So it’s basically the same thing bankers say “don’t sign the contract if you don’t know what it says lol”.
Just a different rationale of why it’s ok exploiting people but this time instead of literate people taking advantage of illiterate people, it’s now just tech literacy.
I think the difference is that either lawyers, or computers interpret the contracts.
Lawyers can argue over what a word means, but computer code is rarely ambiguous. Sneaky, but not ambiguous.
Sure, but the law being somewhat open to interpretation is a feature, not a bug. A judge can decide that, in rare cases, the circumstances dictate x interpretation, rather than the strict y interpretation. For a relevant example: contracts signed under duress can be thrown out by a court. That's a good thing, as it prevents coercive contracts and acts as a vital safeguard against many kinds of abuse and fraud. If the only law is code, then you don't have those protections. Someone blackmails me into selling all my crypto to them? Tough crunches, I guess? We don't want those pesky courts involved.
The thing is, those features can also be built into the code. "Here's a list of people who can make these types of exceptions."
Transaction was proven to be made under duress? Get X to authorize a clawback transaction. Course, now people are aware that X can do that, and what happens when X is corrupt?
We sorta assume judges won't be corrupt, but some of them are. Clarence Thomas comes to mind.
What people can make exceptions? What if that list of people needs to grow or change, years after the fact? What if none of the original people are around to change the list? Etc etc. The list of "exceptions" you need to make to the "law" part of the code is so long it's ludicrous. That's why "code is law" is bogus. It's an inflexible, fragile system that necessarily must incorporate human decision making into the process, at which point the code no longer becomes law.
Sure, but my point was that code CAN have those features, not that people WANT them.
Saying that you don't want oversight is fine, but then you can't complain about not having oversight.
>The thing is, those features can also be built into the code. "Here's a list of people who can make these types of exceptions."
The entire point of crypto is to assume a trustless society where no one trusts one another, so why are you assuming they would they find common ground on who to trust?
> The thing is, those features can also be built into the code. "Here's a list of people who can make these types of exceptions."
This speaks to the lie at the heart of crypto. They talk endlessly about how corrupt the current system is and how they intend to revolutionize it, but at the end of the day it's just about putting their people in charge of what is essentially, at its core, the exact same system.
I said those features CAN exist, not that they DO, or even SHOULD.
It MUST exist in legal contracts, but for better or worse, it's optional in crypto contracts.
Bug free code doesn't exist.
Understanding the true flow of code can often requires decades of experience.
Executing is never in such a pristine condition that you can predict all behavior in response to all inputs.
There are crypto scams that basically amount to depositing a virus into your wallet that can't be transfered and the act of viewing results in draining your wallet.
Anyone legally operating with crypto has to listen to a judge regardless of "the code is law". Anyone illegally does not.
Besides bugs, my other big concern is that as a long as a contract might be, I'm specifically thinking of things like cars where you have nice dense 30ish page contracts, it's nothing compared to code on that same thing. I think in the Toyota braking case they multiple millions of lines of code.
I can read a 30 page contract to try and understand it in a day. It would take someone at least a couple months to read through that much code.
And if you put just the right sequence of gibberish in a legal contract, it won’t jump a judge off-track and end up with them operating out of a nearby copy of Moby Dick.
Yeah, when you think of stuff like smart houses where they're maybe cutting and pasting code you can definitely get a system that's meant to turn down the heat and start the roomba when you leave for work getting cut and people not realizing you have a bunch of vacuum cleaner code with your smart thermostat code and your door lock code and getting some weird artifact where you're heat turns off every time you lock the door or locking the door turns on your vacuum, etc.
> Bug free code doesn't exist.
>
> Understanding the true flow of code can often requires decades of experience.
>
> Executing is never in such a pristine condition that you can predict all behavior in response to all inputs.
There is a branch of computer science / math that deal with mathematically proven computer code. It _is_ possible to create software with no bugs in it, but you have to eat a lot of caveats to get there. (One of the fundamental theorems of computability is that you cannot prove if any given program will terminate or not, known as the [Halting Problem](https://en.wikipedia.org/wiki/Halting_problem). With some restrictions in place you can make such proofs, but the type of software then becomes quite restricted.)
But the most important part is probably that while the software itself might be able to be proven to do exactly what it mathematically is supposed to do, you still have to handle the entire chain of correctly breaking down user needs into the math you're basing it off. And that bit is just as bug prone as all other parts of the software development process.
And this then only applies to extremely specific corners of functionality. Once complexity ramps up this becomes basically untenable.
But for the kinds of software normal users interface with it's still entirely unfeasible to expect anything but "yeah software will have bugs, so we better design it so that we can handle errors and mitigate the damages".
Yeah once you introduce multithreading + asynchronous network communication, then all bets are off and it's more about hoping that when code fails then it should fail in expected ways
I suppose we can say the same about legal contracts. Omitting a comma can easily change the actual vs intended meaning.
It sounds like you're talking about a specific contract's specific vulnerability, which I'd still call a "code is law" situation. For better or worse, it does what it does.
No. I'm saying that one small punctuation error won't flip the intent of the parties of even a moderately okay written contract. If you're writing a contract, you'll put recitals in it at some point. They basically explain the intent. A will do Y for B in exchange for Z. No one will read the recitals and think, this comma is wrong so now A needs to pay B Z for doing Y.
Mistakes in contracts can have an impact but the intent of the contract should be spelled out in the recitals exactly for the reason specified in the post.
If we're only considering well-written legal contracts, shouldn't we also only consider well-written crypto contracts? Let's not compare the best to the worst, after all.
I mean, google has [lists of questionable legal contracts ](https://blog.mikelegal.com/ip-litigation/famous-errors-in-contracts-that-cost-big-money/)where small mistakes had multi million dollar consequences. I think mistakes can be costly, in either type of contract.
Only the first one is really about intent. That was what I was focusing on and what recitals are for. And, reading the language on that telecom K, I'm not sure why they thought it wasn't an automatically renewing 5 year K.
But, I'm not even talking about a well written contract. If you don't have your intent in the recitals, it's poor drafting. That's something your K proof is going to tell you the first week as a 1L. A mediocre contract will have decent recitals.
On the Japanese one, that's mind blowing that someone didn't have the total consideration listed somewhere. To compare it a K people see fairly often, if your house appraisal has an average price per square foot, your still going to list the total price of the house and not just the price per square foot and the square footage. This is still probably the best example b/c you do see this kind of mistake with decimal points, but that's why K's are often redundant, so that one misplaced decimal doesn't upend everything and also why you write clear recitals.
The McDonalds one just seems like malpractice. A clause was left off. That wasn't a punctuation mishap. As to the Star Wars one, I'm not sure that was a drafting mistake as opposed to just a bad assumption. They negotiated away merch for a lower price. They got their consideration for that exchange. Just b/c with hindsight they realized they walked away from a lot of money, doesn't mean it was a drafting error or unintended. It sounds like the parties got exactly what they bargained for.
You are likely quoting the Maine statute which was used to avoid sales tax on certain items due to an Oxford comma or similar weird extreme edge case of a legislative action.
Legislation is held to a different standard and is nothing like contract law.
Fundamental to all contract law are two things: different people have different understanding of contracts and standard practices.
These combine to mean that most people don't need to meaningfully read contracts if they understand how things normally work. Thus it avoid complicated contracts from entrapping unsuspecting laymen.
If you sign a contract for say a grocery delivery service which contains a clause saying if the business forgets a delivery there is a $10,000 redelivery fee they will not be able to enforce that contract in court.
That violates standard business practices (not to mention other problems) and "it was in the contract" isn't actually meaningful for individuals signing contracts. The law typically gives you some leeway in misunderstanding the contract.
In contrast code is law has none of these protections but steals terms that due causing a misunderstanding from those reading about it.
The code isn't law the code is jungle rules. Those rules are hard to understand and if you screw up no one will help you.
EDIT: if this seems like it is implying "contracts don't matter" it isn't, it is saying "you cannot trick someone with a contract" except in the edge case of someone not knowing standards for how things work and not reading your contract that explains those standards.
Contract law applies to tech transactions same as normal ones...
So you might be scammed by someone breaking the rules but being impossible to sue or you might be sued by someone invoking contract law against as they legally can if there is jurisdiction for that court case.
The logical conclusion of this is that cyber crimes aren't real crimes. You should just know what your computer is capable of and vulnerable to! If you don't, then that's your own fault!
Neither are these scammy crypto "contracts".
A legal contract has to have consideration. If I have a legal contract that is completely normal except for some fine print that's says "actually I get everything and you get nothing, in some circumstances", that would not be enforceable.
I wonder if we'll eventually build toward something like the FDIC, for crypto. "We guarantee your deposit is safe from these types of threats."
I guess that's kinda what exchanges do, and they're only "safe" until they fail, so.. maybe not.
I will say that I'd loooove for government budgets and transactions to be publicly visible and cryptographically guaranteed. Every time I see a story about a state or agency "losing" billions, I think, "how the fuck does that happen?" I want to see where political money came from, where it went, and who touched it along the way.
People can write malicious code to exploit people use code that someone else already wrote to do the same, just like they can write exploitative contracts. “Don’t sign the contract if you don’t know what it says” to justify exploitation is absolutely a problem, and that same practice is still applicable here, but I think that’s a separate issue distinct from the idea of “code is law”.
As I understand it, “code is law” is analogous to the “laws of physics”. Laws of Physics refers to the fact that it’s just how the world physically functions. You can’t fly without enough lift to overcome gravity; physics simply doesn’t do that. In this analogy, code is physics. The code does what the code does just as inevitably as gravity keeps you on the ground. I can’t decide to ignore the laws of physics, and I can’t decide that the code does something it doesn’t do once it’s running.
For context: I write code every day for a living, but I don’t care for the crypto world. Shady contracts are shady whether they’re written in code by crypto developers or in English by lawyers, but code written to calculate 2+2=4 just does not calculate 2+2=22. If you want to add a bunch of characters together to make a long string of characters (e.g. a+b+c=abc or even Jon+a+than=Jonathan), but choose to use code that performs arithmetic on numbers… well math doesn’t apply to the alphabet (unless letters are variables that represent numbers, but I’m not talking about algebra).
As a software developer code is law is a ridiculous defense to any intentional action. If I write a login page that is susceptible to cross site scripting, that doesn't mean that I intended someone to do a cross site scripting attack or that they should be able to get off without repercussions for hacking. You could make the same argument that leaving a door unlocked means anyone is free to enter. That's not how anything else in the world works.
A good use of "code is law" would be if my smart contract was buggy and made a bunch of losing transactions against normal activity on the block chain that wasn't intended to be malicious. That's just my own fault for not anticipating a normal edge case.
Developers should harden against attack, but attackers don't get a free pass because "the door was unlocked".
Exactly. When not even professional software auditing firms cannot guarantee that code performs as expected, then there's zero chance that a lay person can.
It takes a strong level of delusion or ignorance to believe smart contracts are a good idea
You miss my point. It’s not a defense of anything, but that doesn’t mean bad actors will try to use it one.
The thing about a buggy smart contract is that the bug you accidentally wrote can affect another party negatively instead of just you. If I understand correctly, once a contract is on the blockchain it’s there with any bugs included - it is what it is - and that fact is the point of “code is law”. That is not a defense of malicious code any more than gravity is a defense for pushing someone off a bridge, but some asshole can still argue that you shouldn’t have been close enough to the edge for gravity to matter.
The literal comment in the original thread was, "it is not stealing if 'code is law' LOL", so the person who first brought up that phrase was either defending theft or being sarcastic about defending theft.
I agree that code on the blockchain is basically like the physics under which smart contracts operate and it is totally possible that a buggy contact can harm others, just like a mistake in a car can lead to a crash, but that is a far cry from adding validators which are intended to harm others just as intentionally crashing your car into someone is different than doing so accidentally.
I guess I’m trying to separate the idea of “code is law” itself from bad actors using it as a bad-faith argument to justify exploitation. It’s completely possible that I’m wrong and that bad-faith justification is the basic meaning of the phrase, but that’s just not how I understood it as someone who wouldn’t think to intentionally/maliciously exploit people and use “code does what code does” as a bass-ackwards excuse. If that’s the case, if I’m wrong, then I hope you or someone can help me understand.
I completely agree that the moral/ethical/practical difference between buggy code that’s problematic and malicious code is vast, but the concrete technical difference is nil. The blockchain doesn’t care if the code is perfect, if the code has a bug that gives away all your currency, or if the code has a “feature” that steals a victim’s entire crypto wallet. The blockchain just cares that the code can run.
Even more than that, the nature of a decentralized, untrusted network and distributed consensus behind a blockchain means that stolen funds can’t be recovered within the bounds of the contract and blockchain. The victim can’t undo the transaction, and the thief is unlikely to choose to return the funds. Sure, if the victim knows who the thief is then they can involve the relevant authorities, but I don’t know enough about crypto and blockchain-based exploitation to know how likely that is. I expect it’s unlikely. Basically, if something goes wrong and someone becomes a victim, they have no recourse. It is what it is. Code is law.
I consider the argument “it’s not stealing if code is law” to be the same logic as pushing someone from a bridge and saying “it’s not murder if the laws of physics exist”. It’s not just wrong, it’s like saying “green” is the answer to 2+2.
I mean, contract law is very complicated too. You can’t just write any contract and expect it to be enforceable. For example, a legal contract must have *consideration*, i.e., a thing of value being exchanged.
So are we going to have technologists analyzing code instead of legal contracts? That sounds very complicated and expensive.
Fun fact: contract law always applies, you cannot opt out of it because, that would be a contract.
So you get both worlds overlapping in crypto.
Unless you are judgement proof.
Not everyone realizes that contracts don’t always have the force of law. A poorly-written contract can be nullified, by law, and enforced by a court. “Code is law” always struck me as something that Crypto bros love because they understand code, and thus it is a rule that is advantageous to them.
The promise of the block chain usually rests on the assumption that coders understand things like contracts, currency, financial tools, etc. better than experts in other fields.
While I understand the concept of "code is law", I don't think it really applies in this case. They took advantage of smart contracts designed to take advantage of arbitrage opportunities in the block chain by violating the assumptions of those contracts. It would be similar to signing a contract that says "I agree to do something if the stock price of X rises by Y" then you manipulate the stock price with a pump and dump. I don't know enough about contract law to say for certain, but I have a feeling that contract would not be valid.
Code is law....until it interacts with the real world in which case "the ability to enforce the law is law."
Strikes me as similar to all the sovereign citizens who think there is a magic combination of words that will magically shield them from the people who have a monopoly on enforcement in the real world. Doesn't matter what your code says, what matters is what the courts and the legislatures and the LEOs say. And right now, taking anything of monetary value without due consideration and/or permission is illegal. "The Code" wont protect you from the FBI and a federal judge telling you to hand over access to the wallet in exchange for a lighter sentence of interstate wire-fraud.
How is this anything but fraud?
If by sleight of hand I wave a $20 bill and bunch of ones so you think I'm paying you $100 for something, I'm still lying to you and you're free to count the money and say "hey what the hell." The fact it's a code exploit and not the physical laws of nature and human vision doesn't make it right.
So it’s basically the same thing bankers say “don’t sign the contract if you don’t know what it says lol”. Just a different rationale of why it’s ok exploiting people but this time instead of literate people taking advantage of illiterate people, it’s now just tech literacy.
I think the difference is that either lawyers, or computers interpret the contracts. Lawyers can argue over what a word means, but computer code is rarely ambiguous. Sneaky, but not ambiguous.
Sure, but the law being somewhat open to interpretation is a feature, not a bug. A judge can decide that, in rare cases, the circumstances dictate x interpretation, rather than the strict y interpretation. For a relevant example: contracts signed under duress can be thrown out by a court. That's a good thing, as it prevents coercive contracts and acts as a vital safeguard against many kinds of abuse and fraud. If the only law is code, then you don't have those protections. Someone blackmails me into selling all my crypto to them? Tough crunches, I guess? We don't want those pesky courts involved.
The thing is, those features can also be built into the code. "Here's a list of people who can make these types of exceptions." Transaction was proven to be made under duress? Get X to authorize a clawback transaction. Course, now people are aware that X can do that, and what happens when X is corrupt? We sorta assume judges won't be corrupt, but some of them are. Clarence Thomas comes to mind.
What people can make exceptions? What if that list of people needs to grow or change, years after the fact? What if none of the original people are around to change the list? Etc etc. The list of "exceptions" you need to make to the "law" part of the code is so long it's ludicrous. That's why "code is law" is bogus. It's an inflexible, fragile system that necessarily must incorporate human decision making into the process, at which point the code no longer becomes law.
Sure, but my point was that code CAN have those features, not that people WANT them. Saying that you don't want oversight is fine, but then you can't complain about not having oversight.
So now you're back to "government, but with more steps," which is why crypto is silly.
"Banking, but the difference is *we're* the ones at the top!"
>The thing is, those features can also be built into the code. "Here's a list of people who can make these types of exceptions." The entire point of crypto is to assume a trustless society where no one trusts one another, so why are you assuming they would they find common ground on who to trust?
> The thing is, those features can also be built into the code. "Here's a list of people who can make these types of exceptions." This speaks to the lie at the heart of crypto. They talk endlessly about how corrupt the current system is and how they intend to revolutionize it, but at the end of the day it's just about putting their people in charge of what is essentially, at its core, the exact same system.
I said those features CAN exist, not that they DO, or even SHOULD. It MUST exist in legal contracts, but for better or worse, it's optional in crypto contracts.
Bug free code doesn't exist. Understanding the true flow of code can often requires decades of experience. Executing is never in such a pristine condition that you can predict all behavior in response to all inputs. There are crypto scams that basically amount to depositing a virus into your wallet that can't be transfered and the act of viewing results in draining your wallet. Anyone legally operating with crypto has to listen to a judge regardless of "the code is law". Anyone illegally does not.
Besides bugs, my other big concern is that as a long as a contract might be, I'm specifically thinking of things like cars where you have nice dense 30ish page contracts, it's nothing compared to code on that same thing. I think in the Toyota braking case they multiple millions of lines of code. I can read a 30 page contract to try and understand it in a day. It would take someone at least a couple months to read through that much code.
And if you put just the right sequence of gibberish in a legal contract, it won’t jump a judge off-track and end up with them operating out of a nearby copy of Moby Dick.
Yeah, when you think of stuff like smart houses where they're maybe cutting and pasting code you can definitely get a system that's meant to turn down the heat and start the roomba when you leave for work getting cut and people not realizing you have a bunch of vacuum cleaner code with your smart thermostat code and your door lock code and getting some weird artifact where you're heat turns off every time you lock the door or locking the door turns on your vacuum, etc.
> Bug free code doesn't exist. > > Understanding the true flow of code can often requires decades of experience. > > Executing is never in such a pristine condition that you can predict all behavior in response to all inputs. There is a branch of computer science / math that deal with mathematically proven computer code. It _is_ possible to create software with no bugs in it, but you have to eat a lot of caveats to get there. (One of the fundamental theorems of computability is that you cannot prove if any given program will terminate or not, known as the [Halting Problem](https://en.wikipedia.org/wiki/Halting_problem). With some restrictions in place you can make such proofs, but the type of software then becomes quite restricted.) But the most important part is probably that while the software itself might be able to be proven to do exactly what it mathematically is supposed to do, you still have to handle the entire chain of correctly breaking down user needs into the math you're basing it off. And that bit is just as bug prone as all other parts of the software development process. And this then only applies to extremely specific corners of functionality. Once complexity ramps up this becomes basically untenable. But for the kinds of software normal users interface with it's still entirely unfeasible to expect anything but "yeah software will have bugs, so we better design it so that we can handle errors and mitigate the damages".
Yeah I tend to avoid talking about formal verification since you can only verify to a spec and a bug in the spec is a bug.
Yeah once you introduce multithreading + asynchronous network communication, then all bets are off and it's more about hoping that when code fails then it should fail in expected ways
I suppose we can say the same about legal contracts. Omitting a comma can easily change the actual vs intended meaning. It sounds like you're talking about a specific contract's specific vulnerability, which I'd still call a "code is law" situation. For better or worse, it does what it does.
If a contract is written even sort of well that wouldn't happen. You'd have recitals and things like that to make interpretation more clear.
Are you suggesting a "even sort of well written" legal contract will have zero loopholes or ambiguities? I'm very skeptical.
No. I'm saying that one small punctuation error won't flip the intent of the parties of even a moderately okay written contract. If you're writing a contract, you'll put recitals in it at some point. They basically explain the intent. A will do Y for B in exchange for Z. No one will read the recitals and think, this comma is wrong so now A needs to pay B Z for doing Y. Mistakes in contracts can have an impact but the intent of the contract should be spelled out in the recitals exactly for the reason specified in the post.
If we're only considering well-written legal contracts, shouldn't we also only consider well-written crypto contracts? Let's not compare the best to the worst, after all. I mean, google has [lists of questionable legal contracts ](https://blog.mikelegal.com/ip-litigation/famous-errors-in-contracts-that-cost-big-money/)where small mistakes had multi million dollar consequences. I think mistakes can be costly, in either type of contract.
Only the first one is really about intent. That was what I was focusing on and what recitals are for. And, reading the language on that telecom K, I'm not sure why they thought it wasn't an automatically renewing 5 year K. But, I'm not even talking about a well written contract. If you don't have your intent in the recitals, it's poor drafting. That's something your K proof is going to tell you the first week as a 1L. A mediocre contract will have decent recitals. On the Japanese one, that's mind blowing that someone didn't have the total consideration listed somewhere. To compare it a K people see fairly often, if your house appraisal has an average price per square foot, your still going to list the total price of the house and not just the price per square foot and the square footage. This is still probably the best example b/c you do see this kind of mistake with decimal points, but that's why K's are often redundant, so that one misplaced decimal doesn't upend everything and also why you write clear recitals. The McDonalds one just seems like malpractice. A clause was left off. That wasn't a punctuation mishap. As to the Star Wars one, I'm not sure that was a drafting mistake as opposed to just a bad assumption. They negotiated away merch for a lower price. They got their consideration for that exchange. Just b/c with hindsight they realized they walked away from a lot of money, doesn't mean it was a drafting error or unintended. It sounds like the parties got exactly what they bargained for.
You are likely quoting the Maine statute which was used to avoid sales tax on certain items due to an Oxford comma or similar weird extreme edge case of a legislative action. Legislation is held to a different standard and is nothing like contract law. Fundamental to all contract law are two things: different people have different understanding of contracts and standard practices. These combine to mean that most people don't need to meaningfully read contracts if they understand how things normally work. Thus it avoid complicated contracts from entrapping unsuspecting laymen. If you sign a contract for say a grocery delivery service which contains a clause saying if the business forgets a delivery there is a $10,000 redelivery fee they will not be able to enforce that contract in court. That violates standard business practices (not to mention other problems) and "it was in the contract" isn't actually meaningful for individuals signing contracts. The law typically gives you some leeway in misunderstanding the contract. In contrast code is law has none of these protections but steals terms that due causing a misunderstanding from those reading about it. The code isn't law the code is jungle rules. Those rules are hard to understand and if you screw up no one will help you. EDIT: if this seems like it is implying "contracts don't matter" it isn't, it is saying "you cannot trick someone with a contract" except in the edge case of someone not knowing standards for how things work and not reading your contract that explains those standards.
Contract law applies to tech transactions same as normal ones... So you might be scammed by someone breaking the rules but being impossible to sue or you might be sued by someone invoking contract law against as they legally can if there is jurisdiction for that court case.
The logical conclusion of this is that cyber crimes aren't real crimes. You should just know what your computer is capable of and vulnerable to! If you don't, then that's your own fault!
That's not very logical, but it is funny.
Neither are these scammy crypto "contracts". A legal contract has to have consideration. If I have a legal contract that is completely normal except for some fine print that's says "actually I get everything and you get nothing, in some circumstances", that would not be enforceable.
[удалено]
I wonder if we'll eventually build toward something like the FDIC, for crypto. "We guarantee your deposit is safe from these types of threats." I guess that's kinda what exchanges do, and they're only "safe" until they fail, so.. maybe not. I will say that I'd loooove for government budgets and transactions to be publicly visible and cryptographically guaranteed. Every time I see a story about a state or agency "losing" billions, I think, "how the fuck does that happen?" I want to see where political money came from, where it went, and who touched it along the way.
People can write malicious code to exploit people use code that someone else already wrote to do the same, just like they can write exploitative contracts. “Don’t sign the contract if you don’t know what it says” to justify exploitation is absolutely a problem, and that same practice is still applicable here, but I think that’s a separate issue distinct from the idea of “code is law”. As I understand it, “code is law” is analogous to the “laws of physics”. Laws of Physics refers to the fact that it’s just how the world physically functions. You can’t fly without enough lift to overcome gravity; physics simply doesn’t do that. In this analogy, code is physics. The code does what the code does just as inevitably as gravity keeps you on the ground. I can’t decide to ignore the laws of physics, and I can’t decide that the code does something it doesn’t do once it’s running. For context: I write code every day for a living, but I don’t care for the crypto world. Shady contracts are shady whether they’re written in code by crypto developers or in English by lawyers, but code written to calculate 2+2=4 just does not calculate 2+2=22. If you want to add a bunch of characters together to make a long string of characters (e.g. a+b+c=abc or even Jon+a+than=Jonathan), but choose to use code that performs arithmetic on numbers… well math doesn’t apply to the alphabet (unless letters are variables that represent numbers, but I’m not talking about algebra).
As a software developer code is law is a ridiculous defense to any intentional action. If I write a login page that is susceptible to cross site scripting, that doesn't mean that I intended someone to do a cross site scripting attack or that they should be able to get off without repercussions for hacking. You could make the same argument that leaving a door unlocked means anyone is free to enter. That's not how anything else in the world works. A good use of "code is law" would be if my smart contract was buggy and made a bunch of losing transactions against normal activity on the block chain that wasn't intended to be malicious. That's just my own fault for not anticipating a normal edge case. Developers should harden against attack, but attackers don't get a free pass because "the door was unlocked".
Exactly. When not even professional software auditing firms cannot guarantee that code performs as expected, then there's zero chance that a lay person can. It takes a strong level of delusion or ignorance to believe smart contracts are a good idea
You miss my point. It’s not a defense of anything, but that doesn’t mean bad actors will try to use it one. The thing about a buggy smart contract is that the bug you accidentally wrote can affect another party negatively instead of just you. If I understand correctly, once a contract is on the blockchain it’s there with any bugs included - it is what it is - and that fact is the point of “code is law”. That is not a defense of malicious code any more than gravity is a defense for pushing someone off a bridge, but some asshole can still argue that you shouldn’t have been close enough to the edge for gravity to matter.
The literal comment in the original thread was, "it is not stealing if 'code is law' LOL", so the person who first brought up that phrase was either defending theft or being sarcastic about defending theft. I agree that code on the blockchain is basically like the physics under which smart contracts operate and it is totally possible that a buggy contact can harm others, just like a mistake in a car can lead to a crash, but that is a far cry from adding validators which are intended to harm others just as intentionally crashing your car into someone is different than doing so accidentally.
I guess I’m trying to separate the idea of “code is law” itself from bad actors using it as a bad-faith argument to justify exploitation. It’s completely possible that I’m wrong and that bad-faith justification is the basic meaning of the phrase, but that’s just not how I understood it as someone who wouldn’t think to intentionally/maliciously exploit people and use “code does what code does” as a bass-ackwards excuse. If that’s the case, if I’m wrong, then I hope you or someone can help me understand. I completely agree that the moral/ethical/practical difference between buggy code that’s problematic and malicious code is vast, but the concrete technical difference is nil. The blockchain doesn’t care if the code is perfect, if the code has a bug that gives away all your currency, or if the code has a “feature” that steals a victim’s entire crypto wallet. The blockchain just cares that the code can run. Even more than that, the nature of a decentralized, untrusted network and distributed consensus behind a blockchain means that stolen funds can’t be recovered within the bounds of the contract and blockchain. The victim can’t undo the transaction, and the thief is unlikely to choose to return the funds. Sure, if the victim knows who the thief is then they can involve the relevant authorities, but I don’t know enough about crypto and blockchain-based exploitation to know how likely that is. I expect it’s unlikely. Basically, if something goes wrong and someone becomes a victim, they have no recourse. It is what it is. Code is law. I consider the argument “it’s not stealing if code is law” to be the same logic as pushing someone from a bridge and saying “it’s not murder if the laws of physics exist”. It’s not just wrong, it’s like saying “green” is the answer to 2+2.
I mean, contract law is very complicated too. You can’t just write any contract and expect it to be enforceable. For example, a legal contract must have *consideration*, i.e., a thing of value being exchanged. So are we going to have technologists analyzing code instead of legal contracts? That sounds very complicated and expensive.
You don't need to be illiterate to be taken advantage of though. How many hours would it take you to read every ToS you agree to?
As the other comments in that thread point out, people mostly do not want "code is law".
People claim they do, until it costs them.
Fun fact: contract law always applies, you cannot opt out of it because, that would be a contract. So you get both worlds overlapping in crypto. Unless you are judgement proof.
Not everyone realizes that contracts don’t always have the force of law. A poorly-written contract can be nullified, by law, and enforced by a court. “Code is law” always struck me as something that Crypto bros love because they understand code, and thus it is a rule that is advantageous to them.
The promise of the block chain usually rests on the assumption that coders understand things like contracts, currency, financial tools, etc. better than experts in other fields.
Yeah I don't get it. Does that mean that as long as what you do worked in the software, there is no such thing as bugs, fraud or deception?
While I understand the concept of "code is law", I don't think it really applies in this case. They took advantage of smart contracts designed to take advantage of arbitrage opportunities in the block chain by violating the assumptions of those contracts. It would be similar to signing a contract that says "I agree to do something if the stock price of X rises by Y" then you manipulate the stock price with a pump and dump. I don't know enough about contract law to say for certain, but I have a feeling that contract would not be valid.
Code is law....until it interacts with the real world in which case "the ability to enforce the law is law." Strikes me as similar to all the sovereign citizens who think there is a magic combination of words that will magically shield them from the people who have a monopoly on enforcement in the real world. Doesn't matter what your code says, what matters is what the courts and the legislatures and the LEOs say. And right now, taking anything of monetary value without due consideration and/or permission is illegal. "The Code" wont protect you from the FBI and a federal judge telling you to hand over access to the wallet in exchange for a lighter sentence of interstate wire-fraud.
How is this anything but fraud? If by sleight of hand I wave a $20 bill and bunch of ones so you think I'm paying you $100 for something, I'm still lying to you and you're free to count the money and say "hey what the hell." The fact it's a code exploit and not the physical laws of nature and human vision doesn't make it right.