this post was submitted on 13 Aug 2023
20 points (68.5% liked)

Asklemmy

43803 readers
753 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy 🔍

If your post meets the following criteria, it's welcome here!

  1. Open-ended question
  2. Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
  3. Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
  4. Not ad nauseam inducing: please make sure it is a question that would be new to most members
  5. An actual topic of discussion

Looking for support?

Looking for a community?

~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~

founded 5 years ago
MODERATORS
 

As a foreword, yes I am very aware of resources like https://web3isgoinggreat.com You don't need to spam the comments with the link.

I am not asking about your general opinions on why crypto kittens is a jerk fest for crypto bros. Please cut the automatic generic rant on why cryptocurrencies is the sandbox of brainless dopamine monkeys. I am asking about your sentiment on a specific scenario, that tries to solve a real problem.

This is just an example, for oversimplification.
In a trust-less environment, one person shares some of their cloud space for a fixed amount of time, with another person they don't know much.

The person asking for the cloud space, promises that they will use it only for X,Y or Z. They both agree to leave all the data in clear text (it is easy to prove whether there has been a breach of trust).
If the person doesn't respect their engagement, they must be penalized. In this scenario, there is no legal tool to ensure this.

Enters the smart contract. The individual asking for a share of the cloud space, deposits a certain amount of ETH in a smart contract. The smart contract itself ensures that the owner of the cloud space will NEVER have access to the deposit fund.
Both individuals sign the smart contract. After a fixed amount of time, the depositor can retrieve their deposit back.
However, if for somewhat reason the depositor breaks their engagement (and do something outside X,Y, Z), the person sharing their cloud space can refuse the refund of the deposit.
Both individuals must then reach a consensus, or the deposit will stay frozen on the smart contract forever.

In this case, would the use of a smart contract be a reasonable solution to you?

all 33 comments
sorted by: hot top controversial new old
[–] rentar42@kbin.social 44 points 1 year ago* (last edited 1 year ago) (1 children)

I promise this isn't a generic anti-crypto rant, but rather a specific anti-crypto rant:

There are many projects in this space that try to replace what they perceive as flawed legal systems with perceived "perfect" (or at least better) digital, automated systems.

And I definitely understand that urge: there are many problems with various legal systems ranging from annoying (like being slow and very disparate around the world) to massive (biases, lack of access for those who need it most).

So aiming to improve that situation is understandable. And being pessimistic about the chances of fixing those systems with the "normal approaches" (i.e. politics) is equally understandable.

Where these projects usually break down though is that they generally lack an understanding of what makes legal systems so hard to get right: no one has found a reliable way to encode a non-trivial part of the law into something that a computer can decide reliably and without wrong decisions. (there are of course other difficulties, but this is the most lenient one for the current topic).

People with a technical background (which includes me) are often frustrated how laws and legal documents like licenses are at the same time both written in an arcane inaccessible language and also very much prone to interpretation. We assume, based on the languages we interact with, that a sufficiently complex language should allow a strict, formal interpretation of some truth value ("was this contract followed by both parties?").

But the reality is that contracts (just like most laws) are intentionally written with some subjective language to both account for real world deviations and avoid loopholes.

It's incredibly easy for a law to apply when it's not meant to (or the opposite: to present a law as not being meant to apply to a certain situation when the authors were very aware of the implications) or to not apply due to some technicality.

And for all the wrong in legal systems that exists we have not yet found abetter way to solve this than (hopefully neutral) arbitrators that interpret the text and underlying intentions.

And all the crypto schemes categorically decline that: their stated goal is to not have a human in the loop anywhere. That would be fine if they also solved the above problems in some other way, but none that I know of even attempt to do that. They simply pretend that perfect, decideable contracts are possible (even easy!) and never unfair.

Whether that error is based on ignorance or on something more sinister is up to the reader to decide.

[–] kurogane@sopuli.xyz 7 points 1 year ago* (last edited 1 year ago) (2 children)

I 100% agree with you. Thank you for sharing a piece of thought that is so often overlooked.
This is a very tricky world we are in.

One grievance I have against traditional finances especially, is its inflexibility. Say that you want to fairly share a donation, or even a tip between two individuals.
With current system, they need to either build their company, or at least be contractors in the same country. One receives the funds, and splits it with the other, by the means of expenses and invoices.
If they fail to do so, it ends up in court.
The whole thing takes time and money. And we need to be sure that they are in the same country, bonded by the same laws.

With cryptocurrencies, someone makes a donation in ETH, and in a matter of minutes, both individuals receive their share with 100% certainty the share has not been modified. Agent A could be in Venezuela for what I care, while agent B is Australian. At the end of the day, it doesn't matter.
I concur this is a very specific problem, but one of those reasons why smart contracts shouldn't be discarded as a whole.

[–] rentar42@kbin.social 11 points 1 year ago* (last edited 1 year ago) (1 children)

Even in very specific instances the smart contracts can only ever observe the Information they are given and have to assume that all that information is correct. What if the donation was done fraudulently or in error?

These systems have no way to undo these transactions (by design). They simply move all the "error handling" or "fraud prevention" to outside of the system.

And yes: if you can pretend that errorsor fraud don't happen, then one can design much simpler sysfems
But those assumptions don't make errors or fraud go away.

Edit: another aspect that the "traditional Systems" have at least some provision for is to prevent abusive or one sided contracts from being entered or at least enforced. For some the lack of those safeguards is a feature. For me it's terrible. Tons of contracts happen between unequal parties so the law has to protect the weaker one more.

[–] kurogane@sopuli.xyz 1 points 1 year ago

It is easy to set a time frame within which the funds are not distributed, and the donator can reclaim them back. I think that in this specific case, it boils down to whether the developer of the smart contract knows what they are doing, and acting in good faith. Fortunately, the opensource nature of smart contract allows anyone to double check the quality of a contract.

On the other hand, you have a strong point. Not everyone has the time, motivation, and knowledge to check whether a contract has the correct functionalities. The platforms and tools acting as intermediates are rare, not mature enough, and often straight scammy for now.

[–] perviouslyiner@lemm.ee 7 points 1 year ago* (last edited 1 year ago)

Mandating that parties to a contract should all be on the same blockchain is surely no different than telling them that they all have to follow Australian law?

And in fact this is quite common - if you look at some contracts that you've agreed to in the internet age, they will usually specify a legal system - e.g. Delaware law or English law - to be used when interpreting the contract.

[–] JoBo@feddit.uk 23 points 1 year ago

What problem is this solving?

[–] mister_monster@monero.town 15 points 1 year ago (1 children)

Yes, but your naive (in the game theoretical sense; I'm not calling you naive) scheme is ripe for abuse.

The depositee (for lack of a better word) has no incentive to he honest in this scenario. He can lock the deposit, and even if he can't get it without consent of the depositor, the depositor is out money unless he "comes to consensus" with the depositee. It's lose lose for him, he would Either take half his deposit than lose it all. The depositee then has an incentive to hold him hostage, which means the scenario is not trust less for the depositor.

One way to do this is if the contract says "the depositor will not store this specified set of files with these hashes" that way it could he programmatically proven to the contract that the rules weren't violated. But then you need to know beforehand every file you don't want them to store, this is infeasible.

This is why most schemes like this have some type of arbitrator, a third party that gets paid to resolve disputes. But then at that point, IMO you're back where you started: going to court. There are very few niche scenarios where this scheme is better than the status quo.

[–] kurogane@sopuli.xyz 3 points 1 year ago (1 children)

I see.
So I think the take out of your comment, is that this is possible in very, VERY specific conditions, that would work in tiny scenarios where the outcome is simple (the data on the cloud must not contain a set of word, as one condition). But as soon as we hit something slightly more complex, it becomes prone to loopholes.
This is very instructive, thank you.

[–] PupBiru@kbin.social 5 points 1 year ago (1 children)

usually smart contracts like this rely on other things that exist on the blockchain: transferring ownership of something, etc… this way, the smart contract can release funds to the specified parties under provable conditions

these “things” that exist on the blockchain are sometimes representations of ownership (think like a deed for property: it’s just a piece of paper that represents ownership. that could easily exist on the blockchain, where the owner of the property is the person who is assigned the deed on-chain)… the you can have a smart contract that automatically releases funds to the seller once the deed has been transferred to the buyer

there are also things called “oracles”, who are independent, trusted (or sometimes not so independent or trusted; you have to be careful!) third parties who write information to the blockchain… in this case, say for example you make a bet with someone that the global average temperature goes above a certain point between block A and block B: there’s an oracle that just writes the daily global average temperature to the chain. you both deposit into a smart contract that specifies the rules and reads the temperature from the oracle, then distributes based on the results… this situation is less ideal, because it relies on trusting a 3rd party in several ways, however it’s worth mentioning because many people see this as equivalent to the former situation when it’s really not

[–] kirklennon@kbin.social 3 points 1 year ago (1 children)

these “things” that exist on the blockchain are sometimes representations of ownership (think like a deed for property: it’s just a piece of paper that represents ownership. that could easily exist on the blockchain, where the owner of the property is the person who is assigned the deed on-chain)… the you can have a smart contract that automatically releases funds to the seller once the deed has been transferred to the buyer

The idea that property can be accurately recorded on a neutral blockchain is absolutely ludicrous. What happens when the owner of the property dies and they are unable to update the record? What if there is a dispute among the heirs? What if the owner goes bankrupt and their assets are seized by a third-party, but they are still unwilling to update the blockchain record? There is a reason that definitive records for real property are maintained by the government itself. Anything of real value must exist within a legal framework and be subject to a change of ownership under law or court order.

If a judge determines a property belongs to someone else, the sheriff who comes to evict you isn’t going to care when you point to some record on a blockchain. If a blockchain record can’t be unilaterally updated by the government to change ownership, against the wishes of the current owner, then it cannot function as a true record. Consequently, any “smart” contract based on that record is unreliable as well since the seller may not actually own in the real world the thing their blockchain deed says they own.

[–] PupBiru@kbin.social 2 points 1 year ago

smart contracts are turing complete… you can allow anyone you like to transfer ownership (including various government departments)… the point of a smart contract isn’t that only a single entity can definitively take action; it’s that all possible actions are expressed as code and queryable by other contracts

you’re totally right that right now smart contracts mean nothing, however we’re talking theoretical applications of a technology

[–] pivot_root@lemmy.world 11 points 1 year ago (1 children)

Isn't this the point of escrow? I trust that more than I trust anything remotely related to crypto.

[–] kurogane@sopuli.xyz 1 points 1 year ago* (last edited 1 year ago) (1 children)

Do you have examples of an escrow in this scenario? Smart contracts are opensource and can be deployed by anyone, like for example one of the two individuals aforementioned. This is the advantage I see in this case.
I am not trying to start an argument, only looking forward finding a proper solution.

[–] ojmcelderry@lemmy.one 6 points 1 year ago

looking forward to finding a proper solution

To the contrary, I think you have a solution in search of a problem.

Your solution is smart contracts, and you're asking us if we agree that your cloud storage example would be a good use case for that solution.

[–] alokir@lemmy.world 7 points 1 year ago (1 children)

What do you mean by "cloud space"? Is it on a cloud drive somewhere or my own computer?

Because if they want extra cloud space it's cheaper and safer to just buy it from an established provider.

If they want to store their data on my computer, what guarantees do I have to offer in therms of availability and speed of access?

Do I have to keep my PC turned on at all times? What happens if I lose internet connection? Can I restart my pc after an update? Do I have to ensure redundancy? How do I compensate them on data loss?

If they don't want to use a provider like Google, Microsoft or Dropbox, then why? Do they want to store something questionable or illegal?

[–] kurogane@sopuli.xyz 2 points 1 year ago (1 children)

I don't really understand your point. The scope of this conversation is not about cloud shopping, but trying to find the middle ground in trust-less environments. This is why I specified that this is an oversimplification, and not a real world example.
Take IPFS for example https://www.scaleway.com/en/blog/ipfs-the-real-web3-explained/
The data on the network can not be modified and tampered with, and nothing is encrypted. This answers the problem of "questionable content". You are not responsible of its uptime, and you are not even required to host the data yourself.

[–] alokir@lemmy.world 4 points 1 year ago

I assumed you meant file/data storage because you were talking about "cloud space".

My issue with these solutions is that you have to trust that your data will be available on the other person's machine whenever you want to access it.

Imagine something like a torrent. They only work as long as there are people seeding it. As soon as nobody's interested, the torrent file is useless.

If I agree that I'll host someone's data on my computer for money I'll have to guarantee that it will be available, otherwise why would they gamble that they might lose their data?

My impression with all these web3/crypto projects is that aside from crypto currencies everything that I've seen so far can be solve in a better way with conventional methods.

If your point is doing web3 for web3's sake then go ahead, it's an interesting concept and thought experiment, just not that useful yet in my opinion.

[–] actsukrit@lemm.ee 6 points 1 year ago* (last edited 1 year ago) (1 children)

amount of ETH in a smart contract

I don't have cryptocurrency. So that's a no go overall. And making a wallet so I can purchase some ETH to enter into a contract is enough trouble for me to look elsewhere for the same services.

If the person doesn’t respect their engagement, they must be penalized. In this scenario, there is no legal tool to ensure this.

Surely if there has been a breach in contract then this could still go to court? Suing for a breach in contract is a thing. Admittedly this is far less convenient than a smart contract to handle this.

I don't think smart contracts (contracts administered by programming), are inherently a bad idea: but having them be so strongly tied into cryptocurrencies does make it a lot less attractive as a tool to a lot of folks. If I could deposit real world currency into them to use as escrow instead of having to go through ETH, I probably would have no problem entering into one with lower stakes for failure to follow through.

[–] kurogane@sopuli.xyz 1 points 1 year ago

Regarding your second point, this becomes tricky when both parties are from different countries, for starters. Smart contract would be fast, and impartial in this case.
But for your first point, this is a very legitimate concern. The entry point of those ecosystems is complex, tech-savy, and poorly regulated. I understand why it is never the first option.

[–] captainlezbian@lemmy.world 6 points 1 year ago (3 children)

No because it can’t be revoked when unintended consequences that neither party wants occurs

[–] PupBiru@kbin.social 2 points 1 year ago

you can write whatever revolution clauses you like into a smart contract: often they have timeouts so that if something goes wrong with the contract execution, at least nothing is lost forever

[–] kurogane@sopuli.xyz 1 points 1 year ago (1 children)

This may be overkill, but this is the point of a trust-less environment. Both parties ought to be extremely careful of what they sign, I agree.

[–] captainlezbian@lemmy.world 9 points 1 year ago (2 children)

Yeah and the problem is, the real world kinda doesn’t care. Code gives zero fucks. If I have to be 250% sure the code is correct because no court can fix it if we screw up that’s just not worth it to me. I’d rather trust in unbiased humans

[–] BaconIsAVeg@lemmy.ml 9 points 1 year ago (2 children)

Plus, there will always be people who will exploit hard coded loopholes in the system where no sane, logical third party official would.

The first thing that comes to mind is various 'police agencies' in MMOs. Way, way back in the Ultima Online Beta, you'd be walking through town and another player would come up and attempt to pick pocket items out of your inventory. If you turned around and smacked them, the guards would spawn and instantly kill you, which caused everything you were carrying to fall to the ground beside your corpse, and then the thieves would just pick up anything valuable and walk away free and clear. They were counting on this behavior of course, and they'd antagonize new players until they got what they wanted. There was a similar example in EVE Online, where pirates who knew the system would open up floating cans left by players who were mining, causing them to flash red to the miner. If the miner fought back, the police would show up, your ship would be destroyed, and the pirates could pick through all your stuff.

Given OP's example, I can guarantee scenarios like this with Smart Contracts will be fairly easy to pull off.

[–] perviouslyiner@lemm.ee 3 points 1 year ago

Not just in games - the famous infinite leverage glitch from wallstreetbets was 'just following the rules' - luckily it was website code rather than a smart contract so they could fix the rule before ControlTheNarrative ended up owning the entire US economy.

[–] kurogane@sopuli.xyz 1 points 1 year ago

I get your point, I agree to some extent.

I don't know much about MMO, but given your example of in-game situations, there are cases of moderators/admin treating you unfairly because of a misunderstanding, or because they "don't like you". Or other cases where you are locked out of a MMO because you were flagged as an abuser, and you need to jump hoops, to prove yourself, and get your account unfrozen.

So I would argue that in this case, nothing is bulletproof of "bugs" or "abuse", and it is not a black or white situation.
However, it is true that we need a balance between automatic system parsing bazingas of datas everyday, and humans having authority on the outcome, when needed. Harder to know where to draw the line.

[–] kurogane@sopuli.xyz 1 points 1 year ago (1 children)

Yeah and the problem is, the real world kinda doesn’t care. Code gives zero fucks. If I have to be 250% sure the code is correct because no court can fix it if we screw up that’s just not worth it to me

Fair point, the advantages are not worth the struggle of triple checking everything and ensuring there is no bug.

I’d rather trust in unbiased humans

This is my personal opinion, but I disagree on this one. I'd rather choose a well written, unbiased piece of code, over a human that cannot be unbiased.

[–] dot20@lemmy.world 1 points 1 year ago

Ah, but how do you know that the code is well-written?

There have been multiple cases in smart contracts where the code looked good, but a subtle bug ended up being exploited.

[–] Nemo@midwest.social 2 points 1 year ago (1 children)

So essentially, a "trusted third party" mediation but the TTP is a bot.

[–] kurogane@sopuli.xyz 3 points 1 year ago (1 children)

Yes, decentralized bot would be more accurate. As in it can not be put offline.

[–] perviouslyiner@lemm.ee 3 points 1 year ago

How is this bot going to decide which party is acting in bad faith (whether the file contents violate the spirit of the agreement) better than a human arbitrator?

[–] Saigonauticon@voltage.vn 1 points 1 year ago* (last edited 1 year ago)

No, but mostly for very boring reasons that have nothing to do with the technology:

  1. I... don't even know two people outside of family I would trust with a deposit (any deposit, in any amount) -- e.g. pay me 10% in cash right now or I'll claim you breached the terms of use, keeping your deposit hostage.

  2. Wonder if someone can find a way to do something vastly illegal with the cloud resources that makes me more money than the deposit? Or just blackmail me? So I'd need a normal legal contract with the other party's real name to avoid this liability. At which point the whole smart contract is arguably superfluous.

  3. There ARE normal legal tools that handle this. You can put money in escrow at a bank, or use a lawyer. It's... actually a pretty normal thing to do in many industries. It's not particularly expensive as far as I know. There are problems with it, but none of them are of the form "Oh no, if only we used a trustless system with no middleman!"

  4. Finally one technical point: smart contracts are only trustless if I'm a programmer and the smart contract source code is provided (in which case there's no money to be made providing the service, as I can just copy your work and it's a race to the bottom). Or if I'm familiar with assembly language (which I am), in which case it's an unproductive use of my time and a lawyer or bank is much much cheaper than my time spent as an auditor (I could be working on other things). So it's a bit hard to come up with any sort profitable enterprise, and most programmers I know strongly prefer to be paid for their time.

NB I've written various smart contracts for amusement (on various testnets only). I haven't found anything I'd want to use them for in production. It was a fun academic exercise though.