It points out a great many fundamental issues with the Solidity contract language. Basically, the language design sounds extremely amateurish and it appears to have ignored everything we've learned about security in the last 30 years. Samples:
- "Operators have different semantics depending on whether the operands are literals or not. For example, 1/2 is 0.5, but x/y for x==1 and y==2 is 0."
- "All state is mutable by default (this includes struct fields, array elements, and locals). Functions can mutate state by default"
- "Order of evaluation is not defined for expressions. This in a language that has value-returning mutating operators like ++!"
I wouldn't trust a Solidity smart contract with $100.
Does Solidity really matter, though? "How's the VM" is the real question. I haven't spent more then 10 minutes looking into it, but it seemed reasonable to me. No heap and 256(?)-bit addressing seem like good ideas to keep execution complexity down.
The VM is also fucked (or, at least it was in the recent past) because it turns out that their semantics are a mess. For example, exception handling is either implicit or explicit depending on how a method is invoked!
It does matter if the use of Solidity is being actively promoted. Sure, maybe you're smart and you'll pick safer options, but if a huge percentage of contracts are written in Solidity, it could still mean there are massive security holes everywhere.
I hate immutable variables because I'm lazy but I would definitely use them as a feature in a system like this. Maybe I should reconsider using erlang or my position on immutble variables... Nope that's enough self discovery for today... Carry on.
Edit: And again erlang people can't take a joke. I'm literally making fun of myself for having an invalid bias and erlang folks take it as an attachment on the language.
It's also a commentary on how long it takes for devs to mind shift and incorporate new ideas.
There are two distinct features: immutability and single-assignment. Erlang is famous for single-assignment, and also happens to have largely immutable values, but they are not the same thing.
Immutability prevents things like in-place appending to an array, or in-place modification of a string.
Single-assigment means that the value bound to "someVariable" cannot be changed. E.g. `someVariable = new String("hello"); someVariable = new String("goodbye");` is illegal. But it still may be possible to mutate the value `someVariable.substitute("hello", "goodbye")` if the language allows mutation.
You wouldn't trust a bank with an SQL-injection vulnerability or a hospital running on an old version of Windows either but that doesn't mean all banks and hospitals are not trustworthy
A new monetary system created 3 years ago and is highly demanded might have some growing pains
You hold $0 of Ether but suggest on how to spend it, you wouldn't send ether to a contract that was coded poorly or vulnerable so the language is not as important as you make it seem.
Ethereum has a great bug bounty program so contracts that are vulnerable get exposed fast. Each new smart contract should learn lessons for previous contracts and the software will improve over time, imagine that...
> You wouldn't trust a bank with an SQL-injection vulnerability or a hospital running on an old version of Windows either but that doesn't mean all banks and hospitals are not trustworthy
I would and do, because that's the reality of things. You're discounting the fact that if my bank has a SQL-injection exploit used against it and my account is drained, the federal government will reimburse me up to $250,000.
That type of peace of mind does not come with Ethereum; in fact it's billed as a feature.
it is because the federal government mints and controls the currency of dollars, with Ethereum you can create an arbitrary token and mint this token to any amount, essentially be your own federal reserve, Ethereum is an interesting software platform. Coinbase is fully insured all their digital currency is backed if a breach was to happen the customers will be refunded. So I suggest you keep your $250000 in there.
How often do you hear of someone loosing thousands of dollars perminantly because of a banking error? Almost never, because if a bank did not reimburse people who lost money, their reputation would be destroyed. How often do you hear of people losing thousands of dollars because of a cryptocurrency? All the time, because no one is responsible for the lost money, so no one will replace it or work extra hard to ensure it is safe. Security doesn't matter when you have a central authority dedicated to ensuring you don't loose your money, and which had been successfully doing so for decades.
the federal government can reimburse the person I was replying to because they control and mint dollars. With Ethereum you can control and mint your own currency, I didn't want to use the word currency earlier, it is more of a digital asset or app credits.
The last time this was discussed on Hacker News, I found this comment particularly instructive: https://news.ycombinator.com/item?id=14810008
It points out a great many fundamental issues with the Solidity contract language. Basically, the language design sounds extremely amateurish and it appears to have ignored everything we've learned about security in the last 30 years. Samples:
- "Operators have different semantics depending on whether the operands are literals or not. For example, 1/2 is 0.5, but x/y for x==1 and y==2 is 0."
- "All state is mutable by default (this includes struct fields, array elements, and locals). Functions can mutate state by default"
- "Order of evaluation is not defined for expressions. This in a language that has value-returning mutating operators like ++!"
I wouldn't trust a Solidity smart contract with $100.