Distribute Parse Trees, Not Bytecode
Ka-Ping Yee
ping@lfw.org
Thu, 24 Jun 1999 10:33:30 -0700 (PDT)
On Thu, 24 Jun 1999, Nick Szabo wrote:
>
> [-] Except for certain core security programs (such as
> E itself, or cryptographic code), I'd much rather rely on
> a sandbox with simply provable security properties than
> hope the code has been sufficiently inspected by eye.
> Signed code can imply or be sold with false promises
> which distract from the realizable promise of secure
> sandboxes.
[#] But i had smart contracts in mind. Certainly i agree
that it's best to use provable security properties to solve
your problems whenever possible. But that can't give you
any confidence that a given game master is going to play
the game by the rules you have agreed to. For that, the
parties involved in a smart contract just have to look
at the contract, right?
-- ?!ng
"All models are wrong; some models are useful."
-- George Box