Five Technical Takeaways From The Bitcoin Bug

It’s been more than a week since the initial disclosure of CVE-2018-17144. In that time, more details have been filled in, including the fact that the bug could not only crash clients, it could also create inflation— and that the bug was discovered and responsibly reported by a developer working on the “Unlimited” Bitcoin Cash client.

There has also been much discussion in the crypto world about the nature of this bug and what lessons we should takeaway from it. This article will detail my biggest takeaways, looking at it primarily from a technical perspective.

#1 The risk of a critical software flaw disrupting Bitcoin, or another major crypto network, is still under-appreciated.

At the beginning of August, it was revealed that Bitcoin Core developer Corey Fields had discovered and disclosed a chain split but in Bitcoin Cash. In his write up detailing that incident, Corey had this to say:

Working through this bug, which certainly had the potential for catastrophe, has reaffirmed my belief that the threat of software bugs is severely underestimated in the cryptocurrency world. I’m presenting a detailed report of this incident… as a wake-up call to companies who have not adequately prepared for this type of scenario.

This seems especially prescient in light of this latest vulnerability, and I fear many people are still failing to account for the risk. I’ve seen many folks on Twitter say things like “bugs can always be fixed” or “whats the big deal— it wasn’t even exploited.” We should make no mistake: Bitcoin dodged a bullet.

#2 Bitcoin development is under-provisioned given the enormity of what is now at stake.

A couple of months ago, Naval Ravikant set off an uproar amongst Bitcoiners for saying that incentives for Bitcoin developers are out of whack. Rather than discussing a very good point, most seized on the use of the economic term “free-rider” to imply, incorrectly, that Naval was criticizing all Bitcoin “hodlers”.

When some in the community did get around to addressing Naval’s actual point, most insisted that Bitcoin did not have a developer problem, that the contributions of passionate experts are sufficient, and that no conversation around how to fund additional eyes on the code was needed. I tweeted about this earlier in the week.

 
 

The commit that introduced this vulnerability was made by a single developer and merged after a cursory review by only one other. This, despite the fact the change was to a critical section of the code dealing with transaction validation. It subsequently remained in the code for a eighteen months before being discovered by someone working for a different project.

For a project with a $100 Billion market cap, which aims to make itself a store of value for people’s wealth, and on which many of us are resting our hopes for a more decentralized monetary future, this is simply unacceptable. I’m not saying I have the answers for how to solve this problem, but we damn well better acknowledge there is a problem, here!

#3 It’s totally unclear whether having only one widely used implementation of Bitcoin is a good idea.

Bitcoin Core is far and away the most widely used client software on the Bitcoin network, with over 95% of all nodes running it. Other networks have much more diverse topologies, such as Ethereum, which has multiple widely used clients built in different languages and by different teams.

There is a downside to heterogeneous networks, most critically that a consensus difference between two or more clients could lead to a chain split. This vulnerability lends credence to those who argue the benefits to multiple clients is worth this risk.

 
 

Had the bug been exploited, virtually all clients on the Bitcoin network would have been affected. Only those still running very outdated versions of the software would have been safe. A heterogeneous network would be more robust to these sorts of vulnerabilities, and arguably might result in their discovery sooner as well.

#4 Mining is (still) centralized, and mining pool operators have an outsized impact on consensus.

There’s no real new information here, just a dramatic demonstration of the reality. When this bug was discovered, the Bitcoin Core developers reached out to the operators of a handful of mining pools. Once some were patched, it was “safe” to reveal the full nature of the bug, despite the fact that 85% full nodes (like my own!) had not yet been patched.

 

Bitcoin hashrate distribution via blockahin.com

 

Running a full node is still a good idea for one’s own security— you don’t have to trust anyone to carry out transactions. And it does impute some measure of greater decentralization to have more full nodes in operation. At the end of the day, though, those in control of the hash rate have an outsized control on consensus, and at the moment, that means just a handful of pool operators.

Something that should create some cognitive dissonance for those of us who care about decentralization: the fact the hash rate is relatively centralized actually made patching this issue easier.

#5 If/when a sophisticated nationstate decides to attack cryptocurrencies, things will get ugly, fast.

What are the odds that someone inside a government agency, be it the NSA, or an equivalent agency in China or Russia, knew about this vulnerability before it was discovered and patched? I’d say they’re relatively high. If I headed up one of those agencies, I would certainly have a team reviewing the code of Bitcoin and other major cryptocurrencies, looking for exactly these types of weaknesses.

Why? Because that would be my job! Bitcoin, and other networks, have become too important on the international stage not to warrant attention from such agencies. And make no mistake, while these agencies are bureaucratic, they still employ and provide resources to brilliant people who, working in small teams, can accomplish incredible feats.

If, or more likely, when a major nationstate decides to become hostile to crypto, things could get…messy

Radical Markets: The Good, The Bad, And The Blockchain

Glen Weyl is a researcher at Microsoft and the co-author of “Radical Markets: Uprooting Capitalism and Democracy for a Just Society” (Link). He also recently co-authored a paper with Vitalik Buterin and Zoë Hitzig. Earlier this week the Philly Blockchain Tech meetup, which I help co-organize, was lucky enough to have him as a guest!

In this post, I’ll share some thoughts on Glen’s proposals. In particular I want to touch on what I like about them (“The Good”), where I’m more skeptical (“The Bad”), and why I think they mesh well with the ethos of the emerging crypto culture (“The Blockchain”). If you’re not familiar with Glen or his ideas, check out the recording of his talk at Philly Blockchain.

 
 

The Good

To put it simply, Glen and his co-author are thinking big. These are not run of the mill calls for narrow reforms or slight tweaks to our existing systems. The proposals laid out in “Radical Markets” are, well, radical.

If nothing else, then, the book is valuable because it demands you imagine a world that is profoundly different from the status quo. It is “mind expanding” in that it forces you to reconsider your baseline assumptions, many of which you won’t realize you’re making until they’re illuminated.

The book is also refreshingly non-partisan, existing outside the bounds of the tired right-left battle lines drawn in our increasingly unbearable political sphere. No doubt, someone out there will try to force the ideas into one camp or the other, but an honest reader recognizes they are orthogonal to the trite, tribal arguments that have become typical.

As one example, how many authors have you read recognize the moral imperative for allowing broader migration, while also acknowledging the benefits of migration generally accrue to the wealthy and to the migrants— at the expense of the working class in the host nation?

Rather than descend into name calling or moralizing on this divisive issue, Glen and his co-author suggest an alternative system, wherein all members of society might benefit from migration. The citizen-sponsorship program for which they advocate struck me as perhaps the most workable of the book’s proposals.

That said, I also appreciated that Glen and his co-author “swung for the fences” rather than limit the book’s ideas to those which seem politically feasible.

The Bad

This leads to the simplest— but also least interesting— criticism of the ideas in “Radical Markets”, namely that they’re impractical. I say this criticism is uninteresting not because it’s wrong, but instead because it’s right, and Glen and his co-author know it. They acknowledge the ideas need to be tried in small scale experiments, and that much advocacy would be required before any broader adoption.

A slightly more interesting criticism of these ideas is that they’re too optimistic about the extent to which “mechanism design” can be employed to create or shape markets. While Glen and his co-author are in no way proposing a centrally planned system, there is still a whiff of the central planner’s hubris in the idea that more efficient markets can be designed, and better outcomes can be engineered.

As a Software Engineer, I’ve learned this the hard way. When rearchitecting even a simple system, one is often surprised by the second order effects of seemingly small changes. What’s true for software is even more so for society— there may be unseen reasons for so-called inefficiencies, and we may be surprised by the repercussions of trying to “design” them away.

One final piece of criticism I have is directed specifically at the idea of using Harberger taxes for personal property.

I asked Glen at the Philly Blockchain event if we might be missing a moral component to purely private property. Might there be some inalienable right— whatever exactly that means— to own outright the fruits of one’s labor? Is it morally wrong to, say, force an elderly widow to sell her house of 50 years— even if you’re compensating her fairly for it?

Glen’s answer to this question was that companies might spring up to provide services to handle such cases. For example, a company might cover taxes on a high valuation in exchange for inheritance rights to the property, thus decreasing the likelihood a widow would be forced to sell if she didn’t want to. This answer is reasonable, but perhaps misses the deeper point.

The Blockchain

What excites me most about the ideas in “Radical Markets” is their possible application to decentralized crypto-networks. Unlike our existing economic and political structures, we’re building the world of the blockchain from the ground up. It’s a great opportunity to question assumptions and experiment with new ways of doing things.

While I may be skeptical of applying Harberger taxes to property, for example, they could be a great fit for “ownership” of digital namespaces.

As we build new kinds of decentralized organizations coordinated by blockchain based interaction, Quadratic Voting may prove a useful mechanism for governance.

Blockchain enabled products could recognize “data labor” and compensate users for it— the Brave Browser and the Basic Attention Token may be a harbinger of this.

The possibilities are endless and exciting. Furthermore, such experimentation in the context of crypto-networks could help prove these ideas out, making them more viable for application in more traditional settings.

Even more fundamentally, I think the core premise of “Radical Markets” fits well with the spirit of the blockchain community. Glen and his co-author are clearly concerned about the increasing concentration of power found in the modern world. The impulse to find ways to diffuse that power aligns well with the ethos of decentralization which underpins crypto. I’m excited to see where these ideas might go.

Thoughts From Coinvention: It's 1993 And This Is An Internet Conference

Yesterday, I had the pleasure of attending Coinvention, a blockchain conference in my hometown of Philadelphia. I was honored to moderate a panel and to share the day with a host of interesting speakers and attendees. Congrats to the organizers for putting on a successful event!

 

Kevin Owocki, founder of Gitcoin, gave my favorite talk of the day

 

Something that continually struck me about the conference was the wide range of backgrounds and perspectives found amongst both the speakers and the attendees. There were technical talks on ownable assets in video games, a panel of legal experts led by Kevin Werbach, a "crypto comic" who told something approximating jokes, and everything in between.

The hallway track was equally diverse. On the one hand, I spent 30 minutes with an excited team who wanted to show me their DApp. They'd just published it to the Ropsten test network, and we dove into the technical details of their smart contracts. I also saw a guy wearing a light-up Bitcoin hat with a Dash tattoo on his forearm, and at the vendor booths, I passed on the opportunity to try a "Bitcoin Energy Drink" called Liquid Assets.

Why is it the crypto space seems to attract such a variety of characters?

At the after party, I sipped a beer and posed this question to the group of folks I happened to be chatting with. "Well," said one of the other attendees, "It's 1993 and this is an 'internet' conference."

Right.

If this technology is going to be half as important as some of us think it is, the whole idea of a "blockchain" or "crypto" conference may seem silly in a 5-10 years. We should expect it to attract a wide variety of people, because it has the potential to impact every crevice of the economy. 

Still, there's much work to be done until then. In the meantime, it was nice to share the day with the quixotic cast of fellow enthusiasts and early adopters. Onward!

A Striking Exchange From The Ethereum Core Dev Discussion Of Block Rewards

Today, the Ethereum Core Dev team held a meeting to discuss lowering the block reward given to Ethereum miners. The primary motivations for this seem to be:

  1. The cost to the network in the form of inflation
  2. The environmental impact of energy spent on mining

To their credit, the team invited a number of miners of varying sizes and scales to give their input on the various proposals on the table. One such person was Xin Xu, who represented a large, China-based mining operation. He made this point [1:20:07]:

I want to point out...it’s more of a network security level. I posted a link before in the chat about crypto51.app, which is a website that helps you to calculate how much it costs to actually, do a, do a 51% attack to the network. For Ethereum, it’s not that much. However, why is there no one attacking the Ethereum network?

I think from my perspective, or our study as a whole team, is there isn’t any hashrate you can use in the market to attack the Ethereum network…. So, like there are a lot of people [saying] on the internet, “What if we cut the issuance? How much hashrate will go out?” However, at least to me, it’s not like if you’re going to cut [the block reward from] 3 to 2, only 1/3rd of the hashrate will go out, or maybe we’ll cut the Ethereum network’s security to 2/3rd.

It’s more like now we have 100 soldiers, and that’s all the soldiers we have in the world. But if we cut 40 of them out, then it’s not about if the enemy or the bad people have enough soldiers to attack us. Because before they had 0. Now they have 40.

They have the chance, once they have the capital, they always have the choice to hire those soldiers, or those hash rate, to attack, then. So my major point is, the Ethereum network has been secure or safe to now. It’s not because attacking Ethereum costs too much, it’s simply because now all the hashrates are on the Ethereum network, and no one has extra hashrate to attack it. So even if you have enough money, it’s not going to happen.

The issue he brings up is rather interesting. Essentially, he's arguing that attacking the Ethereum network is difficult today primarily because the world is hardware constrained. There literally aren't enough GPUs for you to buy, or hire, to achieve the hash rate needed to attack.

Thus, when considering the security effect of forcing some percentage of miners off the network, one can't simply look at the hash rate reduction. One also has to consider that a bunch of GPUs suddenly become available for attack that weren't before.

I'd take this a step further and point out that new GPUs will continue to be manufactured. If these are no longer profitable for mining, they won't be bought up for mining, and will become less expensive and more widely available. This makes it significantly easier and cheaper for a would-be attacker to acquire the hardware that would actually be needed to attack the network.

In short, Xin Xu is making the case that considering security to be equivalent to the hash rate is naive. The network hash rate must be put in context of the global supply of GPUs and other mining hardware, and that supply is itself effected by the issuance rate.

To my surprise, no one engaged Xin Xu on his point. In fact, the very next person to speak was Carl L., who had this to say [1:22:14]:

The point I wanted to make was that, going forward, I think we can sort of concern ourselves with the current hashrate and the current miners and their running efficiency. In order to….you know, do we need additional hashrate? Like are we talking about wanting to continue to grow the hashrate? Is that desirable?

In my mind, that’s absolutely not desirable. And in that case, looking at the kind of equipment cost, we want to be discouraging that equipment, that investment in new equipment. And one way to do that is to, you know, to lower the block reward, and that you know, worsens the economic argument for that investment.

In case it wasn't crystal-clear that discouraging investment in mining was an explicit goal, Tim Coulter had this to say [1:25:28].

If people are continuing to invest in mining, then I completely agree that we should de-incentivize that.

As I've said before, I'm rooting for the Ethereum Foundation to achieve it's goal and bring a secure, truly decentralized PoS network into the world, even though I remain skeptical.

While we wait for PoS to materialize, it seems prudent to tread carefully with regards to network security. I was disappointed today that no one engaged Xin Xu on this discussion of the second-order effects a reward reduction might have on hardware availability, and thus network security.

Ethereum, Proof-of-Stake, And The "Free Hard Fork" Problem

This post will outline an issue with the aspiration to move the Ethereum network to full Proof-of-Stake. Vlad Zamfir currently leads one team researching that effort, which is known as Casper "Correct By Construction", or CBC. Previously, a hybrid PoS system called Casper FFG had been planned-- this issue does not apply to such a system. To the extent new plans for a "beacon chain" involve a full PoS system, this issue might apply to said chain. (The technical details of that effort are still unclear to me, so I hesitate to make any pronouncements).

It's worth noting at the outset that it's entirely possible the point laid out in this post has indeed been made before and discussed, perhaps on the boards of ethresear.ch, for example. If it has, then I'll be happy to have someone point me toward that discussion. I've been unable to find it.

Still Nothing At Stake

Simply stated,  the "free hard fork" problem is the "nothing at stake" problem moved up to the level of pre-planned, possibly-contentious hard forks.

 
 Proof-of-Steak. Get it!?

Proof-of-Steak. Get it!?

 

Casper CBC aims to solve the nothing at stake issue by slashing validator deposits for bad behavior. To greatly simplify a complex, work-in-progress protocol, the network will take funds from validators who vote on multiple chains. The goal is-- at a minimum-- to recreate the incentive structure of Proof-of-Work.

For the sake of this discussion, let's assume the CBC, or some other research effort, is successful in developing an algorithm that is secure, decentralized, and replicates the incentive structure of PoW within the network.

The issue is, tautologically, the network can only punish you for activity on the network. In a pre-planned hard fork, node software can be programmed to begin validating multiple chains that are invisible to each other at a given block height. The network parameters can simply be changed.

This is important. It means to execute a possibly contentious hard-fork, you don't have to convince miners to dedicate scarce resources (hardware & electricity) to your fork instead of the consensus chain. You need-only to convince validators to run software that will validate your chain in-addition to the consensus chain.

And why shouldn't they? There is no marginal cost to do so. Even if the fork ends up worth a small fraction of the main chain, this is "found money" to the validators.

Stated another way, when a PoW chain hard forks, it is (nearly) guaranteed that one chain will be significantly less secure than the other. In a post-PoS world, you can hard fork and end up with two chains which are equally as secure as the original.

Have we fully considered what that might mean for the ecosystem? Might we be headed down a path that results in a proliferation of Ethereum forks?

Objections

In the next section, I'll enumerate some objections to this point and respond to them. 

Validators won't bother to install and run specific software for hard forks

They probably won't bother to run any old software that purports to create a fork, true. But if a moderately prominent developer or company in the ecosystem decided to hard fork, my guess is a very sizable percentage would. Again, why not? This is found money for very minimal effort.

A parallel can be seen in Dogecoin, which is merge mined with Litecoin. Litecoin miners happily run software that mines both, because they can do so for free. I doubt many care about Dogecoin. But why not take free money?

No one in the ecosystem with any credibility will attempt a contentious hard fork

This is incredibly naive and obviously wrong. In fact, not only is it inevitable that multiple hard forks will eventually be attempted due to pure community disagreement, the ability to hard fork for free also brings up some interesting legal and moral questions.

One example: in a world where it's shown hard forks can be executed with shallow consensus, might Parity have a fiduciary duty to create and champion a hard fork that unlocks customer funds lost in their multi-sig wallet fiasco? Many customers had significant amounts of money lost. If executing a fork can result in even a small percentage of that value being returned, ought they not try to do it?

Validators won't support contentious hard forks because it would hurt the ecosystem, devaluing their investment

This is a silly argument which is clearly false from a game-theoretic perspective. If it were true, Proof-of-Stake would already work in a fully decentralized way, and we wouldn't need efforts like CBC in the first place.

Validators will only run the software the Ethereum Foundation approves

If this is true, then the detractors who claim Ethereum is centralized because of the Foundation's outsized influence are right. We might as well shut the thing down and just let the Ethereum Foundation run some servers for us. It will certainly scale better.

We can find a way to punish validators who vote on other networks

There are a few things that you might mean by this, so let's take them one at a time:

1. A centralized oracle controlled by [some group] will report dishonest validators

Seriously? Just get out!

2. A decentralized oracle, something like an Augur market, will report dishonest validators

Well, I guess this is theoretically possible, but boy, we're adding whole new layers of complexity to the game theory involved-- let alone the technical challenges.

3. We'll use [magic cryptography] to punish validators when they vote on other networks

The idea here would be some form of cryptographic mechanism which would force the validator to reveal some information on the non-consensus chain that could be used by a self interested party on the main-chain to claim a chunk of the validator's stake.

I'm not aware of any mechanism that could accomplish this, but I admit to being far enough out of my league on advanced cryptography to know it's definitely impossible. zkSnarks still feels like magic to me, so maybe it can be done.

OK let's assume you're right. Who cares? Is having lots of forks actually a problem?

This is a good question. I don't know, and the truth is nobody does. It'd be an experiment in game theory at a grand scale, thats for sure.

My instinct tells me that if you make it much easier for a community to fracture, then it will probably fracture. A lot.

Protestantism might be an odd-but-interesting historical analog. Because it made it theologically painless to create a new church, a single splinter off the Roman Catholic Church has subsequently self-divided into 30,000+ unique denominations.

Do we care if that happens? What happens to Ethereum(s) in that case, in a world where Bitcoin and other cryptonetworks also exist?

Basically ¯\_(ツ)_/¯

So...what? I'm not sure. Am I missing something obvious that makes this a non-issue? Maybe! Has this issue been discussed and resolved by folks smarter than me already? Possibly!

Do we just proceed full steam with PoS, recognizing this limitation but hoping it turns out not to matter too much? Well, maybe...but that sure makes me nervous.

I don't have a profound conclusion here. Basically...¯\_(ツ)_/¯

The Two Views Of Crypto: Sound Money Vs. Global Computer

Each of us has a unique personality and history that influences the way we perceive the world-- our own set of lenses through which we view reality.  It turns out, those lenses can result in dramatically different conceptions of the same phenomenon.

 
 It will Shock some of you To Learn all three versions look 100% Gold & White to Me ¯\_(ツ)_/¯

It will Shock some of you To Learn all three versions look 100% Gold & White to Me ¯\_(ツ)_/¯

 

In the crypto world, amongst those who believe this technology to be lasting and important, there seem to be two dominant viewpoints. In this post, we'll elucidate these two lenses, explore what each perspective gets right and wrong, and seek to unify the two if possible.

A World Computer

Many people view blockchain networks as giant, decentralized, global computers. Henceforth, we'll call people who tend toward this perspective "Computerians". (It's a dumb name, but I really don't want to type "people who have this perspective" over and over, so let's go with it).

 
 A blockchain computer is everywhere and nowhere. Code IS run and State is Replicated across Thousands of Nodes

A blockchain computer is everywhere and nowhere. Code IS run and State is Replicated across Thousands of Nodes

 

Computerians tend to be developers and software people. They recognize blockchains as a new place to run their code and store their data. Compared to traditional computers, blockchain computers are wildly inefficient, expensive, and hard to program safely.

Despite this, Computerians are excited to write software for these global computers, and believe this software will change the world. Thats because they recognize a host of new capabilities these computers bestow on software, namely:

  • Digital scarcity
  • Data storage that is immutable, auditable, and censorship resistant 
  • Code that is unchangeable once deployed (i.e. the ability to provide guarantees to users about how a system will behave)

To put it succinctly, Computerians believe software is eating the world-- blockchain computers enable them to write new kinds of software and thus devour parts of the world previously thought indigestible.

Sound Money

In contrast to the Computerians, there are a group of people who view blockchain as primarily a monetary innovation. For these folks, "blockchain" is an implementation detail. We'll call them the "Fiscalites."

 
 Is Bitcoin a Better Gold Than Gold?

Is Bitcoin a Better Gold Than Gold?

 

Fiscalites are more likely to have a background in economics, finance, or political science. They understand that, historically, things that become money-- like shells or precious metals-- have had certain properties, such as:

  • Durability and secure-ability
  • Measurability and divisibility
  • Forgery resistance

Looking at cryptocurrencies, Fiscalites recognize them as a revolutionary new form of sound money. Fiscalites tend to be skeptical of fiat money, that is, money issued and controlled by a government. They view centrally controlled, inflationary monetary policy as dubious.

Concisely, Fiscalites see cryptocurrencies as an ascendant new form of global money and the antidote to the questionable modern experiment of fiat currency.

Each Side's View Of The Issues

Unsurprisingly, viewing the world through these different lenses leads to different conclusions regarding various matters. Let's examine how each side perceives:

  1. The concept of cryptocurrencies
  2. Altcoins and other tokens
  3. Scaling and network upgrades

Cryptocurrencies

It should be self evident that to a Fiscalite, cryptocurrency is the whole ball game. The underlying blockchain technology is an afterthought. It's the sound money it enables that matters.

A Computerian views cryptocurrencies as a fundamental component of blockchain computers, but not as their singular end. A network's currency underpins the incentive structure that allows it to function in a decentralized manner, and it enables powerful use cases in the form of programmable money. While Computerians recognize the importance of these functions, the currency doesn't conclusively define the utility of the network.

Altcoins and Tokens

Fiscalites tend to be Bitcoiners. Since Fiscalites are focused on sound money, they see the network effects of Bitcoin as unstoppable. The more people who store their wealth in Bitcoin, the more its value increases, and the more likely others are to use it to store their wealth.

To a Fiscalite, unless a large number of people are willing to store their wealth in a given coin or token, it's useless. Most believe only one asset can accrue such broad social trust. An open minded Fiscalite might be interested in altcoins that improve on the money-ness of cryptocurrencies, such Zcash and Monero, but thats about as far as it goes.

 
 Fiscalites Put Bitcoin On A Pedestal.

Fiscalites Put Bitcoin On A Pedestal.

 

As engineering minded folks, Computerians are more open to new projects which experiment, add features, and explore the blockchain tradeoff-space. As such, many of them are excited about Ethereum, but not exclusively so. They're multicoiners.

Computerians can envision a world where multiple blockchain networks see mainstream adoption, and where technologies like decentralized exchanges and atomic swaps allow users and software to transact seamlessly between them. Many Computerians even envision a world where a multitude of tokens and assets are implemented in code on top of these networks, each providing some narrow utility or incentive structure.

Scaling and Network Upgrades

Fiscalites don't want to change the network. Period. If the network can be changed, then theoretically it could be censored, broken, or have its monetary policy altered. This would damage its social credibility as money. For Fiscalites, intractable governance deadlock is a feature, not a bug, and suggesting a change to the network for scaling purposes is like proposing we alter the atomic composition of gold to make it easier to carry around.

Fiscalites want to scale the network on the second layer-- i.e. by leaving the base protocol untouched, but building on top of it, even if that comes with some tradeoffs. A historical analog would be government issued gold notes. They made using "gold" easier, albeit with some tradeoff towards trust. This was acceptable as long as there was an easy way to opt out of that trust by exchanging notes for physical gold.

 

Gold Notes Could Be Redeemed For Gold On-Demand

 

Computerians see scaling as an engineering problem, and one that must be urgently solved. If blockchain networks are all about creating new kinds of software, then we need lots of people to be able to use that software. These networks need to scale. As such, Computerians don't take an either-or view of scaling when it comes to layer 1 vs. layer 2. Why not both?

Naturally, this means lots of changes to the network. "Fine, let's get to 'em," says the Computerian. Even changing the monetary policy is not off the table in service of making the global computer work better.

What Each View Offers The Other

As we've seen, Computerians and Fiscalites seem to disagree on quite a lot, despite both being bullish about the overall importance of crypto. The truth is, the two views are complimentary, and each is necessary to keep the other in check.

We are the proverbial blind men, each feeling a different part of the elephant while arguing over its nature. We ought to be triangulating our viewpoints.

The Blind Men and The Elephant, Via Wild Equus

My background lends me to a more Computerian disposition. I've come to realize there is much we should learn from our Fiscalite friends.

Computerians ought to take more seriously the history of money, and tread more carefully with regards to network changes as a result. The Ethereum DAO hardfork makes a good example of where this can go awry.

To an engineer, the hardfork felt like fixing a bug-- correcting a piece of software that had not behaved according to its design. In reality, the hardfork was a breach of social trust that damaged the credibility of the Ethereum's decentralized nature. For ETH to be money, this is unnaccetpable. Hopefully, history will view it as a one time event that is forgivable due to the network's nascency.

The Ethereum community also tends to have an unbridled optimism and confidence around fixing problems through engineering. This can be energizing, but it can also border on dangerous naiveté. The push towards Proof-of-Stake, for example, strikes me as more risky than the community admits.

Finally, while Computerians may always remain multicoiners at heart, they should probably recognize that at some point, consolidation to a small handful of networks is not only inevitable, it's desirable. We almost certainly don't need a token for every decentralized app under the sun.

For their part, I think Fiscalites could stand to learn a few things from Computerians as well.

For one, Fiscalites are painfully narrow-minded when it comes to anything other than sound money. In fact, this narrow-mindedness can turn to actual hostility towards those who suggest other use cases for decentralized networks. This is foolhardy, as these other use cases do not preclude cryptocurrency being used as sound money in any way.

Smart contracts are the most obvious example. Fiscalites downplay their importance or outright write them off, as Jimmy Song does in the piece linked below. But an army of tinkerers and builders are flocking to these platforms to see what they can create with the new capabilities they've been granted. Underestimate them at your own risk, but perhaps do a bit of research on the history of personal computers, open source, or the web before you do.

 

Finally, Fiscalites ought to at least consider the idea that multiple crypto-networks can coexist. Perhaps they'll be proven right in the long run and Bitcoin will dominate. Even if so, pretending to know right now, with certainty, that Bitcoin is the only coin that can possibly prosper is beyond presumptuous, it's preposterous. The world is simply too complex.

Can't We All Just Get Along?

If these two vantage points are to be reconciled, we must find common ground. The essential point of contact between the two ways of thinking is decentralization. Both sides deeply value the potential for crypto-networks to disintermediate entrenched central powers.

Fiscalites are focused on state-backed central banks who tinker with the economy through top down monetary policy. Computerians are concerned by the giant internet aggregators who increasingly control the web, wielding broad power to promote or censor what is seen. Both are rightly uneasy about deepening concentrations of power in the modern world. Both recognize the immense promise and importance of dispersing it.

This vision of a bottom-up, decentralized world, enabled by crypto-networks, is one worth fighting for. Hopefully, those who share it can be persuaded-- despite their distinct perspectives-- to work together to see it realized.


Note: Build Blockchain Tech may not hold rights to the images used in this post. In such cases, images are reproduced here under the doctrine of fair use.

What If We're Wrong? Steelmanning The Case Against Crypto

Augur, the decentralized prediction market built on Ethereum, has been running for two weeks. Since then, the money at stake in the system has grown to $1.5 M, making it one of the highest profile DApp launches to date. In many ways, it is demonstrating the potential decentralized platforms hold. That potential, it turns out, is both good and bad.

 
 A steelman argument is the opposite of a strawman: one makes the best argument possible for the opposing view

A steelman argument is the opposite of a strawman: one makes the best argument possible for the opposing view

 

A Market For Murder

Already, so-called "assassination markets" have begun to crop up on Augur. By allowing betting on whether a public figure will die in a given time period, an incentive to murder is created. Hopefully we can agree we don't want that. What's less clear is what we can do about it. Augur is decentralized. Its creators recently disabled their escape hatch, i.e. their kill switch. Even if they had shut it down, someone would surely have launch a version that can't be turned off. So what now?

 

There are a lot of arguments against crypto-- doubts about scaling, misunderstandings around energy use, uninformed claims that it's value-less because it's "not real." These arguments are weak and fall apart under scrutiny.

The situation with Augur cuts to the heart of the one thought that truly makes me doubt my enthusiasm about this technology: what if we're wrong about the benefits of decentralization itself? What if centralized authority is actually critical for civil society, and we're in the process of destroying it?

Déjà Vu All Over Again, Again

I've written before how much the crypto community could learn from the lessons of the internet itself. This case is no different.

It's hard to remember now in 2018, but there was a time when many had a near-utopian view of the internet's impact on the world. By connecting all of humanity with a decentralized network, we would end our divisions and enrich each other's lives. Once we could talk with each other across the globe, we would recognize our shared humanity and erase our cultural differences. The end state would be a unified humankind. So the story went.

 
 Our AOL personas once ran Eagerly into the arms of a happy online family. These were simpler times.

Our AOL personas once ran Eagerly into the arms of a happy online family. These were simpler times.

 

The reality, which we've only really started to grasp in the last few years, has been close to the opposite. When we can read and watch whatever we want, we choose the content that confirms our biases. When we can talk to whomever we want, we find exactly the community of people we most agree with. Rather than uniting us, the democratization of content and communication has balkanized us. We've opted into our own filter bubbles, and once there, radicalized ourselves in a flurry of self-indulgent groupthink.

The result is the degradation of our politics, the polarization of virtually all discourse, and the rise of ideas that were, even very recently, far on the fringe. Scott Alexander put it succinctly in a recent piece on his blog:

 If you spend decades inventing a powerful decentralized network to allow unpopular voices to be heard, sometimes you end up with unpopular voices being heard

If it's true that the decentralizing force of the internet has pushed public discourse to the brink of collapse, then what havoc might yet be wrought by crypto? We're inventing powerful, un-censorable, decentralized networks to allow anyone to transact with anyone anonymously. Should we act surprised when unsavory transactions occur? Murder markets, and a hundred other nauseating trades, may be here to stay. Can society function if they are?

Whither Kryptonite?

This is the fear that keeps me up at night-- that make me question my involvement in this crazy space. This is the steelman to my optimism around crypto. Yet here I am, still learning and building. Why? Because the alternative is unacceptable.

 
 The risk of steelmanning your opponents argument-- you might convince yourself!

The risk of steelmanning your opponents argument-- you might convince yourself!

 

If centralized authority is required for civilization to function, it implies that people cannot be trusted with their own free will. It means that there must always exist some superior elite-- granted the unilateral power of censorship and violence-- tasked with putting guard rails around the otherwise-destructive tendencies of the unwashed masses.

Given that people with power have committed the worst atrocities in history, this seems unlikely. If we must rely on some supermen to protect us from ourselves, then perhaps we are truly doomed. I don't believe we are, and net everything, I believe both the internet and crypto will be good for the world.

Still, we should not charge forward with blinders on, pretending there are no downsides to the technology we're creating. Without a doubt, it will be used nefariously by some. It already is. More than that, it has the potential to disrupt much of the status quo. In the process, it will create as great a tumult for society as the internet itself has-- or worse. As technologists on the bleeding edge of this new world, we should be wary of these risks. Let us wield our privileged position responsibly.


Note: Build Blockchain Tech does not hold copyrights to the images used in this post. They are reproduced here under the doctrine of fair use.

Against Narrow Minded Maximalism

What is a Bitcoin Maximalist? Some insist the term is derogatory, akin to a slur. Others seem to own the term proudly. Whatever your opinion on the term itself, there is no doubt that within the blockchain/cryptocurreny world, there is a group of people who:

  1. Are singularly focused on the idea of creating "sound money" and believe Bitcoin does this in a superior way to all other cryptocurrency networks.
  2. Subsequently believe Bitcoin will dominate in the long run, and most/all other projects will die.

These are reasonable positions to hold. I am quite sympathetic to both of them. In my probabilistic view of the future of crypto, a non-negligible weight is assigned to the possibility that Bitcoin will become the dominant network by an order of magnitude or more.

There are, however, two corresponding traps that I see Bitcoin Maximalists fall into:

  1. The Either-Or Trap: Being so focused on creating sound money that one becomes actively hostile to other obviously valuable use cases.
  2. The Predestination Trap: Viewing Bitcoin's dominance as a fait accompli, and allowing no consideration for other outcomes.
 
 Obligatory meme

Obligatory meme

 

Both of these stem from what can only be described as narrow-mindedness.

The Either-Or Trap

A great example of the first trap can be seen in Jimmy Song's blog post, "The Truth about Smart Contracts". In it, Song takes aim at Ethereum and argues:

"smart contracts are simply too easy to screw up, too difficult to secure, too hard to make trustless and have too many external dependencies to work for most things."

As a developer, it's hard for me to believe another technologist would downplay the incredible disruptive potential of smart contracts. Software is eating the world, and smart contracts allow us to do things with software that were previously unimaginable.

Are there issues to work through and best-practices yet to be developed? Sure. It's fair to point these issues out and Jimmy does a good job of covering some of them in his piece.

But we're talking about trust-minimized code manipulating immutable, auditable data code that can create, manage, and move a multitude of scarce digital assets. To dismiss the far reaching implications of that outright simply because the ecosystem is still in an embryonic state is preposterous. 

Jimmy is smart enough to know better, but his narrow-minded focus on cryptocurrency as sound money makes other use cases seem like a threat. If smart contracts will detract from sound money, then for maximalists, smart contracts must be bad. But the two are not in opposition. In fact, they're quite complimentary. Which would you rather have: sound money, or programmable sound money?

This same negative attitude is on display for other obviously disruptive use cases as well, such as tokenized securities.

Many maximalists, like Kevin Pham, dismiss tokenized securities as a purely sustaining technology. They're not. The ability to spin up tokenized equity and encode the ownership/distribution rules around that equity on a blockchain will likely be huge. It could change the way companies are formed and how capital is raised. It could enable a new wave of global entrepreneurship.

The point here is not to downplay the importance of sound money.  Rather, it's to recognize that we don't have to choose between sound money and other disruptive use cases. These things can coexist and compliment each other. But if Bitcoin proponents continue to ignore or attack these other applications, we may see them flourish on other networks instead. Which brings us to the second trap.

The Predestination Trap

Bitcoin may very well end up the single, dominant public blockchain, but this is not guaranteed. That should be obvious, yet some maximalists react defensively to what should be uncontroversial observations, like this one from Naval:

The best we can do is to view the future probabilistically, and even then it is unwise to assign too great a probability to any one outcome. There are simply too many variables and non-linearities to make a pronouncement; the future is fractal and these systems are too chaotic to submit to naive models.

We may end up with multiple valuable chains. Another chain might overtake Bitcoin. Chains may segment regionally or ideologically or based on functionality. Any number of outcomes are possible. It is wise to take all these possibilities seriously, to invest to capture upside from any of them, and to build and advocate for the vision of the world you'd like to see.

Productive Maximalism

Bitcoin Maximalism, whatever exactly it is, is not necessarily a bad thing. That Bitcoin has a rabid, committed fanbase is, in some ways, a very good sign for its future. Should said maximalists invest their energy in building the future in which they believe, their prophecies may be self fulfilling. It has the potential to be a very productive force.

The danger, though, lies in a narrow minded maximalism one that needlessly ignores powerful applications of blockchain technology and dismisses other projects embracing those possibilities. If too many maximalists fall for these traps, their devotion may preclude the very outcome for which they yearn.

Apple has the Incentives, Values, & Tech to Bring Blockchain Mainstream

Here's a thought experiment: imagine Apple buying Brave, the privacy-focused browser company that uses a cryptocurrency to compensate content creators.

Apple could integrate the Basic Attention Token (BAT) into Safari and give every user with an iCloud subscription a few tokens a month to be distributed to the sites they browse. The iPhone's secure element could store your wallet's private key such that not even Apple could access your tokens.

Apple could market the tech as ushering in a new age of sustainable journalism and content creation, one aligned with user privacy and with democratic values. The move would also be a blow to some of their biggest competitors. As a nice cherry on top, the acquisition itself would likely cost nothing; the value of BAT tokens held by Brave would skyrocket with the deal's announcement.

This isn't a prediction, it's just a thought experiment. The point is that the story at least sounds plausible. You could imagine it happening, even while acknowledging it's very unlikely it will.

Now imagine Google buying Brave. Would they integrate it into Chrome? Of course not! Doing so would kill their ridiculously lucrative ad network. Would they let you control your keys? Of course not! To Google, all computing belongs in the cloud (i.e. on their servers) and a Google account should mediate your identity on the web. Google is completely misaligned with Brave's ethos.

Privacy as a Strategy Credit

Of all the major tech companies, Apple seems to take user privacy the most seriously. This was on display at their World Wide Developer's Conference last week. They announced, for example, that Safari will get numerous features aimed at thwarting efforts to track you across the web.

Apple markets these changes as great for users, without compromising their business, and weakens their competitors at the same time. Apple, after all, just wants to sell you more devices. Personal data, while the lifeblood of companies like Google and Facebook, isn't particularly valuable to them. Several years back, Ben Thompson coined the term "Strategy Credit" to describe the situation.

It would be overly cynical, though, to say Apple only adds these features because of financial incentives. I believe Apple, and Tim Cook, truly do value users' privacy. It was Apple, after all, that went toe-to-toe with the FBI rather than backdoor a terroist's phone. Just today, it was announced that Apple would close another security hole used by law enforcement to crack iPhones.

That Apple's values surrounding privacy also square with Apple's business model should be seen as a powerful alignment, one that could drive real change in the industry given the company's incredible leverage.

Towards A Decentralized Future

This, then, is the most compelling reason to believe Apple could be the first major tech company to embrace blockchain technology: they are best aligned with the vision of a decentralized future it promises.

Google and Facebook, on the other hand, are completely misaligned. The very premise of each business is to provide centralized services. A decentralized future, one that gave even minimal control back to users, could weaken or destroy them.

It's not at all surprising that Apple has yet to wade into the Wild West that is crypto. They rarely adopt bleeding edge technology. Still, Apple's values, incentives, and tech stack align well with a decentralized future. Historically, they have a knack for knowing when an emerging tech is on the cusp of adoptability. If and when Apple makes a move to embrace blockchain technology, pay attention!

What the Crypto Community Should Learn From GitHub's Acquisition

On Monday, Microsoft announced that it had acquired code-collaboration site GitHub. Initial reactions have been mixed. More than a few have pointed out that Microsoft has embraced open source as of late, seemingly sincerely. Many of us, though, can't help but feel uneasy seeing the Redmond behemoth, whose then-CEO once literally called Linux cancer, now in control of the hub of all open source software.

What happened here, anyway? Given that git is an open source protocol for decentralized version control, how did we end up re-centralized around a Bay Area startup- one which, in retrospect, was almost certainly destined to end up inside one of the tech giants? Let's examine this more closely. There is an important lesson for the cryptocurrency/blockchain community to learn.

 

New Powers, New Problems

Git was created by Linus Torvalds to help manage the development for the Linux kernel. Existing version control systems relied on a centralized, client-server style architecture. Your repository lived on a server, controlled by an admin, while you, the lowly developer, merely ran a client to interact with it. Git flipped this on it's head, as Linus himself explained:

...having a local copy of the repository and distributed merging was a big deal. The big thing about distributed source control is that it makes one of the main issues with SCM’s go away – the politics around “who can make changes.” ... you can avoid that by just giving everybody their own source repository.

 

In stark contrast to existing systems, git made branching, merging, and forking painless. Anyone could grab a copy of a repo from anyone else, create a branch, commit modifications to the code, and provide those changes to anyone else for easy merger. Previously, the centralized repo had been the choke point of a given project. That choke point was gone.

With this new set of powers, we saw a Cambrian explosion of open source that coincided with git's adoption. But with so many developers now able to hack on so many projects, new problems also arose. Discoverability, collaboration, communication, bug tracking- all of these became challenges. That's where GitHub stepped in, providing elegant, centralized solutions around all of these new problems.

The introduction of a distributed, decentralized, peer-to-peer protocol for source control removed one set of choke points. But it also created a new set of problems, and we ended up re-centralized around a single tool- one that literally has hub in the name, in case you missed exactly what was happening.

Déjà Vu All Over Again

This turn of events shouldn't surprise us that much. In fact, we've already seen it, and on a much grander scale. This is almost exactly the story of the Internet.

Where previously, the dissemination of content was controlled by a small number of entities who managed distribution (publishers, broadcasters, etc..), the internet introduced a distributed, decentralized, peer-to-peer protocol that removed those choke points. And it also created new problems. With virtually infinite content to consume and people you can communicate with, how do you find what and who you're looking for? Enter Google and Facebook, the centralized colossi that solved these problems, and in doing so became the new choke points.

Twice now, (and there are many more examples), we find the introduction of a decentralized protocol demolishing old choke points but also creating a new set of problems, and thus leading users to re-centralize around the companies that solved those new problems. Could there be any application of this idea to the world of cryptocurrencies? 🤔

This Time, It's Different?

Many of us believe we're in the early days of introducing decentralized protocols for money, identity, ownership, and possibly many other things. In so doing, we'll remove a whole host of existing choke points. But what are the new problems that will arise if we do? And could the solutions to these problems lead to re-centralization: a new set of choke points? There are already some early, obvious examples of problems that are being solved in centralized ways: on/off ramps to fiat, interfacing with regulatory bodies, production of mining hardware, and key custody are just a few examples. Many other less obvious issues are likely to arise over time.

A large part of the crypto/blockchain community is excited about the potential for these technologies to diffuse power from central authorities. Me too! But I can't help but wonder if, in our glee to see things decentralized, we're missing a valuable lesson from history. Much of the focus now is on the disintermediation of middlemen sitting at existing choke points. Perhaps we should be much more attentive to, and concerned about, the rise of the new ones.


If you enjoyed this article, please consider signing up for my newsletter by clicking here. I occasionally send links and thoughts on whats happening in crypto with a heavy bias toward technical topics.

Has The Window For Bootstrapping A Proof-of-Work Coin Closed?

In the wake of three high profile mining-related attacks on notable alt-coins, one can't help but wonder: is the window for bootstrapping a new proof-of-work cryptocurrency closed? If not, it must be getting close. (For reference, see attacks on: Verge, Bitcoin Gold, Monacoin).

The default failure mode for any new cryptocurrency in 2018 is the sound of silence. For a coin to be attacked, first someone has to care enough to try. It's likely no one will. For the sake of this discussion, we'll assume we're talking about a coin that's getting some traction: it's listed on some exchanges and has some notable trade volume.

Launching a new PoW cryptocurrency there are, broadly speaking, two choices when it comes to choosing a hashing algorithm:

  1. Choosing an existing hashing algorithm used by other coins
  2. Creating a novel hashing algorithm by tweaking or combining existing ones

There are lots of variations on these two themes. Verge, for example, got cute and allowed miners to use any one of five different algorithms to produce blocks- a "feature" exploited by its attacker. For the most part, though, a project will fall into one of these two buckets. Let's examine the issues with each.

Using An Existing Algorithm

The problem with choosing an existing hashing algorithm, one used by an established cryptocurrency, is obvious: your fledgling chain is immediately susceptible to a 51% attack from existing miners. Those miners likely have warehouses full of ASICs churning out hashes 24/7. Even a handful of those machines, if diverted toward your chain, could destroy your network. And, as Charlie Lee pointed out recently, there is no real incentive that prevents them from doing this.

 
 

Many miners will have no bones about extracting a quick profit while demolishing your chain, then pointing their hash power back to an established coin. So, using an existing algorithm seems to be off the table. But what about....

Using A Novel Algorithm

Creating a new hashing algorithm seems like an attractive alternative to being crushed by existing miners, but this path, too, is fraught with peril. For one, introducing a new hashing algorithm is nontrivial from a technical perspective and introduces a security risk for your network.

More importantly, any coin that gains real traction in the market will immediately trigger a race to develop and manufacture ASICs- a feat only a small handful of companies currently excel at. As the recent development of ASICs for Equishash and CryptoNight demonstrate, no algorithm is truly ASIC resistant.

Thus, it's only a matter of time before a new algorithm is being mined by stealth ASICs and your network is controlled by, at best, a few companies. (More likely, by just one company- and I do mean one in particular). You might be tempted to think said companies would sell the ASICs and distribute the hash power and all would be well, but as David Vorick recently pointed out in his must-read summary of The State of Crypto Mining, this is not the case:

At the end of the day, cryptocurrency miner manufacturers are selling money printing machines. A well-funded profit maximizing entity is only going to sell a money printing machine for more money than they expect they could get it to print themselves.

 

The best case, then, for a budding PoW coin is to find its hash rate controlled by stealth ASIC miners run by 1-3 entities, with only their goodwill preventing a 51% attack at any moment. Not exactly the decentralized future we were all hoping for.

So, What Now?

I'm honestly not sure we'll see a single new PoW coin launch and gain large scale traction again. Ever. If we do, then certainly that project's team will have to spend a disproportionate amount of time threading the bootstrapping needle to avoid the pitfalls described above.

As for existing coins, I'd go so far as to say that virtually all PoW alt-coins in the long tail are protected merely by obscurity¹. Existing large scale miners and/or ASIC manufactures could trivially attack them. They simply can't be bothered.

A handful of other coins, like Monero and Zcash, have signed up to play an eternal cat and mouse hardfork game with ASIC manufactures. This strikes me as ill-advised, but we'll see where it goes.

Finally there is a top tier of PoW coins that have clearly achieved escape velocity and are relatively safe from a 51% attack. Bitcoin, Litecoin, and Ethereum are the most obvious examples. These chains benefitted from the opportunity to bootstrap in (relative) obscurity and are now (relatively) protected by (relatively) distributed hash power and (relatively) commoditized ASICs. (Did I mention this is all relatively speaking?)

For those of us that care about decentralization and censorship resistance, this conclusion is alarming. To date, PoW is the only effective consensus algorithm that hasn't compromised on those two values. It seems our hopes for a decentralized future rest on the success of at least one of these small handful of projects- or on efforts to develop truly decentralized alternatives to proof-of-work.


¹ There's actually another class of coins I intentionally disregarded in this post: those that merge mine with much larger coins. Bootstrapping a merge-mined coin is basically as challenging as any other PoW mechanism, but there are a handful of coins that have crossed the chasm. Dogecoin, the primogenitor of meme-coins, is (hilariously) the best example of such a chain. Perhaps Doge deserves its market cap after all!