Conversation

Notices

Embed this notice
Hyolobrika (hyolobrika@social.fbxl.net)'s status on Sunday, 22-Sep-2024 13:12:28 JST Hyolobrika

One important task of smart contracts, that has been largely overlooked by traditional EDI, is communicating the semantics of the transaction to the parties involved. There is ample opportunity in smart contracts for “smart fine print”: actions taken by the software hidden from a party to the transaction. For example, grocery store POS machines don’t tell customers whether or not their names are being linked to their purchases in a database. The clerks don’t even know, and they’ve processed thousands of such transactions under their noses. Thus, via hidden action of the software, the customer is giving away information they might consider valuable or confidential, but the contract has been drafted, and transaction has been designed, in such a way as to hide those important parts of that transaction from the customer.
What the everloving fuck is this blatent disregard for honesty?!
From Smart Contracts by Nick Szabo, the guy who originally invented the concept

In conversation Sunday, 22-Sep-2024 13:12:28 JST from social.fbxl.net permalink
- Embed this notice
  feld (feld@friedcheese.us)'s status on Sunday, 22-Sep-2024 13:12:26 JST feld
  in reply to
  
  @Hyolobrika you can try to hide and obfuscate stuff in smart contracts. But they can be decompiled and analyzed to see their true behavior.
  
  You can never be certain what's gonna happen when you interact with a contract. It doesn't have to tell you anything.
  
  In conversation Sunday, 22-Sep-2024 13:12:26 JST permalink
  
  Blurry Moon likes this.
- Embed this notice
  Hyolobrika (hyolobrika@social.fbxl.net)'s status on Sunday, 22-Sep-2024 13:12:27 JST Hyolobrika
  in reply to
  - Blurry Moon
  cc: @sun
  
  In conversation Sunday, 22-Sep-2024 13:12:27 JST permalink
- Embed this notice
  Hyolobrika (hyolobrika@social.fbxl.net)'s status on Sunday, 22-Sep-2024 13:12:27 JST Hyolobrika
  in reply to
  
  To crypto's credit though, AFAIK most smart contract chains don't allow that (or, at least, not Ethereum).
  
  In conversation Sunday, 22-Sep-2024 13:12:27 JST permalink
- Embed this notice
  Blurry Moon (sun@shitposter.world)'s status on Sunday, 22-Sep-2024 13:13:25 JST Blurry Moon
  in reply to
  - feld
  @feld @Hyolobrika Yeah, it's all public but that doesn't mean it's easy.
  
  In conversation Sunday, 22-Sep-2024 13:13:25 JST permalink
- Embed this notice
  Fediverse Contractor (bot@seal.cafe)'s status on Sunday, 22-Sep-2024 13:16:48 JST Fediverse Contractor
  in reply to
  - Blurry Moon
  - feld
  You being mean to me is also public
  
  In conversation Sunday, 22-Sep-2024 13:16:48 JST permalink
- Embed this notice
  feld (feld@friedcheese.us)'s status on Sunday, 22-Sep-2024 13:24:08 JST feld
  in reply to
  
  @Hyolobrika the language is limited and you can decompile it. Tools like IDA have to deal with way more complicated stuff.
  
  AIUI You can get almost identical code back out but without the variable names and comments etc obviously
  
  https://jbecker.dev/research/diving-into-decompilation
  In conversation Sunday, 22-Sep-2024 13:24:08 JST permalink
  Attachments
  1. Domain not in remote thumbnail source whitelist: raw.githubusercontent.com
    
    Diving Into Smart Contract Decompilation | Jonathan Becker
- Embed this notice
  Hyolobrika (hyolobrika@social.fbxl.net)'s status on Sunday, 22-Sep-2024 13:24:09 JST Hyolobrika
  in reply to
  - feld
  True. They are compiled, and releasing the source code is not a given. How many contracts do that? Do any use reproducible builds?
  
  In conversation Sunday, 22-Sep-2024 13:24:09 JST permalink
- Embed this notice
  feld (feld@friedcheese.us)'s status on Sunday, 22-Sep-2024 13:25:18 JST feld
  in reply to
  
  @Hyolobrika 99% sure that reproducible builds are a given with the EVM. A contract always has to compile and produce the same hash otherwise it's hard to verify it, right?
  
  In conversation Sunday, 22-Sep-2024 13:25:18 JST permalink
- Embed this notice
  Blurry Moon (sun@shitposter.world)'s status on Sunday, 22-Sep-2024 15:59:16 JST Blurry Moon
  in reply to
  - feld
  @feld @Hyolobrika Yes, Solidity compiler is deterministic builds, within the same version number. So, if you look on Etherscan like Harblinger mentions, you will notice that it lists the exact solc compiler version and settings. When you upload the contract code you have to include the compiler version and settings.
  
  In conversation Sunday, 22-Sep-2024 15:59:16 JST permalink
- Embed this notice
  Hyolobrika (hyolobrika@social.fbxl.net)'s status on Sunday, 22-Sep-2024 16:09:00 JST Hyolobrika
  in reply to
  - Blurry Moon
  - feld
  Nvm. I found it.
  
  In conversation Sunday, 22-Sep-2024 16:09:00 JST permalink
  
  Blurry Moon likes this.
- Embed this notice
  Blurry Moon (sun@shitposter.world)'s status on Sunday, 22-Sep-2024 16:20:20 JST Blurry Moon
  in reply to
  - feld
  @Hyolobrika @feld you may be interested to know that a different chain, Arbitrum, has smart contracts that run on a WASM engine. That is better in a lot of ways but also makes it harder to verify contracts since a lot more languages can compile to it but don't have deterministic builds.
  
  In conversation Sunday, 22-Sep-2024 16:20:20 JST permalink
- Embed this notice
  Blurry Moon (sun@shitposter.world)'s status on Sunday, 22-Sep-2024 16:32:41 JST Blurry Moon
  in reply to
  - feld
  @Hyolobrika @feld yeah the main language being pitched for wasm smart contracts is Rust!
  
  In conversation Sunday, 22-Sep-2024 16:32:41 JST permalink
- Embed this notice
  Hyolobrika (hyolobrika@social.fbxl.net)'s status on Sunday, 22-Sep-2024 16:32:42 JST Hyolobrika
  in reply to
  - Blurry Moon
  - feld
  Freenet, which is not cryptocurrency but is conceptually similar to Ethereum, also uses WASM (currently just with Rust, which the core program is also written in)
  
  In conversation Sunday, 22-Sep-2024 16:32:42 JST permalink

Public

Conversation

Notices

Feeds