This has always been the problem with smart contracts. They are infact dumb contacts.<p>To program one you need to think about all the edge cases. The programmers here likely did want >0 here. The possibility that the thing feeding price data return zero incorrectly was higher than the price legitimately being zero in their minds.<p>There is no court or lawyer who can interpret the spirit of the contract.
I have never read so much about nothing as I have when reading about some new coin. It's worse than a pyramid scheme. At least there, you end up with a decade-worth of skin cream.
> _share_price here refers to the price of TITAN, as provided by an oracle, which is correctly reporting it as… 0 (somewhere in the distance, you can hear a room full software engineers burst into laughter ).<p>Aside from the amusing programming error, the main problem with much of the "smart contract" activity today is that doing anything remotely interesting requires an oracle. An oracle is basically a server that reports the outcome of an event. And servers can be attacked in ways that systems like Ethereum can't.<p>So a lot of the hype around Ethereum and its "smart contracts" is really people just misunderstanding the security model. The weakest link is a server in a dorm room or data center reporting a number.<p>Here the oracle is doing the right thing. But it could easily go the other way.
Probably a dumb question, but is there any possibility of temporarily getting the price to slightly above 0 in order to let people get their money out? For example, could some group with a lot of money offer to buy/sell a bit until the oracle considers it above 0, in exchange for some sort of compensation from the investors or devs?
> Non-collateralized stablecoins require continual growth to be successful. In the event of a price crash, there is no collateral to liquidate the coin back into, and the holder’s money would be lost, as seen with many past projects trying to utilize such design [sic].<p>Isn’t that just a Ponzi scheme?
I wrote Skepticoin as a serious parody of Bitcoin. Articles like these about the "state of the art" of cryptocurrency make me wonder: would a parody of a more "modern" cryptocurrency even be recognizable as such?
I think Circle is the real winner here. If there are 200 million USDC locked up permanently in some contract, then Circle can safely spend $200m of it's collateral knowing it will never be withdrawn. Or, if they were generous, they could return it to the community that invested in IRON (seems unlikely)
Fwiw the bug was fixed by submitting a transaction to change the oracle to a new contract that just had a fixed nonzero price for titan. Everyone was able to redeem at roughly 74.6 cents.
Interestingly Mark Cuban got taken for a small amount of money by this and is already calling for regulation around stablecoins:<p><a href="https://www.bloomberg.com/news/articles/2021-06-17/mark-cuban-defi-iron-finance-crashed-100" rel="nofollow">https://www.bloomberg.com/news/articles/2021-06-17/mark-cuba...</a><p><i>I read about it. Decided to try it. Got out. Then got back in when the TVL start to rise back up As a percentage of my crypto portfolio it was small. But it was enough that I wasn't happy about it.<p>But in a larger context it is no different than the risks I take [in] angel investing. In any new industry, there are risks I take on with the goal of not just trying to make money but also to learn. Even though I got rugged on this, it's really on me for being lazy. The thing about de fi plays like this is that its all about revenue and math and I was too lazy to do the math to determine what the key metrics were.<p>The investment wasn't so big that I felt the need to have to dot every I and cross every T. I took a flyer and lost. But if you are looking for a lesson learned , the real question is the regulatory one. There will be a lot of players trying to establish stable coins on every new l1 and L2. It can be a very lucrative fee and arb business for the winners.<p>There should be regulation to define what a stable coin is and what collateralization is acceptable. Should we require $1 in us currency for every dollar or define acceptable collateralization options, like us treasuries or?<p>To be able to call itself a stable coin? Where collateralization is not 1 to 1, should the math of the risks have to be clearly defined for all users and approved before release? Probably given stable coins most likely need to get to hundreds of millions or more in value in order to be useful, they should have to register.</i>
Here’s an arbitrage opportunity. Since the price of TITAN is 0, it only takes a small amount of $ to buy a vast amount of TITAN coins. Buy the locked out IRONs at a discount. Keep buying TITAN at $0 until it moves beyond $0 to satisfy the greater than 0 constraint on IRON. Cash out the IRONs.
I found this article interesting, but the HN title ("Off-by-one error...") doesn't match the article's, or its conclusion?<p>The article mentions a boundary condition ("_share_price > 0"), not an off-by-one error.
> The developers seem to have been earnest in their attempt to create a new kind of stablecoin , one that was only partially collateralized by a “real” stablecoin.<p>This space is a giant house of cards.
Now everyone with USDC locked in the contract has a strong incentive to push the TITAN price above 0, in order to unlock their coins. OTOH everybody wants to dump TITAN at any price, but again only at a price >0. There should be an equilibrium where TITAN is valued exactly 1 tick above 0, if there is a concept of “tick” in TITAN.
This is good for USDC right? Because it's $262 million that they don't have to pay back?<p>>EDIT: I’ve since learned that the developer(s?) behind this are already the laughing stock of the DeFi community, having wrecked each of their 3 previous projects (now 4) — though this might be their biggest hit yet<p>And people poured $262 million into this?
I also enjoyed this writeup:<p><a href="https://www.bloomberg.com/opinion/articles/2021-06-17/titanium-got-crushed" rel="nofollow">https://www.bloomberg.com/opinion/articles/2021-06-17/titani...</a>
So, Dai is a stablecoin that by my understanding is collateralized similarly to this one, except that it requires ether (and I believe USDC is also an option). However, its peg held up very well during the recent precipitous drop in the price of ether. I'm curious if anyone here knows whether that was an algorithmic success in comparison to this, or perhaps just an artifact of people having more confidence in ether.
> I’ve since learned that the developer(s?) behind this are already the laughing stock of the DeFi community, having wrecked each of their 3 previous projects (now 4) — though this might be their biggest hit yet<p>What's the best DeFi project? One where the value proposition is actually clear, there are actually people using it and it's actually at parity or better than a traditional financial system offering?
The line of source code cited in the post isn't immediately evident in the Iron Contracts repo:<p>require(_share_price > 0, “Invalid share price”);<p><a href="https://github.com/IronFinance/iron-contracts" rel="nofollow">https://github.com/IronFinance/iron-contracts</a><p>Is it in a different repo? Does it exist?
If a code error that was made that was supposedly 'dumb' wasn't caught that tells me the people behind this acted recklessly. This code error being described wasn't just dumb, it was catastrophic- locking up all the collateral. Is this collateral locked up forever, what would make Titan trade above 0? The code wasn't even audited, suggesting no care by the devs before release. Doing money transmission without a license is criminal offense- jail and fines in this case are on the table- all it takes is actual enforcement from regulators.
Does this contract have a money transmission license? Selling an IRON or a TRON for USDC is money transmission. BSA requires money transmitters to be licensed in states where they operate, as well as register with FICEN, etc. How can we enforce them to comply at the state level? Can an individual sue the states to enforce compliance on the people behind this smart contract? Those that have lost money might have an incentive to start wanting money transmission rules actually enforced.
> “which we have unthought of”<p>Someone has to make this into a meme. It will definitely be my excuse for my next multi-hundred million dollar value destroying software bug.
I got burned by this crash.<p>The biggest issue for me wasn’t TITAN itself, that was a risk I considered and had a plan to manage.<p>What really got me was the Polygon network crashing and breaking all of the safeguards I had put in place.<p>There is evidence that a DDOS attack was carried out against Polygon while this was happening, blocks were packed with self transfers for 0 MATIC.<p>This took down rpcs and shot gas fees through the roof, preventing many people from exiting their positions.
Stablecoins are stupid no matter how many layers of Rube Goldberg crap the developers slap on top.<p><a href="https://mises.org/wire/folly-economic-stabilization" rel="nofollow">https://mises.org/wire/folly-economic-stabilization</a>
This may be a stupid question but: is it actually possible to have a price <i>less than</i> zero?<p>TFA suggests that this line:<p><pre><code> require(_share_price > 0, “Invalid share price”);
</code></pre>
...should be "greater than or equal." But if the share price can't be negative then you'd want to just use an unsigned int and not pay for a require statement, right?<p>Isn't everyone passing around uint256's these days?
40 years ago, financial innovation involved finding new affinity groups to sell credit cards to (and others I'm sure but that was a scam I saw firsthand).<p>It wasn't any more honest than this; it was just kept quieter with private meetings and less publicity for the collapsed scams.<p>I'd be looking for the banker-adjacent people in these. The folks that don't work for the banks directly, but consult; somehow always seem to have some extra connection to someone at the bank, related, married, side projects...
I knew crypto detractors were going to have a field day with this one. ;)<p>With DeFi, you're simply exchanging one type of risk for another. Without due diligence you're pissing your money away- as it is to be expected. And as it was brought up before, this was an unaudited contract that had been running for what, weeks? Months?<p>Personally, I cannot say I understand DeFi deeply enough to get into the intricacies of "yield farming" and such, so I just avoid it altogether. Only have a relatively small amount of USDC and DAI accruing interest on Compound, which has at the very least been audited [0] a few times before, but even if it were to go tits up tomorrow for whatever reason, at least I understood there was that risk.<p>[0] <a href="https://compound.finance/docs/security" rel="nofollow">https://compound.finance/docs/security</a>