While browsing reddit, I found a post with criticisms of various crypto projects, tezos including. But what caught my eye specifically was this part.
Also, is there already a “opcode gas cost” table for Michelson? Last time I checked, it had lambdas, which means you need a beta-reduction opcode. It wasn’t clear how they plan to measure the cost of a beta-reduction, which is NOT a constant-time operation. If they can’t measure it properly, that will either make Tezos an easy target for DDOS, or massively hinder its scalability as they’ll eventually need to severely lower the “gas limit” to compensate for ultra-expensive beta-reduction attacks (such as exponentiation of Church-Nat).
Is there any validity to that statement? Should this be a concern? Link to the original comment/post, please keep it civil over there
The word “lambdas” refers to several concepts at the same time:
abstraction: giving a name to a function parameter to be substituted for the actual parameter once it is known
anonymous function: the ability to define functions without naming them,
higher-order: these functions are first-class values that can be sent as parameters to other functions (or, in our case, smart contracts).
Michelson lambdas are anonymous, higher-order functions but they don’t involve abstraction. The problem of expensive beta-reduction does not apply in the context of Michelson.
That being said, controlling the resources of beta-reduction in lambda-calculus would also be doable and in fact there are smart contract blockchains using lambda calculus as a foundation for their smart contract languages that are doing just fine.
It wasn’t clear how they plan to measure the cost of a beta-reduction, which is NOT a constant-time operation.
Most Michelson instructions are not constant-time. The gas model of Michelson is more complex than the one of the EVM (which has very few non-constant-time opcodes).
