up completeness in exchange for consistency always. But you get the benefit of not having code which does unexpected behaviors which means no more bugs, no more underhanded stealth logic bombs, no more zero days, none of that is possible because just as with propositional logic you have a true or false certainty at all times.
Turing complete imperative languages can never be trusted. What you get is an approximation where you through trial and error, testing and other methods refine the code base over time. For smart contracts where you can't easily do that you have to get it right on the first time and when lots of money is involved you don't want to have to trust the programmer not to sneak a logic bomb into the code.
References
http://www.ece.cmu.edu/~ganger/712.fall02/papers/p761-thompson.pdf
That makes the decision whether to put money in them easier doesn't it.
The other viable option is to embrace Turing incompleteness: