[Cryptography] Code is Cruel -- The DAO

Ron Garret ron at flownet.com
Tue Jul 26 11:26:19 EDT 2016 

On Jul 25, 2016, at 9:54 AM, Peter Todd <pete at petertodd.org> wrote:

> On Sun, Jul 24, 2016 at 04:16:14PM -0400, ianG wrote:
>>> Yes.  Among other things, locking is one of the points that Hal Abelson
>>> cited when he and Satoshi were deciding which opcodes should be allowed
>>> in the Bitcoin scripting language.  IIRC, Satoshi wanted to enable more
>>> programmability but Hal demonstrated some ways that recursion and/or
>>> looping operators could be used to attack the system - or enable legit-
>>> looking scripts that could be attacked later, as apparently happened
>>> with ETH.  In the end they wound up removing all the potentially
>>> backward-branching control structures.
>> 
>> 
>> In more accounting terms, the typical defence against this is to implement
>> double entry bookkeeping, so that the value cannot be "created" out of thin
>> air, it must come from somewhere, and be shown to have existed as a
>> deliberate act.  Typically a system that profers an account style (as
>> typical in Ethereum) should have a double entry backend behind the scenes.
> 
> Double-entry bookkeeping was developed in a time when the available ways to do
> arithmetic were both error prone and expensive; with computers arithmetic is
> highly accurate, and more importantly, extremely cheap.
> 
> I don't see why you would have a double-entry backend in a computer system;
> just re-do the calculations and see if you get the same result.

You’re missing something very important: double-entry bookkeeping is not just an error correcting mechanism, it’s a more accurate conceptual model of what’s really going on in the underlying financial system.  When you do single-entry bookkeeping you are necessarily keeping track of only part of the real situation.  When a consumer balances their checkbook, they keep track of money coming in from their employer and going out to merchants, but the employer and the merchants are black-boxes to the consumer.  A complete model of the situation necessarily includes the employer and the merchant, and necessarily entails double-entry, not to correct errors, but because every time money changes hands it leaves one account and ends up in another.

Even at the consumer level, double-entry bookkeeping is a very valuable tool that is seldom actually used.  For example, suppose you sign up to take a cruise and pay a deposit on your credit card.  You have now accrued two debts.  One of those is a short-term debt that shows up on your credit card statement, and the other is a long-term debt that shows up on the invoice for your cruise.  You really ought to record those somewhere, but if all you have is a checkbook register there’s no way to do it because your checking account is a cash account and you can’t record debts in a cash account without screwing up the balance.  So you need a separate account to record debts, which credits against the cash in your checking account and debits against your net worth.

Even cryptocurrencies have an implicit double-entry system because because you need to keep track of the total money supply *somewhere* even if you don’t do so explicitly.  (This is one thing that most people don’t understand about sovereign debt: it really is different from consumer debt because sovereign debt is a measure of the money supply.  The underlying reason that people don’t understand this is that they don’t understand double-entry bookkeeping.)

rg

More information about the cryptography mailing list