The thesis is simple: About myself, I plan to hold my ethereum as judex was an investment. Ethereum 1 8. Author nagleonce Posted blog Here's how it works:
A more important category of solutions, however, involve mitigating the specific and unintuitive quirks of the EVM execution environment. The author of the Dark DAO split is not inncoent of an intent contrary to the good intentions of the large number of people who thought it an interesting experiment and who are horrified at the dishonesty of the Dark Dao split author. Slapping a piece of fragile race-condition prone code on top of all of that uncertainty, has literally no way of producing an improvement of the underlying problem,. The disk to be resized was a "fixed disk" instead of "dynamic", and only dynamic disks can be resized. There have been many solutions proposed to smart contract safety, ranging from better development environments to better programming languages to formal verification and symbolic execution, and researchers have started developing such tools. Author Alan Stubbs Posted at Yes, this DAO should be closed down.
Some declarative ethereum, such as if-then rules, would have been much easier to audit. Parallelization should also be put into consideration, where Haskell judex other languages by judex without adding any security risks. Author bshanks Posted at A third category blog solutions is defense in depth. Are all contracts equal but some contracts blog more equals then others? First use ccleaner or similiar program in XP ethereum clean up all junk files that it can.
Questions Tags Users Badges Unanswered. Ethereum Stack Exchange is a question and answer site for users of Ethereum, the decentralized application platform and smart contract enabled blockchain. Join them; it only takes a minute: Here's how it works: Anybody can ask a question Anybody can answer The best answers are voted up and rise to the top. What reputation systems are implemented on Ethereum? Would you like to answer one of these unanswered questions instead?
Questions Tags Users Badges Unanswered. Ask Ubuntu is a question and answer site for Ubuntu users and developers. Join them; it only takes a minute: Here's how it works: Anybody can ask a question Anybody can answer The best answers are voted up and rise to the top. How do I increase the hard disk size of the virtual machine? The suggestion below gives this error wim wim-ubuntu: But now I can't boot the virtual machine, I get this worrying screen: Could not read from the boot medium!
Jorge Castro 31k I've answered with how I fixed this. Open a terminal and navigate to the folder with the VirtualBox disk image, then use the following command: Tom Brossman 8, 11 45 Just used this to increase the size of my Windows 7 disk from 20 to 30 GB, and it worked very smoothly no unregistering etc needed.
However, you need to increase the partition after so windows can register the new space. I think in recent versions of VirtualBox it is. The following worked for me: Richard Povinelli 1, 9 It may corrupt permissions in your home directory, requiring you to use sudo for virtualbox which is a bad idea.
Good to know that it is not necessary. I used it because others had said it didn't work without being root. As far as permission corruptions go, chmod works well to fix such mistakes. I mention chmod and chown, because I have had to fix the problem you are referencing many times: This is great for Windows, but if you have a Linux guest OS this link can help with re-sizing the partitions: Just had to shut down the guest OS completely first.
Philippe Gachoud 2, 19 There was two problems: Resize hard disk operation for this format is not implemented yet! This is done as root.
Assumes that you only have one partition and possibly swap. Checking inodes, blocks, and sizes Pass 2: Checking directory structure Pass 3: So you really really want to address the former. We think that intent is simple but in fact it is usually much more complicated than it looks.
To give a flippant but still illustrative example: A simple transaction with simple intent, right? But what if my fries are soggy? Should I get a refund? Who gets to be the arbiter of sogginess, the customer or the merchant? Even in such a simple scenario intent is much more nuanced than at first glance. And intent is not free from context: Now move that to a serious context where millions of dollars are at stake and you can see that even for simple-seeming contracts we need safeguards for addressing and adjudicating the gap between intent, implementation, and the real world.
Buying a burger and fries is both non-trivial and has nothing to do with programming. Simple programming intents can be: Programming languages take different approaches to follow the intent more or less closely. For example Java has locks, strong typing and private packages to satisfy those intents.
C has locks, and not much for safety. Haskell picked purity, strong typing and non-exported functions. My point is that a programming language is made for humans, and as such should either force humans to clarify their intents, or pick a non ambiguous direction.
I sort of agree with you; the intent of individual lines of code is clear and a bug like the one that brought down the DAO was completely avoidable. However, I still think in a larger context intent is not clear. Even in larger software systems intent becomes hard to gauge. Bugs in complex software stem not just from coding mistakes but also from the failure, and often the impossibility, of anticipating all corner cases.
To make it worse, smart contracts are not just about software and programming. If you agree that buying a burger and fries carries a non-trivial intent, then I think you would agree that most intents in the real world are not straightforward. It is in the real world where smart contracts will have to prove they can be relied on if we want them to be widely used.
They are just a tool you use to express a concept. If that concept is ambiguous or hard to explain, nothing will magically make it easy to define. The same happens with human languages too: It is too early to make such a huge judgment.
Ethereum as a system presents a very powerful decentralized technology that has ways to go before it matures. This project is simple dead and imo will never recover. The DAO debacle has shown us two things: It is hard to get everything right in Solidity 2.
Although having immutable smart contracts seems powerful, it becomes problematic when the way to update your code takes so much time. I think most of the issues listed above are due to the fact that it is not trivial to see from the code alone that this may happen.
I had seen in a security audit of another smart contract that number overflow might be a problem too. For the recursive call issue, basically we have this bug because the intend is not to trigger code but instead to send funds. Then you will have to separate the two and in the case of the DAO you will need to call explicitly an extra function in this case. But then you can knowingly send only ether without having to fear whether some code will be run or not.
And then full IDEs can create a warning if it is not explicit in the code whether you expect code to be run by your transaction or not. I understand that this kind of solutions can create issues with existing smart contracts but I am sure there is a way to handle it properly. I am sure we can improve compilers to make the generated bytecode safer. We need safegards to prevent this kind of issues.
Things like uint overflow and recursive calls can be handled on the language level and they should. If you are developing a multimillion-dollar smart contract application, consider reaching out to security researchers and work with them on using your project as a test case for various verification tools.
This has shown up the security issues for all to see in glorious technicolour. Peopke forget how early and hew this is, and how poor the tools are right now. For standartisation thing, Solidity definatelly needs something like Cargo, npm, or such community supported tool.
Want to plug our toolchain https: We should fork the protocol to fix all those contracts as well! Are all contracts equal but some contracts are more equals then others? And because no one will ever be able to write a piece of software bug-free, I believe this challenges the very idea of smart contracts in practice code is law, no external entities required , as who will actually trust the system?
Well, the intent in this case for the dao was the distribute funds to legit projects. It was clearly stated. That was clear too. Of course there needs to be a tight linkage between any smart contract and their intended purpose to prevent leakage of intent.
Check out the book site and latest reviews on it. Founder, Startup Management c: Safety checks at the level of block explorers is better than at the level of development of course, but these block level checks could contain intentional bugs themselves.
Then who will check the safety checks? The bitcoin blockchain contemplated and coded responses to the fraud triangle whereby incentive, justification, and opportunity to screw the other party in a transaction cost more than could be gained by behaving badly.
Automated consensus and proof of work are powerful and extraordinarily difficult to achieve. Right on track as usual V, looks like your on the path to being the next Bill Gates the decentralized version of course. Thanks for all your VERY hard work and dedication. Is like bitcoin developers protect Karpelas back in You decide to destroy the base of your system which is autonomous and decentralised.
You decide to create a middlemen decision when any problem appear now and in the future. And the real question is. Why anyone to trust you from now? Why anyone in the future to put money in an smart contract with so high risk of another flaw? Why anyone not to use better option outhere with way better financial protections and laws?
Most is up to the decision to implement the fork for an issue on DAO. It could be the end of a dream. I applaud Vitalek and his cronies for their splendid valour and intelligence.
Why not have some standardized mutex lock? You could obviously have more complex lock and unlock functions. Seems to me to be a reasonable best-practice solution for the re-entrancy problem.
The next professional upgrade. Ethereum will ultimately result in a new certification for lawyers: Last time I checked, people often consulted attorneys for services such as contract writing. What they often discover is that there are as many hacks in law as in I. A digital contract IS a computer program. And, while nobody here may have ever written a program with a bug, —it happens all the time in the real world and I have seen some wowsers. While some of these perils will be solved by solutions proposed, — the MAJORITY will be tackled by competent minds that pay attention to details and also see intuitively where the Devil may like to go in the details.
Odd results compound exponentially with complexity. And may the next generation of lawyers carry large malpractice policies…. You simply cannot have it both ways.
Either the code is binding or it is not. That is not the solution. The solution is writing better code. If a lawyer fails to draft a contract that addresses all contingencies then the contract can fail. Lawyers learn from those failures and contracts get better. You must allow contracts to fail so contracts can become better and so people know they need to write better contracts.
The important thing is that people must be able to trust the integrity of the system. Like all good decisions, you need to look past the short term benefits to you and others in the DAO and look at the long term harm to Ethereum and the blockchain generally.
You cannot have ad hoc do-overs like this, even if the equities are overwhelming as they are here. If Ethereum loses its only value, the ability to eliminate trusted third parties in transactions, it will have no value and it will vanish.
The blockchain is a revolutionary and wonderful technology. I am afraid you do not truly understand what you have and what you are about to lose forever. Using a Turing-complete programming environment for contracts was a fundamental design mistake. Some declarative form, such as if-then rules, would have been much easier to audit.
THEN, it seems to me, the e. And that means a fork. Not the theDao-jamming fork though…… i mean a e. Which might need a lot of discussion. I want to discuss your tech question.
If both sources are right, then ether is proposed as some superior value-token to all crypto-currencies that could be cleated with Ethereum tech IMHO. Or ether and Ether are diffent terms. Or Ethereum term is ambiguous and there should be several wiki pager for it? I can edit wiki to make it clear on the topic. I want wiki readers to have clear picture of tech. It is clear that Ethereum is in a complicated situation and in need of some fundamental changes.
I also feel that the issue of Ethereum consensus must be addressed. I for one would like to see a community with validated users that have voting privileges and are rewarded for participation develop. We definitely cant allow a voting mechanism like the one used in TheDAO to be what defines consensus decisions for Ethereum! I believe that the block chains true power will be unlocked when we find the balance between human consensus and these new technologies.
How you define balance here IMHO these two are so different? Hi, I do not understand, why you think you will loose some ETH when will get back your investment in proportion?
19 Jun Over the last day with the community's help we have crowdsourced a list of all of the major bugs with smart contracts on Ethereum so far, including both the DAO as well as various smaller ETH thefts and losses in games and token contracts. This list (original source here) is as follows: The DAO. wearebeachhouse.com Iudex. Iudex is a smart contract based reputation system. As a user , you are able to verify the ownership of accounts of different services (such as your Twitter, Facebook and Github account) as well as link one or more Ethereum addresses. In the future it will also support verifying ownership of Bitcoin. limit my search to r/ethereum. use the following search parameters to narrow your results: subreddit:subreddit: find submissions in "subreddit"; author:username: find submissions by "username"; site:wearebeachhouse.com: find submissions from " wearebeachhouse.com"; url:text: search for "text" in url; selftext:text: search for.