In what is a first for EOS and blockchain, the first ruling returning funds to a victim has landed.
Under the powers afforded to me as arbitrator under Article 6 of the Rules of Dispute Resolution, I, Ben Gates, rule that the EOS account in dispute should be returned to the claimant with immediate effect and that the freeze over the assets within said account is removed.
The short details of the case are that a victim was phished of his ERC20-EOS key, and the phisher went into EOS to claim the valuable EOS tokens. The victim complained in June and the EOS tokens were frozen. Now, some 4 months later, the case has been heard and ruled on – the victim gets his EOS back.
This is quite an achievement for the governed blockchain. We in the EOS community have worked for over 18 months to make this a reality. Dispute Resolution and the Constitution as a way to resolve the dilemmas of The DAO and rampant crime in other blockchains was something that we all agreed on in the very first days.
Of course the details were hard fought over. Many had their different views. We fought over vision and details then and we fight now. The project remains highly controversial – there are still many who think this is the beginning of the end for blockchain. Yet others who think this is a natural first step to improving blockchain’s atrocious user record – it’s the end of the beginning! This case indeed was quite tricky because it started before the Constitution was in place, so the steps in the ruling had to be laid out carefully to establish fair and reasonable jurisdiction.
Who’s right? We can only try and find out. A few things have to be said though.
Dispute resolution is hopelessly overwhelmed unless bolstered by better security. Block.one is working on better security, but good code takes time. The reason this is critical is that dispute resolution is only there to catch the stuff that we can’t predict. If we can predict it we should fix it.
And, we can predict phishing – since 2005 as the diagram I posted in that year testifies. We can predict key theft, although I don’t know when the first case happened. We can predict hacking – I first got caught hacking in 1981 so if you haven’t heard about it, your mind is closed, lost, for reclamation. If you can’t predict key loss, hand your keys to your grandma to protect.
Jamison Lopp suggest that fully 6 million Bitcoins have been lost to these threats. We need much stronger security, so ordinary people can protect their ordinary fortunes – We need to move the bulk of the cases out of Dispute Resolution and into the routine, the mundane, the boring hands of users.
Luka says we now all have to babysit our coins, and that may be the cost of mass adoption. But one thing we know from a century of information security going back to Kerchhoffs and his 6 principles is this:
What we know is happening, we fix.
The first goal of security is to fix what we know, and this is what block.one are working on.
What is left, what is the unknowables, what is unpredictable, is the stuff we haven’t got a grasp on. Most of us didn’t predict how the Constitution would actually handle in the grasp of the block producers – so we expect a case or two there. Most of us didn’t predict how to deal with exchanges that are part of the theft cycle – so watch for that. Most of us have no clue how a fork from a contested referendum will evolve, so any prior forks are watched for clues. Most of those in Ethereum had no clue how The DAO would pan out, most of those in Bitcoin can’t see where the BCH drama is going, nor the Lightning drama, nor many others.
Things we DID predict are enemies chasing the Block Producers for some cause or other. That’s in some part why we chose this path: the BPs do notmake these decisions and if they do, they risk being arbitrated against andvoted out. So they have a simple answer – go file a dispute. This might make it easy. Or it make make it hard. What it does do is give the BP a level of narrative and legal protection they just cannot get anywhere else in the blockchain world.
I’m not saying this is the best way – I’m saying this is what we were terrified of in the early days of design of the EOS architecture. If a BP in Iran or Moscow or Washington DC or Saudi Arabia got into trouble, what then?
Another thing I did not predict – that the concept of the governed blockchain would be so fought over. The arguments and criticisms have been fierce. But they have not in any way scratched the central concept of the governed blockchain: if a blockchain lets the bad actors run amok, then it will become toxic. If a governed blockchain governs the bad actors then they have a choice. Go elsewhere, and we all know where that is 😉 😉 or behave.
And, if anything recent news has it that the acting is on a downwards slope in other blockchains! Thus, EOS is quite an experiment. We are lifting the game, and we’re doing it without compromising on free entry, without bowing to the outside world and without weakening the essential idea – fair actors can do fair deals.
That’s gotta be worth some babysitting.