[Cryptography] Code is Cruel -- The DAO
Ron Garret
ron at flownet.com
Tue Jul 26 11:26:19 EDT 2016
On Jul 25, 2016, at 9:54 AM, Peter Todd <pete at petertodd.org> wrote:
> On Sun, Jul 24, 2016 at 04:16:14PM -0400, ianG wrote:
>>> Yes. Among other things, locking is one of the points that Hal Abelson
>>> cited when he and Satoshi were deciding which opcodes should be allowed
>>> in the Bitcoin scripting language. IIRC, Satoshi wanted to enable more
>>> programmability but Hal demonstrated some ways that recursion and/or
>>> looping operators could be used to attack the system - or enable legit-
>>> looking scripts that could be attacked later, as apparently happened
>>> with ETH. In the end they wound up removing all the potentially
>>> backward-branching control structures.
>>
>>
>> In more accounting terms, the typical defence against this is to implement
>> double entry bookkeeping, so that the value cannot be "created" out of thin
>> air, it must come from somewhere, and be shown to have existed as a
>> deliberate act. Typically a system that profers an account style (as
>> typical in Ethereum) should have a double entry backend behind the scenes.
>
> Double-entry bookkeeping was developed in a time when the available ways to do
> arithmetic were both error prone and expensive; with computers arithmetic is
> highly accurate, and more importantly, extremely cheap.
>
> I don't see why you would have a double-entry backend in a computer system;
> just re-do the calculations and see if you get the same result.
You’re missing something very important: double-entry bookkeeping is not just an error correcting mechanism, it’s a more accurate conceptual model of what’s really going on in the underlying financial system. When you do single-entry bookkeeping you are necessarily keeping track of only part of the real situation. When a consumer balances their checkbook, they keep track of money coming in from their employer and going out to merchants, but the employer and the merchants are black-boxes to the consumer. A complete model of the situation necessarily includes the employer and the merchant, and necessarily entails double-entry, not to correct errors, but because every time money changes hands it leaves one account and ends up in another.
Even at the consumer level, double-entry bookkeeping is a very valuable tool that is seldom actually used. For example, suppose you sign up to take a cruise and pay a deposit on your credit card. You have now accrued two debts. One of those is a short-term debt that shows up on your credit card statement, and the other is a long-term debt that shows up on the invoice for your cruise. You really ought to record those somewhere, but if all you have is a checkbook register there’s no way to do it because your checking account is a cash account and you can’t record debts in a cash account without screwing up the balance. So you need a separate account to record debts, which credits against the cash in your checking account and debits against your net worth.
Even cryptocurrencies have an implicit double-entry system because because you need to keep track of the total money supply *somewhere* even if you don’t do so explicitly. (This is one thing that most people don’t understand about sovereign debt: it really is different from consumer debt because sovereign debt is a measure of the money supply. The underlying reason that people don’t understand this is that they don’t understand double-entry bookkeeping.)
rg
More information about the cryptography
mailing list