Comment by rawoke083600
3 years ago
This ! The "idea" of Defi was that w wouldn't need "regulations and rules" since we could 'just' look at the actual deployed code(eth contract for example) to see if you going to get screwed.
Of course few ppl actually look at the code, or sometimes the code is just bad and you get bad actors willing to exploit this.
That being said: In practice and real life there are a bunch of dodgy companies and badly written eth-contracts(code).
I suspect most experienced software engineers would find that all rather obvious. Bugs are a fact of life. Even formal verification can't save you from this. Good software is built to be resilient to our own bugs, because they are simply inevitable. It's not about good or bad programming, every one has the ability to make a simple mistake resulting in huge consequences. It's basically a rite of passage to have crashed a service with a code push.
I was more pointing to the fact/class of bugs we don't even know are bugs yet, like "re-entrant" bugs for eth.(logic bugs ?) The cost of having a bug in an eth contract is many many times higher than say a wordpress site getting hacked ! Or having a bug in your online-design tool.
I've seen many a times, "business ppl" just go with lowest cost when wanting some software done. Try going for the "lowest cost bidder" when getting a web3 contract coded !
You right, bugs do and always will exists and we are all but human, but some bugs have a much higher cost than other - even if they are simpler.