Update: the grand total is around $280,000,000 of frozen assets. AKA: 600% of the DAO hack, and 1000% of the 1st parity hack.

Update 2: We are now creating our own Turing Incomplete variation of the Python language called Seneca that will be used for Smart Contracts on our blockchain, Cilantro.

So Parity’s and Ethereum’s founder Gavin Wood lost all of his money from his new ICO venture Polkadot that is supposed to revolutionize and connect blockchains together with some strange paradigms of ‘fishermen’ because he can’t seem to implement one of the most basic smart contracts on Earth.

Fact: A system’s worth is determined by how complex and convoluted it is, the number of pretty graphics in the whitepaper, and the quirkiness of the metaphors used to describe the concepts within. See the Plasma whitepaper for more information.

Back in July, some hacker drained a ton of multisig wallet contracts because the developers (lead by Gavin) left a single modifying variable out of a function which allowed the public to essentially steal control on any multisig wallet they wanted.

Someone forgot to add the word ‘internal’ to this function, and that’s what caused the 1st Parity hack of $30,000,000 to occur.

That hack drained about $30,000,000. Parity pushed out a major release and had a way to turn your old multisig wallets into new multisig wallets. All fine and dandy.

Gavin Wood after the 1st hack when none of the money that was stolen was his (/s)

And then some random kid poking smart contracts online to learn about Ethereum accidentally sent a kill command to the library contract that all of these new multisig wallet contracts were based off, rendering all of these new contracts unusable.

At least he opened a GitHub issue letting the devs know that anyone could kill their smart contract.

Thus, whoever had money inside of those NEW multisig wallets that were supposed to have gone through a new wave of security checks now had their funds frozen. That included Gavin himself and experts are saying the number of funds that have been frozen in wallets is around $150,000,000 to $200,000,000.

Gavin after being told that all of his ICO funds were frozen (/s)

Remember when the DAO happened? It was a mess because instead of letting the system ride out and trying to fix the security problem of having a Turing complete virtual machine on a blockchain, the key developers decided to just hard fork the ledger, give everyone’s money back (some of which was Vitalik’s) and continue on.

This makes the system no different than a PayPal or a credit card company where the managers can revert payments from people who steal your card info.

The DAO hack was an estimated $50,000,000. That would make this new Parity hack at least 3 times more severe. Four times if you take into account the previous hack as well. Will the core developers fork Ethereum again? It’s unknown. They’ve done it before and Gavin has a lot of pull in the community.

Why do these hacks keep happening?

In computer science, there’s a concept of a Turing complete machine. A Turing complete machine is able to do everything that a modern computer can do from a mathematical standpoint. This is powerful because that means you can do a lot with it, especially when it is paired with a blockchain and a programming language.

What it also does, unfortunately, is introduce an infinite and unknown amount of attack vectors, which are potential ways that the system can be hacked. Combine this with a team of developers who fail to implement a robust set of test suites to make sure that the known attack vectors are handled and you get the ridiculous meltdown we are currently witnessing.

Something you should also know is that while you can’t prevent bad programmers from programming bad code, Ethereum has a duty to produce their smart contracting language in a way that mitigates these sorts of potential attack vectors. That would be great if there were people actually working on the core development of Solidity.

Solidity development itself has 2 people working on it full time. The market cap of Ethereum is over $25,000,000,000. Two people are working on the smart contracting system for a multi-billion dollar system that has unknown levels of attack vectors.

A graph of who’s working on Solidity. Right now, only two core developers for a system that has billions of dollars behind it. Gavin stopped contributing over a year ago (source: https://github.com/ethereum/solidity/graphs/contributors).

Hey, but maybe two developers is all you need, right? Clearly not. You still have unknown and unseen attacks occurring in the system every single day and you still can’t define a float (aka a decimal number such as 0.1337) in Solidity. Yeah, let that sink it. The community says this is because of the floating-point problem, but another smart contracting language called Pact has already figured out a solution and they don’t have billions of dollars worth of users behind them.

Turing Incompleteness

For complicated applications that run on independent computers, Turing completeness works great. If the system crashes, you just have to reboot it. Because these systems are generally private, you can create permissioning and swath off huge potential attack points and limit how people use your app.

In blockchain, everything is public. The original Turing complete systems don’t really work well when you have everyone smashing everything all over the place. When a newbie programmer can trip over a wire and cause a $150,000,000 crash, you know something is wrong.

That’s why Turing incompleteness is the way in which we need to go. Not only is it safer, but the types of applications we’ve seen on the Ethereum blockchain thus far do not require Turing completeness and it has only done more damage than good. Most contracts right now are for crowdfunding and moving assets. Why are we supporting a system that does so much more?

Let’s permission ourselves out of the system and only allow very specific operations to occur. It may not be a ‘true computer’ but that doesn’t matter. We just want to be able to do certain things on the blockchain and in public.

This new paradigm is being explored right now with the Pact smart contracting system which I urge you all to check out, and we will be using these lessons as we develop Seneca, Lamden’s own smart contracting language.

In terms of Turing incompleteness and Lamden, the Lamden Tau token from our token sale will be deployed on a delegated proof-of-stake blockchain system featuring this Turing incomplete smart contracting language.