Dr. Craig ‘Satoshi’ Wright Says Blockchain Smart Contracts Not So Smart
Smart Contracts Not So Smart?
Dr. Craig Wright, a blockchain technology expert and bitcoin supporter, recently penned an article for Medium, in which he discusses his stance on smart contracts. The article provides insight on smart contracts, the flaws in the system, and how cutting ties with BCH’s core essence undermines the progress the world has made on digital currency.
Wright penned the article in response to a post in which someone asserted,
“Electronic contracts do not have to be re-read when they are returned because there’s generally no mechanism (unless it’s built into the electronic process) to alter the contract terms, scratch out a line, insert text, ext. What you send is what is being signed.”
Wright took the position that the assertion is flawed and it reveals the danger of too little information in making a conclusion. He mentions that collusions on a blockchain have proven that a hash signature has certain inherent qualities and stated,
“The collusion allows two versions of the document to be created with the same hash and thus same electronic signature. For now, SHA256 is considered secure, but, not all hash functions are.”
Wright exemplifies his stance by referring to a situation where someone generates two documents – one with an order to sell at $500,000 (Order 1), and another with an order to sell at $1 million (Order 2). The individual is expecting that Order 2 will be signed, and this would increase the sale contract to be increased by $500,000. The person can also utilize Stripwire or Confee to create MD5 hash or collusion, that is the same for both documents.
Confee is able to create two web pages that appear different, but that have the same MD5 hash. This creates the concern that someone can create fake MD5 hash signatures that mimic different contracts.
“This attack works due to the nature of hashing algorithms (in this case, a flaw in the now deprecated algorithm MD5). If you have 2 documents, x and y that have the same hash (i.e. collision) then by appending an additional block of information – q to the documents will also result in collusion. This is (x+q) will have the same hash as (y+q).”
“This is why SV Pool and CoinGeek (and Bitcoin SV) plan to start processing non-standard scripts. To us, your long term security meters. Non-standard scripts are processed in P2SH. The myth was that this is bad for nodes, but this is again the myth of the Raspberry Pi. Miners are competitive. The fight to be paid. [They] are paid more for larger scripts, so this is not an attack, it is the market at work.”