What challenges arise when trying to scale watermarked tokens on Bitcoin?

[Note: the following overview on scaling Bitcoin was originally included in a new paper but needed to be removed for space and flow considerations]

Looking in the past, the older Viceroy overlay network scaled at O(logN) where N is the number of peers which is different than the contentious scaling in Bitcoin, where even Core developers do not agree on how per node bandwidth actually scales.1

For instance, one group of developers thinks that per node bandwidth on the Bitcoin network scales linearly, O(n).2

The use of O(n) is a way of capturing simply whether something scales linearly or not.   O(n) means: if it takes 5 seconds to do something when there are 10 nodes, it will take 50 seconds if there are 100. An example would be washing the dishes. It takes 30 seconds per plate and you just keep going one plate after another.

In contrast, another group of developers believes bandwidth requirements squares per node, which reads as O(n2).3

O(n2) means: if it takes 5 seconds to do something when there are 10 nodes, it will take 5 hundred seconds if there are 100. O(x) notation is an approximate. That is to say, while you have increased the number of items by a factor of 10, the time taken increased by a factor of about 100.

An example here might be if Bob needs to broker bilateral contracts between all the members of a new limited partnership fund.   Four partners would require six bilateral NDAs in total. Eight partners would require 24. Thus if Bob doubled the number of partners he would need more than four times as many contracts executing.4

One calculation (BitFury 2015a) implies that in terms of block verification time, Bitcoin scales at: N(1 + 0:091 log2 N).5 For comparison, Ripple’s consensus ledger also has O(n2) scaling.67

What does this have to do with watermarked tokens?

As described in (Breitman 2015c):8

[C]olored coins are potentially nefarious to the Bitcoin ecosystem. The security of Bitcoin rests on the assumption that miners stand to lose more by departing from consensus than they stand to gain. This assumption requires a balance between the reward received by miners, and the amounts they might stand to gain by reversing transactions. If colored coins represent valuable assets, this balance might be upset, endangering the status of all transactions.

A consequence of the hold-up problem is that it could lead to vertical integration. That is to say, to prevent this type of event (holding up the whole network) from happening in the future, colored coin platforms could acquire (or build) hashing facilities and pools.

Yet if they did this, not only would they need to increase expenditures by several orders of magnitude – which is the very reason they wanted to piggy back off the existing infrastructure to begin with – but they would effectively be building a permissioned network, with very high marginal costs.

In (Breitman 2015c) the author uses a car analogy to describe the cantankerous situation colored coins have created.9

In the analogy, the author explores an alternative universe in which the car was recently created and new owners foresaw the ability to use the car in many different ways, including a new “application” called shipping.

In this scenario, the car owners unilaterally dismissed unproven alternative “truck technology” and instead designed a solution for shipping: bolt a new wooden layer on top of four cars, much like watermarked platforms bolt themselves on top of Bitcoin.

But what about all the various mechanical challenges that came with this new ad hoc design?

Breitman makes the point that, though the same functionality of a truck can be achieved by putting a slab of wood on top of four cars, choosing it as a solution when other options exist is not effective. Similarly, in the context of a closed system, it makes little sense to rely on bitcoind, though inexperienced developers may have a bias towards it:

To be sure, they were several problems with the design. The aerodynamics were atrocious, but that could be somewhat alleviated by placing a tent over the contraption. Turning was initially difficult, but some clever engineers introduced swivels on top of the car, making the process easier. The cars would not always stay at the same speed, but using radio communication between the drivers more or less remedied the issue.

But, truck technology? Well that was unproven, and also trucks looked a lot like train wagons, and the real innovation was the car, so cars had to be used!

Where am I going with this? A large number of projects in the space of distributed ledgers have been peddling solutions involving the use of colored coins within permissioned ledgers. As we’ve explained earlier, colored coins were born out of the near impossibility of amending the code base of Bitcoin. They are first and foremost a child of necessity in the Bitcoin world… a necessary evil, a fiendish yet heroic hack unlocking new functionality at a dire cost.

One could argue that reusing the core bitcoind code offers the benefit of receiving downstream bug fixes from the community. This argument falls flat as the gist of such fixes can be incorporated into any implementation. Issues encountered by Bitcoin have ranged from a lack of proper integer overflow checking to vulnerabilities with signature malleability. Such issues can potentially affect any blockchain implementation; the difficulty lies in identifying them, not in producing a patch to fix them, a comparatively straightforward process. Of course, other bugs might be introduced when developing new functionalities, but the same is true regardless of the approach undertaken.

Basing a fresh ledger, independent from the Bitcoin blockchain, on a colored coin implementation is nothing short of perversion. It is akin to designing a truck using a wooden board bolted on the top of four cars. If, for some reason, the only type of vehicle that could use a highway were sedans, that solution might make sense. But if you have the chance to build a truck and instead chose to rig a container on top of a few cars then perhaps you should first learn how to engineer trucks.

As explored in the game theory model in Appendix B and car example above, there are real security issues with using this specific layered approach in both permissionless and permissioned systems.

The typical excuse for going such route is that building a new blockchain from scratch (e.g., Ethereum, Zerocash, Tendermint, Tezos) delays market entry and could make your startup fall behind the competition.

While it may be true that spending a year or more to purposefully design a new distributed ledger network from scratch will take significant time and resources, the reasons for doing (better security and scalabity) outweigh the downsides (systemic risks and vulnerabilities). Future research should also build models with additional agents.

It also bears repeating that based on the model presented in Appendix B, if the cost of attack is very high, the more plausible outcome is to not attack. However, if it is very attractive to attack there could have a different outcome that is worth further research.

  1. See A Survey and Comparison of Peer-to-Peer Overlay Network Schemes by Lua et al. p. 10 and Big-O scaling by Gavin Andresen []
  2. Over the past five months there have been volumes of emails, forum posts and panel discussions on the topic of how Bitcoin can and does scale. One thread that is recommended to readers is a recent reddit debate between Mike Hearn (mike_hearn) and Greg Maxwell (nullc). []
  3. Why do people say that bitcoin scales according to O(n^2)? from StackExchange []
  4. I would like to thank Richard Brown for this example and illustration. []
  5. Block Size Increase from BitFury Group, p. 5 []
  6. See p. 9 from Ripple Protocol Consensus Algorithm Review by Peter Todd []
  7. Surveying literature we can see that historically there have been dozens of attempts to create decentralized peer-to-peer reputation systems that needed to be self-organizing, Sybil-resistant, fault tolerant as well as the ability to scale. A Survey and Comparison of Peer-to-Peer Overlay Network Schemes by Lua et al.; A Survey of Attack and Defense Techniques for Reputation Systems by Kevin Hoffman, David Zage and Cristina Nita-Rotaru; and Survey of trust models in different network domains by Mohammad Momani and Subhash Challa []
  8. Making sense of colored coins by Arthur Breitman []
  9. Ibid []
Send to Kindle

Can Bitcoin’s internal economy securely grow relative to its outputs?

killer app mouse trapHow do economies grow?

At the end of the day, that is ultimately the question that the Bitcoin community is asking when it asks, “what is the non-currency ‘killer app’ for Bitcoin?”  And this could be akin to asking, “what is the ‘killer app’ for the Chinese economy?”


Because as described in a number of other posts, “Bitcoinland” — a “virtual-state” — probably has more in common with the economic dynamics of a “nation-state” than say, agnostic, inflationary computer protocols like TCP/IP/HTTP.

So what is the “killer app” for a meat space economy like China?  How, as measured in GDP, did China grow from 364 billion RMB ($58 billion USD) in 1978 to 58 trillion RMB ($9.4 trillion USD) in 2013?  Was it solely the result of Deng Xiaopeng efforts of “reform and opening up?”  The full answer to that involves surveying numerous books; the shorter answer involved a combination of liberalizing a nearly fully autarkic economy and improving the productivity levels of existing inputs.

In the physical world, one way to measure how an economy develops is by looking at something called total factor productivity (TFP).  An increase in TFP is largely a result of technological improvements, inventions and innovations.  That is to say, for the same quantity of inputs, more outputs are created.

We see this frequently occur in developing economies as subsistence farmers adopt mechanization to improve agricultural yields, sometimes by several orders of magnitude.   For instance, the 2011 harvest yields in Heilongjiang province China, broke nation-wide records, rising 11% over the previous year due to ‘bigger and better machinery for threshing and plowing’ (for more specifics see also: Wage Growth, Landholding, and Mechanization in Chinese Agriculture).

Historically, as an economy develops, the inputs (such as land and labor) become more productive and therefore produce more outputs.  Can the internal Bitcoin economy also see such productivity gains?

Maybe, but probably not securely.

Let’s rewind for a moment.  Because there is no land per se, let us instead look at the labor component of Bitcoinland.

Unlike the labor market in the real world, this virtual-state has a marginal productivity of labor of zero.  It is very unique in that manner.  That means irrespective of the amount of hashing power (or laborers) added or removed from the network, the virtual country will always (and only) produce a fixed amount of output (block rewards).  Both David Evans and Tadge Dryja independently discussed this observation last year.


Simultaneously, this virtual country’s economic output is secured through proportionalism: ceteris paribus, in the long-run it should take a bitcoin to make a bitcoin.  Rational laborers (miners) will not spend more than a bitcoin to make one.  Thus if a coin is worth $250, miners as an aggregate will not spend more than $37,500 per hour to secure the ledger.

Recall that maintaining a distributed consensus network is different from consensus on a centralized ledger.  Bitcoin was purposefully designed so that it is artificially expensive for people to cast “votes” for a consensus.  The necessity was to make casting “votes” in the consensus artificially high since we cannot know who is participating in the “vote” (because it operates on an untrusted network).

What is another way to look at this?

I spoke with Jonathan Levin, formerly of Coinometrics.  In his view:

The security model of Bitcoin is how much it would cost a malicious attacker to gain a significant portion of the network. The security model of Bitcoin is therefore an anti-Sybil attack mechanism and not necessarily focused on securing financial transactions. This begs the question: Is any financial transaction secure if the cost of reversing it is less than the value of the transaction. Or would we need a system in which it would cost $1 million to undo $1 million of value?

This question is difficult to answer in the abstract. For different use cases, there might need less proof-of-work needed in order to secure the transaction. There could be a few reasons for this.  In many cases the issuer of the goods may be able to monitor the network for an attack waiting for sufficient work to be done before issuing the goods, e.g. Warehousing and physical delivery. For account balances, the victim could alter the balance of the attacker. There are very few $1 million transactions that are consumed instantly. However it does throw high value escrow services based in Bitcoin into question.

In the original white paper, Satoshi, albeit incorrectly calculated the probability of successful block reversals by an adversary. From this a magic number of 6 confirmations was often deemed as secure. I think this security model should be framed as burying a transaction under some dollar equivalent value of proof-of-work. This might give businesses more accurate view of the security of bitcoin transactions.

One unfortunate reality for assessing the security of bitcoin transactions is that we still need to factor in market concentration due to the possibility of bribes and corruption. Where some of these pools would actually find it profitable to attempt block reversals, a la selfish mining, it is difficult to think of an economic model for bribery and corruption in the Bitcoin network. Furthermore, we have seen the discussion take place on gated entry where you can make the entry into the validating nodes set super secure but someone may be able to bribe that entity to reverse / block transactions.

What does Levin mean by the cost of reversing a transaction?

To successfully disrupt the country (the network), the maximum cost to do so is roughly 0.5 x MC, where MC is the marginal cost of production.

In today’s terms to brute force the network — to attack it head on through its hypothetical ‘Maginot Line‘ it would in theory cost half of $37,500 per hour (or rather, half of the aggregate of 6 blocks as Levin suggested above) to obtain the magical “51%” of the hashrate needed to continuously double-spend.

In reality, the actual cost is significantly less due to out-of-band / side-channel / rubber hose attacks.  But that is a topic for another article.

A parasitic unit of account?

In May 2014, at the Bitcoin Foundation Amsterdam conference, Robert Sams brought up two interesting points that involve Bitcoin as a developing country, the first involved deflation:

There is a different reason for why we maybe should be concerned about the appreciation of the exchange rate because whenever you have an economy where the expected return on the medium of exchange is greater than the expected return of the underlying economy you get this scenario, kind of like what you have in Bitcoin.  Where there is underinvestment in the actual trade in goods and services.  For example, I don’t know exactly how much of bitcoin is being held as “savings” in cold storage wallets but the number is probably around $5 billion or more, many multiples greater than the amount of venture capital investment that has gone into the Bitcoin space.  Wouldn’t it be a lot better if we had an economy, where instead of people hoarding the bitcoin, were buying bitshares and bitbonds.  The savings were actually in investments that went into the economy to fund startups, to pay programmers, to build really cool stuff, instead of just sitting on coin.

I think one of the reasons why that organic endogenous growth and investment in the community isn’t there is because of this deflationary nature of bitcoin.  And instead what we get is our investment coming from the traditional analogue economy, of venture capitalists.  It’s like an economy where the investment is coming from some external country where Silicon Valley becomes like the Bitcoin equivalent of People’s Bank of China.  And I would much prefer to see more organic investment within the cryptocurrency space.  And I think the deflationary nature of bitcoin does discourage that.

As I noted in a previous article, the $500 million that VC’s have deployed to build Bitcoinland are effectively a foreign exchange currency play (because it is a virtual-only foreign country that can only be accessed with a pre-paid card, bitcoin).  This money is being paid to effectively leverage one economy, or rather one unit-of-account (namely USD, EUR, RMB) to build a virtual unit-of-account called BTC.

But because of a number of factors, including volatility and lack of native on-protocol financial services (such as credit facilities), bitcoins are not typically used to fund internal improvements (such as building the actual country of Bitcoinland).  Or as Sam aptly noted:

I think the issue if should you have more elastic supply or not it just really comes down to the fact that if you have a fixed supply of something, the only way that changes in demand can be expressed is through the change in price.  And people have expectations of increased demand so that means those expectations, expectations of future demand get translated into present day prices.

And the inelastic supply creates volatility in the exchange rate which kind of undermines the long term objective of something like cryptocurrency ever becoming a unit of account.  And forever it will be a medium of exchange that’s parasitic on the unit of account function of national currencies.  So I do think the issue does need to be addressed.

What does this have to do with “growing” the GDP of Bitcoinland?  And more to the point, how can Bitcoinland increase the amount of outputs?

If the labor force in Bitcoinland, miners, are continuously expanding and contracting the amount of capital they destroy to secure the network (in concert with the market price of the token), then the size of the Bitcoin economy is continuously shifting in size each hour, day, week and month.

Or in other words, as measured in terms of several foreign unit-of-accounts (because the physical land, electricity and hardware are paid for in foreign currency): the size of Bitcoinland is directly proportional to the amount of fixed outputs.  Denominated in BTC, the economy grows at an incrementally fixed rate.  It cannot, due to deterministic rules, be more productive in terms of outputs.  It can only grow larger and/or faster than this fixed amount through what amounts to ‘secondary issuance’ of watermarked metacoins such as Counterparty, Mastercoin and colored coins.

As described below, while this is not an issue today, these hacked-in under-secured metacoins are a double-edged sword.  Why?  Because these metacoins create a disproportional rewards vulnerability discussed last year.

top heavyHacked-in value

Recall that metaprotocols (or sometimes referred to as ’embedded consensus mechanisms’) that utilize and sit on top of Bitcoin blockchain provide disproportional rewards.  For instance, while both Counterparty and Mastercoin require participants to pay some nominal transaction fee, the social value of the actual asset itself if effectively piggy backing and free-riding off seigniorage rewards (this also happens with colored coins and Dogeparty).  Aside from mining pools that use Luke-Jr.’s software, miners in general currently have no way to distinguish between a watermarked transaction from any other transaction.

Consequently, they have no incentive to destroy more capital to protect these metacoins in part because they receive no additional revenue to do so… because the network and coinbase itself has no knowledge of the social value placed on these metacoins and therefore cannot distribute rewards in proportion to the actual value being protected.  And the network then is effectively top-heavy.

For example, if for some reason Apple Inc. decided to issue all of its shares onto the Bitcoin network via a metacoin, this could create a top-heavy security vulnerability.  Recall that the total market cap of Apple’s shares is ~$750 billion USD but the labor force of Bitcoinland is only destroying enough capital to secure ~$3.46 billion in bitcoins (at the time of this writing $250 x 13.85 million mined coins).

Thus in the long run, miners are probably not destroying enough capital to ultimately secure metacoin assets, making the network less secure.

Or in other words, Bitcoinland — as it is encoded today — probably cannot securely increase its productivity levels (as would be measured by TFP) without opening itself up to some kind of vulnerability.

What about merged mining?

Last year I wrote a short working paper discussing the potential of merged mining as a way of productively reusing the existing capital base.  In theory it sounds like an easy home run but in practice, if it costs miners nothing to merge mine, then it also costs them nothing to attack the merged chain/coin.  Relying on and trusting in goodwill or altruism of a labor force is the direct antithesis of the game theory baked into Bitcoin itself: where it is assumed that all parties can and will be adversaries.

Empirically we have seen Bitcoin pools attack chains that have attempted to merge mine (see Coiled Coin).

bitcoin namecoin hashrate 2015

We have also seen (above) how Namecoin’s hashrate has diverged over this past year and how it now consistently represents less than half of Bitcoin’s (note: Namecoin began merged mining with Bitcoin in October 2011).

This is due to at least 2 reasons:

1) not all Bitcoin pools support AuxPOW (merged mining) with Namecoin

2) also due to a block reward halving that took place in mid-December 2014 (notice that in contrast to the popular narrative, there was in fact no doubling in namecoin value because the market had already priced the future block halving into present day prices)

Or in other words, if it depends on the growth of an underlying unit-of-account hoping for an unseen Bitcoin GDP multiplier (or in this case a non-currency ‘killer app’) probably is similar to wanting something for nothing.

That doesn’t mean it shouldn’t be tried or that all the startups in this space are for naught. In fact, it looks like there are any number of useful innovations with practical applications (such as hierarchical deterministic, multisig, keyless wallets, etc.), including the experiments coming out of the altchain/ledger community.  Several investors and entrepreneurs willing to navigate the space could see a good return if some of these innovations become integrated within other industries (such as financial services).

Yet in practice, operating a distributed consensus network based on proof-of-work seems to require an always changing capital allocation structure that is fused to the market value of its internal unit-of-account relative to national currencies.  And based on the current version of the program, Bitcoinland itself (and not the ecosystem on the edges) may likely remain a laboratory model of a marginally subsistence nation that (often) violently moves between contractionary and expansionary cycles.

Other open questions

  • Aside from currency conversion, can there be a stable, secure domestic economy within Bitcoin.  If so, what is or could be another identifiable, exportable good or service?
  • As its labor force (miners) must continuously exchange the domestic currency (BTC) into a foreign currency (USD, EUR, RMB) to pay for bills — what is the recent historical precedence of economies that start off subsisting off of a foreign unit-of-account that later manage to move on to become an independent unit-of-account for economic calculation purposes?
  • Can other Bitcoin-like cryptocurrency economies actually grow, or are they all faced with similar constraints with respect to proportionalism?
  • Existing metacoins require their own consensus systems and as such, they don’t fully rely on Bitcoin.  Can this be further enhanced?

See also:

Send to Kindle

Cryptocurrency in the news #16

Some relevant news of interest as I close some tabs:

Send to Kindle

The “pain point” of payments in the developed world

paymentsVitalik Buterin is one of the smartest writers and developers in the digital currency space. At the ripe age of 20 he has put together a repertoire of code, articles and most importantly challenges that the “cryptocurrency” world faces.

He recently penned an article that argues what Bitcoin needs today is usage by employers, not just more merchants.  That one of the ways to subdue and mitigate the high levels of volatility is for employers to pay employees in the digital currency whereupon employees then can pay for wares from existing merchants whom in turn pay their employees in bitcoin.

This sounds nice in theory — a fully enclosed system — but there are a number of problems with it, namely that in practice bitcoin is treated as a commodity or collectible (not a currency) by market participants and its deflationary allocation + inelastic money supply makes it a poor modern medium of exchange.

This point is argued in a recent paper by Ferdinando Ametrano:

The unfeasibility of a bitcoin loan is similar to that of a bitcoin salary: neither a borrower nor an employer would want to face the risk of seeing their debt or salary liabilities grow hundredfold in few years. A manufacturing firm cannot accept an order in bitcoin with the risk of its value doubling or halving on a single bad day. Even the development of a derivative market could only hedge these risks with an implausibly high price. This is the cryptocurrency paradox: arguably the best ever kind of money by any metrics, marred by the severe inability to serve as reliable unit of account.

Perhaps this will change over time, maybe one solution is through hard forks involving “growthcoin” (as proposed by Robert Sams) and “stablecoin” (as proposed by Ametrano).

However, one of the challenges will always be the “pain point” — what incentive do people have to switch to a competing platform in the first place?  Why should consumers or employers want to adopt bitcoin the currency?  For instance, most users in the developed world do not have to deal with double-spending or rampant inflation.  Credit card fraud rates represent roughly just 7 bps and some cards provide other types of incentive like cash-back rewards or frequent flier miles — something that bitcoin cards (if they existed) would have a uphill task of providing.  Similarly many modern savings accounts provide some form of interest rate plus deposit insurance — trying to on-board these types of users would be difficult because there is no current equivalent with Bitcoin (yet).  [Note: savings is different than speculative hoarding, see discussions here and possibly here.]

Two days ago Ben Edelman explained how in most circumstances, customers pay more just to use bitcoin yet without gaining any additional benefits.  By “use” he means using it for actual commerce and not holding on to it for speculative purposes.  Because of this friction, because bitcoin users typically need to spend more than the alternative forms of payment, despite the large increase in adoption by merchants over the past 6 months there has been very little corresponding transactional volume.  Instead it is being treated as a novelty, a speculative collectible.

Or as a friend of mine, Bob, calls it a “My Little Pony” toy.  In a nutshell Bob compares the bitcoin currency system with the My Little Pony collectible.  Bob has a daughter and according to her each Pony has its own story in its own little special universe filled with cartoons, video games, clothes and toys and that’s how bitcoin the currency is treated: many early bitcoin adopters enjoy the ever grander mythos and backstory, that it was created by an anonymous developer, the ledger entry cannot be double-spent, its distribution and promotion involves volunteers organically threaded together via Meet-ups and bulletin boards and is purportedly impervious to political whims.  This brings it to life in a more colorful way that other systems like Square or Stripe have not similarly created (see Seth Godin’s Purple Cow).  And according to Bob, My Little Pony characters can also have plight-filled adventures, though none involving subpoenas (yet).  See also: Bitcoin: a Money-like Informational Commodity

Perhaps Buterin’s solution will gather momentum over the coming years, however unless the average consumer needs to spend less (not more) to gain the same level of advantages and protections that current platforms have, it is unlikely that a snowball effect in payments will take place anytime soon.  Incidentally, one crowdfunded innovation that could likely move beyond “toy” phase soon is the Trezor hardware wallet because it fulfills a real pain point today, horribad security issues with protecting private keys.

Send to Kindle

None of the Top 500 Bitcoin addresses uses on-chain multisig

Even though m-of-n transactions has been supported since the acceptance of BIP 11 in 2011 and BIP 16 the following year, implementations of multisig has been slow going until recently due to lack of support from wallet software.  This will likely change, yet as of today, no address on the Bitcoin Top 500 Rich List uses on-chain multisig (though perhaps some exchanges do in off-chain setups).

BitGo was the first commercial multsig wallet released and Cryptocorp has a neat oracle-based HDM solution to this.

In addition to reading through the relevant threads on StackExchange, be sure to watch James D’Angelo explain how multisig works:

Send to Kindle

Cryptocurrency in the news: #12

A few links over the last couple of days:

Send to Kindle

Proof-of-Gox and Recoverycoins

Yesterday I had the pleasure to moderate a panel discussing Goxcoin on LTB episode #89.  Participants included Adam B. Levine who is the editor-in-chief of Let’s Talk Bitcoin! as well the chief visionary officer to the Humint project (and who wrote the foreword to GCON).  David Johnston is the managing director of BitAngels, the first angel investment network focused on digital-currency startups, and a board member at the Mastercoin Foundation (I also interviewed him for GCON and included his insights in Chapter 3).  And the final panelist was Pete Earle, who is a multi-decade veteran of the financial trading sector as well as an economics writer (the article that sticks out most to me was incidentally his piece on mudflation).

It’s a very thought provoking conversation as it raises real-world use-cases for using cryptoprotocols (such as Bitcoin and Mastercoin) in a more effective, efficient, secure and transparent manner than existing models and frameworks.

Developers can find out more information about the Master protocol white paper.

Send to Kindle

Presentation covering Smart Contracts, Smart Property and Trustless Asset Management

Earlier tonight I gave a presentation at Hacker Dojo with the Ethereum project.  I would like to thank Chris Peel and Joel Dietz for organizing it.  Below is a video and accompanying slide deck.  In addition to the footnotes in the PPT, I recommend looking at the wiki on smart contracts and Nick Szabo’s writings (1 2 3).

Also, some quotes regarding synthetic assets in Szabos’ work:

Citation 1:  “Another area that might be considered in smart contract terms is synthetic assets[5]. These new securities are formed by combining securities (such as bonds) and derivatives (options and futures) in a wide variety of ways.”

Citation 2: “Creating synthetic assets or combinations that mimic the financial functionality of some other contract while avoiding its legal limitations”

Citation 3: “Reference to Perry H. Beaumont, Fixed Income Synthetic Assets”

Send to Kindle

Is Bitcoin really a decentralized autonomous organization?

A friend asked me about the interview I did a couple days ago where I mentioned Roger Ver’s influence as an instance of how Bitcoin is not an example of a DAO.  My usage was not meant to disparage him — in fact, his sobering backstory helps explain his intense passion today.

I have a longer explanation regarding DAOs that will be published in a couple weeks.  In the meantime however, regarding changes to Bitcoin itself, I do think a fork of some kind is possible (not that it will happen) largely due to two different groups that would like to take the protocol different directions.  For example, in the face of the new CoinValidation route that the Foundation began promoting last fall, Roger Ver’s Blockchain.info promoted Shared Coin as a way to work around potential white/black listing.

While it is unclear what direction the Foundation (and hence the protocol as most devs work through them) will ultimately take, the overall tone of regulators at the New York Department of Financial Services hearing this past week was not conducive to individual privacy.  In fact, Benjamin Lawsky, the Superintendent of the Financial Services department stated that, “It’s not worth it to society to allow money laundering and all of the things it facilitates to persist in order to permit 1,000 flowers to bloom on the innovation side.”

I am not sure if Lawsky realizes that Mao originally came up with that phrase or why (to “lure out the snakes from the cave”).  Perhaps projects like Dark Wallet and ZeroCoin will change that equilibrium.

Send to Kindle

What is an atomic transaction?

I received an email earlier today asking clarification of the term “atomic transaction.”  Occasionally you may see this used in an article describing a unique advantage that cryptocurrencies such as Bitcoin have.  Angel investor, Ben Davenport, used it in a quote that I published over at CD last week:

“[I]magine the power of being able to make a trustless trade of stock for bitcoin with a stranger, at a distance, with no third party involved. With colored coins, I can construct a single atomic transaction which encodes such an exchange. That, to me, is the most important basic thing that colored coins can enable.”

In short, when exchanging one cryptocoin with another (such as a Bitcoin for a Litecoin or colored coins), either the trade occurs or it does not.  Michael Goldstein explains this concisely over at Lex Cryptographia:

Two parties agree to exchange one cryptocurrency for another, and the transaction is done in such a way that neither side can execute their portion of the trade without releasing funds to the other party. The trade either happens in its entirety, or not at all, which means nobody can walk away empty-handed. The worse possible outcome is that no trade occurs at all and everybody keeps what they had.

The key is the nLockTime function described in Atomic cross-chain trading.  I also recommend looking through the Bitcointalk thread Alt chains and atomic transfers.

Send to Kindle

Ethereum and vunerabilities of Turing-complete progamming languages

There have been several Reddit threads and bitcointalk forum posts the past couple days regarding integrating a Turing-complete programming language with a cryptoledger.  Bitcoin currently uses a limited, non-TC language called Script.  The comments, feedback and insights revolve largely around the security risks and vulnerabilities that such a language could do.

If you are interested, I highly recommend reading through these threads right now, the first two include comments from Adam Back, creator of Hashcash which is the proof-of-work used in Bitcoin.

Turing complete language vs non-Turing complete (Ethereum vs Bitcoin)
letstalkbitcoin on committed tx, homomorphic value, fungibility, privacy
Will turing compleastness allow contracts to contain viruses and malware that could affect the network in unforeseen ways?
Adam Back about Ethereum and security risks

Send to Kindle

Mike Hearn discusses autonomous agents at Turing Festival 2013

Decentralized autonomous organizations (DAO), sometimes called decentralized autonomous corporations or autonomous agents have become a hot new topic both in social media and in software engineering, especially as they are interrelated with advances in cryptoledgers/cryptocurrencies.

Vitalik Buterin has written a three-part series (1 2 3) about software-based DAOs over at the Ethereum blog that gives a pretty good overview and capability of what a DAO is able to do.  While many more volumes will be written on this topic, last Mike Hearn gave a brief overview of what hardware applications may look like:

See also: Mike Hearn’s 2012 presentation in London (video) as well as his interview last fall with Newfination (video).

Send to Kindle

Can Robert Wenzel Defeat the Encryption Used by Cryptocurrencies?

 photo NizeLinkedin.png Short answer, no.1 Back to that in a moment.

I am not sure who is doing the vetting process for investor relations at Ripple or Silicon Valley Bank (SVB), but if you are running a crypto-related business be aware that not only is Robert Wenzel (aka Raymond Nize) — the proprietor behind EconomicPolicyJournal — dogmatically anti-cryptocurrency but also not who he says he is.

Why make a blog post about this in the first place?  You may consider this water cooler minutiae and frivolous scuttlebutt, however you are known for whom you associate with.  If you hang out with known con-artists — even if you agree with some of what they say, this reflects poorly on you.  Especially when their entire motivation is not to genuinely learn about your product (crypto), but to merely hype their own investment schemes (e.g., commodities specifically gold).

Sock puppet extraordinaire

Last week I received some trollish comments from “Paul Trombley” (paul.XXXXXX@yahoo.com) regarding a lengthy post on this site (an expose of Nize’s sockpuppets), “Paul” states:

Wow. Utterly fascinating. Wish we could find out where Raymond Nize, et al., grew up and went to school, where he has worked, whom he dated, etc.

In the meantime, I will have to be content with another viewing of Pacific Heights.

A quick google search find four sites that zero in on the possible identity of “Paul”:

Obviously even if I had IP addresses this would not be a smoking gun.  But what are the chances, that a sock puppet posting on the only Nize/Wenzel thread on my site also links to EPJ and discusses many of the same topics in the same tone as Nize/Wenzel does?

Why is this important again?

Because Nize/Wenzel has managed to convince some important cryptocurrency personalities and institutions that he is someone who he is not.  He managed to convince Joseph Salerno that he has 20 years of experience on Wall Street. Where did he work?  His current LinkedIn profile (screenshot 1 2) is completely empty in all but the previous 6 years.  Surely someone with the pedigree he says he has would dutifully link to it and his past associates.

Is this an ad hominem?

No, he is making claims about his past life that are untrue which have in turn built up his credibility as a financial guru.  He has then taken these ill-gotten reputational gains and is now providing investment advice to readers and listeners of his website (which is just one of many websites he has created over the past decade under about 10 different pseudonyms, see Part IV for more).

To top it off, he has a clear anti-cryptocurrency agenda that involves spreading misinformation and/or propaganda.  In nearly every post about Bitcoin or some other aspect of cryptocurrencies he drags it through mud while simultaneously showing his inability to full comprehend how cryptography works.  Hint: if cryptography worked the way he describes it, the entire global financial industry, the diplomatic corps, cloud services and all e-commerce (to name a few) would effectively be unable to securely transmit data.  Trace Mayer did an excellent job pointing this out in the EPJ comments yesterday (SS).  Thereupon Nize notes how in his visits to both Ripple and Silicon Valley Bank he left unconvinced of cryptocurrencies potential (SS).

Strawman made of hand-waving

It is certainly understandable to not be convinced of the merits of a particular asset class, that is not the issue.  Not understanding public-key cryptography and then building bi-weekly cryptostrawman to thwack at, is a problem.  While the math may indeed be confusing to beginners and experts alike, the crypto algorithms used by cryptoledgers like Bitcoin and Litecoin are solid.

In fact, there is an monetary incentive to try and break them and no hacker has thus far been able to.2 If Nize truly believed that this crypto did not work, he could take the alleged holes he claims exist and tap into and forge 12.2 million BTC namespaces/addresses (and 25.1 million LTC).  He needs to show us a broken blockchain to prove his claim, yet has not.  If the pseudonomyous features did not work, then he could name the Top 500 BTC holders, but has not.  Disagree?  Who owns the 268th largest BTC address, the one with 4,719?  If the crypto is bad, did you break into it already?

Perhaps he will come around at some point, but this still does not justify the fraudulent personality that visitors are unaware of (and whom have given goodwill towards).  The lesson for investors doing road shows and presentations: do you due diligence and vetting upfront.3

  1. There are theoretical ways to forge entries in the blockchain, such as a 51% attack, but the crypto in the actual generic wallet most people use is currently not known to be brute-force crackable. []
  2. Nize also has epistimological problems regarding apriori utility and value but that is besides the point. See: The value of cryptocurrencies as well as Economics of Bitcoin by Peter Surda []
  3. As an aside, his Google AdSense has generated, ironically, Bitcoin-related services like Gyft that are displayed on his site — here is a screenshot. []
Send to Kindle

OpenStack: Reflecting on the FOSS paradigm in a post-Snowden world

This past week I attended a business meeting in Houston involving several leading Perl developers.  During one segment of the meeting we discussed OpenStack as part of a mastermind brainstorming session.  OpenStack is an open source IaaS platform that has a lot of industry wide support, creating a mature product that can compete with Amazon’s EC2.  During this session one participant found and showed the following clip (see below).

In April 2013 (two months before Snowden leaked documents), Nathanael Burton, CIO of the NSA, gave a talk on how the agency adopted OpenStack internally.  He discussed how after seeing some demos of it at various conventions, they brought it into a lab environment in Fort Meade whereupon they quickly were able to scale it for production loads all with minimal staff.  The interesting parts are not so much that open source software is being used by an intelligence agency but rather the euphemisms that are used throughout this presentation (like “external partners”) which then raise questions: were these “external” sources aware of how their databases were being tapped into?

It’s a relatively straight forward presentation yet again there are quotes that make you do a double-take now due to what has been uncovered the past 7 months.

Send to Kindle

The art of cui bono and frowning upon conclusions

MG, an acquaintance, writes:

Tim, the reality is that China remains a society held captive to the Chinese Communist Party, who is committed to stealing intellectual property from American entrepreneurs and companies. Doing business with the Chinese is extremely costly and a strategic mistake for most US companies.  My comments are directed to the broader issues of doing business in China and the Chinese government’s posture on its domestic economic policies, its foreign trade practices, and its unprecedented role in global intellectual property theft. These issues have been the subject of a great deal of analysis here in Washington DC (some of which we’ve engaged in).

Ignoring the agitprop boilerplate about the Party (it exists, it will continue to exist), I mention some of those IP issues in a couple different places and explain to the reader that they should talk with an experienced attorney and IT security specialist before setting up shop on the mainland: see Chapter 10 (legal services) and Chapter 13 (internet security).  In fact, there are several cases discussed in detail in Chapter 13 but rather than rehashing those statements, MG raises a problematic issue here: financial disclosure.

For instance, this past week Bloomberg published a story entitled, “Cybersecurity Lobby Surges as Congress Considers New Laws.”  While cybersecurity is a real, present danger for every firm in any country there is a Latin phrase that summarizes the conflict of interest in MG’s position: cui bono (who benefits).  As Bloomberg notes:

There were 513 filings by consultants and companies to press Congress on cybersecurity by the end of 2012, up 85 percent from 2011 and almost three times as many as in 2010, according to U.S. Senate filings. Twelve firms have submitted new registrations this year on behalf of companies including Google Inc. (GOOG)’s Motorola Mobility unit, Symantec Corp. (SYMC), United Parcel Service Inc. (UPS) and Ericsson Inc., the U.S. subsidiary of Stockholm-based Telefonaktiebolaget LM Ericsson.

“Cybersecurity is a lobbyist’s dream,” Rogan Kersh, provost at Wake Forest University in Winston-Salem, North Carolina, who researches political influence, said in an interview.

How do we know there is a conflict of interest in this segment?  CISPA, or Cyber Intelligence Sharing and Protection Act, is a proposed law which would enable government agencies to monitor and share private electronic communication (similar to SOPA).  This past week, Representative Mike Rogers, Chairman of the House Intelligence Committee accidentally tweeted and then deleted that the “House Intelligence Committee received 15 times more from pro-CISPA groups than anti-CISPA orgs.”  This is another example of cui bono as the same organizations lobbying for the bill are the same ones that will financially gain if it is passed.  Similarly, MG works at a firm that gains financially due to the hype and theater surrounding this issue.

This is not to say that hacking and cybersecurity are not real problems that firms and entrepreneurs should ignore.  Rather consider what General Electric Vice Chairman, John Rice recently said, “Despite hacking and other issues in China, foreign companies need to be there, due to the country’s potential as the world’s biggest marketplace.  The greater risk lies in staying away.”

Thus it comes down to who you want to trust: MG, a contractor who financially gains from hyping a purported threat or John Rice, who is willing to weigh risks and potentially capitalize off knowledge and technology arbitrage (e.g., bringing specific technological know-how to .the mainland).

Experienced expat response

Last night I spoke with David Veksler, CEO of CryptAByte and a cybersecurity professional in China who I interviewed for Chapter 13.  He told me in an email exchange that:

“Doing business in China is no doubt risky.  But betting your company’s future on a stagnating domestic markets is risky too.  Every business must balance the risk of IP theft and broken contracts against opportunities from the world’s biggest consumer market and low cost suppliers.

While Chinese companies are well known for intellectual property theft, we must keep in mind that there is no monolithic entity, even within the Party.  There are many competing interests, and each case is different.  By doing their due diligence, it is quite possible to protect one’s interests and secrets while being successful in China.  To claim otherwise is to say that information security is futile.

In the long run, industrial secrets may be impossible to keep, but in any dynamic industry competitive advantage and profits are made in the near future.  Businesses that substitute innovation with copying the competition will not succeed in a competitive market.”

Unconventional analysis

I also reached out and spoke with a patent attorney about the issues MG raises and spoke with Stephan Kinsella (the same attorney in Chapter 7).  Here is what Kinsella wrote in an email exchange yesterday:

“There may be a grain of truth in the complaint about Chinese companies not respecting Americans’ IP, insofar as some Chinese companies seem less willing or able to abide by contractual restrictions designed to keep certain information proprietary. But this danger exists for businesses in all societies, even in the US, especially as employee mobility increases and employees move back and forth between employers, taking ideas with them.

But the bulk of the complaint seems to be focused on American-style IP law, namely patent and copyright, and to assume that patent and copyright are legitimate types of property rights. This is what permits the author to refer to competition by Chinese companies as “stealing”: he has accepted the IP mentality. But copying and emulating others in the process of competing with them is part of the free market. Patent and copyright are anti-property, anti-market systems designed to protect companies from competition.

Thus, the author here is siding with protectionism and against the market, and Chinese companies who compete with American companies because they have relatively fewer IP laws to shackle them, more more capitalistic. It is true that some American companies whose business model depends on the protection from competition afforded to them by IP law would prefer that other countries, like China, also offer them protections from competition. But this does not mean that such laws make sense.”

Secret central plans

Tangentially related to cybersecurity and hacking is the myth of the secret plan hidden somewhere.  Or rather, the myth that hackers in other countries have of the US — that there is a super secret master plan that directs all activities of the federal government.  This was humorously brushed aside last month by Ezra Klein at the Washington Post, who explained that:

I almost feel bad for the Chinese hackers. Imagine the junior analysts tasked with picking through the terabytes of e-mails from every low-rent think tank in Washington, trying to figure out what matters and what doesn’t, trying to make everything fit a pattern. Imagine all the spurious connections they’re drawing, all the fundraising bluster they’re taking as fact, all the black humor they’re reading as straight description, all the mundane organizational chatter they’re reading.

This weekend Reuters published a story about a cybersecurity program at Jiao Tong university with PLA connections (the same PLA unit in the Mandiat report that made headlines earlier this year).  While formal ties with this college may exist, to be even handed, we should keep in mind that Stuxnet and Flame were designed by the NSA and Israel, to take out Siemens-designed software systems located in Iran.1 However, this raises a number of questions (e.g., when is state-sponsored cyber espionage justified) that detract from the immediate issue at hand.

Some cybersecurity threats are real, others imagined.  Before investing in any domicile be sure to do your due diligence for security threats (even the old-fashioned variety) and speak to a lawyer or risk assessment expert to qualify potential threats.  For more on this hype and cybersecurity, be sure to follow Techdirt and Bruce Schneier.

  1. See Flame and Stuxnet Cousin Targets Lebanese Bank Customers, Carries Mysterious Payload from Wired and Resource 207: Kaspersky Lab Research Proves that Stuxnet and Flame Developers are Connected from Kaspersky Lab []
Send to Kindle