Visualizing sidechains and tabulating the aggregate losses of UTXOs (bitcoins)

Last night I gave a presentation covering the new sidechains “blockchain 2.0” project from Austin Hill and Adam Back. I also covered some of the challenges of information security on the edges of the Bitcoin network.

The talk is based largely on a paper I finished drafting this month called: “Learning from Bitcoin’s past to improve its future” (pdf)

Below is a video of the presentation as well as the corresponding slides. All errors are my own. Many thanks to: Dave Babbitt, Preston Byrne, Hudson Cashdan, Joseph Chow, Petri Kajander, Taariq Lewis, Jonathan Levin, Andrew Miller, Pieter Nooren, John Ratcliff, Robert Sams, Koen Swinkels and Andy Toshi for their feedback and constructive criticism.

Send to Kindle

Quote of the day: depreciating value of exported electronic goods from China

A rail cargo line has been “relaunched” between Europe and China that is one month faster than traveling by sea and costs 20% the price of air cargo.

What is the motivation for restarting this potential time + cost savings?  Because:

In a month, the export value of one consignment of electronic products might devalue by about two percent, about several tens of thousands of dollars.

This actually relates to Bitcoin/Litecoin mining as well.  Most ASICs today have less than a 6 month profitably window before they need to be dumped or pointed to another profitable altcoin.  The sooner you ship a batch, the quicker the receivers can recoup the costs.

See China-Europe railway relaunches from China Daily

Send to Kindle

Adding the first GPU farm to the Computer History Museum?

Apropos the previous post about ArtForz’s GPU farm, I exchanged some emails with Stephen Gornick who apparently tweeted about this almost 4 years ago (here and here).

Below is an image of ArtForz’s ArtFarm.  Notice how you can visually identify 20 GPUs.  At its height he used 24 and it is unclear if these in the image were all 5970s because he mentioned having several others (including several 5770s and a 4870).

artforz farm

Send to Kindle

How ArtForz changed the history of Bitcoin mining

[Update: according to Nathaniel Popper’s book, Digital Gold (as well as in The Age of Cryptocurrency), Laszlo Hanycez is the first publicly known individual who actually utilized a GPU to mine bitcoins, two months prior to ArtForz.]

[Note: in conducting research for a new paper (pdf) on Bitcoin, I culled together the following interesting information on the junction between solo mining, GPU mining and pooled mining]

ArtForz is arguably one of the most interesting individuals in Bitcoin in that he abruptly appeared out of nowhere and simultaneously understood an incredible amount of hands-on knowledge about how to tweak mining hardware performance. He did not make his first forum post (assuming it is not a pseudonym) until July 24, 2010, nearly two weeks after Slashdot announced the version 0.3 bitcoind release and a week after his farm (“ArtFarm”) purportedly found its first block. On July 25 he claimed to have generated 1,700 bitcoins in the previous 6 days which translates into 4% marketshare (43,200 total bitcoins mined over six days / 1,700 = 4%). One user estimate the hashrate necessary to do that at 80,000 KHash/s (or the equivalent of 8 quadcore server CPUs).  In his very last post on Bitcoin Talk two years ago, he mentioned that his farm comprised of 24 Radeon 5970s. If tweaked properly (which he may have been capable of), these would each net a theoretical maximum 800 Mhash/s creating a farm of 19,200 Mhash/s (an upperbound).

Getting to the bottom of the numbers

On August 25, 2011 he stated his farm was less than 1% of the total network hashrate. For comparison, during August 2011 the difficulty rating was around 1.8 million thus ignoring the increased hashrate of competitors, this theoretical upperbound setup was capable of generating 8.38 bitcoins per day. Theymos (creator of Bitcoin Talk, moderator at reddit and now “owner” of the Bitcoin Wiki) noted on October 3, 2010 that ArtForz had a system that held roughly 20-30% of the network hashrate. For comparison, user ‘tcatm’ (Nils Schneider) built a system with three Radeon 5870s operating at 983 Mhash/s, announcing it on October 3, 2010.  Based on the current difficulty at that time tcatm was generating 749 bitcoins per day (~10% of the network).  Schneider later that month went on to build one of the first publicly usable distributed hash farms among other projects.

Theymos also stated that ArtForz was the first person to GPU mine (writing the code himself, which based on his forum posts is very plausible) and in January 2011 explained on the Bitcoin Wiki that ArtForz comprises about 25% of the hashrate.  Yet it is unlikely that this system was the one utilized in July 2010.  And I will describe how and when it likely was.

According to the Bitcoin difficulty rating, the largest jump ever (300% at block 68544) took place several days after the announcement on Slashdot that version 0.3 of bitcoind was release which brought in a large amount of new adopters and miners. At the time, the network hashrate was roughly 1,300 Mhash/s or an entire order of magnitude less than the capability of ArtForz’s farm. However one clue he provided in December 2010 is that the cards he was using were overclocked 5970s hashing at 625 Mhash/s (20% slower than that upperbound estimate).

If this is the case, then the collective hashrate of his system was 15,000 Mhash/s which at the 12252 difficulty level he cites would generate 1,231 bitcoins per day which is approximately 17% of the network hashrate. If the upperbound is used instead, his hash farm would have generated 1,477 bitcoins per day, roughly 20.5% of the network hashrate. While speculative, based on the jump in difficulty and hashrate between blocks 94572 and 9678 the previous week, if this was his farm coming online, it would have generated 2,241 bitcoins per day, or 31.1% of network hashrate.

Taking this forensics a step further, by looking at IRC logs, on September 23, 2010 ArtForz noted he had around 2 Ghash/s and was targeting 15-20% of the total network hashrate. This was comprised of 2 overclocked Radeon 5970s each generating more than 650 Mhash/s and also 4 Radeon 5770s – based on a difficulty rating of 918 this farm was generating 2,191 bitcoins per day (~30% of network hashrate). On September 28, he mentioned he had ~2.1 Ghash/s and another 850 Mhash/s “on and off” and the following day that the collective power was just over 3 Ghash/s. On December 15, 2010 ArtForz noted on IRC that he had 15.75 Ghash/s which at the current difficulty of 12252 would generate 1,292 bitcoins per day and this farm still used Radeon 5770s.

Or in short, ArtForz figured out months before anyone else, how to not only leverage the capability of GPUs, but write the code and deploy a small scale farm (which was initially powered by a generator).  He also later used FPGAs and an sASIC (structured ASIC).  This type of economies of scale spurred the hashrate arms race that continues today.

Contrast this with Satoshi Nakamoto who noted early on in December 2009 that, “We should have a gentleman’s agreement to postpone the GPU arms race as long as we can for the good of the network.” Satoshi was thus surprised that these types of systems could be built, stating in October 2010, “Seriously? What hardware is that?”  ArtForz’s farm was also discussed by Charles Lee (creator of Litecoin) in February 2013.

While I have learned of his probable location during this time (which is unimportant) two other notable facts about ArtForz:

1) on September 23, 2010 he mentioned he had 26,650 bitcoins all from mining from the previous 9 weeks and that this was left over from a much larger batch; in his words he “sold off about 2/3.”  Assuming he began mining on July 18th (based on his forum post stating that) that would make 66 days since his first block which is just over 9 weeks.  Based on block rewards that would mean of the 475,200 bitcoins that were mined during that period his own pool (~75,000) represented 15.78%.  In contrast, roughly 5,000 people were mining by mid-September (his estimate), typically on laptops and older desktop equipment.  The only other publicly known person during this same time frame moving and trading this amount of tokens (and with similar hashrate) was William Pitock (Nenolod).

2) he also tested the limits on a variety of early altcoins such as SolidCoin, i0coin and GeistGeld.   Charlie Lee gave a great presentation on the early history of alts back in January at the BTC Miami Conference (video) (slides).

His identity was seemingly retired two years ago and I am not aware of his next project(s).  Next however, was the first mining pool, Bitcoin Pooled Mining operated by Marek Palatinus (slush), which began public operations on November 27, 2010.  And consolidation and centralization has been happening ever since.

Coda: a few more timeline mysteries solved, looks like a few guesstimates above were very accurate.  Tonight someone from the Bitcoin Talk forum sent me a message with a few more details about the numbers regarding the early days of ArtForz’s farm.  According to IRC logs, on August 9, 2010, ArtForz notes that, “I’m still limping along at ~ 76000khash/s.”

Four days later he notes the following in IRC:

[13/08/2010 15:07:27] <ArtForz> currently I can do up to ~450000kh/s
[13/08/2010 15:11:13] <ArtForz> cpu? 6 ati HD 5770s at 77-78000kh/s a pop
[13/08/2010 15:13:17] <ArtForz> a 5770 is ~75Mh/s at stock clocks
[13/08/2010 15:15:33] <ArtForz> well, I’d say total hours for the software… about 40 or so, but most of that was optimizing to get another +20% performance or so
[13/08/2010 15:16:42] <ArtForz> the first modified client + opencl miner were about 12h of work
[13/08/2010 15:22:53] <ArtForz> If I sold the BTC I have sitting here right now at $0.04, I’d have made back the initial investment for GPUs, power costs and a few $100 for my time
[13/08/2010 15:24:35] <ArtForz> well, guess what, I’m not really planning on selling any large number of these any time soon

Send to Kindle

Decentralized storage on the horizon

In addition to existing projects such as Tor(oken) and FreeNet and future developmental projects like Bitcloud and StorJ, there is a new decentralized system being released in the next few months: MaidSafe.

I have a new piece over at Bitcoin Magazine that discusses some of how it works.  Suffice to say, if they can execute on the targets outlined in the article, it could have long-standing ramifications for a plethora of industries (e.g., SaaN providers, ISP margins, start-up costs, Dropbox-style companies, reduced overhead at NGOs/NPOs, etc.).

Send to Kindle

None of the Top 500 Bitcoin addresses uses on-chain multisig

Even though m-of-n transactions has been supported since the acceptance of BIP 11 in 2011 and BIP 16 the following year, implementations of multisig has been slow going until recently due to lack of support from wallet software.  This will likely change, yet as of today, no address on the Bitcoin Top 500 Rich List uses on-chain multisig (though perhaps some exchanges do in off-chain setups).

BitGo was the first commercial multsig wallet released and Cryptocorp has a neat oracle-based HDM solution to this.

In addition to reading through the relevant threads on StackExchange, be sure to watch James D’Angelo explain how multisig works:

Send to Kindle

What is a Merkle tree?

James D’Angelo has an excellent series of tutorials on the inner workings of blockchains and cryptoledgers.

One of my favorites is by far his explanation of what a Merkle tree and Merkle root are, breaking them down step-by-step.  He bases his code off a really cool blog post from Ken Shirriff: Bitcoin mining the hard way: the algorithms, protocols, and bytes

[Quick endorsement of Ken, I found several of his posts very helpful and cited a number of them in GCON.]

Send to Kindle

Paraphrased notes from Back and Hill interview

Below are some paraphrased notes from the new “blockchain 2.0” interview conducted by Adam B. Levine (editor-in-chief of Let’s Talk Bitcoin) between Adam Back and his business partner Austin Hill.

Be sure to listen to the full interview (and here is my write-up from the previous post as well).

  • When people talk about building on top of TCP, this is the way to do it, which is the interoperability using existing bitcoins themselves to move them.  If I have a bitcoin to buy for small payments like a cup of coffee, I move it into a sidechain that has higher transactions per second and then move the change back into the main Bitcoin network and then put it into a different side chain to invest it a Bitcoin denominated derivative against US dollars or buy electronic shares or something like that.  Bitcoin is used as interoperability level moving across the pegs, allows open innovation in a neutral sense without creating a new scarcity race.
  • Building the infrastructure so these sidechains can take advantage of the global hashrate through merged mining but with some additional extensions. But there are some core services that you do want such as good PKI for the registry, digitally signing for sidechains and new asset issuers, clear disclosure if people can move assets between chains, wallets can tell what properties of the side chains (when you get asset from the side chains, you are aware).  We don’t see a justification for a lot of these altcoins switching out the proof of work besides Adam’s contribution with hash cash, it ignores $250 million in ASICs and datacenter that bitcoin is self-funded as a platform for verification.  We think trying to bootstrap a new global hashrate infrastructure is kind of pointless.  Makes more sense to use what is out there Namecoin has achieved 80-85% of Bitcoin hashrate through merged mining.
  • It is a preferable approach to these other 2.0 projects because it is an interoperable approach so you can move money around and interoperate between different networks, different side chains.  The typical TCP analogy people use here is inaccurate as they just send watermarked bitcoins; with TCP you send users messages point to point, if you send it over the bitcoin network it’s an n-squared broadcast and the things sent on the bitcoin network should be about the minimum amount of data necessary to ensure the bitcoin properties, that the value transfer can be tracked, that smart contracts can be evaluated like multisig and so on.  Any data like “this is my email address,” or “this is a receipt,” does not belong on the bitcoin network.  That is what the payment protocol is for, point to point to people. [BIP 70 is the payment protocol]  I think some of the people building on top of Bitcoin are doing it in a naïve way, which is a disruption to Bitcoin.  For example, even Colored Coins which is quite neutral and clean, no digital scarcity race, but has scalability issues because if transaction volume reached a significant volume it could saturate the Bitcoin network.  Right now the transactional limit is 7 transactions per second, increasing block size incurs centralization risk because you need a highspeed link, decent bandwidth if it gets too large.
  • It also breaks with colored coins, Adam showed Austin, David Chaum’s ecash server he had come up with coloring DigiCash coins and watermarking them and even last year he still thought it was the best approach to add extensions but saw that with SPV wallets, Colored Coins don’t work with SPV wallets and we live in a world where mobile wallets are a predominate device so if Bitcoin is going to reach its full potential for interacting with billions of people, Colored Coins just doesn’t work in that scenario because you cannot have a full node on a smartphone.  On top of which nobody had contemplated how will this capability of watermarking work?  If people color different assets the same color, who is the arbiter (e.g., ‘blue’ for both a share and copyright registration)?  So there were ideas but no one had really thought out, with SVP, with some sort of asset registry, whether you do that in a distributed basis like Namecoin does or you that in a centralized PKI signed registry service, need supporting infrastructure to make it work.  People got enamored and went off and watermarked a bunch of things.  How can we allow for some of the properties of native marking, new asset issuance, extensions to the scripting, build on a neutral platform.  The principles from our project: permissionless innovation, decentralize wherever possible, decentralize and distributed.
  • A lot of people are interested in the potential for user created assets and smart contracts, they see that can be used a lot in the future, trustless escrow.  Colored Coins, Mastercoin, Bitshares and Ethereum have come in and add stories, creating networks.  Pegging technology is the next step of technological improvement in an interoperable way.  Built on top of Bitcoin in a way that does not result in spamming or watermarking bitcoin transactions that makes every transaction a bid/ask, saturating Bitcoin.  You don’t need to do that.  Sidechain that is pegged to bitcoin, so there is no counterparty risk, no escrow agent holding your bitcoin.  Your bitcoin can move between networks which are tied, in that sense they are merged mined.  People can do their innovation in interoperable way.  Early days in TCP/IP, if every time somebody wanted to make media streaming, webpages, online shopping, each time they make a fork of TCP protocol, made a few changes so it is an incompatible network and said “great we’ve done online shopping,” yet none of these things talk to each other, you have to pull them out and put them back in to achieve anything.   So you get network effect by having interoperable systems.   So if we have different people working on micropayments, online shares, high frequency trading, to do all these things on different networks that are open networks, preserve the freedom to innovate, fully interoperable and operate with two-way pegs, best of both worlds: freedom to innovate, avoid the silo effect, and we avoid these self-defeating selfish ‘newshares’ that some things get built on top of.
  • We don’t want to see another Mt. Gox, exchanges have had a high failure rate (theft, incompetence, internal malfeasance).  New players are doing security audits, but these are in off-blockchain, trust-me model, holding private keys.  We need to extend trustless blockchain into new parts of the ecosystem but you can only do that if the blockchain can scale to have more of every interaction depend on the blockchain.  Some exchanges were doing more than 7 transactions per second.  There was a practical limit to go off-chain.  Creates an IOU situation where someone promises not run away with bitcoins.
  • Smart contracts off: build infrastructure, services, exchanges, payment processors — build components in a decentralized way, build service in a trustless way (smart contracts).  And almost all the system players are not using it.  Somewhat an artifact of the transaction limit.  Can switch coins using an atomic swap.  It is a known property, but not widely used.  So an exchange can simply be matching orders and not touch the coins.  Remove the need for audit, audit is after-the-fact-reactive.  If we had audits every 6 months on Mt. Gox, that doesn’t mean the situation would have been avoided.  The point with bitcoin is you have a real-time audit, if someone tries to do something outside of a smart contract, it is a priori prevents this.  By architecting these things where you don’t have to trust them, you trade with air-gapped wallets — exchanges just handle order matching.
  • New model: Exchanges can compete on marketing, building liquidity, volume, customer service, regulatory compliance, making it easier for you to file your taxes, a whole bunch of things they can innovate on.  But the basic security model isn’t: trust us with your assets.  It is trust us with creating the best market place where you can find the best liquidity and the fastest and best customer service.  But you never need trust us with your assets.
  • We have focused on the last two months on the core science, we gathered a number of the Bitcoin core developers from around the world. Many of whom who hadn’t even met each other.  We set up a house in California where they all came and collaborated, some of them lived in the house.  Called “The Bitcoin Mansion” – not a mansion.  A lot said that this approach was “not possible, we don’t believe in it the ability to do a two-way peg and retain all the properties and build a security wall.”  We have now proven that it is, we have gotten sign off and support from a lot of the core developers.  But even that change is going to require some time.  There is a community at large that needs to understand it, there is a proving period that needs to be there.  These guys are incredibly overlooked by ecosystem that depends on them, volunteers who are controlling some of the most important code on the planet, next to the space shuttle.  If we have space shuttles and stations blowing up, it can ruin space exploration.  If they screw up, they can ruin math-based currencies or set them back incredibly far.  So they have to be very judicious and patient in adopting changes.
  • This creates contention. Whereas you look and see that particular project is cool, but you cannot afford to pay attention to a pet project. Can’t accidentally introduce a bug.  It means that innovation on core is slow, because conservative, value preserving, focus on robustness, fixing minor bugs, very careful gradual change.  Two way peg, requires moderate high risk change.  Bootstrap problem, evaluate the change or set of changes and be sure that it is safe.  But once that is done it allows people to do innovation on side-chains, explore new ideas.  If ZeroCash wants to do something on a side chain.  If in 6 months, they want to increase the block chain, they can do that.  If Bitcoin main wants to reduce the block size to increase decentralization.  Someone wants to do something, changing contracting language, tagged user assets that are SPV compatible, they can do on another side chain.  People with different views on a contracting language can do it on a different sidechain.  Frees up the space to allow open innovation very rapidly, without creating risk for Bitcoin main.  Security firewall, you can only move bitcoins in that have been moved out.  Value does not float against other chains, implemented protocol that fully preserves 21 million supply.  Only Bitcoin chain is being mined, the others are repositories where you can move bitcoins into them and back out.
  • Incentive to mine these: we believe there will be, not disclosing, in discussion with a lot of the large miners and mining pools on making sure they have good incentives and good reasons to merge mine this.  And there will be an economic model that supports participation.  It won’t be based on mining rewards so obviously that leaves transaction fees but there is a transaction model that is flexible, is market based allow each of these sidechains to have their own innovations, but collectively all of them together can increase the transaction fee revenue for people who merge mining this.  From complex systems design and merchant property is that this will actually drive demand for Bitcoin, other interesting assets or contracts that can be written against bitcoin.  We have had discussions with some very large financial institutions who are looking at volumes of transactions and contracts and derivatives, futures, options contracts, that are orders of magnitude larger than the entire bitcoin asset base.  Huge.  When you start looking at embrace or extend the functionality to include part of their asset base, encoding into blockchain technology, you can start to see the demand for bitcoin will far outpace the availability and will ultimately drive up the price of bitcoin.
  • Once someone bring an open network for supporting smart contracts against other assets, that opens up a wider set of transaction types so you would expect the transaction throughput to go up, dollar transaction to go up.  Bitcoin is the neutral transactional currency, therefore the amount of bitcoin denominated transactions go up, which puts up the utility value of bitcoin.
  • You can do different block intervals on a sidechain, counter intuitively, because when you are merged mining with say Namecoin that means some namecoin blocks are not bitcoin blocks. And vice versa so you can have a different target, smaller faster blocks it is possible.
  • Two members of the team have figured out how to scale to hundreds of thousands of transactions per second while retaining all of the properties of retaining a blockchain security model.  And those innovations will have high frequency trading, very high speed liquid markets and exchanges that are using blockchain security model and blockchain trustless infrastructures, but meet the business requirements that are necessary to do high volume. And that is definitely our projects scope to make those platforms available for people who do have, someone who wants to compete with Visa but I can see myself hitting, 20, 30, 40, 50,000 transactions per second.  Where am I going to be able to process those and be able to get instantaneous transaction verification without having to wait for the limit of the blockchain.  We think it will be possible and trustless security model of the blockchain.
  • Right now combing our hair, putting on our hats and wearing fancy ties but we are getting ready to announce more details to the project so that those interested can track the project and reveal it including announcing the name, who’s on the team: happening within the next 60-90 days.  So a very short term.  We are going to be releasing, one of the principles we will be releasing from the cypherpunk days is and one of the founding principles of the project is: “we speak in code.”  So we really want our products and our software to speak and so we will be releasing software very quickly that is necessary software that is needed for bootstrapping this type of ecosystem.  There are a couple different parts to the existing blockchain to the existing ecosystem that have huge gaping problems that we can deliver immediate value without needing to wait the 12, 18 or 24 months that it might take to get some of these changes to be adopted in Bitcoin core.  Some people are aware of these problems but we believe we can deliver immediate value based off that.  Get out there, release very useful open-source free-software, some software stacks that other people can adopt into the ecosystem to secure their users accounts, secure parts of the Bitcoin ecosystem that are operating on a trust-me model.  We think we can deliver a lot of value by helping them to move to more of a trustless infrastructure.  We are going to be investing very heavily in building a team of cryptographers, programmers, working to support some of the volunteers in the Bitcoin core community to provide them resources and allow them to really accelerate some of the things they know need to be done.  Most of these guys are volunteers, have day jobs, huge weight on their shoulders: do it because they love the technology and community.  Have not received a lot of support.  Supporting them, providing more tools, more testers, more documentation resources, travel vouchers so they can meet face to face – some of the things we will be doing.
  • Some business models rely on the availability and reliability of the Bitcoin network, so following the Linux model they should hire – as they can afford – developers in the community to work on it.
  • We are a “blockchain 2.0” company, although I personally care for the success of Bitcoin, it is important to distinguish between bitcoin the asset and the blockchain as a programmable distributed trust infrastructure.  And we are interested in blockchain 2.0 and blockchain 2.0 using bitcoin as a neutral transactional currency we believe is a great, offers great promise but I want to build a blockchain that could support a nation-state putting its national currency and phasing out paper dollars.  And there is a lot of reasons to do that: counterfeiting, utility value, conducting commerce in separate geographic distances.  Auditability, trust, whole bunch of potential to reinvent our financial infrastructure to better serve humankind and we have only begun that journey and I’m interested in a platform that is distributed, neutral, has all the principles of and properties of Bitcoin has embedded and imbued in it the principle that “it can’t be evil.”  And allows the world to migrate math-based assets and math-based currencies.  That is going to take time but we are interested in building that blockchain 2.0 and do that as an extension of the existing blockchain – not running off and building our own alt ecosystem and premining it and watching Adam and I get rich off having the first coins – that is not our intent.
  • There is no altcoin race with this, using bitcoin purely as a transactional currency.  Systemic risk issues: if more of business starts to move their accounting and B2B payments into bitcoin and cryptocurrency issued assets and denominated national currencies, you get the benefits of the zero trust, immediate auditability features so if you are receiving insurance contract from an insurance policy and there are about to exceed their reinsurance limit that would mean your insurance policy would be immediately failing audit and that would mean your policy is invalid.  You can start to remove systemic risk from the system and avoid Enron-like situations.  Even in the long turn there would need to be iterations of smart contracting before we get those kinds of things.  But even in the long run you get a national currency issued where they would have  smart contract like an issuance contract that would specify their monetary policy, no more than 2% cost of easing or maybe subject to market metrics and that applies to them.  Even if they have the key to issue more coins and some redundant hardware air-gapped key manager, they would be physically unable to bypass the monetary policy rules because the monetary rules are bound into the genesis of the coin and all recipients of the the coin would reject them if they tried to exceed their own monetary policy.  So I think if we get to a system like that we have can have real time auditing and agree to societal rules and enforce them a priori rather than finding out 6 months later that somebody has hundreds of billions or trillions of undisclosed assets and then you have an AIG or all of these kinds of cascading failures in the system.
  • History of Zero Knowledge is not archived, Youtube did not exist.  At the time we were very thumb our nose in the face of authority, we were fighting the Edward Snowden type of battles.  The NSA and CIA tried to shut us down, we were on 60 Minutes advocating crypto for all and tear down the system.  That may not be the best way to interact with these guys: is I’m coming for you, I’m going to burn down your system.  The financial services industry, the people we have talked to, have real problems themselves.  We talked to a very large buy-side financial institution who literally has hundreds of billions if not trillions of dollars’ worth of assets under management and they said from a pure compliance point of view we don’t understand our risk.  We have entire teams holding binders and contracts and asset systems and we are trying to figure out what we own and the risk is and what the underlying asset is, so if we can digitize this and have it be encoded in a way that we can actually we can make representations for compliance reasons for our own risk management, we would welcome you in.  Show both governments and financial institutions this is not about wiping them out or destroying their business, this technology is about imbuing the entire ecosystem with verifiability, trust based off distribution and math.  And some real good foundation levels where they can reinvent their business and yes, we can drive some competition in the industry.  And hopefully some more efficiencies.  Just how media companies are adapting to the internet and rebuild their businesses, we want to encourage these people to look for efficiencies.  And those that do will be much more like the Netflix of the future versus the Blockbusters of the future.  We want to help them rebuild their businesses like Netflix, not like Blockbuster and if they don’t want to adapt they face extinction
  • Public auditability, typical objection to commercial basis – companies do not want their business model to be public knowledge (profit margin, volume of trade, market movements, if someone is selling a large amount of stock, they like to keep that to themselves and not have that readily to the market) and that tends to present a barrier to public audibility.  We have to preserve commercial confidentiality.  Homomorphically encrypted values, have the blockchain validate the inputs add up to the outputs without disclosing the values involved, they are encrypted in such a way that addition still works on them.  Includes zero knowledge range proof that encrypted value A is less than encrypted value B and use it to prove leverage ratios and things like that.  Can do a lot of things to preserve commercial confidentiality but allow for public auditability.  So this merely a scope that can preserve that traditional and necessary fragile privacy for individuals and commercial sensitivity for companies but all allowing public audibility
  • I can see that two parties engaged in a currency swap or whatever instrument, their identities are not apparent to me at the blockchain level but they will have business records saying who they bought it from.  There are two networks involved in a transaction, the blockchain broadcast P2P network (byte minimized, scarce resource), you don’t send to that more than you need to insure the correct interpretation of the transaction.  Invoice and receipt go to the payment protocol level which is point to point communication between buyer and seller and if one of them is a business they will be keeping records or if you’re an individual they will be keeping their receipts for taxation purposes.  I think there will be identity but will keep the parties not broadcast to the peer to peer network.  Why is financial privacy wanted?  Because some people are paid their salary in bitcoin, so you can figure who this guy is because he bought a pizza in the shop or he paid you back and you see an address – it shouldn’t be reusing addresses.  If he was paid a salary and that amount of salary was encrypted, you wouldn’t know how much he was paid and he if paid you personally $10 you wouldn’t know his salary just that he hasn’t exceeded the value of the transaction.
  • We will be launching a website, with job postings.  If people keep track of us on Twitter – @austinhill and @adam3us – keep watch we will be announcing the name of the website and project in the coming month.  There will be at least a place holder site with more details and jobs available.
Send to Kindle

“Blockchain 2.0” with Adam Back and Austin Hill

Some very exciting news is being made public.  Adam Levine, editor-in-chief of Let’s Talk Bitcoin (LTB), interviewed Adam Back and Austin Hill for a new endeavor dubbed “blockchain 2.0” — I recommend everyone to listen to this interview.

Below is my write-up I did for LTB (note the copy on LTB is missing the footnotes which I have included below).

Blockchain 2.0 – Let a Thousand Chains Blossom

Adding on-chain utility and extensibility in a scalable way sums up the core ideas of the “2.0” next-generation cryptoledger space.  This is a segment that has grown rapidly to include eight announced and funded projects, each vying to create new use-cases utilizing a trustless blockchain or in Ripple’s case, a consensus ledger.

And now we can add one more to the list, an unnamed entrant financed by Austin Hill and articulated by Adam Back.  Hill is a well-established tech investor and in addition to other projects, spent almost $4 million in the ‘90s trying to develop and commercial electronic cash and anonymity systems through a company called Zero Knowledge Systems.  Back, likewise, is a domain expert, creator of the Hashcash proof-of-work mechanism used with Bitcoin and all other SHA256d-based alt derivatives.

This past week, Adam Levine interviewed the two gentlemen and learned that Hill and Back have created a company that includes several Bitcoin core developers working on a project momentarily dubbed “Blockchain 2.0” (the actual name and website will be released soon).

Some backstory: at one point Back worked for about 4 years with Hill at Zero Knowledge Systems and while Hill was familiar with Bitcoin, it was not until Back approached Hill (who was in retirement) and explained the extensibility merits and use-cases that Hill began to take it seriously.  Thereupon, they spent a week in a boardroom, mapping out the business plan and adopted the motto: “can’t be evil.”  In, Hill’s words based on his previous experience with Zero Knowledge Systems, “We believe trust is not earned because we’re good guys but trust was based on the protocols, the whitepaper and cryptography – where we were not asking for trust.”

They then rented a home in California for a couple months earlier this year with several other core developers and looked at ways to add new extensions to the existing blockchain – build a company around it – all the while providing backward and forward compatibility with the Bitcoin blockchain.  Again, this is not the “typical” alt because instead of creating another series of independent networks it will in will utilize merged mining and atomic transactions to extend the feature set via interoperable sidechains (more on that later).1

Why is this important?  Because as Back noted, the pace of current development on the core protocol is purposefully slow to prevent bugs and vulnerabilities.  And according to him these sidechains will allow experimental development to take place without impacting the main codebase, allowing the ecosystem to experience a faster pace of invention, scalability, faster transaction throughput, multi-asset issuance and even extensions to smart contract scripting.

How is this done?  According to Back, last December he spoke on Let’s Talk Bitcoin with Andreas Antonopolous and mentioned a one-way peg system, however it turned out to have undesirable limitations.2 Greg Maxwell then proposed a two-way pegging method that enables Bitcoin to connect with a sidechain which is a mathematically-controlled peg between Bitcoin main and the other chain network.3 Thus, according to Hill there can be continuous deployment and interaction with sidechains optimized for multiple purposes – that multiple sidechains can compete on features such as having larger block sizes (up from 1MB), which while leads to increased centralization, provides higher transactions per second.  And if users feel uncomfortable with the level of centralization, users can unilaterally move tokens from one chain back to Bitcoin main.

So in essence, while there are multiple chains no new bitcoins are created – that protecting the digital scarcity of the finite amount of tokens (ultimately 21 million) is a core point to this project.  And that by linking chains they have set Bitcoin up as a “transactional currency for all the innovation and all new assets so you can potentially issue shares in a sidechain, that specializes in smart contracts shares, derivatives, user assets, ultimately backed by bitcoin, pegged to bitcoin,” explained Back.

Why not create start from the beginning, from a fresh slate like several other projects?  According to Back, in his view artificial scarcity is “fairer if we use the existing scarcity rates.”  And that he is not convinced that some other alts have a strong technical ground to build from as they “start a new scarcity race that creates an interoperability silo […] in order to get into to it you have to swap coins.”  Thus, Back sees the extensibility as adding “direct support for issued assets, extended smart contracts, all while using Bitcoin itself as the transactional currency.  We feel that is a neutral choice.  It is not starting a new currency owned by one company, a project, small group of developers or early speculators.”

In addition, the company identifies itself as a “blockchain” technology company what this means in Hill’s view is:

We are a “blockchain 2.0” company, although I personally care for the success of Bitcoin, it is important to distinguish between bitcoin the asset and the blockchain as a programmable distributed trust infrastructure.  And we are interested in blockchain 2.0 and blockchain 2.0 using bitcoin as a neutral transactional currency we believe is a great, offers great promise but I want to build a blockchain that could support a nation-state putting its national currency and phasing out paper dollars.

There are at least 84 uses of a cryptoledger and counting.  And Hill’s team sees that bigger picture.

Go where the capital is

Over the past five years between $200 million to $1 billion worth of capital investments in computing hardware in the form of “mining” (or really, “hashing”) has been made, nearly all of which is largely underutilized.4  That is to say, the actual utility created over the past five years has been at the edges of the network in off-chain, trusted silos (or as Hill calls it “trust-me” silos).  Yet as developmental economics describes – and Bitcoin is in some respects a developing economy – productively utilizing and efficiently reorganizing capital is a necessary condition for growth and continued development.5 The Bitcoin network has enormous amounts of capital, but with low usage rates.  How to tap into that?

They contacted many of the large mining pools and will attempt to merge mine these new sidechains and thereupon utilize atomic-transactions (which is a proven process used in databases for decades) to move tokens between the chains.

While not necessarily endorsing their project, this is certainly one of the most productive uses of the hashrate deadweight.  That is to say, irrespective of how hashrate is being centralized, it is being underutilized as it merely tracks one ledger entry representing one data point (which was intentional day 1).  And while it is uncertain as to how the pool operators will react to these changes, if Namecoin is any indication, it is possible to provide new use-cases via sidechains, using the same hardware and thereby mitigating some of the bootstrapping risks of securing a proof-of-work-based network.6

Key takeaways based on the interview:

  •          Working with mining pools to discuss further utilization and expansion of merged mining
  •          Merged mining will create sidechains “firewalled” off from Bitcoin main
  •          Two-way pegging via atomic transactions will enable movement between sidechains
  •          Sidechains might not have blocks, will include transaction fees to incentivize miners
  •          Sidechains will be used for experimenting with expanding extensibility features including user-issued assets, smart contracts, HFT, and a plethora of financial instruments
  •          Team made up of several Bitcoin core developers in addition to other cryptographers and programmers
  •          Looking for practical use-cases of blockchain technology such as internal uses at enterprises and institutions, not solely related to bitcoin the cryptocurrency
  •          Launching website soon and some production code within the next 60-90 days

Also, while this type of project will likely be controversial in some corners due to the capital and time invested in alternative platforms, this project provides yet another competitive wrinkle in the ever growing “2.0” space.  Thus, it will be interesting to see how they use these methods within a production environment to bring utility back to Bitcoin main.7

To learn more about the project, following Hill and Back on Twitter at @austinhill and @adam3us respectively.


  1. How does merged mining work? from StackExchange []
  2. E77 – The Adam Back Interview from Let’s Talk Bitcoin []
  3. The entire discussion dev thread [Bitcoin-development] is there a way to do bitcoin-staging? is a very interesting conversation and at the end Greg Maxwell discusses the potential behind two-way pegging. []
  4. The lower limit is an estimate from Gil Luria at Wedbush Securities, see Following the Money: Trends in Bitcoin Venture Capital Investment by Garrick Hileman. []
  5. See Total factor productivity []
  6. What are Namecoins and .bit domains? from CoinDesk []
  7. Coincidentally, last week I published a paper (PDF) outlining some of the limitations of Bitcoin from a “public goods” perspective; it was by happenstance that Hill and Back’s team independently have answers and solutions to many of these known challenges and hurdles detailed within. []
Send to Kindle

Are the rumors true about China banning cryptocurrencies?

Received a few emails the last few days.  Here is one response I sent this morning to some friends:

This policy tightening, specifically based on this market-moving story from Caixin last week, comes amidst a larger shift: pressure from SOE incumbents that are concerned with the entire mobile payment / independent payment systems that have been setup over the past 3-4 years.  Quartz has a good overview on how the state-owned banks have essentially pressured policy makers into stymieing further growth of alternative services from Alipay & Tenpay.  Similarly three weeks ago the PBOC placed a “temporary” ban on payments made by scanning QR codes, mostly likely to protect UnionPay (an SOE) against the competition of Alipay & Tenpay.  In fact, this past week Chinese SOE banks posted their weakest annual profit growth, and they like those margins.

With respect to Bitcoin, I doubt it has anything to do with capital controls or flight.  Despite the fact that Bitcoin can be used as a vehicle to avoid capital controls, but have not seen any actual numbers on that so I could be wrong (maybe they all use RealityShares).  Yet even if it were the case, China is the 2nd largest source for remittances received ($60 billion in 2012), making it unlikely that the trend reversed and somehow China now exports more funds than receives during those 2 years (and I doubt that it is being used for domestic remittances for migrants to the inner provinces either).  For perspective, there are common ways to use UnionPay and art auctions to avoid capital controls (those links have interesting stats).

In addition, here is an updated summary of notices the different exchanges in China have received and their responses.  In addition, Rui Ma provided info on the most recent CoinDesk news piece on this issue yesterday.

Interestingly enough, I was told a couple days ago, in the event that the rumors of the PBOC clamp down on electronic deposits beginning 4/15 are true, one alternative is that Huobi (and others) would allow users to go to their office to deposit directly with them.  Bobby Lee from BTC China and others have said the same thing as well. Yet, what’s to prevent Alice from sending funds to some third party “cash delivery service” that then delivers them the cash?  And in any case, if the PBOC actually wanted to stop the business, it would be very simple – just (a) block the websites and (b) send in the PSB to close them down.

In any case, I can just imagine nerds with wheel barrows full of RMB lining the sidewalk of corporate offices…

That said, we (the public) probably will not know until we do.  Chinese regulators have used this strategy before: release or “leak” some information to test the reaction of the market.  If the reactions are severe, they may change the policy.  If you believe your investments will be impacted, aside from somehow “getting” some emergency guanxi, the best thing you can do is prepare for a Plan B, likely utilizing Hong Kong.

Send to Kindle