He did not steal anything. He beat the fund (Indexed Finance) at their own game.
He has not stolen anybody's password, has not modified DeFI code - simply executed a set of financial transactions according to the rules (expressed as DeFI smart contracts) and profited from it.
Indexed Finance is an unlicensed investment firm. The promoters knew the risk ( decentralized finance) and now they want to blame someone who outsmarted them at their own game.
InsideOutSanta 2 days ago [-]
This. If you believe in cryptocurrencies, you can't run to the courts when people use them as designed, even if they didn't use them as intended.
If you end up using the legal system to remediate undesired transactions, what's the point of cryptocurrencies in the first place?
Taek 2 hours ago [-]
Just because some subsets of the crypto industry want to operate entirely outside the law doesn't mean the whole industry wants to operate outside the law. As evidenced by anyone who pays taxes on their crypto.
Saying "he used the system as it was designed, even if not as intended" is more or less equivalent to saying that any computer hack or zero day is also "using the computer system as designed".
You even plausibly extend that to picking locks in the physical world.
So yes, it does make sense for the law to get involved.
protocolture 48 minutes ago [-]
If a smart contract requires a court to execute you really should have just used a regular contract no?
thinkingtoilet 2 days ago [-]
> what's the point of cryptocurrencies in the first place?
So far, to execute illegal transactions and using the lack of regulations to exploit the financially illiterate.
Salgat 2 hours ago [-]
I like how every attempt to legitimize cryptocurrency by the current administration has just resulted in hurting the price of cryptocoins.
hinkley 7 hours ago [-]
Money laundering.
apercu 7 hours ago [-]
And get rich quick scams. And fraud.
smallmancontrov 7 hours ago [-]
And drugs. And delivery of bribes to the sitting US president (these are not the same as illegal transactions because when the president does it it is not illegal).
thinkingtoilet 5 hours ago [-]
I posted the original comment everyone is replying to so it's clear I'm not fan of crypto. To be fair, literally everyone I've ever known, including myself, has only ever used cash to buy drugs. I can't put that on crypto.
dhosek 3 hours ago [-]
For online sales of drugs it’s through crypto. Also, it’s the preferred way of paying ransom these days.
hinkley 7 hours ago [-]
Amongst our weaponry are such elements as graft, narcotics, money laundering, fraud… I’ll come in again.
eftychis 6 hours ago [-]
Oh, it is illegal. It's just that the DOJ is turning a blind eye because someone at some point wrote a "memo"[0,1], which it seems can be the bane of global peace and prosperity as we know it. (Yes, it is ironic that a memo in some countries like the U.S. can affect everyone else.)
P.S. I understand the context in your comment here. Just expanding on it for cynicism's sake.
You've cited policy which blocks prosecution of sitting Presidents -- but that didn't necessarily enjoin eventual justice from being served after his term(s) end. However the outcome of Trump v. United States, 603 U.S. 593 (2024) appears to not just block prosecution but grant immunity, meaning what would normally be a crime ceases to even be a crime.
That ruling appears to draw a nearly complete shield of immunity around Presidents for any crimes done as 'official acts,' and nearly everything can be claimed to be an 'official act' especially given how vaguely-scoped much Presidential power has become. I consider it pretty unlikely that we'll ever see a former President even be charged with a crime if Congress doesn't explicitly repudiate this ruling with an actual law.
> I consider it pretty unlikely that we'll ever see a former President even be charged with a crime...
You could have stopped the sentence here; most US presidents are responsible for acts that appear to be criminal but for the fact that it is political convention not to charge them. The most egregious case I recall was Anwar Al-Awlaki [0] - where he seems to have been killed on the president's orders without actually having done anything specific to justify it. Searching for "crime" on his Wikipedia page turns up nothing much. If a president isn't publicly investigated by the judicial system for having a US citizen killed it is hard to see when charges would be appropriate.
Did you actually read the article you linked, or just search for the word “crime?”
roenxi 2 hours ago [-]
Both. I was doing the search because I was thinking "well maybe there was a crime in there somewhere that I missed".
dullcrisp 43 minutes ago [-]
Okay. Well in that case, my (uninformed) take is that both holding the president personally criminally liable for actions of the US government that they authorized, and not holding the president accountable for campaign finance violations they undertook on the path to getting elected, are about equally ridiculous. But it seems that we’re doing the second one.
jollofricepeas 2 hours ago [-]
I agree.
The story of Anwar Al-Awlaki and his American US-born son who was killed in the attack authorized by the Obama administration must not be forgotten.
The issue of presidential powers and conduct must be a non-partisan issue. Trump merely walked through the cracks created under Obama.
Being well-intentioned (“protecting Americans against terrorism”) is not sufficient excuse for murdering an American minor due to the sins of his father no matter how much the Obama administration DOJ attempted to make it legally permissible to do so.
eftychis 5 hours ago [-]
Thank you. I tried to keep my comment short, but your expansion was necessary on second thought. For better or for worse, I expect this to be relitigated. (Unless all outgoing presidents start the tradition of pardoning themselves from now on.)
The reason is that what constitutes an official act is up in the air, and let us be honest, the incumbent president is not known for staying inside the Executive branch's lane.
But the sheer unwillingness of the DOJ to prosecute, creates a catch-22: you need indictments to change or clarify Trump v. United States, 603 U.S. 593, and right now there are two options:
Somehow revive the private right to criminal prosecution (and of the president at that)(See Linda R.S. v. Richard D., (1973) 410 U.S. 614 (citations omitted)) or a Federal Court to appoint counsel to investigate a former or incumbent president. (Young v. U.S. ex re. Vuitton et Fils, (1987) 481 U.S. 787.) And I am not sure which one is less likely to happen. (Or for Congress to take that role beyond impeachment, which is even less likely.)
btilly 3 hours ago [-]
The case where the precedent was set suggests that it is within the outer perimeter of what the President does to give a speech designed to whip up a crowd before they head them off to the Capitol to attempt a coup.
While Trump may go farther than that, it is hard to imagine any other President in our history who would have considered doing anything more deserving of criminal prosecution in a US court.
Given how polarized our country has become and the requirement for a 2/3 majority in the Senate, it is also difficult to see how we could ever again wind up in a situation where the threat of impeachment is a significant concern to a sitting President. Given the current state of the Republican party, I'm not even sure whether an attempted military coup by Trump would get that result.
xp84 36 seconds ago [-]
I agree completely. He doesn’t need to do a coup now that he has absolute power for four more years given the vacuum of leadership that is the legislative branch, but he absolutely would get away with it if he chooses to someday.
oh_my_goodness 3 hours ago [-]
Who's using a ledger system for illegal transactions?
BlackFly 1 days ago [-]
You'll need a stronger defense than that in court because courts absolutely create and deal in gray areas where technical fine lines exist.
What you need to argue is that the the smart contracts were valid contracts that the creators intended to and had opportunity to understand and that their creation was their act of negotiation of a position. It isn't really a stretch, but with amounts like this probably more diligence would have been due than that. Calling it theft is ridiculous on the other hand.
Brybry 3 hours ago [-]
In the indictment[1] he's not charged with theft.
He's charged with:
1) wire fraud (the smart contracts/swap exploit)
2) unauthorized damage to a protected computer (running the exploit on the ethereum network)
3) attempted hobbs act extortion (contacting kyberswap to attempt to gain control of kyberswap in exchange for return of some of the crypto)
4) money laundering conspiracy
5) money laundering (knowingly laundering the proceeds of the previous, including paying an undercover agent to help bypass a blacklist to do so)
I disagree simply on the principle that nobody has any choice in whether or not to participate. Calling it a social contract just sounds too… soft? for what it really is.
esperent 2 hours ago [-]
> nobody has any choice in whether or not to participate.
You've hit a key point of disagreement amongst philosophers about the idea of the social contract.
Some of them say it's not voluntary because we were all born into a existing society, others say, sure it is, you can just give up all your property and go live in the forest.
Others then reply that disabled people and children can't do that.
But also the idea of living in a forest is not really an option for most people in the modern world. So my personal take is that the social contract is inherently non-voluntary in the modern world.
> Calling it a social contract just sounds too… soft? for what it really is.
Why do you think a social contract implies softness? For most of it's existence the social contract allowed slavery, ritual killing in the form of warfare and duels, and it still allows the death penalty in much of the world.
dullcrisp 4 minutes ago [-]
I don’t think something being a contract is reliant on there being a compelling alternative though. But then it’s usually hard to tell what’s important to philosophers.
Nevermark 54 minutes ago [-]
> Why do you think a social contract implies softness? For most of it's existence the social contract allowed slavery, ritual killing in the form of warfare and duels, and it still allows the death penalty in much of the world.
I think they are saying that the words "social contract" sound more collaborative and voluntary (to them) than what the phrase actually refers to. Your examples would only reinforce that view.
It is a subjective stance on a coined phrase, but given most of our laws were settled by people not living now, and enforced on people not living when the laws were created, and there is no periodic process of ensuring laws reflect the living, the words "social" and "contract" are being stretched quite a bit.
(On the other hand, the meanings of most phrases drift from the nominal meanings of their constituent words.)
protocolture 46 minutes ago [-]
Social Handcuffs
__MatrixMan__ 5 hours ago [-]
The point of cryptocurrencies is to reward people who make hardware available for in-public multiparty computation. The point of that is to be able to create rulesets and expect that they'll be followed within the confines of the system.
It's bonkers to me that the only rulesets people care to implement on such a platform are just reflections of money as we know it. How unimaginative. I wish we'd make something new rather than translating something old--bugs and all--into a new language.
BobbyJo 4 hours ago [-]
Hardware availability is a use case of cryptocurrency, but not the point. The point is a decentralized accounting system that no single party can manipulate, for good or bad. You can apply that to hardware availability, digital game economies, supply chain accounting, etc. but the point of crypto is more abstract than any of that.
godelski 2 hours ago [-]
For those unfamiliar, see "The Cypherpunk Manifesto"
We are defending our privacy with cryptography, with anonymous mail forwarding systems, with digital signatures, and with electronic money.
Computer technology is on the verge of providing the ability for individuals and groups to communicate and interact with each other in a totally anonymous manner. Two persons may exchange messages, conduct business, and negotiate electronic contracts without ever knowing the True Name, or legal identity, of the other.
> the point of crypto is more abstract than any of that
It has to do with operating in spite of somebody who would otherwise tamper with your information. It's about durability in the face of sophisticated adversaries.
I was trying to get at the point of crytocurrency. The accounting system can handle anything at all, so why bother with the coins? We've had coins for thousands of years, they're the most boring app imaginable. Why bother maintaining artificial scarcities when we could be addressing real ones?
But at the end of the day, if nobody provides hardware for it to run on, then, we can't have that accounting system. And those people have to pay their electric bills, and for the hardware they're using, and for that they need something money-shaped. The point of cryptocurrency is to be that money-shaped thing. We need it to interface with the traditional finance system until we can replace that system with something better.
Calwestjobs 4 hours ago [-]
his point was correct
oh_my_goodness 4 hours ago [-]
Guessed translation: "The point of cryptocurrencies is to reward the people who do cryptocurrency infrastructure."
That's the point for them. It's not the point for anybody else.
Jasper_ 2 hours ago [-]
But how do you reward people within the system? You need some sort of token with value...
__MatrixMan__ 31 minutes ago [-]
You could give them something they need, do something that they need done, or help find somebody who will. Or you can promise to do so in the future.
Using "value" as a medium is problematic because we increasingly don't value the same things. It worked ok back when food took so much effort to grow that securing it represented a significant portion of our mindshare. Then money was reliably a proxy for our shared agreement that food was good.
But now that it's so much easier to make the necessities that we agree on, we spend more time perusing contradictory outcomes. Which is more valuable, if my endeavor succeeds and yours fails, or visa versa? Whose agenda am I furthering when I decide to value a dollar? Am I helped or harmed by doing so? It's hard to participate in because I can never tell if I'm hurting or helping.
Better would to let people be explicit about what they want so that we can the things that have consensus and work towards those. As it is we're letting the ownership of scarce abstractions determine what gets done, which is just bonkers. It was once the best we could do with only the laws of physics at hand to enforce the rules (re: the scarcity of gold), but now we can do better.
throwpoaster 4 hours ago [-]
Let's do it! What's the idea?
__MatrixMan__ 38 minutes ago [-]
A list of ways people can trust each other (e.g. to be a skilled plumber, or to be a fair mediator, to be a real human, to not let their key get compromised, and many other things). I call these colors.
Also there's a directed graph where the nodes are users. Edges on this graph indicate that this user trusts that user, the edges are colored to indicate which type of trust it is.
Given two users, they can compare graphs to decide if they both trust (transitively) any other users in some set of colors. Also, if cycles appear, then that cycle is a community of experts and they can follow the graph in reverse to find out which other users consider them experts.
It's sort of like how we have representatives in congress, except instead of being one layer deep with millions of people being represented by one, it can be as nested as needed to ensure that the experts are not overloaded (since many of us are somewhere in the middle, we distribute the load by playing both roles--depending on who we're dealing with). It also differs from typical representative democracy because you can express trust in somebody's diplomacy and simultaneously avoid trusting their understanding of economics (or whatever other colors you care to).
Ideally it would be a system in which the most trusted and capable people for any job are easy to find and easy to support, and in which we focus on becoming skilled and trustworthy rather than on the ownership of scarce things.
Human societies already work like this, they have for a million years or so, but it stops working well when the cognitive burden of walking all of these trust graphs becomes too much to bear, then things get authoritarian. We now have the technology to scale it better, but the implicit non-specialized authorities are still in charge.
A couple of applications for this that could work in the near term:
1. If you have a dispute, you can use the data find a mediator who is trusted by you and the other party. And not just trusted, but trusted in the relevant way. This is a step towards a better court system, better because the arbiter is explicitly trusted by the complainants and because the arbiter is an expert in the color of the complaint.
2. If you find a dubious claim, you can see who signed it and check for a trust path between you and that person. 1,000,000 fake amazon reviews mean nothing through that lens, since you don't trust them. But two or three reviews signed by people that you explicitly trust (perhaps transitively) would mean a great deal. This gives us a way to ignore scammers and malicious AI's and creates a space in which being trustworthy is an asset (contrast this to the world we've built which is more about commanding the most attention).
I'm not saying I have it right, but such things are worth trying in general, and "crypto" isa much better medium for them than bureaucracy (although I'm more excited about CRDT's than blockchains, because I think partition tolerance is more important than consistency).
Vegenoid 2 hours ago [-]
> If you end up using the legal system to remediate undesired transactions, what's the point of cryptocurrencies in the first place?
It turns out that once a financial system becomes big enough, the US will apply its finance laws to it. Finance laws are designed to prevent sudden unexpected transfers of wealth from one (wealthy) unwilling party to another based on unanticipated loopholes.
CursedSilicon 2 days ago [-]
The entire idea of crypto is "I wasn't supposed to be the one holding the bag!"
hx8 7 hours ago [-]
Funny, I thought the whole point was to hold on to the bag as long as you can. Think back to the first time you heard about btc or eth, and how much return a modest investment would have made. It's the people that sold early that lost out.
vkou 5 hours ago [-]
How is that theory going for the bagholders of the graveyard of dead coins and rugpulls?
hinkley 7 hours ago [-]
Musical chairs except you don’t want to get a chair.
what 7 hours ago [-]
That game is called Hot potato.
jstanley 1 days ago [-]
> If you believe in cryptocurrencies, you can't run to the courts when people use them as designed, even if they didn't use them as intended.
If you believe in cash, does that mean you can't run to the courts if someone steals your cash?
If your security proves insufficient to prevent a theft, that doesn't mean the theft was legal! It just means your security was insufficient.
That security can be enforced by mathematics instead of courts is definitely a benefit of cryptocurrency, but when it goes wrong courts still matter.
InsideOutSanta 1 days ago [-]
>If you believe in cash, does that mean you can't run to the courts if someone steals your cash?
No, because the point of cash isn't to circumvent government control of the financial system. If you build a whole system just to decentralize financial control and avoid government influence but then appeal to the government as soon as you don't like what happens, you're doing something wrong.
hinkley 7 hours ago [-]
Cash is a fiat currency issued by the government you are running to for restitution. I’m not sure GP understands what fiat currency means.
koolba 7 hours ago [-]
> If you believe in cash, does that mean you can't run to the courts if someone steals your cash?
If your security proves insufficient to prevent a theft, that doesn't mean the theft was legal! It just means your security was insufficient.
Stealing someone’s private key and then using it to steal their assets is very different from exploiting edge cases of get rich quick schemes.
Muromec 6 hours ago [-]
It's different in means, but not in intent. Sure, extortion, blackmail and robbery all differ from theft, but are illegal all the same
lelandbatey 5 hours ago [-]
It's quite different in intent. When you stash crypto within a defi contract that you authored, and that contract states that the crypto can move under certain conditions, and then folks come along and say "hey, I meet those conditions" and move the crypto, then no crime has been committed!
If you didn't want folks to be able to get the crypto under those conditions, then why did you make the contract grant them the crypto in those conditions? I can't take a stack of $100 bills and leave it on the sidewalk with a post-it note saying "only to be picked up by John" and then sue the person named John who comes by and picks up cash. I also can't get mad when Alice sees the stack and tells her friend John to come pick up the money with his name on it.
So it is with crypto. Why are you using crypto if you don't want to follow the rules? That sounds to me like you're trying to do unregistered securities trades...
tempestn 2 hours ago [-]
In the legal system, formation of a contract requires intent. If it can be demonstrated that there was no intent to form a provision of the contract, no "meeting of the minds", then I don't believe it is enforceable. (Though IANAL.)
lelandbatey 2 hours ago [-]
The point is that there's a pretty big publicly published document informing the world of their intent. It's called a contract, and they said "this will be the rules by which we abide."
It's a very hard battle to say "wow, I didn't intend to have my contract say that, despite writing that and publishing it." You'd have to have a lot of auxiliary material explicitly stating the opposite of what your contract actually said, or you'd have to convince others that what the contact actually says is so difficult to understand that there was no way to anticipate that the contract allows what it does. And even then, I don't know if that'd pass because "I didn't think of that at the time" is commonly not accepted as a way to get out of breach of contract.
crote 1 days ago [-]
The problem here is that those crypto contracts aren't designed to be security. They are intended to be contracts.
It's like opening a bank account, and the contract says "You can only access your own money in the vault. Everything you can access is yours to use as you see fit." On your first visit the manager brings you into a vault with hundreds of cash-laden tables. He shows you to an empty table, and says "Here's your table. Enjoy!".
Are you allowed to take money from the other tables? Clearly the contract says you can, but surely that can't be what they intended? Is it theft to "break their security" by walking over to another table, or is it just a hidden perk of the contract you signed?
notahacker 6 hours ago [-]
Moreover they're designed to be contracts with the explicit intention of enabling trustless exchange without third party oversight, under the belief that the code can replace a legal system
unlike actual contracts, which are written with the expectation that disputes may occur and be resolved by arbitrators and a legal system (who will probably rule that a poorly drafted clause 2b doesn't in fact grant you the right to take all the other customers' money)
dandanua 1 days ago [-]
@crote
> Are you allowed to take money from the other tables? Clearly the contract says you can, but surely that can't be what they intended?
If their entire business model is based on giving a service that allows you to store your money in safety without any government dependency, while in reality they allow everyone else to take your money, then they deserve whatever happens to them.
yifanl 7 hours ago [-]
The fact that they deserve to be bankrupt doesn't mean the person responsible for their state of bankruptcy is innocent.
analog31 7 hours ago [-]
Money is a technology. Its purpose is whatever use you want to put it to.
Like any technology, a money system can be designed so that it works well enough for a small set of intended purposes, and poorly for all other purposes. Moreover, its uses can be constrained by laws.
I think an open question is whether existing laws related to money or property apply to cryptocurrencies. For instance, "theft" and "fraud" cover a lot of things, without specifically listing all of them.
If it's ambiguous whether such laws apply to crypto, then sure, someone could use the legal system to settle the matter. In fact, using the legal system to remediate undesired transactions could be as good a use of crypto as any, if "anything goes."
vonneumannstan 2 days ago [-]
>you can't run to the courts when people use them as designed, even if they didn't use them as intended.
I doubt that will hold up in court. The exact thing could be said about computer networks and hackers exploiting them.
Braxton1980 7 hours ago [-]
>cryptocurrencies in the first place?
To get 30mg oxy
pchangr 1 days ago [-]
The point of bitcoin, in words of their creator is to “allow online payments to be sent directly from one party to another without going through a
financial institution.” That’s it.
5 hours ago [-]
nkrisc 3 hours ago [-]
> If you end up using the legal system to remediate undesired transactions, what's the point of cryptocurrencies in the first place?
In this case, to make money. These are not ideological purists, they're capitalists.
don_neufeld 2 days ago [-]
> what's the point of cryptocurrencies in the first place?
I think you’re answering your own question here
-__---____-ZXyw 5 hours ago [-]
This!? Which? What..? Why!?
gamblor956 4 hours ago [-]
"Code as law" was attempted as a defense in another token-related "hacking" case.
It didn't work there, and it won't work here either.
If you end up using the legal system to remediate undesired transactions, what's the point of cryptocurrencies in the first place?
That is a philosophical argument completely unrelated to whether or not something is illegal. Cryptocurrencies aren't a replacement for the law, nor do they stand outside of it.
2muchcoffeeman 3 hours ago [-]
I feel like the current state of affairs is a consequence of mixing real money systems with crypto and then making it easy to invest in.
Because it sure looks like they intended for “code is law” to be the case. Many of the oft cited use cases were to circumvent traditional systems.
timcobb 2 days ago [-]
> what's the point of cryptocurrencies in the first place?
Not to be that guy but it seems like the point of cryptocurrencies is to scam vulnerable people...
CPLX 4 hours ago [-]
I mean you can believe in cryptocurrency. But why do courts have to believe in it?
FireBeyond 6 hours ago [-]
Yup. Exactly. "The code is law". Well, sometimes you learn you're not as good at code as you thought you were.
tempfile 1 days ago [-]
> If you believe in cryptocurrencies, you can't run to the courts when people use them as designed, even if they didn't use them as intended.
Yes, indeed. And when people leave their home unlocked the thieves should get to keep their stuff. What kind of savagery is this?
> If you end up using the legal system to remediate undesired transactions, what's the point of cryptocurrencies in the first place?
Great question, we have been waiting for answers for nearly a decade now...
InsideOutSanta 1 days ago [-]
>And when people leave their home unlocked the thieves should get to keep their stuff.
That's not what happened here. What happened is that the crypto company said, "Follow this contract," and their customer followed the contract and took their money, and then the crypto company was like, "But not like that!"
Ostensibly, the whole point of cryptocurrencies is to decentralize financial control and not depend on governments for that service. If you then depend on governments the second you don't like what happens, there's no point to cryptocurrencies.
danielmarkbruce 7 hours ago [-]
It's like building a home on a land which has no system of law because you like anarchy, and then complaining when a fellow anarchist steals your stuff.
tempfile 1 days ago [-]
If you can't distinguish "not what I intended" from "not what I wanted" then there is probably no reasoning with you. Luckily for the rest of us, making this distinction is a pre-requisite for becoming a judge or lawyer.
InsideOutSanta 1 days ago [-]
>Luckily for the rest of us, making this distinction is a pre-requisite for becoming a judge or lawyer.
I have to admit, that's pretty funny. But I will point out that you did not make an argument in support of your position; you merely insulted me.
tempfile 1 days ago [-]
I really didn't intend that as an insult! I just find it very easy to distinguish between a case where someone followed reasonable rules and got an outcome they didn't like, versus a case where someone found absurd rules - clearly not intended by anyone - and exploited them for an undeserved gain.
If you see a case where someone exploits a badly-coded computer program to take a hundred million dollars from someone, refuses to return any of it (even when offered several million dollars for their trouble), refuses to co-operate with the judges and the rest of civilised society, and just see "waa waa baby doesn't like his medicine" then I don't see how to actually reason with you. That's just a value difference, not really an insult.
InsideOutSanta 20 hours ago [-]
>I just find it very easy to distinguish between a case where someone followed reasonable rules and got an outcome they didn't like, versus a case where someone found absurd rules - clearly not intended by anyone - and exploited them for an undeserved gain
I think you overestimate how easy it is to distinguish between these two. A reasonable common example is people like Bernard Marantelli exploiting lotteries. The lottery does not intend for people to play as Marantelli does. You can (and people do) argue that he's stealing money, but should he go to jail for playing the lottery in a way "not intended by anyone"? I don't think so.
It's the same with card counters at a casino. The casino can throw card counters out because they can decide who plays at their establishment, but it would be unreasonable to jail card counters for playing blackjack in a way casinos don't intend.
>If you see a case where someone exploits a badly-coded computer program to take a hundred million dollars from someone
This phrasing removes relevant context to the point where it no longer represents what actually happened.
>refuses to return any of it (...)
I did not comment on any of this at all.
>I don't see how to actually reason with you
This is dismissive and denies my ability to be convinced by reasonable arguments. It is insulting, even if it's not intended that way.
tempfile 17 hours ago [-]
I think both those cases are easy to decide, and are legitimate play. Even if they were not legitimate, I think the remedy is simple -- not jail, but at worst return the money that was taken. In this case, even if deciding the merit of the case is hard, there was a transparently reasonable remedy (return 90% of the funds, continue with your life) which Medjedovic rejected. More than just rejecting the offer, he then went on to launder the tokens through a mixer, fled the country, and has refused to put the funds in escrow while the case is decided in court. None of this is reasonable, in my opinion, and I am 100% ok with the legal system forcing him to comply.
> This phrasing removes relevant context to the point where it no longer represents what actually happened.
I don't think it does, but you don't explain why, so there is not much to argue. It is hard to get an objective description of what happened, but as far as I can tell, the liquidity pools operated by Indexed Finance are governed by a smart contract, the smart contract contained a mistake, and by exploiting that mistake, Medjedovic was able to drain them completely.
Can you explain to me in simple english how that is using the contract as intended? Note that "it's what the smart contract said" is not sufficient, for the same reason that "the web server allowed me to make that request" is not a defence against a charge of computer hacking. What the smart contract says is actually almost irrelevant. What is relevant is what it was intended to do.
Incidentally, why should I be rooting for this guy? It seems like literally the only argument in favour of what he did here is "everything that is possible is fair". His extraction of money is purely parasitic, and aside from merely identifying the bug, he hasn't done any useful work at all. I would grant that this applies to the lottery and card counting examples too. But why should I care that he's having his money taken away?
InsideOutSanta 16 hours ago [-]
>I think both those cases are easy to decide
Many people disagree with you and describe what these people do as theft, so it's not as easy as you think.
>which Medjedovic rejected
I made no points at all about what he did afterward. This is all irrelevant to my point.
>I don't think it does, but you don't explain why
I did explain why further up in the thread. It's not just a badly coded computer program; it's a badly coded computer program that acts as a contract intended to circumvent government control of money. That's the context.
People agree to adhere to the smart contract instead of putting their money into a financial institution that uses contracts backed by laws enforced by governments. This guy adhered to the smart contract, and when the crypto company didn't like the outcome, they decided that none of the crypto stuff mattered and that the laws enforced by governments mattered after all.
But this makes cryptocurrencies entirely pointless. If you can use legal means to circumvent undesired smart contract outcomes, then you can just do that in the first place and not have the smart contract.
>Can you explain to me in simple english how that is using the contract as intended?
Yes, of course. Smart contracts are self-executing contracts. The agreement you make is written in the code of the contract. That is the intention behind a smart contract. It makes no sense to say that you did not adhere to the contract if it allowed you to do something. So by definition, anything you do that the contract enables you to do is using the contract as intended.
>Note that "it's what the smart contract said" is not sufficient, for the same reason that "the web server allowed me to make that request" is not a defence against a charge of computer hacking
Again, this argument ignores the context of smart contracts. Web servers don't claim that their code is a contract.
>why should I be rooting for this guy
It doesn't matter. I'm not rooting for this guy. I'm not arguing emotionally in favor of some guy who did something. In fact, I think he's a shithead.
tempfile 16 hours ago [-]
> It makes no sense to say that you did not adhere to the contract if it allowed you to do something.
I think this is the point where I really disagree with you. I don't see how this is different for smart contracts, as opposed to, say legal contracts written in english. It is not true in general that just because a contract says something, that those exact terms are enforced. There is a whole body of law around what terms are enforceable, what to do in cases of mistakes, and so on.
I am now really unclear on what your position is. I thought originally that you were in favour of smart contracts, and that it was somehow unfair or unethical for e.g. a court to rule whether a smart contract was intended to do something different than what it did. So I am trying to understand why you think it is unethical. In this case I think it is unethical to obey the smart contract, and that what this kid did is unethical and should be illegal. Are you saying what he did is wrong, but he should be allowed to do it anyway? If so, why?
InsideOutSanta 13 hours ago [-]
>I don't see how this is different for smart contracts, as opposed to, say legal contracts written in english
It's different because the whole purpose of smart contracts is to circumvent governmental power structures. Otherwise, people would use regular contracts.
Technologically, it's much easier to set up a payment system using a centralized database in a specific jurisdiction and have people sign normal contracts to use the system. People create cryptocurrency systems to avoid that. They put much effort into creating payment systems independent of existing power structures. If this system does not work without backup from the legal system and governmental power, then all that effort is pointless.
>I thought originally that you were in favour of smart contracts
I think they're interesting.
>Are you saying what he did is wrong, but he should be allowed to do it anyway?
Yes.
>If so, why?
Using existing governmental power structures to punish people who adhere to smart contracts in ways some system members don't like invalidates the whole system. If cryptosystems don't work purely technologically without judicial support, they don't work, period.
tempfile 9 hours ago [-]
I think you're letting the perfect be the enemy of the good. It seems like an obvious advantage to have systems that decide the outcome automatically and correctly 99% of the time, despite requiring occasional corrections from outside. That's not the same as a regular contract, so it doesn't follow people would always either choose smart contracts or traditional ones.
What you're hoping for is, taken literally, impossible. Smart contracts can't protect people from fraud, or coercion. Since the law does protect them from these things, smart contracts cannot be totally isolated from the legal system (even if everyone wanted this, which they don't).
> Using existing governmental power structures to punish people who adhere to smart contracts in ways some system members don't like
Fine, but what about in ways that the rest of society don't like?
InsideOutSanta 8 hours ago [-]
>It seems like an obvious advantage to have systems that decide the outcome automatically and correctly 99% of the time
That's what traditional systems already do.
>Fine, but what about in ways that the rest of society don't like?
They don't participate in crypto.
protocolture 43 minutes ago [-]
The problem is that Smart Contracts aren't sold as "Computer Program" they are sold as binding agreements forged in code. The code was agreed to by all parties.
I absolutely get your position, and possibly hypocritically supported the main branch when ethereum had a big fork over exactly this issue. But its also not hard to see where the "code is law" guys are coming from.
6 hours ago [-]
FireBeyond 6 hours ago [-]
> Luckily for the rest of us, making this distinction is a pre-requisite for becoming a judge or lawyer.
Actually, in many parts of the US, you do not have to have any law education to become a judge in district courts.
DangitBobby 1 days ago [-]
The entire point of a home is not to escape traditional finance. It's by design not compatible with a simple "thief breaks into house" comparison, otherwise the entire enterprise is a scam and they should be criminally prosecuted for fraud the second they ask for legal dispute resolution on transactions that happened on ledger.
xattt 2 days ago [-]
A wanting of having cake, but a desire to eat it too.
hinkley 7 hours ago [-]
Take the cake immediately to your left. Problem solved.
Aurornis 1 days ago [-]
> He did not steal anything. He beat the fund (Indexed Finance) at their own game.
As popular as this idea is online, it doesn’t work that way in the courts.
Intent matters in issues of the law. The “finders keepers” rules don’t apply in legal matters in the real world.
If someone logs into their bank and notices that changing the account number in the URL lets them withdraw from other people’s accounts, no court is going to shrug it off and say that it’s the bank’s fault for not being more secure. Likewise, finding a vulnerability in a smart contract doesn’t automatically give someone the right to any funds they collect from exploiting it.
We all know the “code is law” arguments about smart contracts are just marketing bluster. The lawyers do, too.
Hizonner 1 days ago [-]
The intent of the whole underlying system is that the intent of all the parties be described by code of the smart contracts. Which are intended to be composable, intended to be used in unanticipated ways, and intended to operate independent of any human oversight. The system is also intended to avoid all ambiguity by enforcing the contracts exactly as described by the code... and to provide certainty of transactions and prevent them from being undone after the fact.
Everybody involved knows all of that, and claims it as a positive feature of the system. At least until they find out that it's actually hard to write bug-free code.
There may indeed not be a legal "meeting of minds" (although there very well also may)... but from an ethical point of view, everybody involved knowingly signed up for exactly that kind of risk. And honestly it would be good public policy if the law held them to it. Otherwise you get people trying to opt out of the regular legal system up until it's inconvenient.
There'd be more of a case if he'd exploited the underlying EVM implementation. But he didn't. He just relied on the "letter" of a contract, in an environment that everybody had sought out because of unambiguous to-the-letter enforcement.
paulcole 2 hours ago [-]
> intended to be used in unanticipated ways
Am I an idiot or is it unclear why this is the intention?
DavidPiper 2 hours ago [-]
I assume OP means it in the sense that the system intends novel uses that the designers didn't necessarily consider. Same with programming languages (or language in general), for example.
ipsento606 5 hours ago [-]
> If someone logs into their bank and notices that changing the account number in the URL lets them withdraw from other people’s accounts, no court is going to shrug it off and say that it’s the bank’s fault for not being more secure
When you open a bank account, there is an actual contract and regulatory framework that governs how you use the account. A URL parameter is an implementation detail that no more alters the contract than a broken lock on a vault would alter the contract.
But when you interact with a smart contract, the smart contract is the contract. What you are allowed to do is defined by what the smart contract lets you do. You don't need to open an account, agree to T&Cs or sign any other sort of contract to interact with the smart contract.
If the smart contract is not the contract, how would you propose we can determine what the real contract is?
mjr00 1 days ago [-]
The big difference is that those are centralized systems owned by corporations, and accessing them in a way which you're not supposed to, such as by changing a bank account number or exploiting a zero day, is a crime.
With DeFi it's different; the code is public and decentralized. There was no unauthorized access to anything here. From my reading of what was done, it was essentially taking advantage of the poor trading strategy of Indexed Finance.
I'm not going to pretend to be a lawyer, but I don't see a lot of parallels between this and e.g. using SQL injection to obtain unauthorized access to a system.
ajb 5 hours ago [-]
I'm not a lawyer either, but I suspect the technical structure is not determinative. Contract law has certain features. These technical constructs purport to enable contracts to be written and executed such that subsequently the courts cannot but find that what the code did is final and there is no possible legal reconsideration. Clearly, this is the prior expectation of the parties, but whether it is the case under all circumstances is a function of contract law (and other applicable law) not the technical constructs. The code is not what will finally be determinative.
To give an analogy, it's like writing code in a high level language and saying that it will prevent side channels such as spectre. But such side channels are a function of the hardware, not the high level language. The hardware in defi is ultimately the law, not the servers.
stouset 7 hours ago [-]
The entire point of cryptocurrency contracts is supposedly that “code is law”. Running to the courts as soon as someone does something you didn’t intend only highlights that people don’t actually believe this.
ceejayoz 7 hours ago [-]
We've known this since Ethereum forked in the DAO debacle.
stouset 7 hours ago [-]
We have, it’s just yet another counterexample that tanks the arguments of True Believers.
darepublic 5 hours ago [-]
The code is law thing is a grey area. But I am open to the idea that this young man did not break any rules, just found flaws in the system. In the same way that card counting should not be against the law just because it resulted in the house being disadvantaged. These things should be addressed with patches to the rules, not legal action.
Calwestjobs 4 hours ago [-]
be careful with card counting, most casinos do "business" in such way that there is NO advantage for player. no matter what player does.
so all american youtube sagas about doing card counting in PRESENT time are fraud to dupe people into thinking that it is possible to card count. NOW TODAY.
StanislavPetrov 4 hours ago [-]
Card counting is still possible (albeit a bit harder) in the present day - the mathematics are the same. Most casinos use more decks and don't deal as deeply into the shoe, but it is still entirely possible to gain a statistical edge over the house, which is why casinos will still ban you from playing blackjack if you are playing with an advantage(counting, varying your best sizes greatly based on the count, sitting out and watching until the deck gets deeper, ect). They will never ban you from games like Roulette, where you there truly is no way to gain an advantage over the house regardless of what strategy you use.
reaperman 2 hours ago [-]
> Roulette, no way to gain an advantage over the house regardless of what strategy you use.
> After the second day, Jagger kept a clear head and decided that enough was enough, and left Monte Carlo to head home to Yorkshire with his winnings.
> When he got home, he retired from the Mill and invested some of his winnings into property.
Cthulhu_ 2 days ago [-]
The company and its customers knew what they were getting into; to get protections from the law and guarantees, financial institutions need to get licensed and comply with all the rules, regulations and law. Of course, this includes providing transaction data to the relevant parties to help them detect tax evasion and money laundering.
Aurornis 1 days ago [-]
> to get protections from the law and guarantees, financial institutions need to get licensed and comply with all the rules, regulations and law.
That’s not how the law works.
If someone breaks the law or doesn’t comply with regulations, that’s a separate issue. It doesn’t entitle a third party to steal their funds.
If you were to rob a drug dealer, you couldn’t argue that they weren’t complying with the law and therefore you were free to take it. You would both have broken laws.
archontes 1 days ago [-]
Define theft.
If you write a contract and give it to a lawyer with the instruction, "Anyone who satisfies this contract gets this money." And someone satisfies the contract to the lawyer's -but not your- satisfaction, and the lawyer sends the money, did the third party steal from you?
danielvf 1 days ago [-]
There's a very relevant XKCD on this, where someone discovers a clever "bug" in an insurance contract, and is then disappointed.
Is that how it works legally? If you hack into computers using a zero day, did you also just access the computer according to the way it was programmed? Just because you can do it technically doesn’t mean it’s not fraud/something else.
cherryteastain 1 days ago [-]
If that's not how it works, where's the line for what is fraud and what is not? Once you move away from the "code is law" principle, companies have the perverse incentive to define fraud as "any transaction that results in negative PnL for me", which is exactly what happened here.
dan-robertson 1 days ago [-]
Isn’t, in the US system, the definition of fraud built up through a combination of legislation and case law from previous ‘grey area’ cases? I think most laws tend to have some balance between what is easy to define/understand and what is desirable to allow/disallow.
echoangle 1 days ago [-]
„Code is law“ isn’t a thing. Go tell a judge that your hacking is legal because the code allowed it. That’s not something that’s allowed by law.
cherryteastain 1 days ago [-]
I am well aware that "code is law" has no weight in actual law. The point I tried to raise was, given the following sequence of events:
1. You deploy a smart contract to the ethereum blockchain
2. I interact with your smart contract in some manner
how do we define whether the manner of interaction in step 2 is fradulent or not?
"Code is law" is one interpretation by crypto enthusiasts to define under what conditions interacting with the blockchain is fraud; in their definition, it's never fradulent.
Let's assume "code is law" is nonsense, as many comments here say. Then, under what conditions do we define interacting with the blockchain as fradulent? What is fraud and what is not fraud?
Edit: In the blockchain we can even formalize this. The ethereum blockchain at block K has a certain state S_K. I submit a certain transaction/set of instructions T to the blockchain which is mined as block K+1. How do we define a function isIllegal(S_K, T)? (Assuming block K+1 contains EVM instructions from my transaction T only)
echoangle 1 days ago [-]
You’re never going to find a binary function that tells you if something is legal or not, in the end it’s up to a human judge to decide. But imagine setting up a search engine and I enter “ Robert'); DROP TABLE INDEX; --” as a search term. Would you say that’s a crime? That’s a perfectly fine thing to search for, right?
Hizonner 1 days ago [-]
> You’re never going to find a binary function that tells you if something is legal or not, in the end it’s up to a human judge to decide.
... but the whole point of cryptocurrency, or at least of smart contracts and "DeFi", is to reject that and try to build a parallel system. That's presumably based on a belief that you can write code that behaves the way you intend, regardless of whether you really can do that or not.
So perhaps the judge should decide "Well, you signed up for that when you tried to opt out of having human judgement govern your deals. Have a nice day.".
And in fact perhaps there should be formal statutory law that makes it clear that's what the judge is supposed to decide in any case that isn't itself "borderline" somehow. Which the case at hand shouldn't be.
IanCal 6 hours ago [-]
> ... but the whole point of cryptocurrency, or at least of smart contracts and "DeFi", is to reject that and try to build a parallel system.
No, it isn't. It might be some peoples desire around it, but by no means all (or even most).
Hizonner 6 hours ago [-]
It doesn't add any other value whatsoever, so I'm having trouble with that assertion.
Xelynega 3 hours ago [-]
That's neat, but the bitcoin whitepaper opens with:
> Abstract. A purely peer-to-peer version of electronic cash would allow online
payments to be sent directly from one party to another without going through a
financial institution. Digital signatures provide part of the solution, but the main benefits are lost if a trusted third party is still required to prevent double-spending.
Why do you think you can dismiss the obvious claim that cryptocurrencies are a form of decentralized finance with a "no, it isn't"?
echoangle 1 days ago [-]
If I put up a sign „trespassers will be enslaved“ on my property and then force people who trespass to work for me, would that be fine because they knew what they were getting into? You can’t just create your own justice system which contradicts the real one by making contracts.
Hizonner 1 days ago [-]
You can give away your money by making contracts.
cherryteastain 1 days ago [-]
Yes, perfectly fine, and the fact that you can paste that string into this website without being put in prison is testament to that!
mschuster91 7 hours ago [-]
> Let's assume "code is law" is nonsense, as many comments here say. Then, under what conditions do we define interacting with the blockchain as fradulent? What is fraud and what is not fraud?
The thing is, laws can have issues and bugs as well, just like code! And we have courts to judge not just when someone outright breaks a law but also when someone is skirting on the edges of the law.
Take Germany's "cum ex" scandal for example. Billions of euros were effectively defrauded from the state and on paper the scheme appeared legally sound, but in the end it was all shot down many years later because the actions of the "cum ex" thieves obviously violated the spirit of the law.
The only difference is that blockchains are distributed worldwide and there is no single entity that can be held accountable and forced to execute or reverse any given transaction.
danielvf 1 days ago [-]
The physical universe advances from state to state, but we define still can call certain behaviors illegal.
Alright, please go ahead and define under what legal pretext this guy's behavior might be illegal.
There are other cases where interacting the blockchain is illegal in a very clear manner. Example: if I know an Iranian or North Korean entity has the keys to an Ethereum wallet, and if I send USDT to that wallet as a Western citizen, that is very illegal due to sanctions.
danielvf 1 days ago [-]
There is a US indictment which lays out the basics of the which laws Medjedovic is accused of breaking.
The context is completely different though. Building a normal computer app is not an attempt to do anything without government or legal structures so it makes sense that normal computer apps would be protected by government or legal structures.
It doesn't really make sense for people to build smart contracts that are intended to be an extra-judical agreement where the code enforces the rules and then run to government whenever something they don't like happens. What is the purpose of smart contracts at all if you still need the entire legal apparatus around them?
What does agreeing to a contract that inherently implies trying to work around the need for government in contracts means? What does it say about intent?
If for example, the firm that lost money had been saying "Code is Law" in their previous pro-crypto statements and had explicitly talked about smart contracts being extra-judical it seeems there intent would be to avoid legal intervention entirely and it would require a fairly high bar to argue that any bug could result in a lawsuit.
cellis 6 hours ago [-]
It may not pass muster with a judge in some backwater, but with one in the Northern District of California or a jury of their HN peers, it might. Laws are what we make them.
archontes 1 days ago [-]
Imagine I write a contract and empower an AI to execute it. I put $10,000 in a bank account and write, "I'd like a nice car."
I do this of my own free will, at my own hazard. I know I'm playing this game. I have intentionally elected to use a system that will execute without any further intervention or oversight on my part. Verbally, I state that I am confident enough in the writing of my instruction that I feel secure in whatever outcome it may bring.
The system automatically executes and someone has sold me a very nice remote control car.
I sue that person.
Why should I have standing?
olddustytrail 6 hours ago [-]
Like buying from eBay?
freejazz 1 days ago [-]
What does one have to do with the other? Fraud is "intentional deception to gain an unfair or illegal advantage, often resulting in financial or legal harm" what does that have to do with code? What could code even do about fraud?
cherryteastain 1 days ago [-]
If fraud is "intentional deception", who did this guy deceive? Everything was out in the open.
freejazz 1 days ago [-]
What does that have to do with my question?
sksxihve 6 hours ago [-]
Code is law went out the door with the ethereum hardfork after the dao hack.
Calwestjobs 4 hours ago [-]
(realizing that im so old. if this is what i totally forgot, what else of this magnitude of signifince i do not remember anymore. that i was part of/ was involved/ it affected me.)
stefan_ 5 hours ago [-]
Funny, because it would never have happened if it was court ordered.
programjames 4 hours ago [-]
Next we're going to learn that winning Poker Bots with an "all in" strategy is defrauding the competition.
cvoss 2 hours ago [-]
This is a tiresome argument. Stealing is a moral concept first, and a legal concept second. You can steal without breaking any laws, the same way you can be a bad person without breaking any laws.
crispyambulance 1 days ago [-]
He should have taken the significant and generous 10% bounty the first time around. He now has to face law suits by well-funded finance firms.
DangitBobby 1 days ago [-]
It seems like he simply faces a very wealthy existence in countries that don't give a shit about US laws.
knodi123 4 hours ago [-]
Assuming he can get his hands on the tokens and then convert them to local currency. Not impossible, but it's worth noting that he still hasn't managed.
moralestapia 11 hours ago [-]
Indexed Finance's mistake was not being Vitalik Buterin and then putting on a sad face and ask for the shitcoin to fork to a version where they didn't screw up.
Yizahi 1 days ago [-]
Code is lol. Oh, sorry, meant to say Code is Law. :)
gamblor956 4 hours ago [-]
In the real world, code is not law. Computers are not a magical gateway to another reality where existing laws and rules no longer apply.
What matters is if Medjedovic engaged in activities that would be illegal in the process of acquiring the funds from Indexed Finance. A theft is theft whether it is physical or digital; victims aren't required to have perfect security and criminals are not allowed to exploit weaknesses to just take something that belongs to someone else.
Medjedovic is accused of exploiting "glitches." From a legal perspective, that would be no different from a thief exploiting a "low" wall or an unsecured window. Glitches aren't invitations any more than an open window. In other words...not a defense. (And in the U.S., specifically see the Avraham Eisenberg case, which is basically the same fact pattern. Eisenberg lost. His sentencing was postponed to last week but appears to have been postponed again.)
Then he skipped town after he was ordered by a court to put his tokens into escrow. If he truly believed that "code is law" and that the tokens were rightfully his, he wouldn't have skipped town. At that point...his own actions demonstrated that he didn't believe that what he did to acquire the tokens were legit. (The Fugitive notwithstanding, innocent people don't run.)
Then he "exploited glitches" for another DeFi. See above.
Then he attempted to launder the tokens...with some guy he found on the internet. Someone who legitimately believed that they legally owned the tokens would have hired lawyers, not money launderers, to gain access to their property. (Aside: any money launderer willing to launder money for a stranger is almost certainly undercover law enforcement...)
Then he moved to a country without an extradition treaty, and in the past few months has been spouting racist far-right nonsense in the hopes of getting pardoned.
Is he guilty? His own actions say that even he thinks he is.
InDubioProRubio 2 days ago [-]
But wont somebody think of the Incompetence Finance Inc. - we cant have fraudsters defrauded, with legal means. The upper caste taketh the lower giveth that is tardition since the dawn of time.
"U.S. Attorney Damian Williams said: “Today, Shakeeb Ahmed was sentenced to prison in the first ever conviction for the hack of a smart contract and ordered to forfeit all of the stolen crypto. No matter how novel or sophisticated the hack, this Office and our law enforcement partners are committed to following the money and bringing hackers to justice. And as today’s sentence shows, time in prison — and forfeiture of all the stolen crypto — is the inevitable consequence of such destructive hacks.”
The undisputable matter of fact is this: there have already been several cases of people who thought they could invoke the "(smart contract) code is law" argument to outsmart judges and the legal system.
But that's fantasy. In practice these people, when caught, go to prison.
> Indexed Finance is an unlicensed investment firm. The promoters knew the risk ( decentralized finance) and now they want to blame someone who outsmarted them at their own game.
And DeFi exchanges are "unlicensed brokers". And yet I posted a case where the hacker who "outsmarted" them is now in prison: how smart one has to be to end up in prison right?
Post me a case where an "unlicensed investement firm" sued a thief who "outsmarted them" and where the judge decided to let the thief walk free.
For I posted a case from justice.gov to prove my point.
danielvf 1 days ago [-]
The camera shows night in the Wild West.
A masked man creeps through the shadows of a sleeping town.
He looks both ways, then uses a knife to unlatch a door from the outside. He slips into near pitch blackness. He moves confidently in the darkness - he's worked for this bank before, checking on their security from theft.
Out comes his lock picking tools - the bank president's office door opens with a quick rake. Cheap lock.
Inside, with no windows to betray him, he lights a candle. There in the corner stands the safe. He knows it inside and out, and has been practicing. Five minutes later, the lock is picked, and he loads up the gold, cash, and bonds inside.
He puts the candle out, slips back outside, and returns to his room at the lodging house, climbing in through the window.
The next morning, with the discovery of missing gold, the town looks like someone kicked over a fire ants nest. It only takes 30 minutes before people start wondering about "bank security expert" who had just been in the bank every day.
A crowd heads over the boarding house, growing in size as it goes.
"Did you steal our money?", they ask?
"ABSOLUTELY NOT," he replies, "I merely used my immense mental powers to out hink several flawed physical security measures, breaking no laws of physics, in such a way that the gold, cash, and bonds previously belong to you are now in my possession, and now belong to me. No theft has taken place, only the movement of certain levers, of which anyone who knew how could move, and the movement of afterwords of certain goods."
"So you stole our money!!", the town shouted.
"No, no, I just interacted with the universe according to its very own publicly available rules. No theft has occurred!"
An old cowhand, covering him with double barrel, spoke up, "Walll, guess he's right. We deserved to lose all that money. He did nothing wrong at all."
Everyone left, impressed with his genius.
DangitBobby 1 days ago [-]
Yes, running transactions for asymmetric benefit allowed by code on a platform underpinned by a technology whose proponents espouse "code is law" is at all comparable to a man picking a lock on a bank safe. Very astute.
danielvf 1 days ago [-]
In this case the only person espousing the idea of "code is law" is the hacker. Neither the blockchain's builders, nor the hacked protocol, nor the users are saying that.
"code is law" is a meme that primarily lives on hacker news. Only a tiny fraction of crypto people believe it or say it.
> In April 2016, in Switzerland, the Slock.it team was introducing their ambitious plan: The DAO, a decentralized investment fund governed entirely by code. "Imagine a fund with no board, no CEO," founder Christoph Jentzsch explained, "all decisions are made by token holders through smart contract-based voting. This is the ultimate realization of 'Code is Law'."
Is the "Slock.it team" not a tiny fraction of crypto people?
I find it difficult to believe they're a large majority.
ceejayoz 6 hours ago [-]
The DAO was not some small, fringe project in the crypto world.
Per Wiki:
> As of May 2016, The DAO had attracted nearly 14% of all Ether tokens issued to date.
Vitalik Buterin is, uh, pretty notable, too.
meepmorp 1 days ago [-]
> The camera shows night in the Wild West.
> A masked man creeps through the shadows of a sleeping town.
> He looks both ways, then
... walks into a casino, realizes there's a flaw in how they shuffle and deal cards, and then makes a shit ton of money exploiting this weakness.
After losing a shit ton of money because they didn't plan for someone to play the game in an unexpected way, the owners of the casino demanded the money back.
"Did you steal our money?", they ask?
"ABSOLUTELY NOT," he replies, "I didn't get any non-public information, I didn't manipulate the deck, and you have yet to point to a single hand that was not played entirely within the stated rules of the game. You're just mad because I noticed that you fucked up and bet accordingly."
olddustytrail 6 hours ago [-]
They all beat the shit out of the asshole and took their money back.
"There's always another moron tries that one", they laughed as they walked away.
nikhizzle 2 days ago [-]
So which one is it? Code is contract and he should get to keep the money. Or crypto is governed by laws outside of crypto and so he violated the “spirit” of the code and hence is a criminal?
It seems like right now the crypto industry makes the decision to their convenience on a daily basis.
intrasight 2 days ago [-]
Purity goes out the window when there's real money involved. And means that in cryptocurrency, you only own what the government grants that you own.
It'll be interesting how this gets resolved by Canadian courts.
And this is rich: “A bad actor not brought to justice and held to account for one act of fraud will surely commit another”
1 days ago [-]
hiAndrewQuinn 1 hours ago [-]
There is a third way: Private adjudication. I see no reason why the crypto community couldn't run its own private court system, similar to what e.g. Randy Barnett describes in chapter 5 of Anarchy and the Law.
(Obligatory, I don't work in crypto or have any special connection to it, I just think people forget this third option even exists when it's really the most common way most private industries actually resolve disputes most of the time.)
notnullorvoid 25 minutes ago [-]
It already does run its own private court system, it's the consensus process that is used to upgrade the protocol. If there was enough consensus there could be a fork that returned the funds, but that will never happen.
criddell 2 days ago [-]
Code is contract and disputes are handled by the courts. There's no such thing as a purely extrajudicial contract, is there?
1 days ago [-]
programjames 3 hours ago [-]
It seems absolutely bonkers to me that someone would write a smart contract that lets them bleed $50m without automatically stopping after they lose the first $1/10/100k.
hinkley 7 hours ago [-]
In the real world locks are meant to keep honest people honest and slow down the dishonest people until someone notices and stops them.
There’s a world where crypto could be sold the same way, but the sycophants drowned that out for long enough that we aren’t in the Trough Disillusionment now so much as the Trough of Open Mockery.
Gunax 5 hours ago [-]
There definitely some hypocrisy, but it might work differently in the law.
As devs, we might claim that 'code is the law' but my guess is that the law does not care. That is, one cannot overwrite property laws by a few lines of code.
Consider how disclaimers work--we are increasingly putting limitations on what rights you can contractually forfeit.
This will be interting to watch.
jxjnskkzxxhx 18 hours ago [-]
We have laws, yes.
gosub100 4 hours ago [-]
See also: tether.
AlexanderTheGr8 3 hours ago [-]
I followed this case when it happened. It was $16M at the time, not sure how it became $65M now. I suppose it doesn't matter - any number above $100k probably grants the same punishment*
Interesting side-note : the people he took/stole from - they offered him 10% if he returned the rest. He said no in a tweet trolling them.
Contrary to the opinions in this thread, I think he was smart to run away. Remember that he did this from Canada, not the US. Countries don't have the same extradition treaties with Canada that they do with US.
If he had stayed, he would almost certainly be convicted. No court can possibly understand "code is law". Courts' job is only to interpret the law, not make the law. And the law was not written for crypto. You cannot fit a square in a circle without distortion.
What I think would have happened is the courts, rather than introducing novel precedent, would have preferred to just rely on existing case law and declare him a criminal.
Another interesting side-note : the judge presiding the case made a public comment asking the guy to come back to Canada promising him a fair trial. The guy didn't show up - maybe he didn't receive the message.
Overall, even with the benefit of hindsight, we still can't be sure if he was smart to exploit this or not. Forced to live in a few countries but with a lot of money.
* It's because (1) laws were designed when numbers were lower (no one had $16M to steal); (2) humans can't visualize big numbers (individually, $16M is just as big as $65M in my head)
dgs_sgd 2 hours ago [-]
It went from $16M to $65M because he did more hacks after the initial one.
cherryteastain 2 days ago [-]
My personal belief is that this was not fraud and "Code is Law" works. Yet, this guy is a perfect example of how intelligence and wisdom are not the same. He was clearly smart and dedicated enough to pull off this sort of trade successfully multiple times in a row, and probably all he had to do to get away with it was keeping his mouth shut. Or at the very least not get convicted by default on contempt of court charges by ignoring a court summons.
hinkley 7 hours ago [-]
That German general who talked about keeping stupid industrious people away from your armed forces never met a clever enough fool.
Clever fools are how you get Jurassic Park.
neuroelectron 2 days ago [-]
Court was outside its jurisdiction here. The fact that the case went forward shows that he was about to be railroaded by corrupt authorities.
cherryteastain 1 days ago [-]
Agree, but the wisdom here is in recognising that once you made $65m in seconds at someone else's expense they will try to recoup that amount by any means necessary.
neuroelectron 1 days ago [-]
He isn't working completely alone. He was able to borrow some "wisdom" and skedaddle.
steve_adams_86 1 days ago [-]
It is a good example. Unfortunately most 18 year olds don’t possess a whole lot of wisdom yet. This guy was basically a kid when he did this.
djeastm 54 minutes ago [-]
He made the mistake of not already being wealthy before he manipulated the currencies. It's truly funny reading this when the US stock market is manipulated at will. I'm not trying to be political, just remarking on the absurdity of it all.
Sonnigeszeug 2 days ago [-]
Contract is code, you don't need anything anymore. It solves all the problem.
Something happens
We need to use the system which we want to replace...
prvc 1 days ago [-]
The entire space of smart contracts falls within the intended functionality of the systems that implement them, which make this particular use of them conceptually unlike things like buffer overflows.
Calling it a "hack" or an "attack" as this article does (while strawmanning the opposite case) is a deliberate attempt to muddy the waters, and is a failure of journalism.
TrackerFF 2 days ago [-]
One universal law is that if you steal from people with more money than you, you're screwed. And the more money they have, the worse off you are.
But on a serious note, whenever you read about some people that have either managed to outright steal crypto, or find some vulnerability which hasn't been legality tested...and they just pack their bags, hoping to live life free, forever after. It just seems so naive, too naive with how smart these individuals otherwise tend to be.
I think it is fair to say that once you'll cross a threshold, could be a million. could be 10 million. could be 50 million. All depends on who you've taken it from, you'll realistically be hunted for life.
The people that do get away with these things, are state sponsored operators - but they don't walk away with tens of millions in loot, either.
EDIT: Reading the article, this guy sounds like a real piece of work.
dandanua 1 days ago [-]
> One universal law is that if you steal from people with more money than you, you're screwed. And the more money they have, the worse off you are.
If someone has more money than you, you're screwed. Period.
This is how it works in the fascists world order, which is increasingly dominating these days.
throwway120385 1 days ago [-]
If you want to know the future of humanity, just imagine a bot stamping on a human face forever.
archontes 1 days ago [-]
I can't tell if this is a typo or not, and it's perfect.
racl101 4 hours ago [-]
I thought it was deliberate. Clever play on an Orwell quote nevertheless. Hmmmyes.
CPLX 4 hours ago [-]
From 1984 to 2024
neuroelectron 1 days ago [-]
It reminds me of the Sam Bankman-fried case, but it also quite different. SBF thought the abstractions would protect him from the law when he clearly was misleading investors and using code to abstract away his fraud. However, in this case, the code/fraud was presented and used as intended. While I believe SBF was innocent of defrauding his early investors who were foolish to trust such a system, he was guilty for other reasons.
Andean Medjedovic's case shouldn't have even made it to court and he had no obligation to leave his crypto or cashed out legal tender with some "custodian" and spend the next several years of his life as a beta tester for establishing case law. This wasn't just "code is law," more accurately, "under the stipulations of the contract, code is law."
perdomon 2 days ago [-]
Based on this article, it doesn't sound like he did anything illegal (initially). He saw an opportunity and took advantage of it not unlike high frequency trading in the late 90s/early 2000s. Decentralized markets operate in a space that's inherently risky -- if they don't want to get exploited, hire better engineers or get out of the game. Begging the government for help when you got bested isn't how decentralization works.
My favorite is one of the text files on the attacker's computer:
A file labeled "Decisions and Mistakes," in which he wrote, "Going On the run / Yes / Chance of getting caught<Payoff for not getting caught / (NA) / Risk is typically underpriced in modern world.
0cf8612b2e1e 2 hours ago [-]
That is just terrible opsec. The millisecond the money has moved, you need to destroy all of that equipment.
danielvf 1 hours ago [-]
Don't worry, he also had a ""POST-EXPLOITATION" plan.
Which included, among other things, "KEEP the configs Burn the evidence, including the histfile Book flight to: Pack Bags"
egypturnash 6 hours ago [-]
They are part of the team representing Cicada 137 LLC
He should have accepted their offer of 10% as a bug bounty. Certainly crypto folk love to act like unregulated markets but this smells like market manipulation to my armchair education and even if the market tries to play both ways, the courts won't. I do hope that the Ontario court fights the extradition, because the American laws leveled at him seem bogus by Canadian standards (wire fraud, extortion and money laundering) but that tort case might be legit.
Calwestjobs 4 hours ago [-]
thing is, if you get rid of 90% of money, what money will you use for lawyers services if those .... sue you anyway?
How this works in traditional finance is that the big funds would screw the small guy that beats them (especially if they're from a foreign country). They claim that they use unfair or illegal practices, but the reality is that they're not that different to their own.
Ultimately the rules are written by people who look legitimate, and/or those who capture regulators.
lamadruga 5 hours ago [-]
How do these people get caught? Isn't crypto supposed to be anonymous or something?
ycombinatrix 5 hours ago [-]
Some coins are designed to provide a degree of anonymity. Bitcoin & Ethereum do not.
ryao 5 hours ago [-]
The article says "he took credit for it on the social media platform X".
Calwestjobs 4 hours ago [-]
he is in france territory which is not french Guiana.
TrapLord_Rhodo 5 hours ago [-]
“The silver lining to all of this is that Trump promised to stop the persecution of crypto people,” Mr. Medjedovic wrote on Signal. “Like, half of the people involved in this resigned/stepped down recently.”
Very interesting that he gives praise to trump after all this hassle from the US government. Why is the US even involved in this? It's a canadian dude and a canadian exchange.
rozap 1 days ago [-]
Wait, I thought cryptocurrencies aren't securities? Why are our tax dollars being spent investigating this? If they're not securities (like coinbase etc would like us to believe), then he didn't do anything wrong and there are no other rules - code is law. If they are securities, then why are there so many illegal exchanges operating in plain sight?
Once again, crypto folks are all about decentralization until someone outsmarts them, then they go crying to daddy government to bail them out.
wmf 6 hours ago [-]
This doesn't change the big picture but some are securities, some are commodities, and some are collectibles.
Barrin92 5 hours ago [-]
I'm not entirely sure what makes you think there's no financial regulation or laws you can break outside of securities trade, because there is and which is why he's charged with wire and commodities fraud, Hobbs Act extortion and money laundering.
Code is not law, the law is the law.
tlogan 2 days ago [-]
Code is not law. Law is law.
2 days ago [-]
pixelpoet 2 days ago [-]
law : code :: word problem : mathematical notation
tomrod 1 days ago [-]
:::goedel's incompleteness theorem
freejazz 1 days ago [-]
Has that been your experience interacting with the law?
Calwestjobs 4 hours ago [-]
well judge said something like indictment do not age like fine wine, but judge forgot that crypto does ;)
moktonar 20 hours ago [-]
Placing trust on software is the root of all evil..
Validark 3 hours ago [-]
How dare some peasant actually win at a game they were meant to lose? That's illegal!
tempfile 2 days ago [-]
"Code is Law" is a profoundly immature idea, and I am surprised anyone other than children take it seriously. The law is not, and never has been, something that is read literally and taken at face value. This is the entire reason that judges and lawyers exist.
Saying "The code let me do it, so it should be legal" is a bit like if I leave a "free to a good home" sign on a plant pot outside my home, and it leans on my car. It does not mean you are permitted to take my car, no matter how "obvious" it seems to you that it should.
thomassmith65 7 hours ago [-]
This was satisfying to read:
“Code is not law. Law is law,” Mr. Gottlieb wrote in a lengthy thread to Mr. Medjedovic on X in late October, 2021. “And what you did was not a ‘clever trade.’ It was market manipulation. It’s illegal. And people go to prison for it.”
Tech exceptionalism is eternal. It takes the occasional Napster or PirateBay failure to disabuse a generation in the tech community of the triumphalist nonsense it talks itself into believing. But then the next generation comes along and doesn't know better.
lelandbatey 4 hours ago [-]
While satisfying, that quote is also hilariously one-sided in it's perspective. I imagine that lawyer in the courtroom saying something like the following:
> Yes, my client did take a stack $100 bills and leave it on the sidewalk atop an elaborate contract proclaiming that those $100 bills should be given to the very next person going by the name of "John" who found this stack of $100 bills upon the sidewalk, including specific language stating that anyone, even an unforeseen party meeting such criteria, would be entitled to that money. And indeed, my client signed and dated that document in triplicate. Yes my client did go to great lengths to write such a detailed and specific contract, and he was quite sure that such a contracts terms would be sufficient to ensure that only my clients brother, John Williams, would be entitled to the money, that same John Williams who lives across town. The brother would never find that money though, because the villainous, criminal, thief of a man John Smith stole that money from off the sidewalk when walking out of Smiths front door! Smith would have you believe that he was merely fulfilling the terms of a fortuitous open ended contract foolishly entered into by an idiot who failed to think critically about the terms said idiot entered into. That, however, is not important! I am here today to say that the terms of such a contract are not what is relevant, what is relevant is how upset my client is that he no longer has his money. I can prove that Smith stole that money, no matter what the documents signed by my client say! Those contracts are not law, only the law is law. What Smith did was not a "clever deal", it was theft. Which is illegal, and people go to prison for it.
A bit over dramatic, but that's how the lawyers statement reads to me.
3 hours ago [-]
Dumblydorr 1 days ago [-]
Someone who disagrees with you is a profoundly immature child?
Your analogy is confusing, you’re comparing a free plant on the roadside to 63 million dollars on a crypto exploit?
jxjnskkzxxhx 18 hours ago [-]
A lot of people who disagree with me also happen to be profoundly immature child. I didn't say that one follows from the other, you added that.
6 hours ago [-]
tempfile 1 days ago [-]
Not always, just in this case :-)
What's actually confusing in the analogy? Are you actually confused or just pretending? The point is that just because a sign says something under a literal reading, it doesn't mean that it's what was intended, or what's binding. If there's a piece of paper on my car saying "free to a good home", I probably didn't intend that you can take my car (or my house, or whatever). It's not very different to the fact that a 0-day exploit on your bank's web server does not entitle the thief to your money.
throwway120385 1 days ago [-]
just in case though, I usually hang the sign on signposts in the public right of way in case someone tries to steal my car.
baq 7 hours ago [-]
Just another day of crypto bros speedrunning finance.
kazinator 2 days ago [-]
You can't "steal" crypto; it's all just a scam that operates outside of the law.
I mean, sure, we can use the language of theft and crime figuratively, just like when we talk about animals. For instance, "the wolf stole a chicken from the coop".
tim333 1 days ago [-]
The case of SBF suggests you can and it's not outside the law enough to prevent 25 years of jail.
bigyabai 4 hours ago [-]
If SBF had merely stolen cryptocurrency, then the FTX exchange wouldn't have collapsed entirely. SBF stole customer funds on a line of infinite credit and infinite liquidity, basically lying to customers that he owned the asset they wanted when in reality he defrauded them for speculative gain.
stainablesteel 7 hours ago [-]
the movie about this guy is going to be awesome
ForHackernews 6 hours ago [-]
> Not everyone agrees. “Code is not law. Law is law,” Mr. Gottlieb wrote in a lengthy thread to Mr. Medjedovic on X in late October, 2021. “And what you did was not a ‘clever trade.’ It was market manipulation. It’s illegal. And people go to prison for it.
Boy the crypto industry better pray that market manipulation isn't illegal in DeFi-world or they're all going to prison.
waltfieger89 14 hours ago [-]
[dead]
glass1122 6 hours ago [-]
[dead]
Rendered at 03:12:55 GMT+0000 (Coordinated Universal Time) with Vercel.
He has not stolen anybody's password, has not modified DeFI code - simply executed a set of financial transactions according to the rules (expressed as DeFI smart contracts) and profited from it.
Indexed Finance is an unlicensed investment firm. The promoters knew the risk ( decentralized finance) and now they want to blame someone who outsmarted them at their own game.
If you end up using the legal system to remediate undesired transactions, what's the point of cryptocurrencies in the first place?
Saying "he used the system as it was designed, even if not as intended" is more or less equivalent to saying that any computer hack or zero day is also "using the computer system as designed".
You even plausibly extend that to picking locks in the physical world.
So yes, it does make sense for the law to get involved.
So far, to execute illegal transactions and using the lack of regulations to exploit the financially illiterate.
P.S. I understand the context in your comment here. Just expanding on it for cynicism's sake.
[0] https://biotech.law.lsu.edu/blaw/olc/sitting_president.htm [1] https://www.justice.gov/file/146241-0/dl?inline [Note it has been updated since 2000.]
You've cited policy which blocks prosecution of sitting Presidents -- but that didn't necessarily enjoin eventual justice from being served after his term(s) end. However the outcome of Trump v. United States, 603 U.S. 593 (2024) appears to not just block prosecution but grant immunity, meaning what would normally be a crime ceases to even be a crime.
That ruling appears to draw a nearly complete shield of immunity around Presidents for any crimes done as 'official acts,' and nearly everything can be claimed to be an 'official act' especially given how vaguely-scoped much Presidential power has become. I consider it pretty unlikely that we'll ever see a former President even be charged with a crime if Congress doesn't explicitly repudiate this ruling with an actual law.
Source: https://en.wikipedia.org/wiki/Trump_v._United_States#:~:text...
You could have stopped the sentence here; most US presidents are responsible for acts that appear to be criminal but for the fact that it is political convention not to charge them. The most egregious case I recall was Anwar Al-Awlaki [0] - where he seems to have been killed on the president's orders without actually having done anything specific to justify it. Searching for "crime" on his Wikipedia page turns up nothing much. If a president isn't publicly investigated by the judicial system for having a US citizen killed it is hard to see when charges would be appropriate.
[0] https://en.wikipedia.org/wiki/Anwar_al-Awlaki
The story of Anwar Al-Awlaki and his American US-born son who was killed in the attack authorized by the Obama administration must not be forgotten.
The issue of presidential powers and conduct must be a non-partisan issue. Trump merely walked through the cracks created under Obama.
Being well-intentioned (“protecting Americans against terrorism”) is not sufficient excuse for murdering an American minor due to the sins of his father no matter how much the Obama administration DOJ attempted to make it legally permissible to do so.
The reason is that what constitutes an official act is up in the air, and let us be honest, the incumbent president is not known for staying inside the Executive branch's lane.
But the sheer unwillingness of the DOJ to prosecute, creates a catch-22: you need indictments to change or clarify Trump v. United States, 603 U.S. 593, and right now there are two options:
Somehow revive the private right to criminal prosecution (and of the president at that)(See Linda R.S. v. Richard D., (1973) 410 U.S. 614 (citations omitted)) or a Federal Court to appoint counsel to investigate a former or incumbent president. (Young v. U.S. ex re. Vuitton et Fils, (1987) 481 U.S. 787.) And I am not sure which one is less likely to happen. (Or for Congress to take that role beyond impeachment, which is even less likely.)
While Trump may go farther than that, it is hard to imagine any other President in our history who would have considered doing anything more deserving of criminal prosecution in a US court.
Given how polarized our country has become and the requirement for a 2/3 majority in the Senate, it is also difficult to see how we could ever again wind up in a situation where the threat of impeachment is a significant concern to a sitting President. Given the current state of the Republican party, I'm not even sure whether an attempted military coup by Trump would get that result.
What you need to argue is that the the smart contracts were valid contracts that the creators intended to and had opportunity to understand and that their creation was their act of negotiation of a position. It isn't really a stretch, but with amounts like this probably more diligence would have been due than that. Calling it theft is ridiculous on the other hand.
He's charged with:
1) wire fraud (the smart contracts/swap exploit)
2) unauthorized damage to a protected computer (running the exploit on the ethereum network)
3) attempted hobbs act extortion (contacting kyberswap to attempt to gain control of kyberswap in exchange for return of some of the crypto)
4) money laundering conspiracy
5) money laundering (knowingly laundering the proceeds of the previous, including paying an undercover agent to help bypass a blacklist to do so)
[1] https://www.justice.gov/usao-edny/media/1388036/dl?inline
You've hit a key point of disagreement amongst philosophers about the idea of the social contract.
Some of them say it's not voluntary because we were all born into a existing society, others say, sure it is, you can just give up all your property and go live in the forest.
Others then reply that disabled people and children can't do that.
But also the idea of living in a forest is not really an option for most people in the modern world. So my personal take is that the social contract is inherently non-voluntary in the modern world.
> Calling it a social contract just sounds too… soft? for what it really is.
Why do you think a social contract implies softness? For most of it's existence the social contract allowed slavery, ritual killing in the form of warfare and duels, and it still allows the death penalty in much of the world.
I think they are saying that the words "social contract" sound more collaborative and voluntary (to them) than what the phrase actually refers to. Your examples would only reinforce that view.
It is a subjective stance on a coined phrase, but given most of our laws were settled by people not living now, and enforced on people not living when the laws were created, and there is no periodic process of ensuring laws reflect the living, the words "social" and "contract" are being stretched quite a bit.
(On the other hand, the meanings of most phrases drift from the nominal meanings of their constituent words.)
It's bonkers to me that the only rulesets people care to implement on such a platform are just reflections of money as we know it. How unimaginative. I wish we'd make something new rather than translating something old--bugs and all--into a new language.
Or "The Crypto Anarchist Manifesto"
https://groups.csail.mit.edu/mac/classes/6.805/articles/cryp...> the point of crypto is more abstract than any of that
It has to do with operating in spite of somebody who would otherwise tamper with your information. It's about durability in the face of sophisticated adversaries.
I was trying to get at the point of crytocurrency. The accounting system can handle anything at all, so why bother with the coins? We've had coins for thousands of years, they're the most boring app imaginable. Why bother maintaining artificial scarcities when we could be addressing real ones?
But at the end of the day, if nobody provides hardware for it to run on, then, we can't have that accounting system. And those people have to pay their electric bills, and for the hardware they're using, and for that they need something money-shaped. The point of cryptocurrency is to be that money-shaped thing. We need it to interface with the traditional finance system until we can replace that system with something better.
That's the point for them. It's not the point for anybody else.
Using "value" as a medium is problematic because we increasingly don't value the same things. It worked ok back when food took so much effort to grow that securing it represented a significant portion of our mindshare. Then money was reliably a proxy for our shared agreement that food was good.
But now that it's so much easier to make the necessities that we agree on, we spend more time perusing contradictory outcomes. Which is more valuable, if my endeavor succeeds and yours fails, or visa versa? Whose agenda am I furthering when I decide to value a dollar? Am I helped or harmed by doing so? It's hard to participate in because I can never tell if I'm hurting or helping.
Better would to let people be explicit about what they want so that we can the things that have consensus and work towards those. As it is we're letting the ownership of scarce abstractions determine what gets done, which is just bonkers. It was once the best we could do with only the laws of physics at hand to enforce the rules (re: the scarcity of gold), but now we can do better.
Also there's a directed graph where the nodes are users. Edges on this graph indicate that this user trusts that user, the edges are colored to indicate which type of trust it is.
Given two users, they can compare graphs to decide if they both trust (transitively) any other users in some set of colors. Also, if cycles appear, then that cycle is a community of experts and they can follow the graph in reverse to find out which other users consider them experts.
It's sort of like how we have representatives in congress, except instead of being one layer deep with millions of people being represented by one, it can be as nested as needed to ensure that the experts are not overloaded (since many of us are somewhere in the middle, we distribute the load by playing both roles--depending on who we're dealing with). It also differs from typical representative democracy because you can express trust in somebody's diplomacy and simultaneously avoid trusting their understanding of economics (or whatever other colors you care to).
Ideally it would be a system in which the most trusted and capable people for any job are easy to find and easy to support, and in which we focus on becoming skilled and trustworthy rather than on the ownership of scarce things.
Human societies already work like this, they have for a million years or so, but it stops working well when the cognitive burden of walking all of these trust graphs becomes too much to bear, then things get authoritarian. We now have the technology to scale it better, but the implicit non-specialized authorities are still in charge.
A couple of applications for this that could work in the near term:
1. If you have a dispute, you can use the data find a mediator who is trusted by you and the other party. And not just trusted, but trusted in the relevant way. This is a step towards a better court system, better because the arbiter is explicitly trusted by the complainants and because the arbiter is an expert in the color of the complaint.
2. If you find a dubious claim, you can see who signed it and check for a trust path between you and that person. 1,000,000 fake amazon reviews mean nothing through that lens, since you don't trust them. But two or three reviews signed by people that you explicitly trust (perhaps transitively) would mean a great deal. This gives us a way to ignore scammers and malicious AI's and creates a space in which being trustworthy is an asset (contrast this to the world we've built which is more about commanding the most attention).
I'm not saying I have it right, but such things are worth trying in general, and "crypto" isa much better medium for them than bureaucracy (although I'm more excited about CRDT's than blockchains, because I think partition tolerance is more important than consistency).
Agreed, but there is already a very similar case where "code is law" was tested, and failed: https://www.justice.gov/archives/opa/pr/man-convicted-110m-c...
It turns out that once a financial system becomes big enough, the US will apply its finance laws to it. Finance laws are designed to prevent sudden unexpected transfers of wealth from one (wealthy) unwilling party to another based on unanticipated loopholes.
If you believe in cash, does that mean you can't run to the courts if someone steals your cash?
If your security proves insufficient to prevent a theft, that doesn't mean the theft was legal! It just means your security was insufficient.
That security can be enforced by mathematics instead of courts is definitely a benefit of cryptocurrency, but when it goes wrong courts still matter.
No, because the point of cash isn't to circumvent government control of the financial system. If you build a whole system just to decentralize financial control and avoid government influence but then appeal to the government as soon as you don't like what happens, you're doing something wrong.
Stealing someone’s private key and then using it to steal their assets is very different from exploiting edge cases of get rich quick schemes.
If you didn't want folks to be able to get the crypto under those conditions, then why did you make the contract grant them the crypto in those conditions? I can't take a stack of $100 bills and leave it on the sidewalk with a post-it note saying "only to be picked up by John" and then sue the person named John who comes by and picks up cash. I also can't get mad when Alice sees the stack and tells her friend John to come pick up the money with his name on it.
So it is with crypto. Why are you using crypto if you don't want to follow the rules? That sounds to me like you're trying to do unregistered securities trades...
It's a very hard battle to say "wow, I didn't intend to have my contract say that, despite writing that and publishing it." You'd have to have a lot of auxiliary material explicitly stating the opposite of what your contract actually said, or you'd have to convince others that what the contact actually says is so difficult to understand that there was no way to anticipate that the contract allows what it does. And even then, I don't know if that'd pass because "I didn't think of that at the time" is commonly not accepted as a way to get out of breach of contract.
It's like opening a bank account, and the contract says "You can only access your own money in the vault. Everything you can access is yours to use as you see fit." On your first visit the manager brings you into a vault with hundreds of cash-laden tables. He shows you to an empty table, and says "Here's your table. Enjoy!".
Are you allowed to take money from the other tables? Clearly the contract says you can, but surely that can't be what they intended? Is it theft to "break their security" by walking over to another table, or is it just a hidden perk of the contract you signed?
unlike actual contracts, which are written with the expectation that disputes may occur and be resolved by arbitrators and a legal system (who will probably rule that a poorly drafted clause 2b doesn't in fact grant you the right to take all the other customers' money)
> Are you allowed to take money from the other tables? Clearly the contract says you can, but surely that can't be what they intended?
If their entire business model is based on giving a service that allows you to store your money in safety without any government dependency, while in reality they allow everyone else to take your money, then they deserve whatever happens to them.
Like any technology, a money system can be designed so that it works well enough for a small set of intended purposes, and poorly for all other purposes. Moreover, its uses can be constrained by laws.
I think an open question is whether existing laws related to money or property apply to cryptocurrencies. For instance, "theft" and "fraud" cover a lot of things, without specifically listing all of them.
If it's ambiguous whether such laws apply to crypto, then sure, someone could use the legal system to settle the matter. In fact, using the legal system to remediate undesired transactions could be as good a use of crypto as any, if "anything goes."
I doubt that will hold up in court. The exact thing could be said about computer networks and hackers exploiting them.
To get 30mg oxy
In this case, to make money. These are not ideological purists, they're capitalists.
I think you’re answering your own question here
It didn't work there, and it won't work here either.
If you end up using the legal system to remediate undesired transactions, what's the point of cryptocurrencies in the first place?
That is a philosophical argument completely unrelated to whether or not something is illegal. Cryptocurrencies aren't a replacement for the law, nor do they stand outside of it.
Because it sure looks like they intended for “code is law” to be the case. Many of the oft cited use cases were to circumvent traditional systems.
Not to be that guy but it seems like the point of cryptocurrencies is to scam vulnerable people...
Yes, indeed. And when people leave their home unlocked the thieves should get to keep their stuff. What kind of savagery is this?
> If you end up using the legal system to remediate undesired transactions, what's the point of cryptocurrencies in the first place?
Great question, we have been waiting for answers for nearly a decade now...
That's not what happened here. What happened is that the crypto company said, "Follow this contract," and their customer followed the contract and took their money, and then the crypto company was like, "But not like that!"
Ostensibly, the whole point of cryptocurrencies is to decentralize financial control and not depend on governments for that service. If you then depend on governments the second you don't like what happens, there's no point to cryptocurrencies.
I have to admit, that's pretty funny. But I will point out that you did not make an argument in support of your position; you merely insulted me.
If you see a case where someone exploits a badly-coded computer program to take a hundred million dollars from someone, refuses to return any of it (even when offered several million dollars for their trouble), refuses to co-operate with the judges and the rest of civilised society, and just see "waa waa baby doesn't like his medicine" then I don't see how to actually reason with you. That's just a value difference, not really an insult.
I think you overestimate how easy it is to distinguish between these two. A reasonable common example is people like Bernard Marantelli exploiting lotteries. The lottery does not intend for people to play as Marantelli does. You can (and people do) argue that he's stealing money, but should he go to jail for playing the lottery in a way "not intended by anyone"? I don't think so.
It's the same with card counters at a casino. The casino can throw card counters out because they can decide who plays at their establishment, but it would be unreasonable to jail card counters for playing blackjack in a way casinos don't intend.
>If you see a case where someone exploits a badly-coded computer program to take a hundred million dollars from someone
This phrasing removes relevant context to the point where it no longer represents what actually happened.
>refuses to return any of it (...)
I did not comment on any of this at all.
>I don't see how to actually reason with you
This is dismissive and denies my ability to be convinced by reasonable arguments. It is insulting, even if it's not intended that way.
> This phrasing removes relevant context to the point where it no longer represents what actually happened.
I don't think it does, but you don't explain why, so there is not much to argue. It is hard to get an objective description of what happened, but as far as I can tell, the liquidity pools operated by Indexed Finance are governed by a smart contract, the smart contract contained a mistake, and by exploiting that mistake, Medjedovic was able to drain them completely.
Can you explain to me in simple english how that is using the contract as intended? Note that "it's what the smart contract said" is not sufficient, for the same reason that "the web server allowed me to make that request" is not a defence against a charge of computer hacking. What the smart contract says is actually almost irrelevant. What is relevant is what it was intended to do.
Incidentally, why should I be rooting for this guy? It seems like literally the only argument in favour of what he did here is "everything that is possible is fair". His extraction of money is purely parasitic, and aside from merely identifying the bug, he hasn't done any useful work at all. I would grant that this applies to the lottery and card counting examples too. But why should I care that he's having his money taken away?
Many people disagree with you and describe what these people do as theft, so it's not as easy as you think.
>which Medjedovic rejected
I made no points at all about what he did afterward. This is all irrelevant to my point.
>I don't think it does, but you don't explain why
I did explain why further up in the thread. It's not just a badly coded computer program; it's a badly coded computer program that acts as a contract intended to circumvent government control of money. That's the context.
People agree to adhere to the smart contract instead of putting their money into a financial institution that uses contracts backed by laws enforced by governments. This guy adhered to the smart contract, and when the crypto company didn't like the outcome, they decided that none of the crypto stuff mattered and that the laws enforced by governments mattered after all.
But this makes cryptocurrencies entirely pointless. If you can use legal means to circumvent undesired smart contract outcomes, then you can just do that in the first place and not have the smart contract.
>Can you explain to me in simple english how that is using the contract as intended?
Yes, of course. Smart contracts are self-executing contracts. The agreement you make is written in the code of the contract. That is the intention behind a smart contract. It makes no sense to say that you did not adhere to the contract if it allowed you to do something. So by definition, anything you do that the contract enables you to do is using the contract as intended.
>Note that "it's what the smart contract said" is not sufficient, for the same reason that "the web server allowed me to make that request" is not a defence against a charge of computer hacking
Again, this argument ignores the context of smart contracts. Web servers don't claim that their code is a contract.
>why should I be rooting for this guy
It doesn't matter. I'm not rooting for this guy. I'm not arguing emotionally in favor of some guy who did something. In fact, I think he's a shithead.
I think this is the point where I really disagree with you. I don't see how this is different for smart contracts, as opposed to, say legal contracts written in english. It is not true in general that just because a contract says something, that those exact terms are enforced. There is a whole body of law around what terms are enforceable, what to do in cases of mistakes, and so on.
I am now really unclear on what your position is. I thought originally that you were in favour of smart contracts, and that it was somehow unfair or unethical for e.g. a court to rule whether a smart contract was intended to do something different than what it did. So I am trying to understand why you think it is unethical. In this case I think it is unethical to obey the smart contract, and that what this kid did is unethical and should be illegal. Are you saying what he did is wrong, but he should be allowed to do it anyway? If so, why?
It's different because the whole purpose of smart contracts is to circumvent governmental power structures. Otherwise, people would use regular contracts.
Technologically, it's much easier to set up a payment system using a centralized database in a specific jurisdiction and have people sign normal contracts to use the system. People create cryptocurrency systems to avoid that. They put much effort into creating payment systems independent of existing power structures. If this system does not work without backup from the legal system and governmental power, then all that effort is pointless.
>I thought originally that you were in favour of smart contracts
I think they're interesting.
>Are you saying what he did is wrong, but he should be allowed to do it anyway?
Yes.
>If so, why?
Using existing governmental power structures to punish people who adhere to smart contracts in ways some system members don't like invalidates the whole system. If cryptosystems don't work purely technologically without judicial support, they don't work, period.
What you're hoping for is, taken literally, impossible. Smart contracts can't protect people from fraud, or coercion. Since the law does protect them from these things, smart contracts cannot be totally isolated from the legal system (even if everyone wanted this, which they don't).
> Using existing governmental power structures to punish people who adhere to smart contracts in ways some system members don't like
Fine, but what about in ways that the rest of society don't like?
That's what traditional systems already do.
>Fine, but what about in ways that the rest of society don't like?
They don't participate in crypto.
I absolutely get your position, and possibly hypocritically supported the main branch when ethereum had a big fork over exactly this issue. But its also not hard to see where the "code is law" guys are coming from.
Actually, in many parts of the US, you do not have to have any law education to become a judge in district courts.
As popular as this idea is online, it doesn’t work that way in the courts.
Intent matters in issues of the law. The “finders keepers” rules don’t apply in legal matters in the real world.
If someone logs into their bank and notices that changing the account number in the URL lets them withdraw from other people’s accounts, no court is going to shrug it off and say that it’s the bank’s fault for not being more secure. Likewise, finding a vulnerability in a smart contract doesn’t automatically give someone the right to any funds they collect from exploiting it.
We all know the “code is law” arguments about smart contracts are just marketing bluster. The lawyers do, too.
Everybody involved knows all of that, and claims it as a positive feature of the system. At least until they find out that it's actually hard to write bug-free code.
There may indeed not be a legal "meeting of minds" (although there very well also may)... but from an ethical point of view, everybody involved knowingly signed up for exactly that kind of risk. And honestly it would be good public policy if the law held them to it. Otherwise you get people trying to opt out of the regular legal system up until it's inconvenient.
There'd be more of a case if he'd exploited the underlying EVM implementation. But he didn't. He just relied on the "letter" of a contract, in an environment that everybody had sought out because of unambiguous to-the-letter enforcement.
Am I an idiot or is it unclear why this is the intention?
When you open a bank account, there is an actual contract and regulatory framework that governs how you use the account. A URL parameter is an implementation detail that no more alters the contract than a broken lock on a vault would alter the contract.
But when you interact with a smart contract, the smart contract is the contract. What you are allowed to do is defined by what the smart contract lets you do. You don't need to open an account, agree to T&Cs or sign any other sort of contract to interact with the smart contract.
If the smart contract is not the contract, how would you propose we can determine what the real contract is?
With DeFi it's different; the code is public and decentralized. There was no unauthorized access to anything here. From my reading of what was done, it was essentially taking advantage of the poor trading strategy of Indexed Finance.
I'm not going to pretend to be a lawyer, but I don't see a lot of parallels between this and e.g. using SQL injection to obtain unauthorized access to a system.
To give an analogy, it's like writing code in a high level language and saying that it will prevent side channels such as spectre. But such side channels are a function of the hardware, not the high level language. The hardware in defi is ultimately the law, not the servers.
so all american youtube sagas about doing card counting in PRESENT time are fraud to dupe people into thinking that it is possible to card count. NOW TODAY.
These days that’s probably true but it has been done: https://www.roulettestar.com/people/joseph-jagger/
> After the second day, Jagger kept a clear head and decided that enough was enough, and left Monte Carlo to head home to Yorkshire with his winnings.
> When he got home, he retired from the Mill and invested some of his winnings into property.
That’s not how the law works.
If someone breaks the law or doesn’t comply with regulations, that’s a separate issue. It doesn’t entitle a third party to steal their funds.
If you were to rob a drug dealer, you couldn’t argue that they weren’t complying with the law and therefore you were free to take it. You would both have broken laws.
If you write a contract and give it to a lawyer with the instruction, "Anyone who satisfies this contract gets this money." And someone satisfies the contract to the lawyer's -but not your- satisfaction, and the lawyer sends the money, did the third party steal from you?
https://xkcd.com/1494/
1. You deploy a smart contract to the ethereum blockchain
2. I interact with your smart contract in some manner
how do we define whether the manner of interaction in step 2 is fradulent or not?
"Code is law" is one interpretation by crypto enthusiasts to define under what conditions interacting with the blockchain is fraud; in their definition, it's never fradulent.
Let's assume "code is law" is nonsense, as many comments here say. Then, under what conditions do we define interacting with the blockchain as fradulent? What is fraud and what is not fraud?
Edit: In the blockchain we can even formalize this. The ethereum blockchain at block K has a certain state S_K. I submit a certain transaction/set of instructions T to the blockchain which is mined as block K+1. How do we define a function isIllegal(S_K, T)? (Assuming block K+1 contains EVM instructions from my transaction T only)
... but the whole point of cryptocurrency, or at least of smart contracts and "DeFi", is to reject that and try to build a parallel system. That's presumably based on a belief that you can write code that behaves the way you intend, regardless of whether you really can do that or not.
So perhaps the judge should decide "Well, you signed up for that when you tried to opt out of having human judgement govern your deals. Have a nice day.".
And in fact perhaps there should be formal statutory law that makes it clear that's what the judge is supposed to decide in any case that isn't itself "borderline" somehow. Which the case at hand shouldn't be.
No, it isn't. It might be some peoples desire around it, but by no means all (or even most).
> Abstract. A purely peer-to-peer version of electronic cash would allow online payments to be sent directly from one party to another without going through a financial institution. Digital signatures provide part of the solution, but the main benefits are lost if a trusted third party is still required to prevent double-spending.
Why do you think you can dismiss the obvious claim that cryptocurrencies are a form of decentralized finance with a "no, it isn't"?
The thing is, laws can have issues and bugs as well, just like code! And we have courts to judge not just when someone outright breaks a law but also when someone is skirting on the edges of the law.
Take Germany's "cum ex" scandal for example. Billions of euros were effectively defrauded from the state and on paper the scheme appeared legally sound, but in the end it was all shot down many years later because the actions of the "cum ex" thieves obviously violated the spirit of the law.
The only difference is that blockchains are distributed worldwide and there is no single entity that can be held accountable and forced to execute or reverse any given transaction.
https://xkcd.com/1494/
There are other cases where interacting the blockchain is illegal in a very clear manner. Example: if I know an Iranian or North Korean entity has the keys to an Ethereum wallet, and if I send USDT to that wallet as a Western citizen, that is very illegal due to sanctions.
https://www.justice.gov/usao-edny/pr/canadian-national-charg...
It doesn't really make sense for people to build smart contracts that are intended to be an extra-judical agreement where the code enforces the rules and then run to government whenever something they don't like happens. What is the purpose of smart contracts at all if you still need the entire legal apparatus around them?
What does agreeing to a contract that inherently implies trying to work around the need for government in contracts means? What does it say about intent?
If for example, the firm that lost money had been saying "Code is Law" in their previous pro-crypto statements and had explicitly talked about smart contracts being extra-judical it seeems there intent would be to avoid legal intervention entirely and it would require a fairly high bar to argue that any bug could result in a lawsuit.
I do this of my own free will, at my own hazard. I know I'm playing this game. I have intentionally elected to use a system that will execute without any further intervention or oversight on my part. Verbally, I state that I am confident enough in the writing of my instruction that I feel secure in whatever outcome it may bring.
The system automatically executes and someone has sold me a very nice remote control car.
I sue that person.
Why should I have standing?
What matters is if Medjedovic engaged in activities that would be illegal in the process of acquiring the funds from Indexed Finance. A theft is theft whether it is physical or digital; victims aren't required to have perfect security and criminals are not allowed to exploit weaknesses to just take something that belongs to someone else.
Medjedovic is accused of exploiting "glitches." From a legal perspective, that would be no different from a thief exploiting a "low" wall or an unsecured window. Glitches aren't invitations any more than an open window. In other words...not a defense. (And in the U.S., specifically see the Avraham Eisenberg case, which is basically the same fact pattern. Eisenberg lost. His sentencing was postponed to last week but appears to have been postponed again.)
Then he skipped town after he was ordered by a court to put his tokens into escrow. If he truly believed that "code is law" and that the tokens were rightfully his, he wouldn't have skipped town. At that point...his own actions demonstrated that he didn't believe that what he did to acquire the tokens were legit. (The Fugitive notwithstanding, innocent people don't run.)
Then he "exploited glitches" for another DeFi. See above.
Then he attempted to launder the tokens...with some guy he found on the internet. Someone who legitimately believed that they legally owned the tokens would have hired lawyers, not money launderers, to gain access to their property. (Aside: any money launderer willing to launder money for a stranger is almost certainly undercover law enforcement...)
Then he moved to a country without an extradition treaty, and in the past few months has been spouting racist far-right nonsense in the hopes of getting pardoned.
Is he guilty? His own actions say that even he thinks he is.
From that link:
"U.S. Attorney Damian Williams said: “Today, Shakeeb Ahmed was sentenced to prison in the first ever conviction for the hack of a smart contract and ordered to forfeit all of the stolen crypto. No matter how novel or sophisticated the hack, this Office and our law enforcement partners are committed to following the money and bringing hackers to justice. And as today’s sentence shows, time in prison — and forfeiture of all the stolen crypto — is the inevitable consequence of such destructive hacks.”
The undisputable matter of fact is this: there have already been several cases of people who thought they could invoke the "(smart contract) code is law" argument to outsmart judges and the legal system.
But that's fantasy. In practice these people, when caught, go to prison.
> Indexed Finance is an unlicensed investment firm. The promoters knew the risk ( decentralized finance) and now they want to blame someone who outsmarted them at their own game.
And DeFi exchanges are "unlicensed brokers". And yet I posted a case where the hacker who "outsmarted" them is now in prison: how smart one has to be to end up in prison right?
Post me a case where an "unlicensed investement firm" sued a thief who "outsmarted them" and where the judge decided to let the thief walk free.
For I posted a case from justice.gov to prove my point.
A masked man creeps through the shadows of a sleeping town.
He looks both ways, then uses a knife to unlatch a door from the outside. He slips into near pitch blackness. He moves confidently in the darkness - he's worked for this bank before, checking on their security from theft.
Out comes his lock picking tools - the bank president's office door opens with a quick rake. Cheap lock.
Inside, with no windows to betray him, he lights a candle. There in the corner stands the safe. He knows it inside and out, and has been practicing. Five minutes later, the lock is picked, and he loads up the gold, cash, and bonds inside.
He puts the candle out, slips back outside, and returns to his room at the lodging house, climbing in through the window.
The next morning, with the discovery of missing gold, the town looks like someone kicked over a fire ants nest. It only takes 30 minutes before people start wondering about "bank security expert" who had just been in the bank every day.
A crowd heads over the boarding house, growing in size as it goes.
"Did you steal our money?", they ask?
"ABSOLUTELY NOT," he replies, "I merely used my immense mental powers to out hink several flawed physical security measures, breaking no laws of physics, in such a way that the gold, cash, and bonds previously belong to you are now in my possession, and now belong to me. No theft has taken place, only the movement of certain levers, of which anyone who knew how could move, and the movement of afterwords of certain goods."
"So you stole our money!!", the town shouted.
"No, no, I just interacted with the universe according to its very own publicly available rules. No theft has occurred!"
An old cowhand, covering him with double barrel, spoke up, "Walll, guess he's right. We deserved to lose all that money. He did nothing wrong at all."
Everyone left, impressed with his genius.
"code is law" is a meme that primarily lives on hacker news. Only a tiny fraction of crypto people believe it or say it.
https://www.bitget.com/news/detail/12560604358718
> In April 2016, in Switzerland, the Slock.it team was introducing their ambitious plan: The DAO, a decentralized investment fund governed entirely by code. "Imagine a fund with no board, no CEO," founder Christoph Jentzsch explained, "all decisions are made by token holders through smart contract-based voting. This is the ultimate realization of 'Code is Law'."
https://x.com/VitalikButerin/status/1188511660387889153
I find it difficult to believe they're a large majority.
Per Wiki:
> As of May 2016, The DAO had attracted nearly 14% of all Ether tokens issued to date.
Vitalik Buterin is, uh, pretty notable, too.
> A masked man creeps through the shadows of a sleeping town.
> He looks both ways, then
... walks into a casino, realizes there's a flaw in how they shuffle and deal cards, and then makes a shit ton of money exploiting this weakness.
After losing a shit ton of money because they didn't plan for someone to play the game in an unexpected way, the owners of the casino demanded the money back.
"Did you steal our money?", they ask?
"ABSOLUTELY NOT," he replies, "I didn't get any non-public information, I didn't manipulate the deck, and you have yet to point to a single hand that was not played entirely within the stated rules of the game. You're just mad because I noticed that you fucked up and bet accordingly."
"There's always another moron tries that one", they laughed as they walked away.
It seems like right now the crypto industry makes the decision to their convenience on a daily basis.
It'll be interesting how this gets resolved by Canadian courts.
And this is rich: “A bad actor not brought to justice and held to account for one act of fraud will surely commit another”
(Obligatory, I don't work in crypto or have any special connection to it, I just think people forget this third option even exists when it's really the most common way most private industries actually resolve disputes most of the time.)
There’s a world where crypto could be sold the same way, but the sycophants drowned that out for long enough that we aren’t in the Trough Disillusionment now so much as the Trough of Open Mockery.
As devs, we might claim that 'code is the law' but my guess is that the law does not care. That is, one cannot overwrite property laws by a few lines of code.
Consider how disclaimers work--we are increasingly putting limitations on what rights you can contractually forfeit.
This will be interting to watch.
Interesting side-note : the people he took/stole from - they offered him 10% if he returned the rest. He said no in a tweet trolling them.
Contrary to the opinions in this thread, I think he was smart to run away. Remember that he did this from Canada, not the US. Countries don't have the same extradition treaties with Canada that they do with US.
If he had stayed, he would almost certainly be convicted. No court can possibly understand "code is law". Courts' job is only to interpret the law, not make the law. And the law was not written for crypto. You cannot fit a square in a circle without distortion.
What I think would have happened is the courts, rather than introducing novel precedent, would have preferred to just rely on existing case law and declare him a criminal.
Another interesting side-note : the judge presiding the case made a public comment asking the guy to come back to Canada promising him a fair trial. The guy didn't show up - maybe he didn't receive the message.
Overall, even with the benefit of hindsight, we still can't be sure if he was smart to exploit this or not. Forced to live in a few countries but with a lot of money.
* It's because (1) laws were designed when numbers were lower (no one had $16M to steal); (2) humans can't visualize big numbers (individually, $16M is just as big as $65M in my head)
Clever fools are how you get Jurassic Park.
Something happens
We need to use the system which we want to replace...
Calling it a "hack" or an "attack" as this article does (while strawmanning the opposite case) is a deliberate attempt to muddy the waters, and is a failure of journalism.
But on a serious note, whenever you read about some people that have either managed to outright steal crypto, or find some vulnerability which hasn't been legality tested...and they just pack their bags, hoping to live life free, forever after. It just seems so naive, too naive with how smart these individuals otherwise tend to be.
I think it is fair to say that once you'll cross a threshold, could be a million. could be 10 million. could be 50 million. All depends on who you've taken it from, you'll realistically be hunted for life.
The people that do get away with these things, are state sponsored operators - but they don't walk away with tens of millions in loot, either.
EDIT: Reading the article, this guy sounds like a real piece of work.
If someone has more money than you, you're screwed. Period.
This is how it works in the fascists world order, which is increasingly dominating these days.
Andean Medjedovic's case shouldn't have even made it to court and he had no obligation to leave his crypto or cashed out legal tender with some "custodian" and spend the next several years of his life as a beta tester for establishing case law. This wasn't just "code is law," more accurately, "under the stipulations of the contract, code is law."
https://news.ycombinator.com/item?id=31478795 ("The math prodigy whose hack upended DeFi won’t return funds" (2022) — 399 comments)
A file labeled "Decisions and Mistakes," in which he wrote, "Going On the run / Yes / Chance of getting caught<Payoff for not getting caught / (NA) / Risk is typically underpriced in modern world.
Which included, among other things, "KEEP the configs Burn the evidence, including the histfile Book flight to: Pack Bags"
I wonder if this is any relation to Cicada 3301. https://en.wikipedia.org/wiki/Cicada_3301
Ultimately the rules are written by people who look legitimate, and/or those who capture regulators.
Very interesting that he gives praise to trump after all this hassle from the US government. Why is the US even involved in this? It's a canadian dude and a canadian exchange.
Once again, crypto folks are all about decentralization until someone outsmarts them, then they go crying to daddy government to bail them out.
Code is not law, the law is the law.
Saying "The code let me do it, so it should be legal" is a bit like if I leave a "free to a good home" sign on a plant pot outside my home, and it leans on my car. It does not mean you are permitted to take my car, no matter how "obvious" it seems to you that it should.
> Yes, my client did take a stack $100 bills and leave it on the sidewalk atop an elaborate contract proclaiming that those $100 bills should be given to the very next person going by the name of "John" who found this stack of $100 bills upon the sidewalk, including specific language stating that anyone, even an unforeseen party meeting such criteria, would be entitled to that money. And indeed, my client signed and dated that document in triplicate. Yes my client did go to great lengths to write such a detailed and specific contract, and he was quite sure that such a contracts terms would be sufficient to ensure that only my clients brother, John Williams, would be entitled to the money, that same John Williams who lives across town. The brother would never find that money though, because the villainous, criminal, thief of a man John Smith stole that money from off the sidewalk when walking out of Smiths front door! Smith would have you believe that he was merely fulfilling the terms of a fortuitous open ended contract foolishly entered into by an idiot who failed to think critically about the terms said idiot entered into. That, however, is not important! I am here today to say that the terms of such a contract are not what is relevant, what is relevant is how upset my client is that he no longer has his money. I can prove that Smith stole that money, no matter what the documents signed by my client say! Those contracts are not law, only the law is law. What Smith did was not a "clever deal", it was theft. Which is illegal, and people go to prison for it.
A bit over dramatic, but that's how the lawyers statement reads to me.
Your analogy is confusing, you’re comparing a free plant on the roadside to 63 million dollars on a crypto exploit?
What's actually confusing in the analogy? Are you actually confused or just pretending? The point is that just because a sign says something under a literal reading, it doesn't mean that it's what was intended, or what's binding. If there's a piece of paper on my car saying "free to a good home", I probably didn't intend that you can take my car (or my house, or whatever). It's not very different to the fact that a 0-day exploit on your bank's web server does not entitle the thief to your money.
I mean, sure, we can use the language of theft and crime figuratively, just like when we talk about animals. For instance, "the wolf stole a chicken from the coop".
Boy the crypto industry better pray that market manipulation isn't illegal in DeFi-world or they're all going to prison.