Smart contracts, stupid humans: new major Ethereum ERC-20 token bugs BatchOverflow and ProxyOverflow | Attack of the 50 Foot Blockchain
Smart contracts are fundamentally bad software engineering, part 666 of a never-ending series — PeckShield have been running an automatic scanner on the public Ethereum blockchain:Built on our earlier efforts in analyzing EOS tokens, we have developed an automated system to scan and analyze Ethereum-based (ERC-20) token transfers. Specifically, our system will automatically send out alerts if any suspicious transactions (e.g., involving unreasonably large tokens) occur.They’ve found a couple of beauties, which they’ve branded “BatchOverflow” and “ProxyOverflow.” These affect multiple ERC-20 tokens — which are the basis for almost all ICOs.The root cause is that smart contract coders just copy each other’s code a lot, because who needs formal methods when you can cut’n’paste’n’bodge.
Source: Smart contracts, stupid humans: new major Ethereum ERC-20 token bugs BatchOverflow and ProxyOverflow | Attack of the 50 Foot Blockchain
Contract revival EIP specification drafts · GitHub
We hard forked once, for the larger DAO hack that was even more of a mess, but we cannot let this become a practice. How many times must Parity mess up for them to own up and move on?
Instead of a hard fork, its users should look into all legal options.
Bitcoin is based on the blockchain pipe dream | Nouriel Roubini and Preston Byrne | Business | The Guardian
It is high time to end the hype. Bitcoin is a slow energy-inefficient dinosaur that will never be able to process transactions as quickly or inexpensively as an Excel spreadsheet. Ethereum’s plans for an insecure proof-of-stake authentication system will render it vulnerable to manipulation by influential insiders.And Ripple’s technology for cross-border interbank financial transfers will soon be left in the dust by Swift, a non-blockchain consortium used by all of the world’s major financial institutions. Similarly, centralised e-payment systems with almost no transaction costs – Faster Payments, AliPay, WeChat Pay, Venmo, PayPal, Square – are being used by billions of people around the world.Today’s coin mania is not unlike the railway mania at the dawn of the industrial revolution in the mid-19th century. On its own, blockchain is hardly revolutionary. In conjunction with the secure, remote automation of financial and machine processes, however, it can have potentially far-reaching implications.Ultimately, blockchain’s uses will be limited to specific, well-defined, and complex applications that require transparency and tamper-resistance more than they require speed – for example, communication with self-driving cars or drones. As for most of the coins, they are little different from railway stocks in the 1840s, which went bust when that bubble – like most bubbles – burst.
Source: Bitcoin is based on the blockchain pipe dream | Nouriel Roubini and Preston Byrne | Business | The Guardian
Blockchain Protocol Analysis and Security Engineering 2017 | Cyber Initiative
The conference will explore the use of formal methods, empirical analysis, and risk modeling to better understand security and systemic risk in blockchain protocols. The conference aims to foster multidisciplinary collaboration among practitioners and researchers in blockchain protocols, distributed systems, cryptography, computer security, and risk management.
Source: Blockchain Protocol Analysis and Security Engineering 2017 | Cyber Initiative
Cryptoanarchism and Cryptocurrencies by Usman Chohan :: SSRN
Cryptoanarchism and Cryptocurrencies
9 Pages Posted: 1 Dec 2017
Date Written: November 27, 2017
This paper examines the infusion of Cryptoanarchist philosophy in the construction and dissemination of cryptocurrencies, in light of the breakneck growth of these non-traditional financial instruments, and their perceived importance in transforming international monetary structures.
Source: Cryptoanarchism and Cryptocurrencies by Usman Chohan :: SSRN
Despite run-up, bitcoin’s future is still uncertain – The Boston Globe
That’s the theory. But Preston Byrne doesn’t buy it.“It’s outrageous what CME is doing,” said Byrne, a fellow at the Adam Smith Institute, a free-market think tank in the UK and former chief operating officer of Monax, a blockchain software company in London. He pointed to a statement issued Friday by the US Commodity Futures Trading Commission, in which the agency admitted that it has little power to keep bitcoin markets honest, and warned of “the potentially high level of volatility and risk in trading these contracts.”“This is the understatement of the century,” said Byrne.He believes media hype is attracting individual investors to the bitcoin market. Some are gambling their retirement funds, while others are buying the currency with credit cards, saddling themselves with high-interest debt. The bitcoin boom, said Byrne, “exhibits all of the classic features you would expect from a financial mania.” He is sure it will fall, and he worries that the CME’s decision to permit futures trading will ensure that damage from the crash will spread to other financial markets.But for now, nobody’s listening.
Source: Despite run-up, bitcoin’s future is still uncertain – The Boston Globe
Anticipating Blockchain for Development: Data, Power and the Future – The Connectivity, Inclusion, and Inequality Group
Research on anticipated, contingent and imaginary blockchain-enabled ‘aidlands’ (Mosse 2011) is crucial now: much is at stake. What will the role of blockchain be in identity management in global contexts where population control regimes proliferate to the detriment of the many? Through multi-stakeholder ethnographic work with user communities, the development industry, technical, legal, regulatory and governmental communities, I aim to make a practical intervention in public social science, developing best practice principles or ‘infraethics’ (Floridi 2017) from concrete sociotechnical findings about the specific ways in which DLTs can empower communities in global contexts, how, and what new digital inequalities or unintended consequences arise (cf. for example the energy consumption issue with Bitcoin mining, which is currently a ‘hot’ topic). I have a hunch that working on best practice may involve pointing out when a blockchain isn’t really necessary.
Source: Anticipating Blockchain for Development: Data, Power and the Future – The Connectivity, Inclusion, and Inequality Group
Someone deleted some code in a popular cryptocurrency wallet — and as much as $365 million in ethereum is locked up | Business Insider
An estimated $US280 million ($AU365 million) worth of the cryptocurrency ethereum is now locked up after a user accidentally deleted the code necessary to access the digital wallets hosted by the company Parity Technologies.The vulnerability impacted the “multi-sig” digital wallets launched through Parity since July 20.Multi-sig wallets usually contain large sums of money since they are primarily used by startups or large groups looking to prevent any one member of the group from running off with the money.
Source: Someone deleted some code in a popular cryptocurrency wallet — and as much as $365 million in ethereum is locked up | Business Insider