区块链研习社EOS技术爱好者区块链大学

【翻译】无效合约案例

2018-09-10  本文已影响6人  Lochaiching

The Case for Dumb Contracts

无效合约案例

来源:OpenBazaar

翻译:Gavin

校对:Lochaiching

Disclaimer: This was written hours before the recent attack on TheDAO. The opinions in this article do not necessarily represent those held by other OpenBazaar developers.

Written by Dr Washington Sanchez

免责声明:本文是在最近TheDAO被攻击之前几个小时写的。 本文中的观点不代表其他所有OpenBazaar开发人员持有的观点。

由Washington Sanchez博士撰写

译者注:TheDAO:The DAO项目是区块链物联网公司Slock.it发起的一个众筹项目。原本该公司只想采用DAO(去中心化自治)来运作自己的系统Universal Sharing Network (USN)。后来发现这个机制也适合其他项目,因此决定创建The DAO,意为“DAO之母”。

OpenBazaar receives a lot of feature requests and suggestions, which we welcome. One frequently asked question is whether we will migrate to a smart contract platform like Ethereum.

OpenBazaar收到很多功能改进相关请求和建议,我们很欢迎和鼓励这么做。 其中经常被问到的一个问题是:我们是否会迁移到像以太坊那样的智能合约平台上。

There are a number of compelling reasons to move to Ethereum:

1.Ethereum has a more professional and friendly development community compared to Bitcoin Core

2.Ethereum has a larger transaction capacity, and their developers have a sensible attitude to scaling

3.Ethereum is a smart contract platform that can initiate the transfer of funds based on external triggers

这里有一些强有力的理由来让我们迁移到以太坊上:

1.与比特币核心相比,以太坊拥有更专业和友好的开发社区
2.以太坊拥有更大的交易能力,他们的开发人员对扩展有一种明智的态度
3.以太坊是一个智能合约平台,可以根据外部触发器启动资金转移

Similarly, there are also reasons to move away from Bitcoin. The events of the ongoing block-size debate have signaled to us and other Bitcoin-related projects that the network may become prohibitively expensive in the near future.

同样,也有理由让我们从比特币中迁移出来。 一直持续的关于区块大小限制的争论已向我们和其他与比特币相关的项目发出信号,表明该网络在不久的将来可能会变得非常昂贵。

Bitcoin Core appears to be committed to constraining the block size to drive up on-chain transaction fees and establish a ‘fee market’. Sadly, this will set Bitcoin on a course of pricing-out transactions, and ultimately people, from the blockchain (especially in the developing world).

比特币核心似乎正在努力限制区块大小以提高链上交易费用并建立“收费市场”。 可悲的是,这将使比特币成为一种定价交易的过程,并最终吸引来区块链(特别是发展中国家)的人们。

Even though we’re excited by the scaling capacity of the lightning network, the price of admission is fundamentally determined by on-chain transaction fees. Focusing on the lightning network at the expense of on-chain scaling is like upgrading to a 12-lane highway while ignoring the 1-lane onramp.

尽管我们对闪电网络的扩展能力感到兴奋,但入场价格基本上取决于链上的交易费用。 以牺牲链上扩展性为代价专注于闪电网络,就像升级到12车道的高速公路而忽略单车道的匝道。

Concerns such as these have prompted many of our colleagues to embrace Ethereum. But why haven’t we?

诸如此类的一些担忧已经促使我们的许多同行接受了以太坊。 但为什么我们没有呢?

1.Bitcoin. We believe that Bitcoin will become the dominant currency for global trade in the world. Short of a unfixable bug, or mass abandonment, we’re stubbornly devoted to Bitcoin.

1.比特币。 我们相信比特币将成为全球贸易的主要货币。 只要没有碰到不可修复的漏洞或者大规模的放弃,我们还是执着地致力于比特币。

2.Security. Bitcoin has existed for 7 years and survived multiple assassination attempts. The security of the network and incentives are firmly established and well-tested. Moving to a new blockchain with weaker security and brand new attack vectors is unwise and premature for OpenBazaar.

2.安全。 比特币已经存在了7年,并在多次黑客攻击中幸存下来。 网络的安全性和激励措施已经非常牢固,并经过充分测试。 迁移到具有较弱安全性,并且容易成为黑客们新的攻击目标的新区块链,对于OpenBazaar来说是不明智和不成熟的。

3.Network effects. The Bitcoin ecosystem is more mature and has maintained a defensible network effect.

3.网络效应。 比特币生态系统更加成熟,并保持了可防御的网络效应。

These reasons are mostly focused on the currency and network aspects of Bitcoin. But what about smart contracts?

这些原因主要集中在比特币的货币和网络方面。 那智能合约呢?

Ricardian Contracts

李嘉图合约

OpenBazaar uses Ian Grigg’s Ricardian contracts(http://iang.org/papers/ricardian_contract.html ;中文版:李嘉图合约究竟讲了什么). In a Ricardian contract, the trading parties are represented as cryptographic identities using public key cryptography. Digital signatures are considered as a proof of agreement. The cryptographic identities of the parties, along with the semantic terms and conditions of the contract, are digitally signed and verified by both parties. Valid signatures associated with the public keys quoted in the contract validate the contract.

OpenBazaar使用Ian Grigg的李嘉图合约http://iang.org/papers/ricardian_contract.html ;中文版:李嘉图合约究竟讲了什么)。 在李嘉图合约中,交易方使用公钥加密表示加密身份。 数字签名被视为协议证明。 双方的加密身份以及合约的语义条款和条件,都由双方来进行数字签名和验证。 用与合约中引用的公钥相关联的有效签名来验证合约的有效性。

However, the contract itself is not self-enforcing. Nothing about the contract forces either party to abide by the terms and conditions they have agreed to. In many ways, Ricardian contracts are the cryptographic implementation of the title-transfer theory of contract, developed by Williamson Evers and Murray Rothbard.

但是,合约本身并不是自我执行的。 合约的任何内容都不会强迫任何一方遵守他们同意的条款和条件。 在一定程度上,李嘉图合约是由Williamson Evers和Murray Rothbard开发的合约所有权转移理论的加密实现。

Title Transfer Theory of Contract

合约所有权转移理论

The theory states that all property has a title, or an assignment of ownership. Title can be transferred freely to another individual or exchanged for other property. In the exchange, the transfer of title is conditional upon the physical delivery of the good or service.

该理论指出,所有财产都有所有权,和所有权转让权。 所有权可以自由地转让给另一个人,或者用来交换其他财产。 在交换中,所有权的转让取决于商品或服务的实际交付。

For example, Alice and Bob write a contract to exchange 10 chickens for 1 Bitcoin. Alice can give Bob 1 Bitcoin immediately, fulfilling her end of the contract, and retains the title to Bob’s 10 chickens. If Bob delivers the chickens, the contract is considered fulfilled with both the title and underlying property transferred to their new respective owners. If Bob fails to deliver the chickens, he has defrauded Alice of her property. The chickens rightfully belongs to Alice by virtue of the title that she holds after handing over 1 Bitcoin.

例如,Alice和Bob写了一份合约,用1个比特币交换10只鸡。 Alice可以立即给Bob 1比特币,履行完她的合约,并持有了Bob的10只鸡的所有权。 如果Bob交付了鸡,则认为合约已经履行,所有权和相关财产都转移给了新的所有者。 如果Bob未能送鸡,他就欺骗了Alice的财产。 因为Alice在给与Bob 1比特币后,拥有了所有权,所以这只鸡属于Alice。

Although the title-transfer theory of contract is an excellent framework we can use to resolve disputes and understand who justly deserves property, it is unenforceable. Ricardian contracts is simply a digital format to immutably record these title-transfer agreements using cryptographic identities.

虽然合约所有权转移理论是一个非常好的框架,我们可以用它来解决争议,还能弄清楚谁应该得到财产,但它是无法执行的。 李嘉图合约只是一种数字化格式,可以用加密身份来不可变地记录这些所有权转让协议。

Smart Contracts

智能合约

Enter Nick Szabo with his proposal for “smart contracts”. Smart contracts simultaneously transfer both the title and good/service between transacting individuals. As a result, these contracts are said to be self-enforcing, in that valid contracts execute without human involvement. A simple example is a vending machine, which is programmatically designed to give you a candy bar after adding enough coins in the machine. A dumb contract, in comparison, would be equivalent to a customer handing over cash to a worker in a convenience store. The customer can try and steal the candy bar, or the worker can take the money and not hand-over the candy bar. Either case is a failure by one party to delivery property in exchange for title.

说起Nick Szabo提出的“智能合约”提案。 智能合约在交易个人之间同步地转移所有权和商品/服务。 因此,这些合同被认为是自我执行的,因为有效合同在没有人为参与的情况下执行。 一个简单的例子是自动售货机,它以编程方式设计,向机器中投入足够的硬币后会为你提供一个糖果。 相比之下,无效合约相当于顾客将现金交给便利店的工作人员。 顾客可以试着偷走糖果,或者工作人员可以拿钱而不是交出糖果。 两种失败的情况都是因为一方未能交付财产来换取所有权导致的。

Smart contracts irrevocably link the exchange of one party’s title and property with another. This is done so well that both title and property are essentially indistinguishable. Indeed, perhaps it is a matter of technological progress that title and property are considered separate entities.

智能合约不可撤销地将一方的所有权和财产的交换与另一方的交换联系起来。 这样要是做得好的话,所有权和财产本质上都是难以区分。 实际上,所有权和财产被视为独立的实体也许是技术进步的原因。

However, smart contracts can only be made for goods or services that are digitally controlled. For example, I can create a smart contract to lease a car that conditionally gives my driver’s smartphone the capacity to start the engine, provided I am making regular payments on the lease. This won’t work for my ’71 Ford Pinto.

但是,智能合约只能用于数字化控制的商品或服务。 例如,我可以创建一个智能合约来租赁一辆汽车,有条件地给我司机的智能手机提供启动汽车引擎的能力,前提是我要定期支付租赁费用。 但这不适用于我71年的Ford Pinto。

Where a smart contract cannot be made directly for the item to be exchanged, the typical strategy employed is to find a proxy that mostly represents control of the underlying item. For example, I may have a refundable deposit that is tapped if a payment is missed.

如果不能直接为要交换的项目制定智能合约,则采用的典型策略是找到可以代替项目的代理。 例如,如果错过付款,我可能会收到退还的押金。

The more the smart contract is disconnected from controlling the item being exchanged, the weaker the integrity of contract.

智能合约与控制交换项目脱节越多,合约的完整性就越弱。

Smart Contracts in OpenBazaar

OpenBazaar中智能合约

Aside from some types of digital goods, the exchange of physical goods and most services cannot be safely represented in a smart contract. Alice may want to sell an ordinary chair to Bob, but Alice can’t cryptographically prevent Bob from physically sitting in the chair until payment is made, nor can Bob teleport the chair to his house upon payment.

除了某些类型的数字商品之外,实物商品和大多数服务的交换都不能用智能合约来安全地表示。 Alice可能想把一把普通的椅子卖给Bob,但Alice不可能用密码学相关技术阻止Bob在付款之前坐在椅子上,Bob也不能在付款后将椅子传送到他家。

The analogue world is resistant to the true potential of smart contracts.

虚拟世界抑制了智能合约的真正潜力。

As a result, people have turned to regulating other aspects of trade with smart contracts, such as shipping or dispute resolution.

因此,人们开始将智能合约致力于贸易的其他方面,例如运输或解决纠纷。

Transactions in OpenBazaar require both the Buyer and Vendor’s digital signature to release funds from a Bitcoin address. In the case of multisignature escrow, a third party called a ‘Moderator’ is used if there is some dispute in the execution of the contracts that the Buyer and Vendor cannot resolve. The Moderator has the tie-breaking vote to release funds to either party.

OpenBazaar中的交易事务要求买方和卖方的数字签名,来从比特币地址上释放资金。 在多重签名托管的情况下,如果买方和卖方无法解决的合约执行时存在的争议,则使用称为“Moderator”的第三方。 Moderator通过打破平局的投票向任何一方发放资金。

These transactions are manually initiated, as in they require the user to be online and push a button. Without a doubt this is inefficient compared to smart contracts, which can trigger the release of funds based on data retrieved from an API call. The participants in the smart contract do not need a Moderator.

这些交易是手动启动的,因为它们要求用户在线并按下按钮。 毫无疑问,与智能合约相比,这是低效的,智能合约可以根据从API调用中检索到的数据触发资金的释放。 智能合约中的参与者不需要Moderator。

In the case of ecommerce, for example, one may be tempted to write a smart contract to release funds from an address based on the shipping agent’s delivery of an item to the address requested by the Buyer. The tracking API would simple report that the item (represented by a unique tracking number) has arrived at its destination. The smart contract would read this input and release the funds to the Vendor. If the item was lost or returned to the Vendor, the smart contract could automatically refund the Buyer. If the API never reports delivery of the item to the destination address, the Buyer can be refunded after 30 days for example. No Moderator is necessary to facilitate the release of funds in these situations.

例如,在电子商务的情况下,人们可能会试图根据运输代理商将物品交付到买方要求的地址来编写智能合约以从地址释放资金。 跟踪API会简单地报告项目(由唯一的跟踪号码表示)已到达目的地。 智能合约将读取此输入并将资金发放给卖方。 如果物品丢失或退回给卖方,智能合约可自动退还买方资金。 如果API从未报告将物品交付到目的地地址,则可以在30天后退还买方资金。 在这些情况下,不需要Moderator来监督资金的发放。

However, a closer look reveals a number of obvious problems. The Vendor could ship a box of rocks to the Buyer. The API would still report that the item was successfully delivered to the requested address, triggering the release of funds. Even if the Buyer wants to initiate a dispute, the funds are unrecoverable. Does the shipping agent need to stay and witness the unboxing of the item to verify the content’s integrity? If so, then we have essentially returned to a dumb contract, requiring a human to manually trigger the release of funds.

然而,仔细观察会发现许多明显的问题。 卖方可以向买方运送一箱石块。 API仍然会报告该项目已成功运输到请求的地址,从而触发资金的释放。 即使买方想要发起争议,资金也是无法收回的。 运输代理商是否需要留下并亲眼目睹物品的拆箱以验证完整性? 如果是这样,那么我们基本上又回到了一个无效合同,要求人工手动触发资金的释放。

Alternatively, depending on the value of the item, the Buyer could purchase another smart contract to DDoS the API source for enough time to trigger a refund transaction to the Buyer… essentially tricking the smart contract into thinking that the item was never delivered.

或者,根据物品的价值,买方可以向DDoS购买另一个智能合约API接口,以便有足够的时间为买方触发退款交易...实际上是在欺骗智能合约,使其认为该物品从未交付过。

This is by no means an authoritative or general-purpose critique of smart contracts, or even smart contracts for ecommerce. Rather, it is to say that smart contracts are fantastic at facilitating automated and human-independent interactions. Once human interaction is required and factored into consideration, smart contracts become significantly more difficult to design with enough checks and balances to incentivize good behavior.The DAOis a cautionary tale to projects that want to capture complex human interaction in a smart contract.

这绝不是对智能合约,甚至算不上电子商务智能合约的权威性或通用性批评。 更确切地说,智能合约在促进自动化和人类独立的交互方面非常出色。 一旦需要人工干预并将其考虑在内,并有足够的制衡来激励良好的行为,那样的话,智能合约就会变得更加难以设计,对于那些想要在智能合约中捕捉复杂的人际互动的项目来说,The DAO就是一个警示。

To be clear once more, we’re not anti-smart contracts or even projects like TheDAO. Many of us in OpenBazaar have been in the Bitcoin community since the beginning. We’ve seen the rise and fall of companies, projects and the next ‘killer app’. We’ve seen people repeatedly lose money chasing the shiny new thing. One of our highest values is protecting the integrity of user’s funds. If that means using dumber contracts that are less efficient because they requiring manual processing, so be it.

再次声明,我们不是反对智能合同,更不是像TheDAO这样的项目。 OpenBazaar的许多人从一开始就在比特币社区中。 我们已经看过了公司,项目和下一个“Killer app”的兴衰。 我们看到人们因为反复追逐闪亮的新事物而亏损金钱。 我们的最高价值之一是保护用户资金的完整性。 如果这意味着需要使用需要手动处理从而效率较低的无效合同,那就这样做吧。

What About Scaling?

关于扩展

We prefer to see on-chain scaling to the point where the volume of transactions (at ultra-low fees) is sufficient to cover the marginal costs of mining, in the absence of the block reward. This will also create a low admission price to the lightning network, making a high volume transaction network affordable and accessible to anyone in the world.

在缺乏区块奖励的情况下,我们更倾向于将交易量扩展到(以超低费用)足以支付采矿的边际成本的程度。 这也将为闪电网络创造一个低入场价格,使世界上任何人都可以负担得起并使用大量交易网络。

Despite the technical challenges associated with increasing the block size, the swift development of segregated witness demonstrate that innovative and complex changes can be implemented when there is sufficient will within the Bitcoin development community.

尽管面对区块大小限制相关的技术挑战,但分离见证的迅速发展表明,当比特币开发社区有足够的意愿时,可以实施创新和复杂的变革。

Special thanks to Brian Hoffman, Sam Patterson and Michael Folkson for their comments and corrections.

特别感谢Brian Hoffman,Sam Patterson和Michael Folkson的评论和更正。


本文图片来源于网络

版权声明:

以下内容来自微信公共帐号“EOS技术爱好者”,搜索“EOSTechLover”即可订阅,翻译Gavin,校对Lochaiching。转载必须保留以上声明。仅授权原文转载。

本文原文链接为https://medium.com/@therealopenbazaar/the-case-for-dumb-contracts-6308aa5b757

"EOS技术爱好者"全程由EOShenzhen运营,

喜欢我们请为我们投票

(EOShenzhen的投票账号:eoshenzhenio)!


了解更多关于EOShenzhen:

We are EOShenzhen

不同入口如何投票:
imToken
火币
portal

关于我们更多联系:
Website:https://eoshenzhen.io

Steem:https://steemit.com/@eoshenzhen

Busy:https://busy.org/@eoshenzhen

Telegram:https://t.me/eoshenzhen

Twitter:https://twitter.com/eostechlover

简书:EOS技术爱好者

新浪微博:EOSTechLover


EOShenzhen的投票账号:eoshenzhenio

EOShenzhen
上一篇下一篇

猜你喜欢

热点阅读