A high level overview of ICOs

[Note: I neither own nor have any trading position on any cryptocurrency.  The views expressed below are solely my own and do not necessarily represent the views of my employer or any organization I advise.]

Just as I did with the COIN ETF proposal last year, I have also written a 50-page paper for internal use diving into the world of ICOs.

I am not sure if or when it will be made public, but here are a few salient points:

    • ICO stands for “initial coin offering.” Depending on what cryptocurrency group is pitching an ICO, it may be in exchange for company equity, but often times there is no explicit contractual link between control of the coin itself with some kind of equity or financial performance of the company… because there is often no formal contract provided to investors.  Not all ICOs are alike and any prospective user or investor should look into the specific operational and funding arrangements.
    • Since January 1, 2017, more than $200 million has been raised by more than a dozen ICO-related projects and companies, a figure that will likely double by the end of the summer and triple by the end of the year as turn-key platforms such as Prism, Swap, 0x, and Iconomi, are flipped on.
    • The primary method of raising and funding an ICO is through bitcoin and ether deposits.  This has driven (mostly) retail investors to create accounts at cryptocurrency exchanges – most of which have poor track records such as Bitfinex – and acquire BTC and ETH.  This demand in turn has been a key driver in the current all-time highs seen by many cryptocurrencies including bitcoin and ether.
    • There is very little regulatory or independent oversight of any of these coin offerings.  Most of the projects attempt to shield themselves from scrutiny from securities, commodities, and money-transmission regulators by setting up a non-profit organization or foundation.  These foundations are typically registered in a couple specific countries, each of which is now home to more than a dozen non-profit organizations specifically managing ICOs.  In addition, ICO promoters will often use euphemisms such as “tokens” instead of coins, or call their fundraiser a “crowdsale” or “donation” or “contribution” that the non-profit organization will later re-distribute after the ICO is over.
    • Some of these non-profit entities sign exclusive development contracts with a for-profit entity that is run by the same people who operate the foundation.  That is to say, the foundation will hire the for-profit company to develop and advise the project that the ICO fundraiser marketed and advertised, yet often with no independent oversight.
    • Ignoring accreditation status: very few, only a handful at most, of these ICOs are done in compliance with any KYC, AML, CFT gathering and sharing requirements. This is problematic.  For instance, over $1 billion in ransomware was liquidated (largely) through cryptocurrencies last year thus it could be relatively easy for bad actors (hackers) to liquidate their bitcoin and ether holdings into ICOs and not be easily caught due to the inability to link real world identities to specific blockchain activity.

Last week Valerie Szczepanik, the head of the SEC’s distributed ledger group, made several public comments.  This included: “Whether or not you are regulated by the SEC, you still have fiduciary duties to your investor.  If you want this industry to flourish, protection of investors should be at the forefront.”

As of right now, there are just a handful of ICOs that have explicitly attempted to protect investors by providing full transparency into their organizations.  Most do not disclose the principals, directors, and insiders involved within these organizations.  Some have private offerings called a pre-sale.  A pre-sale allows participants to acquire coins at a discount (e.g., pre-sale investors might receive 2x the amount of coins that the public coin sale will have at the same price).  In addition, the participants in a pre-sale are not typically named or made public prior to the public offering of the coins; nor are the conditions by which these participants able to sell their holdings typically disclosed.

Historically companies which file paperwork in order to be listed on a public stock exchange have to submit an S-1 or its equivalent to regulators.  The S-1 is important and helpful to the rest of the market because it lays out who the insiders are, who the principals and directors are, how governance is handled, who is responsible, what the business is, what the liabilities are, etc..

In contrast, most ICOs currently have nebulous governance on purpose: because the operators do not want anyone to be held responsible in case the project is unsuccessful or the coin loses its value.  Caveat emptor is the name of the game.

Tulip euphoria

In any given month I am provided inside information about ICOs.  Complete strangers will send me pitch decks that outline their pre-sale and listing opportunities.

Yes, some exchanges are paid to list these coins, often through a percentage negotiated beforehand with the ICO operator.  And there are market makers and underwriters in the form of family offices, high net worth individuals and small hedge funds.  There is an entire ecosystem that is completely opaque and opaque on purpose because many of these participants are trying to deflect responsibility in case a coin crashes or a project is unsuccessful or because they are found in non-compliance with a variety of regulations (e.g., not declaring taxes, self-dealing, insider trading, etc.).

One project involved in building a distributed computer recently offered me about $50,000 over the course of 6 months in addition to the native coin they were pitching to the public.  All they wanted me to do: act as an advisor and promote their coin on social media.

I said no to all of them but others said yes and that project above raised a couple million in USD.

Last week I attended several events including Consensus and a different private conference held later in the week.  I gave a short presentation at one of the events and afterwards I walked to the buffet outside the room to get some food.  While gathering some grilled fish, the audio/visual operator for the event came up to me and told me: “Tim, I just put $100 into bitcoin and also ether.  How much more should I put into them?”

My presentation wasn’t even about cryptocurrency investing or about ICOs, but this illustrates the exuberance of the current time period.  There is a lot of fear of missing out yet few people are actually looking at what these ICO-funded platforms or projects are attempting to do.  How can unsophisticated, technically unsavvy people learn more about them?

Media publications?  But conflict of interest is rife.

I have mentioned this multiple times over the years: unfortunately many “coin” media sites and magazines are not helping the due diligence situation.  Most “coin” reporters, if not all of them, own cryptocurrencies and benefit directly from increased demand of the cryptocurrency, but they often do not disclose it.  In fact, many times they report on coins they own and/or that their parent company owns.  Several small buy-side analysts and their firms also have published uncritical marketing material for cryptocurrencies and some do not disclose their coin holdings or outline the major risks involved in operating these types of networks, in effect white-washing the risks of anarchic chains.

Others in privileged positions including some of the VCs that are active in this space are now also promoting ICOs but few disclose their active long or short positions.  Some of these VCs were entrepreneurs who have pivoted multiple times and this is a last ditch effort to drum up support for their sagging portfolio. 1 2

You just don’t understand the technology!

One common refrain I often hear from ICO promoters is that ICOs are a new form of technology that empowers retail investors like never before and that the traditional world of institutions and laws has no place in the new economy.  And that naysayers and critics just don’t understand the transformative power of ICOs and cryptocurrencies.

That may be true but in my case, definitely is not.

In late 2014 I worked with a company called Melotic.  Melotic is a tech startup that raised about $1.2 million in the summer of 2014 to build a digital asset exchange: a trading platform that new cryptocurrency projects could be listed on, GDAX before GDAX.  For about 9 months I spent the bulk of my time talking to dozens of cryptocurrency projects and operators to find out what unique thing their company did and why they should be listed on Melotic.  Nearly all of them were half-baked scams, and others were just impractical (Urea Coin). 3

In May 2015, Melotic announced it was closing its exchange and moving into cross-border payments where it currently operates under the brand, Kleering.

While Melotic deserves its own dedicated post, the takeaways we learned at the time were that traders (who were most of the user base) only cared about two specific things:

(1) Anonymity.  Some traders publicly complained when we implemented a set of KYC and AML policies.  They said we should snub our noses at the government and banks and provide traders the ability to exchange cryptocurrencies without complying with local or national laws surrounding identity gathering and verification.  This is an opinion that is still very prevalent as shown by similar comments on /r/bitcoinmarkets and /r/ethtrader.

(2) Pump and dump.  Day traders love volatility and cryptocurrencies often provide that volatile environment.  Because new cryptocurrencies such as an ICO are often even more illiquid and thinly traded than say bitcoin (which itself is relatively illiquid), whales and insiders without vesting and lock-up periods can quickly move the market up and down due to the large amounts of coin holdings they have.  This creates the booms and busts that many cryptocurrency traders savor.  Yet at Melotic, we were apprehensive about listing every single cryptocurrency under the sun, and tried to filter those we thought had unique utility and less volatile.  In the end we only listed about 10.  Yet empirically the most successful exchanges – as measured in volume – were those that listed every single coin that was launched.  Quantity over quality continues to persist today as exchanges compete for volume and liquidity of new coins.  This contrasts with regulated exchanges such as NASDAQ (pdf) and NYSE (pdf) which have listing requirements, including transparency into the companies principals.  Most cryptocurrency exchanges do not ask for similar requirements and in fact, some take a cut of the coins – similar to payola – in order to be listed.

Over two years ago I wrote a post that looked at around 20 different ICOs and projects that did some kind of public coin distribution.  My new paper looks at them in more detail.  What were the findings?

While we wait for that paper to be published another key takeaway is that: almost none of the projects lived up to the advertised utility or expectations that their promoters marketed to the community and investors that bought their coins.  Yet most of the cryptocurrencies, even ones that lack a real development community, are seeing all-time highs on the cryptocurrency markets.

In other words: utility is completely divorced from market value of the coins; a phenomenon that seems unlikely to change in the short term.

This is compounded by the fact that ICOs are by their nature, not designed for cash flow or optimized to be profitable.

Why is that?  Because at its core: the non-profit entities that runs them are by definition, not-for-profit.  As a result, these projects largely rely on their token holdings and the price appreciation thereof, in order to be sustainable.  Thus the incentive to focus on marketing and create buzz to further increase the price appreciation of the coin holdings.

And ignoring the informational asymmetries above, there are some other interesting wrinkles.

Earlier this week I participated on a fintech panel and during the group discussion one specific ICO was briefly mentioned, the Basic Attention Token (BAT).  Brave, the company behind the BAT, had just raised $35 million in a crowdsale (unregistered securities?).  Notable to this sale was that over $6,000 in fees to miners were included in the transactions related to the ICO.

How many transactions can you fit into an Ethereum block during high demand times?  It depends on the complexity of the contract. For the BAT, it was about 90.  90ish people were able to participate in the first block of the BAT’s ICO. Those 90 ICO seats went to whoever attached the largest transaction fees.

An unsavvy retail investor would need a lot of mempool luck if there is high demand and larger players investing millions are paying $1,000 USD fees just to increase their chance to get one of those scarce seats in the first block. This could mean that in the long run, all the “good” ICOs will be bought up by sophisticated investors aware of this limitation and only sub-par ICOs will run long enough (more than one block) to let unsophisticated retail investors in.4

Conclusions

ICO organizers often exchange coins for explicit support by outside endorsements and lobbying in their favor (e.g., advisors and influential personas are given a cut of coins). Therefore researchers, regulators, developers and potential investors looking at an ICO should look for paper trails to identify investors, users, organizers, insiders, and potential malicious actors.5  This also includes exchange operators and their principals who may learn weeks beforehand when a cryptocurrency will get listed and thus, may have material, asymmetric information they can act on.

Investors should look very hard at what the risks and recourse there is in the event of a hard fork, what happens if their assets end up on a deprecated chain?  If it is an ERC20 token, what fork will the developers consider the “legitimate” chain?  Ethereum forked multiple times last year and currently, investors of ICOs based on ERC20 have few, if any, protections or recourse in the event an ICO organizer fails to deliver its promises let alone a technical problem occurs.  For instance, what happens if the network becomes too top heavy and open to the Hold-Up Problem?  Who has legal standing or recourse?

ICOs can be done with existing technology – no blockchains are needed (just ask Beenz and Liberty Reserve) – yet because ICOs are being done on anarchic blockchains where reversibility is economically cumbersome and identification is non-existence, it can create new risks and challenges for investors.  Potential investors need to be able to answer: in case a dispute arises, how can recourse take place if key counterparties are not identifiable?

Cryptocurrencies and the coins that piggy back on their network will likely continue to exist so as long as these non-profit entities have enough coins to liquidate to pay for marketing and advertisements. And so as long as there are others willing to buy their coins (e.g., liquidity).

And while it may be too early to distinguish and separate the specific ICOs that are outright scams from poorly run companies, keep in mind that a couple dozen Pyramid schemes failing in 1997 led to massive unrest and a civil war in Albania.  We have already witnessed enormous strain and virtual fighting within the cryptocurrency community (e.g., the never ending Bitcoin block size debate and the Ethereum hard fork because of The DAO attack).  What would happen to the aggregate cryptocurrency market if the investors and insiders in a couple dozen ICO platforms (Pyramid or not) tried to liquidate their holdings onto an illiquid market?

If you’re looking for dramatic excitement (currently) without many investor protections, the ICO world may have what you’re looking for.  But if you’re looking for sustainable operations with repeat revenue and cash flow connected to mainstream utility and accountability – aka a business – then you might want to do a double-take.

See also:

Endnotes

  1. Kik, a messaging application which failed to gain traction, announced it would be issuing a cryptocurrency, but for what purpose?  Likely because it has been unable to raise new venture or institutional capital. []
  2. A number of these portfolio companies likely are on life support, propped up not by revenue but coin holdings which speculators have driven up in market value.  In short: some of these cryptocurrency-based startups are commodity or FX plays, not utility-based investments. []
  3. We also spoke with a lot of cryptocurrency exchanges to learn about their business and compliance practices, shying away from those that raised red flags around KYC and AML compliance.  One cryptocurrency exchange that is still very active today asked us to do the KYC for them as they were ideologically against gathering that information from their own customers. []
  4. Note: this is not an endorsement of BAT.  I have not participated in any ICO or cryptocurrency crowdsale. []
  5. Some ICO organizers have intentionally misled financial institutions about the nature of their business in order to get a bank account. Because ICOs typically do not comply with KYC, AML, and CFT procedures, this could lead to new fines and even banks being de-banked (correspondent banking access cut off). []
Send to Kindle

How cryptocurrencies enable ransomware and how regtech can help counter it

Imagine for a moment that Alice, a hacker, was looking at various means for receiving payment for an illicit activity she just undertook.  She has two options to do so, which would she choose?

(1)  Bob built a payment network which was identity-free; it used pseudonyms so no legal identities were required to send transactions between its participants.  And that trying to stop or prevent payments was difficult because the computers running the payment network were widely distributed and run by multiple known and unknown participants across dozens of jurisdictions that were sometimes hard to track down.  Recourse is difficult and sometimes impossible.  Cryptocurrencies such as Bitcoin, Litecoin, and Ethereum are examples of such a network.

(2) Carol built a payment network which requires all users to provide a proof-of-identity, usually by scanning and storing of government-issued IDs or utility bills.  And that stopping, preventing, or even rolling back payments was possible because the computers running the payment network were run by legally identifiable participants who were often located in easy-to-find offices.  Recourse could be cumbersome, but almost always possible.  Wire transfer methods like ACH are examples of such a network.

Alice would probably choose number one and later try use some conversion tool or exchange to move her payment into number two.  How is this done?  See the (dated) flow-of-funds chart below.

While some cryptocurrencies, like Bitcoin, were probably not designed to serve as get-away vehicles – because of key design choices that make legal recourse difficult – they are increasingly used to shuffle ill-gotten gains around.1

For example, data kidnapping – commonly referred to as ransomware – has existed in some form for more than two decades.  But the current plight surrounding ransomware, and the white washing of the role cryptocurrencies have in this plight, have gone hand in hand over the past several years.

Why?

The core characteristics of cryptocurrencies – censorship resistance and pseudonymity – are some of the main reasons why ransomware has become increasingly commonplace.  And these cryptocurrencies need liquidity.

Liquidity into-and-out of fiat has fluctuated over time, with some exchanges being debanked and sometimes rebanked, but as an aggregate it has increased overall.  Liquidity is often done through venture-backed gateways and exchanges.

As explored in my previous post, as well as others, many of these gateways and platforms have inadequate and typically non-existent KYC and AML gathering processes.  This post won’t go into the details surrounding some of the investors and promoters of these platforms, but further research could dive deeper into that industry as well as the white washing that goes on to distract investigations.

We see this empirically: attackers do not ask for fiat or credit cards because these would be easily tracked and/or transactions would be halted.  Instead, they ask to be paid in some kind of cryptocurrency because they know the likelihood of getting caught and reprimanded is significantly lower.

This past Friday, WannaCry, a ransomware package, wreaked havoc on more than 200,000 victims across all times of organizations located in over 150 countries.  This included government services including NHS in the UK and the Interior Ministry in Russia.

Source: Twitter

The first-order of victims ranged from small startups that could quickly patch and restart their computers all the way to large hospital systems that were unable to access patient records and had to turn away patients.

This then leads to the second-order of victims: patients and customers of these institutions.  According to the Associated Press, the “cyberattack hit almost 20 percent of UK’s 248 public health trusts.”

While all of the impacted organizations already should have had a formal plan to upgrade and patch these types of vulnerabilities (e.g., create regular back-ups off-site), based on several news stories, many of them did not.

Will they all learn from this lesson?  Probably not.

Either way: none of the victims have a formal means of recourse against the hacker(s) involved in WannaCry because we do not know the identities of the hackers.  Some victims have even paid the ransom of ~$300, denominated in bitcoin, to have their files unlocked.  The hacker is using multiple (4+) bitcoin addresses to receive the ransom and as of this writing, has received more than $50,0002

Last year the FBI estimated that around $1 billion was paid to unlock ransomware and cyber extortion.  Cryptocurrencies, such as Bitcoin, were usually the preferred method of payment.

Two weeks ago, James Comey, former Director of FBI spoke before the Senate Judiciary Committee and noted that:

Some of our criminal investigators face the challenge of identifying online pedophiles who hide their crimes and identities behind layers of anonymizing technologies, or drug traffickers who use virtual currencies to obscure their transactions.

For Bitcoin, there are ways to remain fairly anonymous, like using mixers, however it requires a lot more work to.  But relatively few people are investigating, so the chance of getting caught is likely low.  Newer cryptocurrencies such as Monero and Zcash are designed to be anonymous which makes them harder to track.  Monero has been spotted in the wild alongside the Kirk Ransomware as well as research from Sophos (pdf).3  And Zcash has been used by a botnet to mine more Zcash on devices such as your phone.

And then there is Tor, a software program that enables anonymous communication by passing network traffic through various relays nodes that help conceal the location of the user.  WannaCry used Tor to preserve its “anonymity by proxying their traffic through the Tor network.”

How to bring some light into the darkness?

Solutions

I reached out to Adam Young who co-created “cryptoviral extortion” (what we call ransomware today).  In his view:4

In terms of the ransomware attack, people/organizations need to do a better job at patching and removing end-of-life systems, clearly. My larger concern is that cryptoviral extortion is the only cryptovirology attack that anyone seems to be paying attention to and there are many, many others.

I also spoke to Danny Yang, CEO of Blockseer who advised everyone to, “update your software, make sure you have latest security patches – that ransomware worked because  people didn’t update their Windows since March when that particular security vulnerability was patched.”5

My recent post looking at Bitfinex and regtech was quite popular.  It was viewed several thousand times and I received a number of calls from reporters looking to investigate some of the points raised.

Some people pointed out that the behavior by Bitfinex and other cryptocurrency exchanges is one of the reasons why a few banks in emerging markets have lost correspondent banking access: that they were de-risked because of what others perceive is a high-risk customer base.

According to research by Accuity, a global financial crime compliance, payments and KYC solutions provider:

Between 2009 and 2016, correspondent banking relationships, where one financial institution provides services on behalf of another in a different location to facilitate cross-border payments, have reduced globally by 25%.

Earlier this year, the People’s Bank of China, SAFE and other government bodies in China, investigated and froze cryptocurrency withdrawals at many, if not all, the cryptocurrency exchanges operating on the mainland.

Why?  Among other reasons: inadequate KYC and AML gathering and sharing processes.

According to Caixin, a notice of administrative punishment may be released in June that details the punishment and fines of these China-based exchange operators.

In addition to freezing and de-banking, what are some other solutions as well?

Companies such as Blockseer and Chainalysis provide tools for law enforcement, regulators, entrepreneurs and compliance teams to trace and track the flow-of-funds on cryptocurrency networks. I have written about them numerous times.

Angel List is tracking 96 startups involved in providing compliance-related software for SMB, hospitals, cloud providers, social media platforms and a handful of other verticals.  It also has job listings for 11 regulatory compliance startups.  There is an additional 2,878 startups listed under the broader category of big data analytics, some of whom who are also working in the regtech space.

While technology can help play a role in identifying participants on these types of networks (blockchains and distributed ledgers), it is also worth exploring the proposed strawman for setting up a Kimberley Process for cryptocurrencies.  Identity systems are critical to all property rights and financial networks.  Creating applications around data lineage, data provenance, KYC management, and standardized digital identities will help provide transparency into all markets.

If you’re interested in learning more about these tools and mechanisms, feel free to reach out or leave a comment below.

Endnotes

  1. In the original white paper, Nakamoto explained ways to route around trusted third parties, such as governments. []
  2. If you’re interested in learning more about how malware researchers identified and stopped it, Malware Tech has a detailed story as well as one from Brian Krebs. []
  3. AlphaBay, the largest darknet market by volume, announced that it was accepting Monero as a form of payment in August 2016. []
  4. Private correspondence, May 14, 2017.  Published with his permission. []
  5. Private conversation reused with permission.  May 13, 2017 []
Send to Kindle

How newer regtech could be used to help audit cryptocurrency organizations

[Note: I neither own nor have any trading position on any cryptocurrency.  The views expressed below are solely my own and do not necessarily represent the views of my employer or any organization I advise.]

About two years ago I gave a speech discussing the challenges cryptocurrency-related companies have had in creating reliable internal financial controls.  How over the span of a few short years the cryptocurrency startup landscape (un)intentionally reinvented the same type of intermediaries, custodians, and depository-like structures that the original creator(s) of Bitcoin wanted to route around but… setup without the oversight, assurances, and accountability you would find required in the traditional brick-and-mortar world.

The lack of financial controls and subsequent pitfalls is easily identifiable in the irrational exuberance of the get-rich-quick “initial coin offering” (ICO) world.  I’ll save my ICO post for later, but there is one story that is a bit more concrete and easier to understand and involves a company called Bitfinex.

Bitfinex, as measured in terms liquidity and volume, is considered the top global cryptocurrency exchange.  It is nominally headquartered in Hong Kong, has (had) bank accounts in Taiwan, servers in Europe (Italy?), operations in San Francisco and a staff around 30 altogether.

Source: RobotFinance

Above is a speculative corporate structure created back in September 2016 by an internet user by the name of RobotFinance.  He created it “based on the last annual return of Renrenbee Limited and statements made in the pitch forum.”  Unless you are registered as a user with BnkToTheFuture, you cannot view the pitch deck but an alleged copy of the Bitfinex deck can be found here and a discussion of it here.1  These leaked allegedly legitimate documents also suggest that Bitfinex did an equity swap at a $200 million valuation which was based on their financial growth and targets before they lost roughly $65 million in customer assets due to a hack that will be described below.

This post is not intended to single out Bitfinex as there are any number of other exchanges and wallet providers that could be looked at as well.  Nor is it intended to dive into all of the subsidiaries or even the entire history of the parent company or the cryptocurrency platform.  Rather it serves an illustration as to how new technology and financial controls could help increase visibility and transparency for all stakeholders involved thereby reducing the risks for users and retail investors (among others).

Quick history

Last November I published an internal paper that may be released later this year which explored the proposed Winkleovss COIN ETF.  In it, I highlighted a detailed history of various cryptocurrency exchange platforms and their colorful pasts, some more sordid than others.

Rather than rehash all of those stories, below are a few details specifically related to Bitfinex:

  • In May 2015 Bitfinex was hacked and lost around 1,400 bitcoins (then worth around $350,000).  In August 2016, Bitfinex was hacked again and lost roughly 120,000 bitcoins (at the time worth around $65 million).2  In the first hack, Bitfinex basically ate the losses themselves.3
  • Following the second hack, Bitfinex announced a way to compensate its customers.  Why did it need to compensate the customers?  Because, following the second hack, it socialized the losses, seizing the remaining customer assets and gave nearly all of them a 36% haircut.4 In exchange for giving everyone a haircut, Bitfinex then self-issued two different “tokens” called BFX and then later RRT. These two tokens (or IOUs) effectively enabled Bitfinex to monetize their debt/losses.
  • According to their announcements, over 20 million BFX tokens were issued and exchanged for iFinex shares and then distributed to all affected users.  As a result, Bitfinex basically conducted, from the perspective of a user, a non-voluntary ICO where participation was mandatory, as the BFX token was directly linked to equity of the parent company and users/customers could (later) trade BFX on the Bitfinex exchange.5 In addition, according to a post last summer from their head of communications, “two out of the top ten BFX token-holders are in our management team.”  It is never revealed who these parties are or how they were made whole (or not).  Furthemore, “certain verified, non-U.S. Bitfinex users to convert tokens to equity through a new BFX Trust.”  They set up a dedicated BFX Trust site but did not include the verification requirements for non-accredited BFX holders.  Nor is there public information about who all of the Principals are and the holdings they have.6
  • RRT, the acronym for Recovery Rights Tokens, are opt-in coins issued, “to compensate victims of the security breach and, thereafter, to offer a priority to early BFX token conversions.”  It is unclear how many of these coins were issued or how many were redeemed.
  • To this day, the Bitfinex still has not disclosed exactly how they got hacked and last year even published an open letter to try and negotiate with the hacker; asking to return the funds as part of an ex post facto “bug bounty.”  It is believed that the hacker bypassed the transaction limits set in place by the BitGo multi-sig wallet but that is a story for another post.7
  • Prior to this hack, on June 2, 2016, the Commodity Futures Trading Commission announced that it had fined and settled with Bitfinex for offering regulated products without having properly registered to do so.  This is important because several vocal Bitcoin proponents have distorted the actual historical events.  According to the communications director of Bitfinex last year, “Bitfinex migrated to the BitGo setup before any discussion or anything with the CFTC happened.”8  In other words, this hack was not caused by the CFTC.
  • On April 3, 2017 Bitfinex announced that it was completing the redemption of all BFX tokens and they would all be subsequently destroyed.

How did Bitfinex manage to pay off tens of millions of dollars of self-issued debt in a span of less than 8 months?

Three explanations given by Bitfinex include:

  • Because Bitfinex is a popular trading venue and lists a number of other cryptocurrencies including Ether (both ETH and ETC), it generated enough cash-flow in the form of transaction fees to carve off some of the losses.9
  • Outside investors, through BnkToTheFuture, exchanged fresh capital in exchange for BFX tokens and equity.
  • Bitfinex had a reduction in their contingent liability reserves.10

Another more recent speculative theory explores the connection between BFX redemptions and a cryptocurrency called “Tether.”

Source: Bitfinexed

What is Tether?

Its exact relationship status is complicated. Depending on who you talk to that is affiliated or was affiliated with Bitfinex, Tether Limited is a partially, or fully, or not-at-all owned subsidiary of Bitfinex.  Tether was announced in July 2014 and was originally called “Realcoin.”11

And one of the continual challenges in trying to follow this saga is that Bitfinex representatives, co-founders, and investors often post key comments in disparate social media channels across reddit, Twitter, Youtube, WeChat, TeamSpeak, Telegram, and others.  For instance, there are several different reddit threads discussing the Tether terms of service involving a co-founder and another one with the general counsel, but this material is not centralized in a way for users to easily follow it all.

Source: FinCEN MSB Registrant Search

Tether Limited is also a regulated money service business and has applied to operate in nearly every US state and territory (see above).

What are tethers?

According to the official terms of service:

Based on the information above, tethers are not money or currency and may not necessarily be redeemable for money.

In practice a “tether” is intended to be a type of “stablecoin.”

What is a stablecoin you ask?

Because cryptocurrencies lack any native ability to rebalance or readjust themselves relative to a pricing index, their continual volatility (as measured by purchasing power) causes headaches and risks to users, including those moving money across borders.  That is to say, in the time span it may take to satisfactorily confirm 1 bitcoin being transferred from your wallet to a merchant overseas, the market price may have moved a percent or two or three.12

What if there was some way to lock-in a set price and not be exposed to these constant swings in price?  Some merchant processors like BitPay and cryptocurrency OTC trading desks do quote and lock-in prices over a period of minutes, but these are not usually targeting the cross-border payment and remittance market.13

Another proposed solution, albeit one that involves similar counterparty risk, is a stablecoin which is a pegged value guaranteed or at least marketed as being pegged on par to a specific exchange rate.  The risk in this case is that the exchange operator might not fulfill his or her end of the deal (e.g., abscond with the funds).

There have been several theoretical approaches to creating a native stablecoin and a few efforts to actually implement them in the wild. Last year JP Koning chronicled the fate of one of them called NuBits.  On reflection: at some point they all fail, their peg ends up failing for one reason or another.14

And tether is no exception.

Tether is not so tethered

Originally 1 unit of tether was supposed to be equivalent to $1 USD.  At the time of this writing it has fallen to $0.93.

Why?

While Bitfinex has made a few public statements about “pausing” wire transfers, there has been no major public statement explaining the precise nature of the drop in tether price.  So a small army of internet users have pieced together a probable theory and it comes back to how Bitfinex operates.

Earlier this month, a lawsuit revealed that Bitfinex had sued WellsFargo – who had refused to process their wires and returned the USD-denominated funds – a bank that is integral to its correspondent banking relationships.  About a week later Bitfinex withdrew its lawsuit but not before people poured through the documents.

In summary we learned that Tether (which is named in the court documents) is a mechanism for enabling cross-border money flows; although we cannot say what the exact purpose was for these money flows is (e.g., pay for college tuition? buying a home? paying for a large order of buttery popcorn?).

Over a span of a few months, tens of millions of USD had been wired through WellsFargo into and out of four different banks in Taiwan which Bitfinex, Tether Limited, and other affiliated subsidiaries had commercial bank accounts with.  At some point this past March or perhaps earlier, someone on the compliance side of WellsFargo noticed this large flow of USD and for one reason or other (e.g., fell within the guidelines of a “suspicious activity report“?), placed a hold on the funds.

In early April Bitfinex’s parent company, as noted above, filed a lawsuit for WellsFargo to release these funds.  But about a week later retracted its suit.

According to a recent post from Mark Karpeles, the CEO who helmed Mt. Gox prior to its infamous bankruptcy, these actions set in motion a type of Streisand Effect: the lawsuit became newsworthy on mainstream media sites and consequently other banks — and compliance personnel at other banks — learned about the cryptocurrency exchange called Bitfinex and might (have) become wary of doing business with them.

We can only speculate as to all of what happened next, but we do know for certain that the bank accounts Bitfinex and Tether used in Taiwan were either fully terminated and/or unable to withdraw USD from late March until at least the time of this writing.

This is not the first time Bitfinex has been “debanked” before.  Phil Potter, the CFO of Bitfinex, recently gave an interview and explained that whenever they have lost accounts in the past, they would do a number of things to get re-banked.

In his words: “We’ve had banking hiccups in the past, we’ve just always been able to route around it or deal with it, open up new accounts, or what have you… shift to a new corporate entity, lots of cat and mouse tricks that everyone in Bitcoin industry has to avail themselves of.”

But this story isn’t about debanking cryptocurrency companies, a topic which could include the likes of Coinbase (which has been debanked multiple times as well).

Because there is currently no USD exit for Bitfinex users, a price discrepancy has noticeably grown between it and its peers.  The spread between exchanges is typically a good indication of how difficult it is to move into and out of fiat in a country as there are boutique firms that spend all day and night trying to arbitrage that difference.

In the case of Bitfinex, the BTC/USD pair now trades at about $50 to $75 higher than other exchanges such as Bitstamp.  This ties back into the challenges Mt. Gox users had in early 2014, as the ability to withdraw into fiat disappeared, the market price of bitcoins on Mt. Gox traded at a dramatically different level than other cryptocurrency exchanges.

That is not to say that what is happening at Bitfinex is the same thing that happened at Mt. Gox.15  However, there have not been many publicly released audits of most major exchanges in the wake of Mt. Gox’s bankruptcy three years ago.16  Noteably, BTC-e publicly stated it would begin publicly publishing accounting statements certified by external auditors.  It and its peers have not.

More questions than answers

About nine months has passed since the largest (as measured by USD) single successful attack took place on a cryptocurrency platform.17 Yet there are still many lingering questions.

For instance, on August 17, 2016, Bitfinex announced that they had hired Ledger Labs who, “is undertaking an analysis of our systems to determine exactly how the security breach occurred and to make our system’s design better going forward.”

According to one post, Michael Perklin was the Head of Security and Investigative Services at Ledger Labs and part of the team leading this investigation.  However in January 2017 a press release announced that Perklin was joining ShapeShift as the Chief Information Security Officer; his profile no longer exists at Ledger Labs. 18

Thus the question, what happened to the promise of a public audit?

Other questions that remain: as noted above, two of the ten biggest initial debt token (BFX) holders were employees.

Why did Bitfinex redeem the BFX tokens after they knew USD withdrawals were shut down?19  How many insiders such as investors and employees owned that last batch of redemptions?  What was the benefit of redeeming that last batch when they knew they were losing international wire capabilities?

It appears after the hack that Bitfinex shifted assets from the Bitinex side of the books to the customer side. Who owned the bulk of both tokens, and what protection are these virtual assets given by not being on the company books?  Or are they still on the books?

In terms of them redeeming after the withdrawals were ended, the original lawsuit documents lay out that as of March 31st, Bitfinex were actively emailing WellsFargo about the shutdown. The final BFX redemption was done a couple of days later and the lawsuit was filed shortly afterwards. It was roughly week later that Bitfinex informed the public about this international wire issue.  And Tether did not formally announce the issues until a few days ago.

Perhaps it is just miscommunication and only a matter of time before these questions are answered.

Going forward

Nearly two months ago, the SEC rejected a rule change for the COIN ETF to be listed on the BATS exchange.  Last week, the SEC said it would review that ruling.

Among other comments, the original 38 page ruling (pdf) gave a number of reasons why the Gemini-listed Winklevoss COIN ETF was being rejected. In the Commission’s words:

First, the exchange must have surveillance-sharing agreements with significant markets for trading the underlying commodity or derivatives on that commodity. And second, those markets must be regulated.

Later the Commission also writes that:

The Commission, however, does not believe that the record supports a finding that the Gemini Exchange is a “regulated market” comparable to a national securities exchange or to the futures exchanges that are associated with the underlying assets of the commodity – trust ETPs approved to date.

While the Gemini exchange is regulated in New York through a Trust charter, the vast majority of cryptocurrency exchanges and trading venues whose funds flow into and out of Gemini, are not.20

It is unclear what will happen to Tether holders, if they will ever be made whole.  Or what will happen to Bitfinex and future bank accounts.  Or if the COIN ETF and other similar cryptocurrency-denominated ETF’s will be green-lit by securities regulators.  Maybe these are all bumps in the road.

What we are a little more certain about:

(1) The Bitfinex hackers are still at large and no public post-mortem has been done to explain how it happened and what will be done to prevent future attacks.

(2) The unilateral self-issuance of the BFX “cryptoequity” was not done in a fully transparent manner as some customers had bigger haircuts than others nor is it clear if the extinguishing of these BFX coins was done through the use of tethers.

(3) That the tether “stablecoin” is not inherently stable and depends on fiat liquidity via the international correspondent banking network which raises the question of how to stabilize tether in the event that Tether Limited loses its bank accounts again.21

(4) That marketplaces such as Bitfinex — despite a general lack of transparency (where is the “About” page with executive bios?) — are still used as part of the weighting mechanisms in ETFs, including at one stage the Winkdex (which has since been deprecated) as well as the current Tradeblock XBX index used in a couple other proposed ETFs.

Solutions

As mentioned at the beginning of the post, the current trend over the past four years is that as Bitcoin intermediaries continue to operate as intermediaries and trusted third parties they increase their chances of regulatory scrutiny and oversight.

This empirical fact versus the original theoretical cypherpunk vision is arguably a type of cognitive dissonance.  As Section 1 of the Nakamoto whitepaper explained:

Commerce on the Internet has come to rely almost exclusively on financial institutions serving as trusted third parties to process electronic payments. While the system works well enough for most transactions, it still suffers from the inherent weaknesses of the trust based model. Completely non-reversible transactions are not really possible, since financial institutions cannot avoid mediating disputes. The cost of mediation increases transaction costs, limiting the minimum practical transaction size and cutting off the possibility for small casual transactions, and there is a broader cost in the loss of ability to make non-reversible payments for non-reversible services.

The Bitfinex hack that occurred in August 2016 created measurable amounts of new transactions costs that ended up being mediated through a wide array of social media channels; non-reversibility does not appear to have helped reduce these costs.  For all of the “backed-by-maths” and “epistemological” talk about routing around trusted third parties, Bitfinex and its peers, still play a key role in providing continuous fiat <–> cryptocurrency liquidity to the marketplace.  And as illustrated with the lawsuit above, by in large, these exchange platforms heavily depend on banking access moreso now than at any other time before.

Last summer I proposed a Kimberley Process for Cryptocurrencies: in which market participants met with various regulatory stakeholders to iron out how to stop predators, remove encumbrances, and create best-practices for financial controls in this nascent space.

As more cryptocurrency platforms attempt to comply with a variety of regulations including the surveillance collection and sharing requirements (e.g., KYC and AML), this will likely increase the demand for the tools found in the growing field of “regtech.”

For example, if Alice can cryptographically prove the chain-of-custody from her customer to her customers customer, then she may be able to comply with the banks surveillance requirements and maintain her bank accounts — and international wiring access — as she grows her remittance platform.

There is a set of technology under development and in early pilots that enables  authentication, provenance tracking, and document management and much of it involves digital signatures, standardized/mutualized KYC processes, and permissioned distributed ledgers.  Documentation management, in this case, goes beyond just hashing and timestamping documents to include automatically updating legal agreements and contracts over their entire lifecycle.

Some of it also involves sophisticated data analytic tools created by startups such as Blockseer and Chainalysis.  Universities such as UCL are automating regulatory processes.  And on the enterprise side, there are companies that have built a shared KYC registry and other identity-related tools for highly regulated financial institutions to comply with a battery of reporting requirements.22

Whether these will be adopted by the cryptocurrency community is another matter, but these tools will soon exist in full production mode and could help provide better visibility, auditability, and transparency for investors, users, entrepreneurs, law enforcement, compliance teams, and regulators around the world.

If you’re interested in learning more about these mechanisms, feel free to reach out or leave a comment below.

Endnotes

  1. During an interview on April 3, 2017, Phil Potter mentioned that Bitfinex has 25 shareholders and BnkToTheFuture SPV.  The same interview someone says that there are 450 shareholders of their equity but it is unclear if that is through the BFX token. []
  2. Approximately 1,061 of these coins were moved in March 2017. []
  3. Bitfinex, like all other cryptocurrency exchanges, has experienced significant price crashes in 2014, 2015, and again in 2016 — often as the consequence of a hack. []
  4. There were exceptions. Some users reported smaller haircuts as they were customers of SynapsePay.  Another user claims to have retained a lawyer and he did not have any haircut.  In an interview on April 3, 2017, Phil Potter mentions that they had received some “demand” letters from customers but Bitfinex was able to “quell” those.  See also: You’ve Been ButtFinessed from BitMEX []
  5. BFX was not initially tradeable. []
  6. One staff member is publicly listed, Alistair Milne, but no information is given as to how much BFX, RRT, and company equity he or other staff of BFX Trust may own. []
  7. You’ve Been ButtFinessed from BitMEX []
  8. Group correspondence, August 3, 2016 []
  9. In an interview on April 3, 2017 Phil Potter mentions that the past month they generated $3.5 million (net) from trading volumes and that there are 175 million shares outstanding. []
  10. In an interview on April 3, 2017, Phil Potter mentions that they used the “vast majority” of these reserves. []
  11. The CTO of Realcoin, Craig Sellers, is also the current CTO of Bitfinex.  Sellers is currently a team member of the Omni Foundation.  The general counsel of Tether and Bitfinex are the same individual, Stuart Hoegner.  Brock Pierce is the co-founder of Realcoin. The underlying technology for Realcoin/Tether is Mastercoin, a platform managed by the Mastercoin Foundation (now called the Omni Foundation).  Pierce was one of the founding members of the Mastercoin Foundation before resigning in July 2014. []
  12. Depending on the transaction fee sent to a mining pool, the suggested “safe” confirmation intervals are 3-6 blocks which on average takes 30-60 minutes to build on and propagate across the network. []
  13. There are some remittance companies that utilize Bitcoin as a payment rail; they often try to lock-in a specific value amount during a time-boxed time period but it varies depending on local conditions and business models. []
  14. BitUSD is the sole survivor right now, although it has relatively very little volume. []
  15. The missing Mt. Gox bitcoins from WizSec []
  16. During an April 3, 2017 interview Phil Potter mentions that in order to get an auditor to look at their books, it would be easier to do if they first got rid of the BFX token. []
  17. The DAO was a DAO, not an exchange. []
  18. There are several other interconnected relationships: according to a prior funding announcement, Bitfinex is an investor in ShapeShift.  Similarly, at least one principal in Bitcoin Capital, which has invested in ShapeShift, is also an executive at BnkToTheFuture, which led the recapitalization of Bitfinex following its August 2016 hack. []
  19. During an interview on April 12, 2017, Phil Potter mentioned that when trying to acquire a new banking partnership, the BFX debt tokens were a problem for them, so Bitfinex redeemed them. []
  20. A few others have obtained a BitLicense, but on the whole, most cryptocurrency exchange platforms do not attempt to comply with the strict requirements found in either the BitLicense or Trust charter in New York, let alone at a national level. []
  21. Based on the current terms of of service, according to the Tether Limited general counsel, tethers may not be readable for a variety of reasons. []
  22. This is not to say these new tools are a panacea or silver bullet for detecting all types of money laundering or preventing fraud or stopping identity fraud.  A standardized KYC framework and digital signature-based toolset can help mitigate some of these issues. []
Send to Kindle

Activities for the first few months of 2017

NYU School of Business

There are a number of internal papers we published over the past several months that the R3 research team and I helped manage and edit.

This includes:

In addition, below are the various public / external activities and interactions I was involved with the past several months.

Events, panels, and presentations:

Interviews and quotes:

Citation:
Send to Kindle

Intranets and the Internet

It is early into 2017 and at fintech events we can still hear a variety of analogies used to describe what blockchains and distributed ledger technology (DLT) are and are not.

One of the more helpful ones is from Peter Shiau (formerly of Blockstack.io) who used an automobile analogy involving the Model T to describe magic internet chains:1

The Ford Motor Company is well known for its production engineering innovation that gave us the Model T. To this day, the Ford Model T is one of the best selling automobiles of all-time thanks to the sheer number produced and affordability for American middle class families.  And while it was remarkable that Ford was able to sell so many cars, it is well understood Ford’s true innovation was not the Model T but in fact the modern assembly line.

It was this breakthrough that enabled Ford to build a new car every 93 minutes, far more quickly than any of its competitors. Not unlike the Model T, cryptocurrencies like Bitcaoin, are every bit the product of a similar innovative process breakthrough that today we call a “blockchain.”

Carrying the analogy a little further, what is even more powerful about this modern equivalent of the assembly line is that it is not just useful for building cars but also vans and trucks and boats and planes. In just the same way, a blockchain is not just useful for creating a cryptocurrency, but can be applied to a many different processes that multiple parties might rely on to reach agreement on the truth about something.

Less helpful, but all the same plentiful, are the many red herrings and false equivalences that conferences attendees are subjected to.

Arguably, the least accurate analogy is that public blockchains can be understood as being “like the internet” while private blockchains “are like intranets”.

Why is this one so wrong and worthy of comment?

Because it is exactly backwards.

For example, if you want to use a cryptocurrency like Bitcoin, you have to use bitcoin; and if you want to use Ethereum, you have to use ether.  They are not interoperable.  You have to use their proprietary token in order play in their walled garden.

As described in detail below, the internet is actually a bunch of private networks of internet service providers (ISPs) that have legal agreements with the end users, cooperate through “peering” agreements with other ISPs, and communicate via a common, standardized routing protocols such as BGP which publishes autonomous system numbers (ASNs).

In this respect, what is commonly called “the Internet” is closer to interoperable private, distributed ledger networks sharing a common or interoperable communication technology than anarchic, public cryptocurrency blockchain networks, which behave more like independent isolated networks.

Or in short: by design, cryptocurrencies are intranet islands whereas permissioned distributed ledgers — with interoperability hooks (“peering” agreements) — are more like the internet.2

Sidebar

Let’s do a short hands-on activity to see why the original analogy used at fintech conferences is a false equivalence with implications for how we need to frame the conversation and manage expectations in order to integrate DLT in to our reference and business architecture.

If you are using a Windows-based PC, open up a Command window.  If you’re using a Mac or Android device, go to a store and buy a Windows-based PC.

Once you have your Command window open, type in a very simple command:

tracert: www.google.com

Wait a few seconds and count the hops as your signal traces the route through various network switches and servers until you finally land on your destination.  From my abode in the SF area, it took 10 hops to land at Google and 7 hops to land at Microsoft.

If you did this exercise in most developed countries, then the switches and servers your signal zigged and zagged through were largely comprised of privately owned and operated networks called ISPs.  That is to say, what is generally described as “the internet” is just a bunch of privately run networks connected to one another via several types of agreements such as: transit agreements, peering agreements, and interconnect agreements.

By far the most widely used agreement is still done via the proverbial “handshake.”  In fact, according to a 2012 OECD report, 99.5% of internet traffic agreements are done via handshakes.  There is also depeering, but more on that later.

What do all these agreements look like in practice?

According to the 2016 Survey of Internet Carrier Interconnection Agreements (pdf):

The Internet, or network of networks, consists of 7,557 Internet Service Provider (ISP) or carrier networks, which are interconnected in a sparse mesh. Each of the interconnecting links takes one of two forms: transit or peering. Transit agreements are commercial contracts in which, typically, a customer pays a service provider for access to the Internet; these agreements are most prevalent at the edges of the Internet, where the topology consists primarily of singly connected “leaf” networks that are principally concerned with the delivery of their own traffic. Transit agreements have been widely studied and are not the subject of this report. Peering agreements – the value-creation engine of the Internet – are the carrier interconnection agreements that allow carriers to exchange traffic bound for one another’s customers; they are most common in the core of the Internet, where the topology consists of densely interconnected networks that are principally concerned with the carriage of traffic on behalf of the networks which are their customers.

Colloquially it is a lot easier to say “I want to use the Internet” instead of saying “I want to connect with 7,557 ISPs interconnected in a sparse mesh.”

Back to topology, each ISP is able to pass along traffic that originated from other networks, even if these external networks and the traffic therein originate from foreign countries, because the physical systems can speak to one another via standardized transport protocols like TCP and UDP and route via BGP.3 4

Thus there is no such thing as a physical “internet rail,” only an amalgam of privately and publicly owned networks stitched together.

And each year there is inevitably tension between one more ISP and consequently depeering takes place.  A research paper published in 2014 identified 26 such depeering examples and noted that while depeering exists:

Agreements are very quite affair and are not documented for, they are mostly handshake agreements where parties mutually agree  without  any  on  record  documentation.  This  argument is supported by the fact that 141,512 Internet Interconnection Agreements out of 142,210 Internet Agreements examined till March 2011 were Handshake Agreements.

This is the main reason you do not hear of disputes and disagreements between ISPs, this also dovetails into the “net neutrality” topic which is beyond the scope of this post.

Intranets

Just as the internet is an imperfect analogy for blockchains and DLT in general, so is its offspring the “intranet” is a poor analogy for a permissioned blockchains.  As noted above, the internet is a cluster of several thousand ISPs that typically build business models off of a variety of service plans in both the consumer and corporate environments.

Some of these server plans target corporate environments and also includes building and maintaining “private” intranets.

What is an intranet?

An intranet is a private network accessible only to an organization’s staff. Generally a wide range of information and services from the organization’s internal IT systems are available that would not be available to the public from the Internet. (Source)

And while more and more companies migrate some portion of their operations and work flows onto public and private “clouds,” intranets are expected to be maintained given their continued utility.  From an infrastructure standpoint, notwithstanding that an intranet could be maintained one or more more servers through Software Defined Networks (SDNs), it is still a subset of a mash up of ISPs and mesh networks.

What does this have to do with magic internet chains?

A private blockchain or private distributed ledger, is a nebulous term which typically means that the validation process for transactions is maintained by known, identified participants, not pseudonymous participants.  Depending on the architecture, it can also achieve the level of privacy that is associated with an intranet while staying clear of the hazards associated with preserving true pseudonymity.

Why is the “intranet” analogy so misleading and harmful?

For multiple reasons.

For starters, it is not really valid to make a sweeping generalization of all identity-based blockchains and distributed ledgers, as each is architected around specific use-cases and requirements.  For instance, some vendors insist on installing on-premise nodes behind the firewall of an enterprise.  Some vendors setup and run a centralized blockchain, from one or two nodes, for an enterprise. Some others tap into existing operational practices such as utilizing VPN connections.  And others spin up nodes on public clouds in data centers which are then operated by the enterprise.

There are likely more configurations, but as noted above: from a topological perspective in some cases these private blockchains and distributed ledgers operate within an intranet, or on an ISP, or even as an extranet.

Fundamentally the biggest difference between using an ISP (“the internet”) and using an intranet is about accessibility, who has access rights.  And this is where identity comes into play: most ISPs require the account holder to provide identification materials for what is effectively KYC compliance.

Thus while you may be visit a coffee shop like Starbucks who provides “free” access, Starbucks itself is an identified account holder with an ISP and the ISP could remove Starbucks access for violating its terms of service.  Similarly, most coffee shops, airports, schools, etc. require users to accept a terms of service acknowledging that their access can be revoked for violating it.

Source: FireFox 51.0.1

In short, both the internet and intranet are in effect part of identity and permission-based networks.  There is no such thing as an identity-less internet, only tools to mask the users identity (e.g., Tor, Peerblock, Whisper).  In the same way that, “private” intranets are a fallacy.

Anarchic chains, which were designed to operate cryptocurrencies like Bitcoin, attempt to create an identity-less network on top of an identifiable network, hence the reason people involved in illicit activities can sometimes be caught.

Identity

Interestingly, where the internet analogy does hold up is in how public, anarchic blockchains are no less challenged by the effort and complexity of truly masking identity. I mentioned this in a footnote in the previous post, but it deserves being highlighted once more. Anarchic blockchains inspired by cryptocurrencies such as Bitcoin, used blocks because Satoshi wanted identity-free consensus (e.g., pseudonymity).  That implies miners can come and go at will, without any kind of registration, which eliminated the choice of using any existing consensus algorithm.

As a result, Satoshi’s solution was proof-of-work (PoW).  However, PoW is susceptible to collisions (e.g., orphan blocks).  When a collision occurs you have to wait longer to obtain the same level of work done on a transaction. Thus you want to minimize them, which resulted in finding a PoW on average every ten minutes.  This means that in a network with one minute propagation delays, not unlikely in a very large network (BGP sees such propagation times) then you waste ~10% of total work done, which was considered an acceptable loss rate in 2008 when Satoshi was designing and tweaking the parameters of the system.

Distributed ledgers such as Corda, use a different design and exist precisely as an identified network, where members cannot just come and go at will, and do have to register. With Corda, the team also assumes relatively low propagation times between members of a notary cluster.  One of the key differences between mere PoW (i.e. hashcash) and a blockchain is that in the latter, each block references the prior – thus PoWs aggregate.  It can be tough to do that unless all transactions are visible to everyone and there is a single agreed upon blockchain but if you do not, you will not get enough PoW to yield any meaningful security

When fintech panels talk about the notion of “open” or “closed” networks, this is really a red herring because what is being ignored is how identity and permission work and are maintained on different types of networks.

From the standpoint of miner validation, in practice cryptocurrencies like Bitcoin are effectively permission-based: the only entity that validates a transaction is effectively 1 in 20 semi-static pools each day.  And the miners/hashers within those pools almost never individually generate the appropriate/winning hash towards finding a block.  Each miner generates trillions of invalid hashes each week and are rewarded with shares of a reward as the reward comes in.

And if you want to change something or possibly insert a transaction, you need hashrate to do so.  Not just anyone running a validating node can effect change.

More to the point, nearly all of these pools and many of the largest miners have self-doxxed themselves.  They have linked their real world identities to a pseudonymous network whose goals were to mask identities via a purposefully expensive PoW process.  As a result, their energy and telecommunication access can be revoked by ISPs, energy companies, and governments.  Therefore calling anarchic or public blockchains “open” is more of a marketing gimmick than anything else at this stage.

Clarity

AOL and CompuServe were early, successful ISPs; not intranets.5  Conflating these terms makes it confusing for users to understand the core technology and identify the best fit use-cases. 6

Alongside the evolution of both the “cloud” and ISP markets, it will be very interesting to watch the evolution of “sovereign” networks and how they seek to address the issue of identity.

Why?

Because of national and supranational laws like General Data Protection Regulation (GDPR) that impacts all network users irrespective of origin.

For instance, Marley Gray (Principal Program Manager Blockchain at Microsoft) recently explained in an interview (above) how in order to comply with various data regulations (data custody and sovereignty), Microsoft acquired fiber links that do not interact with the “public” internet.  That is to say, by moving data through physically segregated “dark” networks, Microsoft can comply with requirements of its regulated customers.

And that is what is missing from most fintech panels on this topic: at the end of the day who is the customer and end-user.

If it is cypherpunks and anarchists, then anarchic chains are built around their need for pseudonymous interactions.  If it is regulated enterprises, then identity-based systems are built around the need for SLAs and so forth.  The two worlds will continue to co-exist, but each network has different utility and comparative advantage.

Acknowledgements: I would like to thank Mike Hearn, Stephen Lane-Smith, Antony Lewis, Marcus Lim, Grant McDaniel, Emily Rutland, Kevin Rutter, and Peter Shiau for their constructive feedback. This was originally sent to R3 members on March 31, 2017.

Endnotes

  1. His analogy is reused with permission. []
  2. From a network perspective, some of the integration and interop challenges facing DLT platforms could be similar to the harried IPv4 vs IPv6 coexistence over the past decade.  Who runs the validating nodes, the bridges — the links between the chains and ledgers — still has to be sorted out.  One reviewer noted that: If you equate IPv4 (TCP/UDP/ICMP) to DLTv4 where BGPv4 enables IPv4 networks to interact, we need an equivalent for BPGv4, say DLTGPv4 (DLT Gateway Protocol) for DLTv4 fabrics (ISPv4s) to interact and the same thing for IPv6 and DLTv6 where DLTv6 is a different DLT technology than DLTv4.  So the basic challenge here is solving integration of like DLT networks. []
  3. Venture capitalists such as Marc Andreessen and Fred Wilson have stated at times that they would have supported or invested in something akin to TCPIPcoins or BGPcoins.  That is to say, in retrospect the missing element from the “internet stack” is a cryptocurrency.  This is arguably flawed on many levels and if attempted, would likely have stagnated the growth and adoption of the internet, see page 18-19. []
  4. One reviewer noted that: Because of the IPv4 address restrictions (address space has been allocated – relying on auctions etc for organizations to acquire IPv4 addresses), some sites now only have an IPv6 address.  Most devices today are dual stack (support IPv4 and IPv6), but many ISPs and older devices still only support IPv4 creating issues for individuals to access IPv6 resulting in the development of various approaches for IPv4 to IPv6 (e.g. GW46 – my generic label).  I think, the question with DLTGW46 is whether to go dual stack or facilitate transformation between v4 and v6. []
  5. A reviewer who previously worked at AOL in the mid ’90s noted that: “In its early days, AOL was effectively a walled garden.  For example, it had its own proprietary markup language called RAINMAN for displaying content. And access to the internet was carefully managed at first because AOL wanted its members to stay inside where content was curated and cultural norms relatively safer — and also desirable for obvious business reasons.” []
  6. One reviewer commented: “In my opinion, the “internet” cannot be created by a single party. It is an emergent entity that is the product of multiple ISPs that agree to peer – thus the World Wide Web. DLT-based and blockchain-based services first need to develop into their own robust ecosystems to serve their own members. Eventually, these ecosystems will want to connect because the value of assets and processes in multiple ecosystems will increase when combined.” []
Send to Kindle

A brief history of R3 – the Distributed Ledger Group

What’s in a name?

I was at an event last week and someone pulled me aside asked: why do you guys at R3 typically stress the phrase “distributed ledger” instead of “blockchain”?

The short answer is that they are not the same thing.

In simplest terms: a blockchain involves stringing together a chain of containers called blocks, which bundle transactions together like batch processing, whereas a distributed ledger, like Corda, does not and instead validates each transaction (or agreement) individually.1

The longer answer involves telling the backstory of what the R3 consortium is in order to highlight the emphasis behind the term “distributed ledger.”

Inspired by IMF report, page 8

Genesis

R3 (formerly R3 CEV) started out as a family office in 2014.2 The “3” stood for the number of co-founders: David Rutter (CEO), Todd McDonald (COO), and Jesse Edwards (CFO). The “R” is the first initial of the CEO’s last name.  Very creative!

During the first year of its existence, R3 primarily looked at early stage startups in the fintech space.  The “CEV” was an acronym: “crypto” and “consulting,” “exchanges,” and “ventures.”

Throughout 2014, the family office kept hearing about how cryptocurrency companies were going to obliterate financial institutions and enterprises.  So to better understand the ecosystem and drill into the enthusiasm around cryptocurrencies, R3 organized and held a series of round tables.

The first was held on September 23, 2014 in NYC and included talks from representatives of: DRW, Align Commerce, Perkins Coie, Boost VC, and Fintech Collective.  Also in attendance were representatives from eight different banks.

The second round table was held on December 11, 2014 in Palo Alto and included talks from representatives of: Stanford, Andreessen Horowitz, Xapo, BitGo, Chain, Ripple, Mirror, and myself.  Also in attendance were representatives from 11 different banks.

By the close of 2014, several people (including myself) had joined R3 as advisors and the family office had invested in several fintech startups including Align Commerce.

During the first quarter of 2015, David and his co-founders launched two new initiatives.  The first was LiquidityEdge, a broker-dealer based in NYC that built a new electronic trading platform for US Treasurys.3  It is doing well and is wholly unrelated to R3’s current DLT efforts.

The second initiative was the incorporation of the Distributed Ledger Group (DLG) in Delaware in February 2015.  By February, the family office had also stopped actively investing in companies in order to focus on both LiquidityEdge and DLG.

In April 2015 I published Consensus-as-a-Service (CaaS) which, at the time, was the first paper articulating the differences between what became known as “permissioned” and “permissionless” blockchains and distributed ledgers.  This paper was then circulated to various banks that the small R3 team regularly interacted with.

The following month, on May 13, 2015, a third and final round table was held in NYC and included talks from representatives of Hyperledger (the company), Blockstack, Align Commerce and the Bank of England.  Also in attendance were representatives from 15 banks as well as a market infrastructure operator and a fintech VC firm.  In addition to the CaaS paper, the specific use-case that was discussed involved FX settlement.4

The transition from a working group to a commercial entity was formalized in August and the Distributed Ledger Group officially launched on September 1, 2015 although the first press release was not until September 15.  In fact, you can still find announcements in which the DLG name was used in place of R3.

By the end of November, phase one of the DLG consortium – now known as the R3 consortium – had come to a conclusion with the admission of 42 members.  Because of how the organization was originally structured, no further admissions were made until the following spring (SBI was the first new member in Phase 2).

So what does this all have to do with “distributed ledgers” versus “blockchains”?

Well, for starters, we could have easily (re)named or (re)branded ourselves the “Blockchain Group” or “Blockchain Banking Group” as there are any number of ways to plug that seemingly undefinable noun into articles of incorporation.  In fact, DistributedLedgerGroup.com still exists and points to R3members.com.5 So why was R3 chosen?  Because it is a bit of a mouthful to say DistributedLedgerGroup!

Corda’s genesis

Upon launch, the architecture workstream lead by our team in London (which by headcount is now our largest office), formally recognized that the current hype that was trending around “blockchains” had distinct limitations.  Blockchains as a whole were designed around a specific use-case – originally enabling censorship-resistant cryptocurrencies. This particular use-case is not something that regulated financial institutions, such as our members, had a need for.

While I could spend pages retracing all of the thought processes and discussions surrounding the genesis of what became Corda, Richard Brown’s view (as early as September 2015) was that there were certain elements of blockchains that could be repurposed in other environments, and that simply forking or cloning an existing blockchain – designed around the needs of cryptocurrencies – was a non-starter.  At the end of that same month, I briefly wrote about this view in a post laying out the Global Fabric for Finance (G3F), an acronym that unfortunately never took off. In the post I specifically stated that, “[i]t also bears mentioning that the root layer may or may not even be a chain of hashed blocks.”

In October 2015, both James Carlyle and Mike Hearn formally joined the development team as Chief Engineer and lead platform engineer respectively.  During the fall and winter, in collaboration with our members, the architecture team was consumed in the arduous process of funneling and filtering the functional and non-functional requirements that regulated financial institutions had in relation to back office, post-trade processes.

By the end of Q1 2016, the architecture team gestated a brand new system called Corda.  On April 5, 2016, Richard published the first public explanation of what Corda was, what the design goals were and specifically pointed out that Corda was not a blockchain or a cryptocurrency.  Instead, Corda was a distributed ledger.

Prior to that date, I had personally spent dozens of hours clarifying what the difference between a blockchain and a distributed ledger was to reporters and at events, though that is a different story.  Unfortunately even after all these explanations, and even after Richard’s post, the Corda platform was still inappropriately lumped into the “blockchain” universe.

Following the open sourcing of Corda in November 2016, we formally cut the “CEV” initials entirely from the company name and are now known simply as R3.  Next year we plan to make things even shorter by removing either the R or 3, so watch out domain squatters!

Today

As of February 2017, the R3 consortium is formally split into two groups that share knowledge and resources: one group is focused on building out the Corda platform and the other, the Lab and Research Center, is focused on providing a suite of services to our consortium members.  I work on the services side, and as described in a previous post, my small team spends part of its time filtering vendors and projects for the Lab team which manages several dozen projects at any given time for our consortium members.

The Lab team has completed more than 20 projects in addition to 40 or so ongoing projects.  Altogether these involved (and in some cases still involve) working with a diverse set of platforms including Ethereum, Ripple, Fabric, Axoni, Symbiont and several others including Corda.  Since we are member driven and our members are interested in working and collaborating on a variety of different use-cases, it is likely that the services side will continue to experiment with a range of different technologies in the future.

Thus, while it is accurate to call R3 a technology company focused on building a distributed ledger platform and collaborating with enterprises to solve problems with technology, it is not accurate to pigeonhole it as a “blockchain company.”  Though that probably won’t stop the conflation from continuing to take place.

If you are interested in understanding the nuances between what a blockchain, a database, and a distributed ledger are, I highly recommend reading the multitude of posts penned by my colleagues Antony Lewis and Richard Brown.

  1. Blockchains inspired by cryptocurrencies such as Bitcoin used blocks because Satoshi wanted identity-free consensus (e.g., pseudonymity).  That implies miners can come and go at will, without any kind of registration, which eliminated the choice of using any existing consensus algorithm.

    As a result, Satoshi’s solution was proof-of-work (PoW).  However, PoW is susceptible to collisions (e.g., orphan blocks).  When a collision occurs you have to wait longer to obtain the same level of work done on a transaction. Thus you want to minimize them, which resulted in finding a PoW on average every ten minutes.  This means that in a network with one minute propagation delays, not unlikely in a very large network (BGP sees such propagation times) then you waste ~10% of total work done, which was considered an acceptable loss rate in 2008 when Satoshi was designing and tweaking the parameters of the system.

    Distributed ledgers such as Corda, use a different design because it is an identified network, where members cannot just come and go at will, and do have to register. With Corda, the team also assumes relatively low propagation times between members of a notary cluster.  One of the key differences between mere PoW (i.e. hashcash) and a blockchain is that in the latter, each block references the prior – thus PoWs aggregate.  It can be tough to do that unless all transactions are visible to everyone and there is a single agreed upon blockchain but if you do not, you will not get enough PoW to yield any meaningful security. []

  2. The R3CEV.com domain was created on August 13, 2014. []
  3. It may look like an odd spelling, but Treasurys is the correct spelling. []
  4. At the time, I was an advisor to Hyperledger which was acquired by Digital Asset the following month. []
  5. The DistributedLedgerGroup.com domain was created on December 23, 2014 and R3members.com was created on March 15, 2016. []
Send to Kindle

Layer 2 and settlement

Nary a week goes by without having to hear a startup claim their service will have the ability to “settle” a cryptocurrency or virtual asset or something “smart,” on to Layer 2.  In this instance, Layer 2 refers to a separate network that plugs into a cryptocurrency via off-chain channels.1

This often comes up in conjunction with conversations surrounding the Bitcoin block size debate: specifically around (hypothetically) scaling to enable Visa-like transaction throughput vis-a-vis projects like the Thunder and Lightning network proposals which are often characterized as Layer 2 solutions.2

As Wolfgang Pauli might say, this is not even wrong.

Why?  For starters, the comparisons are not the same.

Visa is a credit clearing and authentication network, not a settlement network; in contrast no cryptocurrency has credit lines baked-in.  In addition – as I penned a year ago – in practice “settlement” is a legal concept and typically requires ties into the existing legal infrastructure such as courts and legally approved custodians. 3

Two simplified examples: (1) If Bob wanted to settle cash electronically and he lived in just about any country on the globe, the only venue that this electronic cash ultimately settles in right now is a central bank usually via its real-time gross settlement (RTGS) network.  And (2), if Bob owned the title to a (dematerialized) security and he is trying to transfer ownership of it to someone else, the security ultimately settles in a central securities depository (CSD) such as the DTCC or Euroclear.

What does this have to do with the world of blockchains and DLT?

As of this writing, no central bank-backed digital currency (CBDC) exists.4 As a consequence, there is no real digital cash settlement taking place on any ledger outside of a banks’ own ledger (yet).

One of the key goals for DLT platforms is to eventually get “cash on-ledger” issued by one or more central bank.  For instance, at R3 we are currently working on a couple of CBDC-related projects including with the Bank of Canada and Monetary Authority of Singapore.  And other organizations are engaged in similar efforts.

Why?

In short, one of the potential advantages of using a CBDC issued onto a distributed ledger is the enabling of network participants (such as financial institutions) to settle dematerialized (digitized) asset transfers without relying on outside reconciliation processes. Delivery versus Payment (DvP), the simultaneous exchange of an asset and its payment, could actually take place on-chain.5

However, today if participants on a distributed ledger wanted to settle a trade in cash on a distributed ledger, they could not. They would still need to settle via external processes and mechanisms, which according to an estimate from Autonomous research, collectively costs the industry $54 billion a year.  As a result, the industry as a whole is attempting to reduce and – if possible – remove frictions such as these post-trade processes.6  And according to a recent paper from the Bank of England as well as a new paper from the Federal Reserve, CDBCs are one invention that potentially could reduce some of these associated frictions and processes.

So how does that tie back in to a hypothetical Layer 2 or 3, 4, 5, connected to a cryptocurrency network?

Assuming one or more of the Lightning implementations is built, deployed, and goes “into production,” the only object that is being tracked and confirmed is a cryptocurrency.7

Cryptocurrencies, as I have written before, are anarchic: purposefully divorced from legal infrastructure and regulatory compliance.

As a result, it cannot be said that “Layer 2” will act as a settlement layer to anything beyond the cryptocurrency itself, especially since the network it attaches to can at most by design only guarantee probabilistic finality.  In fact, the most accurate description of these add-on networks is that each Lightning implementation requires building completely separate networks run and secured by different third parties: pseudonymous node operators acting as payment processors.  What are the service-level agreements applied to these operators?  What happens if it is no longer profitable or sustainable to operate these nodes?  Who are you going to call when something – like routing – doesn’t work as it is supposed to?

And like most cryptocurrencies, Lightning (the generic Lightning) is developed as a public good, which – as a recent paper explored – may have hurdles from a fiduciary, governance, and accountability perspective.

Assuming the dev teams working on the various implementations solve for decentralized routing and other challenges, at most Lightning will be a clearing network for a cryptocurrency, not electronic cash or securities.  Therefore proponents of existing Layer 2 network proposals might want to drop the “settlement” marketing language because settlement probably isn’t actually occurring.  Trade confirmations are.

But what about colored coins?  Can’t central banks just use the Bitcoin network itself and “peg” bitcoins directly to cash or set-up a Bitcoin-like system that is backed by the central bank itself?

These are tangential to “Layer 2” discussion but sure, they could in theory.  In fact, the latter is an idea explored by JP Koning in a soon-to-be published paper on “Fedcoin.”  In practice this is probably not ideal for a variety of reasons including: privacy, confidentiality, recourse, security, scalability, public goods problems, and the fact that pseudonymous miners operating outside the purview of national regulatory bodies would be in charge of monetary policy (among many other regulatory compliance issues).

Why not just use an existing database to handle these regulated financial instruments then?  This is a topic that has and will fill academic journals in the years to come (e.g., RSCoin).  But for starters I recommend looking at a previous post from Richard Brown and two newer posts from Antony Lewis.

Conclusion

There are real, non-aesthetic reasons why aviation designers and manufacturers stopped building planes with more than two or three wings, namely aerodynamics.  Creative ideas like Lightning may ultimately be built and deployed by cryptocurrency-related companies and organizations, but it is unclear how or why any regulated enterprise would use the existing proposals since these networks are not being architected around requirements surrounding settlement processes.

Perhaps that will change in time, but laws covering custody, settlement, and payment processing will continue to exist and won’t disappear because of anarchic “Layer 2” proposals.  Maybe it is possible to borrow and clone some of the concepts, reusing them for alternative environments, just like some of the “blockchain”-inspired platforms have reused some of the ideas underlying cryptocurrencies to design new financial market infrastructure.  Either way, both worlds will continue to co-exist and potentially learn from one another.

  1. From a word choice, it is arguably a misnomer to call Lightning a “layer” at all because relatively little is being built on top of Bitcoin itself.  These new networks are not powered by mining validators whereas colored coin schemes are. []
  2. While he doesn’t delve too much into any of these specific projects, Vitalik Buterin’s new paper on interoperability does briefly mention a couple of them.  Also note that the Teechan proposal is different than Lightning in that the former scales via trusted hardware, specifically Intel’s SGX tech, and sidesteps some of the hurdles facing current Lightning proposals. []
  3. This topic is a ripe area for legal research as words need to be precisely defined and used.  For instance, if bitcoins do not currently “settle” (in the sense that miners and users do not tie on-chain identities into court recognized identity, contract, and ledger systems thereby enabling traditional ownership transfer), does this impact government auctions of seized cryptocurrencies?  What was the specific settlement process involved in the auction process and are encumbrances also transferred?  It appears in practice, that in these auctions bitcoins do transfer in the sense that new entities take control of the private key(s), is this settlement? []
  4. An argument can be made that there are at least 3 publicly known exceptions to this, though it depends on the definition of an in-production CBDC.  This includes vendors working with: Senegal, Tunisia, and Barbados. []
  5. In blockchain parlance this is called an “atomic transfer.” []
  6. It is not just reconciliation processes, it is the actual DvP itself (plus the subsequent “did you get it yet” reconciliation processes). []
  7. As an aside, what are the requirements for “being in production?”  In the enterprise world, there is a difference between being in a sandbox and being in production.  Which blockchain(s) have been vetted for and secured against real production level situations and fulfilled functional requirements such as scaling and preserving confidentiality? []
Send to Kindle

Chainwashing

I was recently talking with a friend who spent the past decade in an operations role at a large enterprise in the telecommunication sector.  He has a matter-of-fact personality that likes to cut through the smoke and mirrors to find the fire.

I explained to him my role of having to filter through the dozens of entities that my market research team at R3 speaks with each month. And the formal process that our small team uses to look and find organizations that would be a good fit for R3’s Lab project pipeline.

For instance, because we typically act as the first part of the funnel for our organization, we end up listening to a great deal of startup pitches. And we are continually bombarded by endless “blockchain” and DLT noise.  The first year alone we looked at and spoke to more than 300 entities, a number that has now reached about 400.

This is not to say that there are only 400 companies/vendors/organizations/projects billing themselves as “blockchain” related entities… unfortunately that nebulous term has ballooned to encompass everything from cryptocurrencies to big data to IoT and now probably numbers in the thousands.

If you’re working in capital markets, how to tell the pretenders from the real deal?

Should you seek advice from people who never interface with enterprises or institutions and get all their wisdom from social media?  Or listen to columnists whose only interaction with banks is the ATM or a cryptocurrency meetup?  Or to media outlets that do not disclose their (coin) holdings?  Before answering these, let’s look at a new phrase below.

Thirteen months ago I gave a short presentation talking about the “blockchain” hype cycle.

The month before that – in December 2015 – I mentioned how much of the enthusiasm surrounding “blockchains” seemed a bit similar to the exuberance around “gluten free” food: how most people at fintech conferences talking about “blockchains” really couldn’t explain why blockchains were great in much the same way that many people asking for “gluten-free” food couldn’t tell you why gluten is or is not good for you.

I explained this to my friend and he said that the euphoria surrounding blockchains – and its vertical rise on the Gartner hype cycle – is similar to what he observed and experienced in “the cloud” space earlier this decade.  And more specifically, to the phenomenon called “cloudwashing”:

Cloud washing (also spelled cloudwashing) is the purposeful and sometimes deceptive attempt by a vendor to rebrand an old product or service by associating the buzzword “cloud” with it. (Source)

So with that, I’d like to coin a new phrase: “chainwashing.”

I have personally seen dozens of decks from vendors along the entire spectrum of sizes during the current hype cycle.  And watched the evolution of “blockchain creep” — how over time the word “blockchain” would appear more frequently not just on each slide, but in scope and vertical.

For instance, there are couple dozen different startups that claim to have somehow built an enterprise-grade blockchain system without having to go through the arduous process of gathering the functional and non-functional requirements from the enterprises they intended to integrate with.  Magic!

While startup founders should shoulder the blame for these marketing gimmicks – as should the reporters that often own but do not disclose their (coin) holdings – investors are also to blame for not just talking their book, but also obfuscating their portfolio companies by pressuring them to rebrand retail-focused cryptocurrency products as bonafide “enterprise blockchain” platforms.  They are not the same thing.

So what are some evaluation criteria to help identity the signal from the noise?

If your job is to help filter vendors for financial institutions, governments, investment funds, or other large enterprises, then some of these questions may be helpful in determining whether or not your firm should engage with the vendor:

  • Why is the vendor using a blockchain?
  • What is the vendor’s definition of a blockchain?
  • Who has a problem that needs a blockchain in order to solve it: the vendor or the vendor’s customer?
  • What is it about a blockchain that solves a problem that couldn’t be solved with existing technoloogy?
  • If a blockchain-related infrastructure provides a solution to for the vendor, can it use any other existing technology to solve its needs?
  • Do the founders and management team have experience managing, building, and/or deploying enterprise-grade systems or critical infrastructure?
  • Does the vendor as a whole have the appropriate contacts and connections with institutions and regulators?
  • Does the vendor have enough run way to build through a long sales cycle?

By asking these types of questions our team has helped filter the 400 or so companies/projects into a much more manageable dozen.

We think the number of companies with legs will continue to increase over time but chainwashing will continue to be a noise pollution problem for the next few years in the enterprise world even after production systems have been integrated into institutions.

As a consequence, it is probably safe to assume vendors are trying to pull a fast one on you, especially if it involves needing your company to acquire a cryptocurrency or “permissioning off” an existing cryptocurrency.

Remember: cryptocurrencies in the vein of Bitcoin were intentionally not designed to integrate with and fulfill the requirements of regulated institutions (like settlement finality) any more than a helicopter was designed to handle long distance cargo hauling.  Chainwashing is the opposite of being fit-for-purpose and we see it with marketing gimmicks like “Layer 2,” the topic of the next post.

Send to Kindle

Citations, interviews, and events for the final third of 2016

Presenting at Bitcoin / Ethereum Meetup in Hong Kong

I ended up traveling a lot more than I expected last year, including 9 times just to East Asia.  The level of interest in that region will probably increase this year — especially as more projects and companies are funded — though I probably won’t do the Trans-Pacific shuffle nine times again this year.

As of right now there are probably just a small handful of startups in APAC that have the capital, connections, and capability to execute and build the commercial products and applications that are discussed at the plethora of fintech events.  And almost none of them have anything to do with a cryptocurrency itself either… because cryptocurrencies weren’t designed to solve most problems financial service organizations have.

Below are the interviews, events, and presentations I participated in the last few months of 2016.

Note: according to their stats, my “Settlement Risks Involving Public Blockchains” was one of TABB Forum’s top stories of 2016.

Quoted:

Cited:

Interview:

Events:

  • Smart Cloud Show 2016 from Chosun Ilbo on September 21, 2016 in Seoul, South Korea.
    • Keynote: “Blockchain and Financial Big Bang”
    • Coverage: Naver
  • Global Blockchain Summit event held by Wanxiang Blockchain Labs on September 23, 2016 in Shanghai, China
    • Presentation: “Opportunities and Challenges for Financial Services in the Cloud: Trade-offs in digitizing and automating finance” (R3 Blurb)
  • Fujitsu Laboratories of America Technology Symposium annual event on October 11, 2016 in Santa Clara, California
    • Panel: “The Blockchain Future – Challenges and Opportunities Ahead”
  • Fórum Blockchain event jointly held by Itaú and Bradesco on October 13, 2016 in São Paulo, Brazil
    • Presentation: “Smart Contracts: cryptographically secured, automated business logic”
  • MIT Fintech Course: Future Commerce on October 18, 2016 (virtual)
    • Discussion: “Distributed Ledger Technology Landscape and Regulations”
  • GAIM OPS West Coast annual event held on October 25, 2016 in Rancho Mirage, California
    • Panel: “Blockchain: What Exactly is it disrupting? Will it Negate Counterparty Risk?” (Photo)
  • CIO Study Trip hosted by the Capgemini Applied Innovation Exchange Lab on behalf of the IT Management Association on October 26, 2016 in San Francisco
    • Presentation: “Distributed Ledger Technology” and “Legal and Regulatory Challenges”
  • Day long discussions on November 9, 2016 at Cornell University in Ithaca, New York
    • Presentation: “Code is not law” (Photos)
  • Guest lecture at the Boston Economic Club on November 16, 2016 in Boston, Massachusetts.
    • Presentation: “DLT as Financial Market Infrastructure” (Photo)
  • Global Trade Review: West Coast Trade & Working Capital Conference on November 17, 2016 in San Jose, California
    • Panel: “Fintech investment and evolution of the trade finance sector” (Photo)
  • The Future of Financial Payment Services Driven by Technology Innovation on November 22, 2016 from Korea Finance Telecommunications & Clearings Institute 30th Anniversary Seminar in Seoul, South Korea
    • Presentation: “DLT as Financial Market Infrastructure” (Photos)
    • Panel: (Photos)
  • Inside Fintech on December 8-9, 2016 in Seoul, South Korea
    • Presentation: “Why Building Financial Infrastructure is Different than Building a Social Media App” (Photos)
    • Panel: “Regulating the Unregulated: How is Regulation and Compliance Impacting the Adoption of New Technology and Innovation” (Photos)
  • Ethereum and Bitcoin joint meetup on December 12, 2016 in Hong Kong
    • Presentation:  “On Consortiums: R3’s Tim Swanson in Conversation”
  • 13th annual China International Finance Forum on December 15, 2016 in Shanghai, China
Send to Kindle

Citations, presentations, and panels

Below are a number of events, presentations, panels, and interviews I have participated in over the past three months.

Academic citation:

Quoted:

Presentations:

Interviewed:

Panels:

Cited:

Send to Kindle

Non-technical Corda whitepaper released

Earlier today our architecture team released its first public whitepaper on Corda.

The WSJ covered it here and here.

Consequently I am somewhat puzzled by news stories that still refer to a “blockchain” as “Bitcoin technology.”  After all, we don’t refer to combustion engines in cars as “horse-powered technology” or an airplane turbine engine as “bird-powered technology.”

A more accurate phrase would be to say something like, “a blockchain is a type of data structure popularized by cryptocurrencies such as Bitcoin and Ethereum.”  After all, chronologically someone prior to Satoshi could have assembled the pieces of a blockchain into a blockchain and used it for different purposes than censorship-resistant e-cash.  In fact, both Guardtime and Z/Yen Group claim to have done so pre-2008, and neither involves ‘proof-of-work.’

Fun fact: Corda is not a blockchain, but is instead a distributed ledger.

Send to Kindle

Code is not law

This past Sunday I gave a new presentation at the Palo Alto Ethereum meetup — it was largely based on my previous two blog posts.

Note: all of the references and citations can be found within the notes section of the slides.  Also, I first used the term “anarchic chain” back in April 2015 based on a series of conversations with Robert Sams.  See p. 27.

Special thanks to Ian Grigg for his constructive feedback.

Slides:

Video:

Send to Kindle

Ethereum Core and Ethereum Classic for Dummies

[Note: I neither own nor have any trading position on any cryptocurrency.  The views expressed below are solely my own and do not necessarily represent the views of my employer or any organization I advise.]

If you’re bored of catching Pokemon and happen to have a lot of butter stored up, now is the time to break out the premium organic popcorn kernels and enjoy Fork Wars: Summer 2016 Edition.

As mentioned in the previous post: last week many miners, exchanges, and developers coordinated a hardfork of Ethereum.  At the time there were lots of celebrations for having done something that flew in contrast to the views prominently held by the Bitcoin Core development community: namely that a fast hardfork can’t be done safely on a public blockchain.

Well, it has been done, but there were also some consequences.  Some intended and others unintended.  The biggest consequence — which was touched on in my last post too — was that there were now parallel universes: Ethereum Core (ETH) and Ethereum Classic (ETC).

What does this mean?

If you owned a coin on pre-hardfork Ethereum, you now own not just the ETH facsimile but also the Classic coin (ETC) too.  Two for the price of one!1

This also opens up the very real possibility of replay attacks which was also a possibility when Ethereum moved from Olympic to Frontier.

A replay attack predates cryptocurrencies such as Bitcoin and Ethereum:

[I]s a form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and re-transmits it, possibly as part of a masquerade attack by IP packet substitution.

In this case, it is the retransmission of a transaction (not IP packet).  Or in the Ethereum world, a replay attack would be to take a transaction from one Ethereum fork and maliciously or fraudulently repeating it on another Ethereum fork.

A little confused?  Check out: Sirer, Rapp, and Vessenes.

At first most of the Ethereum community assumed that Classic would effectively become deprecated and fade away into history much like Olympic.  After all, so went the argument, who would want to use or support a network in which at least one participant owned/controlled roughly ~10% in now “hot” ether?

Sidebar: recall that the main motivating force behind the hardfork was spurred on by the successful attack on The DAO, an investment fund created by Slock.it who did not adequately test the smart contract for security vulnerabilities (among other issues).

Well, it seems that Classic will not go silent into the night, at least not yet.

From a technical integration standpoint, while all of the large exchanges initially supported ETH, one altcoin exchange based in Montana — Poloniex — began supporting both forks.2

Traders — seeing a potential arbitrage opportunity — began doing what they do best: speculating and driving up demand for ETC via posts on social media.  As a consequence of their marketing efforts, the price of ETC dramatically rose over 380% in one 24-hour period alone.  In return, some of the miners that had abandoned the original Ethereum chain (ETC) to mine on the ETH hardfork have now begun mining on both which means that the original ETC network actually has once again begun seeing an increase in its hashrate (recall that it had dramatically dropped a week ago).

This is an interesting twist because less than 3 days ago, Chandler Guo an executive at BW.com — a large mining pool — announced he would undertake a 51% attack on the ETC blockchain because of the decision by Poloniex to support it.  Chandler later announced he would not carry it out.

Incidentally, it is likely that the noise that was created from this threat actually drew more attention to the Poloniex arbitrage opportunity, creating a type of Streisand Effect.3

Visual

What does this situation look like?

ethereum classic

Source: slacknation

Above is a line graph that is auto-generated and reflects the past 48 hours of two types of ratios: the Ethereum Classic (ETC) to Ethereum Core (ETH) price; and the ETC to ETH hashrate.  Price is derived from the two largest exchanges in terms of ether liquidity (Bitfinex and Poloneix).

This is actually not surprising behavior, we empirically observe the same type of trend with other cryptocurrencies: when price increases more hashrate comes on-board and vice-versa.45

Precedence

Over the past several days there has been much guessing as to which chain will live or die, but rarely do people suggest that both will live on in the long-run.

And I think that is short-sighted.  While not a fully direct comparison, even though they’re effectively based on the same code, we have seen how Litecoin and Dogecoin have permanently conjoined at the hip via merged mining: they co-exist via the Scrypt Alliance.  In addition, we have seen for years the continued existence of multiple multipools, which automatically direct GPU-miners to the most profitable cryptocurrency usually with a payout in bitcoin.

I cannot predict who which chain outlasts the other.  Perhaps now that ethcore has said it will also support Ethereum Classic, the two (or more!) chains will both continue to exist and grow.  Either way, we do know that the maximalist thesis, that there is a “coming demise of altcoins,” continues to be empirically incorrect and I suspect that it will remain incorrect for as long as there is continued speculative demand for cryptocurrencies in general.  This includes both ETH and ETC.

Other winners and losers

Who else gains from this phenomenon?  In the short run, anyone interested in trading will probably be able to find some kind of arbitrage — assuming demand grows or at least stays at the same level.

Anyone else?

Other cryptocurrency communities that see Ethereum as a competitor could believe they now have an incentive to support multiple forks too, as it draws hashrate and potential mindshare away one chain at the expense of the other.  And the more that the Ethereum community is painted as being “chaotic” the less of a threat it is seen to other public blockchains.  But maybe this is shortsighted too and will simply enlarge the Ethereum community because they now end up as ETC holders and want it to appreciate in value.

Either way, it sounds like the makings of some kind of TV miniseries staring Jean-Luc Bilodeau as Vitalik Buterin (they’re both Canadian).

Want to read more on the topic?

Conclusions

Ignoring the above quasi-illustration of the many-worlds interpretation, surprisingly not much has been discussed regarding the analog world of when fiat currencies are created or even removed at certain exchange rates and the unintended consequences therein.

For instance, in the comedy Good Bye, Lenin! we see the repercussions for those who were unable to convert East German marks for West German marks after the fall of the Berlin Wall.

More recently we have seen multiple Iraqi dinar scams, in which individuals were deceived and conned into acquiring pre-war dinar (a deprecated fiat currency) with the fraudulent pitch that at some point in the future, the previous pre-war exchange rate would somehow be reached.

However, one of the biggest differences with the Ethereum-based chains above is that cryptocurrencies are anarchic — without terms of service or ties to the legal system. Therefore it is difficult (impossible even?) to say which chain is the de jure legitimate chain.  Consequently it is unclear if anyone has a legal claim to prevent or create additional forks in the future and because of this, it is hard to see who has liability for past, present or future forks on these chains.

Whether that is a risk organizations and regulated institutions are willing to take is a topic for another post.  Perhaps if or when this is done, there will be even more chances to consume warm buttery popcorn as we watch and learn from the trials and tribulations of anarchic blockchains.

Endnotes

  1. It is closer to a spinoff than a stock-split.  Similar to the Ebay/Paypal spinoff, where a company that once had single market capitalization (EBAY) now trades under two different symbols (EBAY/PYPL) that trade and move independently. []
  2. Note: by this I mean that the existing exchanges that had already on-boarded ether, not that all large cryptocurrency exchanges had on-boarded ether. []
  3. Guo wanted to remove something (a chain in this case) but by advertising his intention to do so, only drew more interest and activity back into the very chain he intended to remove. []
  4. See Appendix B []
  5. See also Ethereum chain state []
Send to Kindle

Archy and Anarchic Chains

[Note: the views expressed below are solely my own and do not necessarily represent the views of my employer or any organization I advise.]

Yesterday, at block height 1920000, many elements of the Ethereum community coordinated a purposeful hardfork.

After several weeks of debate and just over a couple weeks of preparation, key stakeholders in the community — namely miners and exchanges — attempted to create a smooth transition from Ethereum Prime (sometimes referred to as Ethereum Classic) into Ethereum Core (Ethereum One).1

Users of exchange services such as Kraken were notified of the fork and are now being allowed to withdraw ETH to Ethereum Core, which many miners and exchanges now claim as “mainnet.”

Was the hardfork a success?  To answer that question depends on which parallel universe (or chain) you resided on.  And it also depends on the list of criteria for what “failure” or “success” are measured by.

For instance, if you ended up with ETH on the “unsupported” fork (Classic), who was financially responsible for this and who could attempt to file a lawsuit to rectify any loses?

Maybe no one.  Why?  Because public blockchains intentionally lack terms of service, EULA, and service level agreements, therefore it is difficult to say who is legally liable for mistakes or loses.

For instance, if financial instruments from a bank were sent to miners during the transition phase and are no longer accessible because the instruments were sent to the “unsupported” chain, who is to blame and bears responsibility?  Which party is supposed to provide compensation and restitution?

De facto versus de jure

This whole hardfork exercise visualizes a number of issues that this blog has articulated in the past.

Perhaps the most controversial is that simply: there is no such thing as a de jure mainnet whilst using a public blockchain.  The best a cryptocurrency community could inherently achieve is a de facto mainnet.2

What does that mean?

Public blockchains such as Bitcoin and Ethereum, intentionally lack any ties into the traditional legal infrastructure.  The original designers made it a point to try and make public blockchains extraterritorial and sovereign to the physical world in which we live in.  In other words, public blockchains are anarchic.

As a consequence, lacking ties into legal infrastructure, there is no recognized external authority that can legitimately claim which fork of Bitcoin or Ethereum is the ‘One True Chain.’  Rather it is through the proof-of-work process (or perhaps proof-of-stake in the future) that attempts to attest to which chain is supposed to be the de facto chain.3

However, even in this world there is a debate as to whether or not it is the longest chain or the chain with the most work done, that is determines which chain is the legitimate chain and which are the apostates.4 5

And this is where, fundamentally, it becomes difficult for regulated institutions to use a public blockchain for transferring regulated data and regulated financial instruments.

For instance, in March 2013 an accidental, unintended fork occurred on what many participants claimed as the Bitcoin mainnet.

To rectify this situation, over roughly four hours, operators of large mining pools, developers, and several exchanges met on IRC to coordinate and choose which chain they would support and which would be discarded.  This was effectively, at the time, the largest fork-by-social-consensus attempted (e.g., proof-of-nym-on-IRC).

There were winners and losers.  The losers included: OKPay, a payment processor, lost several thousand dollars and BTC Guild, a large mining pool who had expended real capital, mined some of the now discarded blocks.

In the Bitcoin world, this type of coordination event is slowly happening again with the never ending block size debate.

One team, Bitcoin Classic, is a small group of developers that supports a hardfork to relatively, quickly increase the block size from 1 MB to 2 MB and higher.  Another group, dubbed Bitcoin Core, prefers a slower role out of code over a period of years that includes changes that would eventually increase the block size (e.g., segwit). 6

Yet as it lacks a formal governance structure, neither side has de jure legitimacy but instead relies on the court of public opinion to make their case.  This is typically done by lobbying well-known figureheads on social media as well as mining pools directly.  Thus, it is a bit ironic that a system purposefully designed for pseudonymous interactions in which participants were assumed to be Byzantine and unknown, instead now relies on known, gated, and trusted individuals and companies to operate.

Note: if the developers and miners did have de jure legitimacy, it could open up a new can of worms around FinCEN administrative requirements. 7  Furthermore, the miners are always the most important stakeholders in a proof-of-work system, if they were not, no one would host events just for them.

arthur twitter pow

Source: Twitter

Ledgers

With this backstory it is increasingly clear that, in the legal sense, public blockchains are not actual distributed ledgers.  Distributed, yes; ledgers, no.

As Robert Sams articulates:8

I think the confusion comes from thinking of cryptocurrency chains as ledgers at all. A cryptocurrency blockchain is (an attempt at) a decentralised solution to the double spending problem for a digital, extra-legal bearer asset. That’s not a ledger, that’s a log.

That was the point I was trying to make all along when I introduced the permissioned/permissionless terminology!9 Notice, I never used the phrase “permissionless ledger” — Permissionless’ness is a property of the consensus mechanism.

With a bearer asset, possession of some instrument (a private key in the cryptocurrency world) means ownership of the asset. With a registered asset, ownership is determined by valid entry in a registry mapping an off-chain identity to the asset. The bitcoin blockchain is a public log of proofs of instrument possession by anonymous parties. Calling this a ledger is the same as calling it “bearer asset ledger”, which is an oxymoron, like calling someone a “married bachelor”, because bearer assets by definition do not record their owners in a registry!

This taxonomy that includes the cryptocurrency stuff in our space (“a public blockchain is a permissionless distributed ledger of cryptocurrency”) causes so much pointless discussion.

I should also mention that the DLT space should really should be using the phrase “registry” instead of “ledger”. The latter is about accounts, and it is one ambition too far at the moment to speak of unifying everyone’s accounts on a distributed ledger.

As I have discussed previously, public blockchains intentionally lack hooks into off-chain legal identification systems.

Why?  Because as Sams noted above: a KYC’ed public blockchain is effectively an oxymoron.  Arguably it is self-defeating to link and tie all of the participants of the validation (mining) process and asset transfer process (users) to legal identities and gate them from using (or not using) the network services.  All you have created is a massively expensive permissioned-on-permissionless platform.

But that irony probably won’t stop projects and organizations from creating a Kimberely Process for cryptocurrencies.

I cannot speak on behalf of the plethora of “private chain” or “private ledger” projects (most of which are just ill-conceived forks of cryptocurrencies), but we know from public comments that some regulators and market structures might only recognize blockchains and distributed ledgers that comply with laws (such as domestic KYC / AML regulations) by tying into the traditional legal infrastructure.10 This means tying together off-chain legal identities with on-chain addresses and activity.

Why?

There are multiple reasons, but partly due to the need to reduce settlement risks: to create definitive legal settlement finality and identifying the participants involved in that process.11

Finality

As illustrated with the purposeful Ethereum One hardfork and the accidental Bitcoin fork in 2013, public blockchains by design, can only provide probabilistic settlement finality.

Sure, the data inside the blocks itself is immutable, but the ordering and who does the ordering of the blocks is not.

What does this mean?  Recall that for both Ethereum and Bitcoin, information (usually just private keys) are hashed multiple times by a SHA algorithm making the information effectively immutable.12 It is unlikely given the length of time our star is expected to live, that this hash function can be reversed by a non-quantum computer.

However, blocks can and will be reorganized, they are not immutable.  Public blockchains are secured by social and economic consensus, not by math.

As a consequence, there are some fundamental problems with any fork on public blockchains: they may actually increase risks to the traditional settlement process.  And coupled with the lack of hooks for off-chain identity means that public blockchains — anarchic blockchains — are not well-suited or fit-for-purpose for regulated financial institutions.

After all, who is financially, contractually, and legally responsible for the consequences of a softfork or hardfork on a public blockchain?

  • If it is no one, then it might not be used by regulated organizations because they need to work with participants who can be held legally accountable for actions (or inactions).
  • If it is someone specifically (e.g., a doxxed individual) then you have removed the means of pseudonymous consensus to create censorship resistance.

In other words, public blockchains, contrary to the claims of social media, are not “law” because they do not actually tie into the legal infrastructure which they were purposefully designed to skirt.  By attempting to integrate the two worlds — by creating a KYC’ed public blockchain — you end up creating a strange hydra that lacks the utility of pseudonymity (and censorship resistance) yet maintains the expensive and redundant proof-of-work process.

These types of forks also open up the door for future forks: what is the criteria for forking or not in the future?  Who is allowed and responsible to make those decisions?  If another instance like the successful attack and counter-attack on The DAO takes place, will the community decide to fork again?  If 2 MB blocks are seen as inadequate, who bears the legal and financial responsibility of a new fork that supports larger (or smaller) blocks?  If any regulated institution lose assets or funds in this forking process, who bears responsibility?  Members of IRC rooms?

If the answers are caveat emptor, then that level of risk may not be desirable to many market participants.

Conclusions

Who are you going to sue when something doesn’t go according to plan?  In the case of The DAO, the attacker allegedly threatened to sue participants acting against his interests because he claimed: code is law.  Does he have legal standing?  At this time it is unclear what court would have accepted his lawsuit.

But irrespective of courts, it is unclear how smart contract code, built and executed on an anarchic platform, can be considered “legal.”  It appears to be a self-contradiction.

As a consequence, the fundamental need to tie contract code with legal prose is one of the key motivations behind how Richard Brown’s team in London approached Corda’s design.  If you cannot tie your code, chain, or ledger into the legal system, then it might be an unauthoritative ledger from the perspective of courts.13

And regulated institutions can’t simply just ignore regulations as they face real quantifiable consequences for doing so.  To paraphrase George Fogg, that’s akin to putting your head in the sand.

We continue to learn from the public blockchain world, such as the consequences of forks, and the industry as a whole should try to incorporate these lessons into their systems — especially if they want anyone of weight to use them.  Anarchic blockchains will continue to co-exist with their distributed ledger cousins but this dovetails into a conversation about “regtech,” which is a topic of another post.

Endnotes

  1. Rejecting Today’s Hard Fork, the Ethereum Classic Project Continues on the Original Chain: Here’s Why from Bitcoin Magazine []
  2. This doesn’t mean that regulators and/or financial institutions won’t use public blockchains for various activities; perhaps some of them will be comfortable after quantifying the potential risks associated with them. []
  3. Ethereum developers plan to transition Ethereum from proof-of-work to proof-of-stake within the next year. []
  4. See Arthur Breitman’s interview on Epicenter Bitcoin and Mike Hearn’s interview on Money & Tech []
  5. Philosophically when Bob connects to “The Bitcoin Network” — how does Bob know he is actually connected to the “real” Bitcoin network?  One method is to look at the block header: it should take a specific amount of time to recreate the hash with that proof-of-work. This proves which network has the most work done.  However, in the meantime, Bob might connect to other ‘pretenders’ claiming to be “The Bitcoin Network.”  At this time, there does not appear to be any legal recognition of a specific anarchic chain. []
  6. The Bitcoin Core fork, which is euphemistically called a softfork, is basically a hardfork spread over a long period of time. []
  7. See Section 3.4 []
  8. Personal correspondence: March 9, 2016 []
  9. See Blockchain Finance by Robert Sams []
  10. This is not to say that regulators, governments, and various market participants will not use public blockchains for other activity. []
  11. See Section 3.1 []
  12. For proof-of-work mining, Ethereum uses ethash instead of SHA256.  For hashing itself, Ethereum uses SHA-3 which is part of the Keccak family (some people use the terms interchangeably but that isn’t technically correct). []
  13. See Section 9 []
Send to Kindle

Looking at public information for quarterly usage

[Note: the views expressed below are solely my own and do not necessarily represent the views of my employer or any organization I advise.]

It’s the beginning of a new quarter so that means its time to look at the last quarter and find out where public blockchain traction and usage is taking place, or not.  After all, we are continually bombarded by cryptocurrency enthusiasts each day telling us that exponential growth is occurring.  Or as GIF party posters like to say, “It’s Happening!” — so in theory it should be easy to find.

For more background, see previous posts from January and April.

Softballs

P2SH Q2

Source: P2SH.info

  • P2SH usage: above are two charts from P2SH.info which illustrates the movement of bitcoins into what most assume are multi-sig wallets of some kind.  There has been a visible increase over the past quarter, with about 200,000 or so more bitcoins moving into P2SH addresses.  Year-on-year, bitcoins held in P2SH addresses has increased from 8% to 13%.
total transactions over time blockstack

Source: Opreturn.org

  • OP_RETURN: above is a line chart from Opreturn.org which illustrates various 3rd party applications that typically use the OP_RETURN field in Bitcoin as a type of datastore (e.g., watermarked tokens).  It is hard to see it on this time scale but the average transactions during Q1 were roughly 1,500-2,500 per day whereas in Q2 it was a bit higher, between 2,500 to 3,500 per day.
percentage of transactions by each protocol opreturn

Source: Opreturn.org

  • Above is another chart looking at the percent of OP_RETURN transactions used by different watermarked token platforms.
  • Compared to Q1, the top 5 have shifted:
    • Blockstack 142,754 transactions (24.9%)
    • Colu 106,489 (18.6%)
    • Open Assets  82,696 (14.4%)
    • Monegraph 54,914 (9.6%)
    • Factom 47,328 (8.3%)
  • While Blockstack (Onename) still rules the roost, Colu has jumped ahead of the other users.  This is slightly interesting because the Colu team has publicly stated it will connect private chains that they are developing, with the Bitcoin network.  The term for this is “anchoring” and there are multiple companies that are doing it, including other Bitcoin/colored coin companies like Colu.  It is probably gimmicky but that’s a topic for a different post.
  • Incidentally the 5 largest OP_RETURN users account in Q2 for 75.8% of all OP_RETURN transactions which is roughly the same as Q1 (76%).
localbitcoins volume

Source: LocalBitcoins.com / Coin Dance

Above is a weekly volume chart denominated in USD beginning from March 2013 for LocalBitcoins.com.  As discussed in previous posts, LocalBitcoins is a site that facilitates the person-to-person transfer of bitcoins to cash and vice versa.

While there is a lot of boasting about how it may be potentially used in developing countries, most of the volume still takes place in developed countries and as shown in other posts, it is commonly used to gain access to illicit channels because there is no KYC, KYCC, or AML involved.  Basically Uber for cash, without any legal identification.

Over the past 6 months, volumes have increased from $10 million and now past $13 million per week. For comparison, most VC-backed exchanges do several multiples more in volume during the same time frame.1

Hardballs

bitcoin volatility 6 months

Source: Btcvol.info

In April, several Bitcoin promoters were crowing about how “stable” Bitcoin was.  Not mentioned: cryptocurrencies can’t simultaneously be stable and also go to the moon.  People that like volatility include: traders, speculators, GIF artisans, pump & dumpers. And people who don’t like volatility: consumers and everyday users.

What articles and reporters should do in the future is actually talk to consumers and everyday users to balance out the hype and euphoria of analysts who do not disclose their holdings (or their firms holdings) of cryptocurrencies.2

As we can see above, volatility measured relative to both USD and EUR hit a five month high this past quarter.  The average user probably would not be very happy about having to hedge that type of volatility, largely because there are few practical ways to do so.  Consumers want boring currencies, not something they have to pay attention to every 10 minutes.

And ether (ETH) was even more volatile during the same time frame: doubling relative to USD during the first half of the quarter then dropping more than 50% from its all-time high by mid-June.

Counterparty all time

Source: Blockscan

Counterparty is a watermarked token platform that, as shown in previous quarters, has hit a plateau and typically just sees a few hundred transactions a day.  Part of this is due to the fact that the core development team has been focused on other commercial opportunities (e.g., building commercial products instead of public goods).3

Another reason is that most of the public interest in “smart contract” prototyping and testing has moved over to Ethereum.

etherscan ethereum transactions

Source: Etherscan

As shown in the chart above, on any given day in Q2 the Ethereum blockchain processed roughly 40,000 transactions.  In Q1 that hovered between 15,000-30,000 transactions.  Note: the large fluctuations in network transactions during the spring may coincide with issues around The DAO (e.g., users were encouraged to actively ‘spam’ the network during one incident).

In addition, according to CoinGecko, Counterparty has lost some popularity — falling to 14th from 10th in its tables from last quarter.  Ethereum remained in 2nd overall.

Another trend observed in the last quarterly review remains constant: Ethereum has significantly more meetups than Counterparty and is 2nd only to Bitcoin in that measure as well.

long chain transactions q2

Source: Organ of Corti — Time period:  January 1, 2014 – June 27, 2016

We’ve discussed “long chain” transactions ad nausem at this point but I have noticed on social media people still talk about the nominal all-time high’s in daily transactions as if it is prima facie evidence that mega super traction is occurring, that everyday users are swarming the Bitcoin network with commercial activity.  Very few (anyone?) digs into what those transactions are.  Perhaps there is genuine growth, but what is the break down?

As we can see from the chart above, while non-long chain transactions have indeed grown over the past quarter, they are still far outpaced by long chain transactions which as discussed in multiple articles, can be comprised of unspendable faucet rewards (dust), gambling bets and a laundry list of other non-commercial activity.

Furthermore, and not to wade into the massive black hole that is the block size debate: even with segwit, there will be an upperbound limit on-chain transactions under the current Core implementation.  As a consequence some have asked if fee pressure would incentivize moving activity off-chain and onto other services and even onto other blockchains.

This may be worth looking into as the block size reaches its max limit in the future.  As far as we can tell right now, it doesn’t appear users are moving over to Litecoin, perhaps they are moving to Ethereum instead?  Or maybe they just pack up and leave the space entirely?

Wallets

We have looked at wallets here multiple times.  They’re a virtually meaningless metric because of how easy it is to inflate the number.  What researchers want to know is Monthly Active Users (MAU).  To my knowledge no one is willing to publicly discuss their monthly or daily user number.

For instance, two weeks ago Coinbase reached 4 million “users.”  But it is almost certain that they do not actually have 4 million daily or monthly active users.  This number is likely tied to the amount of email-based registrations they have had over the past four years (circa May 12, 2012).

Similarly, Blockchain.info has seen its “users” grow to just over 7.8 million at the time of this writing.  But this is a measure of wallets that have been created on the site, not actual users.

Any other way to gauge usage or traction?

Let’s look in the Google Play Store and Apple App Store.

abra downloads

Source: GoAbra / Google Play

Last October Abra launched its GoAbra app and initially rolled it out in The Philippines.  This past May, when CoinDesk ran a story about the company, I looked in the Google Play Store and it says the app had been downloaded 5,000 times.  Last week, Abra announced it was officially launching its app into the US.  As of this writing, it was still at 5,000 downloads.

“Wait,” you might be thinking to yourself, “Filipinos may prefer the iOS app instead.”

Perhaps that is the case, but according to data as of October 2015, Android has a ~81.4% market share in The Philippines.  Furthermore, the iOS version for some reason doesn’t appear on App Annie.  So it is unlikely that Abra has seen traction that isn’t reflected in these download numbers yet, perhaps it will in the future.

Anything else happening in the stores?

As of this writing, the top 5 Bitcoin wallets in the Google Play Store in order of appearance are:

  • Andreas Schildbach’s Bitcoin Wallet (1 million downloads)
  • Mycelium Bitcoin Wallet (100,000 downloads)
  • Coinbase (500,000 downloads)
  • Blockchain.info (100,000 downloads)
  • Airbitz (10,000 downloads)

The Apple App Store does not publicly state how many times an application has been downloaded.  It does rank apps based on a combination of user ratings and downloads. The top 6 on the iPhone in order of appearance:

  • Coinbase
  • Blockchain.info
  • Sollico (bitWallet)
  • breadwallet
  • Xapo
  • Airbitz

Interestingly however, the order is slightly different in the App Store on an iPad.  The top 6 are:

  • Coinbase
  • Blockchain.info
  • Sollico (bitWallet)
  • breadwallet
  • Airbitz
  • BitPay (Copay)

It may be worth revisiting these again next quarter.  If you want to burn some time, readers may be interested in looking at specific rank and activity via App Annie.

Incubators

Most new cohorts and batches at startup accelerators and incubators usually only stay 3-4 months.  A typical intake may see 10-15 companies each get a little bit of seed funding in exchange for a percentage of the equity.  During the incubation period the startup is usually provided mentorship, legal advice, office space, access to social networks and so forth.  It is common place to hear people of all stripes in Silicon Valley state that 9 out of 10 of these startups will burn out within a couple years — that the incubator relies on one of them having a big exit in order to fund the other duds.4

500 Startups, Boost.VC, Plug and Play, YCombinator and other incubators have added and removed startups from their websites and marketing material based on the traction startups have had.  And cryptocurrency startups are not too different from this circle of life. 5

For instance, at YCombinator, Bitcoin-specific mentions on applications has declined by 61% over the past year.

Based on pubic information, as of this writing, it appears that out of the roughly 100 Bitcoin-related startups that have collectively come and gone through the incubators listed above, just a handful have gone on to raise additional funding and/or purportedly have active users and customers.  Unfortunately, no one has consistently published user numbers, so it is unclear what the connection between funding and growth is as this time.

In fact, in an odd twist, instead of measuring success by monthly active users, customers, or revenue, many Silicon Valley-based companies are measuring success based on how much money they raised.  That’s probably only a good idea if the business model itself is to always be raising.

For example, 21inc regularly boasts at being the “best funded company in Bitcoin” — but has not stated what traction four separate rounds of funding have created.  How many bitcoins did it mine prior to its pivot into consumer hardware?  How many 21 computers were sold?  How many users have installed 21?  And what are its key differences relative to what Jeremy Rubin created in 2014 (Tidbit)?

Again, this is not to single out 21inc, but rather to point out if companies in the public blockchain space were seeing the traction that they generally claim to on social media and conferences — then as discussed in previous posts, they would probably advertise those wins and successes.

Hiring

With funding comes hiring.  Since it is very difficult to find public numbers, there is another way to gauge how fast companies are growing: who and how many people they are publicly hiring.

The last Bitcoin Job Fair was last held in April 2015.  Of its 20 sponsors, 6 are now dead and ~7 are either zombies and/or have have done major pivots.  It is unclear how many people that were hired during that event still work for the companies they worked for.

Where else can we look?

Launched in 2014, Coinality is a job matching website that connects employers with prospective employees with the idea that they’d be compensated in cryptocurrencies such as bitcoin and dogecoin.  Fun fact: Coinality is one of the few companies I interviewed for Great Chain of Numbers that is still alive today and hasn’t pivoted (not that pivoting in and of itself is a bad thing).

It currently lists 116 jobs, 105 of which were posted in the past 2 months.

A number of VC-backed companies and large enterprises (or head hunters recruiting on their behalf) have listed openings in the past month.  For example: WellsFargo, Blockchain.info, Circle, Fidelity, IBM, KeepKey, itBit, BNYMellon and SAP logos pop up on the first couple pages of listings.

Among the 67 job listed in June, twenty-six of the positions were freelance positions cross-listed on Upwork (formerly known as Elance / oDesk).

Notable startups that are missing altogether: many cryptocurrency-centered companies whose executives are very vocal and active on social media.  Perhaps they use LinkedIn instead?

Other stats

  • According to CoinATMRadar there are now 690 Bitcoin ATMs installed globally.  That is an increase of 78 ATMs since Q1.  That comes to around 0.86 ATM installations per day in Q2 which is a tick higher than Q1 (0.84).
  • Bitwage launched in July 2014 starting out with zero signups and zero payroll.
    • Fast-forward to January 2016: Bitwage had 3,389 cumulative user signups and cumulative payroll volumes of $2,456,916
    • Through June 2016 it has now reached 5,617 cumulative signups and cumulative payroll volumes of $5,130,971
    • While growing a little faster than ATM installations, this is linear not exponential growth.
  • Open Bazaar is a peer-to-peer marketplace that officially launched on April 4, 2016.  It had been in beta throughout the past year.  The VC-backed team operates a companion website called BazaarBay which has a stats page.
    • It may be worth looking at the “New Nodes” and “New Listings” sections over the coming quarters as they are both currently declining.6

Conclusion

It is unclear what the root cause(s) of the volatility were above.  According to social media it can be one of two dozen things ranging from Brexit to the upcoming “halvening.”  Because we have no optics into exchanges and their customer behavior, speculation surrounding the waxing and waning will remain for the foreseeable future.

Based on process of elimination and the stats in this post, the likely answer does not appear to be consumer usage (e.g., average Joe purchasing alpaca socks with bitcoins).  After all, both BitPay and Coinbase have stopped posting consumer-related stats and they are purportedly the largest merchant processors in the ecosystem.

Most importantly, just because market prices increase (or decreases), it cannot be inferred that “mass adoption” is happening or not.  Extraordinary claims requires extraordinary evidence: there should be ample evidence of mass adoption somewhere if it were genuinely happening.

For instance, the price of ether (ETH) has increased 10x over the past 6 months but there is virtually no economy surrounding its young ecosystem.  Mass consumer adoption is not happening as GIF artisans might says.  Rather it is likely all speculation based — which is probably the same for all other cryptocurrencies, including Bitcoin.

About a year ago we began seeing a big noticeable pivot away from cryptocurrencies to non-cryptocurrency-based distributed ledgers.  That was largely fueled by a lack of commercial traction in the space and it doesn’t appear as if any new incentive has arisen to coax those same businesses to come back.  After all, why continue building products that are not monetizable or profitable for a market that remains diminutive?

Let’s look again next quarter to see if that trend changes.

Endnotes

  1. For more granularity see also BNC’s Liquid index. []
  2. Speaking of interest and hype, CB Insights has some new charts based on keyword searches over time. []
  3. Several members of the development team also co-founded Symbiont. []
  4. Many of these incubators are too young to have a track record that proves or disproves this “conventional” wisdom.  See also Venture Capitalists Get Paid Well to Lose Money from HBR. []
  5. For instance, Mirror closed its Series A round 18 months ago, but was removed from Boost’s website because it no longer is involved in Bitcoin-related activities.  Boost currently lists the following companies out of the 50+ Bitcoin-companies it has previously incubated: BlockCypher, BitPagos, Abra, Stampery, Fluent, SnapCard, Verse.  500 Startups has removed a number of startups as well and currently lists the following on its website: HelloBit, Melotic, Coinalytics, BTCJam, Bonafide, CoinPip. []
  6. Since it has only been “launched” for a quarter, it is probably a little unfair to pass judgement at this time.  But that hasn’t stopped me before.  OpenBazaar has a lot of growing pains that its developers are well aware of including UX/UI issues.  But beyond that, it is unclear that the average consumer is actually interested in using peer-to-peer marketplaces + cryptocurrencies versus existing incumbents like Alibaba, Amazon and eBay — all of whom have customer service, EULAs, insurance policies and accept traditional currencies. I had a chance to speak with one of their investors at Consensus in May and do not think their assumptions about network operating costs were remotely accurate.  Furthermore, where is the market research to support their thesis that consumers will leave incumbents for a platform that lacks insurance policies and live customer service?  Note: OB1 developers and investors insist that their reputation management and arbitration system will increase consumer confidence and customer protection. []
Send to Kindle

A Kimberley Process for Cryptocurrencies

[Note: the views expressed below are solely my own and do not necessarily represent the views of my employer or any organization I advise.]

I have spent the past few weeks in East Asia, primarily in China visiting friends and relatives. Because the connection to the outside world was limited, the upside was that the cacophonous noise of perma cryptocurrency pumpers was relatively muted. I have had a chance to reflect on a number of ideas that are currently being discussed at conferences and on social media.

The first idea is not new or even unique to this blog as other companies, organizations and individuals have proposed a type of digital signature analytics + KYC tracking process for cryptocurrencies. A type of Kimberley Process but for cryptocurrencies.1

For instance, the short lived startup CoinValidation comes to mind as having the first-to-market product but was notably skewered in the media.  Yet its modus operandi continues on in about 10 other companies.2

A Formal Kimberley Process

For those unfamiliar with the actual Kimberley Process, it is a scheme enacted in 2003 to certify where diamonds originated from in order to help prevent conflict diamonds from entering into the broader mainstream diamond market.

The general idea behind proving the provenance of diamonds is that by removing “blood diamonds” from the market, it can cut off a source of funding of insurgencies and warlord activity.3

What does this have to do with cryptocurrencies? Isn’t their core competency allowing non-KYC’ed, pseudonymous participants to send bearer assets to one another without having to provide documentation or proof of where those assets came from? Why would anyone be interested in enabling this?

Some may not like it, but a de facto Kimberley Process is already in place.

For instance, in many countries, most of the on-ramps and off-ramps of venture-backed cryptocurrency exchanges are actively monitored by law enforcement, compliance teams and data analytic providers who in turn look at the provenance of these assets as they move across the globe.4

On the fiat side, while many jurisdictions in North America and Western Europe currently require domiciled cryptocurrency exchanges and wallets to enforce KYC and AML compliance requirements, several areas of Asia are less strict because the local governments have not defined or decided what buckets cryptocurrencies fall into.5

There are some other noticeable gaps in this system involving crypto-to-crypto exchanges.  Irrespective of regions: implementing harmonized KYC/AML standards on the non-fiat side of exchanges appears to be missing altogether.  That is to say that very few, if any, exchange does any kind of KYC/AML on crypto-to-crypto.6

What are some examples of why a Kimberley Process would be helpful to both consumers and compliance teams?

Below are three examples:

(1) During my multi-country travel I learned that there are several regional companies that sell debit cards with pre-loaded amounts of cryptocurrency on them. Allegedly two of of the popular use-cases for these cards is: bribery and money laundering. The example I was provided was that it is logistically easier to move $1 million via a thin stack of debit cards than it is to carry and disperse bags of cash with.7

Attaching uniform KYC and legal identities to each asset would aid compliance teams in monitoring where the flow of funds originated and terminated with cryptocurrencies.  And it would help consumers shy away from assets that could be encumbered or were proceeds of crime.

(2) Affinity fraud, specifically housewives (家庭主妇), are common targets of predators. This has been the case for long before the existence of computers let alone cryptocurrencies, but it came up several times in conversations with friends. According to my sources, their acquaintances are repeatedly approached and some actually took part in Ponzi schemes that were presented as wealth management products.

The new twist and fuel to these schemes was that there is some kind of altcoin or even Bitcoin itself were used as payout and/or as rails between parties. We have already seen this with MMM Global — which is still an active user of East Asia’s virtual currency exchanges — but two questionable projects that I was specifically shown were OctaCoin and ShellCoin.8

Note: in January 2016 multiple Chinese governmental bodies issued warnings about MMM Global and other Ponzi schemes.

[Video of MMM Global operations in The Philippines. Is that really Manny Pacqiauo?]

Victims who were not tech savvy and lied to, have no recourse because there is no universal KYC / KYCC / AML process to identify the culprits in these regions.  Similarly, when these illicit virtual assets are re-sold to exchanges, customers of those exchanges such as Alice and Bob, may receive potentially encumbered assets that are then resold to others who are unaware of the assets lineage (much like a stolen motorcycle being resold multiple times).  This creates a massive lien problem.

But property theft is not a new or unknown problem, why is it worth highlighting for cryptocurrencies?

Many of the original victims in East Asia are not affluent, so these scams have a material impact on their well being. The average working adult in many provinces is still less than $500 per month. Thus not only do they lack a cushion from scams but any price volatility — such as the kind we continue to see in cryptocurrencies as a whole, can wipe out their savings.

(3) Due to continual usage of botnets and stolen electricity — which is still a problem in places like China — the lack of identification from coin generation onward results in a environment in which ‘virgin coins’ sell at a premium because many exchanges don’t investigate where machines are located, who owns them, who paid for the opex and capex of those operations (e.g., documentation of electric bills).9

Unfortunately, the solutions proposed by many cryptocurrency enthusiasts isn’t to create more transparency and identification standards enabling better optics on coin provenance but rather to make it even harder to track assets via proposals like Confidential Transactions.10

Heists, thefts and encumbered coins

I am frequently asked how is it possible to know who received potentially encumbered cryptocurrencies?  For amateur sleuths, there is a long forum thread which lists out some of the major heists and thefts that occurred early on in Bitcoinland.

Above is a video recording of a specific coin lineage: transactions that came from the Bitcoinica Theft that ended up in the hands of Michael Marquardt (“theymos”) who is a moderator of /r/bitcoin and owner of Bitcoin Talk.11

Recall that in July 2012, approximately 40,000 bitcoins were stolen from the Bitcoinica exchange.12 Where did those end up?  Perhaps we will never know, but several users sued Bitcoinica in August 2012 for compensation from the thefts and hacks.

How are consumer protections handled on public blockchains?

In short, they do not exist by design. Public blockchains intentionally lack any kind of native consumer protections because an overarching goal was to delink off-chain legal identities from the pseudonymous interactions taking place on the network.

Thus, stolen cryptocurrencies often recirculate, even without being mixed and laundered.13

Consequently a fundamental problem for all current cryptocurrencies is that they aren’t exempt from nemo dat and have no real fungibility because they purposefully were not designed to integrate with the legal system (such as UCC 8 and 9).14 Using mixers like SharedCoin and features like Confidential Transactions does not fundamentally solve that legal problem of who actually has legal title to those assets.1516

Why should this matter to the average cryptocurrency enthusiast?

If market prices are being partially driven by predators and Ponzi schemes, wouldn’t it be in the best interest of the community to identity and remove those?17

Perversely the short answer to that is no. If Bob owns a bunch of the a cryptocurrency that is benefiting from this price appreciation, then he may be less than willing to remove the culprits involved of driving the prices upward.

For example, one purported reason Trendon Shavers (“pirateat40”) was not immediately rooted out and was able to last as long as he did — over a year — is that his Ponzi activity (“Bitcoin Savings & Trust”) coincided with an upswing in market prices of bitcoin.18  Recall over time, BS&T raised more than 700,000 bitcoins.  Why remove someone whose activity created new demand for bitcoins? 19

But this incentive is short-sighted.

If the end goal of market participants and enthusiasts is to enable a market where the average, non-savvy user can use and trust, then giving them tools for provenance could be empowering.  Ironically however, by integrating KYC and provenance into a public blockchain, it removes the core — and very costly — characteristic of pseudonymous, censorship-resistant interaction.

Thus there will likely be push back for implementing a Kimberley Process: doxxing every step of provenance back to genesis (coin generation) with real world identities removes pseudonmity and consequently public blockchains would no longer be censorship-resistant.  And if you end up gating all of the on-ramps and off-ramps to a public chain, you end up just creating an overpriced permissioned-on-permissionless platform.

Despite this, Michael Gronager, CEO of Chainalysis, notes that:

Public ledgers are probably here to stay – difficult KYC/AML processes or not.  I probably see this as a Nash equilibrium – like in the ideal world all trees would be low and of equal height but there is no path to that otherwise optimal equilibrium.   We believe that fighting crime on Blockchains will both build trust and increase their use and value.

One way some market participants are trying to help law enforcement fight crime is through self-regulating organizations (SRO).

For instance, because we have seen time and time again that the market is not removing these bad actors from the market, several companies have created SROs to help stem the tide.  However, as of right now, efforts like the US-based “Blockchain Alliance” — a gimmicky name for a group of venture-backed Bitcoin companies — has limited capabilities.20 They have monthly calls to discuss education with one another in the West (e.g., what is coin mixing and how does it work?) but currently lack the teeth to plug the KYC/AML gaps in Asia.  Perhaps that will change over time.

And as one source explained: consider this, has any Bitcoin thief been caught?  Even when there is decent evidence, we are not aware of a Bitcoin thief that was actually found guilt of stealing bitcoin, yet.21  Thus an open to question to people who argue that cryptocurrencies are great because of transparency: a lot of bitcoin has been stolen, and no one has been found guilty for that crime.  Why not?

Process of elimination

Over the past six weeks, there has been very little deep research on why market prices have risen and fallen. Usually it is the same unfounded narratives: emerging market adoption; hedge against inflation; hedge against collapse of country X, Y or Z; hedge against Brexit; etc.  But no one provides any actual data, least of all the investors financing the startups that make the claims.

Perhaps the research that has been done on the matter was from Fran Strajnar’s team at BNC.  For instance, on June 1st they noted that:

brave new coinI reached out to Fran and according to him, in early June, “Somebody dropped many many millions ($) across 4 different Chinese Exchanges in a 2 hour period, without moving price – 4 days before the price rise started last week. Because it was over multiple exchanges and these trades were filled, we are digging into it further.”

If there was a standardized Kimberley Process used by all of these exchanges, it would be much easier to tell who is involved in this process and if those funds were based on proceeds of illicit activity.

Furthermore, barring such a Process, we can only speculate why journalists haven’t looked into this story:

(1) many of them do not have reliable contacts in East Asia
(2) those that do have contacts with exchange operators may not be getting the full story due to exchanges lacking KYC / KYCC / AML standards themselves
(3) some reporters and exchange operators own a bunch of cryptocurrencies and thus do not want to draw any negative attention that could diminish their net worth

Third parties such as Wedbush Securities and Needham have also published reports on price action, but these are relatively superficial in their analysis as they lack robust stats needed to fully quantify and explain the behavior we have seen.

Strangely enough, for all the pronouncements at conferences about how public blockchains can be useful for data analysis, very few organizations, trade media or analysts are publishing bonafide stats.

After all, who are the customers of these virtual currency exchanges?  Because of reporting requirement we know who uses Nasdaq and ICE, why don’t we know who uses virtual currency exchanges still?

Stopping predators

Two months ago I had a chance to speak with Marcus Swanepoel, CEO of BitX, about his experiences in Africa.  BitX coordinates with a variety of compliance teams to help block transactions tied to scams and Ponzi schemes. In the past, BitX has managed to help kill off two ponzi schemes and has tried to block MMM Global which has spread to Africa.

Earlier this spring, some MMM users that were blocked by BitX just moved to another competing local exchange that didn’t block such transactions. As a result, over the course of 8 weeks this exchange did more than 3x volume than BitX during same time frame.22 BitX has subsequently regained part of this market share partly due to MMM fading in popularity.

Why is MMM so successful?  Users are asked to upload videos onto Youtube of why MMM Global is great and why you should join and are then paid by MMM as a reward.  This becomes self-reinforcing in large part because of the unsavvy victims who are targeted.

But MMM isn’t to blame for everything.

For instance, in China there have been a variety of get-rich-quick Ponzi schemes that rose and blew up, such as an ant farm scheme in 2007.  And earlier this year, Ezubao, the largest P2P lending platform in China fell apart as a $7.6 billion Ponzi scam.23 No cryptocurrency was involved in either case.

Yet as Emin Gün Sirer pointed out, some of the activities such as The DAO, basically act as a naturally arising Ponzi.

In fact, one allegation over the past couple weeks is that The DAO attacker placed a short of 3,000 bitcoin on Bitfinex prior to attacking The DAO (which was denominated in ether).24  If there was a Kimberley Process in which all traders on all exchanges had to comply with a universal KYC / KYCC / AML standard, it would be much easier to identify the attackers as well as compensate the victims.

Similarly, because ransomware remains a “killer app” of cryptocurrencies such that companies, police stations, hospitals, elementary schools and even universities are now setting up Coinbase accounts and stockpiling cryptocurrencies to pay off hackers.  What is the aggregate demand of all of this activity?  If it is large, does it impact the market price?  And how would a Kimberley Process help provide restitution to the victims of this ransom activity?

A strawman Kimberley Process

How can you or your organization get involved in creating a Kimberley Process for cryptocurrencies?

Right now there is no global, industry standard for “best practices” in mutualizing, implementing, or carrying out KYC / AML provisions for cryptocurrencies.25

In writing this post, several sources suggested the following process to kick-start an effort:

(1) organize an industry-level event(s) which brings together:

(a) AML analytics companies
(b) representatives from regulatory bodies and law enforcement (e.g., FATF, FinCEN)
(c) KYC/AML practitioners
(d) existing market structures and utilities such as SIFMA, ROC, Swift (e.g., KYC registry, LEI)
(e) compliance teams from cryptocurrency exchanges and wallets

(2) at the event(s) propose a list of baseline standards that exchanges and wallets can try to implement and harmonize:

(a) what documentation is required for KYC / KYCC / AML
(b) other financial controls and accountability standards that can assist exchange operators (e.g., remove the ability for an operator to naked short against its own customer base)

(3) tying these standards together with a uniform digital identity management system could be the next step in this process.

On that last point, Fabio Federici, CEO of Skry (formerly Coinalytics), explained:

In general I believe the biggest unsolved problem is still identity and information sharing. Obviously you don’t want all your PII and transaction meta data on a public blockchain, as this information could not only be leveraged by profit seeking organizations, but also malicious actors. So the question becomes what’s the right framework for sharing the right amount of information with only the people that need access to it (maybe even only temporarily).

PII stands for personal identifying information.  In theory, Zcash (or something like it) has the potential to solve some of Fabio’s concerns: relevant info can be encoded in the transaction, and only the relevant parties can read it.  But this delves into “regulated data” which is a topic for another post.26

Similarly, Ryan Straus, an attorney at Riddell Williams and adjunct professor at Seattle University School of Law explained that:

Identity is central to the legal concept of property. Property systems are information systems: they associate identified entities with identified rights.  With the sole exception of real currency, possession or control is not conclusive indicia of ownership.

Factual fungibility simply makes it harder to prove that you have a better claim to a specific thing than the person who now possesses or controls it.  The hard part about what you have written about is that it is difficult to avoid conflating KYC (which involves identity of people) and the Kimberley Process (which involves identifying things).

In order to enable participants to share information without being unduly hounded by social media, it was also suggested that the presence of: investors, cryptocurrency press and cryptocurrency lobbying groups should kept to a minimum for the initial phase.

Conclusions

In addition to implementing additional financial controls and external audits, cryptocurrency exchanges and wallets adopting a Kimberley Process would help provide transparency for all market participants.

While it is probably impossible to remove all the bad actors from any system, reducing the amount of shadows they have to hide could provide assurances and reduce risks to market participants of all shapes and sizes.

However, the trade-off of implementing such a Process is that it negates the core utility that public blockchains provide, turning them into expensive permissioned gateways.  And if you are permissioning activity from the get-go, you might as well use a permissioned blockchain which are cheaper to manage and operate and also natively bake-in the KYC, KYCC and AML requirements.  But that is a topic for another post as well.

End notes

  1. One reviewer argued that analytics may be superior to KYC.  In the event of a compromised account — so goes the argument — analytics can help provide linkage between the flow of funds whereas KYC of compromised accounts would be “illusory.” []
  2. This includes but is not limited to: Chainalysis, Blockseer, Skry, Elliptic, Netki and ScoreChain. []
  3. Incidentally there is a UK-based startup called Everledger which works with insurance companies and tracks a catalogue of diamonds vis-à-vis a blockchain. []
  4. See: Flow of Funds; KYSF; KYSF part 2; and bitcoin movements. To actively monitoring transactions at these entry and exit points, based on anecdotes, up to 20% of all nodes on the Bitcoin network may be managed and operated by these same set of participants as well. []
  5. Note: it bears mentioning that as of this writing, no country has recognized cryptocurrencies as actual legal tender and consequently cryptocurrencies are not exempt from nemo dat. This is important as it means the provenance of the cryptocurrencies actually does matter because those assets could be encumbered. []
  6. I asked around and my sources do not know of a single exchange that does KYC/AML on cryptocurrencies that are directly exchanged for other cryptocurrencies (e.g., Shapeshift).  Furthermore, as highlighted in the past, there are gaps in compliance when it comes to certain fiat-to-cryptocurrency exchanges such as BTC-e and LocalBitcoins. []
  7. This is in USD equivalence, usually not in USD itself. []
  8. OctaCoin is interesting in that the operators behind it claim that it is financed from revenue streams of 3 online casinos who purportedly payout users on a regular basis. Note: gambling in China is a bit like golf in China: it’s illegal but everywhere. It is only legal in a few internal jurisdictions such as Hainan and Macau and elsewhere on the mainland only a couple of state-run lotteries are given legal status. []
  9. Note: stealing electricity to mine bitcoins has occurred in other areas of the world too, including in The Netherlands. []
  10. The official motivation for developing Confidential Transactions is to enable more user privacy which then leads to more fungibility. As one source pointed out: “At the end of the day it’s a balance between privacy and security. Basically the story goes ‘just because I don’t what anyone to know what I’m buying, doesn’t mean I’m a drug dealer.'” []
  11. Marquardt also allegedly co-owns both Bitcoin.org and Blockexplorer.com, and co-manages the Bitcoin Wiki. []
  12. Here’s another video showing some of those transactions. []
  13. The Craig Wright / Satoshi saga is interesting because in a recent interview Craig admittedly used Liberty Reserve which was an illicit exchange based in Costa Rica shut down by the US government.  According to the interview he also had ties to Ross Ulbricht, the convicted operator of Silk Road. []
  14. See The Law of Bitcoin, Section 1.5 in the United States chapter from Ryan Straus.  There are exceptions, see UCC Article 2 – sale of goods. []
  15. See also: Learning from the past to build an improved future of fintech []
  16. Interestingly, SharedCoin.com (sometimes referred to as Shared Send) used to be a mixer run by Blockchain.info, a venture-backed startup.  It was recently shutdown without any notice and the domain now redirects to the CoinJoin wiki entry.  They also pulled the SharedCoin github repo and any material that links it back to Blockchain.info. []
  17. One reviewer mentioned that: “Ponzi schemes will always exist and should probably be fought not just in the crypto space but where in other industries too; requiring continuous education.  It would be way simpler and more effective to shut down domains owned by MMM than it would to be to do anything else, but here you actually meet the pseudonymity feature of the Internet.  Try to do that internationally – it is not easy!” []
  18. From between September 2011 to September 2012 market prices more than doubled.  See SEC vs. Trendon Shavers []
  19. Note: this is a similar argument that Rick Falkvinge made three years ago. []
  20. There are probably several dozen advocacy groups and non-profit working groups scattered across the world.  Each has different goals.  For instance, ACCESS in Singapore works with some regulators in SEA.  While others are merely trying to create technical standards. []
  21. Most of the criminals that are convicted are found guilty of money laundering and interaction with illicit trade, not theft of bitcoins themselves. []
  22. Two months ago, the Financial Times briefly covered this story and Marcus wrote about some of it in March as well. []
  23. There were some early warning signs for that industry.  For instance, according to a Bloomberg story in February 2015: “The value of China’s peer-to-peer lending transactions surged almost 13-fold since 2012 to $41 billion last year, according to Yingcan Group, which tracks the data,” notes Bloomberg. However, 275 of the more than 1,500 lending went bankrupt or had trouble repaying money in 2014, an increase from 76 just a year earlier, according to Yingcan. []
  24. No one has proven this allegation.  Furthermore, there are multiple exchanges to short cryptocurrencies. []
  25. Much of the technology needed to implement these type of processes, such as PKI anchored by certificate authorities. []
  26. For example, see HIPAA and EU-US Privacy Shield []
Send to Kindle

What’s the deal with DAOs?

[Disclaimer: I do not own any cryptocurrencies nor have I participated in any DAO crowdfunding.]

This post will look at the difference between a decentralized autonomous organization (DAO) and a project called The DAO.

Brief explanation

The wikipedia entry on DAOs is not very helpful.  However, Chapters 2 through 5 may be of some use (although it is dated information).

In terms of the uber hyped blockchain world, at its most basic kernel, a DAO is a bit of code — sometimes called a “smart contract” (a wretched name) — that enables a multitude of parties including other DAOs to send cryptographically verifiable instructions (such as a digitally signed vote) in order to execute the terms and conditions of the cloud-based code in a manner that is difficult to censor.

One way to think of a simple DAO: it is an automated escrow agent that lives on a decentralized cloud where it can only distribute funds (e.g., issue a dividend, disperse payroll) upon on receiving or even not receiving a digital signal that a task has been completed or is incomplete.

For instance, let us assume that a small non-profit aid organization whose staff primarily work in economically and politically unstable regions with strict capital controls, set up a DAO — an escrow agent — on a decentralized cloud to distribute payroll each month.

This cloud-based escrow agent was coded such that it would only distribute the funds once a threshold of digital signatures had signed an on-chain contract — not just by staff members — but also from independent on-the-ground individuals who observed that the staff members were indeed doing their job.  Some might call these independent observers as oracles, but that is a topic for a different post.1

Once enough signatures had been used to sign an on-chain contract, the escrow agent would automatically release the funds to the appropriate individuals (or rather, to a public address that an individual controls via private key).  The terms in which the agent operated could also be amended with a predetermined number of votes, just like corporate board’s and shareholder’s vote to change charters and contracts today.

The purported utility that decentralization brings to this situation is that it makes censoring transactions by third parties more difficult than if the funds flowed through a centralized rail.  There are trade-offs to these logistics but that is beyond the scope of this post.

The reason the DAO acronym includes the “organization” part is that the end-goal by its promoters is for it to provide services beyond these simple escrow characteristics such as handling most if not all administrative tasks such as hiring and firing.

Watch out Zenefits, the cryptocurrency world is going to eat your lunch!  Oh wait.

A short history

It is really easy to get caught up in the euphoria of a shiny new toy.  And the original goal of a DAO sounds like something out of science fiction —  but these undertones probably do it a disservice.

Prior to 2014 there had been several small discussions around the topic of autonomous “agents” as it related to Bitcoin.

For instance, in August 2013, Mike Hearn gave a presentation at Turing Festival (see above), describing what was effectively a series of decentralized agents that operated logistical companies such as an autonomous car service.

Several months later, Vitalik Buterin published the Ethereum white paper which dove into the details of how to build a network — in this case a public blockchain — which natively supported code that could perform complex on-chain tasks: or what he dubbed as a decentralized autonomous organization.

Timing

The impetus and timing for this post is based on an ongoing crowdsale / crowdfunding activity for the confusingly named “The DAO” that has drawn a lot of media attention.

Over the past year, a group of developers, some of whom are affiliated with the Ethereum Foundation and others affiliated with a company called Slock.it have created what is marketed as the first living and breathing DAO on the Ethereum network.

The organizers kicked off a month long token sale and at the time of this writing just over 10 million ether (the native currency of the Ethereum blockchain) — or approximately 13% of all mined ether — has been sent to The DAO.  This is roughly equivalent to over $100 million based on the current market price of ether (ETH).

In return for sending ether to The DAO, users receive an asset called a DAO Token which can be used in the future to vote on projects that The DAO wants to fund.2 It is a process that Swarm failed at doing.

An investment fund or a Kickstarter project?

I would argue that, while from a technical standpoint it is possible to successfully set up a DAO in the manner that The DAO team did, that there really isn’t much utility to do so in an environment in which censorship or the theft of funds by third parties will probably not occur.

That is to say, just as I have argued before that permissioned-on-permissionless is a shortsighted idea, The DAO as it is currently set up, is probably a solution to a problem that no one really has.3

Or in short, if you “invested” in The DAO crowdsale thinking you’re going to make money back from the projects via dividends, you might be better off investing in Disney dollars.

Why?

Putting aside securities regulations and regulators such as the SEC for a moment, most of the crowdsale “investors” probably don’t realize that:

  1. crowdfunding in general has a checkered track record of return-on-investment4
  2. crowdfunding in the cryptocurrency world almost always relies on the future appreciation of token prices in order to break-even and not through the actual creation of new features or tools (e.g., see Mastercoin/Omni which effectively flopped)
  3. that the funds, when dispersed to Slock.it and other “products,” could take years, if ever to return a dividend

Why would this pool of capital provide any better expected return-on-investment than others?

Or as Nick Zeeb explained to me:

My sense about The DAO is that it’s a fascinating experiment that I do not want to be part of. I also do not think that a committee of over 1,000 strangers will make wise investment decisions. Most good investment decisions are taken by courageous individuals in my opinion. Anything that can get past a big committee will probably not be the next Google. Imagine this pitch: “Hi I’m Larry and this is Sergey and we want to build the world’s 35th search engine.”

While it probably wasn’t the 35th search engine, tor those unfamiliar with the history of Google, Larry Page and Sergey Brin are the co-founders who created a search engine in what was then though a very crowded market.

So why the excitement?

I think part of it is quite simply: if you own a bunch of ether, there really isn’t much you can do with it right now.  This is a problem that plagues the entire cryptocurrency ecosystem.

Despite all the back-patting at conferences, the market is already filled with lots of different tokens. There is a glut of tokens which do not currently provide many useful things that you couldn’t already do with existing cash systems.5

Part of it also is that most probably think they will some become rich quick through dividends, but that probably won’t happen anytime soon, if at all.

With The DAO, only the development teams of projects that are voted and approved by The DAO (e.g., the thousands of users with DAO Tokens), will see any short term gains through a steady paycheck.  And it is only after they build, ship and sell a product that the original investors may begin seeing some kind of return.

Or in other words: over the past several weeks, the pooling of capital has taken place for The DAO.  In the future there will be various votes as to where that capital goes.  Shortly thereafter, some capital is deployed and later KPI’s will be assessed in order to determine whether or not funding should continue.  All the while some type of profit is sought and dividend returned.

Why, I asked another friend, would this pool of capital offer any better risk adjusted return-on-investment than other asset classes?

In his view:

The return might be high but so is the risk. Always adjust for risk. I think The DAO is better compared to a distributed venture capital firm. Whether that’s better or worse I don’t know — I mean you have the crowd deciding on investments. Or more realistically: nerds who know how to obtain ether (ETH) get to decide on investments.

Does that make them better VCs? Probably not. However, The DAO can decide to hire people with actual credentials to manage and select the investments, admitting its own weakness which would then turn into a strength. I think this can go either way but given the regulator is not prepared for any of this it will probably not work out in the short term.

Does the ‘design-by-giant-nerd-committee’ process work?

Over the past year we have already seen the thousands, probably tens-of-thousands of man-hours dropped into the gravity well that is known as the “block size debate.”  In which hundreds of passionate developers have seemingly argued non-stop on Slack, Twitter, reddit, IRC, conferences and so forth without really coming to an amicable decision any one group really likes.

So if block size-design-by-committee hasn’t worked out terribly well, will the thousands of investors in The DAO take to social media to influence and lobby one another in the future?  And if so, how productive is that versus alternative investment vehicles?

Redistributing the monetary base

Assuming Ethereum has an economy (which it probably doesn’t by most conventional measures), will The DAO create a deflationary effect on the Ethereum economy?

For instance, at its current rate, The DAO could absorb about 20% of the ether (ETH) monetary base.

Does that mean it permanently removes some of the monetary base?  Probably not.

For example, we know that there will be some disbursements to projects such as Slock.it, so there will be some liquidity from this on-chain entity.  And that future DAOs will spend their ether on expenses and development like a normal organization.

But we also know that there is a disconnect between what The DAO is, an investment fund, with what many people see it as: a large vault filled with gold laying in Challenger Deep that will somehow appreciate in value and they will be able to somehow extract that value.

Sure, we will all be able to observe that the funds exist at the bottom of the trench, but someone somewhere has to actually create value with the DAO Tokens and/or ether.

For the same reason that most incubators, accelerators and VC funds fail, that entrepreneur-reliant math doesn’t change for The DAO.  Not only does The DAO need to have a large volume of deal flow, but The DAO needs to attract legitimate projects that — as my friend point out above — have a better risk adjusted return-on-investment than other asset classes.

Will the return-on-investment of the DAO as an asset class be positive in the “early days”?  What happens when the operators and recipients of DAO funds eventually confront the problem of securities regulation?

So far, most of the proposals that appear to be geared up for funding are reminiscent to hype cycles we have all seen over the past couple of years.

Let’s build a product…

  • 2014: But with Bitcoin
  • 2015: But with Blockchain
  • 2016: But with DAO

Maybe the funds will not all be vaporized, but if a non-trivial amount of ETH ends up being held in this DAO or others, it could be the case that with sluggish deal flow, a large portion of the funds could remain inert.  And since this ether would not touching any financial flows; it would be equivalent to storing a large fraction of M0 in your basement safe, siloed off from liquid capital markets.

Ten observations

  1. Since the crowdsale / crowdfund began on April 30, the market price of ETH has increased ~30%; is that a coincidence or is there new demand being generated due to The DAO crowdsale?
  2. A small bug has been discovered in terms of the ETH to DAO Token conversion time table
  3. The DAO surpassed the Ethereum Foundation to become the largest single holder of ether (note: the linked article is already outdated)
  4. In terms of concentration of wealth: according to Etherscan, the top 50 DAO Token holders collectively “own” 38.49% of The DAO
  5. The top 500 DAO Token holders collectively “own” 71.39% of The DAO
  6. As of this writing there are over 15,000 entities (not necessarily individuals) that “own” some amount of a DAO Token
  7. Why is “own” in quotation marks? Because it is still unclear if controlling access to these private keys is the same thing as owning them.  See also: Watermarked Tokens as well as The Law of Bitcoin
  8. Gatecoin, which facilitated the crowdsale of both The DAO and DigixDAO was recently hacked and an estimated $2 million in bitcoins and ether were stolen
  9. Yesterday Gavin Wood, a co-founder of Ethereum, announced that he is stepping down as a “curator” for The DAO.  Curators, according to him, are effectively just individuals who identify whether someone is who they say they are — and have no other duties, responsibilities or authority.
  10. Three days ago, the Slock.it dev team — some of whom also worked on creating The DAO — did a live Q/A session that was videotaped and attempted to answer some difficult questions, like how many DAO Tokens they individually own.

Conclusion

About 17 months ago I put together a list of token crowdsales.  It would be interesting to revisit these at some point later this year to see what the return has been for those holders and how many failed.

For instance, there hasn’t really been any qualitative analysis of crowdsales or ICOs in beyond looking at price appreciation.6 What other utility was ultimately created with the issuance of say, factoids (Factom tokens) or REP (Augur tokens)?

Similarly, no one has really probed Bitcoin mining (and all POW mining) through the lens of a crowdsale on network security. Is every 10 minutes an ICO? After all, the scratch-off contest ties up capital seeking rents on seigniorage and in the long run, assuming a competitive market, that seigniorage is bid away to what Robert Sams has pointed out to where the marginal cost equals the marginal value of a token. So you end up with this relatively large capital base — divorced from the real world — that actually doesn’t produce goods or services beyond the need to be circularly protected via capital-intensive infrastructure.

Other questions to explore in the future include:

  • what are the benefits, if any, of using a centralized autonomous organization (CAO) versus decentralized autonomous organization (DAO) for regulated institutions?
  • how can a party or parties sue a decentralized autonomous organization? 7
  • what are the legal implications of conducting a 51% attack on a network with legally recognized DAOs residing on a public blockchain?8
  • will the continued concentration of ether and/or DAO Tokens create a 51% voting problem identified in the “Curator” section?

Still don’t fully understand what The DAO is?  Earlier this week CoinDesk published a pretty good overview of it.

[Special thanks to Raffael Danielli, Robert Sams and Nick Zeeb for their thoughts]

Endnotes

  1. Note: for the purposes of The DAO, “curators” are effectively identity oracles. []
  2. It appears that currently, once a quorum is achieved, a relatively small proportion of token holders can vote “yes” to a proposal to trigger a large payout. []
  3. The current line-up of goods and services are not based around solving for problems in which censorship is a threat, such as those facing an aid worker in a politically unstable region. []
  4. That is not to say that they all fail. In fact according to one statistic from Kickstarter, there was a 9% failure rate on its platform. Thus, it depends on the platform and what the reward is. []
  5. CoinGecko is tracking several hundred tokens. []
  6. ICO stands for “initial coin offering” — it is slight twist to the term IPO as it relates to securities. []
  7. An added wrinkle to identifying liable parties is: what happens when systems like Zcash launch? []
  8. This presupposes that a DAO will gain legal recognition and/or a public blockchain gains legal standing as an actual legal record. []
Send to Kindle

Self-doxxing, dynamic block making and re-decentralization of mining

There are currently two popular interrelated narratives on social media surrounding participation of the block making process on a public blockchain.  The stories are most pronounced within the Bitcoin community but are also reused by Litecoin, Ethereum and other cryptocurrencies too.

This includes the unchallenged statements that:

(1) anyone can still participate in block making, it is ungated and “permissionless”

(2) following a reward halving (“halvening”), networks become more decentralized because large, centralized farms and actors split apart due to economic pressures

This post looks at both of these and show that in practice neither is really true as of April 2016.

Named block makers

A year ago I reflected on some of the debate surrounding permissioned and permissionless blockchains.  Part of that post involved looking at how the mining market actually evolved in practice; not just based on the generalized claims made by enthusiasts at conferences.

For instance, based on block height below is a list of the first time a pool self-doxxed and signed a coinbase transaction, courtesy of Organ of Corti.  Only the first 50 are chronologically included:

Pool name                Block height                   Date
Eligius 130635 14-Jun-11
BitMinter 152246 7-Nov-11
BTC Guild 152700 10-Nov-11
Nmcbit.com 153343 15-Nov-11
YourBTC 154967 27-Nov-11
simplecoin.us 158291 20-Dec-11
Ass Penny Pool 161432 10-Jan-12
btcserv.net 163672 25-Jan-12
Slush 163970 27-Jan-12
BitLC 166462 12-Feb-12
pool.mkalinin.ru 170937 13-Mar-12
Bitclockers 173863 1-Apr-12
MaxBTC 174819 9-Apr-12
Triplemining 175144 11-Apr-12
CoinLab 180947 21-May-12
wizkid057 184148 12-Jun-12
Generated by General 194247 17-Aug-12
HHTT 197602 7-Sep-12
Ozcoin 207017 8-Nov-12
EclipseMC 208419 18-Nov-12
MTRed 219115 2-Feb-13
50BTC.com 219933 7-Feb-13
Bitparking 226272 17-Mar-13
Discus Fish 236494 17-May-13
ASICMiner 237050 20-May-13
ST Mining Corp 238456 29-May-13
Satoshi Systems 245445 8-Jul-13
GHash.IO 250205 5-Aug-13
175btc.com 253884 24-Aug-13
For Pierce and Paul 259214 21-Sep-13
Alydian5335 261051 1-Oct-13
Megabigpower 261530 4-Oct-13
GIVE-ME-COINS 267919 4-Nov-13
Polmine 282943 29-Jan-14
KoiSystems 285715 14-Feb-14
AntPool 286681 19-Feb-14
MMPool 294747 8-Apr-14
KNC Miner 300700 14-May-14
Bitfinex pool 306406 18-Jun-14
BitAffNet 309657 8-Jul-14
Bitfury 311333 18-Jul-14
Hashmine.io 313882 4-Aug-14
Solo.ckpool 319980 10-Sep-14
Kano.is 325306 14-Oct-14
BTCChina Pool 327211 27-Oct-14
Tangpool 339210 16-Jan-15
For Pyra 339547 19-Jan-15
BW Pool 341167 30-Jan-15
Huobi 341760 3-Feb-15
Dot pool 342104 6-Feb-15

Recall that even though it didn’t initially sign coinbase transactions, Slush began publicly operating at the end of November 2010.  Eligius was announced on April 27, 2011.  DeepBit publicly launched on February 26, 2011 and at one point was the most popular pool, reaching for a short period in July 2011, more than 50% of the network hashrate.

While many enthusiasts claim that “anyone can mine,” in practice, very few choose to for a number of reasons that will be discussed below.

But more to the point, the reason cryptocurrencies allegedly have a “permissionless” characteristic in the first place has to do exclusively with the fact that there is no administrative gating or vetting process for allowing actors on the network to participate in the block making process.  In 2009 there was no whitelist, blacklist, KYC or KYM (know your miner) process.

That is to say, those wanting to create a block did not need permission from a network administrator.1  That is the sole context of the term “permissionless.”

It is not related to developing other platforms that plug into the network.  It is not related to whether the network codebase is open source or not.  It is not related to being able to build software products that somehow utilize the network.  It is not related to being able to view or not view transactions.

Yet due to how the market evolved, today in 2016 while everyone is still paying for the high marginal costs to maintain a network designed for pseudonymous and anonymous interaction, few participants, specifically block makers, are actually capitalizing off of that utility.

For instance:

(1) Acquiring the necessary hardware to become a profitable miner invariably leaves a paper trail.  If instead you acquire the hardware on the second-hand market — in order to remain anonymous — you will still likely leave a paper trail with your legal identity in order to pay for the large energy bill and property taxes.  This is one of the reasons why miners in locations such as China do not publicize their fundraising activities or annual revenue: they don’t want to leave a paper trail to pay any extra taxes.2

(2) The other main mechanism for vetting miners now is through the use of data science itself.  Roughly 10 companies globally provide law enforcement, compliance teams and regulators access to relatively robust analytics tools to track provenance of bitcoins (or other cryptocurrencies) back to coin generation itself.  And in order to sell these mined bitcoins (e.g., to pay for the electricity and the mining hardware), nearly every bitcoin conversion to fiat marketplace now requires some compliance of local KYC and AML regulations.

While there are workarounds such as LocalBitcoins and SharedCoin, generally speaking the pseudonymous network itself in 2016 has largely become doxxed.  Yet the high costs of maintaining pseudonymity, via proof-of-work, still remain.

Hashrate distribution

Above is a pie chart that estimates the hashrate distribution among mining pools over the past 4 days (as of late April 2016).  The 10 largest pools collectively made 97% of the blocks during that time period.3

What about beyond 4 days?

Blocktrail

Source: Blocktrail

Above is the pool distribution of the past year based on coinbase data aggregated by Blocktrail.

The 10 largest pools collectively account for roughly 91.6% of all block making activity.  There is also a relatively long tail that includes roughly another 60 entities (some of whom do sign coinbase transactions) that represent the remaining 8.4% of all block making the past year.

Why do any actors sign transactions at all, after all, isn’t a core characteristic of a public blockchain pseudonymous consensus?  To my knowledge, no one has formally published a thorough explanation for the reasons why.  But one repeated rationale is that pools do so in order to prove to the miners (hashers) connected to the pool what the provenance of the block reward income is.

What does that mean?

For those who have never partaken in the mining process before, a quick history lesson: within the first two years of Bitcoin’s existence a division of labor arose in which block making became separated from hashing itself (e.g., generating proofs-of-work).

That is to say, the security of network security was outsourced to entities who create proofs-of-work and who are colloquially referred to as miners.4  Miners, in return for steady payouts of income, send their work to a pool operator who subsequently batches transactions together into blocks and pays workers based on a pre-arranged agreement (usually proportional, share-based).5

Today, if average Joe buys ASIC mining equipment, he typically does not connect them to his own pool but instead connects them to a pool run by Bob the devops professional.6  And how can Joe trust Bob not to shave off pennies from each share of work that Joe submits?

Block signing in theory provides some semblance of transparency: letting the hashers know if pool operators are skimming off the proceeds by not accurately reporting blocks found (e.g., income).

For instance, if a pool operator makes a block based off of the proof-of-work submitted by one of the hashers connected to a pool, such as Joe, but does not sign the coinbase, the pool operator can try to pretend that it didn’t win the block reward in the first place and therefore would not have to pay the workers (hashers).  This was allegedly more commonplace prior to 2013, before the advent of VC financed farms and pools.7 Now many of the medium and large hashing farm operators want to know the exact revenue number and hear good reasons for why some is missing or if the pool was just “unlucky.”8

Why doesn’t everyone become a block maker, after all, the process is billed as being “open” to all?

There are multiple reasons why, but the most important reason boils down to economics.  Dave Hudson has written about 10 different articles on the baked-in variance (inhomogenous Poisson process) that motivates individuals to continually pool  their mining effort versus solo mine.9 Spoiler alert: you are likely to be struck by lightning before you will ever create a block and reap a block reward by solo mining off of your laptop at home.

Other reasons for why few decide to become block-makers include: the added costs of providing DOS protection to your pool and the need to hire competent staff that can prevent and be on the lookout for problems like BGP hijacking which results in lost revenue.

This has not changed for multiple years and will likely not change for reasons discussed below.

Non-existent re-decentralization

With the upcoming Bitcoin block reward halving that is expected to take place in mid-July, there is a growing chorus of ‘hope’ that it will somehow lead to fewer large mining farms and pools.

This probably won’t occur for several simple reasons, namely due to economic incentives.

Recall that the major reasons why mining activity itself has gravitated to locations such as China isn’t due to conspiracy theories involving lizards but instead ancillary costs.

Specifically the following factors:

  • relatively low labor costs (e.g., professional hashing facilities need to be maintained by a workforce 24 x 7 and wages in China are lower than Russia and the US for this activity)
  • relatively low property costs (e.g., if you have good guanxi, you can utilize and own land at rates below those found in parts of Russia and the US)
  • lower energy costs; I and others have frequently written about this10
  • first-to-market with hardware; because a lot of the final assembly of hashing equipment takes place in southern China, in terms of logistics and transportation end-users have a lead-time advantage over other geographical regions
  • close personal connections with hardware manufacturers and fabrication plants in China and Taiwan; acquiring hardware for mining cryptocurrencies is just as relationship driven as other specialized non-commoditized industries.  Because medium and large miners know who the chip design teams are and what the ASIC roadmaps will be, they can stand in line at the front and acquire hardware before others.

What will happen after a block reward halving?

Just as oil producers with the highest marginal costs have been forced to exit the fracking market over the past couple of years, Bitcoin miners with the thinnest margins will likely exit the market immediately.

What this actually results in, at least the short run, is a more concentrated group of larger hashing farms and pools.

Why?

Because miners as a whole are effectively being given a 50% pay cut to provide the same utility as before.  And ceteris paribus, if Alice doesn’t currently have thick 50% margins, then she will likely exit the market.

In contrast, some of the most profitable miners in China and Republic of Georgia are now operating — even with the large difficulty rise over the past 6 months — with 50+% margins.  They may be squeezed, but they do not have to exit the market.

Basically, the less efficient players will be squeezed out and the more efficient players will remain.  Who is likely be be more efficient?  Larger farms in cheaper locations, or smaller pools made up of less sophisticated players with less capital?

But if the price of cryptocurrencies rise — in this case bitcoins — then won’t former miners come back into the market?

Maybe, but recall, we have seen this song and dance before and it is likely that the block reward halving is already factored into both the current market price and the hardware replacement cycle and as a result there probably will not be a doubling of the market price of bitcoins.  However, that is a topic for a different post.

Other public blockchains

What do mining pool distributions look like for other cryptocurrencies?

Above is the distribution of mining pools for Litecoin over the past day.  Interestingly, Coinotron — a pool I used when mining 3 years ago — currently represents 2.8% of the block making during that time frame.  Two years ago, in May 2014, it represented about 50%.

In August 2015, Litecoin underwent its first block reward halving.  Contrary to popular belief, its market price did not double.  In fact, nine months later the price of a litecoin measured in USD is just fifty cents higher than what it was pre-halving.11

Ethereum mining pool

Source: Etherchain

Above is the distribution of mining pools for Ethereum over the past day.

Interestingly Ethereum formally launched in August 2015 and has seen the same consistent pattern of 3-4 pools representing the majority of block making activity as other cryptocurrencies have witnessed.

In fact, Dwarfpool, despite its name, has flirted with the 50% threshold several times, most notably in March.  The Ethereum development team plans to transition the network from proof-of-work to proof-of-stake (Casper) later this year; it is unclear if the “staking” process will result in similar centralization.

Other cryptocurrencies continue to face similar pool centralization. This includes Namecoin which last year saw one pool, F2Pool provide more than 50% of the network hashrate for multiple months.  While it does not appear that F2Pool behaved maliciously, the fact that one block maker could potentially rewrite history by doing block reorgs motivated Onename to migrate away from Namecoin.

China

It is surprising that with the 60%+ hashrate located in China that there is scant detail in English about how that ecosystem works.  But there are reasons for this.

Recall that based on the current 25 BTC block reward, roughly $450 million in mining rewards has been divvied out over the past year to miners.  On paper that would mean that China-based miners received more than $270 million in revenue, which cements this industry as one of two that continually see large annual revenue flows (the second being exchanges themselves).

I contacted a mining operator in China that currently operates about 40 petahashes per second in equipment.  Note: miners use the abbreviated term ‘P’ and ‘PH’ to denote petahashes per second.

According to him:

“Our public hashing number is based on all our own hardware. This includes two facilities in western Sichuan plus a new Xinjiang site. All of these machines were originally S3’s from Bitmain but we have replaced them with S7’s.  We want to build larger operations than what we have today, but our goal is to maintain a specific percentage of the entire network.”

“Remember our electric rates changes from season to season: different time of year and that hydro power has problems in the winter because of less melt water which results in an energy price that is twice as the rate in the summer.”

“The land is basically free because it is in the mountains and no one is interested in buying property there. So all it takes is construction materials and labor. We hired 10 people last year. We intentionally hired more than we needed so we can build a team and send them places. Our front end operation probably only needs 4-5 people and we pay them $1,000 a month which is actually very competitive for that region.”

“We know a Chinese guy, Mr. LY.  He lives in Sichuan and was originally a hydroelectric operator but now owns his own hydro power station. He learned he could make more money mining than just running the station.”

“Why are people like us able to be competitive?  In Yunnan, Guizhou and Sichuan there was an overinvestment in hydropower last decade and now there is a surplus of electricity.12  Dam operators couldn’t sell the electricity generated so that’s where Bitcoin miners moved to. Also, in Liaoning, some people can free electricity because of the proximity to oil fields – they are given cheap electricity to local residents as compensation for confiscated land/polluting the environment — it is subsidized electricity.”

“No one really pays taxes because miners don’t generate something considered valuable. That’s to say from the perspective of taxpayer, miners don’t generate something of value, because the government doesn’t really recognize bitcoin. Bitcoin mining isn’t illegal, we still pay a small amount of taxes but it’s like running a company that doesn’t make money. Instead a miner just pays a small amount of taxes and all the profit is invisible to the law as it stands today.”

I also reached out to another mining operator based in southern China who explained that in practice, mining farms that produce 1 PH or more are usually not based in cities:

“Most of the time they are not in cities, more like in the middle of nowhere and it would be inaccurate to name towns.”

Instead he listed provinces where they are spread out including: Heilongjiang,Liaoning, Hebei, Sichuan, Tianjin, Anhui, Jiangsu, Ghuizhou, Inner Mongolia, Shanxi, Guangdong.  “Shenzhen for sure, there are testing facilities that are easily over 1P.”

What about ‘subprovincial’ locations?

“It is inaccurate to present information that way.  A lot of the time, the sites are between borders because it’s in the middle of nowhere.  And it normally spreads over lots of sites.  One place has nearly 200 sites crossing two provinces; a lot of small ones representing about 100KW of power each.  They are spread over several hundred kilometers; no economy of scale after a certain point.”

No service-level agreements

This type of self-doxxing, quasi-dynamic environment has led to another interesting phenomenon: ad hoc customer service via social media.

For example, two days ago, a user sent approximately 291.2409 bitcoins as a mining “fee.”13  A small pool called BitClub Network built the block that included this fee.  This fee is equivalent to about $136,000.

The community as a whole then began a crowdsourced investigation into who may have sent this fee and the motivations for doing so, with many believing it to be a mistake.  After all they reasoned, a typical “fee” that most mining pools require in order to be included in the next block is usually less than 25 cents on most days.

A user affiliated with BitClub has since publicly stated it would like to return the fee to the original entity that sent it, though it is unclear if he is speaking with any authority or if the whole thing was a ruse to begin with.

But, as I have argued before, this not only sets a bad precedent for miners as a whole due to a loss of revenue from the forthcoming ‘halvening,’ but the ability to contact a block maker sets a dangerous precedent for the core utility of the network: the disappearance of pseudonymous consensus.

Or as one redditor adroitly pointed out:

Or in other words, if block making was actually pseudoymous and decentralized, with 100+ unidentified pools creating blocks each day, it would be difficult if not impossible to locate and provide timely customer service to a user who made a mistake.

For instance, the most well-known block reorg occurred in March 2013 and it was only resolved when miners, including Slush and BTCGuild, contacted and coordinated with one another via IRC.  If the network was more decentralized and pseudonymous, this coordination would have been very difficult to do, and this was by design.

I pointed out this irony on Twitter earlier this week as well: that there are trade-offs with this approach and the downside of using a bearer asset-based system that had no service level agreement, no EULA, no terms of service results in a world in which users who make mistakes have to complain on social media and hope someone is charitable.

And this happens on a regular basis: earlier this month a user accidentally sent 13.65 bitcoins to the BTCC pool and used reddit as his customer service forum.

That type of friction is not what most consumers want.14  It is a poor user experience which has gradually led to the creation of ‘trusted’ intermediaries in this ecosystem which as described in previous posts, recreates the existing financial system but without the same level of oversight and financial controls.

The cryptocurrency community is learning the hard way why intermediaries exist, why SLAs exist, why legal identities are required for financial transactions, why consumer protection laws arose and so forth.  Pointing out these patterns is not malice or due to a lack of understanding of how cryptocurrencies work, but rather it serves as illustrations for why it has been hard to find real sustainable traction in the space.

How else is this visualized?

scaling bitcoin panel

Source: Jameson Lopp

This past December an event was held in Hong Kong called “Scaling Bitcoin.”

One of the sessions involved a panel comprised of the world’s largest mining farm and pool operators.

The individuals in the photo above allegedly represent about 90% of the network hashrate.

Thus, for all the hype around “trust anchors” tied into public blockchains such as Bitcoin, claims of decentralization and “trust-lessness” are empirically untrue.

In practice, due to centralization and identity leakage, the cost to successfully reorganize a block isn’t through a Maginot Line attack (e.g., via hashrate), but through cheaper out-of-band attacks, such as hosting events in which self-doxxed miners participate.  But that is also a topic for a different post.

Conclusion

16 months ago, Vitalik Buterin and others jokingly quipped that the trends towards centralization in Bitcoin mining (and other cryptocurrencies) resulted in a world where each coinbase transaction effectively arose from a multisig process.

To quote Buterin: “with Bitcoin, we’re paying $600 million a year on a 5-of-10 multisig.”

10 is roughly the amount of quasi-permanent block makers in a given day.  And $600 million was the amount of revenue that miners received at that time due to the higher market value of bitcoin.

In theory, anyone can turn on their computer and hope to become a block maker on a public blockchain — no one has to register with a “Blockchain Admin” because there is no admin.  However, in practice it requires a certain amount of technical knowledge and more importantly, capital, to profitably and sustainably operate a mining farm and pool.

And in order to scale this profitably, in practice, most miners at some point reveal their legal identities thereby negating the core characteristic of a public blockchain: pseudonymity.  How?  Miners, after having erected purpose-built facilities or to liquidate their holdings, may be required by external authorities to go through a gating / vetting process (such as KYC).

Ironically, a substantial increase in cryptocurrency prices may inevitably result in self-doxxing of all major farms. How?  As market prices increase, miners in turn expend more capital to increase their own hashrate to chase the seigniorage rents.

Because of the KYC requirements of utilizing resources like electricity at a hydroelectric dam and the subsequent identity leakage, this turns the block making process itself into a mostly known, permissioned activity.  Consequently, based on this past history, the term DMMS should probably be qualified with a “quasi” modifier in the front: QDMMS.

Similarly, while many enthusiasts have been led to believe a block reward halving will somehow re-decentralize the mining ecosystem, the fact of the matter is chip performance (as measured in hashrate efficiency) is only one factor in the total calculation that professional miners must account for.15

Furthermore, semiconductor engineering itself is effectively on a known, mature trajectory and which appears to be lacking any significant leaps in technological improvement.  The largest entities, such as Intel, see this relatively static path which is one of the reasons why they have formally abandoned their tick-tock roadmap and now plan to lay off 12,000 people.

In contrast, energy prices, land prices, labor costs and taxes are among other major components that professional mining operators look at as a whole and decide whether to stay in a market or not.  Even if there is some price increase after the halvening, home mining by amateurs outside of China will likely continue to remain unprofitable after July.

Thus a year from now the mining ecosystem will probably look a lot like it does today, with most farms and pools being self-doxxed and relatively centralized.16

[Special thanks to Antony Lewis for his constructive feedback]

Endnotes

  1. Censorship-resistance is an emergent property that arises from this design.  See also: Settlement Risks Involving Public Blockchains []
  2. There are other reasons too including not wanting to divulge any comparative advantage they might have that would incentivize new entrants to come into the market. []
  3. Note: it is believed that some large mining operators, such as Bitfury, may actually spread some of their hashers (workers) across multiple pools, in order to reduce their own pool percentage and thereby reduce the concerns over centralization.  This can only be proven with an on-site physical audit. []
  4. There has been research done on non-outsourceable block making. See Nonoutsourceable Scratch-Off Puzzles to Discourage Bitcoin Mining Coalitions by Miller et. al. []
  5. Analysis of Bitcoin Pooled Mining Reward Systems by Meni Rosenfeld []
  6. Most of the pools in operation do not require documentation of equipment or legal identification of miners. []
  7. Note: technically speaking nothing is stopping mining pools from signing blocks and in fact, some do it for advertising purposes. []
  8. There is also a term-of-art called “luck” which Organ of Corti and others analyze on a regular basis. []
  9. Incidentally for those wanting access to the block-making superhighway, to reduce orphan rates, there exists a centralized service: Bitcoin Relay Network. []
  10. See also Appendix B and Section 2 []
  11. Note: Dogecoin began to merge mine with Litecoin in September 2014 and in terms of hashrate the two have moved in tandem with one another ever since. []
  12. China’s water hegemony in Asia from Livemint []
  13. Note: a fee implies something that is mandatory.  The discussion surrounding what is and is not a fee or how it should be calculated and applied is a contentious topic in the cryptocurrency community. []
  14. Cryptocurrencies are effectively designed ‘for cypherpunks by cypherpunks.’  While caveat emptor may be desirable to certain demographics, others prefer consumer protection which bearer-based systems do not have. []
  15. Note: in terms of efficiency, 28nm chips are usually in the range of 0.25-0.35 watts/(gh/s), while the newer 14nm or 16nm ones are more likely 0.12 watts/(gh/s) or less. []
  16. See also: Permissioned-on-permissionless []
Send to Kindle

Reading the tea leaves

Three years since the current wave began and $1 billion later, cryptocurrency / public blockchain ecosystem is experiencing such a level of “fast growth” that no one is able to publish any real usage numbers.1

Sarcasm aside, despite copious amounts of news coverage, interviews and conferences, very few VC-backed cryptocurrency-related startups are divulging any non-gamable numbers.

I had hoped to do a regular quarterly update (see previous January post regarding usage numbers) but there just isn’t much public data to go on.  In fact, there is less data today than 3 months ago.

For instance, at some point in the past couple of months, Coinbase removed its wallet transaction volume chart from its chart site.  This coincides with a public announcement made in February that ‘Coinbase is not a wallet.’  As Brian Armstrong, CEO of Coinbase stated:

Over the next year or so, you’ll see the Coinbase brand shift from being a hybrid wallet/exchange to focusing on purely being a retail and institutional exchange. It will take some time to update, but the transition will happen.

Interestingly, this somewhat conflicts with another statement made in a Forbes piece this past week covering Coinbase and Blockchain.info, stating:

Currently, 80% of Coinbase’s customers buy bitcoin as an investment, and 20% transact with it, though that balance is currently shifting more toward transactions.

Perhaps transaction volume overall is increasing, but if so, why remove the wallet transaction volume chart?  Or is it solely related to transaction volume on the exchange?

The same Forbes article also mentioned another specific aggregate number:

“Startups play a pretty integral role in the sense that we represent most of the end. If you look at users of Bitcoin on the network, most of them are represented by one of the major Bitcoin companies,” says Peter Smith, chief executive of Blockchain, adding that five or six companies, including Coinbase and Blockchain, represent about 80% of transaction volume on the network. Numerous startups are also using Bitcoin to enable their users to more easily send remittances, cross-border payments and peer-to-peer payments, as well as make mobile in-app purchases.

Maybe this is true, maybe there are 5 or 6 companies that represent the lionshare of volume on the Bitcoin network itself.  If so, we should be able to see that.

chainalysis

This is a simplified, color coded version of a tool that Chainalysis provides to its customers such as compliance teams at exchanges. The thickness of a band accurately represents the volume of that corridor, it is drawn to scale.  The names of certain entities are redacted.

The image is based on data for the first quarter of 2016 and is an update to the chart I published in an article back in January.

Based on the chart above, there are in fact 5-6 organizations that represent 80% of the volume; both Coinbase and Blockchain.info are among them (Blockchain.info also operates SharedCoin).

In fact, Chainalysis recently updated their methodology and found that Coinbase transactions represent every 6th or 7th transaction on the Bitcoin blockchain. 2 This specific area of data science is continuously undergoing refinement and should be looked at once again in the coming months.

The same Forbes article says that Coinbase has 3.5 million users and Blockchain.info has 6.5 million wallet holders.

But as we have looked at before, what does that even mean?  Few companies publicly define what a user or wallet actually represents.  I have looked at this twice in the past:

The bottom line is that “monthly active users” (MAU) — which is one of the standard methods for measuring real growth (and success) of an application, is still largely unreported by any cryptocurrency-related company that has raised a Series A or higher.3

Other public data

Where can we find data that is still be published and could reflect usage numbers of public blockchains?

P2SH addresses

Source: P2SH.info

As shown above, over the past month, the amount of bitcoins stored using P2SH addresses increased from 9.99% to 11.7%.

A large noticeable pop took place two weeks ago and some speculated that it could be a Liquid-related multi-sig movement.

opreturn total transactions

Source: opreturn.org

OP_RETURN has also seen increased usage.  Above is a chart measuring the past 15 months of usage.

As described in Watermarked Tokens, OP_RETURN is an opcode in Bitcoin’s scripting language that is commonly used by colored coin projects.

At the time of this writing, in terms of percentages, the top 5 projects that have used OP_RETURN the most are:

  • Blockstack: 107254 transactions (28.4%)4
  • Open Assets: 68069 (18%)5
  • Monegraph: 51601 (13.7%)6
  • Factom: 34007 (9%)7
  • Coinspark: 25223 (6.7%)8

Two of the five are colored coin-specific projects and all five cumulatively account for about 76% of all OP_RETURN usage.

Any other numbers?

  • Looking at the previous charts from January, the ‘Bitcoin Distribution by Address at Block 400,000‘ looks roughly the same as the distribution at a block height of 390,000.
  • According to CoinATMRadar, the ‘number of Bitcoin ATMs installed by Bitcoin machine type’ increased from 536 at the beginning of January to 612 at the end of March. This comes to roughly 0.84 ATMs installed per day or a rate slightly higher than the past 2 years (it is on pace for 308.2 installations altogether this year compared with 275 per year for 2014 and 2015).
  • In terms of market prices, there were some relatively big swings in volatility (about $100 from peak to trough) in the first quarter due in part to the continued block size debate which still remains unresolved.9
  • And activity on both BitWage and Blockchain.info wallets looks roughly the same as they did in January.

Funding

Some venture funding bounced back from the dearth in Q4 2015.

According to the venture capital aggregation at CoinDesk there was $148 million of publicly announced rounds for both Bitcoin-related and Blockchain-related startups spread among 14 deals in Q1 2016.  Though two investments alone (DAH and Blockstream) accounted for more than two-thirds of that funding tranche.

However, the list is probably not complete as two investments into Kraken’s Japanese subsidiary were for undisclosed amounts (first from SBI in January and then by Money Partners Group in March).  Similarly, Ripple also received capital from SBI in January (for a reported 3 billion yen or ~$25 million).

In addition, last week, CB Insights (a venture tracking firm) held a webinar that covered the “Bitcoin / Blockchain” ecosystem (deck) (recording).

While providing a good general overview, I think it lacks a number of recent developments in the overall “Blockchain” capital markets world.10

For instance, Tradeblock recently launched Axoni (a private / permissioned blockchain) and Peernova isn’t really a “Blockchain” company now. 11 The webinar is a little outdated on the cryptocurrency side of things too.  For example, Mirror is completely out of the ecosystem altogether, 21inc is basically a software company at this point, Buttercoin is bankrupt and Blockscore shouldn’t be included in either bucket.

Any other charts?

Counterparty Transaction History

Source: Blockscan

I would be remiss to not include Counterparty, a platform has effectively plateaued (see image above) and has now been eclipsed by Ethereum based on multiple measurements including transaction growth (which actually may be eventually be gamed via “long chains” just like some Bitcoin transactions are).

What kind of other metrics are available?

Counterparty compared to Ethereum

Source: Coingecko

Ignoring the liquidity and market cap sections (basically all cryptocurrencies are illiquid and easily manipulable) there is a marked difference in terms of terms of social media engagement and interest between the two platforms.  For example, in terms of public interest, one measure that could be added to the Coingecko list is the amount of organized Meetup’s: Ethereum has roughly a hundred globally and Counterparty has about 10.

As an aside, I attended two Ethereum meetup’s last month: one hosted by Coinbase in San Francisco and another one hosted by IFTF in Palo Alto.  Both were well-attended with roughly 120 people showing up for the latter.

[Note: I do not own, control or hold any cryptocurrency nor do I have any trading position on them either.]

Why is no one actively publishing numbers?

It could be the case that some of the startups feel that any user / usage number is commercially important and therefore treat it like a trade secret.

Is there really less transparency in this market compared to other tech markets?

Maybe, maybe not.  What about public markets?

Last spring, Blizzard Entertainment announced it would no longer publish World of Warcraft subscription numbers.  This was done because of the continual decline in subscriptions (more than halving from its 12 million peak).  Similarly, last fall, Microsoft said it would no longer publish Xbox One unit sales and would instead share Xbox Live usership. ((Disclosure: I own an Xbox One))  At the time this move was seen as a way to downplay the growing gap in sales between Sony’s PS4 and the Xbox One.

zynga

Source: Statista / Zynga

An exception to this rule is Zynga — the mobile / social gaming company — which has seen continual drop offs in monthly active users for over three years, but still publishes numbers. 12

Back to the public blockchain sphere: why would 40+ companies that have closed a Series A or higher as a whole decide not to publish user / usage numbers in a market that claims to always be growing by leaps and bounds?

One of the problems appears to be that when you raise a lot of money, $50+ million for B2C applications your charts are expected to look a bit like other high-growth companies.

slack growth

Source: TechCrunch

For instance, above is a two-year chart displaying two types of users: daily active and paid for Slack.  With 3.5x daily user growth over the past year, Slack announced last week that it has closed its new round, raising $200 million at $3.8 billion post-money valuation.  About a third of its daily users which are paid users, a relatively high conversion rate.

Obviously social media commenters will point out that “cryptocurrencies” are not the same thing as communication tools, but the point remains that eventually the aspirations of investors will re-calibrate with the actual growth trajectories of a platform.  And as of right now, based on public data it is unclear where that traction is in the cryptocurrency world — perhaps it does exist somewhere but no one is publicly revealing those stats.

It bears mentioning, based on anecdotes there are several cryptocurrency-related startups that have gained relatively large customer bases in certain corridors focused on cross-border payments and remittances involving The Philippines.13 There are also several cash-flow positive companies in this space that have flown under the radar.  On the flipside, based on similar anecdotes, multi-level marketing scams like MMM Global also have seen continued traction.14

Conclusion

Where is the growth, where are the numbers?  Those are the two questions that continue to drive blog posts on this site.  Perhaps startups in the public blockchain ecosystem will be more forthcoming later this year as more capital is deployed.  We will try to revisit this topic once more information is publicly available.

It will also be interesting to see how many more cryptocurrency-related companies rebrand or pivot into the “private blockchain” sphere without actually changing how they interact with cryptocurrencies.  Thus, my older October post on the Great Pivot should be revisited at some point as well.  In addition, if “private blockchain” platforms are eventually flipped on into production mode, they may begin to yield usage numbers worth looking at in a year or so.

  1. For a concise explanation of “fast growth” in this context see the recent interview with Chamath Palihapitiya: Top V.C. on “Mostly Crap” Start-Ups, Mark Zuckerberg, and Early Facebook’s Grim Lunches by Vanity Fair. []
  2. And according to other data science companies I have spoken to in the recent past, several confirm this as well. []
  3. A notable exception was in December 2015 when BitPay provided a transaction chart to Forbes.  Additionally, BitGo has published numbers from time to time.  And while it hasn’t raised a Series A, Blockstack is also fairly open about its userbase. []
  4. Blockstack.org is not the same thing as Blockstack.io — two different groups. []
  5. Flavien Charlon, creator of Open Assets, also maintains Openchain. []
  6. Monegraph is a platform for managing digital artwork. []
  7. During its crowdsale last year, Factom sold about 4.4 million factoid (tokens) for 2,278 bitcoins. []
  8. CoinSciences, the team behind Coinspark, also has another product called MultiChain. []
  9. See: What is the blockchain hard fork “missile crisis?” and also Appendix B []
  10. One interesting stat they mentioned was in terms of ratios: in 2015 there was about $15 billion invested in “fintech” overall and about $450 million in the entire umbrella of “cryptocurrency / blockchain” ecosystem.  That amounts to about 3%. []
  11. Peernova has transitioned from being a Bitcoin mining company to creating “Blockchain-inspired” tools for other industries. []
  12. See Zynga quarterly earnings reports and Statista []
  13. This includes: Align Commerce, BitX and Coins.ph []
  14. This is based on actual data I have been shown. []
Send to Kindle

A brief update on the shared ledger ecosystem

A year ago to the day I published: “Consensus-as-a-service: a brief report on the emergence of permissioned, distributed ledger systems.”

Since then, the paper and portions thereof, have been translated into multiple languages, emailed and downloaded thousands of times, copied word-for-word by many consulting companies and used as a primer for managers and executives at organizations big and small.  In short, it helped articulate what was then happening in a new niche industry, one that has grown over the subsequent months.

What has changed and why did it become popular to the point where vendors now use bullet points marketing their product as a “permissioned ledger”?

Before answering these questions I should point out that it was Robert Sams, CEO of Clearmatics, that actually coined the term “permissioned ledger.”  He first publicly used it at a Coinscrum event a month before the publication of CaaS. Prior to that he had been using it in private discussions including on a now-defunct mailing list which incidentally involved other notable individuals who still work in the overall “blockchain” space.1

Fluid market

Let’s quickly look at what happened to the market participants that were highlighted in the main body of the report (by alphabetical order):

  • Clearmatics: in November 2015 they announced they had closed their seed funding; have also publicly announced their pilot “utility settlement coin” with UBS (note: ‘settlement coin’ is not a cryptocurrency)
  • CryptoCorp: rebranded as Blockstack and were acquired in October 2015 by Digital Asset Holdings (DAH)
  • Eris Industries: in January 2016 they announced they were selected to be part of the PwC “strategic blockchain portfolio”2
  • Hyper (Hyperledger): in June 2015 they announced they had been acquired by DAH. 3  Its namebrand was then donated to the Linux Foundation; see What is the difference between Hyperledger and Hyperledger?
  • Ripple (Labs): in October 2015 they announced that their Series A had closed at $32 million in funding with the inclusion of Santander.  In January 2016 additional funding from SBI Holdings into Ripple’s Japanese subsidiary was also announced.
  • Tembusu System: they had a co-founder dispute that led to dormancy of the company
  • Tezos: the project has continued in the background as a part-time project of its creator
  • Tillit: rebranded as Ldger and is currently focused on market place lending and structured products; no longer uses Ripple.

If we extend the analysis to the tangentially related projects listed in Appendix A:

  • Blockstream: in October 2015 it announced a cryptocurrency product called “Liquid” for wallets and exchanges and in February 2016 announced it had closed its Series A funding of $55 million
  • Augur: in October 2015 it concluded its crowdfunding of over $5 million and in March 2016 launched its beta
  • SKUChain: in January 2016 it announced its seed funding and in March 2016 joined the Plug and Play FinTech Incubator
  • Ethereum: officially launched its Frontier release at the end of July 2015 and then launched a “production” version called Homestead in March 2016
  • Pactum: turned from a standalone product into a technology specification and approach – currently being used by ULedger – and being further developed by Bitsapphire
  • Symbiont: in June 2015 it announced closing a seed round for $1.25 million and then in March 2016 announced it was creating a new company with Ipreo
  • Vennd: in April 2015 it joined the Startmate accelerator and later moved away from the “vending machine” cryptocurrency creation market

What about the rest of the marketplace?

The non-cryptocurrency distributed ledger marketplace has bifurcated into two distinct areas:

  1. those creating some type of ledger or blockchain; and
  2. those creating some type of application that connects to a ledger, chain or network

[Note: sometimes those creating #1 are also creating #2 but usually not vice versa]

Altogether, since September 2015, at R3 we have been approached or pitched by around 150 vendors of all shapes and sizes who do something orthogonally related to distributed ledgers.

By and large, most of them are uninvolved with cryptocurrencies themselves: that ship seems to have sailed with the Great Pivot.  Perhaps that will change again?

We are currently tracking around two dozen companies that have built or are building some kind of distributed ledger and about the same amount of startups trying to build applications on top of a ledger. 4

Many of these can be seen on slides 21 and 23 of the presentation I published in December:

The end of “Proof-of-work maximalism”

What has resonated with people, especially financial institutions regarding this new market?

Part of it for sure is related to hype.  Distributed ledgers and blockchains have been sold as silver bullets and panaceas to all the worlds ills.  This exuberance will likely lead to another washout cycle which has happened in many other tech segments (most notably cleantech).

Another reason is that as articulated in Appendix B, while there was latent interest in the cryptographic toolkit utilized by Ethereum and Bitcoin, managers were finally afforded an explanation as to why something like proof-of-work is purposefully expensive and why it is unneeded and undesirable in an environment in which trusted intermediaries with legal contracts already operate in (e.g., capital markets).

In short: CaaS began to untie the narrative and fable that “the only secure network is one that involves proof-of-work.”

While they are not the only entities experimenting with blockchains, regulated financial institutions have also spent the past year looking at the consequences of using pseudonymous consensus methods, discovering that platforms like Bitcoin fundamentally lack definitive settlement finality which was briefly discussed on page 22 and 23 in CaaS.

The reaction on social media to this over the past year has ranged from acceptance all the way to angry threats.  Yet fundamentally it is empirically clear that the marketing spin which proof-of-work maximalists have used — such as “hardening a chain” — is simply a misapplication of Bitcoin’s Sybil protection.  But that is a topic for another day.5

Conclusion

This was supposed to be a brief post so we have to pass on dovetailing into the myriad of other interesting changes in the landscape.

Regular readers may have noticed just a few posts on this site over the past few months.  Why?  Part of this is because the content I do write is typically sent to R3 members only.

What about other discussions?

Even though the capital markets have largely settled on a specific class of ledger — one that is integrated with the existing legal system without any type of cryptocurrency or proof-of-work — the debate around public versus private blockchains will likely continue into the year by enthusiasts.

For those involved in regulated capital markets who are looking at solutions to problems with a set of requirements involving post-trade activities of clearing and settlement, it is worth pointing out that yesterday Richard Brown unveiled the project he has been working on the past 7 months: Corda.

A year from now the distributed ledger landscape will likely look a lot different than what it did in 2016 let alone 2015.  It will be interesting to see how many projects are still replicating and reusing older “blockchain” designs versus building systems that are fit-for-purpose like Corda.

[Endnotes]

  1. Source: I am an advisor to Clearmatics and a member of the mailing list.  This included: Vitalik Buterin (Ethereum), Vlad Zamfir (Ethereum), Dominic Williams (Mirror / String), Jae Kwon (Tendermint), Andrew Miller (IC3 / University of Maryland), Nick Szabo (Mirror / Access), Jonathan Levin (Chainalysis), Dave Hudson (Peernova), Richard Brown (R3), Zaki Manian (SKUChain) and about a dozen others. []
  2. According to Dominic Williams: 21.91% of all tweets using the term “marmots” involved Eris Industries and Preston Byrne (its COO). []
  3. Disclosure: I was an advisor to Hyper. []
  4. It is a noisy startup ecosystem, but once you filter out companies reliant on cryptocurrency price appreciation there aren’t hundreds or thousands of startups to keep track of. []
  5. See also Anchor’s aweigh []
Send to Kindle

Additional citations, quotes and panels

Following up from the last batch, below are some of the public-facing activities I have been involved with the past couple of months.

Op-ed:

Public presentations / panels:

Quoted:

Citations:

Send to Kindle

What is the difference between Hyperledger and Hyperledger?

hyperledgerI am frequently asked this question because there is some confusion related to the legacy name and the current branding of certain technology. The two are distinct. And how we got there involves a little history.

Hyper, the parent company of Hyperledger, was founded by Dan O’Prey and Daniel Feichtinger in the spring of 2014. Fun fact: one of the alternative names they considered using was “Mintette.com” — after the term coined by Ben Laurie in his 2011 paper.

The simplest way to describe Hyperledger, the technology platform from Hyper, during its formative year in 2014 was: Ripple without the XRP. Consensus was achieved via PBFT.1 There were no blocks, transactions were individually validated one by one.

Hyperledger, the technology platform from Hyper, was one of the first platforms that was pitched as, what is now termed a permissioned distributed ledger: validators could be white listed and black listed. It was designed to be first and foremost a scalable ledger and looked to integrate projects like Codius, as a means of enabling contract execution.

Most importantly, Hyperledger in 2014 was not based off of the Bitcoin codebase.

Note: in the fall of 2014 Richard Brown and I both became the first two advisors to Hyper, the parent company of Hyperledger.  Our formal relationship ended with its acquisition by DAH.2

In June 2015, DAH acquired Hyper (the parent company of Hyperledger) which included the kit and caboodle: the name brand, IP and team (the two Dans).  During the same news release, it was announced that DAH had acquired Bits of Proof, a Hungary-based Bitcoin startup that had designed a Java-based reimplementation of Bitcoin (which previously had been acquired by CoinTerra).3

It was proposed at that time that Hyperledger, the Hyper product, would become the permissioned ledger project from DAH.  It’s product landing page (courtesy of the Internet Archive) uses roughly the same terminology as the team had previously pitched it (see also the October homepage older homepage for DAH as well).

digital asset homepage october 2015

Source: Digital Asset / Internet Archive

On November 9, 2015, on a public blog post DAH announced that it was “Retiring Hyperledger Beta, Re-Open Sourcing Soon, and Other Changes.”

The two most notable changes were:

(1) development would change from the languages of Erlang and Elixir to Java and Scala;

(2) switch to the UTXO transaction model

The team noted on its blog in the same post:

We are also switching from our simplistic notion of accounts and balances to adopt to de facto standard of the Bitcoin UTXO model, lightly modified. While Hyperledger does not use Bitcoin in any way, the Bitcoin system is still extremely large and innovative, with hundreds of millions of dollars invested. By adopting the Bitcoin transaction model as standard, users of Hyperledger will benefit from innovation in Bitcoin and vice versa, as well as making Hyperledger more interoperable.

During this same time frame, IBM was working on a project called OpenChain, which for trademark reasons was later renamed (now internally referred to as OpenBlockchain).4

IBM’s first public foray into distributed ledgers involved Ethereum vis-a-vis the ADEPT project with Samsung (first announced in January 2015). Over the subsequent months, IBM continued designing its own blockchain (see its current white paper here).

In December 2015, the Linux Foundation publicly announced it was creating a new forum for discussion and development of blockchain technology.  Multiple names were proposed for the project including Open Ledger (which was the name originally used in the first press release). However, in the end, the name “Hyperledger” was used.

How did that occur?

DAH, one of the founding members of the project, donated two things to the Linux Foundation: (1) the brand name “Hyperledger” and (2) the codebase from Bits of Proof.

Recall that Bits of Proof was the name of a Bitcoin startup that was acquired by DAH in the fall of 2014 (the Chief Ledger Architect at DAH was the co-founder of Bits of Proof). 5 Architecturally, Bits of Proof is a Java-implementation of Bitcoin. 6

In other words: today the term “Hyperledger” represents an entirely different architectural design and codebase than the original Hyperledger built by Hyper.7

The major architectural switch occurred in November 2015, which as noted above involved adopting the UTXO transaction set and Java language that Bits of Proof was built with.  Therefore, Hyperledger circa 2016 is not the same thing as Hyperledger circa 2014.

Over the past two months there have been multiple different codebases donated to the Linux Foundation all of which is collectively called “Hyperledger” including the IBM codebase (partly inspired by Ethereum) as well as the DAH and Blockstream codebase (one is a clone of Bitcoin and the other is a set of extensions to Bitcoin). The technical discussions surrounding this can be found on both the public Linux Foundation mailing list and its Slack channel.

How do different, incompatible codebases work as one?

This technical question is being discussed in the Linux Foundation. It bears mentioning that as of now, the codebases are incompatible largely due to the fact that Bitcoin uses the UTXO transaction set and OpenBlockchain uses an “accounts” based method for handling balances.  There are other reasons for incompatibility as well, including that they are written in completely different languages: Java/Scala versus Go versus C++ (Blockstream).

How extensive is the reuse of the Bits of Proof Bitcoin codebase donated to the Linux Foundation from the DAH team?  According to a quick scan of their GitHub repo:

So when someone asks “what is Hyperledger technology?” the short answer is: it is currently the name of a collective set of different codebases managed by the Linux Foundation and is not related to the original distributed ledger product called Hyperledger created by Hyper. The only tenuous connection is the name.

Timeline in brief: Hyperledger was originally created in Spring 2014 by Hyper; Hyper was acquired in June 2015 by DAH; the original Hyperledger architecture was entirely replaced with Bits of Proof in November 2015; the Hyperledger brand name and Bits of Proof code was donated to the Linux Foundation in December 2015.

  1. Interestingly enough, the current OpenBlockchain project from IBM also uses PBFT for its consensus mechanism and uses an “accounts” based method; two characteristics that the original Hyperledger platform from Hyper had too. []
  2. For more info on the original Hyperledger, see the Innotribe pitch; the description in Consensus-as-a-service from April 2015 and the Epicenter Bitcoin interview. []
  3. Following the bankruptcy of CoinTerra, the Bits of Proof team became independent once again. []
  4. CoinPrism launched a project called OpenChain, before IBM did. []
  5. Sometimes there is a confusion between Bits of Proof and Bits of Gold.  Bits of Proof was the independent Java-implementation of Bitcoin (which is not the same thing as bitcoinj).  Bits of Gold is an Israeli-based Bitcoin exchange.  A co-founder of Bits of Gold also works at DAH and is their current CTO. []
  6. In the future it may contain some modifications including Elements from Blockstream. []
  7. What was once the original Hyperledger GitHub repo has been handed over to the Linux Foundation but some of the original code base and documentation from the 2014 project can still be viewed elsewhere. []
Send to Kindle

What did bitcoin movements look like in 2015?

[Note: opinions expressed below are solely my own and do not represent the views of my employer or any company I advise.]

Last April, May and August I wrote three posts that attempted to look at the flow of funds: where bitcoins move to throughout the ecosystem.

Thanks to the team at Chainalysis we can now have a more granular view into specific  transfer corridors and movements (not necessarily holdings) between miners, exchanges, darknet markets, payment processors and coin mixers.

The first three charts are backwards looking.

Bitcoin PieAbove is a simplified, color coded version of a tool that Chainalysis provides to its customers such as compliance teams at exchanges.  The thickness of a band accurately represents the volume of that corridor, it is drawn to scale.

What is the method used to generate the plot?

The chord-plot shows all bitcoin transactions in 2015 traced down all the way back to a known entity. This means that the connection between the entities can be any number of hops away.

So for instance, for the exchanges it will include direct arbitrage, but also the modus operandi for bitcoin: individuals buying bitcoins at an exchange and then doing peer-to-peer transfers.  Again this can be any number of hops and then perhaps later end at an exchange again where someone is cashing out.

According to Chainalysis, by hiding all the intermediate steps we can begin to learn how most of the Bitcoin ecosystem is put together (e.g., can it be split into sub systems?, is there a dark and a lit economy?, and what is bitcoin actually used for?).

Legend:

  • Blue: virtual currency exchanges
  • Red: darknet markets
  • Pink: coin mixers
  • Green: mining pools
  • Yellow: payment processors

Altogether there are 14 major exchanges tracked in blue including (in alphabetical order): Bitfinex, Bitreserve (now Uphold), Bitstamp, BitVC (subsidiary of Huobi), BTCC (formerly BTC China), BTC-e, Circle, Coinbase (most), Huobi, itBit, Kraken, LocalBitcoins, OKCoin and Xapo.

The identity of 12 exchanges were removed with the exception of BTC-e and LocalBitcoins.

  • BTC-e was founded in July 2011 and is one of the oldest operating exchanges still around.  It does not require users to provide KYC documentation nor has it implemented AML processes.  This has made it an attractive exchange for those wanting to remain anonymous.
  • LocalBitcoins was founded in June 2012 and is a combination of Craigslist and Uber for bitcoin transfers.  It enables users to post trade requests on its site and provides escrow and reputation services for the facilitation of those trades.  Like BTC-e, it does not require users to provide KYC documentation nor has it implemented AML processes.  As a result it is a popular service for those wanting to trade bitcoins anonymously.

sharedcoinSharedCoin (depicted in pink above) is a product / service from Blockchain.info that allows users to mix their coins together with other users.  It is one of about a dozen services that attempt to — depending who you talk to — delink the history or provenance of a bitcoin.

agoraFounded in the spring of 2013, Agora (depicted in red above) was the largest known darknet market operating in 2015.

Forward Tracing

For each of the entities labeled on the charts below there is a ‘send to self’ characteristic which in fact are the UTXOs that originate from that entity and ends in unspent funds without first hitting another service.  So it can be both cold storage owned by the service or someone hoarding (“hodling”) coins using that service.

Interestingly enough, the deposits held at one VC-backed intermediary almost all stay cold.

forward looking localbitcoinsAbove is LocalBitcoins.

forward looking btceAbove is BTC-e.

forward looking sharedcoinAbove is SharedCoin.

Questions and Answers

I also spoke with the Chainalysis team about how their clustering algorithm worked.

Q: What about all the transactions that did not go between central parties and intermediaries?  For instance, if I used my wallet and sent you some bitcoins to your wallet, how much is that in terms of total activity?

A: The analysis above is intended to isolate sub-economies, not to see who is directly trading with who. The Chainalysis team previously did a Chord of that roughly a year ago which shows the all-time history (so early days will be overrepresented) and it was based only on one hop away transactions and normalized to what the team can ascribe to a known service.

The new chord above is different as it continues searching backwards until it locates an identified entity – this means it could have passed through an other either unidentified or less perfectly described service – but as it is same for everything and we have the law of large numbers it will still give a pretty accurate picture of what subeconomies exist.  It was made to identify if the Bitcoin network had a dark economy and a lit economy (e.g. if the same coins were moving in circles e.g. dark-market->btc-e->localbitcoin->dark-market and what amount of that loop would include the regulated markets too).

So, for example, the transfers going between the regulated exchanges, many will be multihop transfers, but they start and end in regulated exchanges and as such could be described as being part of the lit economy.

Q: What specific exchange activity can you actually identify?

A: It varies per service but Chainalysis (and others) have access to some “full wallets” from clients.  Also newer deposits are often not known so the balance in a wallet will be underestimated due to how the current algorithms work.

Further, some services require special attention and special analytics to be well represented due to their way of transacting – this includes some of the regional dark markets and Coinbase (due to how the company splits and pools deposits, see below).  By looking at all the known entities and how many addresses they contain as a percentage of all addresses ever used for bitcoin in all time, Chainalysis has significant coverage and these are responsible for more than half of all transactions ever happened.

Q: And what was the motivation behind building this?

A: The initial purpose of the plot was to identify subsystems and pain points in the ecosystem – the team was at first uncertain of the possibility that every Bitcoin user simply bought bitcoins from exchanges to buy drugs but that does not seem to be the case.  Most drug buyers use LocalBitcoins and sellers cash-in via mixers on LocalBitcoins or BTC-e (for the larger amounts).

Q: How large is SharedCoin and other mixers?

A: SharedCoin is currently around 8 million addresses and Bitcoin Fog is 200,000 addresses; they are the two largest.1

Additional analysis

Based on the charts above, what observations can be seen?

  • With a forward tracing graph we can see where all the unspent bitcoins come from (or are stored).  One observation is that intermediaries, in this case exchanges, are holding on to large quantities of deposits.  That is to say that many users (likely traders) — despite the quantifiable known risks of trusting exchanges — still prefer to store bitcoins on virtual currency exchanges.  Or to look at it another way: exchanges end up with many stagnant bitcoins and what this likely means is that users are buying lots of bitcoins from that exchange and not moving them and/or the exchange itself is holding a lot of bitcoins (perhaps collected via transaction fees or forfeited accounts).2

  • A lot of the activity between exchanges (as depicted in blue lines) is probably based on arbitrage.  Arbitrage means if Exchange A is selling bitcoins for a higher price than Exchange B, Alice will buy bitcoins on Exchange B and transfer them to Exchange A where they are sold for a profit.
  • Despite the amount of purported wash trading and internal bot trading that several Chinese exchanges are believed to operate, there is still a lot of on-chain flows into and out of Chinese-based exchanges, most likely due to arbitrage.
  • An unknown amount of users are using bitcoin for peer-to-peer transactions.  This may sound like a truism (after all, that’s what the whitepaper pitches in its title), but what this looks like above is that people go to exchanges to transfer fiat currencies for virtual currencies.  Then users, using the P2P mechanic of bitcoin (or other virtual currencies), transfer their coins to someone else.  We can see this by counting hops between the exchanges.

A potential caveat

Because of how certain architectures obfuscate transactions — such as Coinbase and others — it can be difficult for accurate external data analysis.  However with their latest clustering algorithm, Chainalysis’s coverage of Coinbase now extends to roughly the same size of the size of Mt. Gox at its height.3

Why can this be a challenge?  Coinbase’s current design can make it difficult for many data analytics efforts to clearly distinguish bitcoins moving between addresses.  For instance, when Bob deposits bitcoins into one Coinbase address he can withdraw the deposit from that same address up to a limit.  After about two bitcoins are withdrawn, Bob then automatically begins to draw out of a central depository pool making it harder to look at the flow granularly.

Other secondary information also makes it unclear how much activity takes place internally.  For instance, in a recent interview with Wired magazine, Coinbase provided the following information:

According to Coinbase, the Silicon Valley startup that operates digital bitcoin wallets for over 2.8 million people across the globe, about 20 percent of the transactions on its network involve payments or other tasks where bitcoin is used as a currency. The other 80 percent of those transactions are mere speculation, where bitcoin is traded as a commodity in search of a profit.

In a subsequent interview with New York Business Journal, Coinbase stated that it “has served 2.9 million people with $3 billion worth of bitcoin transactions.”

It is unclear at this time if all of those transactions are just an aggregation of trades taking place via the custodial wallet or if it also includes the spot exchange it launched last January.

Future research

Publishing cumulative bitcoin balances and the number of addresses for different entities such as exchanges could help compliance teams and researchers better understand the flows between specific exchanges.  For instance, a chart that shows what percentage of the 15 million existing bitcoins everyone holds at a given moment over different time intervals.

This leads to the second area: rebittance, a portmanteau of remittance and bitcoin.  Last year it was supposed to be the “killer app” for cryptocurrencies but has failed to materialize due in part, to some of the reasons outlined by Save on Send.4 Further research could help identify how much of the flows between exchanges and the peer-to-peer economy is related to cross-border value transfer as it relates to rebittance activity.

And as the market for data analysis grows in this market — which now includes multiple competitors including Coinalytics, Blockseer, Elliptic and Scorechain — it may be worth revisiting other topics that we have looked at before including payment processors, long-chains and darknet markets and see how their clustering algorithms and coverage are comparable.

Conclusions

For compliance teams it appears that the continued flow between illicit corridors (darknet markets) is largely contingent on liquidity from two specific exchanges: BTC-e and LocalBitcoins.  In addition, coin mixing is still a popular activity: from this general birds-eye view it appears as if half of the known mixing is directly related to darknet market activity and the motivation behind the other half is unknown.

Based on the information above other economic activity is still dwarfed by arbitrage and peer-to-peer transactions. And lastly, based on current estimates it appears that several million bitcoins are being stored on the intermediaries above.

[Note: special thanks to Michael Gronager and the Chainalysis team for their assistance and feedback on this post.]

  1. There are many regional smaller projects in, for example, smaller European countries whose flows may be underrepresented as they are less known in part because they do not use commonly used languages. However most are likely a part of the long tail of coin distribution. []
  2. There is a spectrum of intermediaries in which bitcoins are stagnant (or active).  For instance, in an interview last May, Wences Casares, founder and CEO of Xapo stated:

    Still, Casares indicated that Xapo’s customers are most often using its accounts primarily for storage and security. He noted that many of its clientele have “never made a bitcoin payment”, meaning its holdings are primarily long-term bets of high net-worth customers and family offices.

    “Ninety-six percent of the coins that we hold in custody are in the hands of people who are keeping those coins as an investment,” Casares continued. []

  3. See also The missing MtGox bitcoins from WizSec []
  4. There are notable exceptions that have gained regional traction including: BitX, Coins.ph and Align Commerce. []
Send to Kindle

AFA Presentation: Cryptocurrencies, Blockchains and the Future of Financial Services

The slideshow below was first presented at an AFA panel on January 4, 2016 in San Francisco.

References:

Send to Kindle

A proxy for users

[Note: opinions expressed below are solely my own and do not represent the views of my employer or any company I advise.  Today is the 7th anniversary of the Genesis block.]

With over $900 million invested in cryptocurrency startups over the past couple of years, what does adoption and usage numbers look like?

Unfortunately very few of the companies that have received funding have publicly divulged actual numbers, primarily because consumer uptake has been lower than expected (or promised).

For instance, Coinbase recently published five charts it says reflect growth.

The first chart they show is transactions per day.

However, since we know that most transactions are “long-chain” transactions (comprised of spam, wallet shuffling, coin mixing, mining payouts, faucets, etc.), this is a poor indicator of actual on-chain trade and commerce or adoption.

long-chain transactionsAs illustrated in the chart above, once long-chains are removed, growth (as highlighted in the pink region) is roughly linear since 2014, at ~0.5x per year.

What about Coinbase itself?

Coinbase doesn’t typically divulge much about specifics, however it’s older pitch deck (from September 2014) does give a few details about its users, such as 40% of all Coinbase users are from three states: California, New York and Texas; as well as the amount of deposits that Coinbase holds for each customer.

wallet size

Slide 14, Coinbase pitch deck

While this number likely has changed in the past 15 months, ignoring the fluctuation in token prices it may be the case that the average deposit per customer has not increased significantly.  Why might that be?

Above is a 1-year chart produced by Coinbase showing the daily amount of off-chain transactions.  Or rather, transactions that take place on their own internal system.  As we can see, the volume is roughly the same across all of 2015.  If usage actually was increasing or user numbers were growing substantially, then we should be able to see some visible changes upward.  This has not occurred.

P2SH

P2SH chart

Source: P2SH.info

P2SH, or pay to script hash, is probably the most common method for securing bitcoins (or UTXOs) via multisig.  As shown in the two charts above, over the course of 2015 the percentage of existing bitcoins held in P2SH addresses increased from 6% to around 10% today.  Though over the past 5 months the amount has effectively plateaued.

According to marketing material, BitGo processes more than 50% of all P2SH transactions (more than all other service providers combined).  So this may also be an upward bound indicator of people who are savvy enough to secure their bitcoins via multisig (note: many custodial wallets such as Coinbase and Xapo purportedly secure certain layers of “cold wallets” via multisig and P2SH is just one method of doing so).

Multisig and Top Rich List

The chart above visualizes the percent of bitcoins owned by each address balance range.

As of block height 390,000 approximately 98.16% of all bitcoins reside on 513,648 addresses.  This is not to say there are only half a million bitcoin users on the planet, as some of the addresses are owned or controlled by multiple people (such as a custodial wallet or exchange).  But it is probably a pretty good proxy of on-chain users — users who actually control the private key and do not use an intermediary.

This is roughly twice as many on-chain users as twenty-one months ago (in April 2014) — at block height 295,000 — when I first started looking at this source.1

One interesting trend that ties in with the multisig window above is that at one point as recently as April 2014, none of the Top 500 addresses were using multisig.  But over the past year, as seen by the “3” prefix at the start of addresses, we can visibly see several dozen Top 500 addresses that now use multisig (note: some of the other addresses may use hardware wallets such as Trezor, Ledger or Case and not use multisig).

ATMs

bitcoin atm

Source: CoinATMRadar

I once heard a Bitcoin reporter tell me in the August 2014 that BitAccess was on track to be the first billion dollar Bitcoin company.  Whoops!

As we know empirically, the ATM industry in general is very low margin; companies make it up on volume which none of these startups have been able to thus far.  Despite the hype, over the past a grand total of 536 Bitcoin ATMs have been installed, roughly 275 per year.

For comparison, according to the ATM Association there are roughly 3 million ATMs globally.

Can’t this change in the future?   Perhaps, but recall that the average two-way (roundtrip) Bitcoin ATM fee is ~11% and there are only a handful located in emerging markets.  Why is the fee relatively high?  Because ATM owners are not operating charities and want to turn a profit.  If Bitcoin adoption truly was going gang busters you would expect this number to be growing exponentially and not linearly.

Bitcoin volatility

bitcoin volatility seriesAdmittedly this chart doesn’t have to deal with adoption.  There is no scientific correlation between the amount of usage or users of cryptocurrencies and the volatility of its trading pairs.

The reason I have included this is because in the Coinbase post above they state that bitcoin volatility is decreasing… relative to the Russian ruble and Brazilian real.  Yet from the volatility chart above, it is clear that volatility has not really decreased.  The BTC/USD volatility may be less than what it was in 2012, but on any given day it is still 10x more volatile than CNY/USD and 6x more volatile than USD/EUR — trading pairs that represent the real lionshare of global economic activity.

VC Funding

vc funding

Source: btcuestion / Coindesk

The chart above was created by user “btcuestion” and is based on data in the Coindesk venture investment spreadsheet.  It is a month by month bar chart over the course of the past two years.

What it shows is that VC investment in cryptocurrency-related startups peaked in Q1 2015.  Yet, the bulk of the Q1 investments came from the 21inc announcement which itself was an aggregation of its previous rounds that had taken place over the previous 18 months.  So funding may have actually peaked in Q4 2014.2

What this probably illustrates is that aside from a couple of permabull investors (such as Boost and Pantera), most serious venture capital has decided to wait and see how the dust settles before investing anything in this space.  Why?  Basically there has been no product market fit and few viable business models.3  Sure there has been a lot of publicity, but as Kevin Collier recently explored, there does not appear to be any permanent impact of say: Bitpay sponsoring a college bowl game last year.4

Bitwage activity

user signups

Source: Bitwage

payroll volume

Source: Bitwage

The two charts above both come from Bitwage, a startup that converts payrolls into bitcoins.  Ignoring the drop-off in January 2016 (it is the beginning of a new month), for most of 2015 there were roughly 200-300 new user signups each month and about $250,000 in salaries converted as well.

Again, this is not to say that Bitwage’s service is not useful, rather that if there was increased bitcoin growth and adoption, then one proxy could be through payroll conversion.  However, as shown above, growth is linear not exponential.

Blockchain.info wallets

Above is a 2-year, nearly linear line chart from Blockchain.info depicting the “My Wallet” Number of Users.  It bears mentioning that many people still use Blockchain.info wallets like a “temporary” wallet (or burner wallet) for coin mixing, yet despite the rapid creation rate for this purpose even if we look just at the last 6 months, it is not close to being exponential.

Hash rate

But what about hash rate?  It has continually gone up and to the right the last few months, surely this is an indicator of mass adoption?

All hash rate is measuring is the amount of work being generated by an unknown amount of computers (typically ASICs) somewhere on the planet.  Hash rate typically rises when the price of bitcoins rise and falls when the price of bitcoins fall (see Appendix B).  Since prices have nearly doubled over the past four months then it stands to reason that hash rate would correspondingly increase as hashing farms deploy new capital.5

Unless each site is inspected, it’s difficult to tell if there are more hashing farms and equipment and therefore “more users.”  However, what we do know is that there are roughly the same amount of pools today (~20) as there were three years ago.6

Counterparty

counterparty transactions

Source: Blockscan

Counterparty is an embedded consensus system (see section 1): an asset issuance platform that effectively staples itself onto the Bitcoin blockchain.

As shown above, on a given day roughly 500-1000 transactions take place through the platform.  According to Laurent MT, the spikes may be related to the weekly distribution of LTBCoins.  And again, despite turnkey services and vending machines such as Tokenly and CoinDaddy (and CounterpartyChain), overall growth on the ECS has effectively plateaued over the past year.

Conclusion

Bitcoin is a solution and service provider for those who hold bitcoins.  Despite the fanfare, the conferences and the perpetual feel-good op-eds in Techcrunch, the only people who seem to use it regularly seven years later are a niche demographic group: young, white, tech-savvy men in North America and Western Europe.  Many of whom have access to multiple other payment networks and asset classes for investment.

As a result, it is probably not a surprise that instead of using bitcoins to pay for coffee on-chain each day, most private key owners prefer to “hodl” or use intermediaries.  This may make sense for those with low time preferences, but it shouldn’t then come as a surprise that there are few, if any metrics that show wide-scale adoption beyond this core demographic.  Will this change in 2016 or will the “great pivot” continue?

  1. Spam and dust (such as “tips”) likely represents the remaining 1.84% of all bitcoins (located on 99% of all addresses). []
  2. Funding has instead switched over to the fledgling non-cryptocurrency distributed ledger industry. []
  3. Anecdotally, it appears that Coins.ph, BitX and Align Commerce have each gained actual traction in their respective regions. []
  4. Stephen Pair provided a new chart for Forbes which purportedly shows a large uptick in transactions processed.  This “surge” occurred during the same month as Bitcoin Black Friday and should be looked at again in the following months to see if it was a one-off event. []
  5. There are also stories of new chips supposedly being deployed.  In practice hashing farms do the Red Queen race: replace a machine… with another machine that uses the same amount of energy. []
  6. The claim that 21inc or other mining chip manufacturers will “redecentralize mining” is a misnomer.  Mining and hashing are not the same thing.  Unless a hashing operator also runs a fully validating node, then they are part of the outsourcing process.  More people may be hashing as part of the 21inc botnet, but not mining (mining is defined as selecting transactions to include in blocks; hashers do not do this activity, pools do). []
Send to Kindle