Predictions for 2018

As mentioned in my previous post, below are five thoughts for what could take place in 2018, categorized by degree of likelihood: most likely –> least likely.

(1) Continued mania

The euphoria around cryptocurrencies and ICOs continues due almost entirely because of retail sentiment, not just because of institutional action.  Every valuation model that has been proposed to gauge what the price of a certain coin will be, fails almost entirely because of the inability to model sentiment.  Contra Chris Burniske (note: he did not really disclose that he owned bitcoins while covering cryptocurrencies as an analyst), there are no ‘fundamentals’ to nearly any coin, in fact, many of the “top” coins don’t even do what they claim to do.

Want proof?  Look at the most talked about ICOs and altcoins and airdrops that were created in 2013-2014.  How many of them have actually delivered what they marketed?  Basically none.  Yet, if they are still listed on an exchange, odds are they are trading at near all-time highs because retail investors really don’t care about functionality or utility: they want narratives that paint pictures of Moonlambos in their near future.

This phenomenon is best described as “coin nihilism”:

Source: Twitter

So as long as there is free-entry to create and market a cryptocurrency to the masses, coin domination (who is the king of the castle) will be fluid.  The only entities capable of changing that is law enforcement via coordinated regulatory action (e.g., debanking of exchanges due to regulatory guidance).1

Or as one of my OTC trader friends recently remarked:

“This is why crypto is doomed for pump and dump because the market can’t react to increased demand with more supply. So if interest fades you just keep getting clobbered with new supply like 2014 redux.”

When you have free-entry and no gatekeepers when it comes to creating money supply, people will just create a new coin as it always has more financial upside.

Besides governments, what else could stop the pump train?  Hackers seem focused on low-hanging fruit – no one bothers to actually attack technical weaknesses in a blockchain.  “Early adopters,” old guard (OG) whales cashing out faster than demand can absorb the coin supply may be the only other large counterbalance to the mania.2

(2) Lawsuits

Both criminal and civil lawsuits will continue to be filed against issuers and developers of both cryptocurrencies and ICOs.  On the criminal side, the wrinkle will be that it will not just be securities and/or commodities regulators.  Law enforcement agencies involved with monitoring money transmission (such as FinCEN and FINTRAC) will announce more than one criminal suit against developers who either enabled money laundering to take place on their platforms and/or failed to comply with some other area of BSA (or other regional equivalent).3

Rather than go through the laundry list of all the areas for regulatory and law enforcement action, check out (attorney) Christine Duhaime’s explanation.

With that said, while a case could be made that entities like Bitcoin Core – and its vocal surrogates – behave a lot like administrators, there are few indications that the any development team will be sued right now.

(3) Pumpers and VCs are going to pump and won’t be held accountable

Pretty much the most popular twitter personalities nowadays are the shills and pumpers who benefits from one anothers antics.  It’s a non-stop contest to see who can say the most outrageous things about what cryptocurrencies will do to the world.  The winner gets to cash out on a secondary market and buy a Swiss resort. The loser who said Junkcoin would only jump 10x instead of 100x also gets to cash out and retire in the Hamptons.

Will bagholding be a line on a resume?4

Nope.  Few if any of these personalities will be debunked let alone dragged to court.  Consider this well-crafted title from Bloomberg last month: “The Hottest ICOs Are the Ones That Have Done the Least Amount of Work.”

How many of the most egregious examples of investors and advisors that promoted these will be held accountable?  Probably very few even though the SEC put out a press release specifically around the promotion of ICOs… we still regularly see ads for ICOs on social media (e.g., “general solicitation”).

For those hoping that techbros and their apologists will be held accountable, this is probably not that year.  This includes lobbying groups involved in disinformation campaigns for their own ideological purposes.

(4) Enterprise-related DLT efforts generate recurring enterprise license-based revenue

If we were to aggregate the amount of revenue generated by enterprise-focused DLT vendors, based on the known RFPs that were won last year and are currently being bid on, I’d guesstimate that about $100 – $200 million is at play this year.  This is based on the fact that most RFPs seem to be for less than $10 million.  It’ll take at least 6-12 months to build an MVP and then even longer to get approval for additional phases.

As mentioned in my previous post: unfortunately our sample size of big infrastructure builds on the enterprise side is still limited.  Examples include the the DA / ASX deal (which took 2 years for a final decision to be made).  Another large one is the DTC trade, the vendor of which is IBM.  If built and put into production, these will eventually recoup costs but the bigger revenue will likely come from actual enterprise-licenses: seats to use the network.

For an inside perspective, I reached out to one of my close friends working at a DLT vendor who provided the following view:

This year’s revenue is one thing. There is also recurring revenue (run vs build).  There is also the fact that last year some/many deals were “bought” for marketing and credential building purposes (so they are subsidized).  But I think this year suppliers are less willing to buy the business and bid low on price. We (the industry) could be in steady state production by year end for some implementations.  I think $100-200m is broadly right for revenue to play for this year.

His estimate included Q/A support and SLAs.

I also would predict that, just like last year, there will be very few new enterprise-focused vendors entering the market from the early stage startup world.  And that enterprise vendors struggle as a whole to attract and retain junior developers because they have to compete with cryptocurrency-related projects that may provide higher compensation during this bull market.

(5) Cryptocurrencies as financial market infrastructure

I think this is the least likely theme to occur this – and we should thank the gods – is using a cryptocurrency (anarchic) chain as FMI.  Despite the mud that coin lobbyists and evangelists throw at enterprise-focused DLT vendors, cryptocurrency networks are systemic risks to the financial world and should be avoided at this time.

It is one thing to have a coin bubble driven by unsophisticated retail investors.  It is another to have a coin bubble because of leverage and integration with some real financial instruments.  And it is another to have a coin bubble – and the mission critical systems of the world’s financial intermediaries – directly impacted by these coin fluctuations and not be able to hold any of the validating nodes accountable… because they are pseudonymous miners in a jurisdiction that doesn’t recognize the standing of a foreign lawsuit.

If you are reading this, you are probably not terribly sympathetic to anyone who loses their shirt at this time for buying some random coin.  On the other hand, you would be justified if you are worried that a national payment or securities depository is being run on top of Bitcoin via some kind of colored coin Rube Goldberg system.  Reducing systemic risks to the financial world has been a top priority of financial regulators since 2008.

At the time of this writing, none of the existing cryptocurrencies being built seems to have gone through or respects a PFMI check-off.  Or maybe that is a risk regulators and regulated financial institutions will be willing to take?

Final remarks

As a friend recently said, with cryptocurrencies you always have to expect the unexpected.  People are quick to forget the bear market of 2014-2015.  Will the irrational exuberance die down once most of these cryptocurrency and ICO projects fail to deliver on their promises?  Maybe not, but then again, check out the coin rankings over time on these four charts.

I am actually kind of optimistic for new ideas being tested out in certain ecosystems, like Ethereum (note: this is not an endorsement of Ethereum or ETH/ETC).  Now that proof-of-stake, via Casper, is being brought out of the lab and onto a testnet, we might be able to scratch off the environmental impact issue that is a blight on proof-of-work networks.  CryptoKitties, via ERC721, is a neat demonstration of how to potentially create non-fungible property (assuming courts recognize it as such).  I have been giving this some thought on other areas that this could be reused and commercialized.  Note: there is an entire, virtual zoo of copy cats that has now arrived, including puppies and other animals.

What do you think, will heads begin to roll as law enforcement learns what shenanigans are going on?  Will an ETF-based on bitcoin futures be approved?  It seems likely that the CME and CBOE will add futures trading for ether, what about other coins? Coinbase and several other former bitcoin-only exchanges have already announced that they will add more altcoins and everybody is guessing which one will be next.  Will 2018 be a repeat of 2014 with altcoin mania again dominating mindshare?

Endnotes

  1. One reviewer who works at an OTC desk commented: “Almost all of the OTC trading counterparties and exchange we have use just a couple banks.  It would be trivial to cut the spigot off overnight.  Also if I’m a regulator and want to go after the toxic sludge flowing through the fiat side of this world I hit one of these banks that provides the liquidity.” []
  2. One trader at an OTC desk commented that: “Real institutional liquidity, beyond what we have now, would help. I’d argue part of the reason why things get so out of hand so fast is because the market infrastructure isn’t there to handle it correctly.” []
  3. One reviewer at an exchange commented: “I think regulatory scrutiny is actually gonna land next year from CFTC and SEC in a real way.  The CFTC in particular has a duty now to police spot, wait till we get the first settlement of CME or CBOE where someone intentionally puts the auction in the tank or DoS’s the exchanges.” []
  4. Most traders only brag about their winning trades, not their losses. []
Send to Kindle

Six bedtime stories from 2017

[Note: I neither own nor have any trading position on any cryptocurrency.  I was not compensated by any party to write this.  The views expressed below are solely my own and do not necessarily represent the views of my employer or any organization I advise.  See Post Oak Labs for more information.]

2017 taught us many things, including the fact that no one reads (or writes) or pays for long-form content any more.  Even with lovable memes and animated gifs, keeping an audience’s attention is hard.

Already too distracted to read further?  How about a quick video from JP Sears on how to appropriately Bitcoin Shame your friends and family:

The other takeaway for 2017 is that, if in doubt, open up hundreds of social media accounts and shill your way to riches.  The worst thing that could happen is no one buys your coin.  The best thing that happens is that someone buys your coin and you can then convert the coin into real money, retire, and act like you are super-wise thought leader with oodles of entrepreneurial and investing experience.

Some other stories with revisiting from the past year:

(1) “Legitimization”

If we were being intellectually honest we would say that the only goal post anyone cared about this year was that the price of cryptocurrencies, as measured in real money, and how high they soared.1 And that the main reason this occurred is because Bob knew Alice and Carol were both going to buy a lot of say, bitcoin, thereby pushing up the price, so he did too.  The Economist called it “the greater fool theory.”  But The Economist are great fools for not buying in at $1, so let’s ignore them.

Basically none of the feel-good goals about lowering remittance fees or increasing financial inclusion promoted in previous years by enthusiasts have really materialized.  In fact, at-risk users and buyers in developing economies probably got screwed on the ICO bandwagon as insiders and sophisticated investors who were given privileged early access to pre-sales, dumped the coins on secondary markets and hoi polloi ended up holding the bag on dozens of quarter-baked ICOs.2

Oh, but transaction fees for Bitcoin are at all-time highs, that’s a real milestone right?

There are many reasons for this, including the fact that Bitcoin Core’s scaling roadmap has thus far failed to achieve its advertised deadlines (see section 5 below).3 Maybe that will change at some point.

Shouldn’t higher fees be a cause for celebration with “champaign” (sic)? 4

Some Bitcoin Core representatives and surrogates have created an ever expanding bingo card of scapegoats and bogeymen for why fees have gone up, ranging from:

  • blaming Roger Ver and Jihan Wu as demonic-fueled enemies of Bitcoin
  • to labeling large chunks of transactions as ‘spam attacks’ from nefarious Lizard-led governments5
  • to flat out bitcoinsplaining: higher fees is what to expect when mass adoption takes place!

I’m sure you’ll be on their bingo card at some point too.

Just like Visa and other widely used payment network operators charge higher and higher rates as more and more users join on… oh they don’t.6 But that’s because they censor your freedom loving transactions!  Right?

So what’s the interim solution during this era of higher fees?  Need to send a bitcoin payment to someone?

You know how supermarkets used to hold items on layaway?  They still do, but it’s not as common to use, hence why you googled the term.  Well, in light of high fees, some Bitcoin Core developers are publicly advising people to open up a “tab” with the merchant.  You know, just like you do with your favorite local bartender.

Fun fact: the original title of the Satoshi whitepaper was, Bitcoin: a peer-to-peer electronic layaway system.

This faux comparison didn’t age well.  In 2014 this was supposed to be a parody. (Source)

For example, the ad above was promoted far and wide by Bitcoin enthusiasts, including Andreas Antonopoulos who still tries to throw sand in Western Union’s eye.  Seriously, watch the linked video in which Antonopoulos claims that Bitcoin will somehow help the poor masses save money such that they can now invest in and acquire clean water.  It’s cringe worthy.  Did Bitcoin, or Bitcoin-related businesses, actually do any of the things he predicted?  Beyond a few one-time efforts, not really.7 Never mind tangible outcomes, full steam ahead on the “save the world” narrative!

Many enthusiasts fail to incorporate in their cartoonish models: that the remittance and cross border payment markets have a set of inflexible costs that have led the price structure to look the way it does today, and a portion of those costs, like compliance, have nothing to do with the costs of transacting.8  There may be a way of reducing those costs, but it is disingenuous (and arguably unethical) to pull on the heart strings of those living on subsistence in order to promote your wares.9

Rather than repeat myself, check out the break down I provided on the same Western Union example back in 2014.  Or better yet, look at the frequently updated post from Save on Send, who has the best analysis bar none on the topic.

Back to loathing about ‘adoption’ numbers: few people were interested in actual usage beyond arbitrage opportunities and we know this because no one writes or publishes usage numbers anymore.10 I’ll likely have a new post on this topic next quarter but for a quick teaser: BitPay, like usual, still puts out headline numbers of “328% growth” but doesn’t say what the original 2016 baseline volume was in order to get the new number today.

I don’t strive to pick on BitPay (to be fair they’re like the only guys to actually publish something) but unfortunately for them, the market still has not moved their way: Steam recently dropped support for Bitcoin payments and a Morgan Stanley research note (below) showed that acceptance from top 500 eCommerce merchants dropped from 5 in 2016 to 3 in 2017.11

“This is possibly the saddest bitcoin chart ever” – BI. Source: Morgan Stanley

Due to a lack of relevant animated gifs, a full break down on the topic wouldn’t fit in this article.  But just a quick note, there were a number of startups that moved decisively away from their original stated business case of remittances and instead in to B2B plays (BitPesa, Bitspark) or to wallets (Abra). 12  These would be worth revisiting in a future article.13

So what does this all have to do with “legitimization”?

If you haven’t seen the Godfather trilogy, it’s worth doing so during or after the holiday break.14

This year we have collectively witnessed the techbro re-enactment of Godfather: Part 3 with the seeming legitimization of online bucket shops and dodgy casinos, aka cryptocurrency intermediaries, you wouldn’t talk about in polite company.

All of the worst elements of society, like darknet market operators, hate groups, and malware developers, effectively got eff you money and a cleansing mainstream “exit” courtesy of financial institutions coming in and regulators overwhelmed by all of the noise.15  Just like in No Country for Old Men, the bad guy(s) sometimes win.  This isn’t the end of that story but the takeaway for entrepreneurs and retail investors: don’t work or build anything. Just shill for coins on social media morning, noon, and night.

(2) Red Scares

I am old enough to remember back in 2013 when Bitcoin “thought leaders” welcomed Chinese Bitcoin users.  In late 2013, during the second bull run of that year, there were frequent reddit threads about how mainland Chinese could use Bitcoin to route around censorship and all the other common civil libertarian tropes.

Guess what happened?  On December 5th, 2013, the People’s Bank of China and four other ministries issued guidance which restricted activities that domestic banks could do with cryptocurrencies, thereby putting spot exchanges in a bit of a bind, causing panic and subsequently a market crash.  Within days there were multiple “blame China” threads and memes that still persist to this day.  Case in point: this thread titled, “Dear China” which had Mr. Bean flipping off people in cars, was voted to the top of /r/bitcoin within a couple months of the government guidance.  Classy.

As I detailed in a previous post, earlier in the autumn, several state organs in China finally closed down the spot exchanges, which in retrospect, was probably a good decision because of the enormous amounts of scams and deception going on while no one in the community was policing itself.16 In fact, some of the culprits that led Chinese exchanges into the dishonesty abyss are still around, only now they’re working for other high-profile Bitcoin companies. 17  Big surprise!

For example, Reuters did an investigation into some of the mainland exchanges this past September, prior to the closure of the spot exchanges.  They singled out BTCC (formerly BTC China) as having a checkered past:

Internal customer records reviewed by Reuters from the BTCChina exchange, which has an office in Shanghai but is stopping trading at the end of this month, show that in the fall of 2015, 63 customers said they were from Iran and another nine said they were from North Korea – countries under U.S. sanctions.

It’s unclear how much volume BTCC processed on behalf of North Koreans, one former employee says the volumes were definitely not zero.18 These were primarily North Koreans working in China, some in Dandong (right across the border).

For perspective: North Korea has been accused of masterminding the WannaCry ransomware attack and also attacking several South Korea exchanges to the tune of around $7 million this year.  Sanctions are serious business, check out the US Department of Treasury resource center to learn more.19

Isn’t China the root of all problems in Bitcoinland?

Source: Twitter

The sensationalism (above) is factually untrue yet look how many people retweeted and liked the quickly debunked conspiracy theory.  It’s almost as if, in the current mania, no one cares about facts.

As Hitchens might say: that which can be asserted without evidence, can be dismissed without evidence.  So to are the conspiracies around Bitcoin in China:

  • Is the Chinese government nationalizing Bitcoin?  No.
  • Is the Chinese government responsible for Bitcoin Cash.  No.
  • Is the Chinese government behind the rise in CryptoKitties. No.

In this bull market it is unclear why Paul has to resort to PR stunts, like making fearmongering tweets or opening a strike/call option at LedgerX with the bet that bitcoin will be worth $50,000 next year.20 There are many other ways to better utilize this capital: rethink investing in funds run by managers who are not only factually wrong but who spread fake rumors around serious issues like nationalization.

For instance, I don’t normally publicly write about who I meet, but this past July, while visiting Beijing I sat down with about a dozen members of their ‘Digital Money‘ team (part of the People’s Bank of China group involved in exploring and researching blockchain-related topics). 21 They had already spoken with my then-current employer as well as many other teams and companies (apparently the Zcash team saw them the very next day). While I don’t want to be perceived as endorsing their views, based on my in-depth discussion that day, this Digital Money team had clearly done their homework and heard from all corners of the entire blockchain ecosystem, both cryptocurrency advocates and enterprise vendors. They were interested in the underlying tech: how could the big umbrella of blockchain-related technology improve their financial market infrastructure?

Look at it another way: the Chinese government (or any government for that matter) has no need to nationalize Bitcoin, what value would it bring to them?  It would just be a cost center for them as miners don’t run for free.22  In contrast, their e-RMB team, based out of Shenzhen, has been experimenting with forks/clones of Ethereum.  This is public information.

But what about Jihan and Bitmain?  Aren’t they out to kill Bitcoin?

I can’t speak on his intentions but consider this: as a miner who manufacturers and sells SHA256 hardware that can be used by both Bitcoin and Bitcoin Cash (as well as any SHA256 proof-of-work coin), Bitmain benefits from repeat business and satisfied customers.  It is now clear that the earlier Antbleed campaign effort to demonize Bitmain was a massive PR effort to create a loss of confidence in Bitmain as it was promoted by several well known Bitcoin Core supporters and surrogates to punish Bitmain for its support for an alternative Bitcoin scaling roadmap and client.  In fact, as of this day, no one has brought forth actual evidence beyond hearsay, that covert ASICBoost is/was taking place.  Maybe they did, but you’d need to prove this with evidence.

Speaking of PR campaigns and mining…

(3a) Energy usage / mining

Over the past two months there have probably been more than a dozen articles whitewashing proof-of-work mining energy consumption numbers.  Coin Center, a lobbying group straight out of Thank You for Smoking, has its meme team out on continuous social media patrols trying to conduct damage control: no one must learn that Bitcoin mining isn’t free or that it actually consumes resources!

Source: Twitter

The title of the article above is complete clickbait BS.  Empirically proof-of-work mining is driving miners to find regions of the world that have a good combination of factors including: low taxes, low wages, low energy costs, quick time-to-market access (e.g., being able to buy and install new hashing equipment), reliable energy, reliable internet access, and low political turmoil (aka stability).23  Environmental impact and “clean energy” are talking points that Van Valkenburgh allege, but don’t really prove beyond one token “we moved to renewables!” story.  The next time Coin Center pushes this agenda item, be sure to just ask for evidence from miners directly.24.

Another example is in a recent Bloomberg View column from Elaine Ou (note: the previous company that she co-founded was shut down by the SEC).  She wrote:

Digital currency is wasteful by design. Bitcoin “miners,” who process transactions in return for new currency, must race to solve extremely difficult cryptographic puzzles. This computational burden helps keep the transaction record secure — by raising the bar for anyone who would want to tamper with it –- but also requires miners to build giant farms of servers that consume vast amounts of energy. The more valuable bitcoin becomes, the more miners are willing to spend on equipment and electricity.

Mining a proof-of-work coin (such as Bitcoin) can only be as ‘cheap‘ or ‘efficient’ as the block reward is worth. As the market price of a coin increases so too does the capital expended by miners chasing seigniorage.  This, we both agree on.

In the long run, proof-of-work miners will invest and consume capital up to the threshold in which the marginal costs of mining (e.g., land, labor, electricity, taxes, etc.) roughly equals the marginal revenue they receive from converting the bitcoins into foreign currency (aka real money) to pay those same costs.  This, we also both agree on.

What Ou makes a mistake on is in her first sentence: digital currencies are not all wasteful, only the proof-of-work variety are.  Digital currency != cryptocurrency.25

I know, I know, all other digital currencies that are not proof-of-work are crap coins and those who make them are pearl-clutching morons.  Contra Ou and Coin Center, it is possible for central banks, and even commercial banks, to issue their own digital currency — and they could do so without using resource intensive proof-of-work.26  The Bank of International Settlements recently published a good paper on the various CBDC models out there, well worth a read.  And good news: no mountains of coal are probably used in the CBDC issuance and redemption process.27

Back to proof-of-work coins: a hypothetically stable $1 million bitcoin will result in a world in which miners as a whole expend up to $1 million in capital to mine.  If the network ever became cheaper to operate it would also mean it is cheaper to permanently fork the network.  You can’t have both a relatively high value proof-of-work coin and a simultaneously non-resource intensive network.

While it is debatable as to whether or not Bitcoin mining is wasteful or not, it empirically does consume real resources beyond the costs of energy and the externalization of pollution onto the environment.  The unseen costs of hash generation for a $20,000 bitcoin is at least $13 billion in capital over a year that miners will eventually consume in their rent-seeking race albeit from a combination of resources.

Data source: BitInfoCharts

I quickly made the chart (above) to illustrate this revenue (or costs depending on the point of view).28 These are the eight largest proof-of-work-based cryptocurrencies as measured by real money market prices.

There are a few caveats: (1) some of the block rewards adjust more frequently than others (like XMR); (2) some of the coins have relatively low transaction fees which equates to negligible revenue so they were not included; (3) the month of December has seen some very high transaction fees that may or may not continue into 2018; (4) because block generation for some of these is based on an inhomogeneous Poisson process, blocks may come quicker than what was supposed to be “average.”

How to interpret the table?

The all-time high price for Bitcoin was nearly $20,000 per coin this year.  If in the future, that price held stable and persisted over an entire year, miners would receive about $13 billion in block rewards alone (not including transaction fees).  Empirically we know that miners will deploy and consume capital up to the point where the marginal costs equals the marginal value of the coin.29  So while there are miners with large operating margins right now, those margins will be eaten up such that about $13 billion will eventually be deployed to chase and capture those rewards.  Consequently, if all 8 of these proof-of-work coins saw their ATH extended through 2018, ceteris paribus, miners would collectively earn about $32.6 billion in revenue (including some fees).

There are a variety of sites that attempt to gauge what the energy consumption is to support the network hashrate.  Perhaps the most frequently cited is Digiconomist.  But Bitcoin maximalists don’t like that site, so let’s put together an estimate they cannot deny (yes, there are climate change denialists in the cryptocurrency world).

For the month of December, the network hashrate for Bitcoin hovered around 13.5 exahash/second or 13.5 million terahash/second (TH/s).

To get a lowerbound on how many hash-generating machines are being used, let’s look at a product called the S9 from Bitmain.  It is considered to be the most “efficient” off-the-shelf product that public consumers can order in volume.30 This mining unit generates around 13.5 TH/s.

So, if we were to magically wave our hands and replace all of the current crop of Bitcoin mining machines into the most efficient off-the-shelf product, we’d need about 1 million of these to be manufactured, shipped, installed, and maintained in order to generate the equivalent hashrate that the Bitcoin network has today.  Multiply 1 million S9’s times the amount of energy individually used by a S9 and you’d get a realistic lowerbound energy usage for the network today.31

Note: this doesn’t factor in land prices, energy costs, wages for employees, building the electrical infrastructure (e.g., installing transformers), and many other line items that are unseen in the chart above.  It also doesn’t include the most important factor: as more mining hashrate is added and the difficulty rating adjust upward, it dilutes the existing labor force (e.g., your mining unit does not improve or become more productive over time).

(3b) Energy usage upperbound

So what are the upperbound costs?

Source: Twitter

The tweet above is not a rare occurrence.  If you are reading this, you probably know someone who tried to mine a cryptocurrency from an office computer or maybe their computer was the victim of ransomware.

You may not think of much of the externalization and socialization of equipment degradation that is taking place, but because mining is a resource intensive process, the machines used for that purpose depreciate far faster than those with normal office usage.32  To date, no one has done a thorough analysis of just how many work-related computers have been on the receiving end of the mining process but we know that employees sometimes get caught, like the computer systems manager for the New York City Department of Education or the two IT staffers in Crimea.33

Even if miners eventually fully utilize renewable energy resources, most hash-generating machines currently deployed do not and will not next year.  These figures also do not factor in the fully validating nodes that each network has that run out of charity (people run them without any compensation) yet consume resources.  According to Bitnodes, Bitcoin has around 11,745 nodes online. According to EtherNodes, Ethereum has around 26,429 nodes online.

So is there an actual upperbound number?

There is, by dividing hashpower by cost and comparing to costs of various known processor types.  For instance, see this footnote for the math on how two trillion low-end laptop CPUs could be used.3435

Just looking at the hash-generating machines, according to Chen Min (a chip designer at Avalon Mining), as of early November, 5% of all transistors in the entire semiconductor industry is now used for cryptocurrency mining and that Ethereum mining alone is driving up DRAM prices.

This is not to say you should march in the streets demanding that miners should forgo the use of coal power plants and only use solar panels (which of course, require consumption of resources including semiconductors), there are after all, many other activities that are relatively wasteful.

But some Bitcoin and cryptocurrency enthusiasts are actively whitewashing the environmental impact of their anarchic systems and cannot empirically claim that their proof-of-work-based networks are any less wasteful or resource intensive than the traditional foreign capital markets they loathe.

In point of fact, while the traditional financial markets will continue to exist and grow without having to rely on cryptocurrencies for rationally pricing domestic economic activity, in 2018, as in years prior, Bitcoinland is still fully dependent on the stability of foreign economies providing liquidity and pricing data to the endogenous labor force of Bitcoin.  Specifically, I argue in a new article, that miners cannot calculate without using a foreign unit of account; that economic calculations on whether or not to deploy and consume capital for expanding mining operations can only be done with stable foreign currency.36

Keep in mind that cryptocurrencies such as Bitcoin only clear (not settle) just one coin (or token) whereas traditional financial markets manage, transact, clear and settle hundreds of different financial instruments each day. 37  For comparison, the Federal Reserve estimates that on any given day about 600 million payment, clearing, and settlement transactions take place in the US representing over $11 trillion in value.38  But this brings up a topic that is beyond the scope of this article.  Next section please.

(4) MIT’s Digital Currency Initiative

On the face of it, MIT’s DCI effort makes a lot of sense: one of the world’s most recognized institutions collaborating with cryptocurrency developers and projects worldwide.

But beneath the slick facade is a potential conflict of interest that has not been looked at by any media outlet.  Specifically, around its formal foray into building tools for central bank digital currency (CBDC).  Rob Ali, a well-respected lawyer turned research scientist (formerly with the Bank of England), was hired earlier this year by DCI to build and lead a team at MIT for the purpose of continuing the research he had started at the BoE.  This is no secret.

Less known is how this research has now morphed into a two-fold business:

  1. DCI charges central banks about $1 million a year to be a partner.39  What this allows the central bank to do is send staff to MIT and tap into its research capabilities.  This includes MIT representatives co-authoring a couple of papers each year focused on topics that the central bank is keen to explore.  Multiple central banks have written checks and are working together with DCI at this time.
  2. Building and licensing tools and modules to central banks and commercial banks.  DCI has hired several Bitcoin developers whom in turn have cloned/forked Bitcoin Core and Lightning.  Using this code as a foundation, DCI is building IP it aims to license to central banks who want to build and issue central bank digital currency.

Where is the conflict of interest?

DCI is housed within MIT’s Media Lab, whose current director is Joi Ito.  Ito is also the co-founder and director of Digital Garage.  Digital Garage is an investor in Blockstream and vocal advocate of Lightning; coincidentally Blockstream is building its own Lightning implementation. Having made several public comments in favor of Bitcoin Core’s hegemony, Ito also appears to be a critic of alternative blockchain implementations.

In looking at his publicly recorded events on this topic Ito does not appear to disclose that the organizations he co-runs and invests in, directly benefit from the marketing efforts that Bitcoin Core and Lightning receive.  Perhaps this is just miscommunication.

I’m all for competition in the platform and infrastructure space and think central bank digital currencies are legit (again check out this BIS paper) but this specific DCI for-profit business should probably be spun off into an independent company.  Why?  Because it would help reduce the perception that Ito – and others developers involved in it – benefits from these overlapping relationships.  After all, Bitcoin Core arguably has a disproportional political clout that his investment (Blockstream) potentially benefits from if/when Lightning goes into production.40 And again, this is not to say there shouldn’t be any private-public partnerships or corporate sponsorships of academic research or that researchers should be prohibited in investing in companies, rather just a recommendation for disclosure and clarity.

(5) Lightning Network

If you haven’t seen The Money Pit (with Tom Hanks), it is well worth it for one specific reason: the contractors and their staff who are renovating Hanks’ home keep telling Hanks that it will be ready in two weeks.

And after those two weeks are over, Hanks is informed yet again that it will be ready in another two weeks.

The Lightning Network, as a concept, was first announced via a draft paper in February 2015. Its authors, Tadge Dryja and Joseph Poon, had initially sketched out some of the original ideas at their previous employer Vaurum (now called Mirror).

Lightning, as it is typically called, is commonly used in the same breath as “the scaling solution,” a silver bullet answer to the current transactional limitations on the Bitcoin network.41 Nearly three years later, after enormous hype and some progress, a decentralized routing version still has not gone into production.  Maybe it will eventually but not one of its multiple implementations is quite ready today unless you want to use a centralized hub.42  Strangely, some of the terminology that its advocates frequently use, “Layer 2 for settlement,” is borderline hokum and probably has not been actually vetted to see if it fulfills the requirements for real “settlement finality.”43

And like multiple other fintech infrastructure projects, some of its advocates repeatedly said it would be ready in less than 6 months, several times.  For instance:

  • On October 7, 2015, Pete Rizzo interviewed multiple developers including Tadge Dryja and Joseph Poon regarding Lightning.  Rizzo wrote that: “In interview, Dryja and Poon suggested that, despite assertions project development could take years, Lightning could take as little as six months to be ready for launch.”
  • On April 5, 2016, Kyle Torpey interviewed Joseph Poon regarding expected time lines, stating that: “Lightning Network co-creator Joseph Poon recently supplied some comments to CoinJournal in regards to the current status of the project and when it will be available for general use. Poon claimed a functional version of the Lightning Network should be ready this summer.”
  • A month later, on May 5, 2016, Kyle Torpey interviewed Adam Back regarding his roadmap.  Torpey wrote that: “While all of these improvements are being implemented on Bitcoin’s base layer, various layer-2 solutions, such as the Lightning Network, can also happen in parallel. The Lightning Network only needs CHECKSEQUENCYVERIFY (along with two other related BIPs) and Segregated Witness to be accepted by the network before it can become a reality on top of the main Bitcoin blockchain.”
  • On November 12, 2016, Alyssa Hertig interviewed several developers including Pierre-Marie Padiou, CEO of ACINQ, one of the startups trying to building a Ligthning implementation.  According to Padiou: “The only blocker for a live Lightning implementation is SegWit. It’s not sure how or when it will activate, but if SegWit does activate, there is no technical thing that would prevent Lightning from working.”

Segregated Witness (SegWit) was activated on August 24, 2017.  More than four months later, Lightning is still not in production without the use of hubs.

Source: Twitter

Not to belabor the point, just this past week, one of the executives at Lightning Labs (which is building one of the implementations) was interviewed on Bloomberg but wasn’t asked about their prior rosy predictions for release dates.  To be fair, there is only so much they could cover in a six minutes allocation.

“Building rock solid infrastructure is hard,” is a common retort.

Who could have guessed it would take longer than 6 months?  Yes, for regular readers of my blog, I have routinely pointed out for several years that architecting and deploying financial market infrastructure (FMI) is a time consuming, laborious undertaking which has now washed out more than a handful of startups attempting to build “enterprise” blockchains.

For example, Lightning as a concept predates nearly every single enterprise-focused DLT vendor’s existence.  While not an equal comparison (they are trying to achieve different goals), there are probably ~5 enterprise-focused, ‘permissioned’ platforms that are now being used in mature pilots with real institutional customers and a couple could flip the “production” button on in the next quarter or so.4445

For what it is worth, enterprise DLT vendors as a whole did a very poor job managing expectations the past couple of years (which I mentioned in a recent interview).  And they certainly had their own PR campaigns during the past couple of years too, there is no denying that.  Someone should measure and quantify the amount of mentions on social media and news stories covering enterprise vendors and proposals like Lightning.46

Better late than never, right?  So what about missed time frames?

In a recent (unscientific) poll I did via Twitter (the most scientific voting platform ever!) found that of the more than 1,600 voters, 81% of respondents thought that relatively inexpensive anonymous Lightning usage won’t really be good to go for at least 6+ months.

Just as Adam Back proposed a moratorium on nebulous “contention” for six months (beginning in August), I propose a moratorium on using the term “Lightning” as a trump card until it is actually live and works without relying on hubs.  But don’t expect to see the crescendo of noise (and some signal) to die down in the meantime, especially once exchanges and wallets begin to demonstrate centralized, MSB-licensed implementations.47

With that suggestion, I can see it now: all of the Lightning supporters flaming me in unison on Twitter for not being a vocal advocate.  Sure beats shipping code!  To be even handed, Lightning’s collective PR effort was just one of many others (hello sofachains!) that could be scrutinized.  A future post could look at all funded infrastructure-related efforts to improve cryptocurrency networks.  Which ones, if any, showed much progress in 2017. 48

Interested in reading more contrarian views on the Lightning Network?  See Gerard and Stolfi (and Stolfi2x) (and Stolfi3x).  Let’s revisit in 6 months to see what has been launched and is in production.

(6) Objective reporting and analysis

Without sugar coating it: with the exception of a few stories, coin media not only dropped the ball on critically, objectively covering ICO mania this past year, but was largely complicit in its mostly corrupt rise.  This includes The Information, which is usually stellar, but seems to have fallen in the tank with the ICO pumpers.  That is, unless you’re a fake advisor and then they’ve got your number.

It took some time, but eventually mainstream and a few not-so-mainstream coverage has brought a much needed spotlight on some of the shady actions that took place this year. There were also a number of good papers from lawyers and academics published throughout 2017.

Your holiday reading list in no particular order:

One of my favorite articles this year should be yours too:

Just a few short months after Stephen Palley published the article above, a lawsuit occurred in which, surprise surprise, the plaintiffs highlighted specific claims in the white paper:

Source: Twitter

Note: that the SEC’s order against the Munchee ICO also relied on highlighting specific claims in the white paper.

Concluding remarks

Unfortunately 2017 will probably go down as the year in which several generations of nerds turned into day-trading schmucks, with colorful technical charts and all.50 This included even adopting religious slogans like:  Buy the dip!  Weakhands!  HODL!  We are the new 1%!  The dollar is crashing!  It’s not a bubble, it’s an adoption curve!

A few parting bits of advice: unfollow anyone that says this time things are different or the laws of economics have changed or calls themselves a “cryptolawyer” or who previously got shutdown by the SEC or who doesn’t have a LinkedIn page.  Rethink donating or investing funds to anyone who makes up rumors about mining nationalization or who was fired for gambling problems or has a communications team solely dedicated to designing memes for Twitter.51

Cryptocurrencies aren’t inherently bad and ideas like ERC721 are even cool.52 But as neat as some of the tech ideas may be, magic internet coins sure as heck continue to attract a lot of Scumbag Steves who are enabled by participants that have turned a blind eye.  It’s all good though, because everyone will somehow get a Moonlambo after the final boss is beaten, right?

Coda

I will have a separate post discussing predictions for 2018 but since we are reflecting on 2017, below are a few other areas worth looking into now that you’re a paper zillionare:

  • We have real empirical observation of hyperdeflation occurring: in which it is more rational to hoard the coin instead of spend it.  As a result, Bitcoin-focused companies that have accumulated bitcoin are still raising capital from external financial markets denominated in foreign currency instead of deploying (consuming) their own bitcoin. And these same startups are receiving valuations measured, not in terms of bitcoin, but in terms of a foreign unit of account.  What would change this trend?
  • Bitcoinland, with its heavy concentration of wealth, looks a lot like a feudal agrarian economy completely dependent on other countries and external financial markets in order to rationally deploy capital and do any economic calculation. Is there a way to build a dynamically adjustable cryptocurrency that does not rely on foreign capital or foreign reference rates?
  • How much proof-of-work related pollution has been externalized and socialized on the public at large due to subsidies in various regions like Venezuela?  What are the effects, if any, on global energy markets?
  • As traditional financial markets add products and solutions with direct ties to cryptocurrencies (futures, options, payments, custody), by the end of 2018 how much of the transactional activity on Bitcoin’s edges will be based on non-traditional financial markets (e.g., LocalBitcoins)?
  • There were a lot of publicity stunts this year.  Working backwards chronologically, the Andreas Antonopoulos donation could have been a publicity stunt, it also could be real.  The argument goes: how is someone with a best selling book, who charges $20,000+ for speaking engagements, and who has been receiving bitcoins for years (here is the public address), still in debt.  Maybe he is, maybe his family fell on hard times.  But few asked any questions when an anonymous person sent what amounted to $1 million in bitcoin enabling him to reset his tax basis.  (Hate me for writing this?  As an experiment, earlier this month I put up a Bitcoin and Ethereum address on the sidebar of the home page, feel free to shower me with your magic coins and prove me wrong.  I promise to convert it all into dirty filthy statist bucks.)  A few months prior to that, Jamie Dimon was accused of everything but eating babies after he said “Bitcoin is a fraud.”  Dozens of “Dear Jamie” letters were written begging him to see Bitcoin with their pure rose-tinted eyes.  At what point will Bitcoin enthusiasts grow some thick skin and ignore the critics they claim don’t matter?  And while we can continue to add PR stunts forever, the “fundraiser” for Luke-Jr’s home after Hurricane Irma had zero proof that it was his house, just a picture that Luke-Jr. says it was and the rest of the Bitcoin Core fan club promoting it.  Trust but verify?

[Note: if you found this research note helpful, be sure to visit Post Oak Labs for more in the future.]

Acknowledgements

Many thanks to the following for their constructive feedback: VB, YK, RD, CM, WG, MW, PN, JH

End notes

  1. Bitcoin fans basically walked onto the field before the football game, toppled the goal posts, and carried it outside the stadium declaring themselves victorious without having actually played the match. []
  2. How many of these unsophisticated buyers have subsequently lost the corresponding private keys?  See “Nearly 4 Million Bitcoins Lost Forever, New Study Says” from Fortune []
  3. I am sure I will be accused of being a “Bitcoin Cash shill” (which obviously I must be, there is no other explanation!) for pointing this out, but last week, one vocal Bitcoin Core supporter even proposed a commit to change the wording on Bitcoin.org surrounding low fees: “These descriptions of transaction features are somewhat open to interpretation; it would probably be best not to oversell Bitcoin given the current state of the network.” []
  4. As an actor on a classic Saturday Night Live sketch said: “You may ask how we at the Change Bank, make money? It’s simple, volume.” []
  5. I take issue with anyone claiming to be able to label transactions specifically as spam without doing an actual graph analysis.  See Slicing Data for more. Proof-of-lizard is not to be conflated with lizardcoin. []
  6. Note: this is not an endorsement of Visa, I do not have any equity or financial stake in Visa. []
  7. One reviewer commented: “One problem that affects all cryptocurrencies whether proof of work or of stake: What reason do most people have for using them that won’t run afoul of social policy objectives? As long as people need to convert them to regular fiat currencies, they have a distinct disadvantage. The only exception would be in failed economies where stable fiat currencies are restricted, until those governments see a cryptocurrency as a potential substitute and ban it. It is not even clear why a government would need to issue a cryptocurrency (not a CBDC). If it wants to serve unbanked people it could open or subsidize a bank for them which is what is being attempted in a few developing countries.” []
  8. One reviewer commented: “Fully peer-to-peer without banks ultimately leads to creating a new currency. A new currency means that for international payments you have the additional costs of converting into the currency and converting out of the currency. A currency not linked to a real world economy is always going to have a more volatile price (assuming it has any price at all). Volatility in FX always, always leads to higher transaction costs for exchange because the bid offer spread has to be wider. This is before you even get into the mining proof or work model and all its inherent flaws, which again ultimately result from trying to build a financial system without banks.” []
  9. One reviewer noted that: “Transferwise, Currency Fair, Revolut, Mondo and other startups are already doing it. And they’re doing it without having to break the rules and laws banks and Western Union have to play by. They’re building actual real, potentially sustainable businesses that are useful to society. They’re just not grabbing the headlines like the greater fool / Nakamoto Scheme is. When you build a real business, your scope for false promise making behind incoherent computer science jargon is pretty small.” []
  10. I even stopped aggregating numbers 18 months ago because fewer companies were making usage numbers public: it’s hard to write about specific trends when that info disappears.  Note: if you think you have some interesting info, feel free to send it my way. []
  11. BitPay has diversified its portfolio of services now, expanding far beyond the original merchant acceptance and recently closed a $30 million funding round.  However, the problem with their growth claims is they are typically measured in $USD volume. So, as the value of bitcoin has grown 10-20x (as measured in USD) in the past year, it is unclear how much BitPay has really grown in terms of new customers and additional transactions.  Note: the same can be said for most Bitcoin-specific companies making big growth-related claims, BitPay is just one example. []
  12. Movements occurred in other areas too, on the enterprise side, Chain was perhaps the most well known company to pivot away from that vertical. []
  13. One reviewer commented: “2017 was a good year for B2B players with some prominent funding rounds (e.g., Bitspark, Veem, BitPesa) and some claimed growth on blockchain “rails” (but also on non-blockchain) namely Veem and BitPesa. A big surprise of 2017 was a much broader awareness of cryptocurrencies, i.e., free massive PR. The Coinbase app became more popular than Venmo (and far ahead of any bank). As a result, one of the most intriguing questions right now for 2018 is if/how Coinbase could capitalize on this opportunity to become a full-fledged bank leveraging the best of banking-like services from players like Xapo, Uphold, and Luno?” []
  14. I suppose it is safe to assume that if you’re reading this, you are coin millionaire so you don’t worry about fiat-mandated holiday breaks like the rest of us. []
  15. Not all medium-to-large coin holders are the adopters you now see wearing suits on television talk shows.  Most coin holders, including the abusive trolls and misogynists on social media, have seen a large pay raise, enabling the worst elements to continue their bullying attacks and illicit activities.  See Alt-right utilizes bitcoin after crackdown on hate speech from The Hill []
  16. Worth pointing out that Ryan Selkis is attempting to push forward with a the self-regulatory effort called Messari.  See also: The Brooklyn Project. []
  17. Earlier this year, right after the law enforcement raids in China, one of the senior executives left BTCC but still remains on the board of the parent company that operates BTCC.  He quickly found a new senior role at another high-profile Bitcoin-focused company and uses his social media accounts to vigorously promote Bitcoin Core and maximalism. []
  18. As explored in a previous post, fake volumes among the Chinese exchanges was not uncommon and several of the large exchanges attempted to gain funding from venture capitalists while simultaneously faking the usage numbers. As one former employee put it: “That was an extraordinary attempt at fraud — faking the numbers through wash trading and simply printing trades, while using that data to attract investment and establish their valuation.” []
  19. Coinbase got into some problems in early 2015 when one of its investor decks highlighted the fact that cryptocurrencies, such as Bitcoin, could be used to bypass sanctions. []
  20. Ari Paul runs a small “crypto” hedge fund called BlockTower Capital (estimated to have between around $50-$80 million AUM) that like many companies in this space, faces an ongoing lawsuit.  Unclear why LPs didn’t just buy and hold cryptocurrencies themselves and cut out the hysteria and management fees. []
  21. Yea, I know, “money” is already digital… I didn’t give them that name, they did. []
  22. One reviewer noted: “The fact remains that if you replace the mining process with a a centralized system for validation of transactions and up-to-date of balances you could run the whole thing on an ordinary sized server for a few thousand dollars per year. Centralisation and a more logical data model are vastly better technically speaking. And it would be far easier to add in compliance and links to banks for more robust and honest methods for exchanging between a centralized bitcoin and fiat. What would the Chinese government gain from mining?” []
  23. One of the often overlooked benefits of setting up a mining farm in China is that many of the parts and components of mining equipment are either manufactured in China and/or final assembly takes place in China.  So logistically it is much quicker to transport and install the hardware on-site within China versus transport and use overseas. []
  24. I know a bunch and could maybe introduce them though some of them make public appearances at conferences so they can usually be approached or emailed. []
  25. In fact, many regulators, such as the ECB, categorize cryptocurrency as a type of “virtual currency,” separate from a “digital currency.” []
  26. There is often confusion conflating “transaction processing” and “hash generation,” the two are independent activities.  Today mining pools handle the transaction processing and have sole discretion to select any transactions from the memory pool to process (historically there have been thousands of ’empty’ blocks) — yet mining pools are still paid the full block reward irrespective of how many transactions they do or not process.  Hash generation via mining farms has been a discrete service for more than 5 years — think of mining pools as the block makers who outsource or subcontract the hash generation out to a separate labor force (mining farms) and then a mining pool packages the transactions into a block once they receive the correct proof-of-work.  Note: “fees” to miners is a slightly different but related topic. []
  27. CBDCs have their own issues, like the risk of crowding out ordinary banks in market for deposits in a low interest rate environment but they have little in common with anarchic crytocurrencies. []
  28. Many thanks to Vitalik Buterin for his feedback and suggestions here. []
  29. See also: Some Crypto Quibbles with Threadneedle Street from Robert Sams []
  30. There are other mining manufacturers, including some who only build for themselves, such as Bitfury. []
  31. Interestingly enough, the market price for one of these machines is around $2,000.  And if you do the math, you’ll see exactly what all professional miners do: it’d only cost $2 billion to buy enough machines to generate 100% of the network hashrate and claim all the $13 billion in rewards to yourself!  In other words, the seigniorage is big, fat, and juicy… and will attract other miners to come and bid up the price of mining to the equilibrium point. []
  32. There are many walk-throughs of bitcoin mining facilities, including this video from Quartz. []
  33. In the process of writing this article, a new story explained how more than 105,000 users of a Chrome extension were unknowingly mining Monero.  Heroic theft of CPU cycles, right? []
  34. In theory, and practice, the upperbound is not infinite.  We know from the hashrate being generated that there are a finite amount of cycles being spent repeatedly multiplying SHA256 over and over.  Perhaps a possible, but improbable way to gauge the upperbound is to take the processing speed of a low-end laptop CPU (which is not as efficient at hashing as its ASIC cousins are).  At 6 MH/s, how many seventh generation i3 chips would it take to generate the equivalent of 13.5 million TH/s?  On paper, over 2 trillion CPUs.  Note: 1 terahash is 1 million megahashes.  So 1 million laptop CPUs each generating 6 MH/s on paper, would collectively generate around 6 TH/s.  The current network hashrate is 13.5 exahash/s.  So you’d need to flip on north of 2 trillion laptop CPUs to reach the current hashrate.  In reality, you’d probably need more because to replace malfunctioning machines: a low-end laptop isn’t usually designed to vent heat from its CPU throttled to the max all day long. []
  35. One China-based miner reviewed this scenario and mentioned another method to arrive at an upperbound: “Look at the previous generation of ASICs which run at 2-3x watt per hash higher.  The previous generation machines normally get priced out within 18 months.  But with differing electricity costs and a high enough price, these machines get turned on.  Or they go to cheap non-petrodollar countries like Russia or Venezuela. So your base load of 1 million machines will have an upperbound of 2x to 3x depending on prevailing circumstances.” []
  36. It may be also worth pointing out that the “evil Chinese miners blocking virtuous Core” narrative is hard to justify because Bitcoin’s current relatively high fees are a direct result of congestion and has consequently increased miner revenue by 33% (based on December’s fees).  So in theory, it’s actually in the miners interest to now promote the small block position.  Instead, in reality, most miners were and are the ones advocating for bigger block sizes, and certain Bitcoin Core representatives were blocking those proposals as described elsewhere but we’re not going down that rabbit hole today. []
  37. One reviewer commented: “Financial instruments that either directly perform a service to our economy and even indirectly via speculation, enable price discovery for things that are important to people’s lives. Who’s lives is Bitcoin really important to right now? To this day the only markets it can claim to have any significant market share in, let alone be leader in, is illicit trade and ransomware. The rest appears to be just people looking to pump and shill.” []
  38. It’s also probably not worth trying to start a discussion about what the benefits, if any, there is for society regarding cryptocurrency mining relative to the resources it collectively consumes, as the comments below or on social media would simply result in a continuous flame war.  Note: colored coins and metacoins create distortions in the security assumptions (and rewards) for the underlying networks.  Watermarked tokens are neither secure nor proper for financial market infrastructure. []
  39. It is not $1 million straight, there are multiple levels and tiers. []
  40. There is an ongoing controversy around key decision makers within Bitcoin Core (specifically those who approve of BIPs) and their affiliation with Blockstream.  One of Blockstream’s largest investors, Reid Hoffman, said Blockstream would “function similarly to the Mozilla Corporation” (the Mozilla Corporation is owned by a nonprofit entity, the Mozilla Foundation). He likened this investment into “Bitcoin Core” (a term he used six times) as a way of “prioritiz[ing] public good over returns to investors.” []
  41. Because it is its own separate network, it actually has cross-platform capabilities.  However, historically it has been promoted and funded for initial uses on the Bitcoin network moreso than others. []
  42. Yes, I am aware of the demo from Alex Bosworth, it is a big step forward that deserves a pat on the back.  Now to decentralize routing and provide anonymity to users and improve the UI/UX for normal users. []
  43. To start with, see the Principles for Financial Market Infrastructures. []
  44. This is not an endorsement of a specific platform or vendor or level of readiness, but examples would include: Fabric, Quorum, Corda, Axcore, Cuneiform, and Ripple Connect/RCL. []
  45. While Lightning implementations should not be seen as a rival to enterprise chains (it is an apples to oranges comparison), the requirements gathering and technical hurdles needed to be overcome, are arguably equally burdensome and maybe moreso for enterprise-focused companies.  Why?  Because enterprise-focused vendors each need approval from multiple different stakeholders and committees first before they deploy anything in production especially if it touches a legacy system; most Lightning implementations haven’t actually formally defined who their end-customer is yet, let alone their needs and requirements, so in theory they should be able to “launch” it faster without the check-off. []
  46. For instance, CoinDesk currently has 229 entries for “lightning,” 279 entries for “DLT,” and 257 entries for “permissioned.” []
  47. It bears mentioning that Teechain, can achieve similar KPIs that Lightning can, via the use of hardware, and does so today.  BitGo’s “Instant” and payment channels from Yours also attempt to achieve one similar outcome: securely transmitting value quickly between participants (albeit in different ways). []
  48. We’d need to separate that from the enterprise DLT world because again, enterprise vendors are trying to solve for different use cases and have different customers altogether.  Speaking of which, on the corporate side, there is a growing impatience with “pilots” and some large corporates and institutions are even pulling back.  By and large, “blockchain stuff” (people don’t even agree on a definition still or if it is an uncountable noun) remains a multi-year play and aside from the DA / ASX deal, there were not many 2017 events that signaled a shorter term horizon. []
  49. Note: both the Fedcoin and CAD-coin papers were actually completed and sent to consortium members in November 2016 then three months later, published online. []
  50. One reviewer commented: “There seems to be a whole new wave of both suckers and crooks to exploit the geeks. I have read some the Chartist analysis on forums for more traditional forms of day-trading such as FX day-trading and it is exactly the same rubbish of trying to inject the appearance of intelligence and analysis into markets that the day-traders (and those encouraging them) simply do not understand.” []
  51. A former Coinbase employee, now running a “crypto” hedge fund, was allegedly fired for gambling issues.  Maybe he wasn’t but there are a lot of addicts of many strains actively involved in trading and promoting cryptocurrencies; remember what one of the lessons of Scarface was? []
  52. ERC20 and ERC721 tokens may end up causing a top-heavy problem for Ethereum. See Watermarked tokens and also Integrating, Mining and Attacking: Analyzing the Colored Coin “Game” []
Send to Kindle

External facing appearances for the final months of the year

The past several months have been pretty productive especially in terms of education.

For instance, my “Eight Things” article had over 100,000 views in its first week alone thanks largely to landing on the front page Hacker News and reshares on social media. I may write-up an article breaking down its reception at a later date.

And interestingly, one of my older articles from 2014 recently ended up on the front of /r/DataIsBeautiful generating 15k+ views over a couple of days.

Below are some of my outward facing appearances.  If you’re interested in chatting about the topics below, feel free to reach me via Post Oak Labs.

Interviews

Cited and acknowledged

Panels and presentations

Send to Kindle

How the CME (un)intentionally weighed in on chain splits

For background, this post assumes you have read some (or ideally all) of the previous posts:

Last year, when the CME first announced that it was considering backing a Bitcoin-related futures product, it also announced the CME CF Bitcoin Reference Rate (BRR).  At the time, the reference pricing data came from the following cryptocurrency exchanges: Bitfinex, Bitstamp, GDAX, itBit, Kraken and OKCoin.com (HK).

As of today, the CME has formally whittled down those six into a smaller group of four exchanges: Bitstamp, GDAX, itBit and Kraken.

They did not publicly disclose why they removed Bitfinex and OKCoin, although we can speculate:

  • It is likely they removed OKCoin because of the laws and regulations around cryptocurrencies in China over the past year included various types of bans.  OKCoin’s mainland spot price exchange for yuan <-> cryptocurrency have been shut down.  OKEX, an international subsidiary of OKCoin, replaced the China-based exchanges on its own index (including OKCoin itself).
  • Bitfinex’s corporate and organizational structure has been described in previous articles.  Even though it has the largest trading volume and is the key player to price discovery, it has a lot of red flags around compliance and transparency (described in the links at the top) that likely made organizations such as the CME uneasy.

It bears mentioning that the proposed Winklevoss COIN ETF also went through a similar evolution in terms of how to price the instrument.  The principals initially created and used the Winkdex.  The Winkdex included many different cryptocurrency exchanges over time, including Mt. Gox and BTC-e.  Eventually, in future amended filings to the COIN ETF, the Winkdex was completely discarded in favor of a daily auction price conducted at an exchange (Gemini) that the principals and creators of the COIN ETF owned and managed.  This is chronicled in a paper I wrote last year.

So what does this have to do with the CME and how did the CME (un)intentionally weigh in on the Bitcoin block size debate?

During the recent Bitcoin Core versus SegWit2X (S2X) political battle, one of the four exchanges that constitute the CME reference rate announced which ticker symbol would be attributed to a specific chain.

GDAX (Coinbase), made the following public announcement on October 25:

In our prior blog post we indicated that at the time of the fork, the existing chain will be called Bitcoin (BTC) and the Segwit2x fork will be called Bitcoin2x (B2X).

Since then, some customers have asked us to clarify what will happen after the fork. We are going to call the chain with the most accumulated difficulty Bitcoin.

We will make a determination on this change once we believe the forks are in a stable state. We may also consider other factors such as market cap and community support to determine stability.

It’s important for us to maintain a neutral position in any fork. We believe that letting the market decide is the best way to ensure that Bitcoin remains a fair and open network.

Note: original emphasis is theirs.

There have been several articles that attempted to track and chronicle what all of the exchanges announced with respect to the ticker symbol and the fork.  At the time of this writing, itBit, Kraken, and Bitstamp have not publicly commented on this specific fork (although they have publicly signaled specific views on other proposed forks in the past).

And this creates a challenge for any financial institution attempting to create a financial instrument that is compromised of a basket of cryptocurrency-specific prices from different, independent cryptocurrency exchanges.

Ignoring the lack of adequate market surveillance for the moment, if there is a future fork and the constituent exchanges that comprise the reference data choose different forks to be represented by the same ticker symbol, this will likely create problems for the financial product.

For instance, in a hypothetical scenario in which a fork occurs, and two of the exchanges comprising the BRR index choose one side of the fork to list as “BTC” and the other two exchanges choose the other fork to also represent “BTC,” because these forks are linked to separate different ecosystems and even economic systems the combination could impact the volatility of the product.

Or in short: there is no universal agreement or consensus from cryptocurrency exchanges comprising the BRR about what the ticker symbol, let alone the chain should be defined as.

Concluding remarks

Over the past several years the primary debate has been around scaling, specifically around block sizes.  What if future forks are fought over changes to transaction fees, money supply, or KYC requirements?  This isn’t idle speculation as these have been proposed in the past with both Bitcoin and other cryptocurrencies (Ethereum Classic  held an event last year to focus on what the future money supply generation rate should be).

Obviously this is a situation the CME (and similar financial institutions) wants to avoid at all costs.

In order to do this, it’ll have to pick a side and either:

a) force an errant exchange on its index to fall in line or lose the free marketing; or

b) ditch it from the index

Either way, as by far the largest player in the market, in doing so it will be governing what Bitcoin is.  Unlike what most Bitcoin promoters often think: traders follow liquidity not the other way around so the CME is likely to become kingmaker in Bitcoin political disputes.  It is going to become a key arm in its governance.  That said, as we have seen before, rather than directly get involved with the tribes and religions of development they might simply defer to the incumbent Bitcoin Core rules — so that they can remain above the politics and out of any legal liabilities.

For more detailed commentary on this topic, be sure to read the articles linked to at the top.  This will be worth re-visiting once the CME and other regulated institutions fully launch their proposed products.

Acknowledgements: special thanks to Ciaran Murray for several insights articulated above.

Send to Kindle

Bitcoin Is Now Just A Ticker Symbol and Stopped Being Permissionless Years Ago

Financial market infrastructure in just one country (Source)

What is FMI?  More on that later.  But first, let’s talk about Bitcoin.

If you aren’t familiar with the Bitcoin block size war and its endless online shouting matches which have evolved into legal and even death threats, then you have probably been a very productive human being and should sell hugs and not wander into a non-stop social media dance off.

Why?  Because tens of thousands of man (and woman) hours have collectively been obliterated over a struggle that has illuminated that Bitcoin’s development process is anything but permissionless.

It also illuminates the poor fiduciary care that some VCs have towards their LPs.  In this case, more than a handful of VCs do not seem to really care about what a few of their funded companies actually produce, unless of course the quarterly KPIs include “have your new Bitcoin meme retweeted 1,000 times once a week.”

In some documented cases, several dozen executives from VC-backed Bitcoin companies have spent thousands of hours debating this size attribute instead of building and shipping commercializable products.  But hey, at least they sell cool hats and built up very large Twitter followings, right?

Fact #1: Satoshi Nakomoto did not ask anyone’s permission to launch, change, or modify the codebase she unilaterally released in 2009.

Fact #2: In 2009, when Satoshi Nakomoto issued and minted a new currency (or commodity or whatever these MLIC are) she did so without asking anyone else’s approval or for their “ack.”

In the approximately seven years since she stopped posting under her pseudonym, influential elements of Bitcoin’s anarchic community have intentionally created a permissioned developer system commonly referred to as the Bitcoin Improvement Proposal (BIP) process.  “Bitcoin Core” is the name for the group that self-selected itself to vet BIPs; involvement is empirically permissioned because you can get kicked off the island.1 There are a small handful of decision makers that control access to the code repository.

For example, if you’re a developer that wants to create and launch a new implementation of Bitcoin that includes different block sizes… and you didn’t get it approved through this BIP process, guess what?  You are doing permissionlessness wrong because you didn’t get permission from the BIP approval committee to do so.

Oh, but you realize that and still want to launch this new Bitcoin implementation with the help of other elements of the community, such as some miners and exchanges?

According to some vocal members of the current BIP approval committee (Bitcoin Core) and its surrogates, this is an attack on Bitcoin.  Obviously this is absurd because there is no de jure or legally defined process for changing or forking Bitcoin, either the chain itself or the code.

There is no terms of service or contract which explicitly states what Bitcoin is and who controls its development process.  Or more historically: if Satoshi didn’t need permission from a (non-existent) BIP approval committee to launch a cryptocurrency, then no other Bitcoin developer needs to either.

Tickers

Fast forward to this current moment in time: if the Bitcoin Cash or Segwit2X forks are an attack on network because either fork did not get ack’ed (approved) by the right people on the BIP approval committee or retweeted by the right “thought leaders” on social media, then transitively every 10 minutes (when a block is generated by a miner) arguably could be an attack on Bitcoin.

Why?  At any time a block maker (miner) could use a different software implementation with different consensus rules.  They, like Satoshi before them, do not need permission to modify the code.

Oh, but other miners may not build on top of that block and some exchanges may not recognize those blocks as “legitimate” Bitcoin blocks?

That is certainly a risk.  In fact, several exchanges are now effectively white listing and black listing — permissioning — Bitcoin-related blocks.

For instance, Bittrex, a large crypto-to-crypto exchange, has said:

The “BTC” ticker will remain the Bitcoin Core chain before the hard fork block. Bittrex will observe the Bitcoin network for a period of 24 to 48 hours to determine if a chain split has occurred and the outcome.

In the event of a chain split, “BTC” will remain the existing Bitcoin chain with 1 MB blocks until the industry and ecosystem demonstrates a clear chain preference for Bitcoin.

Bitfinex, the largest (and most nebulous) cryptocurrency exchange in the world, took this even further by stating:

The incumbent implementation (based on the existing Bitcoin consensus protocol) will continue to trade as BTC even if the B2X chain has more hashing power.

After heavy public (and private) lobbying by members and surrogates of Bitcoin Core, other exchanges have instituted similar policies favoring the incumbent.2  So what can alternative implementations to do?  Bend the knee?

Daenerys Targaryen, Breaker of Chains

Historically miners have built on the chain that is both the longest and also has the most accumulated difficulty… and one that has enough profitability to pay for the electricity bills.  It just happens that this collective block building activity is never called an “attack” because in general, most participants have been happy enough with the status quo.

Visions of what Bitcoin is and how it should be defined have clearly, empirically shifted over time.  But since this network was purposefully designed to be self-sovereign and anarchic — lacking contracts and hooks into any legal system — no one group can claim legitimacy over its evolution or its forks.

As a result, recent war cry’s that Segwit2X is a “51% attack” on Bitcoin are a red herring too because there is no consensus on the definition of what Bitcoin is or why the previous block – in which approximately 51% of the hashrate created a block – is not an attack on Bitcoin. 3

This has now morphed into what the “BTC” ticker on exchanges represents.  Is it the longest chain?  The chain with the most accumulated difficulty?  The chain maintained by Bitcoin Core or now defunct NYA developers?  If a group of block makers can build blocks and exchanges are willing to list these coins as “BTC” then that specific chain has just as much legitimacy as any other fork other miners build on top of and exchanges may list.

Furthermore, if the BIP approval committee gets to say what software miners or exchanges should or should not use (e.g., such as increasing or decreasing the block size), that could mean that existing network is a managed and even administered.  And this could have legal implications.  Recall that in the past, because block making and development were originally separate, FinCEN and other regulators issued guidance stating that decentralized cryptocurrencies were exempt from money transmission laws.

Despite what the trade associations and Bitcoin lobbying groups would like the narrative to be, I recently published an article that went into this very topic in depth and have publicly asked several prominent “crypto lawyers” to provide evidence to the contrary (they have yet to do so).  An argument could be made that these dev groups are not just a loose collective of volunteers.

Financial market infrastructure

I’m not defending S2X or XT or Bitcoin Unlimited.  In fact, I have no coins of any sort at this time.

But even if you don’t own any bitcoins or cryptocurrencies at all, the block size debate could impact you if you have invested in the formal financial marketplace.

For example, if and when the CME (and similar exchanges) get CFTC approval to list cryptocurrency-related futures products and/or the NYSE (and similar exchanges) get SEC approval to list cryptocurrency-related ETFs, these products will likely result in a flood of institutional money.

Once institutions, regulators, and sophisticated investors enter the picture, they will want to hold people accountable for actions.  This could include nebulous “general partnerships” that control GitHub repositories.  Recall, in its dressing down of The DAO, the SEC defined the loose collective building and maintaining The DAO as a ‘general partnership.’  Is Bitcoin Core or other identifiable development teams a “general partnership”?

Maybe.  In fact, the common refrain Bitcoin Core and its surrogates continually use amounts to arguments in favor of a purported natural monopoly.

For instance, Joi Ito, Director of MIT’s MediaLab, recently stated that:

“We haven’t won the battle yet. [But] I think the thing that is interesting is that Bitcoin Core has substantially more brain fire power than any of the other networks.”

This is problematic for a couple reasons.

First, Joi Ito is not a disinterested party in this debate.  Through Digital Garage (which he co-founded) it has invested in Blockstream, a company that employs several influential Bitcoin Core devs.4  Ignoring the potential conflict of interest, Ito’s remarks echo a similar sentiment he also made last year, that Core is basically “The Right Stuff” for NASA: they are the only team capable of sending humans into space.

But this is an empirically poor analogy because it ignores technology transfer and aerospace education… and the fact that multiple countries have independently, safely sent humans, animals, and satellites into space.

It also ignores how competitive verticals typically have more than just one dominant enterprise: aerospace, automobiles, semiconductor manufacturers, consumer electronic manufacturers (smart phones), etc.  Each of these has more than one company providing goods and services and even usually more than just one product development team developing those.  Intel, for example, has dozens of design teams working on many new chips at any given time of the year.  And they are just one of the major semiconductor companies.

Even in the highly regulated markets like financial services there is more than one bank.  In fact, most people are unaware of this but banks themselves utilize what is called “Core Banking Software” and there are more than a dozen vendors that build these (see image below).

It is a bit ironic that Bitcoin Core seeks to have a monopoly on the BIP process yet even banks have more than one vendor to choose from for mission critical software securely managing and processing trillions of dollars in assets each day.5

On the enterprise (non-anarchic) blockchain side of the ecosystem, there are well over a dozen funded teams shipping code, some of which is being used in pilots by regulated institutions that are liable if a system breaks.  Note: this is something I discussed in my keynote speech (slides) at the Korea Financial Telecommunications and Clearings Institute last year.

But as one vocal Core supporter in a WeChat room recently said, Bitcoin Core is equivalent to Fedwire or Swift, there is only one of each; so too does it make sense for only one Bitcoin dev team to exist.

Firstly, this conflates at least four different things: a specific codebase, with permissioned dev roles, with acceptance processes, with a formal organization.

It is also not a good analogy because there are many regulatory reasons why these two systems (Swift and Fedwire) exist the way they do, and part of it is because they were either setup by regulators and/or regulated organizations.  In effect, they have a bit of a legally ring-fenced marketplace to solve specific industry problems (though this is somewhat debatable because there are some alternatives now).6

If this supporter is equating Core, the codebase, with real financial market infrastructure (FMI), then they should be prepared to be potentially regulated.  Bitcoin Core and many other centralized development teams are comprised of self-appointed, vocal developers that are easy to identify (they have setup verified Twitter accounts and attend many public events), so subpoenas and RFI’s can be sent their way.

As I mentioned in my previous article: with great power comes great accountability.  Depending on the jurisdiction, Core and other teams could end up with regulatory oversight since they insist on having a monopoly on the main (only) implementation and process by which the implementation is managed.7

Remember that Venn diagram at the very top?  The companies and organizations that manage FMI today for central banks (RTGSs), central securities depositories (CSDs), and other intermediaries such as custodians and CCPs, have specific legal and contractual obligations and liabilities.

Following the most recent financial crisis, the G-20 and other counties and organizations established the Financial Stability Board (FSB) to better coordinate and get a handle on systemic risks (among other issues).  And while the genesis of the principles for financial market infrastructures (PFMI) had existed prior to the creation of the FSB, how many of the international PFMI standards and principles does Bitcoin Core comply with?

Spoiler alert: essentially none, because Satoshi intentionally wasn’t trying to solve problems for banks.  So it is unsurprising that Bitcoin isn’t up to snuff when it comes to meeting the functional and non-functional requirements of a global payments platform for regulated institutions.  Fact-check me by reading through the PFMI 101 guide.

When presented with these strong legal accountability and international standards that are part and parcel with running a payment system, there is lots of hand waving excuses and justifications from Core supporters (and surrogates) as to why they are exempt but if Core wants to enforce its monopoly it can’t have it both ways.  Depending on the jurisdiction they may or may not be scrutinized as FMI.

But in contrast, in looking at the evolution and development of the enterprise chain ecosystem – as I described in multiple previous articles – there are valuable lessons that can be learned from these vendors as to how they plan to operate a compliant network.  I recall one conversation with several managing directors at a large US investment bank over a year ago: maybe the enterprise side should just have CLS run a blockchain system since they have all the right business connections and fulfill the legal and regulatory check boxes.

Note: CLS is a very important FMI operator.  Maybe existing FMI operators will do just that.  Speaking of which, will Bitcoin Core (or other dev teams) apply to participate with organizations like the FSB that monitor systemically important financial institutions and infrastructure?

Angela Walch has argued (slides) that some coders, especially of anarchic chains, are a type of fiduciary.8  Even if this were not true, many countries have anti-monopoly and anti-trust laws, with some exceptions for specific market segments and verticals.  There are also laws against organized efforts involved in racketeering; in the US these are found within the RICO Act.

Watch the Godfather trilogy

I haven’t seen a formal argument as to why Core or other development teams could meet the litmus test for being prosecuted under RICO laws (though the networks they build and administer are frequently used for money laundering and other illicit activity).  But trying to use the “decentralization” trump card when in fact development is centralized and decisions are made by a few key individuals, might not work.

Look no further than the string-pulling Mafia which tried to decentralize its operations only for the top decision makers to ultimately be held liable for the activities of their minions.9  And using sock puppets and pseudonyms might not be full proof once forensic specialists are brought in during the discovery phase.10

Concluding remarks

Based on observations from how Bitcoin Core evolved and consolidated its power over time (e.g. removing participants who have proposed alternative scaling solutions), the focus on what Bitcoin is called and defined has landed in the hands of exchanges and really just highlights the distance that Bitcoin has walked away from a “peer-to-peer electronic cash” that initially pitched removing intermediaries.  To even care about what ticker symbol ‘Bitcoin’ is on an exchange is to acknowledge the need for a centralized entity that establishes what the “price” is and by doing so takes away the bitcoin holder’s “self-sovereignty.”11

While the power struggles between various factions within the Bitcoin development community will likely rage on for years, by permissioning off the development process, Bitcoin Core (and any other identifiable development groups), have likely only begun to face the potential regulatory mine field they have foisted on themselves.12

Historically blockchain-based systems have and still are highly dependent on the input and decision-making by people: somebody has to be in charge or nothing gets done and upgrades are a mess.  And the goal of appointing or choosing specific teams on anarchic chains seems to be based around resolving political divisions without disruptive network splits.13

The big questions now are: once these teams are in charge, what will governments expectations be?  What legal responsibilities and regulatory oversight will the developers have?  Can they be sued for anti-trust and/or RICO violations?  With billions of dollars on the line, will they need to submit upgrade and road map proposals for approval?

Endnotes

  1. Examples of developers who were removed: Alex Waters, Jeff Garzik, Gavin Andresen []
  2. Thanks to Ciaran Murray for identifying these exchanges. []
  3. Bitcoin mining is in fact based on an inhomogeneous Poisson process; a participant could theoretically find a block with relatively little hash rate.  Although due to the probabilities involved, most miners pool their resources together to reduce the variance in payouts. []
  4. According to one alleged leak, Digital Garage is testing Confidential Assets, a product of Blockstream. []
  5. According to a paper from the Federal Reserve: payment, clearing, and settlement systems in the United States “process approximately 600 million transactions per day, valued at over $12.6 trillion.” []
  6. On AngelList, there are about 3,400 companies categorized as “payments” — most of these live on top of existing FMI, only a handful are trying to build new independent infrastructure. []
  7. A key difference between Bitcoin and say Ethereum is that with Ethereum there are multiple different usable implementations managed by independent teams and organizations; not so with how Bitcoin has evolved with just one (Bitcoin Core) used by miners.  In addition, the Ethereum community early on formally laid out a reference specification of the EVM in its yellow paper; Bitcoin lacks a formal reference specification beyond the Core codebase itself. []
  8. See also The Bitcoin Blockchain as Financial Market Infrastructure: A Consideration of Operational Risk from Angela Walch []
  9. Thanks to Stephen Palley for providing this observation. []
  10. It is unclear why the current Bitcoin Core team is put onto a pedestal.  There are many other teams around the world building and shipping blockchain-related system code used by companies and organizations (it is not like there is only just one dev team that can build all databases or operating systems).  At the time of this writing Core has not publish any papers in peer-reviewed journals and many of them do not have public resumes or LinkedIn profiles because they have burned business and professional relationships in the past.  Irrespective of what their bonafides may or may not be, it is arguably a non sequitur that ‘permissionless’  coordination in open-source code development has to lead to a monopoly on said development. []
  11. Thanks to Colin Platt for this “appeal to authority” observation. []
  12. Bitcoin stopped being permissionless when developers, miners, and exchanges needed to obtain permission to make and use different code.  And likely there are and will be more other cryptocurrency development teams that follow that same path. []
  13. For an informed contrarian view on governance and distributed ledger technology, see The blockchain paradox: Why distributed ledger technologies may do little to transform the economy by Vili Lehdonvirta []
Send to Kindle

A note from Bob on the transparency of Tether

[Note: below is a note from a friend, Bob, who is a former attorney turned tech entrepreneur who closely follows the cryptocurrency world.  This was published with his permission.]

Hope all is well.  I am writing to share some alarming signs of Bitcoin price manipulation.

Bitcoin price is about 10 times of what it was a year ago. The exchange that decisively sets Bitcoin price is Bitfinex, a secretive institution with unknown beneficiary structure and place of organization.

Bitfinex had its wire services suspended by Wells Fargo in April.  To resume trading, Bitfinex enlisted the help of Tether, another company with unknown beneficiary structure and place of organization, but based on announcements is likely under common share holder control with Bitfinex.  Tether sells crypto-tokens known as USD Tethers, or USDTs, that are purportedly backed by an equal number of US dollars.  In other words, each USDT is a digital good priced at USD 1.00.

Despite the promise of “100% reserve” and the vague reference to “24×7 access to your funds” on Tether’s website, there is no contractual right, either tacit or express, for one USDT to be redeemed for one US dollar.  It is probably through this legal construct that Tether hopes to characterize its USDTs as digital goods and not “convertible” virtual currency covered by FinCEN regulations.

The invention of USDTs led to the proliferation of numerous crypto-currency exchanges.  Examples include Bitfinex, Binance, HitBTC, KKex, Poloniex, and YoBit.  Instead of providing crypto-to-fiat trading pairs, these “coin-to-coin” exchanges offer crypto-to-tether trading exclusively.  Therefore, USDTs not only help these exchanges remove the need for formal banking arrangement, but also enables these exchanges to organize in lesser known jurisdictions (e.g., the Republic of Seychelles) and operate outside of the regulation and supervision of major economies.  Most of these exchanges claim to screen-off visitors from the United States and other countries with laws on coin-to-coin trading, but the screen-off is often perfunctory. In almost all cases, the screen can be defeated with a simple mouse click.1

It is doubtful that these exchanges perform meaningful due diligence beyond identity verification to combat money laundering, financing of terrorism, and corruption of politically exposed persons. Bitfinex, for example, requires no identity verification at all for most trading activities and imposes no trading amount limits on unverified accounts.  The enablement of these exchanges where rampant money laundering is possible is outside of the scope of this note. Instead, I would like to bring to your attention the distinct possibility that Bitfinex, as the likely controller of Tether, is a bad actor.

Strong circumstantial evidence suggests that Bitfinex is creating USDTs out of thin air to prop up Bitcoin prices.  Namely, Bitfinex is likely acting as a central bank that issues a fiat money called USDTs. The sole mandate of this central bank is to enrich itself through market manipulation.

The first image (above) attached to this email illustrates how mysterious amounts of USDTs were minted and injected into Bitfinex at precise moments when a crash seemed imminent.

The second image (above) illustrates a strong correlation (but admittedly not causation) between the total amount of USDTs in circulation and Bitcoin price.

Bitfinex released an internal memo in September to allay concerns that USDTs might have been created at will.  The memo purportedly shows that Tether maintained sufficient US dollars to match all USDTs in circulation as of a day in September.  The memo, however, is of no probative value.  Among other strange things, the author of the memo didn’t verify with banks (names redacted) that account balances from Tethers were in fact correct, couldn’t promise that the balances weren’t overnight borrowings for purposes of producing the memo, and couldn’t promise that Tether indeed had access to those funds.

I therefore urge you to consider the possibility that the current price of Bitcoin is the result of Bitfinex’s manipulation and may collapse when regulators take action.

For example, Tether is almost certainly an administrator of virtual currency — it centrally puts into and withdraws from circulation USDTs, a virtual currency squarely intended as a substitute for real currency as admitted by Tether in the internal memo.

Tether has nominally registered as a money transmitter with FinCEN, but it is unclear if they fulfill any of the BSA filing requirements (e.g., filing SARs).2 As a company, Tether’s USDTs enables large crypto-currency exchanges (including US-based exchanges like Poloniex) to exist and powers trades thereon in the amount of millions every day.  So it wouldn’t be surprising if FinCEN eventually decides to enforce its rules against Tether as it did against Liberty Reserve.

Further, CFTC approved recently various swap execution facilities, designated contract markets and derivative clearing organizations with Bitcoin flavor.  And the Chicago Mercantile Exchange is expected to launch cash-settled futures on Bitcoin soon.  Manipulation of Bitcoin prices referenced by these entities is prosecutable by the CFTC, an agency with broad statutory authority to prosecute manipulation of commodity prices under the Commodity Exchange Act (including Section 753 as amended by the Dodd-Frank Act.).

Although none of these CFTC-registered entities are currently including Bitfinex in the calculation of their Bitcoin reference rates (CME used to), it is well understood and could be easily established (partially because of the transparency of Bitcoin blockchain) that Bitfinex-initiated price movements ripple through all exchanges via manual and automated trading.3  CFTC could then have grounds to investigate Bitfinex’s possible manipulation of Bitcoin price via Tether.

If you are considering investing into Bitcoin at this time, please look closer at the exchanges involved in price discovery and give it a second thought.

References

  1. For an example, see FinCEN ruling from August 15, 2015. []
  2. Tether Limited did do a basic registration which takes around 5 minutes and about 45 dollars. But they probably didn’t do what come after the registration, which includes many other filings to FinCEN such as submitting suspicious activity reports. []
  3. The initial reference rate announced by the CME included Bitfinex.  Similarly, the Winklevoss Bitcoin ETF used a reference rate (called the “Winkdex”) whose comprising exchanges fluctuated over time.  See Comments on the COIN ETF (SR-BatsBZX-2016-30). []
Send to Kindle

Who are the administrators of blockchains?

[Note: I neither own nor have any trading position on any cryptocurrency.  I was not compensated by any party to write this.  The views expressed below are solely my own and do not necessarily represent the views of any organization I advise.  See Post Oak Labs for more information.]

On All Hallows’ Eve in 2008, an anonymous person (or group of persons) posted a short technical whitepaper on an obscure mailing list about a new virtual coin-based online-only payment system they had been designing for the last eighteen months.1 Several months later, in January 2009, this same person posted the code that created the functionality described in the whitepaper and began minting this new virtual currency.  Less than two years later, the creator walked away from the project and without ever revealing their real identity.

The creator likely stayed anonymous for a variety of reasons, including the fact that by creating and administering a new payment system they may have been violating money transmission laws in multiple countries.2 Despite multiple hoaxes, we still don’t know who this anonymous person was.  But their system – like the Ship of Theseus – continues to exist in a form referred to as Bitcoin.

But before getting to that part of the saga, let’s look at May 2013.  At the end of that month, US federal agents raided a Costa Rica-based company called Liberty Reserve due to money laundering violations (along with a list of other crimes).  Liberty Reserve was a centralized payment platform that marketed to its users the ability to anonymously send funds to one another.

According to the BBC:

The US Justice Department said the scheme had been used to process 78 million transactions with a combined value of $8bn (£5.5bn) – many of which were related to hiding the proceeds of credit card theft, identity fraud, hack attacks and Ponzi scam investment schemes.

Last year the founder of Liberty Reserve, Arthur Budovsky, was convicted and sentenced to twenty years in prison.  Several other insiders also received sentences.  Liberty Reserve had more than 5 million users including more than 200,000 in the US — it is unclear at this time if any of the users are being prosecuted.

According to some cryptocurrency fans, Liberty Reserve’s big blunder was that they attached their legal names to the payment processing enterprise.

But this misses the point.  If you play with a highly regulated industry such as financial services, be prepared for the existing stakeholders such as regulators and law enforcement to increasingly scrutinize your operations as they detect familiar activities, such as the marketing and sale of securities or operating a payment platform.

Cypherpunk cosplay uniform (mostly worn online)

If you spend your weekends cosplaying online as a cypherpunk and yet voluntarily sit on-stage wearing a name tag with your real name at public events and promote financial products and financial market infrastructure to the world at large, consider that there may be people who later watch these videos stored on Youtube. In its report on The DAO, the SEC cited two specific Youtube videos including one from Slock.it, the creators of The DAO.  Recall that Slack stores everything, including your private pump and dump strategies.  If you used cloud-based email, there is a non-zero chance that your successful solicitations and payola to coin media could be discovered after the cloud provider receives a subpoena.

What does this have to do with blockchains?  Below we discuss a few ideas that tie in with money transmission and payment processing.

“Core” development teams

Let me state from the onset that I am unaware of any current or potential criminal or civil cases specifically against developers of cryptocurrency networks.  Furthermore, regulators and law enforcement may not view development teams as administrators at all.  I am not a lawyer and this is not legal advice.

What are administrators?  At a very high level, in the United States, according to guidance published in March, 2013 by FinCEN:

An administrator is a person engaged as a business in issuing (putting into circulation) a virtual currency, and who has the authority to redeem (to withdraw from circulation) such virtual currency.

The rest of the March guidance goes into a little more detail of what administrators are with respect to money exchange itself.

For the purposes of this article, and without diving too much into the technical weeds, let’s consider this hypothetical:

Bob forks/clones Bitcoin in a new GitHub repo that he alone has commit access to.  While other people can submit suggested changes, he alone has commit access to make any changes to the code.  He likes his privacy so he doesn’t actively advertise or market the repo or coin or tell anyone who he is.  And then sets up one mining node, initiates the genesis block, and begins Day 1 of Bobcoin.

Is Bob an administrator?  If so, at what point does he stop being an administrator?  When there are more than one mining nodes in operation?  When more than one developer has commit access?

That’s a decision that regulators and law enforcement will need to make but from this cursory bit of detail, Bob clearly issued his own virtual currency.  Can he redeem it?

Perhaps.3  Either way, he could unilaterally change the code and annul previous or future coins/transactions.  He could change the money supply schedule, doubling or halving it if he so pleased.   He could make a new rule that says block sizes should be arbitrarily larger or smaller.  He could make a new version that separates the digital signatures from other data in the block.  He could change the required transaction fee.  He could add functionality such as P2SH.  He could change how the difficulty setting adjusts.  And so forth.

Even if other participants added computers and joined the Bobcoin network and diluted Bob’s mining hashrate, if the new participants solely rely on the code in his GitHub repo (e.g., are unaware of and/or do not use alternative implementations of Bobcoin code), then Bob remains very influential and could still directly make changes to the network.

Does being very influential — controlling the code repo to a financial network — constitute “administration”?  Arguably yes, but there should be some objective measuring sticks as to what these attributes are (e.g., how many different people have commit access to a repo for financial market infrastructure).

In the proof-of-work-based cryptocurrency world today, we have observed a stark 180 logistical change from Bitcoin in 2009.  Whereas originally all nodes were miners and vice versa, today you have a permanent bifurcation between: fully validating nodes and the mining process itself (hash generation process).  Similarly, many participants in the market, including dozens of developers and miners, use their real legal identities through the use of verified social media accounts and the speaking circuit at fintech events.  They are no longer pseudonymous.

In order for participants to coordinate and administer these types of networks, they did not necessarily need to reveal themselves.  In fact, we still don’t know who many of the original creators of various cryptocurrency networks are that are still in operation (who is BCNext?).  But because many have publicly identified themselves, they could be served with legal process and held responsible if legally liable: hiding behind pseudonymity or anonymity is no longer an option for them.

To borrow a phrase that has been recently used by several regulators, will it come down to the “facts and circumstances” to determine whether or not an entity such as a mining pool operator or core development team is a money service business or fiduciary? 4

Either way, popular euphemisms commonly used by cryptocurrency promoters and lobbyists include supposedly supporting “open” or “public” blockchains – several feelgood words – but as we empirically observe, in many cases these networks are not open to the general public: either as an actual validator or as a developer.  Access can become gated by a clique who determines who can be involved.5

In December 2015, the individuals in the photo above allegedly represented about 90% of the Bitcoin network hashrate: Source

Command and control

According to some, the Bitcoin network is viewed as a “third party payment processor” and because no one single entity administers the network it meets FinCEN’s exemptions.6  Thus, the argument goes, cryptocurrency network creators do not need to obtain a money transmitter license in the US because each activity is separate and run by a different group of participants who meet some kind of legal or regulatory exemption.7

This may have been the case in 2009 and 2010 prior to mining pools and dedicated development teams but it may not stand up to closer scrutiny in 2017.

For instance, over the past couple of years there has been this phenomenon called the “block size” debate.  Rather than go into the different camps and what they want or demand, let’s look at how various participants actually behave and act.

To begin with, let’s look at mining.

As mentioned above, mining in 2017 is different than it was in 2009.  Whereas mining initially meant (1) validation back to the genesis block and (2) generating proofs-of-work (hashes), these two processes are fully separated today.8

Today mining pool operators pick and choose which transactions to include into blocks and validate the chain they are building their blocks, is the chain they intended to do so on.  They can (and do) censor transactions.  For a pre-arranged fee, some will include your transaction before including others, including transactions from the mining pool operator itself.  Mining pools in turn pay miners (those with hash generating equipment) a share of the block reward for the work they do.  Note: miners (hash generators) themselves do not validate blocks and in fact, the machines they use are comprised of ASIC chips, are incapable of doing anything other than some simple multiplication — they can’t even run the software needed to validate the chain, let alone software like Excel.

There is a third stake holder in the mining process; infrastructure managers, who own and operate (or lease) the physical infrastructure that houses the equipment for miners.  Very little has been published on these participants (in English) because most of this infrastructure is managed in countries where English is not the mother tongue.9 These participants negotiate electrical rates and sometimes help install and operate the electrical equipment (transformers and wiring) at the various mining facilities (or outsource and manage that to someone else).

Now let’s look at the software implementation commonly used by many Bitcoin mining pools, called Bitcoin Core.  Until very recently, most mining pools ran a reference implementation of what is called the Bitcoin Core implementation of Bitcoin.  That is to say, the software running their node which builds and validates blocks, comes from a repository managed by a collective describing itself as Bitcoin Core.  This software was originally called the “Satoshi client” (Bitcoin-Qt) and has been renamed a few times along the way to its current name of Bitcoin Core.

In October, 2017 one common refrain from the camp that collectively identifies itself as Bitcoin Core, is that miners do not ultimately operate Bitcoin.  They argue that hashrate follows price and price follows the chain that is best maintained by the best developer team.  This is empty rhetoric.  We know that there are three entities involved in mining: mining pools, hash generators, infrastructure managers.  We know their key importance because they have been lobbied non-stop by many different stakeholders (such as Bitcoin Core and Bitcoin Classic) over the past several years including both open and closed door events on multiple continents.  They have been asked to sign agreements.  And then have seen those same agreements broken.  If miners are not important, they would not be lobbied or demonized at all: they would be ignored entirely.1011

Bitcoin Core is especially interesting because Bitcoin Core proponents claim it does and does not exist.  It is a bit like Schrodinger’s cat: Core exists when it is convenient for its proponents (like rallying supporters to denounce an alternative implementation) but does not exist when it encounters accountability or responsibility for its collective decisions or the decisions made by its surrogates.

Bitcoin Core maintains a website, a verified Twitter profile, Slack and other media channels.12 It even has a public team page of some of the contributors.  It is unclear how they precisely coordinate, but they work closely together with the owners and maintainers of Bitcoin.org and Bitcoin Core GitHub repo.  Note: Bitcoin.org, Bitcoin Talk and /r/Bitcoin are all controlled by the same individual, “theymos.”13 The other channels are owned and controlled by a set of unknown participants.  This collective does not have any known trademarks or copyrights at this time.  While no one has yet identified the actual decision makers, Bitcoin Core has multiple surrogates who are publicly known and actively engaged in media.

When there are disputes over decisions, some individuals who have identified themselves on the Bitcoin Core contributor list, will come out defending Bitcoin Core.  This includes asking for Bitcoin Core alleged lookalikes and doppelgangers to stop existing.  Schrodinger’s cat strikes again: Bitcoin Core wants to own the term Bitcoin Core on social media so that others can’t use it, but do not want the accountability when the collective or someone from the collective makes a decision.  Whose identification documents were used to create a verified Twitter (KYC’ed) account?  What about the web domains?  Those people are arguably actual representatives of the collective.

Bitcoin Core does not have a trademark on the Bitcoin logo, the Bitcoin ticker symbol, etc.  The original code base was released under an MIT License and “Satoshi Nakomoto” is still the copyright owner.14 Tibanne KK (the parent company of Mt. Gox) actually has a trademark on “Bitcoin” in the UK; although since the logo was originally placed in the public domain it is unclear if Tibanne can enforce these claims.  While the representatives and surrogates of Bitcoin Core argue over alternative implementations, if the entity called Bitcoin Core sued, this could open them up for a few things:

  1. they might need to incorporate in order to have legal standing;15
  2. they’d likely have to reveal their legal names (who is the verified Twitter entity?);
  3. they could be liable for complying with state, federal and international laws around operating financial market infrastructure.

Some developers want the power to control a code repo but not the accountability that comes with it.   Source: Spider-Man

Note: if you have a few moments, Angela Walch has a great paper on this topic worth reading.  Recall one of the common refrains from multiple full-time cryptocurrency developers is that they must be conservative in how they upgrade the chain they are working on, “as billions of dollars are at risk.”  These statements are arguably self-incrimination for being a fiduciary.16

It is unclear if Bitcoin Core itself will remain pseudonymous to avoid lawsuits and countersuits.  But recall, no one currently owns “Bitcoin” — the network itself is a public good, a commons.  However, Bitcoin Core does control the GitHub repo and tightly controls the commit access, occasionally removing those that do not align with their political views.17

What is the big deal?  Isn’t this software similar to a browser?

No.  The several thousand ISPs that are connected to each other forming “the Internet” are not dependent on the existence of Firefox or Internet Explorer or any browser.  These ISPs use protocols which are developed and managed by various non-profit and for-profit entities, some with clearer governance than others (like ICANN and IETF).  Network traffic will continue to flow irrespective of what browser is being used.

Bitcoin Core (the software) is not like a browser.18  If it was, the miners could simply switch out and use a different implementation and then start building blocks based on this new implementation.  But as noted above, miners have been lobbied not to use anything but Bitcoin Core or face the consequences if they did.  For instance, this past spring a group of Bitcoin Core affiliated developers threatened to change the proof-of-work mechanism.  These same developers even created a Twitter account (hence deleted) and still maintain a website dedicated to promoting this change.

With threats like this, arguably miners aren’t really free to choose what implementation to run.  To use Walch’s description, Bitcoin Core (and other identifiable developer teams) could arguably be a fiduciary if not an administrator.

bitfury

Source: Twitter

George Kikvadze is an executive and vice chairman of BitFury, a large Bitcoin mining company based in the Republic of Georgia.  Seven months ago he tweeted the statements above in reaction to a Bitcoin Core developer that threatened to change the proof-of-work algorithm used in Bitcoin in order to punish miners for using non-Bitcoin Core code.

Neither threat was carried out but this scenario raises interesting questions: if representatives of Bitcoin Core (or other development teams) who had commit access did change the proof-of-work mechanism to something the ASIC miners that BitFury designed was no longer capable of monetizing, is Bitcoin Core (or other developer teams) itself liable for the loss in revenue suffered by BitFury and other miners?  Is it just the person who submitted the documents to get a verified Twitter account?

No terms of service

One of the fundamental challenges for any anarchic chain is coming to agreement on defining the chain in the first place.19 What is Bitcoin?  Is it the chain with the most proof-of-work?  The longest chain?  The one that gets the most retweets?  The one with the most starred repo on GitHub?

As I mentioned in a paper a couple years ago (Appendix A), because there is no de jure process to handle governance issues, the various communities and tribes rallying and fighting around their disparate visions must rely on ad hoc de facto processes, much of which spills over onto social media

Fundamentally there does not appear to be any contract rights involved in using or operating Bitcoin (the network).  Who do users have contractual relationships with?  If someone does, then you could theoretically sue them.  But there is not even a click-through agreement or EULA when downloading Bitcoin Core (or any other alternative implementation).

This is relevant because earlier this month there were several Bitcoin Core contributors and surrogates, some of whom used their real names, claimed that alternative implementations such as Bitcoin Segwit2X (and its developers) could be violating the Computer Fraud and Abuse Act in the event that Segwit2X successfully creates a new fork next month.

If the CFA Act or money transmission laws are being broken post-Segwit2X then they are probably being broken now because of how various forks and updates are currently rolled out by developers and miners.  While it is unclear if any regulators or law enforcement would see the interpretation of the CFA Act the same way as Bitcoin Core representatives do, this hypothetical legal threat raises a few interesting points:

  1. What legal standing does anyone have in the event of a fork on an anarchic chain?  Code is not law.
  2. What country has jurisdiction and who has contractual relationships with one another?
  3. Would such a lawsuit create precedence or chilling effect on anyone wanting to fork/clone code in the future?  Who is liable for orphaned blocks?
  4. What happens in the event of an accidental fork like the one in March 2013?

By pushing any interpretation of the CFA Act onto anarchic cryptocurrency networks, it could create interesting legal precedents for Bitcoin Core because once the government gets involved in deliberating which fork is and is not legitimate or which miners can or cannot participate, then you no longer have a pseudonymous anarchic network.  Recall there was no EULA or Terms of Service on purpose when Bitcoin was launched years ago.

Another recent example, a Bitcoin Core surrogate who used his real name, publicly asked the New York State Department of Financial Services (DFS) to look into Coinbase’s support of Segwit2x.  Does Coinbase violate the BitLicense for supporting one chain versus another?  Last month a Bitcoin Core contributor who also used his real name, penned a letter to the SEC about why it should not approve an ETF because the company applying for it supported Segwit2X, an alternative Bitcoin implementation.20

A couple weeks later the same author of the SEC letter publicly said:

But, yea, lets be clear, I dont know a singla significant contributor to Core who will ever work on btc1/Segwit2XCoin. If all the miners switch over, most likely some folks will buy hashrate and there will be a Bitcoin chain again to work on. If, somehow inexplicably, the entire community gives up on Bitcoin and uses 2xCoin, then most likely the vast majority of Core contributors will just move on to something other than Bitcoin, though given how 2x has been going, I find that highly, highly unlikey.

The term “2XCoin” is intended to be an inside baseball pejorative towards the developers and supporters of Segwit2X.  Other Core developers have publicly stated that other Core developers will walk away from (quit) the project if an alternative implementation successfully creates a fork.

Another common war cry during the summer was that Bitcoin Cash, a fork and airdrop of Bitcoin up to a certain block height, “was an attack on Bitcoin.”  This statement raises a number of questions:

(1) there are multiple existing forks of Bitcoin that continue to exist (such as Bitcoin Dark), were these also attacks on Bitcoin?  Where is the passionate uproar against the dozens of Bitcoin clones and forks including the ones that used line-for-line the same code but simply rebranded?

(2) Bitcoin needs to first be defined, since there is no 100% consensus or agreement on what it is (longest chain?) or even agreement on how to measure consensus, to prove that there is an attack you would need to at least agree on what Bitcoin is and what exactly was attacked.  Since Bitcoin was designed from the outset to be forked and for those with the most hashrate to decide what is and is included in a block — and the rules therein — how is Bitcoin Cash any different in terms of legitimacy than Bitcoin?

If there is a regulatory arbitrator stating which fork is the legitimate legal one, you have a permissioned network.  And I truly could talk all day about those because I popularized that term with this (now dated) paper more than two years ago and currently advise a couple companies involved in building those.  Inquire within!

The tactics used by different cryptocurrency tribes versus others is not new.  In fact, if you look as recent as the 1960s, during the Cultural Revolution in China there were struggle sessions in which the accused (class enemies) were captured and dragged out in front of the public and denounced for crimes that they didn’t commit.21

We see this type of behavior in the cryptocurrency world on a monthly basis, just look at the “Antbleed” hatchet job.  This was a manufactured controversy and coordinated attempt to discredit a company (Bitmain) that had publicly spoken out against one specific Bitcoin implementation in favor of another.2223 Nearly six months later, the original accusations (of covert usage) are still unproven yet some of the promoters of this theory, several of which who are affiliated with Bitcoin Core, continue to attack anyone who stands in the way of their own vision.  Many elements in the community thrive on both real and fake controversy in order to stay relevant: it is in a state of permanent lynching mode.

Other cryptocurrency chains

Lest I be accused of picking favorites, I should point out that future researchers could create an infographic depicting how all chains evolved over time.24

Below is a non-exhaustive list of other chains that have highly coordinated behavior between influential persons that look administrator-like:

  • Dash Core: run by a company (with a CEO no less); can identify the major participants involved and how they coordinate to make changes; they sponsor events and attempt to speak on behalf of the community while making any upgrades; they run various social media accounts
  • Ethereum Classic: this small community has held public events to discuss how they plan to change the money supply; they video taped this coordination and their real legal names are used; only one large company (DCG) is active in its leadership; they sponsor events; they run various social media accounts
  • Bitcoin Cash: an airdrop based on Bitcoin prior to a certain block height; can identify the major participants involved and how they coordinate to make changes; they run various social media accounts and events
  • Bitcoin Segwit2X: can identify the major participants involved and how they coordinate to make changes; they have met to formalize this process in multiple meetings including the New York Agreement (NYA); they run various social media accounts and claim to be the equivalent of Bitcoin Core
  • Bitcoin XT: defunct, in its terms they explicitly said one set of named individuals would be administrators
  • Litecoin: leaders are self-doxxed; have a formal Foundation as well; they run various social media accounts and events
  • Dogecoin: leaders are self-doxxed and publicly coordinated merged mining with Litecoin three years ago; there have a formal Foundation; they run various social media accounts
  • Ethereum: can identify and name specific people in the Ethereum Foundation and mining community who publicly coordinated several hard forks; these stakeholders sponsor public events and code changes; they run various social media accounts; the Ethereum Foundation has a registered trademark
  • Bitcoin Gold: an upcoming airdrop based on Bitcoin prior to a certain block height; can identify the major participants involved and how they coordinate to make changes; they run various social media accounts
  • Zcash: this was created by a company (Zerocoin Electric Coin Company); can identify and name specific people in the Zcash Foundation and mining community who publicly coordinate updates; these stakeholders sponsor public events, grants, and code changes; they run various social media accounts
  • Bitcoin: before Bitcoin Core consolidating itself, there was The Bitcoin Foundation which attempted to speak as the voice of Bitcoin… then it pretty much went morally and financially bankrupt
  • Dozens if not hundreds of others

Whereas the Bitcoin creator “walked away” (or is he lurking in the CoinDesk comment section?) most ICO issuers could have the same legal problems described above.  Even ignoring the issuance of unregistered securities through ERC20 and ERC20-like standards, many of these these ICO coins and tokens were centrally issued and administered.

One reviewer singled out Factom, Tierion, Ripple, and Stellar as well, but these communities have slightly different nuances worth looking into independent of this article.  It bears mentioning that Ripple was penalized and settled with FinCEN in May 2015, but this was due to non-compliance with BSA requirements with respect to not filing suspicious activity reports (SAR) from a side fund it operated. 25 It was not about operating the nodes on the network.26 Furthermore, centralized issuance and operation of a network through watermarked tokens (e.g., Counterparty, Omni (Mastercoin), all colored coins) is still taking place today (see Tether).

This is not to say that you shouldn’t create a cryptocurrency nor a foundation.  There are likely ways to create a new cryptocurrency and structure its governance in a legally compliant (or exempt) manner.

But some of those who issued a cryptocurrency which they centrally operate and mint could be on thin ice depending on how strict regulators and law enforcement are.27 Maybe they aren’t strict at all.

If it is centrally administered for 2 minutes versus 2 hours versus 2 years (like Satoshi did), at what point is that line crossed?  What about a network like Stellar that was originally decentralized and then in an emergency, centralized (running off of one node) due to a break in its consensus mechanism?  The Stellar organization itself operated the single validation node for months before re-decentralizing.  That is clearly administering a network especially since they issued lumens to begin with (lumens are the native currency of the Stellar network).

Forks as securities

A friend of mine that is the CEO of a Bitcoin-focused company recently hired an attorney to look at the upcoming Bitcoin Segwit2X (S2X) fork proposal and thinks there could be an argument that the fork is a security based on the Howey test.

His rationale is the following, reused with his permission:28

  • S2X is a common enterprise based on the efforts of the signers of the NYA
  • Many of the signers of the NYA have long touted the benefits and profit expectations of increasing the block size
  • S2X was assembled by a promoter/ third party: the organizers of the NYA and its signers
  • Anyone who purchased bitcoin between May 2017 and the fork date is an investor, in particular if that person bought bitcoin in anticipation / expectation of the fork

If this is true, then you could likely insert and replace S2X and NYA with various cryptocurrency developer groups (including Litecoin, Ethereum, Ethereum Classic, Bitcoin Core, Bitcoin XT and others listed in the section above) and just modify the date to argue that each of these coordinated efforts is effectively a common enterprise seeking to profit from the expectations of X, Y, or Z features.  It could be smaller or bigger blocks, sidechains, slower or faster block generation times, etc.  In other words, if Segwit2X is a security, then arguably many coordinated “soft” and “hard” forks are.29

At this time, in the US, neither the SEC nor CFTC have publicly issued their position on how a fork falls within their scope and mandate.30

However, if any regulator or court does formally publish guidance or a ruling siding with a specific fork, the cryptocurrency community will have institutionalized permissioned-on-permissionless chains.  An expensive contradiction.

Relevancy towards enterprise chains

Since you do not need proof-of-work to maintain all blockchains, enterprise focused blockchain and DLT-related companies (commonly referred to as private or permissioned chains) typically started off with the realization a couple years ago that:

  1.  In order for changes and upgrades to take place on a decentralized network, some clear governance needs to be created to manage that process;
  2.  Network validators, the nodes involved in validating transactions, would be run via known, identifiable (KYC’ed) operators who had specific contractual obligations that ultimately would rely on courts as arbiters (e.g., if there is a fork, only one chain would be deemed the legitimate de jure chain);
  3.  If an entity formally governs one of these networks it is likely that it would also be regulated under existing laws and regulations;
  4.  If an entity or group of entities has the power to coordinate and unilaterally make these changes at will without legal recourse, then this could be a single point of failure that could be abused.  How to design a network that prevents this security hole from forming yet comply with existing laws and regulations all while providing recourse to the users in the event of disputes arising?

Note: all of the vendor platforms have their own differences and nuances; from an architectural standpoint they cannot all be lumped together as a monolithic entity.

But in this case, many of these companies took roughly the same tact: one which attempts to hold validating parties accountable ultimately through the existing legal system (via contracts and if need be courts).  As a result, so far the vendors have generally gotten to bypass most of the drama around factional in-fighting described above.  But each vendor still has their own challenges ahead.  Once an enterprise chain’s mainnet is turned on in production and real value is being moved across their network, whoever administers and operates the network(s) could be legally liable for complying with a whole slew of regulations from multiple different jurisdictions.

That is why some operating models involve banks or other existing financial institution running the validating nodes — because they already have the necessary licenses and compliance structures put in place. That is also why some of the vendors created a consortium from the get-go because they foresaw the need to bring on different types of stakeholders early on.  But ignoring the consortium approach for the moment, once real legal names are touching and managing real financial instruments, regulators and law enforcement begin to pay much closer attention.

Final remarks

In the US there is no private right of action under the FinCEN guidelines.  Only FinCEN can initiate an enforcement proceeding, and based on conversations with legal experts who reviewed this article, these experts do not expect such actions right now given that FinCEN hasn’t thus far.

Can private parties initiate litigation?  Based on one conversation with an interested party, it seems that there is arguably a private right of action under the CEA, under certain state money transmission business (MTB) laws and under securities laws.  Will they?  My guess is that as more real value (e.g., real money like USD) is associated with any of these anarchic blockchains, the odds of lawsuits due to any type of fork (intentional or not), trends closer to probably.

With that said, networks such as blockchains, do not maintain themselves.  They do not upgrade themselves or automatically fix bugs that arise.  They are not anti-fragile.  They need people to do all of these pesky maintenance things.  And with people comes politics and social engineering.31

Empirically if there isn’t disharmony in a blockchain community it is because most participants agrees who the administrator or administrators are.32

If there is a disagreement, as we have seen multiple times, a political struggle often takes place and a fork or two may happen: either a fork in the chain or a fork in the community.  With hundreds of dead or zombie blockchains, it is clear that blockchains do not work without some kind of administrator and decision maker.  Whether or not FinCEN or other money transmitter regulators come to the same conclusion is a different matter.

The takeaway from this piece isn’t that no one should be formally or informally engaged with anarchic chains such as cryptocurrencies.  Or that passion and enthusiasm should be discouraged.  Rather, it is about consistency and the rule of law.  If you do not like the development or evolution in a community-without-formal-rules — such as the fractured tribes of Bitcoin — using the government as a club of convenience to get what you want and not expect consequences for their intervention on your behalf is shortsighted.

While a few dozen cryptocurrency startups have already begun using trade associations to lobby regulators on their behalf for a “hands-off” regulatory approach, at some stage the appearance of formalized governance of financial market infrastructure — even if it is marketed as self-sovereign, decentralized, open, and anarchic — could lead to increased regulatory oversight due to how the crypocurrency governance activity actually behaves in reality.  This is definitely a topic worth revisiting in a year to see if any regulator publicly opines on the topic. 33

[Note: if you found this research note helpful, be sure to visit Post Oak Labs for more in the future.]

Acknowledgements

To protect the privacy of those who provided feedback, I have only included initials: RD, CP, SP, CM, VB, DG, CK, AW.

Endnotes

  1. Both Ray Dillinger and Hal Finney have stated they analyzed and gave feedback to Satoshi on Bitcoin prior to its public announcement; perhaps there were others too. []
  2. See these two articles written by Daniel Friedberg: “FinCEN Guidance Validates Bitcoin Industry but Targets Satoshi” and “Bitcoin hard fork conspiracy treacherous” []
  3. It is possible to create a redeemable asset on Counterparty and several other platforms connected to Bitcoin. []
  4. One reviewer opined that: “I think it will be a technical legal definition that comes down to whether you can exert reasonable control before enforcing MSB rules.  Whether you are an administrator or not will be a boring court decision: they could look at whether you were mining or developing with a high enough impact. []
  5. On the mining side, the capital costs of running a mining farm and pool that actually validates blocks on many of the larger cryptocurrency networks is relatively expensive and out of reach for most users; mining pools have been documented at attacking one another on the network itself (e.g., DDOS attacks).  On the developer side, as discussed throughout this article, while it varies depending on the cryptocurrency, the control over the repo (specifically who has commit access) is often restricted to a few insiders who can permit and restrict who can be involved in the development process (e.g., they can remove a developer from mailing lists, forums, events, code repositories, etc.). []
  6. Cryptocurrency miners typically only have the ability to instruct payments of keys they control (although they can censor and/or fork as well).  Thus, it is argued, the miners typically just perform IT services. []
  7. In the UK, there is some relevant guidance from HM Revenue and Customs with respect to money laundering and money service businesses []
  8. See SPV wallets for a user-specific example. []
  9. This past summer Quartz published a series of articles detailing some of this physical infrastructure in China.  See: The lives of bitcoin miners digging for digital gold in Inner MongoliaPhotos: Inside one of the world’s largest bitcoin mines; and Take a 360 walk around one of the world’s biggest bitcoin mines []
  10. A year ago the narrative that miners were a key component of Bitcoin dramatically shifted in the minds of a group that lobbied for a change known as UASF: User Activated Soft Fork.  The proposal – which thus far has not been activated – attempts to remove miners and replace their role with nodes controlled by UASF advocates, pretty much removing Sybil protection.  Instead of buying hardware and pushing hashrate one way or the other, UASF advocates used social media to promote their views.  Incidentally some of the same people promoting “no2x” (opposed to Segwit2x) were actively part of the “UASF” campaign. []
  11. One reviewer mentioned that: “It’s worth noting that in Ethereum, miners actually don’t have a large role in decision-making. Ironically enough, I think the reason for this is that Bitcoin prefers soft forks for governance, whereas Ethereum prefers hard forks, and soft forks naturally depend more heavily on miner support in order to succeed.” []
  12. Its Twitter account actively retweets and highlights specific content from a common group of promoters, advocating and endorsing their viewpoints. []
  13. “theymos” is his/her username; his real name is allegedly Michael Marquardt but little is publicly known about who he is beyond his control of the most highly trafficked Bitcoin-specific developer sites.  Other pseudonyms that co-own some of these domains include “cobra.” []
  14. In the US, copyrights are unregistered.  The copyright owner of the original source code still belongs to “Satoshi Nakomoto” however as of this writing, no one has stepped forward to claim this copyright ownership. []
  15. Alternatively they could be a “general partnership;” this was discussed in the SEC paper on The DAO (pgs 14-15). []
  16. One reviewer provided a counterpoint: “There’s a difference between voluntarily taking on responsibility and being legally assigned it. For example, if I suddenly decide that I feel morally obligated to make sure all children in some village in Africa are properly fed, I do not become their legal guardian.” []
  17. Alex Waters, Jeff Garzik, and Gavin Andresen (among others) have been removed in this fashion. []
  18. If we replaced “browser” with “TCP/IP” that would likely create massive economic disruption and finger pointing for blame. []
  19. See also: Emochain and Statistchain []
  20. I touched on this same issue last year in a paper, see Comments on the COIN ETF (SR-BatsBZX-2016-30) []
  21. One reviewer pointed out that: “If you’re looking for parallels with authoritarian regimes, there are many. Bitcoin Core’s arguments that there must be only one reference implementation to “preserve stability”; them playing linguistic games to deny the opposition legitimacy, high levels of censorship, etc. There are also parallels on the other side of this, where the “opposition parties,” despite having many legitimate grievances, are all good at protesting but focus on negativity and are not nearly technically competent enough to effectively form their own “government”. This happens in Russia, to some extent Singapore, China (think Hong Kong independence movement), etc. You can probably expand this out into an entire blog post.” []
  22. Bitmain is the largest manufacture of mining equipment, Antminer is the brand of one of its product lines. []
  23. See also Just How Profitable is Bitmain? by Jimmy Song and Former Bitmain Chip Designer Seeks to Revoke Mining Giant’s Patent from CoinDesk []
  24. One reviewer suggested that future researchers and analysts could also look at several other attributes: (1) Basing oneself in a country as an incorporated entity; (2) Having developers heavily concentrated in a country; (3) Heavily marketing in a country, especially if it’s the same country as above; (4) The operation of a chain being controlled by one implementation and one company (as opposed to Ethereum’s geth/Parity/now harmony split []
  25. One reviewer opined that: “Though it is worth noting that their ability to operate the network in a way that gives users permissionlessness was compromised as a result of these side activities. A useful cautionary tale.” []
  26. XRP Ledger Decentralizes Further With Expansion to 55 Validator Nodes from Ripple Insights []
  27. One reviewer commented that: “I think it’s worth making a distinction here between convertibility and central administration of tech. Bitcoin, Bitcoin Cash, Ethereum, Ethereum Classic, Dash, etc are all not immediately convertible; the portion of tokens that actually are convertible is relatively low and I think everyone already agrees that those are regulated.” []
  28. Private correspondence on October 16, 2017. []
  29. For a related discussion see, Are Public Blockchain Systems Unlicensed Money Services Businesses in Disguise? from Ciaran Murray []
  30. One reviewer mentioned that in the event a fork occurs, there could be legal repercussions pursuant to Commodities Exchange Act (namely, section 6(c), rule 180). []
  31. Even some of the proposed “self-governing” blockchains ultimately start out fairly centralized, arguably as administrators and MTBs.  And due to the amount of coins that insiders and creators of these chains have, they could heavily influence the direction of votes (e.g., in a staking model, large coin holders are politically powerful entities who could coordinate and collude to fork in their own interest).  Will they always remain as administrators? []
  32. Many thanks to Ciaran Murray for providing this observation. []
  33. One of the reviewers asked how several current and proposed proof-of-stake coin-based projects would fit in here as potential solutions.  Since most of these are young and/or not even launched, see footnote 31 above.  Some have governance challenges already, see Backroom battle imperils $230 million cryptocurrency venture from Reuters.  Another reviewer opined that: “Systems like Bitshares, EOS, Tezos, et al will in practice be secure primarily precisely because there are large premines held by the foundations and developers themselves. It’s like a kind of ‘centralized administration without looking like centralized administration.'” []
Send to Kindle

Eight Things Cryptocurrency Enthusiasts Probably Won’t Tell You

[Note: I neither own nor have any trading position on any cryptocurrency.  I was not compensated by any party to write this.  The views expressed below are solely my own and do not necessarily represent the views of my employer or any organization I advise.  See Post Oak Labs for more information.]

Alternative title: who will be the Harry Markopolos of cryptocurrencies?

If you don’t know who Harry Markopolos is, quickly google his name and come back to this article.  If you do, and you aren’t completely familiar with the relevance he has to the cryptocurrency world, let’s start with a little history.

Background

Don’t drink the Koolaid

With its passion and perma-excitement, the cryptocurrency community sometimes deludes itself into thinking that it is a self-regulating market that doesn’t need (or isn’t subject to) government intervention to weed out bad actors.1 “Self-regulation,” usually refers to an abstract notion that bad actors will eventually be removed by the action of market forces, invisible hand, etc.

Yet by most measures, many bad actors have not left because there are no real consequences or repercussions for being a bad dude (or dudette).

Simultaneously, despite the hundreds of millions of dollars raised by VCs and over a couple billion dollars raised through ICOs in the past year or so, not one entity has been created by the community with the power or moral authority to rid the space of bad apples and criminals.  Where is the regulatory equivalent of FINRA for cryptocurrencies?2

Part of this is because some elements in the community tacitly enable bad actors. This is done, in some cases, by providing the getaway cars (coin mixers) but also, in other cases, with a wink and a nod as much of the original Bitcoin infrastructure was set-up and co-opted by Bitcoiners themselves, some of whom were bad actors from day one.3

There are many examples, including The DAO.4 But the SEC already did a good dressing down of The DAO, so let’s look at BTC-e.

BTC-e is a major Europe-based exchange that has allegedly laundered billions of USD over the span of the past 6 years.  Its alleged operator, Alexander Vinnik, stands accused of receiving and laundering some of the ill-gotten gains from one of the Mt. Gox hacks (it was hacked many many times) through BTC-e and even Mt. Gox itself.5 BTC-e would later go on to be a favorite place for ransomware authors to liquidate the ransoms of data kidnapping victims.

Who shut down BTC-e?

It wasn’t the enterprising efforts of the cryptocurrency community or its verbose opinion-makers on social media or the “new 1%.”  It was several government law enforcement agencies that coordinated across multiple jurisdictions on limited budgets.6 Yet, like Silk Road, some people in the cryptocurrency community likely knew the operators of the BTC-e and willingly turned a blind eye to serious misconduct which, for so long as it continues, represents a black mark to the entire industry.

In other cases, some entrepreneurs and investors in this space make extraordinary claims without providing extraordinary evidence.  Such as, using cryptocurrency networks are cheaper to send money overseas than Western Union.  No, it probably is not, for reasons outlined by SaveOnSend.7

But those who make these unfounded, feel-good claims are not held accountable or fact-checked by the market because many market participants are solely interested in the value of coins appreciating.  Anything is fair game so as long as prices go up-and-to-the-right, even if it means hiring a troll army or two to influence market sentiment.

And yet in other cases, the focus of several industry trade associations and lobbying groups is to squarely push back against additional regulations and/or enforcement of existing regulations or PR that contradicts their narrative.8

Below are eight suggested areas for further investigation within this active space (there could be more, but let’s start with this small handful):

(1) Bitfinex

Bitfinex is a Hong Kong-based cryptocurrency exchange that has been hacked multiple times.9  Most recently, about 400 days ago, $65 million dollars’ worth of bitcoins were stolen.

Bitfinex eventually painted over these large losses by stealing from its own users, by socializing the deficits that took place in some accounts across nearly all user accounts.10  Bitfinex has – despite promising public audits and explanations of what happened – provided no details about how it was hacked, who hacked it, or to where those funds were drained to.11 It has also self-issued at least two tokens (BFX and RRT) representing their debt and equity to users, listed these tokens on their own exchange and allowed their users to trade them.12

There have been suggestions of impropriety, with its CFO (or CSO?) Phil Potter publicly explaining how they handle being de-banked and re-banked:

“We’ve had banking hiccups in the past, we’ve just always been able to route around it or deal with it, open up new accounts, or what have you… shift to a new corporate entity, lots of cat and mouse tricks that everyone in Bitcoin industry has to avail themselves of.”

Yet there is little action by the cryptocurrency community to seek answers to the open questions surrounding Bitfinex.  I wrote a detailed post several months ago on it and the only reporters who contacted me for follow-ups were from mainstream press.

There are a lot of reasons why, but one major reason could be that some customers have financially benefited from this lack of market surveillance because relatively little KYC (Know Your Customer) is collected or AML (Anti-Money Laundering) enforced, so some trades and/or taxes are probably unreported.13 This wouldn’t be an isolated incident as the IRS has said less than 1,000 United States persons have been filing taxes related to “virtual currencies” each year between 2013 – 2015.

But that’s not all.

The latest series of drama began earlier this spring: Bitfinex sued Wells Fargo who had been providing correspondent banking access to Bitfinex’s Taiwanese banking partners.  Wells Fargo ended this relationship which consequently tied up tens of millions of USD that was being wired internationally on behalf of Bitfinex’s users.  About a week later Bitfinex dropped the suit and at least one person involved on the compliance side of a large Taiwanese bank was terminated due to the misrepresentation of the Bitfinex account relationship.

This also impacted the price of Tether.

Tether, as its name suggests, is a proprietary cryptocurrency (USDT) that is “always backed by traditional currency held in our reserves.”  It initially used a cryptocurrency platform called Mastercoin (rebranded to Omni) and recently announced an ERC20 token on top of Ethereum.1415

As a corporate entity, Tether’s governance, management, and business are fairly opaque.  No faces or names of employees or personnel can be found on its site.16  Bitfinex was not only one of its first partners but is also a shareholder.  Bitfinex has also created a new ICO trading platform called Ethfinex and just announced that Tether will be partnering with it in some manner.17

Tether as an organization creates coins.  These coins are known as Tethers that trade under the ticker $USDT each of which, as is claimed on their webpage, is directly linked, 1-for-1, with USD and yen equivalents deposited in commercial banks.  But after the Wells Fargo suit was announced, USDT “broke the buck” and traded at $0.92 on the dollar.18   It has fluctuated a great deal during the summer currently trades at $1.00 flat.

Which leads to the question: are the seven banks listed by the recent CPA disclosure aware of what Tether publicly advertises its USDT product as?19

Source: Tether LTD

Who is responsible for issuance, and how if at all can they be redeemed?  Are they truly backed 1:1 or is there some accounting sleight-of-hand taking place behind the scenes?20  Where are those reserves going to be exactly?  Who will have access to them?  Will either Tether (the company) or Bitfinex going to use them to trade?21 These are the types of questions that should be asked and publicly answered.

The only reason anyone is learning anything about the project is because of an anonymous Tweeter, going by the handle @Bitfinexed, who seemingly has nothing better to do than listen to hundreds of hours of audio archives of Bitcoiners openly bragging about their day trading schemes and financial markets acumen (in that order).

Despite myself and others having urged coin media to do so, to my knowledge there have been no serious investigations or transparency as to who owns or runs this organization.  Privately, some reporters have blamed a lack of resources for why they don’t pursue these leads; this is odd given the deluge of articles posted every month on the perpetual block size debate that will likely resolve itself in the passage of time.

The only (superficial) things we know about Tether (formerly Realcoin) is from the few bits of press releases over time.22  Perhaps this is all just a misunderstanding due to miscommunication.23  Who wants to fly to Hong Kong and/or Taiwan to find out more?

(2) Ransomware, Ponzi’s, Zero-fee and AML-less exchanges

Last month a report from Xinhua found that:

China’s two biggest bitcoin exchanges, Huobi and OKCoin, collectively invested around 1 billion yuan ($150 million) of idle client funds into “wealth-management products.”

In other words, the reason these exchanges were able to operate and survive while charging zero-fees is partially offset by these exchanges using customer deposits to invest in other financial products, without disclosing this to customers.24

Based on conversations with investigative reporters and former insiders, it appears that many, if not most, mid-to-large exchanges in China used customer deposits (without disclosing this fact) to purchase other financial products.  It was not just OKCoin and Huobi but also BTCC (formerly BTC China) and others.  This is not a new story (Arthur Hayes first wrote about it in November 2015), but the absence of transparency in how these exchanges and intermediaries are run ties in with what we have seen at BTC-e.  While there were likely a number of legitimate, non-illicit users of BTC-e (like this one Australian guy), the old running joke within the community is that hackers do not attack BTC-e because it was the best place to launder their proceeds.

Many exchanges, especially those in developing countries lacking KYC and AML processes, directly benefited from thefts and scams.  Yet we’ve seen very little condemnation from the main cheerleaders in the community.25

For example, two years ago in South Africa, MMM’s local chapter routed around the regulated exchange, patronizing a new exchange that wouldn’t block their transactions.26  MMM is a Ponzi scheme that has operated off-and-on for more than twenty years in dozens of countries.  In its most current incarnation it has raised and liquidated its earnings via bitcoin.  As a result, the volume on the new exchange in South Africa outpaced the others that remained compliant with AML procedures.  Through coordination with law enforcement it was driven out for some time, but in January of this year, MMM rebooted and it is now reportedly back in South Africa and Nigeria.  The same phenomenon has occurred in multiple other countries including China, wherein, according to inside sources, at least one of the Big 3 exchanges gave MMM representatives the VIP treatment because it boosted their volume.

It was a lack of this market surveillance and customer protections and outright fraud that eventually led to many of the Chinese exchanges being investigated and others raided by local and national regulators in a coordinated effort during early January and February 2017.27

Initially several executives at the non-compliant exchanges told coin media that nothing was happening, that all the rumors of investigation was “FUD” (fear, uncertainty, doubt).  But they were lying.28

Regulators had really sent on-site staff to “spot check” and clean up the domestic KYC issues at exchanges.  They combed through the accounting books, bank accounts, and trading databases, logging the areas of non-compliance and fraud.  This included problems such as allowing wash-trading to occur and unclear margin trading terms and practices.29 Law enforcement showed these problems (in writing) to exchange operators who had to sign and acknowledge guilt: that these issues were their responsibility and that there could be future penalties.

Following the recent government ban on ICO fundraising (described in the next section), all exchanges in China involved in fiat-to-cryptocurrency trades have announced they will close in the coming weeks, including Yunbi, an exchange that was popular with ICO issuers.30  On September 14th, the largest exchange in Shanghai, BTCC (formerly BTC China), announced it would be closing its domestic exchange by the end of the month.31 It is widely believed it was required to do so for a number of compliance violations and for having issued and listed an ICO called ICOCoin.32

Source: Tweet from Linke Yang, co-founder of BTCC

The two other large exchanges, OKCoin and Huobi, both announced on September 15th that they will be winding down their domestic exchange by October 31st.33  Although according to sources, some exchange operators hope this enforcement decision (to close down) made by regulators will quietly be forgotten after the Party Congress ends next month.34

One Plan B is a type of Shanzhai (山寨) hawala which has already sprung up on Alibaba whereby users purchase discrete units of funds as a voucher from foreign exchanges (e.g., $1,000 worth of BTC at a US-based exchange).35  Many exchanges are trying to setup offices and bank accounts nearby in Hong Kong, South Korea, and Japan, however this will not solve their ability to fund RMB-denominated trades.36

It is still unclear at this time what the exact breakdown in areas of non-compliance were largest (or smallest).37  For instance, how common was it to use a Chinese exchange for liquidating ransomware payments?

As mentioned in an earlier post, cryptocurrencies are the preferred payment method for ransomware today because of their inherent characteristics and difficulty to reclaim or extract recourse.  One recent estimate from Cybersecurity Ventures is that “[r]ansomware damage costs will exceed $5 billion in 2017, up more than 15X from 2015.”  The victims span all walks of life, including the most at-risk and those providing essential services to the public (like hospitals).

But if you bring up this direct risk to the community, be prepared to be shunned or given the “whataboutism” excuse: sure bitcoin-denominated payments are popular with ransomware, but whatabout dirty filthy statist fiat and the nuclear wars it funds!

Through the use of data matching and analytics, there are potential solutions to these chain of custody problems outlined later in section 8.

(3) Initial coin offerings (ICOs)

Obligatory South Park reference (Credit: Jake Smith)

Irrespective of where your company is based, the fundraising system in developed – let alone developing countries – is often is a time consuming pain in the rear.  The opportunity costs foregone by the executive team that has to road show is often called a necessary evil.

There has to be a more accessible way, right?  Wouldn’t it just be easier to crowdfund from (retail) investors around the world by selling or exchanging cryptocurrencies directly to them and use this pool of capital to fund future development?

Enter the ICO.

In order to participate in a typical ICO, a user (and/or investor) typically needs to acquire some bitcoin (BTC) or ether (ETH) from a cryptocurrency exchange.  These coins are then sent to a wallet address controlled by the ICO organizer who sometimes converts them into fiat currencies (often without any AML controls in place), and sends the user/investor the ICO coin.38

Often times, ICO organizers will have a private sale prior to the public ICO, this is called a pre-sale or pre-ICO sale.  And investors in these pre-sales often get to acquire tokens at substantial discounts (10 – 60%) than the rate public investors are offered.39.  ICO organizers typically do not disclose what these discounts are and often have no vesting cliffs attached to them either.

The surge in popularity of ICOs as a way to quickly exploit and raise funds (coins) and liquidate them on secondary markets has transitively led to a rise in demand of bitcoin, ether, and several other cryptocurrencies.  Because the supply of most of the cryptocurrencies is perfectly inelastic, any significant increase (or decrease) in demand can only be reflected via volatility in prices.

Hence, ICOs are one of the major contributing factors as to why we have seen record high prices of many different cryptocurrencies that are used as gateway coins into ICOs themselves.

According to one estimate from Coin Schedule, about $2.1 billion has been raised around the world for 140 different ICOs this year.40  My personal view is that based on the research I have done, most ICO projects have intentionally or unintentionally created a security and are trying to sell it to the public without complying with securities laws.41 Depending on the jurisdiction, there may be a small handful of others that possibly-kinda-sorta have created a new coin that complies with existing regs.42  Maybe.

Ignoring the legal implications and where each fits on that spectrum for the moment, many ICOs to-date have pandered to and exploited terms like “financial inclusion” when it best suits them.43  Others pursue the well-worn path of virtue signaling: Bitcoiners condemning the Ethereum community (which itself was crowdfunded as an ICO), because of the popularity in using the Ethereum network for many ICOs… yet not equally condemning illicit fundraising that involves bitcoin or the Bitcoin network or setting up bucket shops such as Sand Hill Exchange (strangely one of its founders who was sued by the SEC now writes at Bloomberg).

The cryptocurrency community as a whole condemned the “Chinese government” for its recent blanket ban on fundraising and secondary market listing of ICOs.44 The People’s Bank of China (PBOC) is one of seven regulators to enforce these regulations yet most of the public antagonism has been channeled at just the PBOC.45

Irrespective of whether you think it was the right or wrong thing to do because you heart blockchains, the PBOC and other regulators had quite valid reasons to do so: some ICO creators and trading platforms were taking funds they received from their ICO and then re-investing those into other ICOs, who in turn invested in other ICOs, and so forth; creating a fund of fund of funds all without disclosing it to the public or original investors.46 ICO Inception (don’t tell Christopher Nolan).

In China and in South Korea, and several other countries including the US, there is a new cottage industry made of up entities called “community managers” (CM) wherein an ICO project hires an external company (a CM) who provides a number of services:

  1. for X amount of BTC the CM will actively solicit and get your coin listed on various exchanges;
  2. the CM takes a sales commission while marketing the coin to the public such that after the ICO occurred, they would take a juicy cut of the proceeds; and several other promotional services.47

The ICO issuers and fundraising/marketing teams usually organize a bunch of ICOs weekly and typically employ a market maker (known as an “MM” in the groups) whose role is to literally pump and dump the coin.  They engage in ‘test pumps’ and ‘shakeouts’ to get rid of the larger ICO investors so they can push the price up on a thin order book by 10x, 20x, or 30x before distributing and pulling support. You can hire the services of one of these traders in many of the cryptocurrency trading chat groups.48

There were even ICO boot camps (训练营) in China (and elsewhere) usually setup with shady figures with prior experience in pyramid schemes.49  Here they coached the average person to launch an ICO on the fly based on the ideas of this leader to people of all demographics including the vulnerable and at-risk.50  Based on investigations which are still ongoing, the fraud and deceit involved was not just one or two isolated incidents, it was rampant.51 Obtaining the training literature that was given to them (e.g., the script with the promises made) would make for a good documentary and/or movie.

Scene from Boiler Room

In other words, the ICO rackets have recreated many aspects of the financial services industry (underwriters, broker/dealers) but without any public disclosures, organizational transparency, investor protections, or financial controls.  Much like boiler rooms of days past.  It is no wonder that with all of this tomfoolery, according to Chainalysis, that at least $225 million worth of ETH has been stolen from ICO-related fundraising activity this past year.52

At its dizzying heights, in China, there were about sixty ICO crowdfunding platforms each launching (or trying to launch) new ICOs on a monthly basis.53  And many of these platforms also ran and operated their own exchanges where insiders were pumping (and dumping) and seeing returns of up to 100x on coins that represented “social experiments to test human stupidity” such as the performance art pictured below.

One recent estimate from Reuters was that in China, “[m]ore than 100,000 investors acquired new cryptocurrencies through 65 ICOs in January-June [2017].”54  It’s still unclear what the final straw was, but the universal rule of don’t-pitch-high-risk-investment-schemes-to-grandmothers-on-fixed-incomes was definitely breached.

As a result, the PBOC and other government entities in China are now disgorging any funds (about $400 million) that ICOs had raised in China.55  This number could be higher or lower depending on how much rehypothecation has taken place (e.g., ICOs investing in ICOs).  All crowdfunding platforms such as ICOAGE and ICO.info have suspended operations and many have shut down their websites.  In addition, several executives from these exchanges have been given a travel ban.56

Cryptocurrency exchanges (the ones that predated the ICO platforms) have to delist ICOs and freeze plans from adding any more at this time.  Multiple ICO promotional events, including those by the Fintech Blockchain Group (a domestic fund that organized, promoted, and invested in ICOs) have been canceled due to the new ban.57  Several well-known promoters have “gone fishing” overseas.  This past week, Li Xiaolai, an early Bitcoin investor and active ICO promoter, has publicly admitted to having taken the ICO mania too far (using a car acceleration example), an admission many link to the timing of this crackdown and ban.58

A real ICO in China: “Performance Art Based on Block Chain Technology” (Source)

For journalists, keep in mind this is (mostly) just one country described above.  It would be a mistake to pin all of the blame on just the ICO operators based in China as similar craziness is happening throughout the rest of the world (observe the self-serving celebrity endorsements).  Be sure to look at not just the executives involved in an ICO but also the advisors, investors, figureheads, and anyone who is considered “serious” lending credibility to dodgy outfits and dragging the average Joe (and Zhou) and his fixed income or meager savings into the game.

There may be a legitimate, legal way of structuring an ICO without running afoul of helpful regulations, but so far those are few and far between.  Similarly, not everyone involved in an ICO is a scammer but it’s more than a few bad apples, more like a bad orchard.  And as shown above with the initial enforcement actions of just one country, short sighted hustling by unsavory get-rich-quick partisans unfortunately might deep-six the opportunities for non-scammy organizations and entrepreneurs to utilize a compliant ICO model in the future.59

(4) VC-backed entities

Theranos, Juicero, and Hampton Creek, meet Coinbase, 21.co, Blockstream, and several others.

Okay, so that may be a little exaggerated.  But still the same, few high-profile Bitcoin companies are publishing daily active or monthly active user numbers for a variety of reasons.

Founded in May 2012, the only known unicorn to-date is Coinbase.  Historically it has kept traction stats close to the chest but we got a small glimpse at what Coinbase’s user base was from an on-going lawsuit with the IRS.  According to one filing, between 2013-2015 (the most recent publicly available data) Coinbase had around 500,000 users, of which approximately 14,355 accounts conducted at least $20,000 in business.60 This is a far cry from the millions of wallets we saw as a vanity statistic prominently displayed on its homepage during that same time period.61

What did most users typically do?  They created an account, bought a little bitcoin, and then hoarded it – very few spent it as if it were actual money which is one of the reasons why they removed a publicly viewable transaction chart over a year ago.62

To be fair, the recent surge in market prices for cryptocurrencies has likely resulted in huge user growth.  In fact, Coinbase’s CEO noted that 40,000 new users signed up on one day this past May.  But some of this is probably attributed to new users using Coinbase as an on-and-off ramp: United States residents acquiring bitcoin and ether on Coinbase and then participating in ICOs elsewhere.63

After more than $120 million in funding, 21.co (formerly 21e6) has not only seen an entire executive team churn, but a huge pivot from building hardware (Bitcoin mining equipment) into software and now into a pay-as-you-go-LinkedIn-but-with-Bitcoin messaging service.  Launched with much fanfare in November 2015, the $400 Amazon-exclusive 21.co Bitcoin Computer was supposed to “return economic power to the individual.”

In reality it was just a USB mining device (a Raspberry Pi cobbled together with an obsolete mining chip) and was about as costly and useful as the Juicero juicing machine.  It was nicknamed the “PiTato” and unit sales were never publicly disclosed.  Its story is not over: in the process of writing this article, 21.co announced it will be launching a “social token” (SOC) by the end of the year.64

Blockstream is the youngest of the trio.  Yet, after three years of existence and having raised at least $76 million, as far as the public can tell, the company has yet to ship a commercial product beyond an off-the-shelf hardware product (Liquid) that generates a little over $1 million in revenue a year.65  It also recently launched a satellite Bitcoin node initiative it borrowed from Jeff Garzik, who conceived it on a budget of almost nothing about three years ago.66

To be fair though, perhaps it does not have KPIs like other tech companies.  For instance, about two and half years ago, one of their largest investors, Reid Hoffman, said Blockstream would “function similarly to the Mozilla Corporation” (the Mozilla Corporation is owned by a nonprofit entity, the Mozilla Foundation).  He likened this investment into “Bitcoin Core” (a term he used six times) as a way of “prioritiz[ing] public good over returns to investors.”  So perhaps expectations of product roadmaps is not applicable.

On the flipside, some entrepreneurs have explained that their preference for total secrecy is not necessary because they are afraid of competition (that is a typical rationale of regular startups), but because they are afraid of regulators via banks.67  For example, a regulator sees a large revenue number, finds out which bank provides a correspondent service and if the startup is fully compliant with AML, CFT, and KYC processes, starts auditing that bank, and banks re-evaluates NPV of working with a startup and potentially drops it.  Until that changes, we will not know volumes for Abra, Rebit, Luno, and others and that is why a year-old claim about 20% market share in the South Korea -> Philippines remittance corridor remains evidence-free.6869

While we would all love to see more data, this is a somewhat believable argument.  A more insightful question might be if/when we get to a point where supporting Bitcoin players becomes enough of real revenue that banks would agree to higher investments and support.  In the meantime, business journalists should drill down into the specifics about how raised money has been spent, is compliance being skirted, customer acquisition costs, customer retention rate, etc.70

(5) The decline of Maximalism

If you were to draw a Venn diagram, where one circle represented neo Luddism and another circle represented Goldbugism, the areas they overlap would be cryptocurrency Maximalism (geocentrism and all).71  This increasingly smaller sect, within the broader cryptocurrency community, believes in a couple of common tenets but most importantly: that only one chain or ledger or coin will rule them all.  This includes the Ethereum Classic (ETC) and Bitcoin Core sects, among others.

They’re a bit like the fundamentalists in that classic Monty Python “splitters” sketch but not nearly as funny.

If you’re looking to dig into defining modern irony, these are definitely the groups to interview.  For instance, on the one hand they want and believe their Chosen One (typically BTC or ETC) should and will consume the purchasing power of all fiat currencies, yet they dislike any competing cryptocurrency: it is us versus them, co-existence is not an option!  The rules of free entry do not apply to their coin as somehow a government-free monopoly will form around their coin and only their coin.  Also, you should buy a lot of their coin, like liquidate your life savings asap and buy it now.

Artist rendering of proto-Bitcoin Maximalism, circa 14th century

This rigidity has diminished over time.

Whereas, three years ago, most active venture capitalists and entrepreneurs involved in this space were antagonistic towards anything but bitcoin, more and more have become less hostile with respect to new and different platforms.

Source: Twitter

For instance, Brian Armstrong (above), the CEO of Coinbase, two and a half years ago, was publicly opposed to supporting development activities towards anything unrelated to Bitcoin.

But as the adoption winds shifted and Ethereum and other platforms began to see growth in their development communities (and coin values), Coinbase and other early bastions of maximalism began to support them as well.

Source: Twitter (1 2)

There will likely be permanent ideological holdouts, but as of this writing I would guesstimate that less than 20% of the bitcoin holders I have interacted with over the past 6-9 months would label themselves maximalists (the remaining would likely self-identify with the “UASF” and “no2x” tags on Twitter).

So interview them and get their oral history before they go extinct!

(6) Market caps

There is very little publicly available analysis of what is happening with Bitcoin transactions (or nearly all cryptocurrencies for that matter): dormant vs. active, customers vs. accounts, transaction types (self-transfers vs. remittances vs. B2B, etc.).

On-chain transaction growth seems to be slowing down on the Bitcoin network and we don’t have good public insights on what is going on: are there are pockets of growth in real adoption or just more wallet shuffling?

In other words, someone should be independently updating “Slicing data” but instead all we pretty much see is memes of Jamie Dimon or animated gifs involving roller coaster prices.72

In the real world, “market cap” is based on a claim on a company’s assets and future cash flows.  Bitcoin (and other cryptocurrencies) has neither — it doesn’t have a “market cap” any more than does the pile of old discarded toys in your garage.

“Market Cap” is a really dumb phrase when applied to the cryptocurrency world; it seems like one of those seemingly straightforward concepts ported to the cryptocurrency world directly from mainstream finance, yet in our context it turns into something misleading and overly simplistic, but many day traders in this space who religiously tweet about price action love to quote.

The cryptocurrency “market cap” metric is naively simplistic: take the total coin supply, and multiply it by the current market price, and voila!  Suddenly Bitcoin is now approaching the market cap of Goldman Sachs!73

Yeah, no.

To begin with, probably around 25% or more of all private keys corresponding to bitcoins (and other cryptocurrencies too) have been permanently lost or destroyed.74  Most of these were from early on, when there was no market price and people deleted their hard drives with batches of 50 coins from early block rewards without backing them up or a second thought.

Extending this analogy, 25% of the shares in Goldman Sachs cannot suddenly become permanently ownerless.  These shares are registered assets, not bearer assets.  Someone identifiable owns them today and even if there is a system crash at the DTCC or some other CSD, shareholders have a system of recourse (i.e., the courts) to have these returned or reissued to them with our without a blockchain.  Thus, anytime you hear about “the market price of Bitcoin has approached $XXX billion!” you should automatically discount it by at least 25%.

Also, while liquidity providers and market makers in Bitcoin have grown and matured (Circle’s OTC desk apparently trades $2 billion per month), this is still a relatively thinly traded market in aggregate.  It is, therefore, unlikely that large trading positions could simultaneously move into and out of billion USD positions each day without significantly moving the market.  A better metric to look at is one that involves real legwork to find: the average daily volume on fee-based, regulated spot exchanges combined with regulated OTC desks.  That number probably exists, but no one quotes it.  Barring this, an interim calculation could be based on “coins that are not lost or destroyed.”

(7) Buy-side analysts and coin media

We finally have some big-name media beginning to dig into the shenanigans in the space.  But organizations like CoinDesk, Coin Telegraph, and others regularly practice a brand of biased reporting which primarily focus on the upside potential of coins and do not provide equal focus on the potential risks.75  In some cases, it could be argued that these organizations act as slightly more respectable conduits for misinformation churned out by interested companies.76

Common misconceptions include continually pushing out stories like the example above, on “market caps” or covering vanity metrics such as growth in wallet numbers (as opposed to daily active users).  It is often the case that writers for these publications are heavily invested in and/or own cryptocurrencies or projects mentioned in their stories without public disclosure.

This is not to say that writers, journalists, and staff at these organizations should not own a cryptocurrency, but they should publicly disclose any trading positions (including ‘hodling’ long) as the sentiment and information within their articles can have a material influence on the market prices of these coins.

For instance, CoinDesk is owned by Digital Currency Group (DCG) who in turn has funded 80-odd companies over the last few years, including about 10 mentioned in this article (such as Coinbase and BTC China).  DCG also is an owner of a broker/dealer called Genesis Trading, an OTC desk which trades multiple cryptocurrencies that DCG and its staff, have publicly acknowledged at having positions in such as ETC, BTC and LTC.77

What are the normal rules around a media company (and its staff) retweeting and promoting cryptocurrencies or ICOs the parent company or its principals has a stake in?

If coin media wants to be taken seriously it will have to take on the best practices and not appear to be a portfolio newsletter: divorce itself of conflicts of interest by removing cross ownership ties and prominently disclose all of the remaining potential conflicts of interest with respect to ownership stakes and coin holdings.  Markets that transmit timely, accurate, and transparent information are better markets and are more likely to grow, see, and support longer-term capital inflows.78

Source: Twitter

Source: Twitter

For example, if Filecoin is a security in the US (which its creators have said it is), and DCG is an equity holder in Filecoin/Protocol Labs (which it is)… and DCG is an owner in CoinDesk, what are the rules for retweeting this ICO above?  There are currently 16 stories in the CoinDesk archive which mention Filecoin, including three that specifically discuss its ICO.  Is this soliciting to the public?79

Similarly, many of the buy-side analysts that were actively publishing analysis this past year didn’t disclose that they had active positions on the cryptocurrencies they covered.  We recently found out that one lost $150,000 in bitcoins because someone hacked his phone.

At cryptocurrency events (and fintech events in general), we frequently hear buzz word bingo including: smart assets, tokens, resilience, pilots, immutability, even in-production developments, but there is often no clear articulation of what are the specific opportunities to save or make money for institutions if they acquire a cryptocurrency or uses its network to handle a large portion of their business.80

This was the core point of a popular SaveOnSend article on remittances from several years ago.  I recommend revisiting that piece as a model for similar in-depth assessments done by people who understand B2B payments, correspondent banking and other part of global transfers.  Obviously this trickles into the other half of this space, the enterprise world which is being designed around specific functional and non-functional requirements, the SLAs, compliance with data privacy laws, etc., but that is a topic for another day.

What about Coin Telegraph?  It is only good for its cartoon images.81

Source: LinkedIn

There are some notable outliers that serve as good role models and exceptions to the existing pattern and who often write good copy.  Examples of which can be found in long end note.82

Obviously the end note below is non-exhaustive nor an endorsement, but someone should try to invite some or all these people above to an event, emceed by Taariq Lewis.  That could be a good one.

(8) Analytics

What about solutions to the problems and opaqueness described throughout this article?

There are just a handful of startups that have been funded to create and use analytics to identify usage and user activity on cryptocurrency networks including: Chainalysis, Blockseer, Elliptic, WizSec, ScoreChain, Skry (acquired by Bloq) – but they are few and far between.83  Part of the reason is because the total addressable market is relatively small; the budgets from compliance departments and law enforcement is now growing but revenue opportunities were initially limited (same struggle that coin media has).  Another is that the analytic entrepreneurs are routinely demonized by the same community that directly benefits from the optics they provide to exchanges in order to maintain their banking partnerships and account access.

Such startups are shunned today, unpopular and viewed as counter to the roots of (pseudo) anonymous cryptocurrencies, however, as regulation seeps into the industry an area that will gain greater attention is identification of usage and user activities.

For instance, four years ago, one article effectively killed a startup called Coin Validation because the community rallied (and still rallies) behind the white flag of anarchy, surrendering to a Luddite ideology instead of supporting commercial businesses that could help Bitcoin and related ideas and technologies comply with legal requirements and earn adoption by mainstream commercial businesses.  For this reason, cryptocurrency fans should be very thankful these analytics companies exist.

Source: Twitter. Explanation: Wanna Cry ransomware money laundering with Bitcoins in action. Graph shows Bitcoin being converted to Monero (XMR) via ShapeShift.io

More of these analytics providers could provide even better optics into the flow of funds giving regulated institutions better handling of the risks such as the money laundering taking place throughout the entire chain of custody.

Without them, several large cryptocurrency exchanges would likely lose their banking partners entirely; this would reduce liquidity of many trading pairs around the world, leading to prices dropping substantially, and the community relying once again on fewer sources of liquidity run out of the brown bags on shady street corners.84

One key slide from Kim Nilsson’s eye-opening presentation: Cracking MtGox

And perhaps there is no better illustration of how these analytic tools can help us understand the fusion of improper (or non-existent) financial controls plus cryptocurrencies: Mt. Gox.  Grab some warm buttery popcorn and be sure to watch Kim Nilsson’s new presentation covering all of the hacks that this infamous Tokyo-based exchange had over its existence.

Journalists, it can be hard to find but the full order book information for many exchanges can be found with enough leg work.   If anyone had the inclination to really want to understand what was going on at the exchange, there are 3rd parties which have a complete record of the order book and trades executed.

Remember, as Kim Nilsson and others have independently discovered, WillyBot turned out to be true.

Final Remarks

The empirical data and stories above do not mean that investors should stop trading all cryptocurrencies or pass on investing in blockchain-related products and services.

To the contrary, the goal of this article is to elevate awareness that this industry lacks even the most basic safeguards and independent voices that would typically act as a counterbalance against bad actors.  In this FOMO atmosphere investors need to be on full alert of the inherent risks of a less than transparent market with less than accurate information from companies and even news specialists.

Cryptocurrencies aren’t inherently good or bad.  In a single block, they can be used as a means to reward an entity for securing transactions and also a payment for holding data hostage.

One former insider at an exchange who reviewed this article summarized it as the following:

The cryptocurrency world is basically rediscovering a vast framework of securities and consumer protection laws that already exist; and now they know why they exist. The cryptocurrency community has created an environment where there are a lot of small users suffering diffuse negative outcomes (e.g., thefts, market losses, the eventual loss on ICO projects). And the enormous gains are extremely concentrated in the hands of a small group of often unaccountable insiders and “founders.” That type of environment, of fraudulent and deceptive outcomes, is exactly what consumer and investor protection laws were created for.

Generally speaking, most participants such as traders with an active heartbeat are making money as the cryptocurrency market goes through its current bull run, so no one has much motive to complain or dig deeper into usage and adoption statistics.  Even those people who were hacked for over $100,000, or even $1 million USD aren’t too upset because they’re making even more than that on quick ICO returns.

We are still at the eff-you-money stage, in which everyone thinks they are Warren Buffett.85  The Madoffs will only be revealed during the next protracted downturn.  So if you’re currently getting your cryptocurrency investment advice from permabull personalities on Youtube, LinkedIn, and Twitter with undisclosed positions and abnormally high like-to-comment ratios, you might eventually be a bag holder.86

Like any industry, there are good and bad people at all of these companies.  I’ve met tons of them at the roughly 100+ events and meetups I have attended over the past 3-4 years and I’d say that many of the people at the organizations above are genuinely good people who tolerate way too much drivel.  I’m not the first person to highlight these issues or potential solutions.  But I’m not a reporter, so I leave you with these leads.

While everyone waits for Harry Markopolos to come in and uncover more details of the messes in the sections above, other ripe areas worth digging into are the dime-a-dozen cryptocurrency-focused funds.

Future posts may look at the uncritical hype in other segments, including the enterprise blockchain world.  What happened after the Great Pivot?

[Note: if you found this research note helpful, be sure to visit Post Oak Labs for more in the future.]

Acknowledgements

To protect the privacy of those who provided feedback, I have only included initials: JL, DH, AL, LL, GW, CP, PD, JR, RB, ES, MW, JK, RS, ZK, DM, SP, YK, RD, CM, BC, DY, JF, CK, VK, CH, HZ, and PB.

End notes

  1. One reviewer commented: “Another meta-topic is the notion of “community,” which is a myth if you ask me.  Why hasn’t the “community” done “X”? Because the word is mostly a marketing fiction.” See also the discussion of the idea that “Code is not law” []
  2. One former regulator mentioned: “The cryptocurrency community needs to police itself better or it risks being policed more severely by unfriendly and unsympathetic regulators.  Self-regulation is what certain hands-off banking supervisors attempted with US banks and other financial institutions 15 years ago and that ended poorly for many parties including those who were not directly responsible for making the poor decisions in the first place.  Even in sports it is understood, with the exception of golf, it doesn’t work. In this Wild West atmosphere where are the sheriffs?” []
  3. Not unique to cryptocurrencies, but by enabling such bad actors, certain platform operators may even increase their short term profit. []
  4. Report of Investigation Pursuant to Section 21(a) of the Securities Exchange Act of 1934: The DAO []
  5. For an in-depth look at how the various moving pieces of the ecosystem interact, see: The flow of funds on the Bitcoin network in 2015, Cryptocurrency KYSF: Know Your Source of Funds, and Cryptocurrency KYSF: Know Your Source of Funds part 2 []
  6. Bitcoin Exchange Was a Nexus of Crime, Indictment Says from The New York Times []
  7. For an in-depth look at these different costs, it is highly recommended to read this post from Save on Send.  Some are convinced that this is the case because, on a small scale, the illiquidity of the end points serves to finance the operation, i.e. buying BTC with USD then selling BTC for MXN, may allow an apparent savings when compared with traditional remittance service providers.  Also oft-forgotten is the cost of cash-out and distribution of cash at the end point; also KYC / AML / CFT functions are frequently left-off the calculation. []
  8. One reviewer stated that, “Any working groups advising the government on policy are certainly worthy of investigation. Who are these people and what are their potential conflicts of interest?  For starters, in the US look at The Bitcoin Foundation and the Blockchain Alliance.” []
  9. It has a complex corporate structure and is nominally based in Hong Kong, operations and incorporation of subsidiaries are in other jurisdictions including BVI. []
  10. There were exceptions. Some users reported smaller haircuts as they were customers of SynapsePay.  Another user claims to have retained a lawyer and he did not have any haircut.  I independently verified this with an executive at SynapsePay. []
  11. Phil Potter, an executive at Bitfinex, has spoken about the hack on multiple different podcasts including once in detail, but this has since been deleted. []
  12. Bitfinex also recently announced that they will be doing an ICO (called NEC) to capitalize on the current token mania. []
  13. Bitfinex does do KYC and AML when a user withdraws USD and when they receive subpoenas. []
  14. ERC20 tokens are arguably not the same thing as a cryptocurrency, they are more like colored coins. See “Watermarked tokens and pseudonymity on public blockchains” by Tim Swanson. []
  15. Tether brings tokenised USD to Ethereum network from Finextra []
  16. We only know who is involved through various reddit threads wherein users dox and identify themselves as employees and founders. []
  17. Tether brings tokenised USD to Ethereum network from Finextra []
  18. This wouldn’t be the first time that a peg “broke the buck;” money market funds have been propped up by a parent organization in the past. []
  19. Tether Update []
  20. One reviewer noted that: “Theoretically they could maintain a fractional reserve to service redemptions although this isn’t a problem per se, provided that it is disclosed.  By saying you have “cash” backing, you could have some really bizarre stuff, like USD loans to unsavory entities.  But maybe they do not do this either.”  []
  21. Source for some of these questions. []
  22. One reviewer commented: “Tether offers users a way to move USD from one country to another, much like Western Union. So Tether should be obligated to run KYC/AML checks on not only those who are depositing US$ funds to get new Tethers (as it currently does), but also everyone who uses second-hand Tethers (it doesn’t). Now if Tether was like bitcoin, and had no physical address, it would be complicated for the authorities to enforce this requirement. But Tether is anchored to the brick & mortar banking system, so law enforcement should be easier, will it?” []
  23. One reviewer commented: “Let’s assume the worst for Tether, what does that mean?  If it were to collapse would it harm the small investors or the whales? A few exchanges that allow Tether also allow you to hold your deposits in USD, aside from the ability to send USDT between exchanges, which arguably could actually be a net positive because it allows clients to net positions between exchanges potentially reducing the overall credit in the system. But this goes back to one of their continual issues: lack of communicating and transparency for how the whole money issuance and transmission process works.” []
  24. Note: they did have withdrawal fees which likely generated revenue from arbitrageurs.  Several of the larger exchanges also raised venture capital and setup (and still run) order books outside of China with other business lines which may help offset some costs. []
  25. Described in further detail, “Comments on the COIN ETF (SR-BatsBZX-2016-30)” by Tim Swanson []
  26. See the section “Stopping Predators” within A Kimberley Process for Cryptocurrencies []
  27. China Central Bank Said to Call Bitcoin Exchanges for Talks from Bloomberg []
  28. In addition to lying about being investigated, they were lying about the true volume on their exchanges.  When the zero-fee domestic exchanges were required to add a minimum fee (to discourage wash trading), volume plummeted. []
  29. Central bank warns Bitcoin exchanges over margin trading, money laundering from Xinhua and Chinese bitcoin exchanges resume withdrawals after freeze from Reuters []
  30. Li Xiaolai: Yunbi Is Winding Down In 3 Months from 8BTC []
  31. BTCC to Cease China Trading as Media Warns Closures Could Continue from CoinDesk []
  32. Sources: CNLedger and ICOcoinOfficial []
  33. Huobi, OKCoin to Stop Yuan-to-Bitcoin Trading By October’s End from CoinDesk []
  34. The 19th National Congress of the Communist Party of China starts on October 18th.  All exchanges involving fiat-to-cryptocurrency trades will be closed. Both OKCoin and Huobi have overseas platforms (with independent order books and bank accounts independent of the domestic Chinese exchanges).  These have cryptocurrency-to-cryptocurrency trading and will remain operating.  Currently, users of the domestic fiat-to-currency platform can move their coins to the overseas platforms. []
  35. Something similar was done with voucher codes sold on Taobao in 2014 as well.  See After Crackdown, A New Bitcoin King Emerges in China from Wired []
  36. At one time or another, the spot price for each of the three large Chinese exchanges was a constituent part of several different pricing indices including the Winkdex, TradeBlock XBX index, and others such as OKEX (OKEX is an international subsidiary of OKCoin who replaced these exchanges on its own index).  This is potentially problematic because, as I detailed in my COIN ETF report, these exchanges were prone to mismanagement, crashes, and ultimately quick closure.  Going forward, what other sources of reliable pricing data can ETFs use that also accurately reflect market prices? []
  37. One insider in China noted that: “These exchanges had multiple chances to clean up their act and even self-regulate but because of the competitive pressures in China towards zero-fees, no one wanted to be left behind.  It was a type of collective action failure, so the government finally had to come in and clean up the mess because no one else would.” []
  38. These are mostly ERC20 tokens, not coins. []
  39. One reviewer mentioned: “Depending on the jurisdiction, these pre-arranged discounts might be deemed as structured products.” []
  40. Is There a Cryptocurrency Bubble? Just Ask Doge. from The New York Times []
  41. “How the ICO, OCO, and ECO ecosystem works at a high level” by Tim Swanson and “Comments on the COIN ETF (SR-BatsBZX-2016-30)” by Tim Swanson []
  42. Note: volumes can and will be written on this section alone.  If not on the legalities but on the ‘pump and dumps’ that have taken place. []
  43. One former regulator suggested: “Ignoring for the moment the overarching legal implications of what they did, because these activities took place on blockchains, future researchers should be able to eventually provide very accurate estimates the costs and losses to investors who put their trust and money into deceptive ICO organizers who were unscrupulous.” []
  44. Some argue this ban may just be temporary and cite a CCTV 13 interview with Hu Bing with the Institute of Finance and Banking who says the government will issue licenses in the future. []
  45. As of this writing there are many rumors circulating regarding how these new guidelines could impact cryptocurrency mining operators based in China.  One recent story from the Wall Street Journal articulates a rumor that miners will need to also shut down operations because they are trading cryptocurrencies without a license.  More existentially, if all fiat-to-cryptocurrency exchanges shut down domestically, miners would need a new method to liquidate their coins because they need to pay utilities in RMB (e.g., it doesn’t help to have a JPY or KRW-denominated bank account because Chinese utilities require being paid in RMB). []
  46. This same phenomenon occurred several years ago with “wealth management products” doing the same re-investment into other WMPs; revisiting the P2P Lending scams that came to light in the past two years as well is helpful.  See China’s ICO ban makes more sense in light of its history with fintech by Nik Milanovic []
  47. One insider noted that: “A New Zealand based person (and company) is one of the main men in all of this. I’ve encountered him on a number of occasions. He’s a complete fraudster. For example he told a group I am in that MGO would be listed on Poloniex within weeks of launch. Months later he hasn’t even got it on Bittrex. He’s now buying up lots of it wholesale from disenchanted investors who’ve taken a massive hit recently and will inevitably be sitting on a pile when the intentionally delayed launch and pump happens.” []
  48. Whalepool and The Coin Farm on Telegram are both examples of this type of coordination. []
  49. ICO被定性为涉嫌非法集资,想一夜暴富的“韭菜”们醒醒吧 from Huxiu []
  50. Based on translated stories from after the investigations as well as conversations with observers of these training sessions. []
  51. According to a source close to the investigations, law enforcement are using WeChat correspondence to chronicle the intentional cases of fraud and deceit.  In some cases, ICO organizers would run a public WeChat group, providing investors with false information and then use a private WeChat group with a smaller circle of insiders to “laugh at the stupidity” of these investors and coordinate dumps.  As a result, ICO organizers are leaving WeChat to use platforms like Telegram.  See China’s WeChat crackdown drives bitcoin enthusiasts to Telegram from South China Morning Post []
  52. That is the best case scenario because it assumes that there were not additional losses to fraud and mismanagement, which we know there has been. []
  53. China bans companies from raising money through ICOs, asks local regulators to inspect 60 major platforms from CNBC []
  54. Cryptocurrency chaos as China cracks down on ICOs from Reuters []
  55. Ibid []
  56. China shuts down Bitcoin industry; bans executives from leaving the country from Australian Financial Review []
  57. Another ICO Conference Cancels in Wake of China Ban from CoinDesk []
  58. He had to refund the ICOs he promote (plus with an added premium). []
  59. One reviewer commented: “The inevitability of regulations coming down the pipeline is a certainty (not just “blanket bans”).  Whether it’s 1 month or 1 year, regulations or enforcement of existing regulations will be coming in. A lot of these participants in the market seem to want to get in before regulations come into effect but in many jurisdictions they can still be liable for past actions (depending on the statute of limitations). That’s part of what I think is driving this tremendous amount of ICOs right now.” []
  60. 14,000 Coinbase Customers Could Be Affected by IRS Tax Summons from CoinDesk and Legitimate? IRS Defends Coinbase Customer Investigation in Court Filing from CoinDesk []
  61. At the time of this writing Coinbase has raised more than $225 million.  By January 2015, Coinbase had in aggregate raised just north of $106 million.  The ongoing lawsuit with the IRS states that there were 500,000 users by the end of the 2013 – 2015 period, of which 14,355 had done $20,000 or more of trading.   Future research can look into Coinbase’s customer acquisition costs over time (e.g., switching costs) versus the same costs traditional banks have.  Note: this also does not include the user numbers at GDAX, their platform marketed to professional traders. []
  62. According to an alleged insider (which may be untrue), some Coinbase users allegedly didn’t even know they may have been entitled to things like CLAM coins.  Maybe they weren’t. Tangentially, the continual high percentage of hoarding done by cryptocurrency enthusiasts suggests that this still remains a virtual commodity and continues to fail the medium of exchange test needed to be defined as a transactional currency. []
  63. At this time, it is unclear what the breakdown of these new (or old) users are acquiring cryptocurrencies on Coinbase and then participating in ICOs.  As a company, Coinbase has been publicly supportive of the ICO zeitgeist and hosted multiple meetups where ICO creators presented.  Earlier this year it co-sponsored a publication discussing the securities law framework of tokens.  Based on several interviews for this article, users of both the Coinbase wallet and its subsidiary, GDAX, currently can send bitcoins and ether from their user accounts to participate in ICOs.  It is unclear how often this is screened and/or prevented.  For perspective, a former employee was allegedly fired for sending bitcoins from his Coinbase account to gamble on Chinese web casinos.  Assuming this is true (and it may not be) then Coinbase could have the knowledge and/or ability to prevent users from participating in ICOs or other off-platform activity that violates its terms of service. []
  64. Another tech company that supposedly struggled raising funding and later issued its own coin (through an ICO) is Kik, through its Kin Foundation. []
  65. If this post is true (and it may not be), a dozen or so exchanges paying between $7,000 – $10,000 a month is roughly $1.4 million a year.  The SaaS monthly estimate has been independently validated from conversations with a couple participating exchanges. []
  66. One reviewer recommended: “If I were a journalist, I would more closely scrutinize the social media habits of the executives (and their surrogates) on these teams so the ecosystem can ascertain the relationship between the amount of time senior employees spend opining on Twitter, Reddit, mailing lists, IRC, WhatsApp, Slack, WeChat, Telegram, BitcoinTalk, GitHub, Discord, etc., and the number of hours in a working day, or number of products shipped.  Other social media analytics ideas for journalists: look at the Twitter tribes of Bitcoin (and other cryptocurrencies). Who is aligned with whom and pushing what agendas? Who are the trolls associated with those different tribes?  How many suspect accounts are associated with each group? For example, how many accounts that were just created, or never tweeted before, or only have followers from within their own tribes?” []
  67. One reviewer argued that, “It could also because they want to protect their valuations and because they are privately held companies that may be legally forbidden to divulge this information.” []
  68. This article in Quartz did not provide actual data or evidence that these remittance numbers were real, no one fact-checked it and instead, reproduced similar headlines for several months. []
  69. According to a recent interview with Forbes, after nearly two years of operations Abra only has 73 users per day. They are currently raising another round at this time; it is believed that this will help fund their compliance team and for licenses which they currently lack. []
  70. One reviewer said, “A counterpoint could be: VC returns are even sharper than standard Pareto; 1:9 or even 1:99 as opposed to 2:8. Startups are hard – most fail – why should cryptocurrency world be any different?” []
  71. One reviewer suggested that: “In the future, you should explain why Maximalism is a type of Authoritarianism and is not to be conflated with cypherpunks.” []
  72.  In mid-September, vocal promoters and owners of cryptocurrencies such as Bitcoin collectively spent thousands of hours yelling on social media and conducting letter writing campaigns all to channel their anger towards comments made by Jamie Dimon.  A couple worthwhile followups include: JPMorgan handles bitcoin-related trades for clients despite CEO warning from Reuters and  MUFG CEO on Dimon Remarks: Bank Cryptocurrencies Have ‘Nothing to Do With Bitcoin’ from CoinDesk []
  73. Bitcoin was only used as an example, nearly all cryptocurrencies listed on CoinMarketCap have the same issue in terms of calculating a real “market cap.” []
  74. Learning from Bitcoin’s past to improve its future from Tim Swanson []
  75. The theatrics around “BearWhale”-like events still persists.  For example, one current conspiracy theory is that: “the Chinese government is shutting down Bitcoin miners to mine bitcoins themselves.”  This is most likely false and the proposed solution is to “use satellites.”  But in talking with professional miners in China, many of them have contracts directly with State Grid, so they could lose access to energy in a worst-case scenario and satellites would not be of any use (assuming any of those rumors are true). []
  76. To be fair, this is not unique to the cryptocurrency space. []
  77. Genesis Trading is also the marketing and distribution agent for Bitcoin Investment Trust and Ethereum Classic Investment Trust, two regulated financial products.  DCG also is an owner in Grayscale Investments which is the legal sponsor both of these Trusts []
  78. Research: How Investors’ Reading Habits Influence Stock Prices by Anastassia Fedyk and Effects of Misinformation on the Stock Return: A Case Study by Ahsan et al. []
  79. Some employees in coin media have used social media channels to discuss various cryptocurrencies including ICOs over the past year.  How many of these were sponsored or received a cut of the coins to do so? []
  80. A great paper on this topic is The Path of the Blockchain Lexicon (and the Law) by Angela Walch []
  81. Nearly all of the coin media site allow ICO advertisements as well.  What are the terms and benefits that these media sites receive in exchange for displaying these advertisements and advertorials? []
  82. Note: this is not an exhaustive list and I’ll likely be flamed for not including X but including Y.  Journalists who write good original stories include: Nathaniel Popper, Matt Levine, and Matt Leising.  There have been several good op-eds written by lawyers which have appeared on CoinDesk, including Joshua Stark, Jared Marx, Brian Klein, Benjamin Sauter and David McGill.  Some other original, constructive views that should be highlighted include Stephen Palley, Ryan Straus, George Fogg, Miles Cowan, Patrick Murck, Amor Sexton, Houman Shadab, Angela Walch, Scott Farrell, Claire Warren, Simon Gilchrist, and two perpetual curmudgeons: Izabella Kaminska and Preston Byrne (very prickly at times!).  Non-lawyer thought-leaders, technical, and subject matter experts with bonafides worth interviewing include: Adam Krellenstein, Alex Batlin, Alex Waters, Andrew Miller, Andy Geyl, Antony Lewis, Ari Juels, Arvind Narayanan, Christian Decker, Christopher Allen, Ciaran Murray, Colin Platt, Danny Yang, Dave Hudson, David Andolfatto, David Schwartz, Dominic Williams, Duncan Wong, Elaine Shi, Emily Rutland, Emin Gun Sirer, Ernie Teo, Fabio Federici, Flavien Charlon, Gideon Greenspan, Ian Grigg, Ittay Eyal, Jackson Palmer, Jae Kwon, James Hazard, James Smith, Jana Moser, Jeff Garzik, JP Koning, John Whelan, Jonathan Levin, Jonathan Rouach, Jorge Stolfi, Juan Benet, Juan Llanos, Kieren James-Lubin, Lee Braine, Leemon Baird, Makoto Takemiya, Mark Williams, Matthew Green, Martin Walker, Massimo Morini, Michael Gronager, Mike Hearn, Muneeb Ali, Piotr Piasecki, Richard Brown, Robert Sams, Ron Hose, Sarah Meiklejohn, Stefan Thomas, Stephen Lane-Smith, Vitalik Buterin, Vlad Zamfir, Yakov Kofner, Zaki Manian, Zennon Kapron, and Zooko Wilcox-O’Hearn, as well as dozens of others from several different financial institutions and enterprises too long to list.  I also think that Michael del Castillo, Ian Allison, Simon Taylor, Jon Southurst, and Arthur Falls try to do an honest job reporting too.  Epicenter TV is arguably the best podcast in this space. []
  83. For an example, see Cracking Mt. Gox by WizSec []
  84. Chainalysis has a partnership with Circle which in turn enabled Circle to open up an account with Barclays.  Two years ago, an alleged business plan for Chainalysis was leaked online and unsurprisingly, some in the community were up in arms that this small company provided these forensic services. []
  85. Partially inspired by this tweet. []
  86. Click farms are being used by various ICO and Bitcoin-related online personalities to boost their perceived importance. []
Send to Kindle

Which regulators have publicly commented on Initial Coin Offerings?

Below are some of the stated positions of several different regulators around the world regarding ICOs.  In chronological order:

    • Brazil’s equivalent of the SEC, the Comissão de Valores Mobiliários (CVM), published (July 13th) initial legislation instruction (Instrução CVM No. 588) regulating crowdfunding via ICOs: (Portuguese announcement)
    • The United States SEC published on July 25th on ICOs: (Report on investigation) (Investor bulletin) (Investor alert)
    • Monetary Authority of Singapore published its views on August 1st on ICOs: (Clarification statement) (Consumer advisory)
    • Canadian Securities Administrators (CSA), including the Ontario Securities Commission, published its views on August 24th on ICOs: (Staff Notice) (Announcement)
    • Israel Securities Authority announced on August 30th that it is forming a committee to look at ICOs: (Hebrew announcement) (English)
    • The Financial Supervisory Commission (FSC) in South Korea announced on September 3rd that it held a joint task force meeting to strengthen regulations around digital currency trading, including fundraising with ICOs: (BusinessKorea)
    • Central Bank of Russia issued a public statement on September 4th that included its views on ICOs: (Russian announcement) (English)
    • The People’s Bank of China, along with 6 other Chinese government bodies including the national securities regulator (CSRC), publicly banned ICO fundraising in China on September 4th: (CN announcement) (English) (Bloomberg) (Reuters)
    • SFC in Hong Kong announced its views on ICOs on September 5th: (Announcement)
    • The UK Financial Conduct Authority (FCA) announced that it was keeping a close eye on ICOs on September 6th: (FT)
    • The Securities Commission (SC) of Malaysia issued a press release cautioning investors in ICOs on September 7th: (DNA)
    • The Dubai Financial Services Authority (DFSA) warned investors that ICOs were risky on September 13th: (Statement)
    • The Securities and Exchange Commission in Thailand issued some statements regarding ICOs on September 14th: (Comments)
    • Gibraltar Financial Services Commission (GFSC) issued an official statement regarding ICOs on September 22nd: (Statement)
    • North American Securities Administrators Association (NASAA) issued its annual paper and warned of risks around cryptocurrencies and ICOs on September 26th: (Press release)
    • Macau Monetary Authority (MMA) announced that banks cannot engage with ICOs and cryptocurrencies either “directly or indirectly” on September 27th: (Statement)
    • The Australian Securities and Investments Commission (ASIC) released formal guidance and comments about ICOs on September 28th: (Information Sheet)
    • The Financial Services Commission in South Korea said all kinds of initial coin offerings (ICO) will be banned as trading of virtual currencies needs to be tightly controlled and monitored on September 29th: (Reuters) (Yonhap)
    • The Financial Market Supervisory Authority (FINMA) in Switzerland announced it is investigating ICO procedures and issued formal guidance on September 29th: (Press Release)
    • SEC Exposes Two Initial Coin Offerings Purportedly Backed by Real Estate and Diamonds on September 29th: (Press release)
    • Abu Dhabi’s Global Market’s Financial Services Regulatory Authority (FSRA) released guidelines on ICOs on October 9th: (Guidelines)
    • The Central Bank of Lithuania announced its position and guidelines regarding ICOs on October 11th: (Press release)
    • The US Commodity Futures Trading Commission (CFTC), through its internal division, LabCFTC, released a primer on cryptocurrencies including ICOs on October 17th: (Press release)
    • The Financial Markets Authority (FMA) released commentaries on cryptocurrencies and ICOs on October 25th: (Press release) (Commentary)
    • Japan’s Financial Services Agency (FSA) issued a short statement warning users and business operators about the risks of ICOs on October 27th: (Statement)
    • The European Securities and Markets Authority (ESMA) issued two public statements on ICOs: one on risks and the other on rules applicable to firms involved in ICOs on November 13, 2017: (Press Release)

What do they all say?  A friend who is an attorney said it concisely: when you sell securities, you have to comply with securities laws.

If you plan to do an ICO or some kind of token sale, be sure to speak with more than one lawyer or law firm to get a legal opinion about what it is you are actually selling (or not).

And if you’re interested, below is an interview of Nick Morgan.  He is an attorney who previously was part of the SEC’s enforcement team.  He discusses The DAO, securities regulations, and the current ICO frenzy.

Bonus:

  • ECB’s Draghi rejects Estonia’s virtual currency idea – Reuters
  • Initial Coin Offerings: Know Before You Invest – FINRA
Send to Kindle

Panels, quotes, cites for the 2nd quarter of 2017

Below are a variety of events I participated in the last several months.

Events, panels, and presentations:

Interview:

Send to Kindle

A few other perspectives on cryptocurrencies and ICOs

I received a lot of questions regarding my last post.  Over the past month I have read a number of interesting interviews and articles that I think contribute a lot to the discussion.

Some additional perspectives:

Update:

On July 25, the SEC published a new Investor Bulletin focused on ICOs and also published a report (pdf) detailing their position on ICOs, using The DAO as an example (which they noted violated several US securities laws).

Send to Kindle

A high level overview of ICOs

[Note: I neither own nor have any trading position on any cryptocurrency.  The views expressed below are solely my own and do not necessarily represent the views of my employer or any organization I advise.]

Just as I did with the COIN ETF proposal last year, I have also written a 50-page paper for internal use diving into the world of ICOs.1

I am not sure if or when it will be made public (check back in 3-6 months to see if it has been posted), but here are a few salient points:

    • ICO stands for “initial coin offering.” Depending on what cryptocurrency group is pitching an ICO, it may be in exchange for company equity, but often times there is no explicit contractual link between control of the coin itself with some kind of equity or financial performance of the company… because there is often no formal contract provided to investors.  Not all ICOs are alike and any prospective user or investor should look into the specific operational and funding arrangements.
    • Since January 1, 2017, more than $200 million has been raised by more than a dozen ICO-related projects and companies, a figure that will likely double by the end of the summer and triple by the end of the year as turn-key platforms such as Prism, Swap, 0x, and Iconomi, are flipped on.
    • The primary method of raising and funding an ICO is through bitcoin and ether deposits.  This has driven (mostly) retail investors to create accounts at cryptocurrency exchanges – most of which have poor track records such as Bitfinex – and acquire BTC and ETH.  This demand in turn has been a key driver in the current all-time highs seen by many cryptocurrencies including bitcoin and ether.
    • There is very little regulatory or independent oversight of any of these coin offerings.  Most of the projects attempt to shield themselves from scrutiny from securities, commodities, and money-transmission regulators by setting up a non-profit organization or foundation.  These foundations are typically registered in a couple specific countries, each of which is now home to more than a dozen non-profit organizations specifically managing ICOs.  In addition, ICO promoters will often use euphemisms such as “tokens” instead of coins, or call their fundraiser a “crowdsale” or “donation” or “contribution” that the non-profit organization will later re-distribute after the ICO is over.
    • Some of these non-profit entities sign exclusive development contracts with a for-profit entity that is run by the same people who operate the foundation.  That is to say, the foundation will hire the for-profit company to develop and advise the project that the ICO fundraiser marketed and advertised, yet often with no independent oversight.
    • Ignoring accreditation status: very few, only a handful at most, of these ICOs are done in compliance with any KYC, AML, CFT gathering and sharing requirements. This is problematic.  For instance, over $1 billion in ransomware was liquidated (largely) through cryptocurrencies last year thus it could be relatively easy for bad actors (hackers) to liquidate their bitcoin and ether holdings into ICOs and not be easily caught due to the inability to link real world identities to specific blockchain activity.

Last week Valerie Szczepanik, the head of the SEC’s distributed ledger group, made several public comments.  This included: “Whether or not you are regulated by the SEC, you still have fiduciary duties to your investor.  If you want this industry to flourish, protection of investors should be at the forefront.”

As of right now, there are just a handful of ICOs that have explicitly attempted to protect investors by providing full transparency into their organizations.  Most do not disclose the principals, directors, and insiders involved within these organizations.  Some have private offerings called a pre-sale.  A pre-sale allows participants to acquire coins at a discount (e.g., pre-sale investors might receive 2x the amount of coins that the public coin sale will have at the same price).  In addition, the participants in a pre-sale are not typically named or made public prior to the public offering of the coins; nor are the conditions by which these participants able to sell their holdings typically disclosed.

Historically companies which file paperwork in order to be listed on a public stock exchange have to submit an S-1 or its equivalent to regulators.  The S-1 is important and helpful to the rest of the market because it lays out who the insiders are, who the principals and directors are, how governance is handled, who is responsible, what the business is, what the liabilities are, etc..

In contrast, most ICOs currently have nebulous governance on purpose: because the operators do not want anyone to be held responsible in case the project is unsuccessful or the coin loses its value.  Caveat emptor is the name of the game.

Tulip euphoria

In any given month I am provided inside information about ICOs.  Complete strangers will send me pitch decks that outline their pre-sale and listing opportunities.

Yes, some exchanges are paid to list these coins, often through a percentage negotiated beforehand with the ICO operator.  And there are market makers and underwriters in the form of family offices, high net worth individuals and small hedge funds.  There is an entire ecosystem that is completely opaque and opaque on purpose because many of these participants are trying to deflect responsibility in case a coin crashes or a project is unsuccessful or because they are found in non-compliance with a variety of regulations (e.g., not declaring taxes, self-dealing, insider trading, etc.).

One project involved in building a distributed computer recently offered me about $50,000 over the course of 6 months in addition to the native coin they were pitching to the public.  All they wanted me to do: act as an advisor and promote their coin on social media.

I said no to all of them but others said yes and that project above raised a couple million in USD.

Last week I attended several events including Consensus and a different private conference held later in the week.  I gave a short presentation at one of the events and afterwards I walked to the buffet outside the room to get some food.  While gathering some grilled fish, the audio/visual operator for the event came up to me and told me: “Tim, I just put $100 into bitcoin and also ether.  How much more should I put into them?”

My presentation wasn’t even about cryptocurrency investing or about ICOs, but this illustrates the exuberance of the current time period.  There is a lot of fear of missing out yet few people are actually looking at what these ICO-funded platforms or projects are attempting to do.  How can unsophisticated, technically unsavvy people learn more about them?

Media publications?  But conflict of interest is rife.

I have mentioned this multiple times over the years: unfortunately many “coin” media sites and magazines are not helping the due diligence situation.  Most “coin” reporters, if not all of them, own cryptocurrencies and benefit directly from increased demand of the cryptocurrency, but they often do not disclose it.  In fact, many times they report on coins they own and/or that their parent company owns.  Several small buy-side analysts and their firms also have published uncritical marketing material for cryptocurrencies and some do not disclose their coin holdings or outline the major risks involved in operating these types of networks, in effect white-washing the risks of anarchic chains.

Others in privileged positions including some of the VCs that are active in this space are now also promoting ICOs but few disclose their active long or short positions.  Some of these VCs were entrepreneurs who have pivoted multiple times and this is a last ditch effort to drum up support for their sagging portfolio. 2 3

You just don’t understand the technology!

One common refrain I often hear from ICO promoters is that ICOs are a new form of technology that empowers retail investors like never before and that the traditional world of institutions and laws has no place in the new economy.  And that naysayers and critics just don’t understand the transformative power of ICOs and cryptocurrencies.

That may be true but in my case, definitely is not.

In late 2014 I worked with a company called Melotic.  Melotic is a tech startup that raised about $1.2 million in the summer of 2014 to build a digital asset exchange: a trading platform that new cryptocurrency projects could be listed on, GDAX before GDAX.  For about 9 months I spent the bulk of my time talking to dozens of cryptocurrency projects and operators to find out what unique thing their company did and why they should be listed on Melotic.  Nearly all of them were half-baked scams, and others were just impractical (Urea Coin). 4

In May 2015, Melotic announced it was closing its exchange and moving into cross-border payments where it currently operates under the brand, Kleering.

While Melotic deserves its own dedicated post, the takeaways we learned at the time were that traders (who were most of the user base) only cared about two specific things:

(1) Anonymity.  Some traders publicly complained when we implemented a set of KYC and AML policies.  They said we should snub our noses at the government and banks and provide traders the ability to exchange cryptocurrencies without complying with local or national laws surrounding identity gathering and verification.  This is an opinion that is still very prevalent as shown by similar comments on /r/bitcoinmarkets and /r/ethtrader.

(2) Pump and dump.  Day traders love volatility and cryptocurrencies often provide that volatile environment.  Because new cryptocurrencies such as an ICO are often even more illiquid and thinly traded than say bitcoin (which itself is relatively illiquid), whales and insiders without vesting and lock-up periods can quickly move the market up and down due to the large amounts of coin holdings they have.  This creates the booms and busts that many cryptocurrency traders savor.  Yet at Melotic, we were apprehensive about listing every single cryptocurrency under the sun, and tried to filter those we thought had unique utility and less volatile.  In the end we only listed about 10.  Yet empirically the most successful exchanges – as measured in volume – were those that listed every single coin that was launched.  Quantity over quality continues to persist today as exchanges compete for volume and liquidity of new coins.  This contrasts with regulated exchanges such as NASDAQ (pdf) and NYSE (pdf) which have listing requirements, including transparency into the companies principals.  Most cryptocurrency exchanges do not ask for similar requirements and in fact, some take a cut of the coins – similar to payola – in order to be listed.

Over two years ago I wrote a post that looked at around 20 different ICOs and projects that did some kind of public coin distribution.  My new paper looks at them in more detail.  What were the findings?

While we wait for that paper to be published another key takeaway is that: almost none of the projects lived up to the advertised utility or expectations that their promoters marketed to the community and investors that bought their coins.  Yet most of the cryptocurrencies, even ones that lack a real development community, are seeing all-time highs on the cryptocurrency markets.

In other words: utility is completely divorced from market value of the coins; a phenomenon that seems unlikely to change in the short term.

This is compounded by the fact that ICOs are by their nature, not designed for cash flow or optimized to be profitable.

Why is that?  Because at its core: the non-profit entities that runs them are by definition, not-for-profit.  As a result, these projects largely rely on their token holdings and the price appreciation thereof, in order to be sustainable.  Thus the incentive to focus on marketing and create buzz to further increase the price appreciation of the coin holdings.

And ignoring the informational asymmetries above, there are some other interesting wrinkles.

Earlier this week I participated on a fintech panel and during the group discussion one specific ICO was briefly mentioned, the Basic Attention Token (BAT).  Brave, the company behind the BAT, had just raised $35 million in a crowdsale (unregistered securities?).  Notable to this sale was that over $6,000 in fees to miners were included in the transactions related to the ICO.

How many transactions can you fit into an Ethereum block during high demand times?  It depends on the complexity of the contract. For the BAT, it was about 90.  90ish people were able to participate in the first block of the BAT’s ICO. Those 90 ICO seats went to whoever attached the largest transaction fees.

An unsavvy retail investor would need a lot of mempool luck if there is high demand and larger players investing millions are paying $1,000 USD fees just to increase their chance to get one of those scarce seats in the first block. This could mean that in the long run, all the “good” ICOs will be bought up by sophisticated investors aware of this limitation and only sub-par ICOs will run long enough (more than one block) to let unsophisticated retail investors in.5

Conclusions

ICO organizers often exchange coins for explicit support by outside endorsements and lobbying in their favor (e.g., advisors and influential personas are given a cut of coins). Therefore researchers, regulators, developers and potential investors looking at an ICO should look for paper trails to identify investors, users, organizers, insiders, and potential malicious actors.6  This also includes exchange operators and their principals who may learn weeks beforehand when a cryptocurrency will get listed and thus, may have material, asymmetric information they can act on.

Investors should look very hard at what the risks and recourse there is in the event of a hard fork, what happens if their assets end up on a deprecated chain?  If it is an ERC20 token, what fork will the developers consider the “legitimate” chain?  Ethereum forked multiple times last year and currently, investors of ICOs based on ERC20 have few, if any, protections or recourse in the event an ICO organizer fails to deliver its promises let alone a technical problem occurs.  For instance, what happens if the network becomes too top heavy and open to the Hold-Up Problem?  Who has legal standing or recourse?

ICOs can be done with existing technology – no blockchains are needed (just ask Beenz and Liberty Reserve) – yet because ICOs are being done on anarchic blockchains where reversibility is economically cumbersome and identification is non-existence, it can create new risks and challenges for investors.  Potential investors need to be able to answer: in case a dispute arises, how can recourse take place if key counterparties are not identifiable?

Cryptocurrencies and the coins that piggy back on their network will likely continue to exist so as long as these non-profit entities have enough coins to liquidate to pay for marketing and advertisements. And so as long as there are others willing to buy their coins (e.g., liquidity).

And while it may be too early to distinguish and separate the specific ICOs that are outright scams from poorly run companies, keep in mind that a couple dozen Pyramid schemes failing in 1997 led to massive unrest and a civil war in Albania.  We have already witnessed enormous strain and virtual fighting within the cryptocurrency community (e.g., the never ending Bitcoin block size debate and the Ethereum hard fork because of The DAO attack).  What would happen to the aggregate cryptocurrency market if the investors and insiders in a couple dozen ICO platforms (Pyramid or not) tried to liquidate their holdings onto an illiquid market?

If you’re looking for dramatic excitement (currently) without many investor protections, the ICO world may have what you’re looking for.  But if you’re looking for sustainable operations with repeat revenue and cash flow connected to mainstream utility and accountability – aka a business – then you might want to do a double-take.

See also:

Endnotes

  1. “How the ICO, OCO, and ECO ecosystem works at a high level” by Tim Swanson []
  2. Kik, a messaging application which failed to gain traction, announced it would be issuing a cryptocurrency, but for what purpose?  Likely because it has been unable to raise new venture or institutional capital. []
  3. A number of these portfolio companies likely are on life support, propped up not by revenue but coin holdings which speculators have driven up in market value.  In short: some of these cryptocurrency-based startups are commodity or FX plays, not utility-based investments. []
  4. We also spoke with a lot of cryptocurrency exchanges to learn about their business and compliance practices, shying away from those that raised red flags around KYC and AML compliance.  One cryptocurrency exchange that is still very active today asked us to do the KYC for them as they were ideologically against gathering that information from their own customers. []
  5. Note: this is not an endorsement of BAT.  I have not participated in any ICO or cryptocurrency crowdsale. []
  6. Some ICO organizers have intentionally misled financial institutions about the nature of their business in order to get a bank account. Because ICOs typically do not comply with KYC, AML, and CFT procedures, this could lead to new fines and even banks being de-banked (correspondent banking access cut off). []
Send to Kindle

How cryptocurrencies enable ransomware and how regtech can help counter it

Imagine for a moment that Alice, a hacker, was looking at various means for receiving payment for an illicit activity she just undertook.  She has two options to do so, which would she choose?

(1)  Bob built a payment network which was identity-free; it used pseudonyms so no legal identities were required to send transactions between its participants.  And that trying to stop or prevent payments was difficult because the computers running the payment network were widely distributed and run by multiple known and unknown participants across dozens of jurisdictions that were sometimes hard to track down.  Recourse is difficult and sometimes impossible.  Cryptocurrencies such as Bitcoin, Litecoin, and Ethereum are examples of such a network.

(2) Carol built a payment network which requires all users to provide a proof-of-identity, usually by scanning and storing of government-issued IDs or utility bills.  And that stopping, preventing, or even rolling back payments was possible because the computers running the payment network were run by legally identifiable participants who were often located in easy-to-find offices.  Recourse could be cumbersome, but almost always possible.  Wire transfer methods like ACH are examples of such a network.

Alice would probably choose number one and later try use some conversion tool or exchange to move her payment into number two.  How is this done?  See the (dated) flow-of-funds chart below.

While some cryptocurrencies, like Bitcoin, were probably not designed to serve as get-away vehicles – because of key design choices that make legal recourse difficult – they are increasingly used to shuffle ill-gotten gains around.1

For example, data kidnapping – commonly referred to as ransomware – has existed in some form for more than two decades.  But the current plight surrounding ransomware, and the white washing of the role cryptocurrencies have in this plight, have gone hand in hand over the past several years.

Why?

The core characteristics of cryptocurrencies – censorship resistance and pseudonymity – are some of the main reasons why ransomware has become increasingly commonplace.  And these cryptocurrencies need liquidity.

Liquidity into-and-out of fiat has fluctuated over time, with some exchanges being debanked and sometimes rebanked, but as an aggregate it has increased overall.  Liquidity is often done through venture-backed gateways and exchanges.

As explored in my previous post, as well as others, many of these gateways and platforms have inadequate and typically non-existent KYC and AML gathering processes.  This post won’t go into the details surrounding some of the investors and promoters of these platforms, but further research could dive deeper into that industry as well as the white washing that goes on to distract investigations.

We see this empirically: attackers do not ask for fiat or credit cards because these would be easily tracked and/or transactions would be halted.  Instead, they ask to be paid in some kind of cryptocurrency because they know the likelihood of getting caught and reprimanded is significantly lower.

This past Friday, WannaCry, a ransomware package, wreaked havoc on more than 200,000 victims across all times of organizations located in over 150 countries.  This included government services including NHS in the UK and the Interior Ministry in Russia.

Source: Twitter

The first-order of victims ranged from small startups that could quickly patch and restart their computers all the way to large hospital systems that were unable to access patient records and had to turn away patients.

This then leads to the second-order of victims: patients and customers of these institutions.  According to the Associated Press, the “cyberattack hit almost 20 percent of UK’s 248 public health trusts.”

While all of the impacted organizations already should have had a formal plan to upgrade and patch these types of vulnerabilities (e.g., create regular back-ups off-site), based on several news stories, many of them did not.

Will they all learn from this lesson?  Probably not.

Either way: none of the victims have a formal means of recourse against the hacker(s) involved in WannaCry because we do not know the identities of the hackers.  Some victims have even paid the ransom of ~$300, denominated in bitcoin, to have their files unlocked.  The hacker is using multiple (4+) bitcoin addresses to receive the ransom and as of this writing, has received more than $50,0002

Last year the FBI estimated that around $1 billion was paid to unlock ransomware and cyber extortion.  Cryptocurrencies, such as Bitcoin, were usually the preferred method of payment.

Two weeks ago, James Comey, former Director of FBI spoke before the Senate Judiciary Committee and noted that:

Some of our criminal investigators face the challenge of identifying online pedophiles who hide their crimes and identities behind layers of anonymizing technologies, or drug traffickers who use virtual currencies to obscure their transactions.

For Bitcoin, there are ways to remain fairly anonymous, like using mixers, however it requires a lot more work to.  But relatively few people are investigating, so the chance of getting caught is likely low.  Newer cryptocurrencies such as Monero and Zcash are designed to be anonymous which makes them harder to track.  Monero has been spotted in the wild alongside the Kirk Ransomware as well as research from Sophos (pdf).3  And Zcash has been used by a botnet to mine more Zcash on devices such as your phone.

And then there is Tor, a software program that enables anonymous communication by passing network traffic through various relays nodes that help conceal the location of the user.  WannaCry used Tor to preserve its “anonymity by proxying their traffic through the Tor network.”

How to bring some light into the darkness?

Solutions

I reached out to Adam Young who co-created “cryptoviral extortion” (what we call ransomware today).  In his view:4

In terms of the ransomware attack, people/organizations need to do a better job at patching and removing end-of-life systems, clearly. My larger concern is that cryptoviral extortion is the only cryptovirology attack that anyone seems to be paying attention to and there are many, many others.

I also spoke to Danny Yang, CEO of Blockseer who advised everyone to, “update your software, make sure you have latest security patches – that ransomware worked because  people didn’t update their Windows since March when that particular security vulnerability was patched.”5

My recent post looking at Bitfinex and regtech was quite popular.  It was viewed several thousand times and I received a number of calls from reporters looking to investigate some of the points raised.

Some people pointed out that the behavior by Bitfinex and other cryptocurrency exchanges is one of the reasons why a few banks in emerging markets have lost correspondent banking access: that they were de-risked because of what others perceive is a high-risk customer base.

According to research by Accuity, a global financial crime compliance, payments and KYC solutions provider:

Between 2009 and 2016, correspondent banking relationships, where one financial institution provides services on behalf of another in a different location to facilitate cross-border payments, have reduced globally by 25%.

Earlier this year, the People’s Bank of China, SAFE and other government bodies in China, investigated and froze cryptocurrency withdrawals at many, if not all, the cryptocurrency exchanges operating on the mainland.

Why?  Among other reasons: inadequate KYC and AML gathering and sharing processes.

According to Caixin, a notice of administrative punishment may be released in June that details the punishment and fines of these China-based exchange operators.

In addition to freezing and de-banking, what are some other solutions as well?

Companies such as Blockseer and Chainalysis provide tools for law enforcement, regulators, entrepreneurs and compliance teams to trace and track the flow-of-funds on cryptocurrency networks. I have written about them numerous times.

Angel List is tracking 96 startups involved in providing compliance-related software for SMB, hospitals, cloud providers, social media platforms and a handful of other verticals.  It also has job listings for 11 regulatory compliance startups.  There is an additional 2,878 startups listed under the broader category of big data analytics, some of whom who are also working in the regtech space.

While technology can help play a role in identifying participants on these types of networks (blockchains and distributed ledgers), it is also worth exploring the proposed strawman for setting up a Kimberley Process for cryptocurrencies.  Identity systems are critical to all property rights and financial networks.  Creating applications around data lineage, data provenance, KYC management, and standardized digital identities will help provide transparency into all markets.

If you’re interested in learning more about these tools and mechanisms, feel free to reach out or leave a comment below.

Endnotes

  1. In the original white paper, Nakamoto explained ways to route around trusted third parties, such as governments. []
  2. If you’re interested in learning more about how malware researchers identified and stopped it, Malware Tech has a detailed story as well as one from Brian Krebs. []
  3. AlphaBay, the largest darknet market by volume, announced that it was accepting Monero as a form of payment in August 2016. []
  4. Private correspondence, May 14, 2017.  Published with his permission. []
  5. Private conversation reused with permission.  May 13, 2017 []
Send to Kindle

How newer regtech could be used to help audit cryptocurrency organizations

[Note: I neither own nor have any trading position on any cryptocurrency.  The views expressed below are solely my own and do not necessarily represent the views of my employer or any organization I advise.]

About two years ago I gave a speech discussing the challenges cryptocurrency-related companies have had in creating reliable internal financial controls.  How over the span of a few short years the cryptocurrency startup landscape (un)intentionally reinvented the same type of intermediaries, custodians, and depository-like structures that the original creator(s) of Bitcoin wanted to route around but… setup without the oversight, assurances, and accountability you would find required in the traditional brick-and-mortar world.

The lack of financial controls and subsequent pitfalls is easily identifiable in the irrational exuberance of the get-rich-quick “initial coin offering” (ICO) world.  I’ll save my ICO post for later, but there is one story that is a bit more concrete and easier to understand and involves a company called Bitfinex.

Bitfinex, as measured in terms liquidity and volume, is considered the top global cryptocurrency exchange.  It is nominally headquartered in Hong Kong, has (had) bank accounts in Taiwan, servers in Europe (Italy?), operations in San Francisco and a staff around 30 altogether.

Source: RobotFinance

Above is a speculative corporate structure created back in September 2016 by an internet user by the name of RobotFinance.  He created it “based on the last annual return of Renrenbee Limited and statements made in the pitch forum.”  Unless you are registered as a user with BnkToTheFuture, you cannot view the pitch deck but an alleged copy of the Bitfinex deck can be found here and a discussion of it here.1  These leaked allegedly legitimate documents also suggest that Bitfinex did an equity swap at a $200 million valuation which was based on their financial growth and targets before they lost roughly $65 million in customer assets due to a hack that will be described below.

This post is not intended to single out Bitfinex as there are any number of other exchanges and wallet providers that could be looked at as well.  Nor is it intended to dive into all of the subsidiaries or even the entire history of the parent company or the cryptocurrency platform.  Rather it serves an illustration as to how new technology and financial controls could help increase visibility and transparency for all stakeholders involved thereby reducing the risks for users and retail investors (among others).

Quick history

Last November I published an internal paper that may be released later this year which explored the proposed Winkleovss COIN ETF.  In it, I highlighted a detailed history of various cryptocurrency exchange platforms and their colorful pasts, some more sordid than others.

Rather than rehash all of those stories, below are a few details specifically related to Bitfinex:

  • In May 2015 Bitfinex was hacked and lost around 1,400 bitcoins (then worth around $350,000).  In August 2016, Bitfinex was hacked again and lost roughly 120,000 bitcoins (at the time worth around $65 million).2  In the first hack, Bitfinex basically ate the losses themselves.3
  • Following the second hack, Bitfinex announced a way to compensate its customers.  Why did it need to compensate the customers?  Because, following the second hack, it socialized the losses, seizing the remaining customer assets and gave nearly all of them a 36% haircut.4 In exchange for giving everyone a haircut, Bitfinex then self-issued two different “tokens” called BFX and then later RRT. These two tokens (or IOUs) effectively enabled Bitfinex to monetize their debt/losses.
  • According to their announcements, over 20 million BFX tokens were issued and exchanged for iFinex shares and then distributed to all affected users.  As a result, Bitfinex basically conducted, from the perspective of a user, a non-voluntary ICO where participation was mandatory, as the BFX token was directly linked to equity of the parent company and users/customers could (later) trade BFX on the Bitfinex exchange.5 In addition, according to a post last summer from their head of communications, “two out of the top ten BFX token-holders are in our management team.”  It is never revealed who these parties are or how they were made whole (or not).  Furthemore, “certain verified, non-U.S. Bitfinex users to convert tokens to equity through a new BFX Trust.”  They set up a dedicated BFX Trust site but did not include the verification requirements for non-accredited BFX holders.  Nor is there public information about who all of the Principals are and the holdings they have.6
  • RRT, the acronym for Recovery Rights Tokens, are opt-in coins issued, “to compensate victims of the security breach and, thereafter, to offer a priority to early BFX token conversions.”  It is unclear how many of these coins were issued or how many were redeemed.
  • To this day, the Bitfinex still has not disclosed exactly how they got hacked and last year even published an open letter to try and negotiate with the hacker; asking to return the funds as part of an ex post facto “bug bounty.”  It is believed that the hacker bypassed the transaction limits set in place by the BitGo multi-sig wallet but that is a story for another post.7
  • Prior to this hack, on June 2, 2016, the Commodity Futures Trading Commission announced that it had fined and settled with Bitfinex for offering regulated products without having properly registered to do so.  This is important because several vocal Bitcoin proponents have distorted the actual historical events.  According to the communications director of Bitfinex last year, “Bitfinex migrated to the BitGo setup before any discussion or anything with the CFTC happened.”8  In other words, this hack was not caused by the CFTC.
  • On April 3, 2017 Bitfinex announced that it was completing the redemption of all BFX tokens and they would all be subsequently destroyed.

How did Bitfinex manage to pay off tens of millions of dollars of self-issued debt in a span of less than 8 months?

Three explanations given by Bitfinex include:

  • Because Bitfinex is a popular trading venue and lists a number of other cryptocurrencies including Ether (both ETH and ETC), it generated enough cash-flow in the form of transaction fees to carve off some of the losses.9
  • Outside investors, through BnkToTheFuture, exchanged fresh capital in exchange for BFX tokens and equity.
  • Bitfinex had a reduction in their contingent liability reserves.10

Another more recent speculative theory explores the connection between BFX redemptions and a cryptocurrency called “Tether.”

Source: Bitfinexed

What is Tether?

Its exact relationship status is complicated. Depending on who you talk to that is affiliated or was affiliated with Bitfinex, Tether Limited is a partially, or fully, or not-at-all owned subsidiary of Bitfinex.  Tether was announced in July 2014 and was originally called “Realcoin.”11

And one of the continual challenges in trying to follow this saga is that Bitfinex representatives, co-founders, and investors often post key comments in disparate social media channels across reddit, Twitter, Youtube, WeChat, TeamSpeak, Telegram, and others.  For instance, there are several different reddit threads discussing the Tether terms of service involving a co-founder and another one with the general counsel, but this material is not centralized in a way for users to easily follow it all.

Source: FinCEN MSB Registrant Search

Tether Limited is also a regulated money service business and has applied to operate in nearly every US state and territory (see above).

What are tethers?

According to the official terms of service:

Based on the information above, tethers are not money or currency and may not necessarily be redeemable for money.

In practice a “tether” is intended to be a type of “stablecoin.”

What is a stablecoin you ask?

Because cryptocurrencies lack any native ability to rebalance or readjust themselves relative to a pricing index, their continual volatility (as measured by purchasing power) causes headaches and risks to users, including those moving money across borders.  That is to say, in the time span it may take to satisfactorily confirm 1 bitcoin being transferred from your wallet to a merchant overseas, the market price may have moved a percent or two or three.12

What if there was some way to lock-in a set price and not be exposed to these constant swings in price?  Some merchant processors like BitPay and cryptocurrency OTC trading desks do quote and lock-in prices over a period of minutes, but these are not usually targeting the cross-border payment and remittance market.13

Another proposed solution, albeit one that involves similar counterparty risk, is a stablecoin which is a pegged value guaranteed or at least marketed as being pegged on par to a specific exchange rate.  The risk in this case is that the exchange operator might not fulfill his or her end of the deal (e.g., abscond with the funds).

There have been several theoretical approaches to creating a native stablecoin and a few efforts to actually implement them in the wild. Last year JP Koning chronicled the fate of one of them called NuBits.  On reflection: at some point they all fail, their peg ends up failing for one reason or another.14

And tether is no exception.

Tether is not so tethered

Originally 1 unit of tether was supposed to be equivalent to $1 USD.  At the time of this writing it has fallen to $0.93.

Why?

While Bitfinex has made a few public statements about “pausing” wire transfers, there has been no major public statement explaining the precise nature of the drop in tether price.  So a small army of internet users have pieced together a probable theory and it comes back to how Bitfinex operates.

Earlier this month, a lawsuit revealed that Bitfinex had sued WellsFargo – who had refused to process their wires and returned the USD-denominated funds – a bank that is integral to its correspondent banking relationships.  About a week later Bitfinex withdrew its lawsuit but not before people poured through the documents.

In summary we learned that Tether (which is named in the court documents) is a mechanism for enabling cross-border money flows; although we cannot say what the exact purpose was for these money flows is (e.g., pay for college tuition? buying a home? paying for a large order of buttery popcorn?).

Over a span of a few months, tens of millions of USD had been wired through WellsFargo into and out of four different banks in Taiwan which Bitfinex, Tether Limited, and other affiliated subsidiaries had commercial bank accounts with.  At some point this past March or perhaps earlier, someone on the compliance side of WellsFargo noticed this large flow of USD and for one reason or other (e.g., fell within the guidelines of a “suspicious activity report“?), placed a hold on the funds.

In early April Bitfinex’s parent company, as noted above, filed a lawsuit for WellsFargo to release these funds.  But about a week later retracted its suit.

According to a recent post from Mark Karpeles, the CEO who helmed Mt. Gox prior to its infamous bankruptcy, these actions set in motion a type of Streisand Effect: the lawsuit became newsworthy on mainstream media sites and consequently other banks — and compliance personnel at other banks — learned about the cryptocurrency exchange called Bitfinex and might (have) become wary of doing business with them.

We can only speculate as to all of what happened next, but we do know for certain that the bank accounts Bitfinex and Tether used in Taiwan were either fully terminated and/or unable to withdraw USD from late March until at least the time of this writing.

This is not the first time Bitfinex has been “debanked” before.  Phil Potter, the CFO of Bitfinex, recently gave an interview and explained that whenever they have lost accounts in the past, they would do a number of things to get re-banked.

In his words: “We’ve had banking hiccups in the past, we’ve just always been able to route around it or deal with it, open up new accounts, or what have you… shift to a new corporate entity, lots of cat and mouse tricks that everyone in Bitcoin industry has to avail themselves of.”

But this story isn’t about debanking cryptocurrency companies, a topic which could include the likes of Coinbase (which has been debanked multiple times as well).

Because there is currently no USD exit for Bitfinex users, a price discrepancy has noticeably grown between it and its peers.  The spread between exchanges is typically a good indication of how difficult it is to move into and out of fiat in a country as there are boutique firms that spend all day and night trying to arbitrage that difference.

In the case of Bitfinex, the BTC/USD pair now trades at about $50 to $75 higher than other exchanges such as Bitstamp.  This ties back into the challenges Mt. Gox users had in early 2014, as the ability to withdraw into fiat disappeared, the market price of bitcoins on Mt. Gox traded at a dramatically different level than other cryptocurrency exchanges.

That is not to say that what is happening at Bitfinex is the same thing that happened at Mt. Gox.15  However, there have not been many publicly released audits of most major exchanges in the wake of Mt. Gox’s bankruptcy three years ago.16  Noteably, BTC-e publicly stated it would begin publicly publishing accounting statements certified by external auditors.  It and its peers have not.

More questions than answers

About nine months has passed since the largest (as measured by USD) single successful attack took place on a cryptocurrency platform.17 Yet there are still many lingering questions.

For instance, on August 17, 2016, Bitfinex announced that they had hired Ledger Labs who, “is undertaking an analysis of our systems to determine exactly how the security breach occurred and to make our system’s design better going forward.”

According to one post, Michael Perklin was the Head of Security and Investigative Services at Ledger Labs and part of the team leading this investigation.  However in January 2017 a press release announced that Perklin was joining ShapeShift as the Chief Information Security Officer; his profile no longer exists at Ledger Labs. 18

Thus the question, what happened to the promise of a public audit?

Other questions that remain: as noted above, two of the ten biggest initial debt token (BFX) holders were employees.

Why did Bitfinex redeem the BFX tokens after they knew USD withdrawals were shut down?19  How many insiders such as investors and employees owned that last batch of redemptions?  What was the benefit of redeeming that last batch when they knew they were losing international wire capabilities?

It appears after the hack that Bitfinex shifted assets from the Bitinex side of the books to the customer side. Who owned the bulk of both tokens, and what protection are these virtual assets given by not being on the company books?  Or are they still on the books?

In terms of them redeeming after the withdrawals were ended, the original lawsuit documents lay out that as of March 31st, Bitfinex were actively emailing WellsFargo about the shutdown. The final BFX redemption was done a couple of days later and the lawsuit was filed shortly afterwards. It was roughly week later that Bitfinex informed the public about this international wire issue.  And Tether did not formally announce the issues until a few days ago.

Perhaps it is just miscommunication and only a matter of time before these questions are answered.

Going forward

Nearly two months ago, the SEC rejected a rule change for the COIN ETF to be listed on the BATS exchange.  Last week, the SEC said it would review that ruling.

Among other comments, the original 38 page ruling (pdf) gave a number of reasons why the Gemini-listed Winklevoss COIN ETF was being rejected. In the Commission’s words:

First, the exchange must have surveillance-sharing agreements with significant markets for trading the underlying commodity or derivatives on that commodity. And second, those markets must be regulated.

Later the Commission also writes that:

The Commission, however, does not believe that the record supports a finding that the Gemini Exchange is a “regulated market” comparable to a national securities exchange or to the futures exchanges that are associated with the underlying assets of the commodity – trust ETPs approved to date.

While the Gemini exchange is regulated in New York through a Trust charter, the vast majority of cryptocurrency exchanges and trading venues whose funds flow into and out of Gemini, are not.20

It is unclear what will happen to Tether holders, if they will ever be made whole.  Or what will happen to Bitfinex and future bank accounts.  Or if the COIN ETF and other similar cryptocurrency-denominated ETF’s will be green-lit by securities regulators.  Maybe these are all bumps in the road.

What we are a little more certain about:

(1) The Bitfinex hackers are still at large and no public post-mortem has been done to explain how it happened and what will be done to prevent future attacks.

(2) The unilateral self-issuance of the BFX “cryptoequity” was not done in a fully transparent manner as some customers had bigger haircuts than others nor is it clear if the extinguishing of these BFX coins was done through the use of tethers.

(3) That the tether “stablecoin” is not inherently stable and depends on fiat liquidity via the international correspondent banking network which raises the question of how to stabilize tether in the event that Tether Limited loses its bank accounts again.21

(4) That marketplaces such as Bitfinex — despite a general lack of transparency (where is the “About” page with executive bios?) — are still used as part of the weighting mechanisms in ETFs, including at one stage the Winkdex (which has since been deprecated) as well as the current Tradeblock XBX index used in a couple other proposed ETFs.

Solutions

As mentioned at the beginning of the post, the current trend over the past four years is that as Bitcoin intermediaries continue to operate as intermediaries and trusted third parties they increase their chances of regulatory scrutiny and oversight.

This empirical fact versus the original theoretical cypherpunk vision is arguably a type of cognitive dissonance.  As Section 1 of the Nakamoto whitepaper explained:

Commerce on the Internet has come to rely almost exclusively on financial institutions serving as trusted third parties to process electronic payments. While the system works well enough for most transactions, it still suffers from the inherent weaknesses of the trust based model. Completely non-reversible transactions are not really possible, since financial institutions cannot avoid mediating disputes. The cost of mediation increases transaction costs, limiting the minimum practical transaction size and cutting off the possibility for small casual transactions, and there is a broader cost in the loss of ability to make non-reversible payments for non-reversible services.

The Bitfinex hack that occurred in August 2016 created measurable amounts of new transactions costs that ended up being mediated through a wide array of social media channels; non-reversibility does not appear to have helped reduce these costs.  For all of the “backed-by-maths” and “epistemological” talk about routing around trusted third parties, Bitfinex and its peers, still play a key role in providing continuous fiat <–> cryptocurrency liquidity to the marketplace.  And as illustrated with the lawsuit above, by in large, these exchange platforms heavily depend on banking access moreso now than at any other time before.

Last summer I proposed a Kimberley Process for Cryptocurrencies: in which market participants met with various regulatory stakeholders to iron out how to stop predators, remove encumbrances, and create best-practices for financial controls in this nascent space.

As more cryptocurrency platforms attempt to comply with a variety of regulations including the surveillance collection and sharing requirements (e.g., KYC and AML), this will likely increase the demand for the tools found in the growing field of “regtech.”

For example, if Alice can cryptographically prove the chain-of-custody from her customer to her customers customer, then she may be able to comply with the banks surveillance requirements and maintain her bank accounts — and international wiring access — as she grows her remittance platform.

There is a set of technology under development and in early pilots that enables  authentication, provenance tracking, and document management and much of it involves digital signatures, standardized/mutualized KYC processes, and permissioned distributed ledgers.  Documentation management, in this case, goes beyond just hashing and timestamping documents to include automatically updating legal agreements and contracts over their entire lifecycle.

Some of it also involves sophisticated data analytic tools created by startups such as Blockseer and Chainalysis.  Universities such as UCL are automating regulatory processes.  And on the enterprise side, there are companies that have built a shared KYC registry and other identity-related tools for highly regulated financial institutions to comply with a battery of reporting requirements.22

Whether these will be adopted by the cryptocurrency community is another matter, but these tools will soon exist in full production mode and could help provide better visibility, auditability, and transparency for investors, users, entrepreneurs, law enforcement, compliance teams, and regulators around the world.

If you’re interested in learning more about these mechanisms, feel free to reach out or leave a comment below.

Endnotes

  1. During an interview on April 3, 2017, Phil Potter mentioned that Bitfinex has 25 shareholders and BnkToTheFuture SPV.  The same interview someone says that there are 450 shareholders of their equity but it is unclear if that is through the BFX token. []
  2. Approximately 1,061 of these coins were moved in March 2017. []
  3. Bitfinex, like all other cryptocurrency exchanges, has experienced significant price crashes in 2014, 2015, and again in 2016 — often as the consequence of a hack. []
  4. There were exceptions. Some users reported smaller haircuts as they were customers of SynapsePay.  Another user claims to have retained a lawyer and he did not have any haircut.  In an interview on April 3, 2017, Phil Potter mentions that they had received some “demand” letters from customers but Bitfinex was able to “quell” those.  See also: You’ve Been ButtFinessed from BitMEX []
  5. BFX was not initially tradeable. []
  6. One staff member is publicly listed, Alistair Milne, but no information is given as to how much BFX, RRT, and company equity he or other staff of BFX Trust may own. []
  7. You’ve Been ButtFinessed from BitMEX []
  8. Group correspondence, August 3, 2016 []
  9. In an interview on April 3, 2017 Phil Potter mentions that the past month they generated $3.5 million (net) from trading volumes and that there are 175 million shares outstanding. []
  10. In an interview on April 3, 2017, Phil Potter mentions that they used the “vast majority” of these reserves. []
  11. The CTO of Realcoin, Craig Sellers, is also the current CTO of Bitfinex.  Sellers is currently a team member of the Omni Foundation.  The general counsel of Tether and Bitfinex are the same individual, Stuart Hoegner.  Brock Pierce is the co-founder of Realcoin. The underlying technology for Realcoin/Tether is Mastercoin, a platform managed by the Mastercoin Foundation (now called the Omni Foundation).  Pierce was one of the founding members of the Mastercoin Foundation before resigning in July 2014. []
  12. Depending on the transaction fee sent to a mining pool, the suggested “safe” confirmation intervals are 3-6 blocks which on average takes 30-60 minutes to build on and propagate across the network. []
  13. There are some remittance companies that utilize Bitcoin as a payment rail; they often try to lock-in a specific value amount during a time-boxed time period but it varies depending on local conditions and business models. []
  14. BitUSD is the sole survivor right now, although it has relatively very little volume. []
  15. The missing Mt. Gox bitcoins from WizSec []
  16. During an April 3, 2017 interview Phil Potter mentions that in order to get an auditor to look at their books, it would be easier to do if they first got rid of the BFX token. []
  17. The DAO was a DAO, not an exchange. []
  18. There are several other interconnected relationships: according to a prior funding announcement, Bitfinex is an investor in ShapeShift.  Similarly, at least one principal in Bitcoin Capital, which has invested in ShapeShift, is also an executive at BnkToTheFuture, which led the recapitalization of Bitfinex following its August 2016 hack. []
  19. During an interview on April 12, 2017, Phil Potter mentioned that when trying to acquire a new banking partnership, the BFX debt tokens were a problem for them, so Bitfinex redeemed them. []
  20. A few others have obtained a BitLicense, but on the whole, most cryptocurrency exchange platforms do not attempt to comply with the strict requirements found in either the BitLicense or Trust charter in New York, let alone at a national level. []
  21. Based on the current terms of of service, according to the Tether Limited general counsel, tethers may not be readable for a variety of reasons. []
  22. This is not to say these new tools are a panacea or silver bullet for detecting all types of money laundering or preventing fraud or stopping identity fraud.  A standardized KYC framework and digital signature-based toolset can help mitigate some of these issues. []
Send to Kindle

Activities for the first few months of 2017

NYU School of Business

There are a number of internal papers we published over the past several months that the R3 research team and I helped manage and edit.

This includes:

In addition, below are the various public / external activities and interactions I was involved with the past several months.

Events, panels, and presentations:

Interviews and quotes:

Citation:
Send to Kindle

Intranets and the Internet

It is early into 2017 and at fintech events we can still hear a variety of analogies used to describe what blockchains and distributed ledger technology (DLT) are and are not.

One of the more helpful ones is from Peter Shiau (formerly of Blockstack.io) who used an automobile analogy involving the Model T to describe magic internet chains:1

The Ford Motor Company is well known for its production engineering innovation that gave us the Model T. To this day, the Ford Model T is one of the best selling automobiles of all-time thanks to the sheer number produced and affordability for American middle class families.  And while it was remarkable that Ford was able to sell so many cars, it is well understood Ford’s true innovation was not the Model T but in fact the modern assembly line.

It was this breakthrough that enabled Ford to build a new car every 93 minutes, far more quickly than any of its competitors. Not unlike the Model T, cryptocurrencies like Bitcaoin, are every bit the product of a similar innovative process breakthrough that today we call a “blockchain.”

Carrying the analogy a little further, what is even more powerful about this modern equivalent of the assembly line is that it is not just useful for building cars but also vans and trucks and boats and planes. In just the same way, a blockchain is not just useful for creating a cryptocurrency, but can be applied to a many different processes that multiple parties might rely on to reach agreement on the truth about something.

Less helpful, but all the same plentiful, are the many red herrings and false equivalences that conferences attendees are subjected to.

Arguably, the least accurate analogy is that public blockchains can be understood as being “like the internet” while private blockchains “are like intranets”.

Why is this one so wrong and worthy of comment?

Because it is exactly backwards.

For example, if you want to use a cryptocurrency like Bitcoin, you have to use bitcoin; and if you want to use Ethereum, you have to use ether.  They are not interoperable.  You have to use their proprietary token in order play in their walled garden.

As described in detail below, the internet is actually a bunch of private networks of internet service providers (ISPs) that have legal agreements with the end users, cooperate through “peering” agreements with other ISPs, and communicate via a common, standardized routing protocols such as BGP which publishes autonomous system numbers (ASNs).

In this respect, what is commonly called “the Internet” is closer to interoperable private, distributed ledger networks sharing a common or interoperable communication technology than anarchic, public cryptocurrency blockchain networks, which behave more like independent isolated networks.

Or in short: by design, cryptocurrencies are intranet islands whereas permissioned distributed ledgers — with interoperability hooks (“peering” agreements) — are more like the internet.2

Sidebar

Let’s do a short hands-on activity to see why the original analogy used at fintech conferences is a false equivalence with implications for how we need to frame the conversation and manage expectations in order to integrate DLT in to our reference and business architecture.

If you are using a Windows-based PC, open up a Command window.  If you’re using a Mac or Android device, go to a store and buy a Windows-based PC.

Once you have your Command window open, type in a very simple command:

tracert: www.google.com

Wait a few seconds and count the hops as your signal traces the route through various network switches and servers until you finally land on your destination.  From my abode in the SF area, it took 10 hops to land at Google and 7 hops to land at Microsoft.

If you did this exercise in most developed countries, then the switches and servers your signal zigged and zagged through were largely comprised of privately owned and operated networks called ISPs.  That is to say, what is generally described as “the internet” is just a bunch of privately run networks connected to one another via several types of agreements such as: transit agreements, peering agreements, and interconnect agreements.

By far the most widely used agreement is still done via the proverbial “handshake.”  In fact, according to a 2012 OECD report, 99.5% of internet traffic agreements are done via handshakes.  There is also depeering, but more on that later.

What do all these agreements look like in practice?

According to the 2016 Survey of Internet Carrier Interconnection Agreements (pdf):

The Internet, or network of networks, consists of 7,557 Internet Service Provider (ISP) or carrier networks, which are interconnected in a sparse mesh. Each of the interconnecting links takes one of two forms: transit or peering. Transit agreements are commercial contracts in which, typically, a customer pays a service provider for access to the Internet; these agreements are most prevalent at the edges of the Internet, where the topology consists primarily of singly connected “leaf” networks that are principally concerned with the delivery of their own traffic. Transit agreements have been widely studied and are not the subject of this report. Peering agreements – the value-creation engine of the Internet – are the carrier interconnection agreements that allow carriers to exchange traffic bound for one another’s customers; they are most common in the core of the Internet, where the topology consists of densely interconnected networks that are principally concerned with the carriage of traffic on behalf of the networks which are their customers.

Colloquially it is a lot easier to say “I want to use the Internet” instead of saying “I want to connect with 7,557 ISPs interconnected in a sparse mesh.”

Back to topology, each ISP is able to pass along traffic that originated from other networks, even if these external networks and the traffic therein originate from foreign countries, because the physical systems can speak to one another via standardized transport protocols like TCP and UDP and route via BGP.3 4

Thus there is no such thing as a physical “internet rail,” only an amalgam of privately and publicly owned networks stitched together.

And each year there is inevitably tension between one more ISP and consequently depeering takes place.  A research paper published in 2014 identified 26 such depeering examples and noted that while depeering exists:

Agreements are very quite affair and are not documented for, they are mostly handshake agreements where parties mutually agree  without  any  on  record  documentation.  This  argument is supported by the fact that 141,512 Internet Interconnection Agreements out of 142,210 Internet Agreements examined till March 2011 were Handshake Agreements.

This is the main reason you do not hear of disputes and disagreements between ISPs, this also dovetails into the “net neutrality” topic which is beyond the scope of this post.

Intranets

Just as the internet is an imperfect analogy for blockchains and DLT in general, so is its offspring the “intranet” is a poor analogy for a permissioned blockchains.  As noted above, the internet is a cluster of several thousand ISPs that typically build business models off of a variety of service plans in both the consumer and corporate environments.

Some of these server plans target corporate environments and also includes building and maintaining “private” intranets.

What is an intranet?

An intranet is a private network accessible only to an organization’s staff. Generally a wide range of information and services from the organization’s internal IT systems are available that would not be available to the public from the Internet. (Source)

And while more and more companies migrate some portion of their operations and work flows onto public and private “clouds,” intranets are expected to be maintained given their continued utility.  From an infrastructure standpoint, notwithstanding that an intranet could be maintained one or more more servers through Software Defined Networks (SDNs), it is still a subset of a mash up of ISPs and mesh networks.

What does this have to do with magic internet chains?

A private blockchain or private distributed ledger, is a nebulous term which typically means that the validation process for transactions is maintained by known, identified participants, not pseudonymous participants.  Depending on the architecture, it can also achieve the level of privacy that is associated with an intranet while staying clear of the hazards associated with preserving true pseudonymity.

Why is the “intranet” analogy so misleading and harmful?

For multiple reasons.

For starters, it is not really valid to make a sweeping generalization of all identity-based blockchains and distributed ledgers, as each is architected around specific use-cases and requirements.  For instance, some vendors insist on installing on-premise nodes behind the firewall of an enterprise.  Some vendors setup and run a centralized blockchain, from one or two nodes, for an enterprise. Some others tap into existing operational practices such as utilizing VPN connections.  And others spin up nodes on public clouds in data centers which are then operated by the enterprise.

There are likely more configurations, but as noted above: from a topological perspective in some cases these private blockchains and distributed ledgers operate within an intranet, or on an ISP, or even as an extranet.

Fundamentally the biggest difference between using an ISP (“the internet”) and using an intranet is about accessibility, who has access rights.  And this is where identity comes into play: most ISPs require the account holder to provide identification materials for what is effectively KYC compliance.

Thus while you may be visit a coffee shop like Starbucks who provides “free” access, Starbucks itself is an identified account holder with an ISP and the ISP could remove Starbucks access for violating its terms of service.  Similarly, most coffee shops, airports, schools, etc. require users to accept a terms of service acknowledging that their access can be revoked for violating it.

Source: FireFox 51.0.1

In short, both the internet and intranet are in effect part of identity and permission-based networks.  There is no such thing as an identity-less internet, only tools to mask the users identity (e.g., Tor, Peerblock, Whisper).  In the same way that, “private” intranets are a fallacy.

Anarchic chains, which were designed to operate cryptocurrencies like Bitcoin, attempt to create an identity-less network on top of an identifiable network, hence the reason people involved in illicit activities can sometimes be caught.

Identity

Interestingly, where the internet analogy does hold up is in how public, anarchic blockchains are no less challenged by the effort and complexity of truly masking identity. I mentioned this in a footnote in the previous post, but it deserves being highlighted once more. Anarchic blockchains inspired by cryptocurrencies such as Bitcoin, used blocks because Satoshi wanted identity-free consensus (e.g., pseudonymity).  That implies miners can come and go at will, without any kind of registration, which eliminated the choice of using any existing consensus algorithm.

As a result, Satoshi’s solution was proof-of-work (PoW).  However, PoW is susceptible to collisions (e.g., orphan blocks).  When a collision occurs you have to wait longer to obtain the same level of work done on a transaction. Thus you want to minimize them, which resulted in finding a PoW on average every ten minutes.  This means that in a network with one minute propagation delays, not unlikely in a very large network (BGP sees such propagation times) then you waste ~10% of total work done, which was considered an acceptable loss rate in 2008 when Satoshi was designing and tweaking the parameters of the system.

Distributed ledgers such as Corda, use a different design and exist precisely as an identified network, where members cannot just come and go at will, and do have to register. With Corda, the team also assumes relatively low propagation times between members of a notary cluster.  One of the key differences between mere PoW (i.e. hashcash) and a blockchain is that in the latter, each block references the prior – thus PoWs aggregate.  It can be tough to do that unless all transactions are visible to everyone and there is a single agreed upon blockchain but if you do not, you will not get enough PoW to yield any meaningful security

When fintech panels talk about the notion of “open” or “closed” networks, this is really a red herring because what is being ignored is how identity and permission work and are maintained on different types of networks.

From the standpoint of miner validation, in practice cryptocurrencies like Bitcoin are effectively permission-based: the only entity that validates a transaction is effectively 1 in 20 semi-static pools each day.  And the miners/hashers within those pools almost never individually generate the appropriate/winning hash towards finding a block.  Each miner generates trillions of invalid hashes each week and are rewarded with shares of a reward as the reward comes in.

And if you want to change something or possibly insert a transaction, you need hashrate to do so.  Not just anyone running a validating node can effect change.

More to the point, nearly all of these pools and many of the largest miners have self-doxxed themselves.  They have linked their real world identities to a pseudonymous network whose goals were to mask identities via a purposefully expensive PoW process.  As a result, their energy and telecommunication access can be revoked by ISPs, energy companies, and governments.  Therefore calling anarchic or public blockchains “open” is more of a marketing gimmick than anything else at this stage.

Clarity

AOL and CompuServe were early, successful ISPs; not intranets.5  Conflating these terms makes it confusing for users to understand the core technology and identify the best fit use-cases. 6

Alongside the evolution of both the “cloud” and ISP markets, it will be very interesting to watch the evolution of “sovereign” networks and how they seek to address the issue of identity.

Why?

Because of national and supranational laws like General Data Protection Regulation (GDPR) that impacts all network users irrespective of origin.

For instance, Marley Gray (Principal Program Manager Blockchain at Microsoft) recently explained in an interview (above) how in order to comply with various data regulations (data custody and sovereignty), Microsoft acquired fiber links that do not interact with the “public” internet.  That is to say, by moving data through physically segregated “dark” networks, Microsoft can comply with requirements of its regulated customers.

And that is what is missing from most fintech panels on this topic: at the end of the day who is the customer and end-user.

If it is cypherpunks and anarchists, then anarchic chains are built around their need for pseudonymous interactions.  If it is regulated enterprises, then identity-based systems are built around the need for SLAs and so forth.  The two worlds will continue to co-exist, but each network has different utility and comparative advantage.

Acknowledgements: I would like to thank Mike Hearn, Stephen Lane-Smith, Antony Lewis, Marcus Lim, Grant McDaniel, Emily Rutland, Kevin Rutter, and Peter Shiau for their constructive feedback. This was originally sent to R3 members on March 31, 2017.

Endnotes

  1. His analogy is reused with permission. []
  2. From a network perspective, some of the integration and interop challenges facing DLT platforms could be similar to the harried IPv4 vs IPv6 coexistence over the past decade.  Who runs the validating nodes, the bridges — the links between the chains and ledgers — still has to be sorted out.  One reviewer noted that: If you equate IPv4 (TCP/UDP/ICMP) to DLTv4 where BGPv4 enables IPv4 networks to interact, we need an equivalent for BPGv4, say DLTGPv4 (DLT Gateway Protocol) for DLTv4 fabrics (ISPv4s) to interact and the same thing for IPv6 and DLTv6 where DLTv6 is a different DLT technology than DLTv4.  So the basic challenge here is solving integration of like DLT networks. []
  3. Venture capitalists such as Marc Andreessen and Fred Wilson have stated at times that they would have supported or invested in something akin to TCPIPcoins or BGPcoins.  That is to say, in retrospect the missing element from the “internet stack” is a cryptocurrency.  This is arguably flawed on many levels and if attempted, would likely have stagnated the growth and adoption of the internet, see page 18-19. []
  4. One reviewer noted that: Because of the IPv4 address restrictions (address space has been allocated – relying on auctions etc for organizations to acquire IPv4 addresses), some sites now only have an IPv6 address.  Most devices today are dual stack (support IPv4 and IPv6), but many ISPs and older devices still only support IPv4 creating issues for individuals to access IPv6 resulting in the development of various approaches for IPv4 to IPv6 (e.g. GW46 – my generic label).  I think, the question with DLTGW46 is whether to go dual stack or facilitate transformation between v4 and v6. []
  5. A reviewer who previously worked at AOL in the mid ’90s noted that: “In its early days, AOL was effectively a walled garden.  For example, it had its own proprietary markup language called RAINMAN for displaying content. And access to the internet was carefully managed at first because AOL wanted its members to stay inside where content was curated and cultural norms relatively safer — and also desirable for obvious business reasons.” []
  6. One reviewer commented: “In my opinion, the “internet” cannot be created by a single party. It is an emergent entity that is the product of multiple ISPs that agree to peer – thus the World Wide Web. DLT-based and blockchain-based services first need to develop into their own robust ecosystems to serve their own members. Eventually, these ecosystems will want to connect because the value of assets and processes in multiple ecosystems will increase when combined.” []
Send to Kindle

A brief history of R3 – the Distributed Ledger Group

What’s in a name?

I was at an event last week and someone pulled me aside asked: why do you guys at R3 typically stress the phrase “distributed ledger” instead of “blockchain”?

The short answer is that they are not the same thing.

In simplest terms: a blockchain involves stringing together a chain of containers called blocks, which bundle transactions together like batch processing, whereas a distributed ledger, like Corda, does not and instead validates each transaction (or agreement) individually.1

The longer answer involves telling the backstory of what the R3 consortium is in order to highlight the emphasis behind the term “distributed ledger.”

Inspired by IMF report, page 8

Genesis

R3 (formerly R3 CEV) started out as a family office in 2014.2 The “3” stood for the number of co-founders: David Rutter (CEO), Todd McDonald (COO), and Jesse Edwards (CFO). The “R” is the first initial of the CEO’s last name.  Very creative!

During the first year of its existence, R3 primarily looked at early stage startups in the fintech space.  The “CEV” was an acronym: “crypto” and “consulting,” “exchanges,” and “ventures.”

Throughout 2014, the family office kept hearing about how cryptocurrency companies were going to obliterate financial institutions and enterprises.  So to better understand the ecosystem and drill into the enthusiasm around cryptocurrencies, R3 organized and held a series of round tables.

The first was held on September 23, 2014 in NYC and included talks from representatives of: DRW, Align Commerce, Perkins Coie, Boost VC, and Fintech Collective.  Also in attendance were representatives from eight different banks.

The second round table was held on December 11, 2014 in Palo Alto and included talks from representatives of: Stanford, Andreessen Horowitz, Xapo, BitGo, Chain, Ripple, Mirror, and myself.  Also in attendance were representatives from 11 different banks.

By the close of 2014, several people (including myself) had joined R3 as advisors and the family office had invested in several fintech startups including Align Commerce.

During the first quarter of 2015, David and his co-founders launched two new initiatives.  The first was LiquidityEdge, a broker-dealer based in NYC that built a new electronic trading platform for US Treasurys.3  It is doing well and is wholly unrelated to R3’s current DLT efforts.

The second initiative was the incorporation of the Distributed Ledger Group (DLG) in Delaware in February 2015.  By February, the family office had also stopped actively investing in companies in order to focus on both LiquidityEdge and DLG.

In April 2015 I published Consensus-as-a-Service (CaaS) which, at the time, was the first paper articulating the differences between what became known as “permissioned” and “permissionless” blockchains and distributed ledgers.  This paper was then circulated to various banks that the small R3 team regularly interacted with.

The following month, on May 13, 2015, a third and final round table was held in NYC and included talks from representatives of Hyperledger (the company), Blockstack, Align Commerce and the Bank of England.  Also in attendance were representatives from 15 banks as well as a market infrastructure operator and a fintech VC firm.  In addition to the CaaS paper, the specific use-case that was discussed involved FX settlement.4

The transition from a working group to a commercial entity was formalized in August and the Distributed Ledger Group officially launched on September 1, 2015 although the first press release was not until September 15.  In fact, you can still find announcements in which the DLG name was used in place of R3.

By the end of November, phase one of the DLG consortium – now known as the R3 consortium – had come to a conclusion with the admission of 42 members.  Because of how the organization was originally structured, no further admissions were made until the following spring (SBI was the first new member in Phase 2).

So what does this all have to do with “distributed ledgers” versus “blockchains”?

Well, for starters, we could have easily (re)named or (re)branded ourselves the “Blockchain Group” or “Blockchain Banking Group” as there are any number of ways to plug that seemingly undefinable noun into articles of incorporation.  In fact, DistributedLedgerGroup.com still exists and points to R3members.com.5 So why was R3 chosen?  Because it is a bit of a mouthful to say DistributedLedgerGroup!

Corda’s genesis

Upon launch, the architecture workstream lead by our team in London (which by headcount is now our largest office), formally recognized that the current hype that was trending around “blockchains” had distinct limitations.  Blockchains as a whole were designed around a specific use-case – originally enabling censorship-resistant cryptocurrencies. This particular use-case is not something that regulated financial institutions, such as our members, had a need for.

While I could spend pages retracing all of the thought processes and discussions surrounding the genesis of what became Corda, Richard Brown’s view (as early as September 2015) was that there were certain elements of blockchains that could be repurposed in other environments, and that simply forking or cloning an existing blockchain – designed around the needs of cryptocurrencies – was a non-starter.  At the end of that same month, I briefly wrote about this view in a post laying out the Global Fabric for Finance (G3F), an acronym that unfortunately never took off. In the post I specifically stated that, “[i]t also bears mentioning that the root layer may or may not even be a chain of hashed blocks.”

In October 2015, both James Carlyle and Mike Hearn formally joined the development team as Chief Engineer and lead platform engineer respectively.  During the fall and winter, in collaboration with our members, the architecture team was consumed in the arduous process of funneling and filtering the functional and non-functional requirements that regulated financial institutions had in relation to back office, post-trade processes.

By the end of Q1 2016, the architecture team gestated a brand new system called Corda.  On April 5, 2016, Richard published the first public explanation of what Corda was, what the design goals were and specifically pointed out that Corda was not a blockchain or a cryptocurrency.  Instead, Corda was a distributed ledger.

Prior to that date, I had personally spent dozens of hours clarifying what the difference between a blockchain and a distributed ledger was to reporters and at events, though that is a different story.  Unfortunately even after all these explanations, and even after Richard’s post, the Corda platform was still inappropriately lumped into the “blockchain” universe.

Following the open sourcing of Corda in November 2016, we formally cut the “CEV” initials entirely from the company name and are now known simply as R3.  Next year we plan to make things even shorter by removing either the R or 3, so watch out domain squatters!

Today

As of February 2017, the R3 consortium is formally split into two groups that share knowledge and resources: one group is focused on building out the Corda platform and the other, the Lab and Research Center, is focused on providing a suite of services to our consortium members.  I work on the services side, and as described in a previous post, my small team spends part of its time filtering vendors and projects for the Lab team which manages several dozen projects at any given time for our consortium members.

The Lab team has completed more than 20 projects in addition to 40 or so ongoing projects.  Altogether these involved (and in some cases still involve) working with a diverse set of platforms including Ethereum, Ripple, Fabric, Axoni, Symbiont and several others including Corda.  Since we are member driven and our members are interested in working and collaborating on a variety of different use-cases, it is likely that the services side will continue to experiment with a range of different technologies in the future.

Thus, while it is accurate to call R3 a technology company focused on building a distributed ledger platform and collaborating with enterprises to solve problems with technology, it is not accurate to pigeonhole it as a “blockchain company.”  Though that probably won’t stop the conflation from continuing to take place.

If you are interested in understanding the nuances between what a blockchain, a database, and a distributed ledger are, I highly recommend reading the multitude of posts penned by my colleagues Antony Lewis and Richard Brown.

  1. Blockchains inspired by cryptocurrencies such as Bitcoin used blocks because Satoshi wanted identity-free consensus (e.g., pseudonymity).  That implies miners can come and go at will, without any kind of registration, which eliminated the choice of using any existing consensus algorithm.

    As a result, Satoshi’s solution was proof-of-work (PoW).  However, PoW is susceptible to collisions (e.g., orphan blocks).  When a collision occurs you have to wait longer to obtain the same level of work done on a transaction. Thus you want to minimize them, which resulted in finding a PoW on average every ten minutes.  This means that in a network with one minute propagation delays, not unlikely in a very large network (BGP sees such propagation times) then you waste ~10% of total work done, which was considered an acceptable loss rate in 2008 when Satoshi was designing and tweaking the parameters of the system.

    Distributed ledgers such as Corda, use a different design because it is an identified network, where members cannot just come and go at will, and do have to register. With Corda, the team also assumes relatively low propagation times between members of a notary cluster.  One of the key differences between mere PoW (i.e. hashcash) and a blockchain is that in the latter, each block references the prior – thus PoWs aggregate.  It can be tough to do that unless all transactions are visible to everyone and there is a single agreed upon blockchain but if you do not, you will not get enough PoW to yield any meaningful security. []

  2. The R3CEV.com domain was created on August 13, 2014. []
  3. It may look like an odd spelling, but Treasurys is the correct spelling. []
  4. At the time, I was an advisor to Hyperledger which was acquired by Digital Asset the following month. []
  5. The DistributedLedgerGroup.com domain was created on December 23, 2014 and R3members.com was created on March 15, 2016. []
Send to Kindle

Layer 2 and settlement

Nary a week goes by without having to hear a startup claim their service will have the ability to “settle” a cryptocurrency or virtual asset or something “smart,” on to Layer 2.  In this instance, Layer 2 refers to a separate network that plugs into a cryptocurrency via off-chain channels.1

This often comes up in conjunction with conversations surrounding the Bitcoin block size debate: specifically around (hypothetically) scaling to enable Visa-like transaction throughput vis-a-vis projects like the Thunder and Lightning network proposals which are often characterized as Layer 2 solutions.2

As Wolfgang Pauli might say, this is not even wrong.

Why?  For starters, the comparisons are not the same.

Visa is a credit clearing and authentication network, not a settlement network; in contrast no cryptocurrency has credit lines baked-in.  In addition – as I penned a year ago – in practice “settlement” is a legal concept and typically requires ties into the existing legal infrastructure such as courts and legally approved custodians. 3

Two simplified examples: (1) If Bob wanted to settle cash electronically and he lived in just about any country on the globe, the only venue that this electronic cash ultimately settles in right now is a central bank usually via its real-time gross settlement (RTGS) network.  And (2), if Bob owned the title to a (dematerialized) security and he is trying to transfer ownership of it to someone else, the security ultimately settles in a central securities depository (CSD) such as the DTCC or Euroclear.

What does this have to do with the world of blockchains and DLT?

As of this writing, no central bank-backed digital currency (CBDC) exists.4 As a consequence, there is no real digital cash settlement taking place on any ledger outside of a banks’ own ledger (yet).

One of the key goals for DLT platforms is to eventually get “cash on-ledger” issued by one or more central bank.  For instance, at R3 we are currently working on a couple of CBDC-related projects including with the Bank of Canada and Monetary Authority of Singapore.  And other organizations are engaged in similar efforts.

Why?

In short, one of the potential advantages of using a CBDC issued onto a distributed ledger is the enabling of network participants (such as financial institutions) to settle dematerialized (digitized) asset transfers without relying on outside reconciliation processes. Delivery versus Payment (DvP), the simultaneous exchange of an asset and its payment, could actually take place on-chain.5

However, today if participants on a distributed ledger wanted to settle a trade in cash on a distributed ledger, they could not. They would still need to settle via external processes and mechanisms, which according to an estimate from Autonomous research, collectively costs the industry $54 billion a year.  As a result, the industry as a whole is attempting to reduce and – if possible – remove frictions such as these post-trade processes.6  And according to a recent paper from the Bank of England as well as a new paper from the Federal Reserve, CBDCs are one invention that potentially could reduce some of these associated frictions and processes.

So how does that tie back in to a hypothetical Layer 2 or 3, 4, 5, connected to a cryptocurrency network?

Assuming one or more of the Lightning implementations is built, deployed, and goes “into production,” the only object that is being tracked and confirmed is a cryptocurrency.7

Cryptocurrencies, as I have written before, are anarchic: purposefully divorced from legal infrastructure and regulatory compliance.

As a result, it cannot be said that “Layer 2” will act as a settlement layer to anything beyond the cryptocurrency itself, especially since the network it attaches to can at most by design only guarantee probabilistic finality.  In fact, the most accurate description of these add-on networks is that each Lightning implementation requires building completely separate networks run and secured by different third parties: pseudonymous node operators acting as payment processors.  What are the service-level agreements applied to these operators?  What happens if it is no longer profitable or sustainable to operate these nodes?  Who are you going to call when something – like routing – doesn’t work as it is supposed to?

And like most cryptocurrencies, Lightning (the generic Lightning) is developed as a public good, which – as a recent paper explored – may have hurdles from a fiduciary, governance, and accountability perspective.

Assuming the dev teams working on the various implementations solve for decentralized routing and other challenges, at most Lightning will be a clearing network for a cryptocurrency, not electronic cash or securities.  Therefore proponents of existing Layer 2 network proposals might want to drop the “settlement” marketing language because settlement probably isn’t actually occurring.  Trade confirmations are.

But what about colored coins?  Can’t central banks just use the Bitcoin network itself and “peg” bitcoins directly to cash or set-up a Bitcoin-like system that is backed by the central bank itself?

These are tangential to “Layer 2” discussion but sure, they could in theory.  In fact, the latter is an idea explored by JP Koning in a soon-to-be published paper on “Fedcoin.”  In practice this is probably not ideal for a variety of reasons including: privacy, confidentiality, recourse, security, scalability, public goods problems, and the fact that pseudonymous miners operating outside the purview of national regulatory bodies would be in charge of monetary policy (among many other regulatory compliance issues).

Why not just use an existing database to handle these regulated financial instruments then?  This is a topic that has and will fill academic journals in the years to come (e.g., RSCoin).  But for starters I recommend looking at a previous post from Richard Brown and two newer posts from Antony Lewis.

Conclusion

There are real, non-aesthetic reasons why aviation designers and manufacturers stopped building planes with more than two or three wings, namely aerodynamics.  Creative ideas like Lightning may ultimately be built and deployed by cryptocurrency-related companies and organizations, but it is unclear how or why any regulated enterprise would use the existing proposals since these networks are not being architected around requirements surrounding settlement processes.

Perhaps that will change in time, but laws covering custody, settlement, and payment processing will continue to exist and won’t disappear because of anarchic “Layer 2” proposals.  Maybe it is possible to borrow and clone some of the concepts, reusing them for alternative environments, just like some of the “blockchain”-inspired platforms have reused some of the ideas underlying cryptocurrencies to design new financial market infrastructure.  Either way, both worlds will continue to co-exist and potentially learn from one another.

Endnotes

  1. From a word choice, it is arguably a misnomer to call Lightning a “layer” at all because relatively little is being built on top of Bitcoin itself.  These new networks are not powered by mining validators whereas colored coin schemes are. []
  2. While he doesn’t delve too much into any of these specific projects, Vitalik Buterin’s new paper on interoperability does briefly mention a couple of them.  Also note that the Teechan proposal is different than Lightning in that the former scales via trusted hardware, specifically Intel’s SGX tech, and sidesteps some of the hurdles facing current Lightning proposals. []
  3. This topic is a ripe area for legal research as words need to be precisely defined and used.  For instance, if bitcoins do not currently “settle” (in the sense that miners and users do not tie on-chain identities into court recognized identity, contract, and ledger systems thereby enabling traditional ownership transfer), does this impact government auctions of seized cryptocurrencies?  What was the specific settlement process involved in the auction process and are encumbrances also transferred?  It appears in practice, that in these auctions bitcoins do transfer in the sense that new entities take control of the private key(s), is this settlement? []
  4. An argument can be made that there are at least 3 publicly known exceptions to this, though it depends on the definition of an in-production CBDC.  This includes vendors working with: Senegal, Tunisia, and Barbados. []
  5. In blockchain parlance this is called an “atomic transfer.” []
  6. It is not just reconciliation processes, it is the actual DvP itself (plus the subsequent “did you get it yet” reconciliation processes). []
  7. As an aside, what are the requirements for “being in production?”  In the enterprise world, there is a difference between being in a sandbox and being in production.  Which blockchain(s) have been vetted for and secured against real production level situations and fulfilled functional requirements such as scaling and preserving confidentiality? []
Send to Kindle

Chainwashing

I was recently talking with a friend who spent the past decade in an operations role at a large enterprise in the telecommunication sector.  He has a matter-of-fact personality that likes to cut through the smoke and mirrors to find the fire.

I explained to him my role of having to filter through the dozens of entities that my market research team at R3 speaks with each month. And the formal process that our small team uses to look and find organizations that would be a good fit for R3’s Lab project pipeline.

For instance, because we typically act as the first part of the funnel for our organization, we end up listening to a great deal of startup pitches. And we are continually bombarded by endless “blockchain” and DLT noise.  The first year alone we looked at and spoke to more than 300 entities, a number that has now reached about 400.

This is not to say that there are only 400 companies/vendors/organizations/projects billing themselves as “blockchain” related entities… unfortunately that nebulous term has ballooned to encompass everything from cryptocurrencies to big data to IoT and now probably numbers in the thousands.

If you’re working in capital markets, how to tell the pretenders from the real deal?

Should you seek advice from people who never interface with enterprises or institutions and get all their wisdom from social media?  Or listen to columnists whose only interaction with banks is the ATM or a cryptocurrency meetup?  Or to media outlets that do not disclose their (coin) holdings?  Before answering these, let’s look at a new phrase below.

Thirteen months ago I gave a short presentation talking about the “blockchain” hype cycle.

The month before that – in December 2015 – I mentioned how much of the enthusiasm surrounding “blockchains” seemed a bit similar to the exuberance around “gluten free” food: how most people at fintech conferences talking about “blockchains” really couldn’t explain why blockchains were great in much the same way that many people asking for “gluten-free” food couldn’t tell you why gluten is or is not good for you.

I explained this to my friend and he said that the euphoria surrounding blockchains – and its vertical rise on the Gartner hype cycle – is similar to what he observed and experienced in “the cloud” space earlier this decade.  And more specifically, to the phenomenon called “cloudwashing”:

Cloud washing (also spelled cloudwashing) is the purposeful and sometimes deceptive attempt by a vendor to rebrand an old product or service by associating the buzzword “cloud” with it. (Source)

So with that, I’d like to coin a new phrase: “chainwashing.”

I have personally seen dozens of decks from vendors along the entire spectrum of sizes during the current hype cycle.  And watched the evolution of “blockchain creep” — how over time the word “blockchain” would appear more frequently not just on each slide, but in scope and vertical.

For instance, there are couple dozen different startups that claim to have somehow built an enterprise-grade blockchain system without having to go through the arduous process of gathering the functional and non-functional requirements from the enterprises they intended to integrate with.  Magic!

While startup founders should shoulder the blame for these marketing gimmicks – as should the reporters that often own but do not disclose their (coin) holdings – investors are also to blame for not just talking their book, but also obfuscating their portfolio companies by pressuring them to rebrand retail-focused cryptocurrency products as bonafide “enterprise blockchain” platforms.  They are not the same thing.

So what are some evaluation criteria to help identity the signal from the noise?

If your job is to help filter vendors for financial institutions, governments, investment funds, or other large enterprises, then some of these questions may be helpful in determining whether or not your firm should engage with the vendor:

  • Why is the vendor using a blockchain?
  • What is the vendor’s definition of a blockchain?
  • Who has a problem that needs a blockchain in order to solve it: the vendor or the vendor’s customer?
  • What is it about a blockchain that solves a problem that couldn’t be solved with existing technoloogy?
  • If a blockchain-related infrastructure provides a solution to for the vendor, can it use any other existing technology to solve its needs?
  • Do the founders and management team have experience managing, building, and/or deploying enterprise-grade systems or critical infrastructure?
  • Does the vendor as a whole have the appropriate contacts and connections with institutions and regulators?
  • Does the vendor have enough run way to build through a long sales cycle?

By asking these types of questions our team has helped filter the 400 or so companies/projects into a much more manageable dozen.

We think the number of companies with legs will continue to increase over time but chainwashing will continue to be a noise pollution problem for the next few years in the enterprise world even after production systems have been integrated into institutions.

As a consequence, it is probably safe to assume vendors are trying to pull a fast one on you, especially if it involves needing your company to acquire a cryptocurrency or “permissioning off” an existing cryptocurrency.

Remember: cryptocurrencies in the vein of Bitcoin were intentionally not designed to integrate with and fulfill the requirements of regulated institutions (like settlement finality) any more than a helicopter was designed to handle long distance cargo hauling.  Chainwashing is the opposite of being fit-for-purpose and we see it with marketing gimmicks like “Layer 2,” the topic of the next post.

Send to Kindle

Citations, interviews, and events for the final third of 2016

Presenting at Bitcoin / Ethereum Meetup in Hong Kong

I ended up traveling a lot more than I expected last year, including 9 times just to East Asia.  The level of interest in that region will probably increase this year — especially as more projects and companies are funded — though I probably won’t do the Trans-Pacific shuffle nine times again this year.

As of right now there are probably just a small handful of startups in APAC that have the capital, connections, and capability to execute and build the commercial products and applications that are discussed at the plethora of fintech events.  And almost none of them have anything to do with a cryptocurrency itself either… because cryptocurrencies weren’t designed to solve most problems financial service organizations have.

Below are the interviews, events, and presentations I participated in the last few months of 2016.

Note: according to their stats, my “Settlement Risks Involving Public Blockchains” was one of TABB Forum’s top stories of 2016.

Quoted:

Cited:

Interview:

Events:

  • Smart Cloud Show 2016 from Chosun Ilbo on September 21, 2016 in Seoul, South Korea.
    • Keynote: “Blockchain and Financial Big Bang”
    • Coverage: Naver
  • Global Blockchain Summit event held by Wanxiang Blockchain Labs on September 23, 2016 in Shanghai, China
    • Presentation: “Opportunities and Challenges for Financial Services in the Cloud: Trade-offs in digitizing and automating finance” (R3 Blurb)
  • Fujitsu Laboratories of America Technology Symposium annual event on October 11, 2016 in Santa Clara, California
    • Panel: “The Blockchain Future – Challenges and Opportunities Ahead”
  • Fórum Blockchain event jointly held by Itaú and Bradesco on October 13, 2016 in São Paulo, Brazil
    • Presentation: “Smart Contracts: cryptographically secured, automated business logic”
  • MIT Fintech Course: Future Commerce on October 18, 2016 (virtual)
    • Discussion: “Distributed Ledger Technology Landscape and Regulations”
  • GAIM OPS West Coast annual event held on October 25, 2016 in Rancho Mirage, California
    • Panel: “Blockchain: What Exactly is it disrupting? Will it Negate Counterparty Risk?” (Photo)
  • CIO Study Trip hosted by the Capgemini Applied Innovation Exchange Lab on behalf of the IT Management Association on October 26, 2016 in San Francisco
    • Presentation: “Distributed Ledger Technology” and “Legal and Regulatory Challenges”
  • Day long discussions on November 9, 2016 at Cornell University in Ithaca, New York
    • Presentation: “Code is not law” (Photos)
  • Guest lecture at the Boston Economic Club on November 16, 2016 in Boston, Massachusetts.
    • Presentation: “DLT as Financial Market Infrastructure” (Photo)
  • Global Trade Review: West Coast Trade & Working Capital Conference on November 17, 2016 in San Jose, California
    • Panel: “Fintech investment and evolution of the trade finance sector” (Photo)
  • The Future of Financial Payment Services Driven by Technology Innovation on November 22, 2016 from Korea Finance Telecommunications & Clearings Institute 30th Anniversary Seminar in Seoul, South Korea
    • Presentation: “DLT as Financial Market Infrastructure” (Photos)
    • Panel: (Photos)
  • Inside Fintech on December 8-9, 2016 in Seoul, South Korea
    • Presentation: “Why Building Financial Infrastructure is Different than Building a Social Media App” (Photos)
    • Panel: “Regulating the Unregulated: How is Regulation and Compliance Impacting the Adoption of New Technology and Innovation” (Photos)
  • Ethereum and Bitcoin joint meetup on December 12, 2016 in Hong Kong
    • Presentation:  “On Consortiums: R3’s Tim Swanson in Conversation”
  • 13th annual China International Finance Forum on December 15, 2016 in Shanghai, China
Send to Kindle

DLT as FMI in Korea

Yesterday I gave a keynote talk at “The Future of Financial Payment Services Driven by Technology Innovation” organized and hosted by the Korea Finance Telecommunications & Clearings Institute (KFTC).

It was their 30th Anniversary Seminar and was held in Seoul, South Korea.

Below are the slides I presented on “Distributed Ledger Technology as Financial Market Infrastructure”:

Send to Kindle

Comments on the COIN ETF (SR-BatsBZX-2016-30)

Earlier today, with some help from the R3 research team (thanks for the grammar fixes!), I shipped a new paper to the consortium members.  This paper discusses several issues and challenges facing a Bitcoin-based ETF that was originally proposed a couple years ago by the Winklevoss twins (commonly called the COIN ETF).  It specifically looks at questions publicly raised by the SEC.

It bears mentioning that R3 itself is not in any shape or fashion involved with this ETF or in using the Bitcoin network.  This (tangential) paper solely represents my views and not those of my employer or companies I advise.  I worked on it in my spare time.

R3 typically makes research papers available 3-6 months after sending it to members, so check back here later next spring or summer to see if it has been posted.

Update 09/2017: many months later an egg tweeted that it has been posted online at Scribd and Docdroid (pdf)

Send to Kindle

Emochain and Statistchain

[Note: The views expressed below are solely my own and do not necessarily represent the views of my employer or any organization I advise]

Why open/permissionless and closed/permissioned terminology has become a muddled red herring of totems

It is common to see startups, enthusiasts, and advocacy groups boast how they support “open,” “public,” and “permissionless” innovation.  Their lollipops and rainbows narrative can be found on a multitude of websites, social media accounts, and on panels at conferences.

Similarly several well-to-do consultancies and buttoned-up fintech companies use stoic marketing terms like “permissioned,” “trusted,” and “private” to describe their platforms to what are assumedly monocle-wearing, high-brow clientele.

But very little long-form has been spent explaining what these actually mean beyond superficial warm feelings either side is trying to engender.

Both are at fault for taking a page from the politically charged play book of terms like “pro-choice” and “pro-life” — I mean who wants to be labeled as anti-choice or anti-life?  Or in this case, who would want to be known as anti-open and anti-permissionless?    Or as John Oliver might say, who wants to hang out in intranet sandboxes all day when there is a big fat thing called “The Internet” you can troll on all day instead?

Aside from the fact that “The Internet” is just a bunch of highly regulated, permissioned intranets tied together with KYC and peering agreements, let’s de-escalate and take a quick step back for a moment to focus on two diametrically polar opposites: anarchic and archic networks.1

Why?  Because that’s ultimately what these two camps are fighting a war of words and hashtagged rhetoric about.

Defining definables

There are some general commonalities between anarchic and archic chains but before getting there, what does anarchic mean in this context?

An anarchic network — in this case an anarchic blockchain — simply means a chain that purposefully lacks any ties to legal institutions and nation-state infrastructure.  That is to say, the architects of an anarchic chain set out to create an extralegal virtual-only entity that is divorced from governments and regulators; entities that could censor data transfers and on-chain activities.   Currently, anarchic chains are euphemistically called “public blockchains” to have better marketing varnish at cocktail parties in DC.

There have been multiple attempts to build anarchic-types of networks in the past (such as Tor); perhaps the most popularly known anarchic blockchains in use are Bitcoin and Ethereum.

Anarchic can also mean that a chain, or a network layer, has no formal or de jure governance process for handling disputes.  In this case, both Bitcoin and Ethereum (among others) are double-fisting anarchy.

I am a millennial, is there another way of saying all of this in less than 140 characters?

Not that there is an official marketing slogan but:

  • Bitcoin is supposed to be an unstoppable payment processor (title and abstract of the whitepaper)
  • Ethereum is supposed to be an unstoppable computer that can run and execute untrusted code (motto from Foundation’s website)

In contrast, as can be expected from its name, archic chains and networks explicitly tie into traditional legal infrastructure, into the ‘old world’ laws of physical nation-states.  In addition, many archic chain creators attempt to bake-in and enable on-chain dispute mechanisms and methods for handling disputes off-chain in the event there is a problem.2

Boring laws and wet oppressive code, right?

But wait, there’s more.

I think my favorite tweet last year was along the lines of: sometimes my browser crashes, occasionally I have to restart my phone, but gosh darnit my self-driving car will always work without a hitch!

And that naïve thinking pervades a lot of the development teams in the fintech space.

Sure it’d be cool if you can automate all of the value transfer processes globally with cryptographically assured, tamper-evident mechanisms — but in case something screws up or a governance dispute occurs, you have to design for the fact that somewhere Edward Murphy is in your system with Chaos Monkey.3 And so too it will be with magic internet chains.  Without explicit governance and dispute-resolution mechanisms we will just revert back to our lowest common denominator: arguing on reddit with memes.4

Common ground

By their nature these two worlds are polar opposites in terms of network designs, assumptions, and goals.

With that in mind, below are three commonalities that both types of networks have but each of which is handled differently:

(1) Both have permissioning

(2) Both have cryptographic-linked data structures

(3) Both use ‘other peoples computers’

What does each of these mean?

For anarchic networks like Ethereum and Bitcoin, permissioning — that is to say, deciding who gets to change and update the log of records, or in this case digitally sign blocks, is usually handled via proof-of-work.5

Permissioning in this specific case has nothing to do with what kind of applications can be used on it, who can look at the code, who can modify the code, who can send transactions, etc.  These are all tangential to the key foundational question of who gets to digitally sign and update the log of history in the first place.  After all, the Bitcoin whitepaper wasn’t an exegesis on cloning software libraries and GPL versus MIT licensing maximalism now was it?6)  In fact, to-date several vendors have released open-sourced versions of “private” gated chains — so you can have one without the other.7 Nor did KYCing internet access kill innovation on the internet.

While some promoters like to use terms like “dynamic” to describe the log signing / block validation process on the Bitcoin network, in practice there are roughly 15-20 ‘permissioned’ block makers / log signers on the Ethereum and Bitcoin networks at any given time.8

That is to say, the entire “membership pool” of block signers at any day of the week is fairly static.  Some come and go over time but in general there is a quasi-static membership pool of block signers; and the operators of these membership pools is generally known and no longer identity-less (pseudonymous).  They even sit on stage at public conferences and pose for pictures and… bring photo journalists to their actual data centers.9  There is a joke about the first two rules of Fight Club in there somewhere.

This creates some fundamental problems surrounding the goals of achieving censorship-resistance as well as the goals of routing around regulatory regimes.  Recall that neither Bitcoin nor Ethereum were designed to interface with the traditional legal system which compels validators, payment processors, custodians, and financial intermediaries to comply with a bevy of identity management and consumer protection requirements.

In fact, anarchic chains were designed to do just the opposite and instead maintain a network that enables identity-less participants to move data peer-to-peer without complying with a list of external rules and governance processes. As noted above, anarchic chains set out to be their own sovereign entity, a type of virtual nation-state divorced from traditional legal infrastructure altogether.

And to achieve their objective of enabling identity-less participants to transfer data from one to another without having to be vetted by a party capable of censoring the movement of data, the network designers believed they could make their network of validators and block makers — the cloud of machines processing payments and providing digital signatures — decentralized to the extent that the overall network could maintain reliable uptime in the face of network splits as well as malicious activity from governmental and Byzantine actors.

So in summation, anarchic chains:

(1) typically achieve permissioning and log appendation by requiring (originally) identity-less participants to submit proofs-of-work that consume and irreversibly destroy real economic value (e.g., fossil fuels);

(2) the log of history and payments therein is appended via a digital signature controlled by a nominally identity-less, quasi-static participant who is able to propagate the proof-of-work first across the rest of the network;10

(3) this log of history — in both theory and practice — is propagated to other people computers in other countries in order to attempt to achieve uptime in the face of network partitions and adversaries.

In other words, checkmate statists!

Law maximalism

So what about that cold, heartless world of closed, walled-off gardens managed by intranet builders and training wheel makers?  After all, anarchic chains are supposedly too woolly for regulated institutions like banks and according to random people on social media who talk to other random people on social media about financial infrastructure in 140 characters, banks now have decided to reinvent databases… But With Blockchain™.  Because banks — which collectively have built and operate the largest IT infrastructure globally — don’t understand technology and have just rebranded SQL databases to get some easy softball press releases.  Right?

It’s hard to talk about archic chains in the same snarky depth as anarchic chains because there are so many different ones under development that are taking different tact’s and approaches to solving who knows what.  But challenge accepted.

As Ian Grigg explains, part of the problem entrepreneurs are facing is that “permissionless” can be defined, sort of, but the opposite of permissionless is harder to define.  If we accept it means “with a permission” then we could ask, what permission?  How many?  When, where, who, etc.

Are we talking about permission to enter (walled garden), permission to make any transaction (identified keys not pseudonyms), permission to act (approved by regulator in each instance), permission to put money in, permission to take money out?  All of these permissions have regulatory, architectural, societal, and marketing success implications so it isn’t really plausible to talk about a permissioned system as a thing, it’s more an anti-thing.11

With the private/permissioned world of buzzword bingo, a lot of the platforms are ill-conceived forks of cryptocurrencies that weren’t customized at all for capital markets.

Satoshi wasn’t trying to solve for frictions in the post-trade world of clearing and settlement of regulated institutions.  And Vitalik didn’t wake up 3 years ago and say, “Holy hell the $65-$80 billion in post-trade reconciliation processes could be significantly reduced tomorrow if I build an unstoppable computer program replicated across thousands of nodes!”12

So simply forking Bitcoin and gutting the PoW mining apparatus to move pre-IPO cap tables around or track airline points cannot really be called “fit for purpose” especially since it seems that you can pretty much do the same exact thing with existing off-the-shelf technology.

What can’t be done with an extant databases?

That’s a good question, and one a lot of reporters miss because they aren’t interviewing IT managers at banks — who cares what some social media app designer or Bitcoin API developer thinks about back-offices at banks, talk to actual core banking architects.

The fundamental reason that regulated financial institutions have all collectively done steeplechase into magic internet chains track & field is this: there is no such thing as an off-the-shelf system that allows them to move value from their own internal ledgers to outside of their organization without having to rely on a cornucopia of 3rd parties.  There is no such thing as a global shared ledger standard designed around their operating requirements.   For instance, the aggregate reconciliation process and back-office operations that exist today doesn’t make sense to those used to Gmail swiftness or HFT speeds as seen in the front-office activities of trade.

Banks (and other institutions) are looking for novel, secure solutions to reduce certain legacy costs and have been looking at an army of different technology vendors for years to do so.  But as I have pointed out before, there is no such thing as a fit-for-purpose distributed ledger that can provide the type of back-office utility (yet).13

What does that mean?

Fit-for-purpose means that some team of geeks sat down with other teams of geeks at banks to talk about super unsexy things for months and years on end to solve specific issues based on a set of explicit functional and non-functional requirements at said bank.

If your team didn’t do that massively boring requirements gathering process then you’re gonna have a really bad time going to market.

If you simply just start building a blockchain app for blockchain app sake, you will likely end up like BitPay or ChangeTip.  At least with anarchic chain architects themselves, to their credit, are often attempting to solve for a specific problem-set: how to enable censorship-resistant activities in the face of censorable mandates.

On the other hand: if Bitcoin or Ethereum could do the zillions of things that Bitcoin or Ethereum proponents claim it can do, then of course everyone might use it.  It doesn’t, so unsurprisingly many companies and institutions don’t.  And before getting all high and mighty about “not giving little poor Bitcoin a chance” — financial institutions globally have done over 200 PoCs on forks of cryptocurrencies or even cryptocurrency networks themselves.  They discarded nearly all of them because — spoiler alert — anarchic chains were not built for the requirements that regulated banks have.

Archic chains are not a panacea to everything and they are certainly not the most exciting thing since the invention of the Internet: OxiClean was, and you could only originally get it by calling a 1-800 number.14

The tldr for archic chains is that they:

(1) typically achieve permissioning and log appendation by gating and white-listing the operators of the validation process; this usually involves drawing up a legal contract and service-level agreement specifying the terms of services, quality of service, and how disputes are handled.  Because validators are known and legally accountable, proof-of-work is unneeded and marginal costs actually remain marginal (as opposed to MC=MV relationship in PoW networks)15

(2) the log of history and payments therein, is appended via a digital signature controlled by a known, identifiable potentially-static participant who is can propagate the transaction and block to the rest of the participants whom are permitted to interact with the transaction

(3) this log of history — in both theory and practice — is propagated to ‘other people computers.’  In the archic case, it may be a regulated cloud facility (e.g., sovereign cloud) that complies with all of the regulated data requirements of a specific jurisdiction.  (This may sound like an unimportant area of interest, be sure to look at this presentation.)

Or in short, with archic chains: validation and block signing is handled by known, identifiable parties whom have the appropriate licenses to handle regulated data in the jurisdictions they operate in.

Because of laws like the General Data Protection Regulation (GDPR), replication of regulated data to everyone everywhere ends up in Bad News Bears territory pretty quickly.

Conclusions

I purposefully tried not to use the word “immutability” because the term has been bludgeoned by totem warriors on all sides this past year.  It’s to the point where some cryptocurrency advocates sound like Luddites because they do not acknowledge that immutability is simply achieved by running data through a hashing algorithm, that’s it.  It’s one-way and irreversible and has nothing to do with proof-of-work.  All PoW effectively does is delegate who can append a log in an untrusted network.

As a matter of fact, there is oodles of immutable data that predates cryptocurrency networks like Bitcoin, housed on a sundry of databases worldwide.  And on the other hand, you have consultancies wearing out the word “immutability” as if it about to go out of fashion and they get a year-end bonus for saying it three-times fast.

We are nearing the end of year two of the grand totem wars, of the nonsensical permissioned versus permissionless wannabe debate.  There is no versus.  Fundamentally Sams’ Law is empirically valid:  anything that needs censorship-resistance will gravitate towards censorship-resistant systems and anything that does not will gravitate towards systems that can be censored.16

There are ironclad trade-offs: a network cannot simultaneously be censorship-resistant and tied into legal infrastructure.  A chain cannot be both anarchic and archic.  One set of utilities has to have a priority over the other (e.g., definitive settlement finality versus probabilistic finality) otherwise it all begins to look like the chimera that is the permissioned-on-permissionless ecosystem.17

As a consequence, anarchic chains continue to act as testnets for archic chains.  That is to say, both the Bitcoin and Ethereum ecosystems are effectively providing free R&D to network designers who will learn from the mistakes and incorporate the relevant solutions into their own future systems.  After all, why use an anarchic chain in which governance is handled by anonymous eggs on Twitter and (ironically) censorship-happy moderators on reddit?  Perhaps things will change and the great expectations promised by anarchic chains will come to fruition.  In fact, if Boltzmann brains can exist then that is always in the realm of possibilities.

In the meantime, it’s worth reflecting on what Dave Birch recently pointed out: there is no such thing as a cloud, just other people’s computers.18  And each jurisdiction regulates the activities of what can and cannot be processed and serviced on certain machines.  Perhaps those laws will change, but they might not.  It will be worth checking in on the Emochain and Statistchain caricatures in the coming months: maybe the State will wither and die like Zerohedge has predicted 7,934 times in the past.  Or maybe Panoptichain will be built instead.  Or both simultaneously as the consultants behind Schrödingerchain would have you believe.

Immutability!  Immutability!  Immutability!

Endnotes

  1. Archy and Anarchic Chains []
  2. Smart Contract Templates: foundations, design landscape and research directions by Clack et al. []
  3. Edward Murphy is the namesake of “Murphy’s Law.”  See also: Netflix attacks own network with “Chaos Monkey”—and now you can too from ArsTechnica []
  4. Code is not law []
  5. Why does Ethereum plan to move to Proof of Stake? from StackExchange []
  6. “We were successful exactly because we were *not* maximalists.” – Linus Torvalds (source []
  7. See the Hyperledger github repo []
  8. The term “dynamic-membership multi-party signature” was used in the Blockstream whitepaper []
  9. Self-doxxing, dynamic block making and re-decentralization of mining []
  10. It’s actually not necessarily the first — as blocks can become orphaned — but rather which block ends up being built on by other block makers []
  11. “So maybe the debate is over comparing an apple to a citrus fruit – mandarins, tangerines, grapefruits, lemons etc, and everyone is assuming their particular flavour.” Many thanks to Ian Grigg for this passage. []
  12. Blockchain: Back-Office Block-Buster from Autonomous Research []
  13. Designing a Global Fabric for Finance (G3F); Blockchain, Bitcoin and the rise of banks as shared ledger providers; Explore the Blockchain, Ignore the Bitcoin Maximalists []
  14. OxiClean []
  15. See Some Crypto Quibbles with Threadneedle Street and Bitcoins: Made in China []
  16. See slide 13 []
  17. What is permissioned-on-permissionless?; Settlement Risks Involving Public Blockchains []
  18. Dave Birch, September 20, 2016: Source []
Send to Kindle

Citations, presentations, and panels

Below are a number of events, presentations, panels, and interviews I have participated in over the past three months.

Academic citation:

Quoted:

Presentations:

Interviewed:

Panels:

Cited:

Send to Kindle

Non-technical Corda whitepaper released

Earlier today our architecture team released its first public whitepaper on Corda.

The WSJ covered it here and here.

Consequently I am somewhat puzzled by news stories that still refer to a “blockchain” as “Bitcoin technology.”  After all, we don’t refer to combustion engines in cars as “horse-powered technology” or an airplane turbine engine as “bird-powered technology.”

A more accurate phrase would be to say something like, “a blockchain is a type of data structure popularized by cryptocurrencies such as Bitcoin and Ethereum.”  After all, chronologically someone prior to Satoshi could have assembled the pieces of a blockchain into a blockchain and used it for different purposes than censorship-resistant e-cash.  In fact, both Guardtime and Z/Yen Group claim to have done so pre-2008, and neither involves ‘proof-of-work.’

Fun fact: Corda is not a blockchain, but is instead a distributed ledger.

Send to Kindle