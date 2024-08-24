Really good example of a market failure in software quality incentivization: ansuz / ऐरन: “there’s a wee story brewing in…” Read the whole thing. Good counterexample for money talks. With the wrong market design, money says little or nothing.

To summarize (you did read the whole thing, right?) in 2019, a software algorithm called a Variable Delay Function (VDF) was the subject of a $100,000 reward program. Daniel J. Bernstein asked, in a talk recorded on video if the VDF was vulnerable to a method that he had already published in a paper.

If Bernstein was right, then a developer who

read Bernstein’s paper on the subject

applied Bernstein’s work to attacking the VDF

and was first to claim the reward

could earn $100,000. But the money was left unclaimed—nobody got the bounty, and the attack on VDFs didn’t come out until now.

It would take some time to read and understand the paper, and to figure out if it really described a way to break the VDF—but that’s not the main problem. The catch with the bounty scheme is that as a contender for the bounty, you don’t know how many other contenders there are and how fast they work. If 64 people (the number of viewers on the video) are working on it, and Bernstein is 95% likely to be right about the paper, then the expected payout is $100,000 × 0.95 × 1/64 = $1,484.38.

In this case, the main purpose of the bounty was to collect information about the quality of the VDF algorithm, and it failed to achieve this purpose. A better way to achieve this information-gathering goal is to use a system that also incentivizes meta-work such as evaluating whether a particular approach is relevant to a particular problem. More: Some ways that bug futures markets differ from open source bounties

