How the CME (un)intentionally weighed in on chain splits

For background, this post assumes you have read some (or ideally all) of the previous posts:

Last year, when the CME first announced that it was considering backing a Bitcoin-related futures product, it also announced the CME CF Bitcoin Reference Rate (BRR).  At the time, the reference pricing data came from the following cryptocurrency exchanges: Bitfinex, Bitstamp, GDAX, itBit, Kraken and OKCoin.com (HK).

As of today, the CME has formally whittled down those six into a smaller group of four exchanges: Bitstamp, GDAX, itBit and Kraken.

They did not publicly disclose why they removed Bitfinex and OKCoin, although we can speculate:

  • It is likely they removed OKCoin because of the laws and regulations around cryptocurrencies in China over the past year included various types of bans.  OKCoin’s mainland spot price exchange for yuan <-> cryptocurrency have been shut down.  OKEX, an international subsidiary of OKCoin, replaced the China-based exchanges on its own index (including OKCoin itself).
  • Bitfinex’s corporate and organizational structure has been described in previous articles.  Even though it has the largest trading volume and is the key player to price discovery, it has a lot of red flags around compliance and transparency (described in the links at the top) that likely made organizations such as the CME uneasy.

It bears mentioning that the proposed Winklevoss COIN ETF also went through a similar evolution in terms of how to price the instrument.  The principals initially created and used the Winkdex.  The Winkdex included many different cryptocurrency exchanges over time, including Mt. Gox and BTC-e.  Eventually, in future amended filings to the COIN ETF, the Winkdex was completely discarded in favor of a daily auction price conducted at an exchange (Gemini) that the principals and creators of the COIN ETF owned and managed.  This is chronicled in a paper I wrote last year.

So what does this have to do with the CME and how did the CME (un)intentionally weigh in on the Bitcoin block size debate?

During the recent Bitcoin Core versus SegWit2X (S2X) political battle, one of the four exchanges that constitute the CME reference rate announced which ticker symbol would be attributed to a specific chain.

GDAX (Coinbase), made the following public announcement on October 25:

In our prior blog post we indicated that at the time of the fork, the existing chain will be called Bitcoin (BTC) and the Segwit2x fork will be called Bitcoin2x (B2X).

Since then, some customers have asked us to clarify what will happen after the fork. We are going to call the chain with the most accumulated difficulty Bitcoin.

We will make a determination on this change once we believe the forks are in a stable state. We may also consider other factors such as market cap and community support to determine stability.

It’s important for us to maintain a neutral position in any fork. We believe that letting the market decide is the best way to ensure that Bitcoin remains a fair and open network.

Note: original emphasis is theirs.

There have been several articles that attempted to track and chronicle what all of the exchanges announced with respect to the ticker symbol and the fork.  At the time of this writing, itBit, Kraken, and Bitstamp have not publicly commented on this specific fork (although they have publicly signaled specific views on other proposed forks in the past).

And this creates a challenge for any financial institution attempting to create a financial instrument that is compromised of a basket of cryptocurrency-specific prices from different, independent cryptocurrency exchanges.

Ignoring the lack of adequate market surveillance for the moment, if there is a future fork and the constituent exchanges that comprise the reference data choose different forks to be represented by the same ticker symbol, this will likely create problems for the financial product.

For instance, in a hypothetical scenario in which a fork occurs, and two of the exchanges comprising the BRR index choose one side of the fork to list as “BTC” and the other two exchanges choose the other fork to also represent “BTC,” because these forks are linked to separate different ecosystems and even economic systems the combination could impact the volatility of the product.

Or in short: there is no universal agreement or consensus from cryptocurrency exchanges comprising the BRR about what the ticker symbol, let alone the chain should be defined as.

Concluding remarks

Over the past several years the primary debate has been around scaling, specifically around block sizes.  What if future forks are fought over changes to transaction fees, money supply, or KYC requirements?  This isn’t idle speculation as these have been proposed in the past with both Bitcoin and other cryptocurrencies (Ethereum Classic  held an event last year to focus on what the future money supply generation rate should be).

Obviously this is a situation the CME (and similar financial institutions) wants to avoid at all costs.

In order to do this, it’ll have to pick a side and either:

a) force an errant exchange on its index to fall in line or lose the free marketing; or

b) ditch it from the index

Either way, as by far the largest player in the market, in doing so it will be governing what Bitcoin is.  Unlike what most Bitcoin promoters often think: traders follow liquidity not the other way around so the CME is likely to become kingmaker in Bitcoin political disputes.  It is going to become a key arm in its governance.  That said, as we have seen before, rather than directly get involved with the tribes and religions of development they might simply defer to the incumbent Bitcoin Core rules — so that they can remain above the politics and out of any legal liabilities.

For more detailed commentary on this topic, be sure to read the articles linked to at the top.  This will be worth re-visiting once the CME and other regulated institutions fully launch their proposed products.

Acknowledgements: special thanks to Ciaran Murray for several insights articulated above.

Send to Kindle

Bitcoin Is Now Just A Ticker Symbol and Stopped Being Permissionless Years Ago

Financial market infrastructure in just one country (Source)

What is FMI?  More on that later.  But first, let’s talk about Bitcoin.

If you aren’t familiar with the Bitcoin block size war and its endless online shouting matches which have evolved into legal and even death threats, then you have probably been a very productive human being and should sell hugs and not wander into a non-stop social media dance off.

Why?  Because tens of thousands of man (and woman) hours have collectively been obliterated over a struggle that has illuminated that Bitcoin’s development process is anything but permissionless.

It also illuminates the poor fiduciary care that some VCs have towards their LPs.  In this case, more than a handful of VCs do not seem to really care about what a few of their funded companies actually produce, unless of course the quarterly KPIs include “have your new Bitcoin meme retweeted 1,000 times once a week.”

In some documented cases, several dozen executives from VC-backed Bitcoin companies have spent thousands of hours debating this size attribute instead of building and shipping commercializable products.  But hey, at least they sell cool hats and built up very large Twitter followings, right?

Fact #1: Satoshi Nakomoto did not ask anyone’s permission to launch, change, or modify the codebase she unilaterally released in 2009.

Fact #2: In 2009, when Satoshi Nakomoto issued and minted a new currency (or commodity or whatever these MLIC are) she did so without asking anyone else’s approval or for their “ack.”

In the approximately seven years since she stopped posting under her pseudonym, influential elements of Bitcoin’s anarchic community have intentionally created a permissioned developer system commonly referred to as the Bitcoin Improvement Proposal (BIP) process.  “Bitcoin Core” is the name for the group that self-selected itself to vet BIPs; involvement is empirically permissioned because you can get kicked off the island.1 There are a small handful of decision makers that control access to the code repository.

For example, if you’re a developer that wants to create and launch a new implementation of Bitcoin that includes different block sizes… and you didn’t get it approved through this BIP process, guess what?  You are doing permissionlessness wrong because you didn’t get permission from the BIP approval committee to do so.

Oh, but you realize that and still want to launch this new Bitcoin implementation with the help of other elements of the community, such as some miners and exchanges?

According to some vocal members of the current BIP approval committee (Bitcoin Core) and its surrogates, this is an attack on Bitcoin.  Obviously this is absurd because there is no de jure or legally defined process for changing or forking Bitcoin, either the chain itself or the code.

There is no terms of service or contract which explicitly states what Bitcoin is and who controls its development process.  Or more historically: if Satoshi didn’t need permission from a (non-existent) BIP approval committee to launch a cryptocurrency, then no other Bitcoin developer needs to either.

Tickers

Fast forward to this current moment in time: if the Bitcoin Cash or Segwit2X forks are an attack on network because either fork did not get ack’ed (approved) by the right people on the BIP approval committee or retweeted by the right “thought leaders” on social media, then transitively every 10 minutes (when a block is generated by a miner) arguably could be an attack on Bitcoin.

Why?  At any time a block maker (miner) could use a different software implementation with different consensus rules.  They, like Satoshi before them, do not need permission to modify the code.

Oh, but other miners may not build on top of that block and some exchanges may not recognize those blocks as “legitimate” Bitcoin blocks?

That is certainly a risk.  In fact, several exchanges are now effectively white listing and black listing — permissioning — Bitcoin-related blocks.

For instance, Bittrex, a large crypto-to-crypto exchange, has said:

The “BTC” ticker will remain the Bitcoin Core chain before the hard fork block. Bittrex will observe the Bitcoin network for a period of 24 to 48 hours to determine if a chain split has occurred and the outcome.

In the event of a chain split, “BTC” will remain the existing Bitcoin chain with 1 MB blocks until the industry and ecosystem demonstrates a clear chain preference for Bitcoin.

Bitfinex, the largest (and most nebulous) cryptocurrency exchange in the world, took this even further by stating:

The incumbent implementation (based on the existing Bitcoin consensus protocol) will continue to trade as BTC even if the B2X chain has more hashing power.

After heavy public (and private) lobbying by members and surrogates of Bitcoin Core, other exchanges have instituted similar policies favoring the incumbent.2  So what can alternative implementations to do?  Bend the knee?

Daenerys Targaryen, Breaker of Chains

Historically miners have built on the chain that is both the longest and also has the most accumulated difficulty… and one that has enough profitability to pay for the electricity bills.  It just happens that this collective block building activity is never called an “attack” because in general, most participants have been happy enough with the status quo.

Visions of what Bitcoin is and how it should be defined have clearly, empirically shifted over time.  But since this network was purposefully designed to be self-sovereign and anarchic — lacking contracts and hooks into any legal system — no one group can claim legitimacy over its evolution or its forks.

As a result, recent war cry’s that Segwit2X is a “51% attack” on Bitcoin are a red herring too because there is no consensus on the definition of what Bitcoin is or why the previous block – in which approximately 51% of the hashrate created a block – is not an attack on Bitcoin. 3

This has now morphed into what the “BTC” ticker on exchanges represents.  Is it the longest chain?  The chain with the most accumulated difficulty?  The chain maintained by Bitcoin Core or now defunct NYA developers?  If a group of block makers can build blocks and exchanges are willing to list these coins as “BTC” then that specific chain has just as much legitimacy as any other fork other miners build on top of and exchanges may list.

Furthermore, if the BIP approval committee gets to say what software miners or exchanges should or should not use (e.g., such as increasing or decreasing the block size), that could mean that existing network is a managed and even administered.  And this could have legal implications.  Recall that in the past, because block making and development were originally separate, FinCEN and other regulators issued guidance stating that decentralized cryptocurrencies were exempt from money transmission laws.

Despite what the trade associations and Bitcoin lobbying groups would like the narrative to be, I recently published an article that went into this very topic in depth and have publicly asked several prominent “crypto lawyers” to provide evidence to the contrary (they have yet to do so).  An argument could be made that these dev groups are not just a loose collective of volunteers.

Financial market infrastructure

I’m not defending S2X or XT or Bitcoin Unlimited.  In fact, I have no coins of any sort at this time.

But even if you don’t own any bitcoins or cryptocurrencies at all, the block size debate could impact you if you have invested in the formal financial marketplace.

For example, if and when the CME (and similar exchanges) get CFTC approval to list cryptocurrency-related futures products and/or the NYSE (and similar exchanges) get SEC approval to list cryptocurrency-related ETFs, these products will likely result in a flood of institutional money.

Once institutions, regulators, and sophisticated investors enter the picture, they will want to hold people accountable for actions.  This could include nebulous “general partnerships” that control GitHub repositories.  Recall, in its dressing down of The DAO, the SEC defined the loose collective building and maintaining The DAO as a ‘general partnership.’  Is Bitcoin Core or other identifiable development teams a “general partnership”?

Maybe.  In fact, the common refrain Bitcoin Core and its surrogates continually use amounts to arguments in favor of a purported natural monopoly.

For instance, Joi Ito, Director of MIT’s MediaLab, recently stated that:

“We haven’t won the battle yet. [But] I think the thing that is interesting is that Bitcoin Core has substantially more brain fire power than any of the other networks.”

This is problematic for a couple reasons.

First, Joi Ito is not a disinterested party in this debate.  Through Digital Garage (which he co-founded) it has invested in Blockstream, a company that employs several influential Bitcoin Core devs.4  Ignoring the potential conflict of interest, Ito’s remarks echo a similar sentiment he also made last year, that Core is basically “The Right Stuff” for NASA: they are the only team capable of sending humans into space.

But this is an empirically poor analogy because it ignores technology transfer and aerospace education… and the fact that multiple countries have independently, safely sent humans, animals, and satellites into space.

It also ignores how competitive verticals typically have more than just one dominant enterprise: aerospace, automobiles, semiconductor manufacturers, consumer electronic manufacturers (smart phones), etc.  Each of these has more than one company providing goods and services and even usually more than just one product development team developing those.  Intel, for example, has dozens of design teams working on many new chips at any given time of the year.  And they are just one of the major semiconductor companies.

Even in the highly regulated markets like financial services there is more than one bank.  In fact, most people are unaware of this but banks themselves utilize what is called “Core Banking Software” and there are more than a dozen vendors that build these (see image below).

It is a bit ironic that Bitcoin Core seeks to have a monopoly on the BIP process yet even banks have more than one vendor to choose from for mission critical software securely managing and processing trillions of dollars in assets each day.5

On the enterprise (non-anarchic) blockchain side of the ecosystem, there are well over a dozen funded teams shipping code, some of which is being used in pilots by regulated institutions that are liable if a system breaks.  Note: this is something I discussed in my keynote speech (slides) at the Korea Financial Telecommunications and Clearings Institute last year.

But as one vocal Core supporter in a WeChat room recently said, Bitcoin Core is equivalent to Fedwire or Swift, there is only one of each; so too does it make sense for only one Bitcoin dev team to exist.

Firstly, this conflates at least four different things: a specific codebase, with permissioned dev roles, with acceptance processes, with a formal organization.

It is also not a good analogy because there are many regulatory reasons why these two systems (Swift and Fedwire) exist the way they do, and part of it is because they were either setup by regulators and/or regulated organizations.  In effect, they have a bit of a legally ring-fenced marketplace to solve specific industry problems (though this is somewhat debatable because there are some alternatives now).6

If this supporter is equating Core, the codebase, with real financial market infrastructure (FMI), then they should be prepared to be potentially regulated.  Bitcoin Core and many other centralized development teams are comprised of self-appointed, vocal developers that are easy to identify (they have setup verified Twitter accounts and attend many public events), so subpoenas and RFI’s can be sent their way.

As I mentioned in my previous article: with great power comes great accountability.  Depending on the jurisdiction, Core and other teams could end up with regulatory oversight since they insist on having a monopoly on the main (only) implementation and process by which the implementation is managed.7

Remember that Venn diagram at the very top?  The companies and organizations that manage FMI today for central banks (RTGSs), central securities depositories (CSDs), and other intermediaries such as custodians and CCPs, have specific legal and contractual obligations and liabilities.

Following the most recent financial crisis, the G-20 and other counties and organizations established the Financial Stability Board (FSB) to better coordinate and get a handle on systemic risks (among other issues).  And while the genesis of the principles for financial market infrastructures (PFMI) had existed prior to the creation of the FSB, how many of the international PFMI standards and principles does Bitcoin Core comply with?

Spoiler alert: essentially none, because Satoshi intentionally wasn’t trying to solve problems for banks.  So it is unsurprising that Bitcoin isn’t up to snuff when it comes to meeting the functional and non-functional requirements of a global payments platform for regulated institutions.  Fact-check me by reading through the PFMI 101 guide.

When presented with these strong legal accountability and international standards that are part and parcel with running a payment system, there is lots of hand waving excuses and justifications from Core supporters (and surrogates) as to why they are exempt but if Core wants to enforce its monopoly it can’t have it both ways.  Depending on the jurisdiction they may or may not be scrutinized as FMI.

But in contrast, in looking at the evolution and development of the enterprise chain ecosystem – as I described in multiple previous articles – there are valuable lessons that can be learned from these vendors as to how they plan to operate a compliant network.  I recall one conversation with several managing directors at a large US investment bank over a year ago: maybe the enterprise side should just have CLS run a blockchain system since they have all the right business connections and fulfill the legal and regulatory check boxes.

Note: CLS is a very important FMI operator.  Maybe existing FMI operators will do just that.  Speaking of which, will Bitcoin Core (or other dev teams) apply to participate with organizations like the FSB that monitor systemically important financial institutions and infrastructure?

Angela Walch has argued (slides) that the some coders, especially of anarchic chains, are a type of fiduciary.8  Even if this were not true, many countries have anti-monopoly and anti-trust laws, with some exceptions for specific market segments and verticals.  There are also laws against organized efforts involved in racketeering; in the US these are found within the RICO Act.

Watch the Godfather trilogy

I haven’t seen a formal argument as to why Core or other development teams could meet the litmus test for being prosecuted under RICO laws (though the networks they build and administer are frequently used for money laundering and other illicit activity).  But trying to use the “decentralization” trump card when in fact development is centralized and decisions are made by a few key individuals, might not work.

Look no further than the string-pulling Mafia which tried to decentralize its operations only for the top decision makers to ultimately be held liable for the activities of their minions.9  And using sock puppets and pseudonyms might not be full-proof once forensic specialists are brought in during the discovery phase.10

Concluding remarks

Based on observations from how Bitcoin Core evolved and consolidated its power over time (e.g. removing participants who have proposed alternative scaling solutions), the focus on what Bitcoin is called and defined has landed in the hands of exchanges and really just highlights the distance that Bitcoin has walked away from a “peer-to-peer electronic cash” that initially pitched removing intermediaries.  To even care about what ticker symbol ‘Bitcoin’ is on an exchange is to acknowledge the need for a centralized entity that establishes what the “price” is and by doing so takes away the bitcoin holder’s “self-sovereignty.”11

While the power struggles between various factions within the Bitcoin development community will likely rage on for years, by permissioning off the development process, Bitcoin Core (and any other identifiable development groups), have likely only begun to face the potential regulatory mine field they have foisted on themselves.12

Historically blockchain-based systems have and still are highly dependent on the input and decision-making by people: somebody has to be in charge or nothing gets done and upgrades are a mess.  And the goal of appointing or choosing specific teams on anarchic chains seems to be based around resolving political divisions without disruptive network splits.13

The big questions now are: once these teams are in charge, what will governments expectations be?  What legal responsibilities and regulatory oversight will the developers have?  Can they be sued for anti-trust and/or RICO violations?  With billions of dollars on the line, will they need to submit upgrade and road map proposals for approval?

Endnotes

  1. Examples of developers who were removed: Alex Waters, Jeff Garzik, Gavin Andresen []
  2. Thanks to Ciaran Murray for identifying these exchanges. []
  3. Bitcoin mining is in fact based on an inhomogeneous Poisson process; a participant could theoretically find a block with relatively little hash rate.  Although due to the probabilities involved, most miners pool their resources together to reduce the variance in payouts. []
  4. According to one alleged leak, Digital Garage is testing Confidential Assets, a product of Blockstream. []
  5. According to a paper from the Federal Reserve: payment, clearing, and settlement systems in the United States “process approximately 600 million transactions per day, valued at over $12.6 trillion.” []
  6. On AngelList, there are about 3,400 companies categorized as “payments” — most of these live on top of existing FMI, only a handful are trying to build new independent infrastructure. []
  7. A key difference between Bitcoin and say Ethereum is that with Ethereum there are multiple different usable implementations managed by independent teams and organizations; not so with how Bitcoin has evolved with just one (Bitcoin Core) used by miners.  In addition, the Ethereum community early on formally laid out a reference specification of the EVM in its yellow paper; Bitcoin lacks a formal reference specification beyond the Core codebase itself. []
  8. See also The Bitcoin Blockchain as Financial Market Infrastructure: A Consideration of Operational Risk from Angela Walch []
  9. Thanks to Stephen Palley for providing this observation. []
  10. It is unclear why the current Bitcoin Core team is put onto a pedestal.  There are many other teams around the world building and shipping blockchain-related system code used by companies and organizations (it is not like there is only just one dev team that can build all databases or operating systems).  At the time of this writing Core has not publish any papers in peer-reviewed journals and many of them do not have public resumes or LinkedIn profiles because they have burned business and professional relationships in the past.  Irrespective of what their bonafides may or may not be, it is arguably a non sequitur that ‘permissionless’  coordination in open-source code development has to lead to a monopoly on said development. []
  11. Thanks to Colin Platt for this “appeal to authority” observation. []
  12. Bitcoin stopped being permissionless when developers, miners, and exchanges needed to obtain permission to make and use different code.  And likely there are and will be more other cryptocurrency development teams that follow that same path. []
  13. For an informed contrarian view on governance and distributed ledger technology, see The blockchain paradox: Why distributed ledger technologies may do little to transform the economy by Vili Lehdonvirta []
Send to Kindle

Who are the administrators of blockchains?

[Note: I neither own nor have any trading position on any cryptocurrency.  I was not compensated by any party to write this.  The views expressed below are solely my own and do not necessarily represent the views of any organization I advise.  See Post Oak Labs for more information.]

On All Hallows’ Eve in 2008, an anonymous person (or group of persons) posted a short technical whitepaper on an obscure mailing list about a new virtual coin-based online-only payment system they had been designing for the last eighteen months.1 Several months later, in January 2009, this same person posted the code that created the functionality described in the whitepaper and began minting this new virtual currency.  Less than two years later, the creator walked away from the project and without ever revealing their real identity.

The creator likely stayed anonymous for a variety of reasons, including the fact that by creating and administering a new payment system they may have been violating money transmission laws in multiple countries.2 Despite multiple hoaxes, we still don’t know who this anonymous person was.  But their system – like the Ship of Theseus – continues to exist in a form referred to as Bitcoin.

But before getting to that part of the saga, let’s look at May 2013.  At the end of that month, US federal agents raided a Costa Rica-based company called Liberty Reserve due to money laundering violations (along with a list of other crimes).  Liberty Reserve was a centralized payment platform that marketed to its users the ability to anonymously send funds to one another.

According to the BBC:

The US Justice Department said the scheme had been used to process 78 million transactions with a combined value of $8bn (£5.5bn) – many of which were related to hiding the proceeds of credit card theft, identity fraud, hack attacks and Ponzi scam investment schemes.

Last year the founder of Liberty Reserve, Arthur Budovsky, was convicted and sentenced to twenty years in prison.  Several other insiders also received sentences.  Liberty Reserve had more than 5 million users including more than 200,000 in the US — it is unclear at this time if any of the users are being prosecuted.

According to some cryptocurrency fans, Liberty Reserve’s big blunder was that they attached their legal names to the payment processing enterprise.

But this misses the point.  If you play with a highly regulated industry such as financial services, be prepared for the existing stakeholders such as regulators and law enforcement to increasingly scrutinize your operations as they detect familiar activities, such as the marketing and sale of securities or operating a payment platform.

Cypherpunk cosplay uniform (mostly worn online)

If you spend your weekends cosplaying online as a cypherpunk and yet voluntarily sit on-stage wearing a name tag with your real name at public events and promote financial products and financial market infrastructure to the world at large, consider that there may be people who later watch these videos stored on Youtube. In its report on The DAO, the SEC cited two specific Youtube videos including one from Slock.it, the creators of The DAO.  Recall that Slack stores everything, including your private pump and dump strategies.  If you used cloud-based email, there is a non-zero chance that your successful solicitations and payola to coin media could be discovered after the cloud provider receives a subpoena.

What does this have to do with blockchains?  Below we discuss a few ideas that tie in with money transmission and payment processing.

“Core” development teams

Let me state from the onset that I am unaware of any current or potential criminal or civil cases specifically against developers of cryptocurrency networks.  Furthermore, regulators and law enforcement may not view development teams as administrators at all.  I am not a lawyer and this is not legal advice.

What are administrators?  At a very high level, in the United States, according to guidance published in March, 2013 by FinCEN:

An administrator is a person engaged as a business in issuing (putting into circulation) a virtual currency, and who has the authority to redeem (to withdraw from circulation) such virtual currency.

The rest of the March guidance goes into a little more detail of what administrators are with respect to money exchange itself.

For the purposes of this article, and without diving too much into the technical weeds, let’s consider this hypothetical:

Bob forks/clones Bitcoin in a new GitHub repo that he alone has commit access to.  While other people can submit suggested changes, he alone has commit access to make any changes to the code.  He likes his privacy so he doesn’t actively advertise or market the repo or coin or tell anyone who he is.  And then sets up one mining node, initiates the genesis block, and begins Day 1 of Bobcoin.

Is Bob an administrator?  If so, at what point does he stop being an administrator?  When there are more than one mining nodes in operation?  When more than one developer has commit access?

That’s a decision that regulators and law enforcement will need to make but from this cursory bit of detail, Bob clearly issued his own virtual currency.  Can he redeem it?

Perhaps.3  Either way, he could unilaterally change the code and annul previous or future coins/transactions.  He could change the money supply schedule, doubling or halving it if he so pleased.   He could make a new rule that says block sizes should be arbitrarily larger or smaller.  He could make a new version that separates the digital signatures from other data in the block.  He could change the required transaction fee.  He could add functionality such as P2SH.  He could change how the difficulty setting adjusts.  And so forth.

Even if other participants added computers and joined the Bobcoin network and diluted Bob’s mining hashrate, if the new participants solely rely on the code in his GitHub repo (e.g., are unaware of and/or do not use alternative implementations of Bobcoin code), then Bob remains very influential and could still directly make changes to the network.

Does being very influential — controlling the code repo to a financial network — constitute “administration”?  Arguably yes, but there should be some objective measuring sticks as to what these attributes are (e.g., how many different people have commit access to a repo for financial market infrastructure).

In the proof-of-work-based cryptocurrency world today, we have observed a stark 180 logistical change from Bitcoin in 2009.  Whereas originally all nodes were miners and vice versa, today you have a permanent bifurcation between: fully validating nodes and the mining process itself (hash generation process).  Similarly, many participants in the market, including dozens of developers and miners, use their real legal identities through the use of verified social media accounts and the speaking circuit at fintech events.  They are no longer pseudonymous.

In order for participants to coordinate and administer these types of networks, they did not necessarily need to reveal themselves.  In fact, we still don’t know who many of the original creators of various cryptocurrency networks are that are still in operation (who is BCNext?).  But because many have publicly identified themselves, they could be served with legal process and held responsible if legally liable: hiding behind pseudonymity or anonymity is no longer an option for them.

To borrow a phrase that has been recently used by several regulators, will it come down to the “facts and circumstances” to determine whether or not an entity such as a mining pool operator or core development team is a money service business or fiduciary? 4

Either way, popular euphemisms commonly used by cryptocurrency promoters and lobbyists include supposedly supporting “open” or “public” blockchains – several feelgood words – but as we empirically observe, in many cases these networks are not open to the general public: either as an actual validator or as a developer.  Access can become gated by a clique who determines who can be involved.5

In December 2015, the individuals in the photo above allegedly represented about 90% of the Bitcoin network hashrate: Source

Command and control

According to some, the Bitcoin network is viewed as a “third party payment processor” and because no one single entity administers the network it meets FinCEN’s exemptions.6  Thus, the argument goes, cryptocurrency network creators do not need to obtain a money transmitter license in the US because each activity is separate and run by a different group of participants who meet some kind of legal or regulatory exemption.7

This may have been the case in 2009 and 2010 prior to mining pools and dedicated development teams but it may not stand up to closer scrutiny in 2017.

For instance, over the past couple of years there has been this phenomenon called the “block size” debate.  Rather than go into the different camps and what they want or demand, let’s look at how various participants actually behave and act.

To begin with, let’s look at mining.

As mentioned above, mining in 2017 is different than it was in 2009.  Whereas mining initially meant (1) validation back to the genesis block and (2) generating proofs-of-work (hashes), these two processes are fully separated today.8

Today mining pool operators pick and choose which transactions to include into blocks and validate the chain they are building their blocks, is the chain they intended to do so on.  They can (and do) censor transactions.  For a pre-arranged fee, some will include your transaction before including others, including transactions from the mining pool operator itself.  Mining pools in turn pay miners (those with hash generating equipment) a share of the block reward for the work they do.  Note: miners (hash generators) themselves do not validate blocks and in fact, the machines they use are comprised of ASIC chips, are incapable of doing anything other than some simple multiplication — they can’t even run the software needed to validate the chain, let alone software like Excel.

There is a third stake holder in the mining process; infrastructure managers, who own and operate (or lease) the physical infrastructure that houses the equipment for miners.  Very little has been published on these participants (in English) because most of this infrastructure is managed in countries where English is not the mother tongue.9 These participants negotiate electrical rates and sometimes help install and operate the electrical equipment (transformers and wiring) at the various mining facilities (or outsource and manage that to someone else).

Now let’s look at the software implementation commonly used by many Bitcoin mining pools, called Bitcoin Core.  Until very recently, most mining pools ran a reference implementation of what is called the Bitcoin Core implementation of Bitcoin.  That is to say, the software running their node which builds and validates blocks, comes from a repository managed by a collective describing itself as Bitcoin Core.  This software was originally called the “Satoshi client” (Bitcoin-Qt) and has been renamed a few times along the way to its current name of Bitcoin Core.

In October, 2017 one common refrain from the camp that collectively identifies itself as Bitcoin Core, is that miners do not ultimately operate Bitcoin.  They argue that hashrate follows price and price follows the chain that is best maintained by the best developer team.  This is empty rhetoric.  We know that there are three entities involved in mining: mining pools, hash generators, infrastructure managers.  We know their key importance because they have been lobbied non-stop by many different stakeholders (such as Bitcoin Core and Bitcoin Classic) over the past several years including both open and closed door events on multiple continents.  They have been asked to sign agreements.  And then have seen those same agreements broken.  If miners are not important, they would not be lobbied or demonized at all: they would be ignored entirely.1011

Bitcoin Core is especially interesting because Bitcoin Core proponents claim it does and does not exist.  It is a bit like Schrodinger’s cat: Core exists when it is convenient for its proponents (like rallying supporters to denounce an alternative implementation) but does not exist when it encounters accountability or responsibility for its collective decisions or the decisions made by its surrogates.

Bitcoin Core maintains a website, a verified Twitter profile, Slack and other media channels.12 It even has a public team page of some of the contributors.  It is unclear how they precisely coordinate, but they work closely together with the owners and maintainers of Bitcoin.org and Bitcoin Core GitHub repo.  Note: Bitcoin.org, Bitcoin Talk and /r/Bitcoin are all controlled by the same individual, “theymos.”13 The other channels are owned and controlled by a set of unknown participants.  This collective does not have any known trademarks or copyrights at this time.  While no one has yet identified the actual decision makers, Bitcoin Core has multiple surrogates who are publicly known and actively engaged in media.

When there are disputes over decisions, some individuals who have identified themselves on the Bitcoin Core contributor list, will come out defending Bitcoin Core.  This includes asking for Bitcoin Core alleged lookalikes and doppelgangers to stop existing.  Schrodinger’s cat strikes again: Bitcoin Core wants to own the term Bitcoin Core on social media so that others can’t use it, but do not want the accountability when the collective or someone from the collective makes a decision.  Whose identification documents were used to create a verified Twitter (KYC’ed) account?  What about the web domains?  Those people are arguably actual representatives of the collective.

Bitcoin Core does not have a trademark on the Bitcoin logo, the Bitcoin ticker symbol, etc.  The original code base was released under an MIT License and “Satoshi Nakomoto” is still the copyright owner.14 Tibanne KK (the parent company of Mt. Gox) actually has a trademark on “Bitcoin” in the UK; although since the logo was originally placed in the public domain it is unclear if Tibanne can enforce these claims.  While the representatives and surrogates of Bitcoin Core argue over alternative implementations, if the entity called Bitcoin Core sued, this could open them up for a few things:

  1. they might need to incorporate in order to have legal standing;15
  2. they’d likely have to reveal their legal names (who is the verified Twitter entity?);
  3. they could be liable for complying with state, federal and international laws around operating financial market infrastructure.

Some developers want the power to control a code repo but not the accountability that comes with it.   Source: Spider-Man

Note: if you have a few moments, Angela Walch has a great paper on this topic worth reading.  Recall one of the common refrains from multiple full-time cryptocurrency developers is that they must be conservative in how they upgrade the chain they are working on, “as billions of dollars are at risk.”  These statements are arguably self-incrimination for being a fiduciary.16

It is unclear if Bitcoin Core itself will remain pseudonymous to avoid lawsuits and countersuits.  But recall, no one currently owns “Bitcoin” — the network itself is a public good, a commons.  However, Bitcoin Core does control the GitHub repo and tightly controls the commit access, occasionally removing those that do not align with their political views.17

What is the big deal?  Isn’t this software similar to a browser?

No.  The several thousand ISPs that are connected to each other forming “the Internet” are not dependent on the existence of Firefox or Internet Explorer or any browser.  These ISPs use protocols which are developed and managed by various non-profit and for-profit entities, some with clearer governance than others (like ICANN and IETF).  Network traffic will continue to flow irrespective of what browser is being used.

Bitcoin Core (the software) is not like a browser.18  If it was, the miners could simply switch out and use a different implementation and then start building blocks based on this new implementation.  But as noted above, miners have been lobbied not to use anything but Bitcoin Core or face the consequences if they did.  For instance, this past spring a group of Bitcoin Core affiliated developers threatened to change the proof-of-work mechanism.  These same developers even created a Twitter account (hence deleted) and still maintain a website dedicated to promoting this change.

With threats like this, arguably miners aren’t really free to choose what implementation to run.  To use Walch’s description, Bitcoin Core (and other identifiable developer teams) could arguably be a fiduciary if not an administrator.

bitfury

Source: Twitter

George Kikvadze is an executive and vice chairman of BitFury, a large Bitcoin mining company based in the Republic of Georgia.  Seven months ago he tweeted the statements above in reaction to a Bitcoin Core developer that threatened to change the proof-of-work algorithm used in Bitcoin in order to punish miners for using non-Bitcoin Core code.

Neither threat was carried out but this scenario raises interesting questions: if representatives of Bitcoin Core (or other development teams) who had commit access did change the proof-of-work mechanism to something the ASIC miners that BitFury designed was no longer capable of monetizing, is Bitcoin Core (or other developer teams) itself liable for the loss in revenue suffered by BitFury and other miners?  Is it just the person who submitted the documents to get a verified Twitter account?

No terms of service

One of the fundamental challenges for any anarchic chain is coming to agreement on defining the chain in the first place.19 What is Bitcoin?  Is it the chain with the most proof-of-work?  The longest chain?  The one that gets the most retweets?  The one with the most starred repo on GitHub?

As I mentioned in a paper a couple years ago (Appendix A), because there is no de jure process to handle governance issues, the various communities and tribes rallying and fighting around their disparate visions must rely on ad hoc de facto processes, much of which spills over onto social media

Fundamentally there does not appear to be any contract rights involved in using or operating Bitcoin (the network).  Who do users have contractual relationships with?  If someone does, then you could theoretically sue them.  But there is not even a click-through agreement or EULA when downloading Bitcoin Core (or any other alternative implementation).

This is relevant because earlier this month there were several Bitcoin Core contributors and surrogates, some of whom used their real names, claimed that alternative implementations such as Bitcoin Segwit2X (and its developers) could be violating the Computer Fraud and Abuse Act in the event that Segwit2X successfully creates a new fork next month.

If the CFA Act or money transmission laws are being broken post-Segwit2X then they are probably being broken now because of how various forks and updates are currently rolled out by developers and miners.  While it is unclear if any regulators or law enforcement would see the interpretation of the CFA Act the same way as Bitcoin Core representatives do, this hypothetical legal threat raises a few interesting points:

  1. What legal standing does anyone have in the event of a fork on an anarchic chain?  Code is not law.
  2. What country has jurisdiction and who has contractual relationships with one another?
  3. Would such a lawsuit create precedence or chilling effect on anyone wanting to fork/clone code in the future?  Who is liable for orphaned blocks?
  4. What happens in the event of an accidental fork like the one in March 2013?

By pushing any interpretation of the CFA Act onto anarchic cryptocurrency networks, it could create interesting legal precedents for Bitcoin Core because once the government gets involved in deliberating which fork is and is not legitimate or which miners can or cannot participate, then you no longer have a pseudonymous anarchic network.  Recall there was no EULA or Terms of Service on purpose when Bitcoin was launched years ago.

Another recent example, a Bitcoin Core surrogate who used his real name, publicly asked the New York State Department of Financial Services (DFS) to look into Coinbase’s support of Segwit2x.  Does Coinbase violate the BitLicense for supporting one chain versus another?  Last month a Bitcoin Core contributor who also used his real name, penned a letter to the SEC about why it should not approve an ETF because the company applying for it supported Segwit2X, an alternative Bitcoin implementation.20

A couple weeks later the same author of the SEC letter publicly said:

But, yea, lets be clear, I dont know a singla significant contributor to Core who will ever work on btc1/Segwit2XCoin. If all the miners switch over, most likely some folks will buy hashrate and there will be a Bitcoin chain again to work on. If, somehow inexplicably, the entire community gives up on Bitcoin and uses 2xCoin, then most likely the vast majority of Core contributors will just move on to something other than Bitcoin, though given how 2x has been going, I find that highly, highly unlikey.

The term “2XCoin” is intended to be an inside baseball pejorative towards the developers and supporters of Segwit2X.  Other Core developers have publicly stated that other Core developers will walk away from (quit) the project if an alternative implementation successfully creates a fork.

Another common war cry during the summer was that Bitcoin Cash, a fork and airdrop of Bitcoin up to a certain block height, “was an attack on Bitcoin.”  This statement raises a number of questions:

(1) there are multiple existing forks of Bitcoin that continue to exist (such as Bitcoin Dark), were these also attacks on Bitcoin?  Where is the passionate uproar against the dozens of Bitcoin clones and forks including the ones that used line-for-line the same code but simply rebranded?

(2) Bitcoin needs to first be defined, since there is no 100% consensus or agreement on what it is (longest chain?) or even agreement on how to measure consensus, to prove that there is an attack you would need to at least agree on what Bitcoin is and what exactly was attacked.  Since Bitcoin was designed from the outset to be forked and for those with the most hashrate to decide what is and is included in a block — and the rules therein — how is Bitcoin Cash any different in terms of legitimacy than Bitcoin?

If there is a regulatory arbitrator stating which fork is the legitimate legal one, you have a permissioned network.  And I truly could talk all day about those because I popularized that term with this (now dated) paper more than two years ago and currently advise a couple companies involved in building those.  Inquire within!

The tactics used by different cryptocurrency tribes versus others is not new.  In fact, if you look as recent as the 1960s, during the Cultural Revolution in China there were struggle sessions in which the accused (class enemies) were captured and dragged out in front of the public and denounced for crimes that they didn’t commit.21

We see this type of behavior in the cryptocurrency world on a monthly basis, just look at the “Antbleed” hatchet job.  This was a manufactured controversy and coordinated attempt to discredit a company (Bitmain) that had publicly spoken out against one specific Bitcoin implementation in favor of another.2223 Nearly six months later, the original accusations (of covert usage) are still unproven yet some of the promoters of this theory, several of which who are affiliated with Bitcoin Core, continue to attack anyone who stands in the way of their own vision.  Many elements in the community thrive on both real and fake controversy in order to stay relevant: it is in a state of permanent lynching mode.

Other cryptocurrency chains

Lest I be accused of picking favorites, I should point out that future researchers could create an infographic depicting how all chains evolved over time.24

Below is a non-exhaustive list of other chains that have highly coordinated behavior between influential persons that look administrator-like:

  • Dash Core: run by a company (with a CEO no less); can identify the major participants involved and how they coordinate to make changes; they sponsor events and attempt to speak on behalf of the community while making any upgrades; they run various social media accounts
  • Ethereum Classic: this small community has held public events to discuss how they plan to change the money supply; they video taped this coordination and their real legal names are used; only one large company (DCG) is active in its leadership; they sponsor events; they run various social media accounts
  • Bitcoin Cash: an airdrop based on Bitcoin prior to a certain block height; can identify the major participants involved and how they coordinate to make changes; they run various social media accounts and events
  • Bitcoin Segwit2X: can identify the major participants involved and how they coordinate to make changes; they have met to formalize this process in multiple meetings including the New York Agreement (NYA); they run various social media accounts and claim to be the equivalent of Bitcoin Core
  • Bitcoin XT: defunct, in its terms they explicitly said one set of named individuals would be administrators
  • Litecoin: leaders are self-doxxed; have a formal Foundation as well; they run various social media accounts and events
  • Dogecoin: leaders are self-doxxed and publicly coordinated merged mining with Litecoin three years ago; there have a formal Foundation; they run various social media accounts
  • Ethereum: can identify and name specific people in the Ethereum Foundation and mining community who publicly coordinated several hard forks; these stakeholders sponsor public events and code changes; they run various social media accounts; the Ethereum Foundation has a registered trademark
  • Bitcoin Gold: an upcoming airdrop based on Bitcoin prior to a certain block height; can identify the major participants involved and how they coordinate to make changes; they run various social media accounts
  • Zcash: this was created by a company (Zerocoin Electric Coin Company); can identify and name specific people in the Zcash Foundation and mining community who publicly coordinate updates; these stakeholders sponsor public events, grants, and code changes; they run various social media accounts
  • Bitcoin: before Bitcoin Core consolidating itself, there was The Bitcoin Foundation which attempted to speak as the voice of Bitcoin… then it pretty much went morally and financially bankrupt
  • Dozens if not hundreds of others

Whereas the Bitcoin creator “walked away” (or is he lurking in the CoinDesk comment section?) most ICO issuers could have the same legal problems described above.  Even ignoring the issuance of unregistered securities through ERC20 and ERC20-like standards, many of these these ICO coins and tokens were centrally issued and administered.

One reviewer singled out Factom, Tierion, Ripple, and Stellar as well, but these communities have slightly different nuances worth looking into independent of this article.  It bears mentioning that Ripple was penalized and settled with FinCEN in May 2015, but this was due to non-compliance with BSA requirements with respect to not filing suspicious activity reports (SAR) from a side fund it operated. 25 It was not about operating the nodes on the network.26 Furthermore, centralized issuance and operation of a network through watermarked tokens (e.g., Counterparty, Omni (Mastercoin), all colored coins) is still taking place today (see Tether).

This is not to say that you shouldn’t create a cryptocurrency nor a foundation.  There are likely ways to create a new cryptocurrency and structure its governance in a legally compliant (or exempt) manner.

But some of those who issued a cryptocurrency which they centrally operate and mint could be on thin ice depending on how strict regulators and law enforcement are.27 Maybe they aren’t strict at all.

If it is centrally administered for 2 minutes versus 2 hours versus 2 years (like Satoshi did), at what point is that line crossed?  What about a network like Stellar that was originally decentralized and then in an emergency, centralized (running off of one node) due to a break in its consensus mechanism?  The Stellar organization itself operated the single validation node for months before re-decentralizing.  That is clearly administering a network especially since they issued lumens to begin with (lumens are the native currency of the Stellar network).

Forks as securities

A friend of mine that is the CEO of a Bitcoin-focused company recently hired an attorney to look at the upcoming Bitcoin Segwit2X (S2X) fork proposal and thinks there could be an argument that the fork is a security based on the Howey test.

His rationale is the following, reused with his permission:28

  • S2X is a common enterprise based on the efforts of the signers of the NYA
  • Many of the signers of the NYA have long touted the benefits and profit expectations of increasing the block size
  • S2X was assembled by a promoter/ third party: the organizers of the NYA and its signers
  • Anyone who purchased bitcoin between May 2017 and the fork date is an investor, in particular if that person bought bitcoin in anticipation / expectation of the fork

If this is true, then you could likely insert and replace S2X and NYA with various cryptocurrency developer groups (including Litecoin, Ethereum, Ethereum Classic, Bitcoin Core, Bitcoin XT and others listed in the section above) and just modify the date to argue that each of these coordinated efforts is effectively a common enterprise seeking to profit from the expectations of X, Y, or Z features.  It could be smaller or bigger blocks, sidechains, slower or faster block generation times, etc.  In other words, if Segwit2X is a security, then arguably many coordinated “soft” and “hard” forks are.29

At this time, in the US, neither the SEC nor CFTC have publicly issued their position on how a fork falls within their scope and mandate.30

However, if any regulator or court does formally publish guidance or a ruling siding with a specific fork, the cryptocurrency community will have institutionalized permissioned-on-permissionless chains.  An expensive contradiction.

Relevancy towards enterprise chains

Since you do not need proof-of-work to maintain all blockchains, enterprise focused blockchain and DLT-related companies (commonly referred to as private or permissioned chains) typically started off with the realization a couple years ago that:

  1.  In order for changes and upgrades to take place on a decentralized network, some clear governance needs to be created to manage that process;
  2.  Network validators, the nodes involved in validating transactions, would be run via known, identifiable (KYC’ed) operators who had specific contractual obligations that ultimately would rely on courts as arbiters (e.g., if there is a fork, only one chain would be deemed the legitimate de jure chain);
  3.  If an entity formally governs one of these networks it is likely that it would also be regulated under existing laws and regulations;
  4.  If an entity or group of entities has the power to coordinate and unilaterally make these changes at will without legal recourse, then this could be a single point of failure that could be abused.  How to design a network that prevents this security hole from forming yet comply with existing laws and regulations all while providing recourse to the users in the event of disputes arising?

Note: all of the vendor platforms have their own differences and nuances; from an architectural standpoint they cannot all be lumped together as a monolithic entity.

But in this case, many of these companies took roughly the same tact: one which attempts to hold validating parties accountable ultimately through the existing legal system (via contracts and if need be courts).  As a result, so far the vendors have generally gotten to bypass most of the drama around factional in-fighting described above.  But each vendor still has their own challenges ahead.  Once an enterprise chain’s mainnet is turned on in production and real value is being moved across their network, whoever administers and operates the network(s) could be legally liable for complying with a whole slew of regulations from multiple different jurisdictions.

That is why some operating models involve banks or other existing financial institution running the validating nodes — because they already have the necessary licenses and compliance structures put in place. That is also why some of the vendors created a consortium from the get-go because they foresaw the need to bring on different types of stakeholders early on.  But ignoring the consortium approach for the moment, once real legal names are touching and managing real financial instruments, regulators and law enforcement begin to pay much closer attention.

Final remarks

In the US there is no private right of action under the FinCEN guidelines.  Only FinCEN can initiate an enforcement proceeding, and based on conversations with legal experts who reviewed this article, these experts do not expect such actions right now given that FinCEN hasn’t thus far.

Can private parties initiate litigation?  Based on one conversation with an interested party, it seems that there is arguably a private right of action under the CEA, under certain state money transmission business (MTB) laws and under securities laws.  Will they?  My guess is that as more real value (e.g., real money like USD) is associated with any of these anarchic blockchains, the odds of lawsuits due to any type of fork (intentional or not), trends closer to probably.

With that said, networks such as blockchains, do not maintain themselves.  They do not upgrade themselves or automatically fix bugs that arise.  They are not anti-fragile.  They need people to do all of these pesky maintenance things.  And with people comes politics and social engineering.31

Empirically if there isn’t disharmony in a blockchain community it is because most participants agrees who the administrator or administrators are.32

If there is a disagreement, as we have seen multiple times, a political struggle often takes place and a fork or two may happen: either a fork in the chain or a fork in the community.  With hundreds of dead or zombie blockchains, it is clear that blockchains do not work without some kind of administrator and decision maker.  Whether or not FinCEN or other money transmitter regulators come to the same conclusion is a different matter.

The takeaway from this piece isn’t that no one should be formally or informally engaged with anarchic chains such as cryptocurrencies.  Or that passion and enthusiasm should be discouraged.  Rather, it is about consistency and the rule of law.  If you do not like the development or evolution in a community-without-formal-rules — such as the fractured tribes of Bitcoin — using the government as a club of convenience to get what you want and not expect consequences for their intervention on your behalf is shortsighted.

While a few dozen cryptocurrency startups have already begun using trade associations to lobby regulators on their behalf for a “hands-off” regulatory approach, at some stage the appearance of formalized governance of financial market infrastructure — even if it is marketed as self-sovereign, decentralized, open, and anarchic — could lead to increased regulatory oversight due to how the crypocurrency governance activity actually behaves in reality.  This is definitely a topic worth revisiting in a year to see if any regulator publicly opines on the topic. 33

[Note: if you found this research note helpful, be sure to visit Post Oak Labs for more in the future.]

Acknowledgements

To protect the privacy of those who provided feedback, I have only included initials: RD, CP, SP, CM, VB, DG, CK, AW.

Endnotes

  1. Both Ray Dillinger and Hal Finney have stated they analyzed and gave feedback to Satoshi on Bitcoin prior to its public announcement; perhaps there were others too. []
  2. See these two articles written by Daniel Friedberg: “FinCEN Guidance Validates Bitcoin Industry but Targets Satoshi” and “Bitcoin hard fork conspiracy treacherous” []
  3. It is possible to create a redeemable asset on Counterparty and several other platforms connected to Bitcoin. []
  4. One reviewer opined that: “I think it will be a technical legal definition that comes down to whether you can exert reasonable control before enforcing MSB rules.  Whether you are an administrator or not will be a boring court decision: they could look at whether you were mining or developing with a high enough impact. []
  5. On the mining side, the capital costs of running a mining farm and pool that actually validates blocks on many of the larger cryptocurrency networks is relatively expensive and out of reach for most users; mining pools have been documented at attacking one another on the network itself (e.g., DDOS attacks).  On the developer side, as discussed throughout this article, while it varies depending on the cryptocurrency, the control over the repo (specifically who has commit access) is often restricted to a few insiders who can permit and restrict who can be involved in the development process (e.g., they can remove a developer from mailing lists, forums, events, code repositories, etc.). []
  6. Cryptocurrency miners typically only have the ability to instruct payments of keys they control (although they can censor and/or fork as well).  Thus, it is argued, the miners typically just perform IT services. []
  7. In the UK, there is some relevant guidance from HM Revenue and Customs with respect to money laundering and money service businesses []
  8. See SPV wallets for a user-specific example. []
  9. This past summer Quartz published a series of articles detailing some of this physical infrastructure in China.  See: The lives of bitcoin miners digging for digital gold in Inner MongoliaPhotos: Inside one of the world’s largest bitcoin mines; and Take a 360 walk around one of the world’s biggest bitcoin mines []
  10. A year ago the narrative that miners were a key component of Bitcoin dramatically shifted in the minds of a group that lobbied for a change known as UASF: User Activated Soft Fork.  The proposal – which thus far has not been activated – attempts to remove miners and replace their role with nodes controlled by UASF advocates, pretty much removing Sybil protection.  Instead of buying hardware and pushing hashrate one way or the other, UASF advocates used social media to promote their views.  Incidentally some of the same people promoting “no2x” (opposed to Segwit2x) were actively part of the “UASF” campaign. []
  11. One reviewer mentioned that: “It’s worth noting that in Ethereum, miners actually don’t have a large role in decision-making. Ironically enough, I think the reason for this is that Bitcoin prefers soft forks for governance, whereas Ethereum prefers hard forks, and soft forks naturally depend more heavily on miner support in order to succeed.” []
  12. Its Twitter account actively retweets and highlights specific content from a common group of promoters, advocating and endorsing their viewpoints. []
  13. “theymos” is his/her username; his real name is allegedly Michael Marquardt but little is publicly known about who he is beyond his control of the most highly trafficked Bitcoin-specific developer sites.  Other pseudonyms that co-own some of these domains include “cobra.” []
  14. In the US, copyrights are unregistered.  The copyright owner of the original source code still belongs to “Satoshi Nakomoto” however as of this writing, no one has stepped forward to claim this copyright ownership. []
  15. Alternatively they could be a “general partnership;” this was discussed in the SEC paper on The DAO (pgs 14-15). []
  16. One reviewer provided a counterpoint: “There’s a difference between voluntarily taking on responsibility and being legally assigned it. For example, if I suddenly decide that I feel morally obligated to make sure all children in some village in Africa are properly fed, I do not become their legal guardian.” []
  17. Alex Waters, Jeff Garzik, and Gavin Andresen (among others) have been removed in this fashion. []
  18. If we replaced “browser” with “TCP/IP” that would likely create massive economic disruption and finger pointing for blame. []
  19. See also: Emochain and Statistchain []
  20. I touched on this same issue last year in a paper, see Comments on the COIN ETF (SR-BatsBZX-2016-30) []
  21. One reviewer pointed out that: “If you’re looking for parallels with authoritarian regimes, there are many. Bitcoin Core’s arguments that there must be only one reference implementation to “preserve stability”; them playing linguistic games to deny the opposition legitimacy, high levels of censorship, etc. There are also parallels on the other side of this, where the “opposition parties,” despite having many legitimate grievances, are all good at protesting but focus on negativity and are not nearly technically competent enough to effectively form their own “government”. This happens in Russia, to some extent Singapore, China (think Hong Kong independence movement), etc. You can probably expand this out into an entire blog post.” []
  22. Bitmain is the largest manufacture of mining equipment, Antminer is the brand of one of its product lines. []
  23. See also Just How Profitable is Bitmain? by Jimmy Song and Former Bitmain Chip Designer Seeks to Revoke Mining Giant’s Patent from CoinDesk []
  24. One reviewer suggested that future researchers and analysts could also look at several other attributes: (1) Basing oneself in a country as an incorporated entity; (2) Having developers heavily concentrated in a country; (3) Heavily marketing in a country, especially if it’s the same country as above; (4) The operation of a chain being controlled by one implementation and one company (as opposed to Ethereum’s geth/Parity/now harmony split []
  25. One reviewer opined that: “Though it is worth noting that their ability to operate the network in a way that gives users permissionlessness was compromised as a result of these side activities. A useful cautionary tale.” []
  26. XRP Ledger Decentralizes Further With Expansion to 55 Validator Nodes from Ripple Insights []
  27. One reviewer commented that: “I think it’s worth making a distinction here between convertibility and central administration of tech. Bitcoin, Bitcoin Cash, Ethereum, Ethereum Classic, Dash, etc are all not immediately convertible; the portion of tokens that actually are convertible is relatively low and I think everyone already agrees that those are regulated.” []
  28. Private correspondence on October 16, 2017. []
  29. For a related discussion see, Are Public Blockchain Systems Unlicensed Money Services Businesses in Disguise? from Ciaran Murray []
  30. One reviewer mentioned that in the event a fork occurs, there could be legal repercussions pursuant to Commodities Exchange Act (namely, section 6(c), rule 180). []
  31. Even some of the proposed “self-governing” blockchains ultimately start out fairly centralized, arguably as administrators and MTBs.  And due to the amount of coins that insiders and creators of these chains have, they could heavily influence the direction of votes (e.g., in a staking model, large coin holders are politically powerful entities who could coordinate and collude to fork in their own interest).  Will they always remain as administrators? []
  32. Many thanks to Ciaran Murray for providing this observation. []
  33. One of the reviewers asked how several current and proposed proof-of-stake coin-based projects would fit in here as potential solutions.  Since most of these are young and/or not even launched, see footnote 31 above.  Some have governance challenges already, see Backroom battle imperils $230 million cryptocurrency venture from Reuters.  Another reviewer opined that: “Systems like Bitshares, EOS, Tezos, et al will in practice be secure primarily precisely because there are large premines held by the foundations and developers themselves. It’s like a kind of ‘centralized administration without looking like centralized administration.'” []
Send to Kindle

Eight Things Cryptocurrency Enthusiasts Probably Won’t Tell You

[Note: I neither own nor have any trading position on any cryptocurrency.  I was not compensated by any party to write this.  The views expressed below are solely my own and do not necessarily represent the views of my employer or any organization I advise.  See Post Oak Labs for more information.]

Alternative title: who will be the Harry Markopolos of cryptocurrencies?

If you don’t know who Harry Markopolos is, quickly google his name and come back to this article.  If you do, and you aren’t completely familiar with the relevance he has to the cryptocurrency world, let’s start with a little history.

Background

Don’t drink the Koolaid

With its passion and perma-excitement, the cryptocurrency community sometimes deludes itself into thinking that it is a self-regulating market that doesn’t need (or isn’t subject to) government intervention to weed out bad actors.1 “Self-regulation,” usually refers to an abstract notion that bad actors will eventually be removed by the action of market forces, invisible hand, etc.

Yet by most measures, many bad actors have not left because there are no real consequences or repercussions for being a bad dude (or dudette).

Simultaneously, despite the hundreds of millions of dollars raised by VCs and over a couple billion dollars raised through ICOs in the past year or so, not one entity has been created by the community with the power or moral authority to rid the space of bad apples and criminals.  Where is the regulatory equivalent of FINRA for cryptocurrencies?2

Part of this is because some elements in the community tacitly enable bad actors. This is done, in some cases, by providing the getaway cars (coin mixers) but also, in other cases, with a wink and a nod as much of the original Bitcoin infrastructure was set-up and co-opted by Bitcoiners themselves, some of whom were bad actors from day one.3

There are many examples, including The DAO.4 But the SEC already did a good dressing down of The DAO, so let’s look at BTC-e.

BTC-e is a major Europe-based exchange that has allegedly laundered billions of USD over the span of the past 6 years.  Its alleged operator, Alexander Vinnik, stands accused of receiving and laundering some of the ill-gotten gains from one of the Mt. Gox hacks (it was hacked many many times) through BTC-e and even Mt. Gox itself.5 BTC-e would later go on to be a favorite place for ransomware authors to liquidate the ransoms of data kidnapping victims.

Who shut down BTC-e?

It wasn’t the enterprising efforts of the cryptocurrency community or its verbose opinion-makers on social media or the “new 1%.”  It was several government law enforcement agencies that coordinated across multiple jurisdictions on limited budgets.6 Yet, like Silk Road, some people in the cryptocurrency community likely knew the operators of the BTC-e and willingly turned a blind eye to serious misconduct which, for so long as it continues, represents a black mark to the entire industry.

In other cases, some entrepreneurs and investors in this space make extraordinary claims without providing extraordinary evidence.  Such as, using cryptocurrency networks are cheaper to send money overseas than Western Union.  No, it probably is not, for reasons outlined by SaveOnSend.7

But those who make these unfounded, feel-good claims are not held accountable or fact-checked by the market because many market participants are solely interested in the value of coins appreciating.  Anything is fair game so as long as prices go up-and-to-the-right, even if it means hiring a troll army or two to influence market sentiment.

And yet in other cases, the focus of several industry trade associations and lobbying groups is to squarely push back against additional regulations and/or enforcement of existing regulations or PR that contradicts their narrative.8

Below are eight suggested areas for further investigation within this active space (there could be more, but let’s start with this small handful):

(1) Bitfinex

Bitfinex is a Hong Kong-based cryptocurrency exchange that has been hacked multiple times.9  Most recently, about 400 days ago, $65 million dollars’ worth of bitcoins were stolen.

Bitfinex eventually painted over these large losses by stealing from its own users, by socializing the deficits that took place in some accounts across nearly all user accounts.10  Bitfinex has – despite promising public audits and explanations of what happened – provided no details about how it was hacked, who hacked it, or to where those funds were drained to.11 It has also self-issued at least two tokens (BFX and RRT) representing their debt and equity to users, listed these tokens on their own exchange and allowed their users to trade them.12

There have been suggestions of impropriety, with its CFO (or CSO?) Phil Potter publicly explaining how they handle being de-banked and re-banked:

“We’ve had banking hiccups in the past, we’ve just always been able to route around it or deal with it, open up new accounts, or what have you… shift to a new corporate entity, lots of cat and mouse tricks that everyone in Bitcoin industry has to avail themselves of.”

Yet there is little action by the cryptocurrency community to seek answers to the open questions surrounding Bitfinex.  I wrote a detailed post several months ago on it and the only reporters who contacted me for follow-ups were from mainstream press.

There are a lot of reasons why, but one major reason could be that some customers have financially benefited from this lack of market surveillance because relatively little KYC (Know Your Customer) is collected or AML (Anti-Money Laundering) enforced, so some trades and/or taxes are probably unreported.13 This wouldn’t be an isolated incident as the IRS has said less than 1,000 United States persons have been filing taxes related to “virtual currencies” each year between 2013 – 2015.

But that’s not all.

The latest series of drama began earlier this spring: Bitfinex sued Wells Fargo who had been providing correspondent banking access to Bitfinex’s Taiwanese banking partners.  Wells Fargo ended this relationship which consequently tied up tens of millions of USD that was being wired internationally on behalf of Bitfinex’s users.  About a week later Bitfinex dropped the suit and at least one person involved on the compliance side of a large Taiwanese bank was terminated due to the misrepresentation of the Bitfinex account relationship.

This also impacted the price of Tether.

Tether, as its name suggests, is a proprietary cryptocurrency (USDT) that is “always backed by traditional currency held in our reserves.”  It initially used a cryptocurrency platform called Mastercoin (rebranded to Omni) and recently announced an ERC20 token on top of Ethereum.1415

As a corporate entity, Tether’s governance, management, and business are fairly opaque.  No faces or names of employees or personnel can be found on its site.16  Bitfinex was not only one of its first partners but is also a shareholder.  Bitfinex has also created a new ICO trading platform called Ethfinex and just announced that Tether will be partnering with it in some manner.17

Tether as an organization creates coins.  These coins are known as Tethers that trade under the ticker $USDT each of which, as is claimed on their webpage, is directly linked, 1-for-1, with USD and yen equivalents deposited in commercial banks.  But after the Wells Fargo suit was announced, USDT “broke the buck” and traded at $0.92 on the dollar.18   It has fluctuated a great deal during the summer currently trades at $1.00 flat.

Which leads to the question: are the seven banks listed by the recent CPA disclosure aware of what Tether publicly advertises its USDT product as?19

Source: Tether LTD

Who is responsible for issuance, and how if at all can they be redeemed?  Are they truly backed 1:1 or is there some accounting sleight-of-hand taking place behind the scenes?20  Where are those reserves going to be exactly?  Who will have access to them?  Will either Tether (the company) or Bitfinex going to use them to trade?21 These are the types of questions that should be asked and publicly answered.

The only reason anyone is learning anything about the project is because of an anonymous Tweeter, going by the handle @Bitfinexed, who seemingly has nothing better to do than listen to hundreds of hours of audio archives of Bitcoiners openly bragging about their day trading schemes and financial markets acumen (in that order).

Despite myself and others having urged coin media to do so, to my knowledge there have been no serious investigations or transparency as to who owns or runs this organization.  Privately, some reporters have blamed a lack of resources for why they don’t pursue these leads; this is odd given the deluge of articles posted every month on the perpetual block size debate that will likely resolve itself in the passage of time.

The only (superficial) things we know about Tether (formerly Realcoin) is from the few bits of press releases over time.22  Perhaps this is all just a misunderstanding due to miscommunication.23  Who wants to fly to Hong Kong and/or Taiwan to find out more?

(2) Ransomware, Ponzi’s, Zero-fee and AML-less exchanges

Last month a report from Xinhua found that:

China’s two biggest bitcoin exchanges, Huobi and OKCoin, collectively invested around 1 billion yuan ($150 million) of idle client funds into “wealth-management products.”

In other words, the reason these exchanges were able to operate and survive while charging zero-fees is partially offset by these exchanges using customer deposits to invest in other financial products, without disclosing this to customers.24

Based on conversations with investigative reporters and former insiders, it appears that many, if not most, mid-to-large exchanges in China used customer deposits (without disclosing this fact) to purchase other financial products.  It was not just OKCoin and Huobi but also BTCC (formerly BTC China) and others.  This is not a new story (Arthur Hayes first wrote about it in November 2015), but the absence of transparency in how these exchanges and intermediaries are run ties in with what we have seen at BTC-e.  While there were likely a number of legitimate, non-illicit users of BTC-e (like this one Australian guy), the old running joke within the community is that hackers do not attack BTC-e because it was the best place to launder their proceeds.

Many exchanges, especially those in developing countries lacking KYC and AML processes, directly benefited from thefts and scams.  Yet we’ve seen very little condemnation from the main cheerleaders in the community.25

For example, two years ago in South Africa, MMM’s local chapter routed around the regulated exchange, patronizing a new exchange that wouldn’t block their transactions.26  MMM is a Ponzi scheme that has operated off-and-on for more than twenty years in dozens of countries.  In its most current incarnation it has raised and liquidated its earnings via bitcoin.  As a result, the volume on the new exchange in South Africa outpaced the others that remained compliant with AML procedures.  Through coordination with law enforcement it was driven out for some time, but in January of this year, MMM rebooted and it is now reportedly back in South Africa and Nigeria.  The same phenomenon has occurred in multiple other countries including China, wherein, according to inside sources, at least one of the Big 3 exchanges gave MMM representatives the VIP treatment because it boosted their volume.

It was a lack of this market surveillance and customer protections and outright fraud that eventually led to many of the Chinese exchanges being investigated and others raided by local and national regulators in a coordinated effort during early January and February 2017.27

Initially several executives at the non-compliant exchanges told coin media that nothing was happening, that all the rumors of investigation was “FUD” (fear, uncertainty, doubt).  But they were lying.28

Regulators had really sent on-site staff to “spot check” and clean up the domestic KYC issues at exchanges.  They combed through the accounting books, bank accounts, and trading databases, logging the areas of non-compliance and fraud.  This included problems such as allowing wash-trading to occur and unclear margin trading terms and practices.29 Law enforcement showed these problems (in writing) to exchange operators who had to sign and acknowledge guilt: that these issues were their responsibility and that there could be future penalties.

Following the recent government ban on ICO fundraising (described in the next section), all exchanges in China involved in fiat-to-cryptocurrency trades have announced they will close in the coming weeks, including Yunbi, an exchange that was popular with ICO issuers.30  On September 14th, the largest exchange in Shanghai, BTCC (formerly BTC China), announced it would be closing its domestic exchange by the end of the month.31 It is widely believed it was required to do so for a number of compliance violations and for having issued and listed an ICO called ICOCoin.32

Source: Tweet from Linke Yang, co-founder of BTCC

The two other large exchanges, OKCoin and Huobi, both announced on September 15th that they will be winding down their domestic exchange by October 31st.33  Although according to sources, some exchange operators hope this enforcement decision (to close down) made by regulators will quietly be forgotten after the Party Congress ends next month.34

One Plan B is a type of Shanzhai (山寨) hawala which has already sprung up on Alibaba whereby users purchase discrete units of funds as a voucher from foreign exchanges (e.g., $1,000 worth of BTC at a US-based exchange).35  Many exchanges are trying to setup offices and bank accounts nearby in Hong Kong, South Korea, and Japan, however this will not solve their ability to fund RMB-denominated trades.36

It is still unclear at this time what the exact breakdown in areas of non-compliance were largest (or smallest).37  For instance, how common was it to use a Chinese exchange for liquidating ransomware payments?

As mentioned in an earlier post, cryptocurrencies are the preferred payment method for ransomware today because of their inherent characteristics and difficulty to reclaim or extract recourse.  One recent estimate from Cybersecurity Ventures is that “[r]ansomware damage costs will exceed $5 billion in 2017, up more than 15X from 2015.”  The victims span all walks of life, including the most at-risk and those providing essential services to the public (like hospitals).

But if you bring up this direct risk to the community, be prepared to be shunned or given the “whataboutism” excuse: sure bitcoin-denominated payments are popular with ransomware, but whatabout dirty filthy statist fiat and the nuclear wars it funds!

Through the use of data matching and analytics, there are potential solutions to these chain of custody problems outlined later in section 8.

(3) Initial coin offerings (ICOs)

Obligatory South Park reference (Credit: Jake Smith)

Irrespective of where your company is based, the fundraising system in developed – let alone developing countries – is often is a time consuming pain in the rear.  The opportunity costs foregone by the executive team that has to road show is often called a necessary evil.

There has to be a more accessible way, right?  Wouldn’t it just be easier to crowdfund from (retail) investors around the world by selling or exchanging cryptocurrencies directly to them and use this pool of capital to fund future development?

Enter the ICO.

In order to participate in a typical ICO, a user (and/or investor) typically needs to acquire some bitcoin (BTC) or ether (ETH) from a cryptocurrency exchange.  These coins are then sent to a wallet address controlled by the ICO organizer who sometimes converts them into fiat currencies (often without any AML controls in place), and sends the user/investor the ICO coin.38

Often times, ICO organizers will have a private sale prior to the public ICO, this is called a pre-sale or pre-ICO sale.  And investors in these pre-sales often get to acquire tokens at substantial discounts (10 – 60%) than the rate public investors are offered.39.  ICO organizers typically do not disclose what these discounts are and often have no vesting cliffs attached to them either.

The surge in popularity of ICOs as a way to quickly exploit and raise funds (coins) and liquidate them on secondary markets has transitively led to a rise in demand of bitcoin, ether, and several other cryptocurrencies.  Because the supply of most of the cryptocurrencies is perfectly inelastic, any significant increase (or decrease) in demand can only be reflected via volatility in prices.

Hence, ICOs are one of the major contributing factors as to why we have seen record high prices of many different cryptocurrencies that are used as gateway coins into ICOs themselves.

According to one estimate from Coin Schedule, about $2.1 billion has been raised around the world for 140 different ICOs this year.40  My personal view is that based on the research I have done, most ICO projects have intentionally or unintentionally created a security and are trying to sell it to the public without complying with securities laws.41 Depending on the jurisdiction, there may be a small handful of others that possibly-kinda-sorta have created a new coin that complies with existing regs.42  Maybe.

Ignoring the legal implications and where each fits on that spectrum for the moment, many ICOs to-date have pandered to and exploited terms like “financial inclusion” when it best suits them.43  Others pursue the well-worn path of virtue signaling: Bitcoiners condemning the Ethereum community (which itself was crowdfunded as an ICO), because of the popularity in using the Ethereum network for many ICOs… yet not equally condemning illicit fundraising that involves bitcoin or the Bitcoin network or setting up bucket shops such as Sand Hill Exchange (strangely one of its founders who was sued by the SEC now writes at Bloomberg).

The cryptocurrency community as a whole condemned the “Chinese government” for its recent blanket ban on fundraising and secondary market listing of ICOs.44 The People’s Bank of China (PBOC) is one of seven regulators to enforce these regulations yet most of the public antagonism has been channeled at just the PBOC.45

Irrespective of whether you think it was the right or wrong thing to do because you heart blockchains, the PBOC and other regulators had quite valid reasons to do so: some ICO creators and trading platforms were taking funds they received from their ICO and then re-investing those into other ICOs, who in turn invested in other ICOs, and so forth; creating a fund of fund of funds all without disclosing it to the public or original investors.46 ICO Inception (don’t tell Christopher Nolan).

In China and in South Korea, and several other countries including the US, there is a new cottage industry made of up entities called “community managers” (CM) wherein an ICO project hires an external company (a CM) who provides a number of services:

  1. for X amount of BTC the CM will actively solicit and get your coin listed on various exchanges;
  2. the CM takes a sales commission while marketing the coin to the public such that after the ICO occurred, they would take a juicy cut of the proceeds; and several other promotional services.47

The ICO issuers and fundraising/marketing teams usually organize a bunch of ICOs weekly and typically employ a market maker (known as an “MM” in the groups) whose role is to literally pump and dump the coin.  They engage in ‘test pumps’ and ‘shakeouts’ to get rid of the larger ICO investors so they can push the price up on a thin order book by 10x, 20x, or 30x before distributing and pulling support. You can hire the services of one of these traders in many of the cryptocurrency trading chat groups.48

There were even ICO boot camps (训练营) in China (and elsewhere) usually setup with shady figures with prior experience in pyramid schemes.49  Here they coached the average person to launch an ICO on the fly based on the ideas of this leader to people of all demographics including the vulnerable and at-risk.50  Based on investigations which are still ongoing, the fraud and deceit involved was not just one or two isolated incidents, it was rampant.51 Obtaining the training literature that was given to them (e.g., the script with the promises made) would make for a good documentary and/or movie.

Scene from Boiler Room

In other words, the ICO rackets have recreated many aspects of the financial services industry (underwriters, broker/dealers) but without any public disclosures, organizational transparency, investor protections, or financial controls.  Much like boiler rooms of days past.  It is no wonder that with all of this tomfoolery, according to Chainalysis, that at least $225 million worth of ETH has been stolen from ICO-related fundraising activity this past year.52

At its dizzying heights, in China, there were about sixty ICO crowdfunding platforms each launching (or trying to launch) new ICOs on a monthly basis.53  And many of these platforms also ran and operated their own exchanges where insiders were pumping (and dumping) and seeing returns of up to 100x on coins that represented “social experiments to test human stupidity” such as the performance art pictured below.

One recent estimate from Reuters was that in China, “[m]ore than 100,000 investors acquired new cryptocurrencies through 65 ICOs in January-June [2017].”54  It’s still unclear what the final straw was, but the universal rule of don’t-pitch-high-risk-investment-schemes-to-grandmothers-on-fixed-incomes was definitely breached.

As a result, the PBOC and other government entities in China are now disgorging any funds (about $400 million) that ICOs had raised in China.55  This number could be higher or lower depending on how much rehypothecation has taken place (e.g., ICOs investing in ICOs).  All crowdfunding platforms such as ICOAGE and ICO.info have suspended operations and many have shut down their websites.  In addition, several executives from these exchanges have been given a travel ban.56

Cryptocurrency exchanges (the ones that predated the ICO platforms) have to delist ICOs and freeze plans from adding any more at this time.  Multiple ICO promotional events, including those by the Fintech Blockchain Group (a domestic fund that organized, promoted, and invested in ICOs) have been canceled due to the new ban.57  Several well-known promoters have “gone fishing” overseas.  This past week, Li Xiaolai, an early Bitcoin investor and active ICO promoter, has publicly admitted to having taken the ICO mania too far (using a car acceleration example), an admission many link to the timing of this crackdown and ban.58

A real ICO in China: “Performance Art Based on Block Chain Technology” (Source)

For journalists, keep in mind this is (mostly) just one country described above.  It would be a mistake to pin all of the blame on just the ICO operators based in China as similar craziness is happening throughout the rest of the world (observe the self-serving celebrity endorsements).  Be sure to look at not just the executives involved in an ICO but also the advisors, investors, figureheads, and anyone who is considered “serious” lending credibility to dodgy outfits and dragging the average Joe (and Zhou) and his fixed income or meager savings into the game.

There may be a legitimate, legal way of structuring an ICO without running afoul of helpful regulations, but so far those are few and far between.  Similarly, not everyone involved in an ICO is a scammer but it’s more than a few bad apples, more like a bad orchard.  And as shown above with the initial enforcement actions of just one country, short sighted hustling by unsavory get-rich-quick partisans unfortunately might deep-six the opportunities for non-scammy organizations and entrepreneurs to utilize a compliant ICO model in the future.59

(4) VC-backed entities

Theranos, Juicero, and Hampton Creek, meet Coinbase, 21.co, Blockstream, and several others.

Okay, so that may be a little exaggerated.  But still the same, few high-profile Bitcoin companies are publishing daily active or monthly active user numbers for a variety of reasons.

Founded in May 2012, the only known unicorn to-date is Coinbase.  Historically it has kept traction stats close to the chest but we got a small glimpse at what Coinbase’s user base was from an on-going lawsuit with the IRS.  According to one filing, between 2013-2015 (the most recent publicly available data) Coinbase had around 500,000 users, of which approximately 14,355 accounts conducted at least $20,000 in business.60 This is a far cry from the millions of wallets we saw as a vanity statistic prominently displayed on its homepage during that same time period.61

What did most users typically do?  They created an account, bought a little bitcoin, and then hoarded it – very few spent it as if it were actual money which is one of the reasons why they removed a publicly viewable transaction chart over a year ago.62

To be fair, the recent surge in market prices for cryptocurrencies has likely resulted in huge user growth.  In fact, Coinbase’s CEO noted that 40,000 new users signed up on one day this past May.  But some of this is probably attributed to new users using Coinbase as an on-and-off ramp: United States residents acquiring bitcoin and ether on Coinbase and then participating in ICOs elsewhere.63

After more than $120 million in funding, 21.co (formerly 21e6) has not only seen an entire executive team churn, but a huge pivot from building hardware (Bitcoin mining equipment) into software and now into a pay-as-you-go-LinkedIn-but-with-Bitcoin messaging service.  Launched with much fanfare in November 2015, the $400 Amazon-exclusive 21.co Bitcoin Computer was supposed to “return economic power to the individual.”

In reality it was just a USB mining device (a Raspberry Pi cobbled together with an obsolete mining chip) and was about as costly and useful as the Juicero juicing machine.  It was nicknamed the “PiTato” and unit sales were never publicly disclosed.  Its story is not over: in the process of writing this article, 21.co announced it will be launching a “social token” (SOC) by the end of the year.64

Blockstream is the youngest of the trio.  Yet, after three years of existence and having raised at least $76 million, as far as the public can tell, the company has yet to ship a commercial product beyond an off-the-shelf hardware product (Liquid) that generates a little over $1 million in revenue a year.65  It also recently launched a satellite Bitcoin node initiative it borrowed from Jeff Garzik, who conceived it on a budget of almost nothing about three years ago.66

To be fair though, perhaps it does not have KPIs like other tech companies.  For instance, about two and half years ago, one of their largest investors, Reid Hoffman, said Blockstream would “function similarly to the Mozilla Corporation” (the Mozilla Corporation is owned by a nonprofit entity, the Mozilla Foundation).  He likened this investment into “Bitcoin Core” (a term he used six times) as a way of “prioritiz[ing] public good over returns to investors.”  So perhaps expectations of product roadmaps is not applicable.

On the flipside, some entrepreneurs have explained that their preference for total secrecy is not necessary because they are afraid of competition (that is a typical rationale of regular startups), but because they are afraid of regulators via banks.67  For example, a regulator sees a large revenue number, finds out which bank provides a correspondent service and if the startup is fully compliant with AML, CFT, and KYC processes, starts auditing that bank, and banks re-evaluates NPV of working with a startup and potentially drops it.  Until that changes, we will not know volumes for Abra, Rebit, Luno, and others and that is why a year-old claim about 20% market share in the South Korea -> Philippines remittance corridor remains evidence-free.6869

While we would all love to see more data, this is a somewhat believable argument.  A more insightful question might be if/when we get to a point where supporting Bitcoin players becomes enough of real revenue that banks would agree to higher investments and support.  In the meantime, business journalists should drill down into the specifics about how raised money has been spent, is compliance being skirted, customer acquisition costs, customer retention rate, etc.70

(5) The decline of Maximalism

If you were to draw a Venn diagram, where one circle represented neo Luddism and another circle represented Goldbugism, the areas they overlap would be cryptocurrency Maximalism (geocentrism and all).71  This increasingly smaller sect, within the broader cryptocurrency community, believes in a couple of common tenets but most importantly: that only one chain or ledger or coin will rule them all.  This includes the Ethereum Classic (ETC) and Bitcoin Core sects, among others.

They’re a bit like the fundamentalists in that classic Monty Python “splitters” sketch but not nearly as funny.

If you’re looking to dig into defining modern irony, these are definitely the groups to interview.  For instance, on the one hand they want and believe their Chosen One (typically BTC or ETC) should and will consume the purchasing power of all fiat currencies, yet they dislike any competing cryptocurrency: it is us versus them, co-existence is not an option!  The rules of free entry do not apply to their coin as somehow a government-free monopoly will form around their coin and only their coin.  Also, you should buy a lot of their coin, like liquidate your life savings asap and buy it now.

Artist rendering of proto-Bitcoin Maximalism, circa 14th century

This rigidity has diminished over time.

Whereas, three years ago, most active venture capitalists and entrepreneurs involved in this space were antagonistic towards anything but bitcoin, more and more have become less hostile with respect to new and different platforms.

Source: Twitter

For instance, Brian Armstrong (above), the CEO of Coinbase, two and a half years ago, was publicly opposed to supporting development activities towards anything unrelated to Bitcoin.

But as the adoption winds shifted and Ethereum and other platforms began to see growth in their development communities (and coin values), Coinbase and other early bastions of maximalism began to support them as well.

Source: Twitter (1 2)

There will likely be permanent ideological holdouts, but as of this writing I would guesstimate that less than 20% of the bitcoin holders I have interacted with over the past 6-9 months would label themselves maximalists (the remaining would likely self-identify with the “UASF” and “no2x” tags on Twitter).

So interview them and get their oral history before they go extinct!

(6) Market caps

There is very little publicly available analysis of what is happening with Bitcoin transactions (or nearly all cryptocurrencies for that matter): dormant vs. active, customers vs. accounts, transaction types (self-transfers vs. remittances vs. B2B, etc.).

On-chain transaction growth seems to be slowing down on the Bitcoin network and we don’t have good public insights on what is going on: are there are pockets of growth in real adoption or just more wallet shuffling?

In other words, someone should be independently updating “Slicing data” but instead all we pretty much see is memes of Jamie Dimon or animated gifs involving roller coaster prices.72

In the real world, “market cap” is based on a claim on a company’s assets and future cash flows.  Bitcoin (and other cryptocurrencies) has neither — it doesn’t have a “market cap” any more than does the pile of old discarded toys in your garage.

“Market Cap” is a really dumb phrase when applied to the cryptocurrency world; it seems like one of those seemingly straightforward concepts ported to the cryptocurrency world directly from mainstream finance, yet in our context it turns into something misleading and overly simplistic, but many day traders in this space who religiously tweet about price action love to quote.

The cryptocurrency “market cap” metric is naively simplistic: take the total coin supply, and multiply it by the current market price, and voila!  Suddenly Bitcoin is now approaching the market cap of Goldman Sachs!73

Yeah, no.

To begin with, probably around 25% or more of all private keys corresponding to bitcoins (and other cryptocurrencies too) have been permanently lost or destroyed.74  Most of these were from early on, when there was no market price and people deleted their hard drives with batches of 50 coins from early block rewards without backing them up or a second thought.

Extending this analogy, 25% of the shares in Goldman Sachs cannot suddenly become permanently ownerless.  These shares are registered assets, not bearer assets.  Someone identifiable owns them today and even if there is a system crash at the DTCC or some other CSD, shareholders have a system of recourse (i.e., the courts) to have these returned or reissued to them with our without a blockchain.  Thus, anytime you hear about “the market price of Bitcoin has approached $XXX billion!” you should automatically discount it by at least 25%.

Also, while liquidity providers and market makers in Bitcoin have grown and matured (Circle’s OTC desk apparently trades $2 billion per month), this is still a relatively thinly traded market in aggregate.  It is, therefore, unlikely that large trading positions could simultaneously move into and out of billion USD positions each day without significantly moving the market.  A better metric to look at is one that involves real legwork to find: the average daily volume on fee-based, regulated spot exchanges combined with regulated OTC desks.  That number probably exists, but no one quotes it.  Barring this, an interim calculation could be based on “coins that are not lost or destroyed.”

(7) Buy-side analysts and coin media

We finally have some big-name media beginning to dig into the shenanigans in the space.  But organizations like CoinDesk, Coin Telegraph, and others regularly practice a brand of biased reporting which primarily focus on the upside potential of coins and do not provide equal focus on the potential risks.75  In some cases, it could be argued that these organizations act as slightly more respectable conduits for misinformation churned out by interested companies.76

Common misconceptions include continually pushing out stories like the example above, on “market caps” or covering vanity metrics such as growth in wallet numbers (as opposed to daily active users).  It is often the case that writers for these publications are heavily invested in and/or own cryptocurrencies or projects mentioned in their stories without public disclosure.

This is not to say that writers, journalists, and staff at these organizations should not own a cryptocurrency, but they should publicly disclose any trading positions (including ‘hodling’ long) as the sentiment and information within their articles can have a material influence on the market prices of these coins.

For instance, CoinDesk is owned by Digital Currency Group (DCG) who in turn has funded 80-odd companies over the last few years, including about 10 mentioned in this article (such as Coinbase and BTC China).  DCG also is an owner of a broker/dealer called Genesis Trading, an OTC desk which trades multiple cryptocurrencies that DCG and its staff, have publicly acknowledged at having positions in such as ETC, BTC and LTC.77

What are the normal rules around a media company (and its staff) retweeting and promoting cryptocurrencies or ICOs the parent company or its principals has a stake in?

If coin media wants to be taken seriously it will have to take on the best practices and not appear to be a portfolio newsletter: divorce itself of conflicts of interest by removing cross ownership ties and prominently disclose all of the remaining potential conflicts of interest with respect to ownership stakes and coin holdings.  Markets that transmit timely, accurate, and transparent information are better markets and are more likely to grow, see, and support longer-term capital inflows.78

Source: Twitter

Source: Twitter

For example, if Filecoin is a security in the US (which its creators have said it is), and DCG is an equity holder in Filecoin/Protocol Labs (which it is)… and DCG is an owner in CoinDesk, what are the rules for retweeting this ICO above?  There are currently 16 stories in the CoinDesk archive which mention Filecoin, including three that specifically discuss its ICO.  Is this soliciting to the public?79

Similarly, many of the buy-side analysts that were actively publishing analysis this past year didn’t disclose that they had active positions on the cryptocurrencies they covered.  We recently found out that one lost $150,000 in bitcoins because someone hacked his phone.

At cryptocurrency events (and fintech events in general), we frequently hear buzz word bingo including: smart assets, tokens, resilience, pilots, immutability, even in-production developments, but there is often no clear articulation of what are the specific opportunities to save or make money for institutions if they acquire a cryptocurrency or uses its network to handle a large portion of their business.80

This was the core point of a popular SaveOnSend article on remittances from several years ago.  I recommend revisiting that piece as a model for similar in-depth assessments done by people who understand B2B payments, correspondent banking and other part of global transfers.  Obviously this trickles into the other half of this space, the enterprise world which is being designed around specific functional and non-functional requirements, the SLAs, compliance with data privacy laws, etc., but that is a topic for another day.

What about Coin Telegraph?  It is only good for its cartoon images.81

Source: LinkedIn

There are some notable outliers that serve as good role models and exceptions to the existing pattern and who often write good copy.  Examples of which can be found in long end note.82

Obviously the end note below is non-exhaustive nor an endorsement, but someone should try to invite some or all these people above to an event, emceed by Taariq Lewis.  That could be a good one.

(8) Analytics

What about solutions to the problems and opaqueness described throughout this article?

There are just a handful of startups that have been funded to create and use analytics to identify usage and user activity on cryptocurrency networks including: Chainalysis, Blockseer, Elliptic, WizSec, ScoreChain, Skry (acquired by Bloq) – but they are few and far between.83  Part of the reason is because the total addressable market is relatively small; the budgets from compliance departments and law enforcement is now growing but revenue opportunities were initially limited (same struggle that coin media has).  Another is that the analytic entrepreneurs are routinely demonized by the same community that directly benefits from the optics they provide to exchanges in order to maintain their banking partnerships and account access.

Such startups are shunned today, unpopular and viewed as counter to the roots of (pseudo) anonymous cryptocurrencies, however, as regulation seeps into the industry an area that will gain greater attention is identification of usage and user activities.

For instance, four years ago, one article effectively killed a startup called Coin Validation because the community rallied (and still rallies) behind the white flag of anarchy, surrendering to a Luddite ideology instead of supporting commercial businesses that could help Bitcoin and related ideas and technologies comply with legal requirements and earn adoption by mainstream commercial businesses.  For this reason, cryptocurrency fans should be very thankful these analytics companies exist.

Source: Twitter. Explanation: Wanna Cry ransomware money laundering with Bitcoins in action. Graph shows Bitcoin being converted to Monero (XMR) via ShapeShift.io

More of these analytics providers could provide even better optics into the flow of funds giving regulated institutions better handling of the risks such as the money laundering taking place throughout the entire chain of custody.

Without them, several large cryptocurrency exchanges would likely lose their banking partners entirely; this would reduce liquidity of many trading pairs around the world, leading to prices dropping substantially, and the community relying once again on fewer sources of liquidity run out of the brown bags on shady street corners.84

One key slide from Kim Nilsson’s eye-opening presentation: Cracking MtGox

And perhaps there is no better illustration of how these analytic tools can help us understand the fusion of improper (or non-existent) financial controls plus cryptocurrencies: Mt. Gox.  Grab some warm buttery popcorn and be sure to watch Kim Nilsson’s new presentation covering all of the hacks that this infamous Tokyo-based exchange had over its existence.

Journalists, it can be hard to find but the full order book information for many exchanges can be found with enough leg work.   If anyone had the inclination to really want to understand what was going on at the exchange, there are 3rd parties which have a complete record of the order book and trades executed.

Remember, as Kim Nilsson and others have independently discovered, WillyBot turned out to be true.

Final Remarks

The empirical data and stories above do not mean that investors should stop trading all cryptocurrencies or pass on investing in blockchain-related products and services.

To the contrary, the goal of this article is to elevate awareness that this industry lacks even the most basic safeguards and independent voices that would typically act as a counterbalance against bad actors.  In this FOMO atmosphere investors need to be on full alert of the inherent risks of a less than transparent market with less than accurate information from companies and even news specialists.

Cryptocurrencies aren’t inherently good or bad.  In a single block, they can be used as a means to reward an entity for securing transactions and also a payment for holding data hostage.

One former insider at an exchange who reviewed this article summarized it as the following:

The cryptocurrency world is basically rediscovering a vast framework of securities and consumer protection laws that already exist; and now they know why they exist. The cryptocurrency community has created an environment where there are a lot of small users suffering diffuse negative outcomes (e.g., thefts, market losses, the eventual loss on ICO projects). And the enormous gains are extremely concentrated in the hands of a small group of often unaccountable insiders and “founders.” That type of environment, of fraudulent and deceptive outcomes, is exactly what consumer and investor protection laws were created for.

Generally speaking, most participants such as traders with an active heartbeat are making money as the cryptocurrency market goes through its current bull run, so no one has much motive to complain or dig deeper into usage and adoption statistics.  Even those people who were hacked for over $100,000, or even $1 million USD aren’t too upset because they’re making even more than that on quick ICO returns.

We are still at the eff-you-money stage, in which everyone thinks they are Warren Buffett.85  The Madoffs will only be revealed during the next protracted downturn.  So if you’re currently getting your cryptocurrency investment advice from permabull personalities on Youtube, LinkedIn, and Twitter with undisclosed positions and abnormally high like-to-comment ratios, you might eventually be a bag holder.86

Like any industry, there are good and bad people at all of these companies.  I’ve met tons of them at the roughly 100+ events and meetups I have attended over the past 3-4 years and I’d say that many of the people at the organizations above are genuinely good people who tolerate way too much drivel.  I’m not the first person to highlight these issues or potential solutions.  But I’m not a reporter, so I leave you with these leads.

While everyone waits for Harry Markopolos to come in and uncover more details of the messes in the sections above, other ripe areas worth digging into are the dime-a-dozen cryptocurrency-focused funds.

Future posts may look at the uncritical hype in other segments, including the enterprise blockchain world.  What happened after the Great Pivot?

[Note: if you found this research note helpful, be sure to visit Post Oak Labs for more in the future.]

Acknowledgements

To protect the privacy of those who provided feedback, I have only included initials: JL, DH, AL, LL, GW, CP, PD, JR, RB, ES, MW, JK, RS, ZK, DM, SP, YK, RD, CM, BC, DY, JF, CK, VK, CH, HZ, and PB.

End notes

  1. One reviewer commented: “Another meta-topic is the notion of “community,” which is a myth if you ask me.  Why hasn’t the “community” done “X”? Because the word is mostly a marketing fiction.” See also the discussion of the idea that “Code is not law” []
  2. One former regulator mentioned: “The cryptocurrency community needs to police itself better or it risks being policed more severely by unfriendly and unsympathetic regulators.  Self-regulation is what certain hands-off banking supervisors attempted with US banks and other financial institutions 15 years ago and that ended poorly for many parties including those who were not directly responsible for making the poor decisions in the first place.  Even in sports it is understood, with the exception of golf, it doesn’t work. In this Wild West atmosphere where are the sheriffs?” []
  3. Not unique to cryptocurrencies, but by enabling such bad actors, certain platform operators may even increase their short term profit. []
  4. Report of Investigation Pursuant to Section 21(a) of the Securities Exchange Act of 1934: The DAO []
  5. For an in-depth look at how the various moving pieces of the ecosystem interact, see: The flow of funds on the Bitcoin network in 2015, Cryptocurrency KYSF: Know Your Source of Funds, and Cryptocurrency KYSF: Know Your Source of Funds part 2 []
  6. Bitcoin Exchange Was a Nexus of Crime, Indictment Says from The New York Times []
  7. For an in-depth look at these different costs, it is highly recommended to read this post from Save on Send.  Some are convinced that this is the case because, on a small scale, the illiquidity of the end points serves to finance the operation, i.e. buying BTC with USD then selling BTC for MXN, may allow an apparent savings when compared with traditional remittance service providers.  Also oft-forgotten is the cost of cash-out and distribution of cash at the end point; also KYC / AML / CFT functions are frequently left-off the calculation. []
  8. One reviewer stated that, “Any working groups advising the government on policy are certainly worthy of investigation. Who are these people and what are their potential conflicts of interest?  For starters, in the US look at The Bitcoin Foundation and the Blockchain Alliance.” []
  9. It has a complex corporate structure and is nominally based in Hong Kong, operations and incorporation of subsidiaries are in other jurisdictions including BVI. []
  10. There were exceptions. Some users reported smaller haircuts as they were customers of SynapsePay.  Another user claims to have retained a lawyer and he did not have any haircut.  I independently verified this with an executive at SynapsePay. []
  11. Phil Potter, an executive at Bitfinex, has spoken about the hack on multiple different podcasts including once in detail, but this has since been deleted. []
  12. Bitfinex also recently announced that they will be doing an ICO (called NEC) to capitalize on the current token mania. []
  13. Bitfinex does do KYC and AML when a user withdraws USD and when they receive subpoenas. []
  14. ERC20 tokens are arguably not the same thing as a cryptocurrency, they are more like colored coins. See “Watermarked tokens and pseudonymity on public blockchains” by Tim Swanson. []
  15. Tether brings tokenised USD to Ethereum network from Finextra []
  16. We only know who is involved through various reddit threads wherein users dox and identify themselves as employees and founders. []
  17. Tether brings tokenised USD to Ethereum network from Finextra []
  18. This wouldn’t be the first time that a peg “broke the buck;” money market funds have been propped up by a parent organization in the past. []
  19. Tether Update []
  20. One reviewer noted that: “Theoretically they could maintain a fractional reserve to service redemptions although this isn’t a problem per se, provided that it is disclosed.  By saying you have “cash” backing, you could have some really bizarre stuff, like USD loans to unsavory entities.  But maybe they do not do this either.”  []
  21. Source for some of these questions. []
  22. One reviewer commented: “Tether offers users a way to move USD from one country to another, much like Western Union. So Tether should be obligated to run KYC/AML checks on not only those who are depositing US$ funds to get new Tethers (as it currently does), but also everyone who uses second-hand Tethers (it doesn’t). Now if Tether was like bitcoin, and had no physical address, it would be complicated for the authorities to enforce this requirement. But Tether is anchored to the brick & mortar banking system, so law enforcement should be easier, will it?” []
  23. One reviewer commented: “Let’s assume the worst for Tether, what does that mean?  If it were to collapse would it harm the small investors or the whales? A few exchanges that allow Tether also allow you to hold your deposits in USD, aside from the ability to send USDT between exchanges, which arguably could actually be a net positive because it allows clients to net positions between exchanges potentially reducing the overall credit in the system. But this goes back to one of their continual issues: lack of communicating and transparency for how the whole money issuance and transmission process works.” []
  24. Note: they did have withdrawal fees which likely generated revenue from arbitrageurs.  Several of the larger exchanges also raised venture capital and setup (and still run) order books outside of China with other business lines which may help offset some costs. []
  25. Described in further detail, “Comments on the COIN ETF (SR-BatsBZX-2016-30)” by Tim Swanson []
  26. See the section “Stopping Predators” within A Kimberley Process for Cryptocurrencies []
  27. China Central Bank Said to Call Bitcoin Exchanges for Talks from Bloomberg []
  28. In addition to lying about being investigated, they were lying about the true volume on their exchanges.  When the zero-fee domestic exchanges were required to add a minimum fee (to discourage wash trading), volume plummeted. []
  29. Central bank warns Bitcoin exchanges over margin trading, money laundering from Xinhua and Chinese bitcoin exchanges resume withdrawals after freeze from Reuters []
  30. Li Xiaolai: Yunbi Is Winding Down In 3 Months from 8BTC []
  31. BTCC to Cease China Trading as Media Warns Closures Could Continue from CoinDesk []
  32. Sources: CNLedger and ICOcoinOfficial []
  33. Huobi, OKCoin to Stop Yuan-to-Bitcoin Trading By October’s End from CoinDesk []
  34. The 19th National Congress of the Communist Party of China starts on October 18th.  All exchanges involving fiat-to-cryptocurrency trades will be closed. Both OKCoin and Huobi have overseas platforms (with independent order books and bank accounts independent of the domestic Chinese exchanges).  These have cryptocurrency-to-cryptocurrency trading and will remain operating.  Currently, users of the domestic fiat-to-currency platform can move their coins to the overseas platforms. []
  35. Something similar was done with voucher codes sold on Taobao in 2014 as well.  See After Crackdown, A New Bitcoin King Emerges in China from Wired []
  36. At one time or another, the spot price for each of the three large Chinese exchanges was a constituent part of several different pricing indices including the Winkdex, TradeBlock XBX index, and others such as OKEX (OKEX is an international subsidiary of OKCoin who replaced these exchanges on its own index).  This is potentially problematic because, as I detailed in my COIN ETF report, these exchanges were prone to mismanagement, crashes, and ultimately quick closure.  Going forward, what other sources of reliable pricing data can ETFs use that also accurately reflect market prices? []
  37. One insider in China noted that: “These exchanges had multiple chances to clean up their act and even self-regulate but because of the competitive pressures in China towards zero-fees, no one wanted to be left behind.  It was a type of collective action failure, so the government finally had to come in and clean up the mess because no one else would.” []
  38. These are mostly ERC20 tokens, not coins. []
  39. One reviewer mentioned: “Depending on the jurisdiction, these pre-arranged discounts might be deemed as structured products.” []
  40. Is There a Cryptocurrency Bubble? Just Ask Doge. from The New York Times []
  41. “How the ICO, OCO, and ECO ecosystem works at a high level” by Tim Swanson and “Comments on the COIN ETF (SR-BatsBZX-2016-30)” by Tim Swanson []
  42. Note: volumes can and will be written on this section alone.  If not on the legalities but on the ‘pump and dumps’ that have taken place. []
  43. One former regulator suggested: “Ignoring for the moment the overarching legal implications of what they did, because these activities took place on blockchains, future researchers should be able to eventually provide very accurate estimates the costs and losses to investors who put their trust and money into deceptive ICO organizers who were unscrupulous.” []
  44. Some argue this ban may just be temporary and cite a CCTV 13 interview with Hu Bing with the Institute of Finance and Banking who says the government will issue licenses in the future. []
  45. As of this writing there are many rumors circulating regarding how these new guidelines could impact cryptocurrency mining operators based in China.  One recent story from the Wall Street Journal articulates a rumor that miners will need to also shut down operations because they are trading cryptocurrencies without a license.  More existentially, if all fiat-to-cryptocurrency exchanges shut down domestically, miners would need a new method to liquidate their coins because they need to pay utilities in RMB (e.g., it doesn’t help to have a JPY or KRW-denominated bank account because Chinese utilities require being paid in RMB). []
  46. This same phenomenon occurred several years ago with “wealth management products” doing the same re-investment into other WMPs; revisiting the P2P Lending scams that came to light in the past two years as well is helpful.  See China’s ICO ban makes more sense in light of its history with fintech by Nik Milanovic []
  47. One insider noted that: “A New Zealand based person (and company) is one of the main men in all of this. I’ve encountered him on a number of occasions. He’s a complete fraudster. For example he told a group I am in that MGO would be listed on Poloniex within weeks of launch. Months later he hasn’t even got it on Bittrex. He’s now buying up lots of it wholesale from disenchanted investors who’ve taken a massive hit recently and will inevitably be sitting on a pile when the intentionally delayed launch and pump happens.” []
  48. Whalepool and The Coin Farm on Telegram are both examples of this type of coordination. []
  49. ICO被定性为涉嫌非法集资,想一夜暴富的“韭菜”们醒醒吧 from Huxiu []
  50. Based on translated stories from after the investigations as well as conversations with observers of these training sessions. []
  51. According to a source close to the investigations, law enforcement are using WeChat correspondence to chronicle the intentional cases of fraud and deceit.  In some cases, ICO organizers would run a public WeChat group, providing investors with false information and then use a private WeChat group with a smaller circle of insiders to “laugh at the stupidity” of these investors and coordinate dumps.  As a result, ICO organizers are leaving WeChat to use platforms like Telegram.  See China’s WeChat crackdown drives bitcoin enthusiasts to Telegram from South China Morning Post []
  52. That is the best case scenario because it assumes that there were not additional losses to fraud and mismanagement, which we know there has been. []
  53. China bans companies from raising money through ICOs, asks local regulators to inspect 60 major platforms from CNBC []
  54. Cryptocurrency chaos as China cracks down on ICOs from Reuters []
  55. Ibid []
  56. China shuts down Bitcoin industry; bans executives from leaving the country from Australian Financial Review []
  57. Another ICO Conference Cancels in Wake of China Ban from CoinDesk []
  58. He had to refund the ICOs he promote (plus with an added premium). []
  59. One reviewer commented: “The inevitability of regulations coming down the pipeline is a certainty (not just “blanket bans”).  Whether it’s 1 month or 1 year, regulations or enforcement of existing regulations will be coming in. A lot of these participants in the market seem to want to get in before regulations come into effect but in many jurisdictions they can still be liable for past actions (depending on the statute of limitations). That’s part of what I think is driving this tremendous amount of ICOs right now.” []
  60. 14,000 Coinbase Customers Could Be Affected by IRS Tax Summons from CoinDesk and Legitimate? IRS Defends Coinbase Customer Investigation in Court Filing from CoinDesk []
  61. At the time of this writing Coinbase has raised more than $225 million.  By January 2015, Coinbase had in aggregate raised just north of $106 million.  The ongoing lawsuit with the IRS states that there were 500,000 users by the end of the 2013 – 2015 period, of which 14,355 had done $20,000 or more of trading.   Future research can look into Coinbase’s customer acquisition costs over time (e.g., switching costs) versus the same costs traditional banks have.  Note: this also does not include the user numbers at GDAX, their platform marketed to professional traders. []
  62. According to an alleged insider (which may be untrue), some Coinbase users allegedly didn’t even know they may have been entitled to things like CLAM coins.  Maybe they weren’t. Tangentially, the continual high percentage of hoarding done by cryptocurrency enthusiasts suggests that this still remains a virtual commodity and continues to fail the medium of exchange test needed to be defined as a transactional currency. []
  63. At this time, it is unclear what the breakdown of these new (or old) users are acquiring cryptocurrencies on Coinbase and then participating in ICOs.  As a company, Coinbase has been publicly supportive of the ICO zeitgeist and hosted multiple meetups where ICO creators presented.  Earlier this year it co-sponsored a publication discussing the securities law framework of tokens.  Based on several interviews for this article, users of both the Coinbase wallet and its subsidiary, GDAX, currently can send bitcoins and ether from their user accounts to participate in ICOs.  It is unclear how often this is screened and/or prevented.  For perspective, a former employee was allegedly fired for sending bitcoins from his Coinbase account to gamble on Chinese web casinos.  Assuming this is true (and it may not be) then Coinbase could have the knowledge and/or ability to prevent users from participating in ICOs or other off-platform activity that violates its terms of service. []
  64. Another tech company that supposedly struggled raising funding and later issued its own coin (through an ICO) is Kik, through its Kin Foundation. []
  65. If this post is true (and it may not be), a dozen or so exchanges paying between $7,000 – $10,000 a month is roughly $1.4 million a year.  The SaaS monthly estimate has been independently validated from conversations with a couple participating exchanges. []
  66. One reviewer recommended: “If I were a journalist, I would more closely scrutinize the social media habits of the executives (and their surrogates) on these teams so the ecosystem can ascertain the relationship between the amount of time senior employees spend opining on Twitter, Reddit, mailing lists, IRC, WhatsApp, Slack, WeChat, Telegram, BitcoinTalk, GitHub, Discord, etc., and the number of hours in a working day, or number of products shipped.  Other social media analytics ideas for journalists: look at the Twitter tribes of Bitcoin (and other cryptocurrencies). Who is aligned with whom and pushing what agendas? Who are the trolls associated with those different tribes?  How many suspect accounts are associated with each group? For example, how many accounts that were just created, or never tweeted before, or only have followers from within their own tribes?” []
  67. One reviewer argued that, “It could also because they want to protect their valuations and because they are privately held companies that may be legally forbidden to divulge this information.” []
  68. This article in Quartz did not provide actual data or evidence that these remittance numbers were real, no one fact-checked it and instead, reproduced similar headlines for several months. []
  69. According to a recent interview with Forbes, after nearly two years of operations Abra only has 73 users per day. They are currently raising another round at this time; it is believed that this will help fund their compliance team and for licenses which they currently lack. []
  70. One reviewer said, “A counterpoint could be: VC returns are even sharper than standard Pareto; 1:9 or even 1:99 as opposed to 2:8. Startups are hard – most fail – why should cryptocurrency world be any different?” []
  71. One reviewer suggested that: “In the future, you should explain why Maximalism is a type of Authoritarianism and is not to be conflated with cypherpunks.” []
  72.  In mid-September, vocal promoters and owners of cryptocurrencies such as Bitcoin collectively spent thousands of hours yelling on social media and conducting letter writing campaigns all to channel their anger towards comments made by Jamie Dimon.  A couple worthwhile followups include: JPMorgan handles bitcoin-related trades for clients despite CEO warning from Reuters and  MUFG CEO on Dimon Remarks: Bank Cryptocurrencies Have ‘Nothing to Do With Bitcoin’ from CoinDesk []
  73. Bitcoin was only used as an example, nearly all cryptocurrencies listed on CoinMarketCap have the same issue in terms of calculating a real “market cap.” []
  74. Learning from Bitcoin’s past to improve its future from Tim Swanson []
  75. The theatrics around “BearWhale”-like events still persists.  For example, one current conspiracy theory is that: “the Chinese government is shutting down Bitcoin miners to mine bitcoins themselves.”  This is most likely false and the proposed solution is to “use satellites.”  But in talking with professional miners in China, many of them have contracts directly with State Grid, so they could lose access to energy in a worst-case scenario and satellites would not be of any use (assuming any of those rumors are true). []
  76. To be fair, this is not unique to the cryptocurrency space. []
  77. Genesis Trading is also the marketing and distribution agent for Bitcoin Investment Trust and Ethereum Classic Investment Trust, two regulated financial products.  DCG also is an owner in Grayscale Investments which is the legal sponsor both of these Trusts []
  78. Research: How Investors’ Reading Habits Influence Stock Prices by Anastassia Fedyk and Effects of Misinformation on the Stock Return: A Case Study by Ahsan et al. []
  79. Some employees in coin media have used social media channels to discuss various cryptocurrencies including ICOs over the past year.  How many of these were sponsored or received a cut of the coins to do so? []
  80. A great paper on this topic is The Path of the Blockchain Lexicon (and the Law) by Angela Walch []
  81. Nearly all of the coin media site allow ICO advertisements as well.  What are the terms and benefits that these media sites receive in exchange for displaying these advertisements and advertorials? []
  82. Note: this is not an exhaustive list and I’ll likely be flamed for not including X but including Y.  Journalists who write good original stories include: Nathaniel Popper, Matt Levine, and Matt Leising.  There have been several good op-eds written by lawyers which have appeared on CoinDesk, including Joshua Stark, Jared Marx, Brian Klein, Benjamin Sauter and David McGill.  Some other original, constructive views that should be highlighted include Stephen Palley, Ryan Straus, George Fogg, Miles Cowan, Patrick Murck, Amor Sexton, Houman Shadab, Angela Walch, Scott Farrell, Claire Warren, Simon Gilchrist, and two perpetual curmudgeons: Izabella Kaminska and Preston Byrne (very prickly at times!).  Non-lawyer thought-leaders, technical, and subject matter experts with bonafides worth interviewing include: Adam Krellenstein, Alex Batlin, Alex Waters, Andrew Miller, Andy Geyl, Antony Lewis, Ari Juels, Arvind Narayanan, Christian Decker, Christopher Allen, Ciaran Murray, Colin Platt, Danny Yang, Dave Hudson, David Andolfatto, David Schwartz, Dominic Williams, Duncan Wong, Elaine Shi, Emily Rutland, Emin Gun Sirer, Ernie Teo, Fabio Federici, Flavien Charlon, Gideon Greenspan, Ian Grigg, Ittay Eyal, Jackson Palmer, Jae Kwon, James Hazard, James Smith, Jana Moser, Jeff Garzik, JP Koning, John Whelan, Jonathan Levin, Jonathan Rouach, Jorge Stolfi, Juan Benet, Juan Llanos, Kieren James-Lubin, Lee Braine, Leemon Baird, Makoto Takemiya, Mark Williams, Matthew Green, Martin Walker, Massimo Morini, Michael Gronager, Mike Hearn, Muneeb Ali, Piotr Piasecki, Richard Brown, Robert Sams, Ron Hose, Sarah Meiklejohn, Stefan Thomas, Stephen Lane-Smith, Vitalik Buterin, Vlad Zamfir, Yakov Kofner, Zaki Manian, Zennon Kapron, and Zooko Wilcox-O’Hearn, as well as dozens of others from several different financial institutions and enterprises too long to list.  I also think that Michael del Castillo, Ian Allison, Simon Taylor, Jon Southurst, and Arthur Falls try to do an honest job reporting too.  Epicenter TV is arguably the best podcast in this space. []
  83. For an example, see Cracking Mt. Gox by WizSec []
  84. Chainalysis has a partnership with Circle which in turn enabled Circle to open up an account with Barclays.  Two years ago, an alleged business plan for Chainalysis was leaked online and unsurprisingly, some in the community were up in arms that this small company provided these forensic services. []
  85. Partially inspired by this tweet. []
  86. Click farms are being used by various ICO and Bitcoin-related online personalities to boost their perceived importance. []
Send to Kindle

Which regulators have publicly commented on Initial Coin Offerings?

Below are some of the stated positions of several different regulators around the world regarding ICOs.  In chronological order:

    • Brazil’s equivalent of the SEC, the Comissão de Valores Mobiliários (CVM), published (July 13th) initial legislation instruction (Instrução CVM No. 588) regulating crowdfunding via ICOs: (Portuguese announcement)
    • The United States SEC published on July 25th on ICOs: (Report on investigation) (Investor bulletin) (Investor alert)
    • Monetary Authority of Singapore published its views on August 1st on ICOs: (Clarification statement) (Consumer advisory)
    • Canadian Securities Administrators (CSA), including the Ontario Securities Commission, published its views on August 24th on ICOs: (Staff Notice) (Announcement)
    • Israel Securities Authority announced on August 30th that it is forming a committee to look at ICOs: (Hebrew announcement) (English)
    • The Financial Supervisory Commission (FSC) in South Korea announced on September 3rd that it held a joint task force meeting to strengthen regulations around digital currency trading, including fundraising with ICOs: (BusinessKorea)
    • Central Bank of Russia issued a public statement on September 4th that included its views on ICOs: (Russian announcement) (English)
    • The People’s Bank of China, along with 6 other Chinese government bodies including the national securities regulator (CSRC), publicly banned ICO fundraising in China on September 4th: (CN announcement) (English) (Bloomberg) (Reuters)
    • SFC in Hong Kong announced its views on ICOs on September 5th: (Announcement)
    • The UK Financial Conduct Authority (FCA) announced that it was keeping a close eye on ICOs on September 6th: (FT)
    • The Securities Commission (SC) of Malaysia issued a press release cautioning investors in ICOs on September 7th: (DNA)
    • The Dubai Financial Services Authority (DFSA) warned investors that ICOs were risky on September 13th: (Statement)
    • The Securities and Exchange Commission in Thailand issued some statements regarding ICOs on September 14th: (Comments)
    • Gibraltar Financial Services Commission (GFSC) issued an official statement regarding ICOs on September 22nd: (Statement)
    • North American Securities Administrators Association (NASAA) issued its annual paper and warned of risks around cryptocurrencies and ICOs on September 26th: (Press release)
    • Macau Monetary Authority (MMA) announced that banks cannot engage with ICOs and cryptocurrencies either “directly or indirectly” on September 27th: (Statement)
    • The Australian Securities and Investments Commission (ASIC) released formal guidance and comments about ICOs on September 28th: (Information Sheet)
    • The Financial Services Commission in South Korea said all kinds of initial coin offerings (ICO) will be banned as trading of virtual currencies needs to be tightly controlled and monitored on September 29th: (Reuters) (Yonhap)
    • The Financial Market Supervisory Authority (FINMA) in Switzerland announced it is investigating ICO procedures and issued formal guidance on September 29th: (Press Release)
    • SEC Exposes Two Initial Coin Offerings Purportedly Backed by Real Estate and Diamonds on September 29th: (Press release)
    • Abu Dhabi’s Global Market’s Financial Services Regulatory Authority (FSRA) released guidelines on ICOs on October 9th: (Guidelines)
    • The Central Bank of Lithuania announced its position and guidelines regarding ICOs on October 11th: (Press release)
    • The US Commodity Futures Trading Commission (CFTC), through its internal division, LabCFTC, released a primer on cryptocurrencies including ICOs on October 17th: (Press release)
    • The Financial Markets Authority (FMA) released commentaries on cryptocurrencies and ICOs on October 25th: (Press release) (Commentary)
    • Japan’s Financial Services Agency (FSA) issued a short statement warning users and business operators about the risks of ICOs on October 27th: (Statement)
    • The European Securities and Markets Authority (ESMA) issued two public statements on ICOs: one on risks and the other on rules applicable to firms involved in ICOs on November 13, 2017: (Press Release)

What do they all say?  A friend who is an attorney said it concisely: when you sell securities, you have to comply with securities laws.

If you plan to do an ICO or some kind of token sale, be sure to speak with more than one lawyer or law firm to get a legal opinion about what it is you are actually selling (or not).

And if you’re interested, below is an interview of Nick Morgan.  He is an attorney who previously was part of the SEC’s enforcement team.  He discusses The DAO, securities regulations, and the current ICO frenzy.

Bonus:

  • ECB’s Draghi rejects Estonia’s virtual currency idea – Reuters
  • Initial Coin Offerings: Know Before You Invest – FINRA
Send to Kindle

Panels, quotes, cites for the 2nd quarter of 2017

Below are a variety of events I participated in the last several months.

Events, panels, and presentations:

Interview:

Send to Kindle

A few other perspectives on cryptocurrencies and ICOs

I received a lot of questions regarding my last post.  Over the past month I have read a number of interesting interviews and articles that I think contribute a lot to the discussion.

Some additional perspectives:

Update:

On July 25, the SEC published a new Investor Bulletin focused on ICOs and also published a report (pdf) detailing their position on ICOs, using The DAO as an example (which they noted violated several US securities laws).

Send to Kindle

A high level overview of ICOs

[Note: I neither own nor have any trading position on any cryptocurrency.  The views expressed below are solely my own and do not necessarily represent the views of my employer or any organization I advise.]

Just as I did with the COIN ETF proposal last year, I have also written a 50-page paper for internal use diving into the world of ICOs.1

I am not sure if or when it will be made public (check back in 3-6 months to see if it has been posted), but here are a few salient points:

    • ICO stands for “initial coin offering.” Depending on what cryptocurrency group is pitching an ICO, it may be in exchange for company equity, but often times there is no explicit contractual link between control of the coin itself with some kind of equity or financial performance of the company… because there is often no formal contract provided to investors.  Not all ICOs are alike and any prospective user or investor should look into the specific operational and funding arrangements.
    • Since January 1, 2017, more than $200 million has been raised by more than a dozen ICO-related projects and companies, a figure that will likely double by the end of the summer and triple by the end of the year as turn-key platforms such as Prism, Swap, 0x, and Iconomi, are flipped on.
    • The primary method of raising and funding an ICO is through bitcoin and ether deposits.  This has driven (mostly) retail investors to create accounts at cryptocurrency exchanges – most of which have poor track records such as Bitfinex – and acquire BTC and ETH.  This demand in turn has been a key driver in the current all-time highs seen by many cryptocurrencies including bitcoin and ether.
    • There is very little regulatory or independent oversight of any of these coin offerings.  Most of the projects attempt to shield themselves from scrutiny from securities, commodities, and money-transmission regulators by setting up a non-profit organization or foundation.  These foundations are typically registered in a couple specific countries, each of which is now home to more than a dozen non-profit organizations specifically managing ICOs.  In addition, ICO promoters will often use euphemisms such as “tokens” instead of coins, or call their fundraiser a “crowdsale” or “donation” or “contribution” that the non-profit organization will later re-distribute after the ICO is over.
    • Some of these non-profit entities sign exclusive development contracts with a for-profit entity that is run by the same people who operate the foundation.  That is to say, the foundation will hire the for-profit company to develop and advise the project that the ICO fundraiser marketed and advertised, yet often with no independent oversight.
    • Ignoring accreditation status: very few, only a handful at most, of these ICOs are done in compliance with any KYC, AML, CFT gathering and sharing requirements. This is problematic.  For instance, over $1 billion in ransomware was liquidated (largely) through cryptocurrencies last year thus it could be relatively easy for bad actors (hackers) to liquidate their bitcoin and ether holdings into ICOs and not be easily caught due to the inability to link real world identities to specific blockchain activity.

Last week Valerie Szczepanik, the head of the SEC’s distributed ledger group, made several public comments.  This included: “Whether or not you are regulated by the SEC, you still have fiduciary duties to your investor.  If you want this industry to flourish, protection of investors should be at the forefront.”

As of right now, there are just a handful of ICOs that have explicitly attempted to protect investors by providing full transparency into their organizations.  Most do not disclose the principals, directors, and insiders involved within these organizations.  Some have private offerings called a pre-sale.  A pre-sale allows participants to acquire coins at a discount (e.g., pre-sale investors might receive 2x the amount of coins that the public coin sale will have at the same price).  In addition, the participants in a pre-sale are not typically named or made public prior to the public offering of the coins; nor are the conditions by which these participants able to sell their holdings typically disclosed.

Historically companies which file paperwork in order to be listed on a public stock exchange have to submit an S-1 or its equivalent to regulators.  The S-1 is important and helpful to the rest of the market because it lays out who the insiders are, who the principals and directors are, how governance is handled, who is responsible, what the business is, what the liabilities are, etc..

In contrast, most ICOs currently have nebulous governance on purpose: because the operators do not want anyone to be held responsible in case the project is unsuccessful or the coin loses its value.  Caveat emptor is the name of the game.

Tulip euphoria

In any given month I am provided inside information about ICOs.  Complete strangers will send me pitch decks that outline their pre-sale and listing opportunities.

Yes, some exchanges are paid to list these coins, often through a percentage negotiated beforehand with the ICO operator.  And there are market makers and underwriters in the form of family offices, high net worth individuals and small hedge funds.  There is an entire ecosystem that is completely opaque and opaque on purpose because many of these participants are trying to deflect responsibility in case a coin crashes or a project is unsuccessful or because they are found in non-compliance with a variety of regulations (e.g., not declaring taxes, self-dealing, insider trading, etc.).

One project involved in building a distributed computer recently offered me about $50,000 over the course of 6 months in addition to the native coin they were pitching to the public.  All they wanted me to do: act as an advisor and promote their coin on social media.

I said no to all of them but others said yes and that project above raised a couple million in USD.

Last week I attended several events including Consensus and a different private conference held later in the week.  I gave a short presentation at one of the events and afterwards I walked to the buffet outside the room to get some food.  While gathering some grilled fish, the audio/visual operator for the event came up to me and told me: “Tim, I just put $100 into bitcoin and also ether.  How much more should I put into them?”

My presentation wasn’t even about cryptocurrency investing or about ICOs, but this illustrates the exuberance of the current time period.  There is a lot of fear of missing out yet few people are actually looking at what these ICO-funded platforms or projects are attempting to do.  How can unsophisticated, technically unsavvy people learn more about them?

Media publications?  But conflict of interest is rife.

I have mentioned this multiple times over the years: unfortunately many “coin” media sites and magazines are not helping the due diligence situation.  Most “coin” reporters, if not all of them, own cryptocurrencies and benefit directly from increased demand of the cryptocurrency, but they often do not disclose it.  In fact, many times they report on coins they own and/or that their parent company owns.  Several small buy-side analysts and their firms also have published uncritical marketing material for cryptocurrencies and some do not disclose their coin holdings or outline the major risks involved in operating these types of networks, in effect white-washing the risks of anarchic chains.

Others in privileged positions including some of the VCs that are active in this space are now also promoting ICOs but few disclose their active long or short positions.  Some of these VCs were entrepreneurs who have pivoted multiple times and this is a last ditch effort to drum up support for their sagging portfolio. 2 3

You just don’t understand the technology!

One common refrain I often hear from ICO promoters is that ICOs are a new form of technology that empowers retail investors like never before and that the traditional world of institutions and laws has no place in the new economy.  And that naysayers and critics just don’t understand the transformative power of ICOs and cryptocurrencies.

That may be true but in my case, definitely is not.

In late 2014 I worked with a company called Melotic.  Melotic is a tech startup that raised about $1.2 million in the summer of 2014 to build a digital asset exchange: a trading platform that new cryptocurrency projects could be listed on, GDAX before GDAX.  For about 9 months I spent the bulk of my time talking to dozens of cryptocurrency projects and operators to find out what unique thing their company did and why they should be listed on Melotic.  Nearly all of them were half-baked scams, and others were just impractical (Urea Coin). 4

In May 2015, Melotic announced it was closing its exchange and moving into cross-border payments where it currently operates under the brand, Kleering.

While Melotic deserves its own dedicated post, the takeaways we learned at the time were that traders (who were most of the user base) only cared about two specific things:

(1) Anonymity.  Some traders publicly complained when we implemented a set of KYC and AML policies.  They said we should snub our noses at the government and banks and provide traders the ability to exchange cryptocurrencies without complying with local or national laws surrounding identity gathering and verification.  This is an opinion that is still very prevalent as shown by similar comments on /r/bitcoinmarkets and /r/ethtrader.

(2) Pump and dump.  Day traders love volatility and cryptocurrencies often provide that volatile environment.  Because new cryptocurrencies such as an ICO are often even more illiquid and thinly traded than say bitcoin (which itself is relatively illiquid), whales and insiders without vesting and lock-up periods can quickly move the market up and down due to the large amounts of coin holdings they have.  This creates the booms and busts that many cryptocurrency traders savor.  Yet at Melotic, we were apprehensive about listing every single cryptocurrency under the sun, and tried to filter those we thought had unique utility and less volatile.  In the end we only listed about 10.  Yet empirically the most successful exchanges – as measured in volume – were those that listed every single coin that was launched.  Quantity over quality continues to persist today as exchanges compete for volume and liquidity of new coins.  This contrasts with regulated exchanges such as NASDAQ (pdf) and NYSE (pdf) which have listing requirements, including transparency into the companies principals.  Most cryptocurrency exchanges do not ask for similar requirements and in fact, some take a cut of the coins – similar to payola – in order to be listed.

Over two years ago I wrote a post that looked at around 20 different ICOs and projects that did some kind of public coin distribution.  My new paper looks at them in more detail.  What were the findings?

While we wait for that paper to be published another key takeaway is that: almost none of the projects lived up to the advertised utility or expectations that their promoters marketed to the community and investors that bought their coins.  Yet most of the cryptocurrencies, even ones that lack a real development community, are seeing all-time highs on the cryptocurrency markets.

In other words: utility is completely divorced from market value of the coins; a phenomenon that seems unlikely to change in the short term.

This is compounded by the fact that ICOs are by their nature, not designed for cash flow or optimized to be profitable.

Why is that?  Because at its core: the non-profit entities that runs them are by definition, not-for-profit.  As a result, these projects largely rely on their token holdings and the price appreciation thereof, in order to be sustainable.  Thus the incentive to focus on marketing and create buzz to further increase the price appreciation of the coin holdings.

And ignoring the informational asymmetries above, there are some other interesting wrinkles.

Earlier this week I participated on a fintech panel and during the group discussion one specific ICO was briefly mentioned, the Basic Attention Token (BAT).  Brave, the company behind the BAT, had just raised $35 million in a crowdsale (unregistered securities?).  Notable to this sale was that over $6,000 in fees to miners were included in the transactions related to the ICO.

How many transactions can you fit into an Ethereum block during high demand times?  It depends on the complexity of the contract. For the BAT, it was about 90.  90ish people were able to participate in the first block of the BAT’s ICO. Those 90 ICO seats went to whoever attached the largest transaction fees.

An unsavvy retail investor would need a lot of mempool luck if there is high demand and larger players investing millions are paying $1,000 USD fees just to increase their chance to get one of those scarce seats in the first block. This could mean that in the long run, all the “good” ICOs will be bought up by sophisticated investors aware of this limitation and only sub-par ICOs will run long enough (more than one block) to let unsophisticated retail investors in.5

Conclusions

ICO organizers often exchange coins for explicit support by outside endorsements and lobbying in their favor (e.g., advisors and influential personas are given a cut of coins). Therefore researchers, regulators, developers and potential investors looking at an ICO should look for paper trails to identify investors, users, organizers, insiders, and potential malicious actors.6  This also includes exchange operators and their principals who may learn weeks beforehand when a cryptocurrency will get listed and thus, may have material, asymmetric information they can act on.

Investors should look very hard at what the risks and recourse there is in the event of a hard fork, what happens if their assets end up on a deprecated chain?  If it is an ERC20 token, what fork will the developers consider the “legitimate” chain?  Ethereum forked multiple times last year and currently, investors of ICOs based on ERC20 have few, if any, protections or recourse in the event an ICO organizer fails to deliver its promises let alone a technical problem occurs.  For instance, what happens if the network becomes too top heavy and open to the Hold-Up Problem?  Who has legal standing or recourse?

ICOs can be done with existing technology – no blockchains are needed (just ask Beenz and Liberty Reserve) – yet because ICOs are being done on anarchic blockchains where reversibility is economically cumbersome and identification is non-existence, it can create new risks and challenges for investors.  Potential investors need to be able to answer: in case a dispute arises, how can recourse take place if key counterparties are not identifiable?

Cryptocurrencies and the coins that piggy back on their network will likely continue to exist so as long as these non-profit entities have enough coins to liquidate to pay for marketing and advertisements. And so as long as there are others willing to buy their coins (e.g., liquidity).

And while it may be too early to distinguish and separate the specific ICOs that are outright scams from poorly run companies, keep in mind that a couple dozen Pyramid schemes failing in 1997 led to massive unrest and a civil war in Albania.  We have already witnessed enormous strain and virtual fighting within the cryptocurrency community (e.g., the never ending Bitcoin block size debate and the Ethereum hard fork because of The DAO attack).  What would happen to the aggregate cryptocurrency market if the investors and insiders in a couple dozen ICO platforms (Pyramid or not) tried to liquidate their holdings onto an illiquid market?

If you’re looking for dramatic excitement (currently) without many investor protections, the ICO world may have what you’re looking for.  But if you’re looking for sustainable operations with repeat revenue and cash flow connected to mainstream utility and accountability – aka a business – then you might want to do a double-take.

See also:

Endnotes

  1. “How the ICO, OCO, and ECO ecosystem works at a high level” by Tim Swanson []
  2. Kik, a messaging application which failed to gain traction, announced it would be issuing a cryptocurrency, but for what purpose?  Likely because it has been unable to raise new venture or institutional capital. []
  3. A number of these portfolio companies likely are on life support, propped up not by revenue but coin holdings which speculators have driven up in market value.  In short: some of these cryptocurrency-based startups are commodity or FX plays, not utility-based investments. []
  4. We also spoke with a lot of cryptocurrency exchanges to learn about their business and compliance practices, shying away from those that raised red flags around KYC and AML compliance.  One cryptocurrency exchange that is still very active today asked us to do the KYC for them as they were ideologically against gathering that information from their own customers. []
  5. Note: this is not an endorsement of BAT.  I have not participated in any ICO or cryptocurrency crowdsale. []
  6. Some ICO organizers have intentionally misled financial institutions about the nature of their business in order to get a bank account. Because ICOs typically do not comply with KYC, AML, and CFT procedures, this could lead to new fines and even banks being de-banked (correspondent banking access cut off). []
Send to Kindle

How cryptocurrencies enable ransomware and how regtech can help counter it

Imagine for a moment that Alice, a hacker, was looking at various means for receiving payment for an illicit activity she just undertook.  She has two options to do so, which would she choose?

(1)  Bob built a payment network which was identity-free; it used pseudonyms so no legal identities were required to send transactions between its participants.  And that trying to stop or prevent payments was difficult because the computers running the payment network were widely distributed and run by multiple known and unknown participants across dozens of jurisdictions that were sometimes hard to track down.  Recourse is difficult and sometimes impossible.  Cryptocurrencies such as Bitcoin, Litecoin, and Ethereum are examples of such a network.

(2) Carol built a payment network which requires all users to provide a proof-of-identity, usually by scanning and storing of government-issued IDs or utility bills.  And that stopping, preventing, or even rolling back payments was possible because the computers running the payment network were run by legally identifiable participants who were often located in easy-to-find offices.  Recourse could be cumbersome, but almost always possible.  Wire transfer methods like ACH are examples of such a network.

Alice would probably choose number one and later try use some conversion tool or exchange to move her payment into number two.  How is this done?  See the (dated) flow-of-funds chart below.

While some cryptocurrencies, like Bitcoin, were probably not designed to serve as get-away vehicles – because of key design choices that make legal recourse difficult – they are increasingly used to shuffle ill-gotten gains around.1

For example, data kidnapping – commonly referred to as ransomware – has existed in some form for more than two decades.  But the current plight surrounding ransomware, and the white washing of the role cryptocurrencies have in this plight, have gone hand in hand over the past several years.

Why?

The core characteristics of cryptocurrencies – censorship resistance and pseudonymity – are some of the main reasons why ransomware has become increasingly commonplace.  And these cryptocurrencies need liquidity.

Liquidity into-and-out of fiat has fluctuated over time, with some exchanges being debanked and sometimes rebanked, but as an aggregate it has increased overall.  Liquidity is often done through venture-backed gateways and exchanges.

As explored in my previous post, as well as others, many of these gateways and platforms have inadequate and typically non-existent KYC and AML gathering processes.  This post won’t go into the details surrounding some of the investors and promoters of these platforms, but further research could dive deeper into that industry as well as the white washing that goes on to distract investigations.

We see this empirically: attackers do not ask for fiat or credit cards because these would be easily tracked and/or transactions would be halted.  Instead, they ask to be paid in some kind of cryptocurrency because they know the likelihood of getting caught and reprimanded is significantly lower.

This past Friday, WannaCry, a ransomware package, wreaked havoc on more than 200,000 victims across all times of organizations located in over 150 countries.  This included government services including NHS in the UK and the Interior Ministry in Russia.

Source: Twitter

The first-order of victims ranged from small startups that could quickly patch and restart their computers all the way to large hospital systems that were unable to access patient records and had to turn away patients.

This then leads to the second-order of victims: patients and customers of these institutions.  According to the Associated Press, the “cyberattack hit almost 20 percent of UK’s 248 public health trusts.”

While all of the impacted organizations already should have had a formal plan to upgrade and patch these types of vulnerabilities (e.g., create regular back-ups off-site), based on several news stories, many of them did not.

Will they all learn from this lesson?  Probably not.

Either way: none of the victims have a formal means of recourse against the hacker(s) involved in WannaCry because we do not know the identities of the hackers.  Some victims have even paid the ransom of ~$300, denominated in bitcoin, to have their files unlocked.  The hacker is using multiple (4+) bitcoin addresses to receive the ransom and as of this writing, has received more than $50,0002

Last year the FBI estimated that around $1 billion was paid to unlock ransomware and cyber extortion.  Cryptocurrencies, such as Bitcoin, were usually the preferred method of payment.

Two weeks ago, James Comey, former Director of FBI spoke before the Senate Judiciary Committee and noted that:

Some of our criminal investigators face the challenge of identifying online pedophiles who hide their crimes and identities behind layers of anonymizing technologies, or drug traffickers who use virtual currencies to obscure their transactions.

For Bitcoin, there are ways to remain fairly anonymous, like using mixers, however it requires a lot more work to.  But relatively few people are investigating, so the chance of getting caught is likely low.  Newer cryptocurrencies such as Monero and Zcash are designed to be anonymous which makes them harder to track.  Monero has been spotted in the wild alongside the Kirk Ransomware as well as research from Sophos (pdf).3  And Zcash has been used by a botnet to mine more Zcash on devices such as your phone.

And then there is Tor, a software program that enables anonymous communication by passing network traffic through various relays nodes that help conceal the location of the user.  WannaCry used Tor to preserve its “anonymity by proxying their traffic through the Tor network.”

How to bring some light into the darkness?

Solutions

I reached out to Adam Young who co-created “cryptoviral extortion” (what we call ransomware today).  In his view:4

In terms of the ransomware attack, people/organizations need to do a better job at patching and removing end-of-life systems, clearly. My larger concern is that cryptoviral extortion is the only cryptovirology attack that anyone seems to be paying attention to and there are many, many others.

I also spoke to Danny Yang, CEO of Blockseer who advised everyone to, “update your software, make sure you have latest security patches – that ransomware worked because  people didn’t update their Windows since March when that particular security vulnerability was patched.”5

My recent post looking at Bitfinex and regtech was quite popular.  It was viewed several thousand times and I received a number of calls from reporters looking to investigate some of the points raised.

Some people pointed out that the behavior by Bitfinex and other cryptocurrency exchanges is one of the reasons why a few banks in emerging markets have lost correspondent banking access: that they were de-risked because of what others perceive is a high-risk customer base.

According to research by Accuity, a global financial crime compliance, payments and KYC solutions provider:

Between 2009 and 2016, correspondent banking relationships, where one financial institution provides services on behalf of another in a different location to facilitate cross-border payments, have reduced globally by 25%.

Earlier this year, the People’s Bank of China, SAFE and other government bodies in China, investigated and froze cryptocurrency withdrawals at many, if not all, the cryptocurrency exchanges operating on the mainland.

Why?  Among other reasons: inadequate KYC and AML gathering and sharing processes.

According to Caixin, a notice of administrative punishment may be released in June that details the punishment and fines of these China-based exchange operators.

In addition to freezing and de-banking, what are some other solutions as well?

Companies such as Blockseer and Chainalysis provide tools for law enforcement, regulators, entrepreneurs and compliance teams to trace and track the flow-of-funds on cryptocurrency networks. I have written about them numerous times.

Angel List is tracking 96 startups involved in providing compliance-related software for SMB, hospitals, cloud providers, social media platforms and a handful of other verticals.  It also has job listings for 11 regulatory compliance startups.  There is an additional 2,878 startups listed under the broader category of big data analytics, some of whom who are also working in the regtech space.

While technology can help play a role in identifying participants on these types of networks (blockchains and distributed ledgers), it is also worth exploring the proposed strawman for setting up a Kimberley Process for cryptocurrencies.  Identity systems are critical to all property rights and financial networks.  Creating applications around data lineage, data provenance, KYC management, and standardized digital identities will help provide transparency into all markets.

If you’re interested in learning more about these tools and mechanisms, feel free to reach out or leave a comment below.

Endnotes

  1. In the original white paper, Nakamoto explained ways to route around trusted third parties, such as governments. []
  2. If you’re interested in learning more about how malware researchers identified and stopped it, Malware Tech has a detailed story as well as one from Brian Krebs. []
  3. AlphaBay, the largest darknet market by volume, announced that it was accepting Monero as a form of payment in August 2016. []
  4. Private correspondence, May 14, 2017.  Published with his permission. []
  5. Private conversation reused with permission.  May 13, 2017 []
Send to Kindle

Citations, interviews, and events for the final third of 2016

Presenting at Bitcoin / Ethereum Meetup in Hong Kong

I ended up traveling a lot more than I expected last year, including 9 times just to East Asia.  The level of interest in that region will probably increase this year — especially as more projects and companies are funded — though I probably won’t do the Trans-Pacific shuffle nine times again this year.

As of right now there are probably just a small handful of startups in APAC that have the capital, connections, and capability to execute and build the commercial products and applications that are discussed at the plethora of fintech events.  And almost none of them have anything to do with a cryptocurrency itself either… because cryptocurrencies weren’t designed to solve most problems financial service organizations have.

Below are the interviews, events, and presentations I participated in the last few months of 2016.

Note: according to their stats, my “Settlement Risks Involving Public Blockchains” was one of TABB Forum’s top stories of 2016.

Quoted:

Cited:

Interview:

Events:

  • Smart Cloud Show 2016 from Chosun Ilbo on September 21, 2016 in Seoul, South Korea.
    • Keynote: “Blockchain and Financial Big Bang”
    • Coverage: Naver
  • Global Blockchain Summit event held by Wanxiang Blockchain Labs on September 23, 2016 in Shanghai, China
    • Presentation: “Opportunities and Challenges for Financial Services in the Cloud: Trade-offs in digitizing and automating finance” (R3 Blurb)
  • Fujitsu Laboratories of America Technology Symposium annual event on October 11, 2016 in Santa Clara, California
    • Panel: “The Blockchain Future – Challenges and Opportunities Ahead”
  • Fórum Blockchain event jointly held by Itaú and Bradesco on October 13, 2016 in São Paulo, Brazil
    • Presentation: “Smart Contracts: cryptographically secured, automated business logic”
  • MIT Fintech Course: Future Commerce on October 18, 2016 (virtual)
    • Discussion: “Distributed Ledger Technology Landscape and Regulations”
  • GAIM OPS West Coast annual event held on October 25, 2016 in Rancho Mirage, California
    • Panel: “Blockchain: What Exactly is it disrupting? Will it Negate Counterparty Risk?” (Photo)
  • CIO Study Trip hosted by the Capgemini Applied Innovation Exchange Lab on behalf of the IT Management Association on October 26, 2016 in San Francisco
    • Presentation: “Distributed Ledger Technology” and “Legal and Regulatory Challenges”
  • Day long discussions on November 9, 2016 at Cornell University in Ithaca, New York
    • Presentation: “Code is not law” (Photos)
  • Guest lecture at the Boston Economic Club on November 16, 2016 in Boston, Massachusetts.
    • Presentation: “DLT as Financial Market Infrastructure” (Photo)
  • Global Trade Review: West Coast Trade & Working Capital Conference on November 17, 2016 in San Jose, California
    • Panel: “Fintech investment and evolution of the trade finance sector” (Photo)
  • The Future of Financial Payment Services Driven by Technology Innovation on November 22, 2016 from Korea Finance Telecommunications & Clearings Institute 30th Anniversary Seminar in Seoul, South Korea
    • Presentation: “DLT as Financial Market Infrastructure” (Photos)
    • Panel: (Photos)
  • Inside Fintech on December 8-9, 2016 in Seoul, South Korea
    • Presentation: “Why Building Financial Infrastructure is Different than Building a Social Media App” (Photos)
    • Panel: “Regulating the Unregulated: How is Regulation and Compliance Impacting the Adoption of New Technology and Innovation” (Photos)
  • Ethereum and Bitcoin joint meetup on December 12, 2016 in Hong Kong
    • Presentation:  “On Consortiums: R3’s Tim Swanson in Conversation”
  • 13th annual China International Finance Forum on December 15, 2016 in Shanghai, China
Send to Kindle

Comments on the COIN ETF (SR-BatsBZX-2016-30)

Earlier today, with some help from the R3 research team (thanks for the grammar fixes!), I shipped a new paper to the consortium members.  This paper discusses several issues and challenges facing a Bitcoin-based ETF that was originally proposed a couple years ago by the Winklevoss twins (commonly called the COIN ETF).  It specifically looks at questions publicly raised by the SEC.

It bears mentioning that R3 itself is not in any shape or fashion involved with this ETF or in using the Bitcoin network.  This (tangential) paper solely represents my views and not those of my employer or companies I advise.  I worked on it in my spare time.

R3 typically makes research papers available 3-6 months after sending it to members, so check back here later next spring or summer to see if it has been posted.

Update 09/2017: many months later an egg tweeted that it has been posted online at Scribd and Docdroid (pdf)

Send to Kindle

Citations, presentations, and panels

Below are a number of events, presentations, panels, and interviews I have participated in over the past three months.

Academic citation:

Quoted:

Presentations:

Interviewed:

Panels:

Cited:

Send to Kindle

Code is not law

This past Sunday I gave a new presentation at the Palo Alto Ethereum meetup — it was largely based on my previous two blog posts.

Note: all of the references and citations can be found within the notes section of the slides.  Also, I first used the term “anarchic chain” back in April 2015 based on a series of conversations with Robert Sams.  See p. 27.

Special thanks to Ian Grigg for his constructive feedback.

Slides:

Video:

Send to Kindle

Ethereum Core and Ethereum Classic for Dummies

[Note: I neither own nor have any trading position on any cryptocurrency.  The views expressed below are solely my own and do not necessarily represent the views of my employer or any organization I advise.]

If you’re bored of catching Pokemon and happen to have a lot of butter stored up, now is the time to break out the premium organic popcorn kernels and enjoy Fork Wars: Summer 2016 Edition.

As mentioned in the previous post: last week many miners, exchanges, and developers coordinated a hardfork of Ethereum.  At the time there were lots of celebrations for having done something that flew in contrast to the views prominently held by the Bitcoin Core development community: namely that a fast hardfork can’t be done safely on a public blockchain.

Well, it has been done, but there were also some consequences.  Some intended and others unintended.  The biggest consequence — which was touched on in my last post too — was that there were now parallel universes: Ethereum Core (ETH) and Ethereum Classic (ETC).

What does this mean?

If you owned a coin on pre-hardfork Ethereum, you now own not just the ETH facsimile but also the Classic coin (ETC) too.  Two for the price of one!1

This also opens up the very real possibility of replay attacks which was also a possibility when Ethereum moved from Olympic to Frontier.

A replay attack predates cryptocurrencies such as Bitcoin and Ethereum:

[I]s a form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and re-transmits it, possibly as part of a masquerade attack by IP packet substitution.

In this case, it is the retransmission of a transaction (not IP packet).  Or in the Ethereum world, a replay attack would be to take a transaction from one Ethereum fork and maliciously or fraudulently repeating it on another Ethereum fork.

A little confused?  Check out: Sirer, Rapp, and Vessenes.

At first most of the Ethereum community assumed that Classic would effectively become deprecated and fade away into history much like Olympic.  After all, so went the argument, who would want to use or support a network in which at least one participant owned/controlled roughly ~10% in now “hot” ether?

Sidebar: recall that the main motivating force behind the hardfork was spurred on by the successful attack on The DAO, an investment fund created by Slock.it who did not adequately test the smart contract for security vulnerabilities (among other issues).

Well, it seems that Classic will not go silent into the night, at least not yet.

From a technical integration standpoint, while all of the large exchanges initially supported ETH, one altcoin exchange based in Montana — Poloniex — began supporting both forks.2

Traders — seeing a potential arbitrage opportunity — began doing what they do best: speculating and driving up demand for ETC via posts on social media.  As a consequence of their marketing efforts, the price of ETC dramatically rose over 380% in one 24-hour period alone.  In return, some of the miners that had abandoned the original Ethereum chain (ETC) to mine on the ETH hardfork have now begun mining on both which means that the original ETC network actually has once again begun seeing an increase in its hashrate (recall that it had dramatically dropped a week ago).

This is an interesting twist because less than 3 days ago, Chandler Guo an executive at BW.com — a large mining pool — announced he would undertake a 51% attack on the ETC blockchain because of the decision by Poloniex to support it.  Chandler later announced he would not carry it out.

Incidentally, it is likely that the noise that was created from this threat actually drew more attention to the Poloniex arbitrage opportunity, creating a type of Streisand Effect.3

Visual

What does this situation look like?

ethereum classic

Source: slacknation

Above is a line graph that is auto-generated and reflects the past 48 hours of two types of ratios: the Ethereum Classic (ETC) to Ethereum Core (ETH) price; and the ETC to ETH hashrate.  Price is derived from the two largest exchanges in terms of ether liquidity (Bitfinex and Poloneix).

This is actually not surprising behavior, we empirically observe the same type of trend with other cryptocurrencies: when price increases more hashrate comes on-board and vice-versa.45

Precedence

Over the past several days there has been much guessing as to which chain will live or die, but rarely do people suggest that both will live on in the long-run.

And I think that is short-sighted.  While not a fully direct comparison, even though they’re effectively based on the same code, we have seen how Litecoin and Dogecoin have permanently conjoined at the hip via merged mining: they co-exist via the Scrypt Alliance.  In addition, we have seen for years the continued existence of multiple multipools, which automatically direct GPU-miners to the most profitable cryptocurrency usually with a payout in bitcoin.

I cannot predict who which chain outlasts the other.  Perhaps now that ethcore has said it will also support Ethereum Classic, the two (or more!) chains will both continue to exist and grow.  Either way, we do know that the maximalist thesis, that there is a “coming demise of altcoins,” continues to be empirically incorrect and I suspect that it will remain incorrect for as long as there is continued speculative demand for cryptocurrencies in general.  This includes both ETH and ETC.

Other winners and losers

Who else gains from this phenomenon?  In the short run, anyone interested in trading will probably be able to find some kind of arbitrage — assuming demand grows or at least stays at the same level.

Anyone else?

Other cryptocurrency communities that see Ethereum as a competitor could believe they now have an incentive to support multiple forks too, as it draws hashrate and potential mindshare away one chain at the expense of the other.  And the more that the Ethereum community is painted as being “chaotic” the less of a threat it is seen to other public blockchains.  But maybe this is shortsighted too and will simply enlarge the Ethereum community because they now end up as ETC holders and want it to appreciate in value.

Either way, it sounds like the makings of some kind of TV miniseries staring Jean-Luc Bilodeau as Vitalik Buterin (they’re both Canadian).

Want to read more on the topic?

Conclusions

Ignoring the above quasi-illustration of the many-worlds interpretation, surprisingly not much has been discussed regarding the analog world of when fiat currencies are created or even removed at certain exchange rates and the unintended consequences therein.

For instance, in the comedy Good Bye, Lenin! we see the repercussions for those who were unable to convert East German marks for West German marks after the fall of the Berlin Wall.

More recently we have seen multiple Iraqi dinar scams, in which individuals were deceived and conned into acquiring pre-war dinar (a deprecated fiat currency) with the fraudulent pitch that at some point in the future, the previous pre-war exchange rate would somehow be reached.

However, one of the biggest differences with the Ethereum-based chains above is that cryptocurrencies are anarchic — without terms of service or ties to the legal system. Therefore it is difficult (impossible even?) to say which chain is the de jure legitimate chain.  Consequently it is unclear if anyone has a legal claim to prevent or create additional forks in the future and because of this, it is hard to see who has liability for past, present or future forks on these chains.

Whether that is a risk organizations and regulated institutions are willing to take is a topic for another post.  Perhaps if or when this is done, there will be even more chances to consume warm buttery popcorn as we watch and learn from the trials and tribulations of anarchic blockchains.

Endnotes

  1. It is closer to a spinoff than a stock-split.  Similar to the Ebay/Paypal spinoff, where a company that once had single market capitalization (EBAY) now trades under two different symbols (EBAY/PYPL) that trade and move independently. []
  2. Note: by this I mean that the existing exchanges that had already on-boarded ether, not that all large cryptocurrency exchanges had on-boarded ether. []
  3. Guo wanted to remove something (a chain in this case) but by advertising his intention to do so, only drew more interest and activity back into the very chain he intended to remove. []
  4. See Appendix B []
  5. See also Ethereum chain state []
Send to Kindle

Archy and Anarchic Chains

[Note: the views expressed below are solely my own and do not necessarily represent the views of my employer or any organization I advise.]

Yesterday, at block height 1920000, many elements of the Ethereum community coordinated a purposeful hardfork.

After several weeks of debate and just over a couple weeks of preparation, key stakeholders in the community — namely miners and exchanges — attempted to create a smooth transition from Ethereum Prime (sometimes referred to as Ethereum Classic) into Ethereum Core (Ethereum One).1

Users of exchange services such as Kraken were notified of the fork and are now being allowed to withdraw ETH to Ethereum Core, which many miners and exchanges now claim as “mainnet.”

Was the hardfork a success?  To answer that question depends on which parallel universe (or chain) you resided on.  And it also depends on the list of criteria for what “failure” or “success” are measured by.

For instance, if you ended up with ETH on the “unsupported” fork (Classic), who was financially responsible for this and who could attempt to file a lawsuit to rectify any loses?

Maybe no one.  Why?  Because public blockchains intentionally lack terms of service, EULA, and service level agreements, therefore it is difficult to say who is legally liable for mistakes or loses.

For instance, if financial instruments from a bank were sent to miners during the transition phase and are no longer accessible because the instruments were sent to the “unsupported” chain, who is to blame and bears responsibility?  Which party is supposed to provide compensation and restitution?

De facto versus de jure

This whole hardfork exercise visualizes a number of issues that this blog has articulated in the past.

Perhaps the most controversial is that simply: there is no such thing as a de jure mainnet whilst using a public blockchain.  The best a cryptocurrency community could inherently achieve is a de facto mainnet.2

What does that mean?

Public blockchains such as Bitcoin and Ethereum, intentionally lack any ties into the traditional legal infrastructure.  The original designers made it a point to try and make public blockchains extraterritorial and sovereign to the physical world in which we live in.  In other words, public blockchains are anarchic.

As a consequence, lacking ties into legal infrastructure, there is no recognized external authority that can legitimately claim which fork of Bitcoin or Ethereum is the ‘One True Chain.’  Rather it is through the proof-of-work process (or perhaps proof-of-stake in the future) that attempts to attest to which chain is supposed to be the de facto chain.3

However, even in this world there is a debate as to whether or not it is the longest chain or the chain with the most work done, that is determines which chain is the legitimate chain and which are the apostates.4 5

And this is where, fundamentally, it becomes difficult for regulated institutions to use a public blockchain for transferring regulated data and regulated financial instruments.

For instance, in March 2013 an accidental, unintended fork occurred on what many participants claimed as the Bitcoin mainnet.

To rectify this situation, over roughly four hours, operators of large mining pools, developers, and several exchanges met on IRC to coordinate and choose which chain they would support and which would be discarded.  This was effectively, at the time, the largest fork-by-social-consensus attempted (e.g., proof-of-nym-on-IRC).

There were winners and losers.  The losers included: OKPay, a payment processor, lost several thousand dollars and BTC Guild, a large mining pool who had expended real capital, mined some of the now discarded blocks.

In the Bitcoin world, this type of coordination event is slowly happening again with the never ending block size debate.

One team, Bitcoin Classic, is a small group of developers that supports a hardfork to relatively, quickly increase the block size from 1 MB to 2 MB and higher.  Another group, dubbed Bitcoin Core, prefers a slower role out of code over a period of years that includes changes that would eventually increase the block size (e.g., segwit). 6

Yet as it lacks a formal governance structure, neither side has de jure legitimacy but instead relies on the court of public opinion to make their case.  This is typically done by lobbying well-known figureheads on social media as well as mining pools directly.  Thus, it is a bit ironic that a system purposefully designed for pseudonymous interactions in which participants were assumed to be Byzantine and unknown, instead now relies on known, gated, and trusted individuals and companies to operate.

Note: if the developers and miners did have de jure legitimacy, it could open up a new can of worms around FinCEN administrative requirements. 7  Furthermore, the miners are always the most important stakeholders in a proof-of-work system, if they were not, no one would host events just for them.

arthur twitter pow

Source: Twitter

Ledgers

With this backstory it is increasingly clear that, in the legal sense, public blockchains are not actual distributed ledgers.  Distributed, yes; ledgers, no.

As Robert Sams articulates:8

I think the confusion comes from thinking of cryptocurrency chains as ledgers at all. A cryptocurrency blockchain is (an attempt at) a decentralised solution to the double spending problem for a digital, extra-legal bearer asset. That’s not a ledger, that’s a log.

That was the point I was trying to make all along when I introduced the permissioned/permissionless terminology!9 Notice, I never used the phrase “permissionless ledger” — Permissionless’ness is a property of the consensus mechanism.

With a bearer asset, possession of some instrument (a private key in the cryptocurrency world) means ownership of the asset. With a registered asset, ownership is determined by valid entry in a registry mapping an off-chain identity to the asset. The bitcoin blockchain is a public log of proofs of instrument possession by anonymous parties. Calling this a ledger is the same as calling it “bearer asset ledger”, which is an oxymoron, like calling someone a “married bachelor”, because bearer assets by definition do not record their owners in a registry!

This taxonomy that includes the cryptocurrency stuff in our space (“a public blockchain is a permissionless distributed ledger of cryptocurrency”) causes so much pointless discussion.

I should also mention that the DLT space should really should be using the phrase “registry” instead of “ledger”. The latter is about accounts, and it is one ambition too far at the moment to speak of unifying everyone’s accounts on a distributed ledger.

As I have discussed previously, public blockchains intentionally lack hooks into off-chain legal identification systems.

Why?  Because as Sams noted above: a KYC’ed public blockchain is effectively an oxymoron.  Arguably it is self-defeating to link and tie all of the participants of the validation (mining) process and asset transfer process (users) to legal identities and gate them from using (or not using) the network services.  All you have created is a massively expensive permissioned-on-permissionless platform.

But that irony probably won’t stop projects and organizations from creating a Kimberely Process for cryptocurrencies.

I cannot speak on behalf of the plethora of “private chain” or “private ledger” projects (most of which are just ill-conceived forks of cryptocurrencies), but we know from public comments that some regulators and market structures might only recognize blockchains and distributed ledgers that comply with laws (such as domestic KYC / AML regulations) by tying into the traditional legal infrastructure.10 This means tying together off-chain legal identities with on-chain addresses and activity.

Why?

There are multiple reasons, but partly due to the need to reduce settlement risks: to create definitive legal settlement finality and identifying the participants involved in that process.11

Finality

As illustrated with the purposeful Ethereum One hardfork and the accidental Bitcoin fork in 2013, public blockchains by design, can only provide probabilistic settlement finality.

Sure, the data inside the blocks itself is immutable, but the ordering and who does the ordering of the blocks is not.

What does this mean?  Recall that for both Ethereum and Bitcoin, information (usually just private keys) are hashed multiple times by a SHA algorithm making the information effectively immutable.12 It is unlikely given the length of time our star is expected to live, that this hash function can be reversed by a non-quantum computer.

However, blocks can and will be reorganized, they are not immutable.  Public blockchains are secured by social and economic consensus, not by math.

As a consequence, there are some fundamental problems with any fork on public blockchains: they may actually increase risks to the traditional settlement process.  And coupled with the lack of hooks for off-chain identity means that public blockchains — anarchic blockchains — are not well-suited or fit-for-purpose for regulated financial institutions.

After all, who is financially, contractually, and legally responsible for the consequences of a softfork or hardfork on a public blockchain?

  • If it is no one, then it might not be used by regulated organizations because they need to work with participants who can be held legally accountable for actions (or inactions).
  • If it is someone specifically (e.g., a doxxed individual) then you have removed the means of pseudonymous consensus to create censorship resistance.

In other words, public blockchains, contrary to the claims of social media, are not “law” because they do not actually tie into the legal infrastructure which they were purposefully designed to skirt.  By attempting to integrate the two worlds — by creating a KYC’ed public blockchain — you end up creating a strange hydra that lacks the utility of pseudonymity (and censorship resistance) yet maintains the expensive and redundant proof-of-work process.

These types of forks also open up the door for future forks: what is the criteria for forking or not in the future?  Who is allowed and responsible to make those decisions?  If another instance like the successful attack and counter-attack on The DAO takes place, will the community decide to fork again?  If 2 MB blocks are seen as inadequate, who bears the legal and financial responsibility of a new fork that supports larger (or smaller) blocks?  If any regulated institution lose assets or funds in this forking process, who bears responsibility?  Members of IRC rooms?

If the answers are caveat emptor, then that level of risk may not be desirable to many market participants.

Conclusions

Who are you going to sue when something doesn’t go according to plan?  In the case of The DAO, the attacker allegedly threatened to sue participants acting against his interests because he claimed: code is law.  Does he have legal standing?  At this time it is unclear what court would have accepted his lawsuit.

But irrespective of courts, it is unclear how smart contract code, built and executed on an anarchic platform, can be considered “legal.”  It appears to be a self-contradiction.

As a consequence, the fundamental need to tie contract code with legal prose is one of the key motivations behind how Richard Brown’s team in London approached Corda’s design.  If you cannot tie your code, chain, or ledger into the legal system, then it might be an unauthoritative ledger from the perspective of courts.13

And regulated institutions can’t simply just ignore regulations as they face real quantifiable consequences for doing so.  To paraphrase George Fogg, that’s akin to putting your head in the sand.

We continue to learn from the public blockchain world, such as the consequences of forks, and the industry as a whole should try to incorporate these lessons into their systems — especially if they want anyone of weight to use them.  Anarchic blockchains will continue to co-exist with their distributed ledger cousins but this dovetails into a conversation about “regtech,” which is a topic of another post.

Endnotes

  1. Rejecting Today’s Hard Fork, the Ethereum Classic Project Continues on the Original Chain: Here’s Why from Bitcoin Magazine []
  2. This doesn’t mean that regulators and/or financial institutions won’t use public blockchains for various activities; perhaps some of them will be comfortable after quantifying the potential risks associated with them. []
  3. Ethereum developers plan to transition Ethereum from proof-of-work to proof-of-stake within the next year. []
  4. See Arthur Breitman’s interview on Epicenter Bitcoin and Mike Hearn’s interview on Money & Tech []
  5. Philosophically when Bob connects to “The Bitcoin Network” — how does Bob know he is actually connected to the “real” Bitcoin network?  One method is to look at the block header: it should take a specific amount of time to recreate the hash with that proof-of-work. This proves which network has the most work done.  However, in the meantime, Bob might connect to other ‘pretenders’ claiming to be “The Bitcoin Network.”  At this time, there does not appear to be any legal recognition of a specific anarchic chain. []
  6. The Bitcoin Core fork, which is euphemistically called a softfork, is basically a hardfork spread over a long period of time. []
  7. See Section 3.4 []
  8. Personal correspondence: March 9, 2016 []
  9. See Blockchain Finance by Robert Sams []
  10. This is not to say that regulators, governments, and various market participants will not use public blockchains for other activity. []
  11. See Section 3.1 []
  12. For proof-of-work mining, Ethereum uses ethash instead of SHA256.  For hashing itself, Ethereum uses SHA-3 which is part of the Keccak family (some people use the terms interchangeably but that isn’t technically correct). []
  13. See Section 9 []
Send to Kindle

Looking at public information for quarterly usage

[Note: the views expressed below are solely my own and do not necessarily represent the views of my employer or any organization I advise.]

It’s the beginning of a new quarter so that means its time to look at the last quarter and find out where public blockchain traction and usage is taking place, or not.  After all, we are continually bombarded by cryptocurrency enthusiasts each day telling us that exponential growth is occurring.  Or as GIF party posters like to say, “It’s Happening!” — so in theory it should be easy to find.

For more background, see previous posts from January and April.

Softballs

P2SH Q2

Source: P2SH.info

  • P2SH usage: above are two charts from P2SH.info which illustrates the movement of bitcoins into what most assume are multi-sig wallets of some kind.  There has been a visible increase over the past quarter, with about 200,000 or so more bitcoins moving into P2SH addresses.  Year-on-year, bitcoins held in P2SH addresses has increased from 8% to 13%.
total transactions over time blockstack

Source: Opreturn.org

  • OP_RETURN: above is a line chart from Opreturn.org which illustrates various 3rd party applications that typically use the OP_RETURN field in Bitcoin as a type of datastore (e.g., watermarked tokens).  It is hard to see it on this time scale but the average transactions during Q1 were roughly 1,500-2,500 per day whereas in Q2 it was a bit higher, between 2,500 to 3,500 per day.
percentage of transactions by each protocol opreturn

Source: Opreturn.org

  • Above is another chart looking at the percent of OP_RETURN transactions used by different watermarked token platforms.
  • Compared to Q1, the top 5 have shifted:
    • Blockstack 142,754 transactions (24.9%)
    • Colu 106,489 (18.6%)
    • Open Assets  82,696 (14.4%)
    • Monegraph 54,914 (9.6%)
    • Factom 47,328 (8.3%)
  • While Blockstack (Onename) still rules the roost, Colu has jumped ahead of the other users.  This is slightly interesting because the Colu team has publicly stated it will connect private chains that they are developing, with the Bitcoin network.  The term for this is “anchoring” and there are multiple companies that are doing it, including other Bitcoin/colored coin companies like Colu.  It is probably gimmicky but that’s a topic for a different post.
  • Incidentally the 5 largest OP_RETURN users account in Q2 for 75.8% of all OP_RETURN transactions which is roughly the same as Q1 (76%).
localbitcoins volume

Source: LocalBitcoins.com / Coin Dance

Above is a weekly volume chart denominated in USD beginning from March 2013 for LocalBitcoins.com.  As discussed in previous posts, LocalBitcoins is a site that facilitates the person-to-person transfer of bitcoins to cash and vice versa.

While there is a lot of boasting about how it may be potentially used in developing countries, most of the volume still takes place in developed countries and as shown in other posts, it is commonly used to gain access to illicit channels because there is no KYC, KYCC, or AML involved.  Basically Uber for cash, without any legal identification.

Over the past 6 months, volumes have increased from $10 million and now past $13 million per week. For comparison, most VC-backed exchanges do several multiples more in volume during the same time frame.1

Hardballs

bitcoin volatility 6 months

Source: Btcvol.info

In April, several Bitcoin promoters were crowing about how “stable” Bitcoin was.  Not mentioned: cryptocurrencies can’t simultaneously be stable and also go to the moon.  People that like volatility include: traders, speculators, GIF artisans, pump & dumpers. And people who don’t like volatility: consumers and everyday users.

What articles and reporters should do in the future is actually talk to consumers and everyday users to balance out the hype and euphoria of analysts who do not disclose their holdings (or their firms holdings) of cryptocurrencies.2

As we can see above, volatility measured relative to both USD and EUR hit a five month high this past quarter.  The average user probably would not be very happy about having to hedge that type of volatility, largely because there are few practical ways to do so.  Consumers want boring currencies, not something they have to pay attention to every 10 minutes.

And ether (ETH) was even more volatile during the same time frame: doubling relative to USD during the first half of the quarter then dropping more than 50% from its all-time high by mid-June.

Counterparty all time

Source: Blockscan

Counterparty is a watermarked token platform that, as shown in previous quarters, has hit a plateau and typically just sees a few hundred transactions a day.  Part of this is due to the fact that the core development team has been focused on other commercial opportunities (e.g., building commercial products instead of public goods).3

Another reason is that most of the public interest in “smart contract” prototyping and testing has moved over to Ethereum.

etherscan ethereum transactions

Source: Etherscan

As shown in the chart above, on any given day in Q2 the Ethereum blockchain processed roughly 40,000 transactions.  In Q1 that hovered between 15,000-30,000 transactions.  Note: the large fluctuations in network transactions during the spring may coincide with issues around The DAO (e.g., users were encouraged to actively ‘spam’ the network during one incident).

In addition, according to CoinGecko, Counterparty has lost some popularity — falling to 14th from 10th in its tables from last quarter.  Ethereum remained in 2nd overall.

Another trend observed in the last quarterly review remains constant: Ethereum has significantly more meetups than Counterparty and is 2nd only to Bitcoin in that measure as well.

long chain transactions q2

Source: Organ of Corti — Time period:  January 1, 2014 – June 27, 2016

We’ve discussed “long chain” transactions ad nausem at this point but I have noticed on social media people still talk about the nominal all-time high’s in daily transactions as if it is prima facie evidence that mega super traction is occurring, that everyday users are swarming the Bitcoin network with commercial activity.  Very few (anyone?) digs into what those transactions are.  Perhaps there is genuine growth, but what is the break down?

As we can see from the chart above, while non-long chain transactions have indeed grown over the past quarter, they are still far outpaced by long chain transactions which as discussed in multiple articles, can be comprised of unspendable faucet rewards (dust), gambling bets and a laundry list of other non-commercial activity.

Furthermore, and not to wade into the massive black hole that is the block size debate: even with segwit, there will be an upperbound limit on-chain transactions under the current Core implementation.  As a consequence some have asked if fee pressure would incentivize moving activity off-chain and onto other services and even onto other blockchains.

This may be worth looking into as the block size reaches its max limit in the future.  As far as we can tell right now, it doesn’t appear users are moving over to Litecoin, perhaps they are moving to Ethereum instead?  Or maybe they just pack up and leave the space entirely?

Wallets

We have looked at wallets here multiple times.  They’re a virtually meaningless metric because of how easy it is to inflate the number.  What researchers want to know is Monthly Active Users (MAU).  To my knowledge no one is willing to publicly discuss their monthly or daily user number.

For instance, two weeks ago Coinbase reached 4 million “users.”  But it is almost certain that they do not actually have 4 million daily or monthly active users.  This number is likely tied to the amount of email-based registrations they have had over the past four years (circa May 12, 2012).

Similarly, Blockchain.info has seen its “users” grow to just over 7.8 million at the time of this writing.  But this is a measure of wallets that have been created on the site, not actual users.

Any other way to gauge usage or traction?

Let’s look in the Google Play Store and Apple App Store.

abra downloads

Source: GoAbra / Google Play

Last October Abra launched its GoAbra app and initially rolled it out in The Philippines.  This past May, when CoinDesk ran a story about the company, I looked in the Google Play Store and it says the app had been downloaded 5,000 times.  Last week, Abra announced it was officially launching its app into the US.  As of this writing, it was still at 5,000 downloads.

“Wait,” you might be thinking to yourself, “Filipinos may prefer the iOS app instead.”

Perhaps that is the case, but according to data as of October 2015, Android has a ~81.4% market share in The Philippines.  Furthermore, the iOS version for some reason doesn’t appear on App Annie.  So it is unlikely that Abra has seen traction that isn’t reflected in these download numbers yet, perhaps it will in the future.

Anything else happening in the stores?

As of this writing, the top 5 Bitcoin wallets in the Google Play Store in order of appearance are:

  • Andreas Schildbach’s Bitcoin Wallet (1 million downloads)
  • Mycelium Bitcoin Wallet (100,000 downloads)
  • Coinbase (500,000 downloads)
  • Blockchain.info (100,000 downloads)
  • Airbitz (10,000 downloads)

The Apple App Store does not publicly state how many times an application has been downloaded.  It does rank apps based on a combination of user ratings and downloads. The top 6 on the iPhone in order of appearance:

  • Coinbase
  • Blockchain.info
  • Sollico (bitWallet)
  • breadwallet
  • Xapo
  • Airbitz

Interestingly however, the order is slightly different in the App Store on an iPad.  The top 6 are:

  • Coinbase
  • Blockchain.info
  • Sollico (bitWallet)
  • breadwallet
  • Airbitz
  • BitPay (Copay)

It may be worth revisiting these again next quarter.  If you want to burn some time, readers may be interested in looking at specific rank and activity via App Annie.

Incubators

Most new cohorts and batches at startup accelerators and incubators usually only stay 3-4 months.  A typical intake may see 10-15 companies each get a little bit of seed funding in exchange for a percentage of the equity.  During the incubation period the startup is usually provided mentorship, legal advice, office space, access to social networks and so forth.  It is common place to hear people of all stripes in Silicon Valley state that 9 out of 10 of these startups will burn out within a couple years — that the incubator relies on one of them having a big exit in order to fund the other duds.4

500 Startups, Boost.VC, Plug and Play, YCombinator and other incubators have added and removed startups from their websites and marketing material based on the traction startups have had.  And cryptocurrency startups are not too different from this circle of life. 5

For instance, at YCombinator, Bitcoin-specific mentions on applications has declined by 61% over the past year.

Based on pubic information, as of this writing, it appears that out of the roughly 100 Bitcoin-related startups that have collectively come and gone through the incubators listed above, just a handful have gone on to raise additional funding and/or purportedly have active users and customers.  Unfortunately, no one has consistently published user numbers, so it is unclear what the connection between funding and growth is as this time.

In fact, in an odd twist, instead of measuring success by monthly active users, customers, or revenue, many Silicon Valley-based companies are measuring success based on how much money they raised.  That’s probably only a good idea if the business model itself is to always be raising.

For example, 21inc regularly boasts at being the “best funded company in Bitcoin” — but has not stated what traction four separate rounds of funding have created.  How many bitcoins did it mine prior to its pivot into consumer hardware?  How many 21 computers were sold?  How many users have installed 21?  And what are its key differences relative to what Jeremy Rubin created in 2014 (Tidbit)?

Again, this is not to single out 21inc, but rather to point out if companies in the public blockchain space were seeing the traction that they generally claim to on social media and conferences — then as discussed in previous posts, they would probably advertise those wins and successes.

Hiring

With funding comes hiring.  Since it is very difficult to find public numbers, there is another way to gauge how fast companies are growing: who and how many people they are publicly hiring.

The last Bitcoin Job Fair was last held in April 2015.  Of its 20 sponsors, 6 are now dead and ~7 are either zombies and/or have have done major pivots.  It is unclear how many people that were hired during that event still work for the companies they worked for.

Where else can we look?

Launched in 2014, Coinality is a job matching website that connects employers with prospective employees with the idea that they’d be compensated in cryptocurrencies such as bitcoin and dogecoin.  Fun fact: Coinality is one of the few companies I interviewed for Great Chain of Numbers that is still alive today and hasn’t pivoted (not that pivoting in and of itself is a bad thing).

It currently lists 116 jobs, 105 of which were posted in the past 2 months.

A number of VC-backed companies and large enterprises (or head hunters recruiting on their behalf) have listed openings in the past month.  For example: WellsFargo, Blockchain.info, Circle, Fidelity, IBM, KeepKey, itBit, BNYMellon and SAP logos pop up on the first couple pages of listings.

Among the 67 job listed in June, twenty-six of the positions were freelance positions cross-listed on Upwork (formerly known as Elance / oDesk).

Notable startups that are missing altogether: many cryptocurrency-centered companies whose executives are very vocal and active on social media.  Perhaps they use LinkedIn instead?

Other stats

  • According to CoinATMRadar there are now 690 Bitcoin ATMs installed globally.  That is an increase of 78 ATMs since Q1.  That comes to around 0.86 ATM installations per day in Q2 which is a tick higher than Q1 (0.84).
  • Bitwage launched in July 2014 starting out with zero signups and zero payroll.
    • Fast-forward to January 2016: Bitwage had 3,389 cumulative user signups and cumulative payroll volumes of $2,456,916
    • Through June 2016 it has now reached 5,617 cumulative signups and cumulative payroll volumes of $5,130,971
    • While growing a little faster than ATM installations, this is linear not exponential growth.
  • Open Bazaar is a peer-to-peer marketplace that officially launched on April 4, 2016.  It had been in beta throughout the past year.  The VC-backed team operates a companion website called BazaarBay which has a stats page.
    • It may be worth looking at the “New Nodes” and “New Listings” sections over the coming quarters as they are both currently declining.6

Conclusion

It is unclear what the root cause(s) of the volatility were above.  According to social media it can be one of two dozen things ranging from Brexit to the upcoming “halvening.”  Because we have no optics into exchanges and their customer behavior, speculation surrounding the waxing and waning will remain for the foreseeable future.

Based on process of elimination and the stats in this post, the likely answer does not appear to be consumer usage (e.g., average Joe purchasing alpaca socks with bitcoins).  After all, both BitPay and Coinbase have stopped posting consumer-related stats and they are purportedly the largest merchant processors in the ecosystem.

Most importantly, just because market prices increase (or decreases), it cannot be inferred that “mass adoption” is happening or not.  Extraordinary claims requires extraordinary evidence: there should be ample evidence of mass adoption somewhere if it were genuinely happening.

For instance, the price of ether (ETH) has increased 10x over the past 6 months but there is virtually no economy surrounding its young ecosystem.  Mass consumer adoption is not happening as GIF artisans might says.  Rather it is likely all speculation based — which is probably the same for all other cryptocurrencies, including Bitcoin.

About a year ago we began seeing a big noticeable pivot away from cryptocurrencies to non-cryptocurrency-based distributed ledgers.  That was largely fueled by a lack of commercial traction in the space and it doesn’t appear as if any new incentive has arisen to coax those same businesses to come back.  After all, why continue building products that are not monetizable or profitable for a market that remains diminutive?

Let’s look again next quarter to see if that trend changes.

Endnotes

  1. For more granularity see also BNC’s Liquid index. []
  2. Speaking of interest and hype, CB Insights has some new charts based on keyword searches over time. []
  3. Several members of the development team also co-founded Symbiont. []
  4. Many of these incubators are too young to have a track record that proves or disproves this “conventional” wisdom.  See also Venture Capitalists Get Paid Well to Lose Money from HBR. []
  5. For instance, Mirror closed its Series A round 18 months ago, but was removed from Boost’s website because it no longer is involved in Bitcoin-related activities.  Boost currently lists the following companies out of the 50+ Bitcoin-companies it has previously incubated: BlockCypher, BitPagos, Abra, Stampery, Fluent, SnapCard, Verse.  500 Startups has removed a number of startups as well and currently lists the following on its website: HelloBit, Melotic, Coinalytics, BTCJam, Bonafide, CoinPip. []
  6. Since it has only been “launched” for a quarter, it is probably a little unfair to pass judgement at this time.  But that hasn’t stopped me before.  OpenBazaar has a lot of growing pains that its developers are well aware of including UX/UI issues.  But beyond that, it is unclear that the average consumer is actually interested in using peer-to-peer marketplaces + cryptocurrencies versus existing incumbents like Alibaba, Amazon and eBay — all of whom have customer service, EULAs, insurance policies and accept traditional currencies. I had a chance to speak with one of their investors at Consensus in May and do not think their assumptions about network operating costs were remotely accurate.  Furthermore, where is the market research to support their thesis that consumers will leave incumbents for a platform that lacks insurance policies and live customer service?  Note: OB1 developers and investors insist that their reputation management and arbitration system will increase consumer confidence and customer protection. []
Send to Kindle

A Kimberley Process for Cryptocurrencies

[Note: the views expressed below are solely my own and do not necessarily represent the views of my employer or any organization I advise.]

I have spent the past few weeks in East Asia, primarily in China visiting friends and relatives. Because the connection to the outside world was limited, the upside was that the cacophonous noise of perma cryptocurrency pumpers was relatively muted. I have had a chance to reflect on a number of ideas that are currently being discussed at conferences and on social media.

The first idea is not new or even unique to this blog as other companies, organizations and individuals have proposed a type of digital signature analytics + KYC tracking process for cryptocurrencies. A type of Kimberley Process but for cryptocurrencies.1

For instance, the short lived startup CoinValidation comes to mind as having the first-to-market product but was notably skewered in the media.  Yet its modus operandi continues on in about 10 other companies.2

A Formal Kimberley Process

For those unfamiliar with the actual Kimberley Process, it is a scheme enacted in 2003 to certify where diamonds originated from in order to help prevent conflict diamonds from entering into the broader mainstream diamond market.

The general idea behind proving the provenance of diamonds is that by removing “blood diamonds” from the market, it can cut off a source of funding of insurgencies and warlord activity.3

What does this have to do with cryptocurrencies? Isn’t their core competency allowing non-KYC’ed, pseudonymous participants to send bearer assets to one another without having to provide documentation or proof of where those assets came from? Why would anyone be interested in enabling this?

Some may not like it, but a de facto Kimberley Process is already in place.

For instance, in many countries, most of the on-ramps and off-ramps of venture-backed cryptocurrency exchanges are actively monitored by law enforcement, compliance teams and data analytic providers who in turn look at the provenance of these assets as they move across the globe.4

On the fiat side, while many jurisdictions in North America and Western Europe currently require domiciled cryptocurrency exchanges and wallets to enforce KYC and AML compliance requirements, several areas of Asia are less strict because the local governments have not defined or decided what buckets cryptocurrencies fall into.5

There are some other noticeable gaps in this system involving crypto-to-crypto exchanges.  Irrespective of regions: implementing harmonized KYC/AML standards on the non-fiat side of exchanges appears to be missing altogether.  That is to say that very few, if any, exchange does any kind of KYC/AML on crypto-to-crypto.6

What are some examples of why a Kimberley Process would be helpful to both consumers and compliance teams?

Below are three examples:

(1) During my multi-country travel I learned that there are several regional companies that sell debit cards with pre-loaded amounts of cryptocurrency on them. Allegedly two of of the popular use-cases for these cards is: bribery and money laundering. The example I was provided was that it is logistically easier to move $1 million via a thin stack of debit cards than it is to carry and disperse bags of cash with.7

Attaching uniform KYC and legal identities to each asset would aid compliance teams in monitoring where the flow of funds originated and terminated with cryptocurrencies.  And it would help consumers shy away from assets that could be encumbered or were proceeds of crime.

(2) Affinity fraud, specifically housewives (家庭主妇), are common targets of predators. This has been the case for long before the existence of computers let alone cryptocurrencies, but it came up several times in conversations with friends. According to my sources, their acquaintances are repeatedly approached and some actually took part in Ponzi schemes that were presented as wealth management products.

The new twist and fuel to these schemes was that there is some kind of altcoin or even Bitcoin itself were used as payout and/or as rails between parties. We have already seen this with MMM Global — which is still an active user of East Asia’s virtual currency exchanges — but two questionable projects that I was specifically shown were OctaCoin and ShellCoin.8

Note: in January 2016 multiple Chinese governmental bodies issued warnings about MMM Global and other Ponzi schemes.

[Video of MMM Global operations in The Philippines. Is that really Manny Pacqiauo?]

Victims who were not tech savvy and lied to, have no recourse because there is no universal KYC / KYCC / AML process to identify the culprits in these regions.  Similarly, when these illicit virtual assets are re-sold to exchanges, customers of those exchanges such as Alice and Bob, may receive potentially encumbered assets that are then resold to others who are unaware of the assets lineage (much like a stolen motorcycle being resold multiple times).  This creates a massive lien problem.

But property theft is not a new or unknown problem, why is it worth highlighting for cryptocurrencies?

Many of the original victims in East Asia are not affluent, so these scams have a material impact on their well being. The average working adult in many provinces is still less than $500 per month. Thus not only do they lack a cushion from scams but any price volatility — such as the kind we continue to see in cryptocurrencies as a whole, can wipe out their savings.

(3) Due to continual usage of botnets and stolen electricity — which is still a problem in places like China — the lack of identification from coin generation onward results in a environment in which ‘virgin coins’ sell at a premium because many exchanges don’t investigate where machines are located, who owns them, who paid for the opex and capex of those operations (e.g., documentation of electric bills).9

Unfortunately, the solutions proposed by many cryptocurrency enthusiasts isn’t to create more transparency and identification standards enabling better optics on coin provenance but rather to make it even harder to track assets via proposals like Confidential Transactions.10

Heists, thefts and encumbered coins

I am frequently asked how is it possible to know who received potentially encumbered cryptocurrencies?  For amateur sleuths, there is a long forum thread which lists out some of the major heists and thefts that occurred early on in Bitcoinland.

Above is a video recording of a specific coin lineage: transactions that came from the Bitcoinica Theft that ended up in the hands of Michael Marquardt (“theymos”) who is a moderator of /r/bitcoin and owner of Bitcoin Talk.11

Recall that in July 2012, approximately 40,000 bitcoins were stolen from the Bitcoinica exchange.12 Where did those end up?  Perhaps we will never know, but several users sued Bitcoinica in August 2012 for compensation from the thefts and hacks.

How are consumer protections handled on public blockchains?

In short, they do not exist by design. Public blockchains intentionally lack any kind of native consumer protections because an overarching goal was to delink off-chain legal identities from the pseudonymous interactions taking place on the network.

Thus, stolen cryptocurrencies often recirculate, even without being mixed and laundered.13

Consequently a fundamental problem for all current cryptocurrencies is that they aren’t exempt from nemo dat and have no real fungibility because they purposefully were not designed to integrate with the legal system (such as UCC 8 and 9).14 Using mixers like SharedCoin and features like Confidential Transactions does not fundamentally solve that legal problem of who actually has legal title to those assets.1516

Why should this matter to the average cryptocurrency enthusiast?

If market prices are being partially driven by predators and Ponzi schemes, wouldn’t it be in the best interest of the community to identity and remove those?17

Perversely the short answer to that is no. If Bob owns a bunch of the a cryptocurrency that is benefiting from this price appreciation, then he may be less than willing to remove the culprits involved of driving the prices upward.

For example, one purported reason Trendon Shavers (“pirateat40”) was not immediately rooted out and was able to last as long as he did — over a year — is that his Ponzi activity (“Bitcoin Savings & Trust”) coincided with an upswing in market prices of bitcoin.18  Recall over time, BS&T raised more than 700,000 bitcoins.  Why remove someone whose activity created new demand for bitcoins? 19

But this incentive is short-sighted.

If the end goal of market participants and enthusiasts is to enable a market where the average, non-savvy user can use and trust, then giving them tools for provenance could be empowering.  Ironically however, by integrating KYC and provenance into a public blockchain, it removes the core — and very costly — characteristic of pseudonymous, censorship-resistant interaction.

Thus there will likely be push back for implementing a Kimberley Process: doxxing every step of provenance back to genesis (coin generation) with real world identities removes pseudonmity and consequently public blockchains would no longer be censorship-resistant.  And if you end up gating all of the on-ramps and off-ramps to a public chain, you end up just creating an overpriced permissioned-on-permissionless platform.

Despite this, Michael Gronager, CEO of Chainalysis, notes that:

Public ledgers are probably here to stay – difficult KYC/AML processes or not.  I probably see this as a Nash equilibrium – like in the ideal world all trees would be low and of equal height but there is no path to that otherwise optimal equilibrium.   We believe that fighting crime on Blockchains will both build trust and increase their use and value.

One way some market participants are trying to help law enforcement fight crime is through self-regulating organizations (SRO).

For instance, because we have seen time and time again that the market is not removing these bad actors from the market, several companies have created SROs to help stem the tide.  However, as of right now, efforts like the US-based “Blockchain Alliance” — a gimmicky name for a group of venture-backed Bitcoin companies — has limited capabilities.20 They have monthly calls to discuss education with one another in the West (e.g., what is coin mixing and how does it work?) but currently lack the teeth to plug the KYC/AML gaps in Asia.  Perhaps that will change over time.

And as one source explained: consider this, has any Bitcoin thief been caught?  Even when there is decent evidence, we are not aware of a Bitcoin thief that was actually found guilt of stealing bitcoin, yet.21  Thus an open to question to people who argue that cryptocurrencies are great because of transparency: a lot of bitcoin has been stolen, and no one has been found guilty for that crime.  Why not?

Process of elimination

Over the past six weeks, there has been very little deep research on why market prices have risen and fallen. Usually it is the same unfounded narratives: emerging market adoption; hedge against inflation; hedge against collapse of country X, Y or Z; hedge against Brexit; etc.  But no one provides any actual data, least of all the investors financing the startups that make the claims.

Perhaps the research that has been done on the matter was from Fran Strajnar’s team at BNC.  For instance, on June 1st they noted that:

brave new coinI reached out to Fran and according to him, in early June, “Somebody dropped many many millions ($) across 4 different Chinese Exchanges in a 2 hour period, without moving price – 4 days before the price rise started last week. Because it was over multiple exchanges and these trades were filled, we are digging into it further.”

If there was a standardized Kimberley Process used by all of these exchanges, it would be much easier to tell who is involved in this process and if those funds were based on proceeds of illicit activity.

Furthermore, barring such a Process, we can only speculate why journalists haven’t looked into this story:

(1) many of them do not have reliable contacts in East Asia
(2) those that do have contacts with exchange operators may not be getting the full story due to exchanges lacking KYC / KYCC / AML standards themselves
(3) some reporters and exchange operators own a bunch of cryptocurrencies and thus do not want to draw any negative attention that could diminish their net worth

Third parties such as Wedbush Securities and Needham have also published reports on price action, but these are relatively superficial in their analysis as they lack robust stats needed to fully quantify and explain the behavior we have seen.

Strangely enough, for all the pronouncements at conferences about how public blockchains can be useful for data analysis, very few organizations, trade media or analysts are publishing bonafide stats.

After all, who are the customers of these virtual currency exchanges?  Because of reporting requirement we know who uses Nasdaq and ICE, why don’t we know who uses virtual currency exchanges still?

Stopping predators

Two months ago I had a chance to speak with Marcus Swanepoel, CEO of BitX, about his experiences in Africa.  BitX coordinates with a variety of compliance teams to help block transactions tied to scams and Ponzi schemes. In the past, BitX has managed to help kill off two ponzi schemes and has tried to block MMM Global which has spread to Africa.

Earlier this spring, some MMM users that were blocked by BitX just moved to another competing local exchange that didn’t block such transactions. As a result, over the course of 8 weeks this exchange did more than 3x volume than BitX during same time frame.22 BitX has subsequently regained part of this market share partly due to MMM fading in popularity.

Why is MMM so successful?  Users are asked to upload videos onto Youtube of why MMM Global is great and why you should join and are then paid by MMM as a reward.  This becomes self-reinforcing in large part because of the unsavvy victims who are targeted.

But MMM isn’t to blame for everything.

For instance, in China there have been a variety of get-rich-quick Ponzi schemes that rose and blew up, such as an ant farm scheme in 2007.  And earlier this year, Ezubao, the largest P2P lending platform in China fell apart as a $7.6 billion Ponzi scam.23 No cryptocurrency was involved in either case.

Yet as Emin Gün Sirer pointed out, some of the activities such as The DAO, basically act as a naturally arising Ponzi.

In fact, one allegation over the past couple weeks is that The DAO attacker placed a short of 3,000 bitcoin on Bitfinex prior to attacking The DAO (which was denominated in ether).24  If there was a Kimberley Process in which all traders on all exchanges had to comply with a universal KYC / KYCC / AML standard, it would be much easier to identify the attackers as well as compensate the victims.

Similarly, because ransomware remains a “killer app” of cryptocurrencies such that companies, police stations, hospitals, elementary schools and even universities are now setting up Coinbase accounts and stockpiling cryptocurrencies to pay off hackers.  What is the aggregate demand of all of this activity?  If it is large, does it impact the market price?  And how would a Kimberley Process help provide restitution to the victims of this ransom activity?

A strawman Kimberley Process

How can you or your organization get involved in creating a Kimberley Process for cryptocurrencies?

Right now there is no global, industry standard for “best practices” in mutualizing, implementing, or carrying out KYC / AML provisions for cryptocurrencies.25

In writing this post, several sources suggested the following process to kick-start an effort:

(1) organize an industry-level event(s) which brings together:

(a) AML analytics companies
(b) representatives from regulatory bodies and law enforcement (e.g., FATF, FinCEN)
(c) KYC/AML practitioners
(d) existing market structures and utilities such as SIFMA, ROC, Swift (e.g., KYC registry, LEI)
(e) compliance teams from cryptocurrency exchanges and wallets

(2) at the event(s) propose a list of baseline standards that exchanges and wallets can try to implement and harmonize:

(a) what documentation is required for KYC / KYCC / AML
(b) other financial controls and accountability standards that can assist exchange operators (e.g., remove the ability for an operator to naked short against its own customer base)

(3) tying these standards together with a uniform digital identity management system could be the next step in this process.

On that last point, Fabio Federici, CEO of Skry (formerly Coinalytics), explained:

In general I believe the biggest unsolved problem is still identity and information sharing. Obviously you don’t want all your PII and transaction meta data on a public blockchain, as this information could not only be leveraged by profit seeking organizations, but also malicious actors. So the question becomes what’s the right framework for sharing the right amount of information with only the people that need access to it (maybe even only temporarily).

PII stands for personal identifying information.  In theory, Zcash (or something like it) has the potential to solve some of Fabio’s concerns: relevant info can be encoded in the transaction, and only the relevant parties can read it.  But this delves into “regulated data” which is a topic for another post.26

Similarly, Ryan Straus, an attorney at Riddell Williams and adjunct professor at Seattle University School of Law explained that:

Identity is central to the legal concept of property. Property systems are information systems: they associate identified entities with identified rights.  With the sole exception of real currency, possession or control is not conclusive indicia of ownership.

Factual fungibility simply makes it harder to prove that you have a better claim to a specific thing than the person who now possesses or controls it.  The hard part about what you have written about is that it is difficult to avoid conflating KYC (which involves identity of people) and the Kimberley Process (which involves identifying things).

In order to enable participants to share information without being unduly hounded by social media, it was also suggested that the presence of: investors, cryptocurrency press and cryptocurrency lobbying groups should kept to a minimum for the initial phase.

Conclusions

In addition to implementing additional financial controls and external audits, cryptocurrency exchanges and wallets adopting a Kimberley Process would help provide transparency for all market participants.

While it is probably impossible to remove all the bad actors from any system, reducing the amount of shadows they have to hide could provide assurances and reduce risks to market participants of all shapes and sizes.

However, the trade-off of implementing such a Process is that it negates the core utility that public blockchains provide, turning them into expensive permissioned gateways.  And if you are permissioning activity from the get-go, you might as well use a permissioned blockchain which are cheaper to manage and operate and also natively bake-in the KYC, KYCC and AML requirements.  But that is a topic for another post as well.

End notes

  1. One reviewer argued that analytics may be superior to KYC.  In the event of a compromised account — so goes the argument — analytics can help provide linkage between the flow of funds whereas KYC of compromised accounts would be “illusory.” []
  2. This includes but is not limited to: Chainalysis, Blockseer, Skry, Elliptic, Netki and ScoreChain. []
  3. Incidentally there is a UK-based startup called Everledger which works with insurance companies and tracks a catalogue of diamonds vis-à-vis a blockchain. []
  4. See: Flow of Funds; KYSF; KYSF part 2; and bitcoin movements. To actively monitoring transactions at these entry and exit points, based on anecdotes, up to 20% of all nodes on the Bitcoin network may be managed and operated by these same set of participants as well. []
  5. Note: it bears mentioning that as of this writing, no country has recognized cryptocurrencies as actual legal tender and consequently cryptocurrencies are not exempt from nemo dat. This is important as it means the provenance of the cryptocurrencies actually does matter because those assets could be encumbered. []
  6. I asked around and my sources do not know of a single exchange that does KYC/AML on cryptocurrencies that are directly exchanged for other cryptocurrencies (e.g., Shapeshift).  Furthermore, as highlighted in the past, there are gaps in compliance when it comes to certain fiat-to-cryptocurrency exchanges such as BTC-e and LocalBitcoins. []
  7. This is in USD equivalence, usually not in USD itself. []
  8. OctaCoin is interesting in that the operators behind it claim that it is financed from revenue streams of 3 online casinos who purportedly payout users on a regular basis. Note: gambling in China is a bit like golf in China: it’s illegal but everywhere. It is only legal in a few internal jurisdictions such as Hainan and Macau and elsewhere on the mainland only a couple of state-run lotteries are given legal status. []
  9. Note: stealing electricity to mine bitcoins has occurred in other areas of the world too, including in The Netherlands. []
  10. The official motivation for developing Confidential Transactions is to enable more user privacy which then leads to more fungibility. As one source pointed out: “At the end of the day it’s a balance between privacy and security. Basically the story goes ‘just because I don’t what anyone to know what I’m buying, doesn’t mean I’m a drug dealer.'” []
  11. Marquardt also allegedly co-owns both Bitcoin.org and Blockexplorer.com, and co-manages the Bitcoin Wiki. []
  12. Here’s another video showing some of those transactions. []
  13. The Craig Wright / Satoshi saga is interesting because in a recent interview Craig admittedly used Liberty Reserve which was an illicit exchange based in Costa Rica shut down by the US government.  According to the interview he also had ties to Ross Ulbricht, the convicted operator of Silk Road. []
  14. See The Law of Bitcoin, Section 1.5 in the United States chapter from Ryan Straus.  There are exceptions, see UCC Article 2 – sale of goods. []
  15. See also: Learning from the past to build an improved future of fintech []
  16. Interestingly, SharedCoin.com (sometimes referred to as Shared Send) used to be a mixer run by Blockchain.info, a venture-backed startup.  It was recently shutdown without any notice and the domain now redirects to the CoinJoin wiki entry.  They also pulled the SharedCoin github repo and any material that links it back to Blockchain.info. []
  17. One reviewer mentioned that: “Ponzi schemes will always exist and should probably be fought not just in the crypto space but where in other industries too; requiring continuous education.  It would be way simpler and more effective to shut down domains owned by MMM than it would to be to do anything else, but here you actually meet the pseudonymity feature of the Internet.  Try to do that internationally – it is not easy!” []
  18. From between September 2011 to September 2012 market prices more than doubled.  See SEC vs. Trendon Shavers []
  19. Note: this is a similar argument that Rick Falkvinge made three years ago. []
  20. There are probably several dozen advocacy groups and non-profit working groups scattered across the world.  Each has different goals.  For instance, ACCESS in Singapore works with some regulators in SEA.  While others are merely trying to create technical standards. []
  21. Most of the criminals that are convicted are found guilty of money laundering and interaction with illicit trade, not theft of bitcoins themselves. []
  22. Two months ago, the Financial Times briefly covered this story and Marcus wrote about some of it in March as well. []
  23. There were some early warning signs for that industry.  For instance, according to a Bloomberg story in February 2015: “The value of China’s peer-to-peer lending transactions surged almost 13-fold since 2012 to $41 billion last year, according to Yingcan Group, which tracks the data,” notes Bloomberg. However, 275 of the more than 1,500 lending went bankrupt or had trouble repaying money in 2014, an increase from 76 just a year earlier, according to Yingcan. []
  24. No one has proven this allegation.  Furthermore, there are multiple exchanges to short cryptocurrencies. []
  25. Much of the technology needed to implement these type of processes, such as PKI anchored by certificate authorities. []
  26. For example, see HIPAA and EU-US Privacy Shield []
Send to Kindle

Book Review: The Business Blockchain

[Disclaimer: The views expressed below are solely my own and do not necessarily represent the views of my employer or any organization I advise.]

William Mougayar is an angel investor who has been investigating the cryptocurrency and broader distributed ledger ecosystem over the past several years.

He recently published a book that looks at how enterprises and organizations should look at distributed ledgers and specifically, blockchains.

While it is better than “Blockchain Revolution” from the Tapscott’s, it still has multiple errors and unproven conjectures that prevent me from recommending it.  For instance, it does not really distinguish one blockchain from another, or the key differences between a distributed ledger and a blockchain.

Note: all transcription errors below are my own.

Introduction

On p. xxii he writes:

“These are necessary but not sufficient conditions or properties; blockchains are also greater than the sum of their parts.”

I agree with this and wrote something very similar two years ago in Chapter 2:

While the underlying mathematics and cryptographic concepts took decades to develop and mature, the technical parts and mechanisms of the ledger (or blockchain) are greater than the sum of the ledger’s parts.

On p. xxiv he writes:

“Just like we cannot double spend digital money anymore (thanks to Satoshi Nakamoto’s invention), we will not be able to double copy or forge official certificates once they are certified on a blockchain.”

There are two problems with this:

  1. Double-spending can and does still occur, each month someone posts on social media how they managed to beat a retailer/merchant that accepted zero-confirmation transactions
  2. Double-spending can and is prevented in centralized architectures today, you don’t need a blockchain to prevent double-spending if you are willing to trust a party

Chapter 1

[Note: recommend that future editions should include labeled diagrams/tables/figures]

On p. 11 he writes:

“Solving that problem consists in mitigating any attempts by a small number of unethical Generals who would otherwise become traitors, and lie about coordinating their attack to guarantee victory.”

It could probably be written slightly different: how do you coordinate geographically dispersed actors to solve a problem in which one or more actor could be malicious and attempt to change the plan?  See also Lamport et al. explanation.

On p.13 he writes compares a database with a blockchain which he calls a “ledger.”

I don’t think this is an accurate comparison.

For instance, a ledger, as Robert Sams has noted, assumes ties to legal infrastructure.  Some blockchains, such as Bitcoin, were intentionally designed not to interface with legal infrastructure, thus they may not necessarily be an actual ledger.

To quote Sams:

I think the confusion comes from thinking of cryptocurrency chains as ledgers at all. A cryptocurrency blockchain is (an attempt at) a decentralised solution to the double spending problem for a digital, extra-legal bearer asset. That’s not a ledger, that’s a log.

That was the point I was trying to make all along when I introduced the permissioned/permissionless terminology!  Notice, I never used the phrase “permissionless ledger” — Permissionless’ness is a property of the consensus mechanism.

With a bearer asset, possession of some instrument (a private key in the cryptocurrency world) means ownership of the asset. With a registered asset, ownership is determined by valid entry in a registry mapping an off-chain identity to the asset. The bitcoin blockchain is a public log of proofs of instrument possession by anonymous parties. Calling this a ledger is the same as calling it “bearer asset ledger”, which is an oxymoron, like calling someone a “married bachelor”, because bearer assets by definition do not record their owners in a registry!

This taxonomy that includes the cryptocurrency stuff in our space (“a public blockchain is a permissionless distributed ledger of cryptocurrency”) causes so much pointless discussion.

I should also mention that the DLT space should really should be using the phrase “registry” instead of “ledger”. The latter is about accounts, and it is one ambition too far at the moment to speak of unifying everyone’s accounts on a distributed ledger.

Is this pedantic?  Maybe not, as the authors of The Law of Bitcoin also wrestle with the buckets an anarchic cryptocurrency fall under.

On p. 14 he writes about bank accounts:

“In reality, they provided you the illusion of access and activity visibility on it.  Every time you want to move money, pay someone or deposit money, the bank is giving you explicit access because you gave them implicit trust over your affairs.  But that “access” is also another illusion.  It is really an access to a database record that says you have such amount of money.  Again, they fooled you by giving you the illusion that you “own” that money.”

This is needless inflammatory.  Commercial law and bankruptcy proceedings will determine who owns what and what tranche/seniority your claims fall under.  It is unclear what the illusion is.

On p. 14 he writes:

“A user can send money to another, via a special wallet, and the blockchain network does the authentication, validation and transfer, typically within 10 minutes, with or without a cryptocurrency exchange in the middle.”

Which blockchain is he talking about?  If it is not digital fiat, how does the cash-in/cash-out work?  To my knowledge, no bank has implemented an end-to-end production system with other banks as described above.  Perhaps that will change in the future.

On p. 18 he writes:

“Sometimes it is represented by a token, which is another form of related representation of an underlying cryptocurrency.”

This isn’t very well-defined.  The reason I went to great lengths in November to explain what a “token” is and isn’t is because of the confusion caused by the initial usage of a cryptographic token, a hardware device from companies like RSA.  This is not what a “token” in cryptocurrency usage means. (Note: later on p. 91 he adds a very brief explanation)

On p. 18 he cites Robert Sams who is quoting Nick Szabo, but didn’t provide a source.  It is found in Seigniorage Shares.

On p. 18 he also writes:

“As cryptocurrency gains more acceptance and understanding, its future will be less uncertain, resulting in a more stable and gradual adoption curve.”

This is empirically not true and actually misses the crux of Sams’ argument related to expectations.

On p. 20 he writes:

“As of 2016, the Bitcoin blockchain was far from these numbers, hovering at 5-7 TPS, but with prospects of largely exceeding it due to advances in sidechain technology and expected increases in the Bitcoin block size.”

This isn’t quite correct.  On a given day over the past year, the average TPS is around 2 TPS and Tradeblock estimates by the end of 2016 that with the current block size it will hover around just over 3 TPS.

What is a sidechain?  It is left undefined in that immediate section.  One potential definition is that it is a sofa.

On p. 20 he writes:

“Private blockchains are even faster because they have less security requirements, and we are seeing 1,000-10,000 TPS in 2016, going up to 2,000-15,000 TPS in 2017, and potentially an unlimited ceiling beyond 2019.”

This is untrue.  “Private blockchains” do not have “less” security requirements, they have different security requirements since they involve known, trusted participants.  I am also unaware of any production distributed ledger system that hits 10,000 TPS.  Lastly, it is unclear where the “unlimited ceiling” prediction comes from.

On p. 20 he writes:

“In 2014, I made the strong assertion that the blockchain is the new database, and warned developers to get ready to rewrite everything.”

Where did you warn people?  Link?

On p. 21 he writes:

“For developers, a blockchain is first and foremost a set of software technologies.”

I would argue that it is first and foremost a network.

On p. 22 he writes:

“The fact that blockchain software is open source is a powerful feature. The more open the core of a blockchain is, the stronger the ecosystem around it will become.”

Some, but not all companies building blockchain-related technology, open source the libraries and tools.  Also, this conflates the difference between code and who can validate transactions on the network.  A “private blockchain” can be open sourced and secure, but only permit certain entities to validate transactions.

On p. 24 he writes:

“State machines are a good fit for implementing distributed systems that have to be fault-tolerant.”

Why?

On p. 25 he writes:

“Bitcoin initiated the Proof-of-Work (POW) consensus method, and it can be regarded as the granddaddy of these algorithms. POW rests on the popular Practical Byzantine Fault Tolerant algorithm that allows transactions to be safely committed according to a given state.”

There are at least two problems with this statement:

  • The proof-of-work mechanism used in Bitcoin is apocryphally linked to Hashcash from Adam Back; however this does not quite jive with Mougayar’s statement above. Historically, this type of proof-of-work predates Back’s contribution, all the way to 1992.  See Pricing via Processing or Combatting Junk Mail by Dwork and Naor
  • Practical Byzantine Fault Tolerance is the name of a specific algorithm published in 1999 by Castro and Liskov; it is unrelated to Bitcoin.

On p. 26 he writes:

“One of the drawbacks of the Proof-of-Work algorithm is that it is not environmentally friendly, because it requires large amounts of processing power from specialized machines that generate excessive energy.”

This is a design feature: to make it economically costly to change history.  It wasn’t that Satoshi conjured up a consensus method to be environmentally friendly, rather it is the hashrate war and attempt to seek rents on seigniorage that incentivizes the expenditure of capital, in this case energy.  If the market price of a cryptocurrency such as bitcoin declined, so too would the amount of energy used to secure it.

Chapter 2

On p. 29 he writes:

“Reaching consensus is at the heart of a blockchain’s operations.  But the blockchain does it in a decentralized way that breaks the old paradigm of centralized consensus, when one central database used to rule transaction validity.”

Which blockchain is he talking about?  They are not a commodity, there are several different unique types.  Furthermore, distributed consensus is an academic research field that has existed for more than two decades.

On p. 29 he writes:

“A decentralized scheme (which the blockchain is based on) transfers authority and trust to a decentralized network and enables its nodes to continuously and sequentially record their transactions on a public “block,” creating a unique” chain” – the blockchain.”

Mougayar describes the etymology of the word “blockchain” specific to Bitcoin itself.

Note: a block actually is more akin to a “batch” or “bucket” in the sense that transactions are bundled together into a bucket and then propagated.  His definition of what a blockchain is is not inclusive enough in this chapter though because it is unclear what decentralization can mean (1 node, 100 nodes, 10,000 nodes?).  Also, it is important to note that not all distributed ledgers are blockchains.

On p. 31 he writes:

“Credit card companies charge us 23% in interest, even when the prime rate is only at 1%”

Which credit card companies are charging 23%?  Who is being charged this?  Also, even if this were the case, how does a blockchain of some kind change that?

On p. 32 he writes:

“Blockchains offer truth and transparency as a base layer. But most trusted institutions do not offer transparency or truth. It will be an interesting encounter.”

This is just a broad sweeping generalization.  What does truth and transparency mean here?  Which blockchains?  Which institutions?  Cannot existing institutions build or use some kind of distributed ledger to provide the “truth” and “transparency” that he advocates?

On p. 33 he writes:

“The blockchain challenges the roles of some existing trust players and reassigns some of their responsibilities, sometimes weakening their authority.”

Typo: should be “trusted” not “trust.”

On p. 34 he writes:

“There is a lesson from Airbnb, which has mastered the art of allowing strangers to sleep in your house without fear.”

This is not true, there are many examples of Airbnb houses that have been trashed and vandalized.

On p. 34, just as the Tapscott’s did in their book, Mougayar talks about how Airbnb could use a blockchain for identity and reputation.  Sure, but what are the advantages of doing that versus a database or other existing technology?

On p. 37 he writes:

“Enterprises are the ones asking, because the benefits are not necessarily obvious to them.  For large companies, the blockchain presented itself as a headache initially. It was something they had not planned for.”

First off, which blockchain?  And which enterprises had a headache from it?

On p. 39 he writes: “Prior to the Bitcoin invention…”

He should probably flip that to read “the invention of Bitcoin”

On p. 40 he writes:

“… it did not make sense to have money as a digital asset, because the double-spend (or double-send) problem was not solved yet, which meant that fraud could have dominated.”

This is empirically untrue.  Centralized systems prevent double-spending each and every day.  There is a double-spending problem when you are using a pseudonymous, decentralized network and it is partially resolved (but not permanently solved) in Bitcoin by making it expensive, but not impossible, to double-spend.

On p. 41 he writes:

“They will be no less revolutionary than the invention of the HTML markup language that allowed information o be openly published and linked on the Web.”

This is a little redundant and should probably be rewritten as “the invention of the hypertext markup language (HTML).”

On p. 43 he writes:

“Smart contracts are ideal for interacting with real-world assets, smart property, Internet of Things (IoT) and financial services instruments.”

Why are smart contracts ideal for that?

On p. 46 he writes: “Time-stamping” and in other areas he writes it without a dash.

On p. 46 he writes:

“And blockchains are typically censorship resistant, due to the decentralized nature of data storage, encryption, and peer controls at the edge of the network.”

Which blockchains?  Not all blockchains in the market are censorship resistant.  Why and why not?

On p. 48 he mentions “BitIID” – this is a typo for “BitID”

On p. 51 he writes:

“Enter the blockchain and decentralized applications based on it. Their advent brings potential solutions to data security because cryptographically-secured encryption becomes a standard part of blockchain applications, especially pertaining to the data parts. By default, everything is encrypted.”

This is untrue.  Bitcoin does not encrypt anything nor does Ethereum.  A user could encrypt data first, take a hash of it and then send that hash to a mining pool to be added to a block, but the network itself provides no encryption ability.

On p. 52 he writes:

“Consensus in public blockchains is done publicly, and is theoretically subject to the proverbial Sybil attacks (although it has not happened yet).”

Actually, it has on altcoins.  One notable occurrence impacted Feathercoin during June 2013.

On p. 54 he writes:

“The blockchain can help, because too many Web companies centralized and hijacked what could have been a more decentralized set of services.”

This is the same meme in the Tapscott book.  There are many reasons for why specific companies and organizations have large users bases but it is hard to see how they hijacked anyone; but that is a different conversation altogether.

On p. 54 he writes:

“We can also think of blockchains as shared infrastructure that is like a utility. If you think about how the current Internet infrastructure is being paid for, we subsidize it by paying monthly fees to Internet service providers.  As public blockchains proliferate and we start running millions of smart contacts and verification services on them, we might be also subsidizing their operation, by paying via micro transactions, in the form of transaction fees, smart contract tolls, donation buttons, or pay-per-use schemes.”

This is a very liberal use of the word subsidize.  What Mougayar is describing above is actually more of a tax than a charitable donation.

The design behind Bitcoin was intended to make it such that there was a Nash equilibrium model between various actors.  That miners would not need to rely on charity to continue to secure the network because as block rewards decline, the fees themselves would in the long run provide enough compensation to pay for their security services.

It could be argued that this will not happen, that fees will not increase to offset the decline in block rewards but that is for a different article.

As an aside, Mougayar’s statement above then intersects with public policy: which blockchains should receive that subsidy or donation?  All altcoins too?  And who should pay this?

Continuing:

“Blockchains are like a virtual computer somewhere in a distributed cloud that is virtual and does not require server setups. Whoever opens a blockchain node runs the server, but not users or developers.”

This is untrue.  The ~6,400 nodes on the Bitcoin network are all servers that require setup and maintenance to run.  The same for Ethereum and any other blockchain.

On p. 58 he writes:

“It is almost unimaginable to think that when Satoshi Nakamoto released the code for the first Bitcoin blockchain in 2009, it consisted of just two computers and a token.”

A couple issues:

  1. There is a typo – “first” should be removed (unless there was another Bitcoin network before Bitcoin?)
  2. Timo Hanke and Sergio Lerner have hypothesized that Satoshi probably used multiple computers, perhaps more than a dozen.

On p. 58 he writes:

“One of the primary differences between a public and private blockchain is that public blockchains typically have a generic purpose and are generally cheaper to use, whereas private blockchains have a more specific usage, and they are more expensive to set up because the cost is born by fewer owners.”

This is not true.  From a capital and operation expenditure perspective, public blockchains are several orders of magnitude more expensive to own and maintain than a private blockchain.  Why?  Because there is no proof-of-work involved and therefore private blockchain operators do not need to spend $400 million a year, which is roughly the cost of maintaining the Bitcoin network today.

In contrast, depending on how a private blockchain (or distributed ledger) is set up, it could simply be run by a handful of nodes on several different cloud providers – a marginal cost.

Chapter 3

On p. 68 he writes:

“Taken as an extreme case, just about any software application could be rewritten with some blockchain and decentralization flavor into it, but that does not mean it’s a good idea to do so.”

Yes, fully agreed!

On p. 68 he writes:

“By mid-2016, there were approximately 5,000 developers dedicated to writing software for cryptocurrency, Bitcoin or blockchains in general. Perhaps another 20,000 had dabbled with some of that technology, or written front-end applications that connect to a blockchain, one way or the other.”

Mougayar cites his survey of the landscape for this.

I would dispute this though, it’s probably an order of magnitude less.

The only way this number is 5,000 is if you liberally count attendees at meetups or all the various altcoins people have touched over the year, and so forth.  Even the headcount of all the VC funded “bitcoin and blockchain” companies is probably not even 5,000 as of May 2016.

On p. 71 he writes:

“Scaling blockchains will not be different than the way we have continued to scale the Internet, conceptually speaking.  There are plenty of smart engineers, scientists, researchers, and designers who are up to the challenge and will tackle it.”

This is a little too hand-wavy.  One of the top topics that invariably any conversation dovetails into at technical working groups continues to be “how to scale” while keeping privacy requirements and non-functional requirements intact.  Perhaps this will be resolved, but it cannot be assumed that it will be.

On p. 72 he writes:

“Large organizations, especially banks, have not been particularly interested in adopting public blockchains for their internal needs, citing potential security issues. The technical argument against the full security of public blockchains can easily be made the minute you introduce a shadow of a doubt on a potential scenario that might wreak havoc with the finality of a transaction.  That alone is enough fear to form a deterring factor for staying away from public blockchain, although the argument could be made in favor of their security.”

This is a confusing passage.  The bottom line is that public blockchains were not designed with the specific requirements that regulated financial institutions have.  If they did, perhaps they would be used.  But in order to modify a public blockchain to provide those features and characteristics, it would be akin to turning an aircraft carrier into a submarine.  Sure it might be possible, but it would just be easier and safer to build a submarine instead.

Also, why would an organization use a public blockchain for their internal needs?  What does that mean?

On p. 78 he writes:

“Targeting Bitcoin primarily, several governments did not feel comfortable with a currency that was not backed by a sovereign country’s institutions.”

Actually, what made law enforcement and regulators uncomfortable was a lack of compliance for existing AML/KYC regulations.  The headlines and hearings in 2011-2013 revolved around illicit activities that could be accomplished as there were no tools or ability to link on-chain activity with real world identities.

Chapter 4

On p. 87 he writes:

“The reality is that customers are not going to the branch as often (or at all), and they are not licking as many stamps to pay their bills.  Meanwhile, FinTech growth is happening: it was a total response to banks’ lack of radical innovation.”

There are a couple issues going on here.

Banks have had to cut back on all spending due to cost cutting efforts as a whole and because their spending has had to go towards building reporting and compliance systems, neither of which has been categorized as “radical innovation.”

Also, to be balanced, manyh of the promises around “fintech” innovation still has yet to germinate due to the fact that many of the startups involved eventually need to incorporate and create the same cost structures that banks previously had to have.  See for instance, financial controls in marketplace lending – specifically Lending Club.

On p. 88 he writes:

“If you talk to any banker in the world, they will admit that ApplePay and PayPal are vexing examples of competition that simply eats into their margins, and they could not prevent their onslaught.”

Any banker will say that?  While a couple of business lines may change, which banks are being displaced by either of those two services right now?

On p. 89 he writes:

“Blockchains will not signal the end of banks, but innovation must permeate faster than the Internet did in 1995-2000.”

Why?  Why must it permeate faster?  What does that even mean?

On p. 89 he writes:

“This is a tricky question, because Bitcoin’s philosophy is about decentralization, whereas a bank is everything about centrally managed relationships.”

What does this mean?  If anything, the Bitcoin economy is even more concentrated than the global banking world, with only about a dozen exchanges globally that handle virtually all of the trading volume of all cryptocurrencies.

On p. 89 he writes:

“A local cryptocurrency wallet skirts some of the legalities that existing banks and bank look-alikes (cryptocurrency exchanges) need to adhere to, but without breaking any laws. You take “your bank” with you wherever you travel, and as long as that wallet has local onramps and bridges into the non-cryptocurrency terrestrial world, then you have a version of a global bank in your pocket.”

This is untrue.  There are many local and international laws that have been and continue to be broken involving money transmission, AML/KYC compliance and taxes.  Ignoring those though, fundamentally there are probably more claims on bitcoins – due to encumbrances – than bitcoins themselves.  This is a big problem that still hasn’t been dealt with as of May 2016.

On p. 95 he writes:

“The decentralization of banking is here. It just has not been evenly distributed yet.”

This is probably inspired by William Gibson who said: ‘The future is already here — it’s just not very evenly distributed.’

On p. 95 he writes:

“The default state and starting position for innovation is to be permissionless. Consequently, permissioned and private blockchain implementations will have a muted innovation potential.  At least in the true sense of the word, not for technical reasons, but for regulatory ones, because these two aspect are tie together.”

This is not a priori true, how can he claim this?  Empirically we know that permissioned blockchains are designed for different environments than something like Bitcoin.  How can he measure the amount of potential “innovation” either one has?

On p. 95 he writes:

“We are seeing the first such case unfold within the financial services sector, that seems to be embracing the blockchain fully; but they are embracing it according to their own interpretation of it, which is to make it live within the regulatory constraints they have to live with. What they are really talking about is “applying innovation,” and not creating it. So, the end-result will be a dialed down version of innovation.”

This is effectively an ad hominem attack on those working with regulated institutions who do not have the luxury of being able to ignore laws and regulations in multiple jurisdictions.  There are large fines and even jail time for ignoring or failing to comply with certain regulations.

On p. 95 he writes:

“That is a fact, and I am calling this situation the “Being Regulated Dilemma,” a pun on the innovator’s dilemma. Like the innovator’s dilemma, regulated companies have a tough time extricating themselves from the current regulations they have to operate within.  So, when they see technology, all they can do is to implement it within the satisfaction zones of regulators. Despite the blockchain’s revolutionary prognosis, the banks cannot outdo themselves, so they risk only guiding the blockchain to live within their constrained, regulated world.”

“It is a lot easier to start innovating outside the regulatory boxes, both figuratively and explicitly. Few banks will do this because it is more difficult.”

“Simon Taylor, head of the blockchain innovation group at Barclays, sums it up: “I do not disagree the best use cases will be outside regulated financial services. Much like the best users of cloud and big data are not the incumbent blue chip organizations.  Still their curioisity is valuable for funding and driving forward the entire space.” I strongly agree; there is hope some banks will contribute to the innovation potential of the blockchain in significant ways as they mature their understanding and experiences with this next technology.

An ending note to banks is that radical innovation can be a competitive advantage, but only if it is seen that way. Otherwise innovation will be dialed down to fit their own reality, which is typically painted in restrictive colors.

It would be useful to see banks succeed with the blockchain, but they need to push themselves further in terms of understanding what the blockchain can do. They need to figure out how they will serve their customers better, and not just how they will serve themselves better. Banks should innovate more by dreaming up use cases that we have not though about yet, preferably in the non-obvious category.

The fundamental problem with his statement is this: banks are heavily regulated, they cannot simply ignore the regulations because someone says they should.  If they fail to maintain compliance, they can be fined.

But that doesn’t mean they cannot still be innovative, or that the technology they are investigating now isn’t useful or helpful to their business lines.

In effect, this statement is divorced from the reality that regulated financial institutions operate in.  [Note: some of his content such as the diagram originated from his blog post]

On p. 102 he writes:

“Banks will be required to apply rigorous thinking to flush out their plans and positions vis-à-vis each one of these major blockchain parameters. They cannot ignore what happens when their core is being threatened.”

While this could be true, it is an over generalization: what type of business lines at banks are being threatened?  What part of “their” core is under attack?

On p. 103 he writes:

“More than 200 regulatory bodies exist in 150 countries, and many of them have been eyeing the blockchain and pondering regulatory updates pertaining to it.”

Surely that is a typo, there are probably 200 regulatory bodies alone in the US itself.

On p. 105 he writes:

“Banks will need to decide if they see the blockchain as a series of Band-Aids, or if they are willing to find the new patches of opportunity.  That is why I have been advocating that they should embrace (or buy) the new cryptocurrency exchanges, not because these enable Bitcoin trades, but because they are a new generation of financial networks that has figured out how to transfer assets, financial instruments, or digital assets swiftly and reliably, in essence circumventing the network towers and expense bridges that the current financial services industry relies upon.”

This is a confusing passage.

Nearly all of the popular cryptocurrency exchanges in developed countries require KYC/AML compliance in order for users to cash-in and out of their fiat holdings.  How do cryptocurrency exchanges provide any utility to banks who are already used to transferring and trading foreign exchange?

In terms of percentages, cryptocurrency exchanges are still very easy to compromise versus banks; what utility do banks obtain by acquiring exchanges with poor financial controls?

And, in order to fund their internal operations, cryptocurrency exchanges invariably end up with the same type of cost structures regulated financial institutions have; the advantage that they once had effectively involved non-compliance – that is where some of the cost savings was.  And banks cannot simply ignore regulations because people on social media want them to; these cryptocurrency sites require money to operate, hence the reason why many of them charge transaction fees on all withdrawals and some trades.

Chapter 5

On p. 115 he mentions La’Zooz and Maidsafe, neither of which – after several years of development, actually work.  Perhaps that changes in the future.

On p.118 he writes:

“There is another potential application of DIY Government 2.0. Suppose a country’s real government is failing, concerned citizens could create a shadow blockchain governance that is more fair, decentralized and accountable. There are at least 50 failed, fragile, or corrupt states that could benefit from an improve blockchain governance.”

Perhaps this is true, that there could be utility gain from some kind of blockchain.  But this misses a larger challenge: many of these same countries lack private property rights, the rule of law and speedy courts.

On p. 119 he writes about healthcare use cases:

“Carrying a secure wallet with our full electronic medical record in it, or our stored DNA, and allowing its access, in case of emergency.”

What advantage do customers gain from carrying this around in a secure wallet?  Perhaps they do, but it isn’t clear in this chapter.

On p. 126-127 he makes the case for organizations to have a “blockchain czar” but an alternative way to pitch this without all the pomp is simply to have someone be tasked with becoming a subject-matter expert on the topic.

On p. 131 he writes:

“Transactions are actually recorded in sequential data blocks (hence the word blockchain), so there is a historical, append-only log of these transaction that is continuously maintained and updated.  A fallacy is that the blockchain is a distributed ledger.”

It is not a fallacy.

Chapter 7

On p. 149 he writes: “What happened to the Web being a public good?”

Costs.  Websites have real costs.  Content on those websites have real costs.  And so forth.  Public goods are hard to sustain because no one wants to pay for them but everyone wants to use them.  Eventually commercial entities found a way to build and maintain websites that did not involve external subsidization.

On p. 150 he writes:

“Indeed, not only was the Web hijacked with too many central choke points, regulators supposedly continue to centralize controls in order to lower risk, whereas the opposite should be done.”

This conflicts with the “Internet is decentralized” meme that was discussed throughout the book.  So if aspects of the Internet are regulated, and Mougayar disagrees with those regulations, doesn’t this come down to disagreements over public policy?

On p. 153 he writes:

“Money is a form of value.  But not all value is money. We could argue that value has higher hierarchy than money. In the digital realm, a cryptocurrency is the perfect digital money.  The blockchain is a perfect exchange platform for digital value, and it rides on the Internet, the largest connected network on the planet.”

Why are cryptocurrencies perfect?  Perhaps they are, but it is not discussed here.

On p. 153 he also talks about the “programmability” of cryptocurrencies but doesn’t mention that if fiat currencies were digitally issued by central banks, they too could have the same programmable abilities.

On p. 160 he predicts:

“There will be dozens of commonly used, global virtual currencies that will be considered mainstream, and their total market value will exceed $5 trillion, and represent 5% of the world’s $100 trillion economy in 2025.”

Perhaps that occurs, but why?  And are virtual currencies now different than digital currencies?  Or are they the same?  None of these questions are really addressed.

Conclusion

This book is quick read but unfortunately is weighed down by many opinions that are not supported by evidence and consequently, very few practical applications for enterprises are explained in detail.

For regulated businesses such as financial institutions, there are several questions that need to be answered such as: what are the specific cost savings for using or integrating with some kind of blockchain?  What are the specific new business lines that could be created?  And unfortunately the first edition of this book did not answer these types of questions.  Let us look again at a future version.

Send to Kindle

Book review: Blockchain Revolution

[Disclaimer: The views expressed below are solely my own and do not necessarily represent the views of my employer or any organization I advise.]

A couple weeks ago I joked that while containment is impossible, it would be nice to know who patient-zero was for using the term “blockchain” without an article preceding it.  The mystery of who exactly removed the “a” before “blockchain” is probably residing on the same island that Yeti, Sasquatch, and the New England Patriot’s equipment team are now located.

The Tapscott’s, a Canada-based father-son duo, co-authored a new book that not only suffers from this grammatical faux pas but has several dozen errors and unproven assertions which are detailed in this review.

Below is a chapter-by-chapter look into a book that should have baked in the oven for a bit more time.  Note: all transcription errors are my own.

Chapter 1

On p. 5 the authors write:

“A decade later in 2009, the global financial industry crashed. Perhaps propitiously, a pseudonymous person or persons named Satoshi Nakamoto outlined a new protocol for a peer-to-peer electronic cash system using a cryptocurrency called bitcoin.”

Ignoring the current drama surrounding Craig Wright — the Australian who claims to be Satoshi — during the initial threads on Metzdowd, Satoshi mentioned he had been working on this project for 18 months prior; roughly mid-2007.  So it was more coincidental timing than intentional.

And much like other books on the same topic, the authors do not clarify that there are more than one type of blockchain in existence and that some are a type of distributed ledger.

For instance, on p. 6 they write:

“At its most basic, it is an open source code: anyone can download it for free, run it, and use it to develop new tools for managing transactions online.”

With the ‘it’ being a ‘blockchain.’  The problem with this grammatical issue is that we know empirically that there many different types of distributed ledgers and blockchains currently under development and not all of them are open sourced.  Nor does being open source automagically qualify something as a blockchain.

On p. 6 they write:

“However, the most important and far-reaching blockchains are based on Satoshi’s bitcoin model.”

That’s an opinion that the authors really don’t back up with facts later on.

In addition, on the same page they make the “encryption” error that also plagues books in this space: the Bitcoin blockchain does not use encryption.

For example, on page 6 they write:

“And the blockchain is encrypted: it uses heavy-duty encryption involving public and private keys (rather like the two-key system to access a safety deposit box) to maintain virtual security.”

Incorrect.  Bitcoin employs a couple different cryptographic processes, but it doesn’t use encryption.  Furthermore, the example of a ‘two-key system’ actually illustrates multisig, not public-private key pairs.

On p. 8 they write:

“Bankers love the idea of secure, frictionless, and instant transactions, but some flinch at the idea of openness, decentralization and new forms of currency.  The financial services industry has already rebranded and privatized blockchain technology, referring to it as distributed ledger technology, in an attempt to reconcile the best of bitcoin — security, speed, and cost — with an entirely closed system that requires a bank or financial institution’s permission to use.”

There is a lot of assumptions in here:

(1) it is unclear which “bankers” they are speaking about, is it every person who works at a bank?

(2) the term ‘openness’ is not very well defined, does that mean that people at banks do not want to have cryptographically proven provenance?

In addition, in order for something to be privatized it must have been public at first.  Claiming that the “blockchain” toolkit of ideas and libraries was privatized away from Bitcoin is misleading.  The moving pieces of Bitcoin itself are comprised of no less than 6 discrete elements that previously existed in the cryptography and distributed systems communities.

The Bitcoin network itself is not being privatized by financial institutions.  In fact, if anything, empirically Bitcoin itself is being carved away by entities and efforts largely financed by venture capital — but that is a topic for another article.  Furthermore, research into distributed computing and distributed consensus techniques long predates Bitcoin itself, by more than a decade.

Lastly, and this is why it helps to clearly define words at the beginning of a book, it is important to note that some blockchains are a type of distributed ledger but not all distributed ledgers are blockchains.

On page 9 they write that:

“In 2014 and 2015 alone more than $1 billion of venture capital flooded into the emerging blockchain ecosystem, and the rate of investment is almost doubling annually.”

This is only true if you conflate cryptocurrency systems with non-cryptocurrency systems.  The two are separate and have completely different business models.  See my December presentation for more details about the divergence.

On p. 9 they write:

“A 2013 study showed that 937 people owned half of all bitcoin, although that is changing today.”

First off, this is a typo because the original article the authors cite, actually says the number is 927 not 937.  And the ‘study’ showed that about half of all bitcoins resided on addresses controlled by 937 on-chain entities.  Addresses does not mean individuals.  It is likely that some of these addresses (or rather, UTXOs) are controlled and operated by early adopters (like Roger Ver) as well as exchanges (like Bitstamp and Coinbase).

Furthermore, it is unclear from the rest of the book how that concentration of wealth is changing — where is that data?

On p. 18 they write about Airbnb, but with a blockchain.  It is unclear from their explanation what the technical advantage is of using a blockchain versus a database or other existing technology.

On p. 20 they write:

“Abra and other companies are building payment networks using the blockchain. Abra’s goal is to turn every one of its users into a teller. The whole process — from the funds leaving one country to their arriving in another — takes an hour rather than a week and costs 2 percent versus 7 percent or higher.  Abra wants its payment network to outnumber all physical ATMs in the world.  It took Western Union 150 years to get to 500,000 agents worldwide.  Abra will have that many tellers in its first years.”

There are at least 3 problems with this statement:

  1.  the authors conflate a blockchain with all blockchains; empirically there is no “the” blockchain
  2.  Abra’s sales pitch relies on the ability to convince regulators that the company itself just make software and doesn’t participate in money transmission or movement of financial products (which it does by hedging)
  3.  Abra was first publicly announced in March 2015 and then formally launched in the Philippines in October 2015.

Fast forward to May 2016 and according to the Google Play Store and Abra has only been downloaded about 5,000 times.

Perhaps it will eventually reach 500,000 and even displace Western Union, but the authors’ predictions that this will occur in one year is probably not going to happen at the current rate.

Furthermore, on p. 186 they write that “Abra takes a 25-basis-point fee on conversion.”

Will this require a payment processing license in each jurisdiction the conversion takes place?

On page 24 they write:

“Other critics point to the massive amount of energy consumed to reach consensus in just the bitcoin network: What happens when thousands or perhaps millions of interconnected blockchains are each processing billions of transactions a day?  Are the incentives great enough for people to participate and behave safely over time, and not try to overpower the network? Is blockchain technology the worst job killer ever?”

There are multiple problems with this statement:

  1.  on a proof-of-work blockchain, the amount of energy consumed is not connected with the amount of transactions being processed.  Miners consume energy to generate proofs-of-work irrespective of the number of transactions waiting in the memory pool.  Transaction processing itself is handled by a different entity entirely called a block maker or mining pool.
  2.  as of May 2016, it is unclear why there would be millions of interconnected proof-of-work blockchains.  There are perhaps a couple hundred altcoins, at least 100 of which are dead, but privately run blockchains do not need to use proof-of-work — thus the question surrounding incentives is a non sequitur.
  3.  while blockchains however defined may displace workers of some kind at some point, the authors never really zero in on what “job killing” blockchains actually do?

On p. 25 they write:

“The blockchain and cryptocurrencies, particularly bitcoin, already have massive momentum, but we’re not predicting whether or not all this will succeed, and if it does, how fast it will occur.”

Nowhere do the authors actually cite empirical data showing traction.  If there was indeed massive momentum, we should be able to see that from data somewhere, but so far that is not happening.  Perhaps that changes in the future.

The closing paragraph of Chapter 1 states that:

“Everyone should stop fighting it and take the right steps to get on board. Let’s harness this force not for the immediate benefit of the few but for the lasting benefit of the many.”

Who is fighting what?  They are presumably talking about a blockchain, but which one?  And why should people stop what they are doing to get on board with something that is ill-defined?

Chapter 2

On p. 30 they write that:

“Satoshi leveraged an existing distributed peer-to-peer network and a bit of clever cryptography to create a consensus mechanism that could solve the double-spend problem as well as, if not better than, a trusted third party.”

The word “trust” or variation thereof appears 11 times in the main body of the original Satoshi whitepaper.  Routing around trusted third parties was the aim of the project as this would then allow for pseudonymous interaction.  That was in October 2008.

What we empirically see in 2016 though is an increasingly doxxed environment in which it could be argued that ‘trusted’ parties could do the same job — movement of payments — in a less expensive manner.  But that is a topic for another article.

On p. 33 they write:

“So important are the processes of mining — assembling a block of transactions, spending some resource, solving the problem, reaching consensus, maintaining a copy of the full ledger — that some have called the bitcoin blockchain a public utility like the Internet, a utility that requires public support. Paul Brody of Ernst & Young thinks that all our appliances should donate their processing power to upkeep of a blockchain: “Your lawnmower or dishwasher is going to come with a CPU that is probably a thousand times more powerful than it actually needs, and so why not have it mine? Not for the purpose of making you money, but to maintain your share of the blockchain,” he said.  Regardless of the consensus mechanism, the blockchain ensures integrity through clever code rather than through human beings who choose to do the right thing.”

Let’s dissect this:

  1.  the process of mining, as we have looked at before, involves a division of labor between the entities that generate proofs-of-work – colloquially referred to as miners, and those that package transactions into blocks, called blockmakers.  Miners themselves do not actually maintain a copy of a blockchain, pools do.
  2.  while public blockchains like Bitcoin are a ‘public good,’ it doesn’t follow how or why anyone should be compelled to subsidize them, at least the reasons why are not revealed to readers.
  3.  the only reason proof-of-work was used for Bitcoin is because it was a way to prevent Sybil attacks on the network because participants were unknown and untrusted.  Why should a washing machine vendor integrate an expensive chip to do calculations that do not help in the washing process?  See Appendix B for why they shouldn’t.
  4.  because proof-of-work is used in a public blockchain and public blockchains are a public good, how does anyone actually have a “share” of a blockchain? What does that legally mean?

On p. 34 they write:

“The blockchain resides everywhere. Volunteers maintain it by keeping their copy of the blockchain up to date and lending their spare computer processing units for mining. No backdoor dealing.”

There are multiple problems with this:

  1.  to some degree entities that run a fully validating node could be seen as volunteering for a charity, but most do not lend spare computer cycles because they do not have the proper equipment to do so (ASIC hardware)
  2.  to my knowledge, none of the professional mining farms that exist have stated they are donating or lending their mining power; instead they calculate the costs to generate proofs-of-work versus what the market value of a bitcoin is worth and entering and exiting the market based on the result.
  3.  this is a contentious issue, but because of the concentration and centralization of both mining and development work, there have been multiple non-public events in which mining pools, mining farms and developers get together to discuss roadmaps and policy. Is that backdoor dealing?

On p. 35 they write:

“Nothing passes through a central third party; nothing is stored on a central server.”

This may have been true a few years ago, but only superficially true today.  Most mining pools connect to the Bitcoin Relay Network, a centralized network that allows miners to propagate blocks faster than they would if they used the decentralized network itself to do so (it lowers the amount of orphan blocks).

On p. 37 they write:

“The paradox of these consensus schemes is that by acting in one’s self-interest, one is serving the peer-to-peer (P2P) network, and that in turn affects one’s reputation as a member of the economic set.”

Regarding cryptocurrencies, there is currently no built-in mechanism for tracking or maintaining reputation on their internal P2P network.  There are projects like OpenBazaar which are trying to do this, but an on-chain Bitcoin user does not have a reputation because there is no linkage real world identity (on purpose).

On p. 38 they write:

“Trolls need not apply”

Counterfactually, there are many trolls in the overall blockchain-related world, especially on social media in part because there is no identity system that links pseudonymous entities to real world, legal identities.

On p. 39 the authors list a number of high profile data breaches and identity thefts that took place over the past year, but do not mention the amount of breaches and thefts that take place in the cryptocurrency world each year.

On p. 41 they write:

“Past schemes failed because they lacked incentive, and people never appreciated privacy as incentive enough to secure those systems,” Andreas Antonopoulos said. The bitcoin blockchain solves nearly all these problem by providing the incentive for wide adoption of PKI for all transaction of value, not only through the use of bitcoin but also in the shared bitcoin protocols.  We needn’t worry about weak firewalls, thieving employees, or insurance hackers. If we’re both using bitcoin, if we can store and exchange bitcoin securely, then we can store and exchange highly confidential information and digital assets securely on the blockchain.”

There are multiple problems with this statement:

  1.  it is overly broad and sweeping to say that every past PKI system has not only failed, but that they all failed because of incentives; neither is empirically true
  2.  Bitcoin does not solve for connecting real world legal identities that still will exist with our without the existence of Bitcoin
  3.  there are many other ways to securely transmit information and digital assets that does not involve the use of Bitcoin; and the Bitcoin ecosystem itself is still plagued by thieving employees and hackers

On p. 41 they write:

“Hill, who works with cryptographer Adam Back at Blockstream, expressed concern over cryptocurrencies that don’t use proof of work. “I don’t think proof of stake ultimately works. To me, it’s a system where the rich get richer, where people who have tokens get to decide what the consensus is, whereas proof of works ultimately is a system rooted in physics. I really like that because it’s very similar to the system for gold.”

There are multiple problems with this as well:

  1.  people that own bitcoins typically try to decide what the social consensus of Bitcoin is — by holding conferences and meetings in order to decide what the roadmap should or should not be and who should and should not be administrators
  2.  the debate over whether or not a gold-based economy is good or not is a topic that is probably settled, but either way, it is probably irrelevant to creating Sybil resistance.

On p. 42 they write:

“Satoshi installed no identity requirement for the network layer itself, meaning that no one had to provide a name, e-mail address, or any other personal data in order to download and use the bitcoin software. The blockchain doesn’t need to know who anybody is.”

The authors again conflate the Bitcoin blockchain with all blockchains in general:

  1.  there are projects underway that integrate a legal identity and KYC-layer into customized distributed ledgers including one literally called KYC-Chain (not an endorsement)
  2.  empirically public blockchains like Bitcoin have trended towards being able to trace and track asset movement back to legal entities; there are a decreasing amount of non-KYC’ed methods to enter and exit the network

On p. 43 they write:

“The blockchain offers a platform for doing some very flexible forms of selective and anonymous attestation. Austin Hill likened it to the Internet. “A TCP/IP address is not identified to a public ID. The network layer itself doesn’t know. Anyone can join the Internet, get an IP address, and start sending and receiving packets freely around the world. As a society, we’ve seen an incredible benefit allowing that level of pseudonymity… Bitcoin operates almost exactly like this. The network itself does not enforce identity. That’s a good thing for society and for proper network design.”

This is problematic in a few areas:

  1.  it is empirically untrue that anyone can just “join the Internet” because the Internet is just an amalgamation of intranets (ISPs) that connect to one another via peering agreements.  These ISPs can and do obtain KYC information and routinely kick people off for violating terms of service.  ISPs also work with law enforcement to link IP addresses with legal identities; in fact on the next page the authors note that as well.
  2.  in order to use the Bitcoin network a user must obtain bitcoins somehow, almost always — as of 2016 — through some KYC’ed manner.  Furthermore, there are multiple projects to integrate identity into distributed ledger networks today.  Perhaps they won’t be adopted, but regulated institutions are looking for ways to streamline the KYC/AML process and baking in identity is something many of them are looking at.

On p. 44 they write:

“So governments can subpoena ISPs and exchanges for this type of user data.  But they can’t subpoena the blockchain.”

That is not quite true.  There are about 10 companies that provide data analytics to law enforcement in order to track down illicit activity involving cryptocurrencies all the way to coin generation itself.

Furthermore, companies like Coinbase and Circle are routinely subpoenaed by law enforcement.  So while the network itself cannot be physically subpoenaed, there are many other entities in the ecosystem that can be.

On p. 46 they write:

“Combined with PKI, the blockchain not only prevents a double spend but also confirms ownership of every coin in circulation, and each transaction is immutable and irrevocable.”

The public-private key technology being used in Bitcoin does not confirm ownership, only control.  Ownership implies property rights and a legal system, neither of which currently exist in the anarchic world of Bitcoin.

Furthermore, while it is not currently possible to reverse the hashes (hence the immutability characteristic), blocks can and have been reorganized which makes the Bitcoin blockchain itself revocable.

On p. 47 they write:

“No central authority or third party can revoke it, no one can override the consensus of the network. That’s a new concept in both law and finance. The bitcoin system provides a very high degree of certainty as to the outcome of a contract.”

This is empirically untrue: CLS and national real-time gross settlement (RTGS) systems are typically non-reversible.  And the usage of the word contract here implies some legal standing, which does not exist in Bitcoin; there is currently no bridge between contracts issued on a public blockchain with that of real world.

On p. 50 they write:

“That was part of Satoshi’s vision. He understood that, for people in developing economies, the situation was worse.  When corrupt or incompetent bureaucrats in failed states need funding to run the government, their central banks and treasuries simply print more currency and then profit from the difference between the cost of manufacturing and the face value of the currency. That’s seigniorage. The increase in the money supply debases the currency.”

First off, they provide no evidence that Satoshi was actually concerned about developing countries and their residents.  In addition, they mix up the difference between seigniorage and inflation – they are not the same thing.

In fact, to illustrate with Bitcoin: seigniorage is the marginal value of a bitcoin versus the marginal cost of creating that bitcoin.  As a consequence, miners effectively bid up such that in the long run the cost equals the value; although some miners have larger margins than others.  In contrast, the increase in the money supply (inflation) for Bitcoin tapers off every four years.  The inflation or deflation rate is fully independent of the seigniorage.

Chapter 3

On p. 56 they quote Erik Vorhees who says:

“It is faster to mail an anvil to China than it is to send money through the banking system to China. That’s crazy!  Money is already digital, it’s not like they’re shipping palletes of cash when you do a wire.”

This is empirically untrue, according to SaveOnSend.com a user could send $1,000 from the US to China in 24 hours using TransFast. In addition:

  1.  today most money in developed countries is electronic, not digital; there is no central bank digital cash yet
  2.  if new distributed ledgers are built connecting financial institutions, not only could cross-border payments be done during the same day, but it could also involve actual digital cash

On p. 59 they write:

“Other blockchain networks are even faster, and new innovations such as the Bitcoin Lightning Network, aim to dramatically scale the capacity of the bitcoin blockchain while dropping settlement and clearing times to a fraction of a second.”

This is problematic in that it is never defined what clearing and settlement means.  And, the Bitcoin network can only — at most — provide some type of probabilistic settlement for bitcoins and no other asset.

On p. 67 they write:

“Private blockchains also prevent the network effects that enable a technology to scale rapidly. Intentionally limiting certain freedoms by creating new rules can inhibit neutrality. Finally, with no open value innovation, the technology is more likely to stagnate and become vulnerable.”

Not all private blockchains or distributed ledgers are the same, nor do they all have the same terms of service. The common theme has to do with knowing all the participants involved in a transaction (KYC/KYCC) and only certain known entities can validate a transaction.

Furthermore, the authors do not provide any supporting evidence for why this technology will stagnate or become vulnerable.

On p. 70 they write:

“The financial utility of the future could be a walled and well-groomed garden, harvested by a cabal of influential stakeholders, or it could be an organic and spacious ecosystem, where people’s economic fortunes grow wherever there is light.  The debate rages on, but if the experience of the first generation of the Internet has taught us anything, it’s that open systems scale more easily than closed ones.”

The authors do not really define what open and closed means here.  Fulfilling KYC requirements through terms of service at ISPs and governance structures like ICANN did not prevent the Internet from coming into existence.  It is possible to have vibrant innovation on top of platforms that require linkage to legal identification.

On p. 72 the authors quote Stephen Pair stating:

“Not only can you issue these assets on the blockchain, but you can create systems where I can have an instantaneous atomic transaction where I might have Apple stock in my wallet and I want to buy something or you.  But you want dollars.  With this platform I can enter a single atomic transaction (i.e., all or none) and use my Apple stock to send you dollars.”

This is currently not possible with Bitcoin without changing the legal system.  Furthermore:

  1.  this is probably not safe to do with Bitcoin due to how colored coin schemes distort the mining incentive scheme
  2.  from a technological point of view, there is nothing inherently unique about Bitcoin that would enable this type of atomic swapping that several other technology platforms could do as well

On p. 73 they write:

“Not so easy.  Banks, despite their enthusiasms for blockchain, have been wary of these companies, arguing blockchain businesses are “high-risk” merchants.”

Once again this shows how the authors conflate “blockchain” with “Bitcoin.”  The passage they spoke about Circle, a custodian of bitcoins that has tried to find banks to partner with for exchanging fiat to bitcoins and vice versa.  This is money transfer.  This type of activity is different than what a “blockchain” company does, most of whom aren’t exchanging cryptocurrencies.

On p. 74 they write:

“Third, new rules such as Sarbanes-Oxley have done little to curb accounting fraud. If anything, the growing complexity of companies, more multifaceted transactions, and the speed of modern commerce create new ways to hide wrongdoing.”

This may be true, but what are the stats or examples of people violating Sarbanes-Oxley, and how do “blockchains” help with this specifically?

On p. 78 they write:

“The blockchain returns power to shareholders. Imagine that a token representing a claim on an asset, a “bitshare,” could come with a vote or many votes, each colored to a particular corporate decision.  People could vote their proxies instantly from anywhere, thereby making the voting process for major corporate actions more response, more inclusive, and less subject to manipulation.”

First off, which blockchain?  And how does a specific blockchain provide that kind of power that couldn’t otherwise be done with existing non-blockchain technology?

On p. 80 they quote Marc Andreessen who says:

“PayPal can do a real-time credit score in milliseconds, based on your eBay purchase history — and it turns out that’s a better source of information than the stuff used to generate your FICO score.”

But what if you do not use eBay?  And why do you need a blockchain to track or generate a credit rating?

On p. 81:

“This model has proven to work.  BTCjam is a peer-to-peer lending platform that uses reputation as the basis for extending credit.”

BTCjam appears to have plateaued. They currently have a low churn rate on the available loans and they exited the US market 2 months ago.

On p. 83 they write:

“The blockchain IPO takes the concept further. Now, companies can raise funds “on the blockchain” by issuing tokens, or cryptosecurities, of some value in the company. They can represent equity, bonds, or, in the case of Augur, market-maker seats on the platform, granting owners the right to decide which prediction markets the company will open.”

From a technical perspective this may be possible, but from a legal and regulatory perspective, it may not be yet. Overstock has been given permission by the SEC to experiment with issuance.

On p. 86 they write:

“Bitcoin cannot have bail-ins, bank holidays, currency controls, balance freezes, withdrawal limits, banking hours,” said Andreas Antonopoulos.

That’s not quite true.  Miners can and will continue to meet at their own goals and they have the power to hard fork to change any of these policies including arbitrarily increasing or decreasing the issuance as well as changing fees for faster inclusion.  They also have the ability to censor transactions altogether and potentially — if the social value on the network increases — “hold up” transactions altogether.

Also, this doesn’t count the subsidies that miners receive from the utilities.

On p. 98 they write:

“To this last characteristic, Antonopoulos notes: “If there is enough financial incentive to preserve this blockchain into the future, the possibility of it existing for tens, hundreds, or even thousands of years cannot be discounted.”

It can arguably be discounted.  What evidence is presented to back up the claim that any infrastructure will last for hundreds of years?

On p. 100 they write:

“And just imagine how the Uniform Commercial Code might look on the blockchain.”

Does this mean actually embedding the code as text onto a blockchain?  Or does this mean modifying the UCC to incorporate the design characteristics of a specific blockchain?

On p. 102 they write:

“What interests Andreas about the blockchain is that we can execute this financial obligation in a decentralized technological environment with a built-in settlement system. “That’s really cool,” he said, “because I could actually pay you for the pen right now, you would see the money instantly, you would put the pen in the mail, and I could get a verification of that. It’s much more likely that we can do business.”

I assume that they are talking about the Bitcoin blockchain:

  1.  there is no on-chain settlement of fiat currencies, which is the actual money people are settling with on the edges of the network
  2.  since it is not fiat currency, it does not settle instantly.  In fact, users still have a counterparty risk involving delivery of the pen versus the payment.
  3.  if a central bank issued a digital currency, then there could be on-chain settlement of cash.

On p. 103 they write:

“If partners spends more time up front determining the terms of an agreement, the monitoring, enforcement, and settlement costs drop significantly, perhaps to zero.  Further, settlement can occur in real time, possibly in microseconds throughout the day depending on that deal.”

The DTCC published a white paper in January that explains they can already do near real-time settlement, but T+3 exists due to laws and other market structures.

On p. 105 they write that:

“Multisig authentication is growing in popularity. A start-up called Hedgy is using multisig technology to create futures contracts: parties agree on a price of bitcoin that will be traded in the future, only ever exchanging the price difference.”

As an aside, Hedgy is now dead.  Also, there are other ways to illustrate multisig utility as a financial control to prevent abuse.

On p. 106 they wrote that:

“The trouble is that, in recent business history, many hierarchies have not been effective, to the point of ridicule. Exhibit A is The Dilbert Principle, most likely one of the best-selling management books of all time, by Scott Adams. Here’s Dilbert on blockchain technology from a recent cartoon…”

The problem is that the cartoon they are citing (above) was actually a parody created by Ken Tindell last year.

The original Scott Adam’s cartoon was poking fun of databases and is from November 17, 1995.

On p. 115 they write:

“But the providers of rooms receive only part of the value they create. International payments go through Western Union, which takes $10 of every transaction and big foreign exchange off the top.”

Western Union does not have a monopoly on international payments, in fact, in many popular corridors they have less than 25% of market share.  In addition, Western Union does not take a flat $10 off every transaction.  You can test this out by going to their price estimator.  For instance, sending $1,000 from the US to a bank account in China will cost $8.

On p. 117 they write about a fictional blockchain-based Airbnb called bAirbnb:

“You and the owner have now saved most of the 15 percent Airbnb fee. Settlements are assured and instant.  There are no foreign exchange fees for international contracts.  You need not worry about stolen identity. Local governments in oppressive regimes cannot subpoena bAirbnb for all its rental history data. This is the real sharing-of-value economy; both customers and service providers are the winner.”

The problem with their statement is that cash settlements, unless it is digital fiat, is not settled instantly.  Identities can still be stolen on the edges (from exchanges).  And, governments can still issue subpoenas and work with data analytics companies to track provenance and history.

On p. 119 they write:

“Along comes blockchain technology.  Anyone can upload a program onto this platform and leave it to self-execute with a strong cryptoeconomical guarantee that the program will continue to perform securely as it was intended.”

While that may have been the case when these cryptocurrency systems first launched, in order to acquire ether (for Ethereum) or bitcoin, users must typically exchange fiat first.  And in doing so, they usually dox themselves through the KYC requirements at exchanges.

On p.123-124 they write about a ‘Weather decentralized application’ but do not discuss how its infrastructure is maintained let alone the Q-o-S.

On p.127 they write:

“Using tokens, companies such as ConsenSys have already issued shares in their firms, staging public offerings without regulatory oversight.”

The legality of this is not mentioned.

On p. 128 they write:

“Could there be a self-propagating criminal or terrorist organizations?  Andreas Antonopolous is not concerned.  He believes that the network will manages such dangers. “Make this technology available to seven and a half billion people, 7.499 billion of those will use it for good and that good can deliver enormous benefit to society.”

How does he know this?  Furthermore, the Bitcoin network itself is already available to hundreds of millions, but many have chosen not to use it.  Why is this not factored into the prediction?

On p.131 they write:

“What if Wikipedia went on the blockchain — call it Blockpedia.”

The total article text of English Wikipedia is currently around 12 gigabytes.  If it is a public blockchain, then how would this fit on the actual blockchain itself?  Why not upload the English version onto the current Bitcoin blockchain as an experiment?  What utility is gained?

From p. 129-144 they imagine seven ideas that are pitched as business ideas, but in most instances it is unclear what the value proposition that a blockchain provides over existing technology.

Chapter 6

On p. 148 they write that:

“The Internet of Things cannot function without blockchain payment networks, where bitcoin is the universal transactional language.”

What does that mean?  Does that mean that there are multiple blockchains and that somehow bitcoin transactions control other blockchains too?

On p. 152 they write:

“Last is the overarching challenge of centralized database technology — it can’t handle trillions of real-time transactions without tremendous costs.”

What are those costs?  And what specifically prevents databases from doing so?

On p. 153 they write:

“Other examples are a music service, or an autonomous vehicle,” noted Dino Mark Angaritis, founder of Smartwallet, “each second that the music is playing or the car is driving it’s taking a fraction of a penny out of my balance. I don’t have a large payment up front and pay only for what I use.  The provider runs no risk of nonpayment. You can’t do these things with a traditional payment networks because the fees are too high for sending fractions of a penny off your credit card.”

Depositing first and having a card-on-file are types of solutions that currently exist.  “Microtipping” doesn’t really work for a number of reasons including the fact that consumers do not like to nickel and dime themselves.  This is one of the reasons that ChangeTip had difficulties growing.

Furthermore, the tangential market of machine-to-machine payments may not need a cryptocurrency for two reasons:

  • M2M payments could utilize existing electronic payment systems via pre-paid and card-on-file solutions
  • The friction of moving into and out of fiat to enter into the cryptocurrency market is an unnecessary leg, especially if and when central bank digital currency is issued.

On pages 156-169 nearly all of the examples could use a database as a solution, it is unclear what value a blockchain could provide in most cases.  Furthermore, on p. 159 they discuss documentation and record keeping but don’t discuss how these records tie into current legal infrastructure.

Chapter 7

On p. 172 they write:

“We’re talking billions of new customers, entrepreneurs, and owners of assets, on the ground and ready to be deployed. Remember, blockchain transactions can be tiny, fractions of pennies, and cost very little complete.”

Maybe some transactions on some blockchains cost fractions of pennies, but currently not Bitcoin transactions.

On p.177 they write that “David Birch, a cryptographer and blockchain theorist, summed it up: “Identity is the new money.”

David Birch is not a cryptographer.

On p. 179 they write:

“Financing a company is easier as you can access equity and debt capital on a global scale, and if you’re using a common denominator — like bitcoin — you need not worry about exchange rates and conversation rates.”

Unless everyone is using one currency, this is untrue.

On p.185 they write:

“Sending one bitcoin takes about 500 bits, or roughly one one-thousandth the data consumption of one second of video Skype!”

But users still need to cash out on the other side which requires different infrastructure than Skype, namely money transmitter licenses and bank accounts.

On p. 192 they write that:

“Second, it can mean better protection of women and children. Through smart contracts, funds can be donated into escrow accounts, accessible only by women, say, for accessing food, feminine products, health care, and other essentials.”

How can a smart contract itself detect what gender the user is?

On p.194 they write:

“In jurisdictions like Honduras where trust is low in public institutions and property rights systems are weak, the bitcoin blockchain could help to restore confidence and rebuild reputation.”

How does Bitcoin do that?  What are the specific ways it can?

Chapter 8

On p. 202 they write:

“People can register their copyrights, organize their meetings, and exchange messages privately and anonymously on the blockchain.”

Which blockchain does this?  There are external services like Ascribe.io that purportedly let creators take a hash of a document (such as a patent) and store it into a blockchain.  But the blockchain itself doesn’t have that feature.

On p.214 they write:

“But surely a more collaborative model of democracy — perhaps one of that rewards participation such as the mining function — could encourage citizens’ engagement and learning about issues, while at the same time invigorating the public sector with the keen reasoning the nation can collectively offer.”

How?

Chapter 10

On p. 255 they mention that Greek citizens during 2015 would’ve bought more bitcoins if they had better access to ATMs and exchanges.  But this is not true, empirically people typically try to acquire USD because it is more universal and liquid.  Perhaps that changes in the future, but not at this time.

On p. 260 they write:

“The cost for having no central authority is the cost of that energy,” said Eric Jennings, CEO of Filament, an industrial wireless sensor network. That’s one side of the argument. The energy is what it is, and it’s comparable to the cost incurred in securing fiat currency.”

Where is the citation?  The reason the costs of securing the Bitcoin network are currently around $400 million a year is because that is roughly the amount of capital and energy expended by miners to secure a network in which validators are unknown and untrusted.  If you know who the participants are, the costs of securing a network drop by several orders of magnitude.

On p. 261 they write about the BitFury Group, a large mining company:

“Its founder and CEO, Valery Vavilov, argued the view that machines and mining operations overall will continue to get more energy efficient and environmentally friendly.”

Actually what happens is that while the ASIC chips themselves become more energy efficient, miners in practice will simply add more equipment and maintain roughly the same energy costs as a whole.  That is to say, if a new chip is 2x as efficient as before, miners typically just double the acquisition of equipment — maintaining the same amount of energy consumption, while doubling the hashrate.  There is no “environmental friendliness” in proof-of-work blockchains due to the Red Queen Effect.

On p. 274 they write:

“There will be many attempts to control the network,” said Keonne Rodriguez of Blockchain. “Big companies and governments will be devoted to breaking down privacy. The National Security Agency must be actively analyzing data coming through the blockchain even now.”

With thousands of copies being replicated around the world, it’s unclear who actually is storing it, perhaps intelligence agencies are.  We do know that at least 10 companies are assisting compliance teams and law enforcement in tracking the provenance of cryptocurrency movements.

On p. 282 they write:

“Indeed, Mike Hearn, a prominent bitcoin core developer, caused a quite a stir in January 2015 when he wrote a farewell letter to the industry foretelling bitcoin’s imminent demise.”

Wrong year, it was in January 2016.

On p. 291 they write that:

“Licensed exchanges, such as Gemini, have gained ground perhaps because their institutional clientele know they’re now as regulated as banks.”

Actually, Gemini hasn’t gained ground and remains relatively flat over the past ~5 months.  Even adding ether to their list of assets didn’t move the dial.

Conclusion

Overall the book was published a little too early as there hasn’t been much real traction in the entire ecosystem.

The content and perspective is currently skewed towards telling the cryptocurrency narrative and seemingly downplays the important role that institutions and enterprises have played over the past year in the wider distributed ledger ecosystem.

If you are looking for just one book to read on the topic, I would pass on this and wait for a future edition to rectify the issues detailed above.

Send to Kindle

Reading the tea leaves

Three years since the current wave began and $1 billion later, cryptocurrency / public blockchain ecosystem is experiencing such a level of “fast growth” that no one is able to publish any real usage numbers.1

Sarcasm aside, despite copious amounts of news coverage, interviews and conferences, very few VC-backed cryptocurrency-related startups are divulging any non-gamable numbers.

I had hoped to do a regular quarterly update (see previous January post regarding usage numbers) but there just isn’t much public data to go on.  In fact, there is less data today than 3 months ago.

For instance, at some point in the past couple of months, Coinbase removed its wallet transaction volume chart from its chart site.  This coincides with a public announcement made in February that ‘Coinbase is not a wallet.’  As Brian Armstrong, CEO of Coinbase stated:

Over the next year or so, you’ll see the Coinbase brand shift from being a hybrid wallet/exchange to focusing on purely being a retail and institutional exchange. It will take some time to update, but the transition will happen.

Interestingly, this somewhat conflicts with another statement made in a Forbes piece this past week covering Coinbase and Blockchain.info, stating:

Currently, 80% of Coinbase’s customers buy bitcoin as an investment, and 20% transact with it, though that balance is currently shifting more toward transactions.

Perhaps transaction volume overall is increasing, but if so, why remove the wallet transaction volume chart?  Or is it solely related to transaction volume on the exchange?

The same Forbes article also mentioned another specific aggregate number:

“Startups play a pretty integral role in the sense that we represent most of the end. If you look at users of Bitcoin on the network, most of them are represented by one of the major Bitcoin companies,” says Peter Smith, chief executive of Blockchain, adding that five or six companies, including Coinbase and Blockchain, represent about 80% of transaction volume on the network. Numerous startups are also using Bitcoin to enable their users to more easily send remittances, cross-border payments and peer-to-peer payments, as well as make mobile in-app purchases.

Maybe this is true, maybe there are 5 or 6 companies that represent the lionshare of volume on the Bitcoin network itself.  If so, we should be able to see that.

chainalysis

This is a simplified, color coded version of a tool that Chainalysis provides to its customers such as compliance teams at exchanges. The thickness of a band accurately represents the volume of that corridor, it is drawn to scale.  The names of certain entities are redacted.

The image is based on data for the first quarter of 2016 and is an update to the chart I published in an article back in January.

Based on the chart above, there are in fact 5-6 organizations that represent 80% of the volume; both Coinbase and Blockchain.info are among them (Blockchain.info also operates SharedCoin).

In fact, Chainalysis recently updated their methodology and found that Coinbase transactions represent every 6th or 7th transaction on the Bitcoin blockchain. 2 This specific area of data science is continuously undergoing refinement and should be looked at once again in the coming months.

The same Forbes article says that Coinbase has 3.5 million users and Blockchain.info has 6.5 million wallet holders.

But as we have looked at before, what does that even mean?  Few companies publicly define what a user or wallet actually represents.  I have looked at this twice in the past:

The bottom line is that “monthly active users” (MAU) — which is one of the standard methods for measuring real growth (and success) of an application, is still largely unreported by any cryptocurrency-related company that has raised a Series A or higher.3

Other public data

Where can we find data that is still be published and could reflect usage numbers of public blockchains?

P2SH addresses

Source: P2SH.info

As shown above, over the past month, the amount of bitcoins stored using P2SH addresses increased from 9.99% to 11.7%.

A large noticeable pop took place two weeks ago and some speculated that it could be a Liquid-related multi-sig movement.

opreturn total transactions

Source: opreturn.org

OP_RETURN has also seen increased usage.  Above is a chart measuring the past 15 months of usage.

As described in Watermarked Tokens, OP_RETURN is an opcode in Bitcoin’s scripting language that is commonly used by colored coin projects.

At the time of this writing, in terms of percentages, the top 5 projects that have used OP_RETURN the most are:

  • Blockstack: 107254 transactions (28.4%)4
  • Open Assets: 68069 (18%)5
  • Monegraph: 51601 (13.7%)6
  • Factom: 34007 (9%)7
  • Coinspark: 25223 (6.7%)8

Two of the five are colored coin-specific projects and all five cumulatively account for about 76% of all OP_RETURN usage.

Any other numbers?

  • Looking at the previous charts from January, the ‘Bitcoin Distribution by Address at Block 400,000‘ looks roughly the same as the distribution at a block height of 390,000.
  • According to CoinATMRadar, the ‘number of Bitcoin ATMs installed by Bitcoin machine type’ increased from 536 at the beginning of January to 612 at the end of March. This comes to roughly 0.84 ATMs installed per day or a rate slightly higher than the past 2 years (it is on pace for 308.2 installations altogether this year compared with 275 per year for 2014 and 2015).
  • In terms of market prices, there were some relatively big swings in volatility (about $100 from peak to trough) in the first quarter due in part to the continued block size debate which still remains unresolved.9
  • And activity on both BitWage and Blockchain.info wallets looks roughly the same as they did in January.

Funding

Some venture funding bounced back from the dearth in Q4 2015.

According to the venture capital aggregation at CoinDesk there was $148 million of publicly announced rounds for both Bitcoin-related and Blockchain-related startups spread among 14 deals in Q1 2016.  Though two investments alone (DAH and Blockstream) accounted for more than two-thirds of that funding tranche.

However, the list is probably not complete as two investments into Kraken’s Japanese subsidiary were for undisclosed amounts (first from SBI in January and then by Money Partners Group in March).  Similarly, Ripple also received capital from SBI in January (for a reported 3 billion yen or ~$25 million).

In addition, last week, CB Insights (a venture tracking firm) held a webinar that covered the “Bitcoin / Blockchain” ecosystem (deck) (recording).

While providing a good general overview, I think it lacks a number of recent developments in the overall “Blockchain” capital markets world.10

For instance, Tradeblock recently launched Axoni (a private / permissioned blockchain) and Peernova isn’t really a “Blockchain” company now. 11 The webinar is a little outdated on the cryptocurrency side of things too.  For example, Mirror is completely out of the ecosystem altogether, 21inc is basically a software company at this point, Buttercoin is bankrupt and Blockscore shouldn’t be included in either bucket.

Any other charts?

Counterparty Transaction History

Source: Blockscan

I would be remiss to not include Counterparty, a platform has effectively plateaued (see image above) and has now been eclipsed by Ethereum based on multiple measurements including transaction growth (which actually may be eventually be gamed via “long chains” just like some Bitcoin transactions are).

What kind of other metrics are available?

Counterparty compared to Ethereum

Source: Coingecko

Ignoring the liquidity and market cap sections (basically all cryptocurrencies are illiquid and easily manipulable) there is a marked difference in terms of terms of social media engagement and interest between the two platforms.  For example, in terms of public interest, one measure that could be added to the Coingecko list is the amount of organized Meetup’s: Ethereum has roughly a hundred globally and Counterparty has about 10.

As an aside, I attended two Ethereum meetup’s last month: one hosted by Coinbase in San Francisco and another one hosted by IFTF in Palo Alto.  Both were well-attended with roughly 120 people showing up for the latter.

[Note: I do not own, control or hold any cryptocurrency nor do I have any trading position on them either.]

Why is no one actively publishing numbers?

It could be the case that some of the startups feel that any user / usage number is commercially important and therefore treat it like a trade secret.

Is there really less transparency in this market compared to other tech markets?

Maybe, maybe not.  What about public markets?

Last spring, Blizzard Entertainment announced it would no longer publish World of Warcraft subscription numbers.  This was done because of the continual decline in subscriptions (more than halving from its 12 million peak).  Similarly, last fall, Microsoft said it would no longer publish Xbox One unit sales and would instead share Xbox Live usership. ((Disclosure: I own an Xbox One))  At the time this move was seen as a way to downplay the growing gap in sales between Sony’s PS4 and the Xbox One.

zynga

Source: Statista / Zynga

An exception to this rule is Zynga — the mobile / social gaming company — which has seen continual drop offs in monthly active users for over three years, but still publishes numbers. 12

Back to the public blockchain sphere: why would 40+ companies that have closed a Series A or higher as a whole decide not to publish user / usage numbers in a market that claims to always be growing by leaps and bounds?

One of the problems appears to be that when you raise a lot of money, $50+ million for B2C applications your charts are expected to look a bit like other high-growth companies.

slack growth

Source: TechCrunch

For instance, above is a two-year chart displaying two types of users: daily active and paid for Slack.  With 3.5x daily user growth over the past year, Slack announced last week that it has closed its new round, raising $200 million at $3.8 billion post-money valuation.  About a third of its daily users which are paid users, a relatively high conversion rate.

Obviously social media commenters will point out that “cryptocurrencies” are not the same thing as communication tools, but the point remains that eventually the aspirations of investors will re-calibrate with the actual growth trajectories of a platform.  And as of right now, based on public data it is unclear where that traction is in the cryptocurrency world — perhaps it does exist somewhere but no one is publicly revealing those stats.

It bears mentioning, based on anecdotes there are several cryptocurrency-related startups that have gained relatively large customer bases in certain corridors focused on cross-border payments and remittances involving The Philippines.13 There are also several cash-flow positive companies in this space that have flown under the radar.  On the flipside, based on similar anecdotes, multi-level marketing scams like MMM Global also have seen continued traction.14

Conclusion

Where is the growth, where are the numbers?  Those are the two questions that continue to drive blog posts on this site.  Perhaps startups in the public blockchain ecosystem will be more forthcoming later this year as more capital is deployed.  We will try to revisit this topic once more information is publicly available.

It will also be interesting to see how many more cryptocurrency-related companies rebrand or pivot into the “private blockchain” sphere without actually changing how they interact with cryptocurrencies.  Thus, my older October post on the Great Pivot should be revisited at some point as well.  In addition, if “private blockchain” platforms are eventually flipped on into production mode, they may begin to yield usage numbers worth looking at in a year or so.

  1. For a concise explanation of “fast growth” in this context see the recent interview with Chamath Palihapitiya: Top V.C. on “Mostly Crap” Start-Ups, Mark Zuckerberg, and Early Facebook’s Grim Lunches by Vanity Fair. []
  2. And according to other data science companies I have spoken to in the recent past, several confirm this as well. []
  3. A notable exception was in December 2015 when BitPay provided a transaction chart to Forbes.  Additionally, BitGo has published numbers from time to time.  And while it hasn’t raised a Series A, Blockstack is also fairly open about its userbase. []
  4. Blockstack.org is not the same thing as Blockstack.io — two different groups. []
  5. Flavien Charlon, creator of Open Assets, also maintains Openchain. []
  6. Monegraph is a platform for managing digital artwork. []
  7. During its crowdsale last year, Factom sold about 4.4 million factoid (tokens) for 2,278 bitcoins. []
  8. CoinSciences, the team behind Coinspark, also has another product called MultiChain. []
  9. See: What is the blockchain hard fork “missile crisis?” and also Appendix B []
  10. One interesting stat they mentioned was in terms of ratios: in 2015 there was about $15 billion invested in “fintech” overall and about $450 million in the entire umbrella of “cryptocurrency / blockchain” ecosystem.  That amounts to about 3%. []
  11. Peernova has transitioned from being a Bitcoin mining company to creating “Blockchain-inspired” tools for other industries. []
  12. See Zynga quarterly earnings reports and Statista []
  13. This includes: Align Commerce, BitX and Coins.ph []
  14. This is based on actual data I have been shown. []
Send to Kindle

Watermarked tokens and pseudonymity on public blockchains

As mentioned a couple weeks ago I have published a new research paper entitled: “Watermarked tokens and pseudonymity on public blockchains

In a nutshell: despite recent efforts to modify public blockchains such as Bitcoin to secure off-chain registered assets via colored coins and metacoins, due how they are designed, public blockchains are unable to provide secure legal settlement finality of off-chain assets for regulated institutions trading in global financial markets.

The initial idea behind this topic started about 18 months ago with conversations from Robert Sams, Jonathan Levin and several others that culminated into an article.

The issue surrounding top-heaviness (as described in the original article) is of particular importance today as watermarked token platforms — if widely adopted — may create new systemic risks due to a distortion of block reorg / double-spending incentives.  And because of how increasingly popular watermarked projects have recently become it seemed useful to revisit the topic in depth.

What is the takeaway for organizations looking to use watermarked tokens?

The security specifications and transaction validation process on networks such as the Bitcoin blockchain, via proof-of-work, were devised to protect unknown and untrusted participants that trade and interact in a specific environment.

Banks and other institutions trading financial products do so with known and trusted entities and operate within the existing settlement framework of global financial markets, with highly complex and rigorous regulations and obligations.  This environment has different security assumptions, goals and tradeoffs that are in some cases opposite to the designs assumptions of public blockchains.

Due to their probabilistic nature, platforms built on top of public blockchains cannot provide definitive settlement finality of off-chain assets. By design they are not able to control products other than the endogenous cryptocurrencies they were designed to support.  There may be other types of solutions, such as newer shared ledger technology that could provide legal settlement finality, but that is a topic for another paper.

This is a very important issue that has been seemingly glossed over despite millions of VC funding into companies attempting to (re)leverage public blockchains.  Hopefully this paper will help spur additional research into the security of watermarking-related initiatives.

I would like to thank Christian Decker, at ETH Zurich, for providing helpful feedback — I believe he is the only academic to actually mention that there may be challenges related to colored coins in a peer-reviewed paper.  I would like to thank Ernie Teo, at SKBI, for creating the game theory model related to the hold-up problem.  I would like to thank Arthur Breitman and his wife Kathleen for providing clarity to this topic.  Many thanks to Ayoub Naciri, Antony Lewis, Vitalik Buterin, Mike Hearn, Ian Grigg and Dave Hudson for also taking the time to discuss some of the top-heavy challenges that watermarking creates.  Thanks to the attorneys that looked over portions of the paper including (but not limited to) Jacob Farber, Ryan Straus, Amor Sexton and Peter Jensen-Haxel; as well as additional legal advice from Juan Llanos and Jared Marx.  Lastly, many thanks for the team at R3 including Jo Lang, Todd McDonald, Raja Ramachandran and Richard Brown for providing constructive feedback.

Watermarked Tokens and Pseudonymity on Public Blockchains

Send to Kindle

Creative angles of attacking proof-of-work blockchains

[Note: the following views were originally included in a new paper but needed to be removed for space and flow considerations]

While most academic literature has thus far narrowly focused under the assumption that proof-of-work miners such as those used in Bitcoin will behave according to a “goodwill” expectation, as explored in this paper, there may be incentives that creative attackers could look to exploit.

Is there another way of framing this issue as it relates to watermarked tokens such as colored coins and metacoins?

Below are comments from several thought-leaders working within the industry.

According to John Light, co-founder of Bitseed:1

When it comes to cryptocurrency, as with any other situation, an attacker has to balance the cost of attacking the network with the benefit of doing so. If an attacker spends the minimum amount required to 51% attack bitcoin, say $500 million, then the attacker needs to either be able to short $500 million or more worth of BTC for the attack to be worth it, or needs to double spend $500 million or more worth of BTC and receive some irreversible benefit and not get caught (or not have consequences for getting caught), all while taking into consideration the loss of future revenues from mining honestly. When you bring meta-coins into the equation, things get even murkier; the cost is less dependent on the price of bitcoin or future mining revenues, and depends more on the asset being attacked, whether it’s a stock sale or company merger that’s being prevented, or USD tokens being double-spent.

There’s no easy answer, but based on the economics of the situation, and depending on the asset in question, it doesn’t seem wise to put more value on chain than the market cap of BTC itself (as a rough benchmark – probably not that exact number, but something close to it).

Not a single study has been publicly published looking at this disproportionalism yet it is regularly touted at conferences and social media as a realistic, secure, legal possibility.

According to Vitalik Buterin, creator of Ethereum:2

There are actually two important points here from an economics perspective. The first is that when you are securing $1 billion on value on a system with a cryptoeconomic security margin that is very small, that opens the door to a number of financial attacks:

  1. Short the underlying asset on another exchange, then break the system
  2. Short or long some asset at ultrahigh leverage, essentially making a coin-flip bet with a huge amount of money that it will go 0.1% in one direction before the other. If the bet pays off, great. If it does not pay off, double spend.
  3. Join in and take up 60%+ of the hashrate without anyone noticing. Then, front-run everyone. Suppose that person A sends an order “I am willing to buy one unit of X for at most $31”, and person B sends an order “I am willing to sell one unit of X for at least $30”. As a front-runner, you would create an order “I am willing to sell one unit of X for at least $30.999” and “I am willing to buy one unit of X for at most $30.001”, get each order matched with the corresponding order, and earn $0.998 risk-free profit. There are also of course more exotic attacks.

In fact, I could see miners even without any attacks taking place front-running as many markets as they can; the ability to do this may well change the equilibrium market price of mining to the point where the system will, quite ironically, be “secure” without needing to pay high transaction fees or have an expensive underlying currency.

The second is that assets on a chain are in “competition” with each other: network security is a public good, and if that public good is paid for by inflation of one currency (which in my opinion, in a single-currency-chain environment, is economically optimal) then the other currencies will gain market share; if the protocol tries to tax all currencies, then someone will create a funky meta-protocol that “evades taxes by definition”: think colored coins where all demurrage is ignored by definition of the colored coin protocol. Hence, we’ll see chains secured by the combination of transaction fee revenue and miner front running.

Unsolved economics question: would it be a good thing or a bad thing if markets could secure themselves against miner frontruns? May be good because it makes exchanges more efficient, or bad because it removes a source of revenue and reduces chain security.

Cryptoeconomics is a nascent academic field studying the confluence of economics, cryptography, game theory and finance.3

Piotr Piasecki, a software developer and independent analyst explained:4

If a malicious miner sees a big buy order coming into the market that would move the price significantly, they can engage in front running – the buy order could be pushed to the back of the queue or even left out until the next block, while the miner buys up all of the current stock and re-lists it at a higher price to turn a profit. Alternatively, when they see there is a high market pressure coming in, especially in systems that are inefficient by design, they can buy the orders up one by one by using their power to include any number of their own transactions into a block for free, and similarly re-list them for people to buy up.

Or in other words, because miners have the ability to order transactions in a block this creates an opportunity to front run. If publicly traded equities are tracked as a type of colored coin on a public blockchain, miners could order transaction in such a way as to put certain on-chain transactions, or trades in this case, to execute before others.

Robert Sams, co-founder of Clearmatics, previously looked at the bearer versus registered asset challenge:5

One of the arguments against the double-spend and 51% attacks is that it needs to incorporate the effect a successful attack would have on the exchange rate. As coloured coins represent claims to assets whose value will often have no connection to the exchange rate, it potentially strengthens the attack vector of focusing a double spend on some large-value colour. But then, I’ve always thought the whole double-spend thing could be reduced significantly if both legs of the exchange were represented on a single tx (buyer’s bitcoin and seller’s coloured coin).

The other issue concerns what colour really represents. The idea is that colour acts like a bearer asset, whoever possesses it owns it, just like bitcoin. But this raises the whole blacklisted coin question that you refer to in the paper. Is the issuer of colour (say, a company floating its equity on the blockchain) going to pay dividends to the holder of a coloured coin widely believed to have been acquired through a double-spend? With services like Coin Validation, you ruin fungibility of coins that way, so all coins need to be treated the same (easy to accomplish if, say, the zerocoin protocol were incorporated). But colour? The expectations are different here, I believe.

On a practical level, I just don’t see how pseudo-anonymous colour would ever represent anything more than fringe assets. A registry of real identities mapping to the public keys would need to be kept by someone. This is certainly the case if you ever wanted these assets to be recognised by current law.

But in a purely binary world where this is not the case, I would expect that colour issuers would “de-colour” coins it believed were acquired through double-spend, or maybe a single bitcoin-vs-colour tx would make that whole attack vector irrelevant anyway. In which case, we’re back to the question of what happens when the colour value of the blockchain greatly exceeds that of the bitcoin monetary base? Who knows, really depends on the details of the colour infrastructure. Could someone sell short the crypto equity market and launch a 51% attack? I guess, but then the attacker is left with a bunch of bitcoin whose value is…

The more interesting question for me is this: what happens to colour “ownership” when the network comes under 51% control? Without a registry mapping real identities to public keys, a pseudo-anonymous network of coloured assets on a network controlled by one guy is just junk, no longer represents anything (unless the 51% hasher is benevolent of course). Nobody can make a claim on the colour issuer’s assets. So perhaps this is the real attack vector: a bunch of issuers get together (say, they’re issuers of coloured coin bonds) to launch a 51% attack to extinguish their debts. If the value of that colour is much greater than cost of hashing 51% of the network, that attack vector seems to work.

On this point, Jonathan Levin, co-founder of Chainalysis previously explained that:6

We don’t know how much proof of work is enough for the existing system and building financially valuable layers on top does not contribute any economic incentives to secure the network further. These incentives are fixed in terms of Bitcoin – which may lead to an interesting result where people who are dependent on coloured coin implementations hoard bitcoins to attempt to and increase the price of Bitcoin and thus provide incentives to miners.

It should also be noted that the engineers and those promoting extensibility such as colored coins do not see the technology as being limited in this way. If all colored coins can represent is ‘fringe assets’ then the level of interest in them would be minimal.

Time will tell whether this is the case. Yet if Bob could decolor assets, in this scenario, an issuer of a colored coin has (inadvertently) granted itself the ability to delegitimize the bearer assets as easily as it created them. And arguably, decoloring does not offer Bob any added insurance that the coin has been fully redeemed, it is just an extra transaction at the end of the round trip to the issuer.

  1. Personal correspondence, August 10, 2015. Bitseed is a startup that builds plug-and-play full nodes for the Bitcoin network. []
  2. Personal correspondence, August 13, 2015. []
  3. See What is cryptoeconomics? and Formalizing Cryptoeconomics by Vlad Zamfir []
  4. Mining versus Consensus algorithms in Crypto 2.0 systems by Piotr Piasecki []
  5. As quoted in: Will colored coin extensibility throw a wrench into the automated information security costs of Bitcoin? by Tim Swanson; reused with permission. []
  6. This example originally comes from Will colored coin extensibility throw a wrench into the automated information security costs of Bitcoin? by Tim Swanson; reused with permission. []
Send to Kindle

Cryptoeconomics for beginners and experts alike

This past week Koinify and the Cryptocurrency Research Group (CCRG), a new academic organization, held a 3-day event — the first of its kind called Cryptoeconomicon, an interdisciplinary private event that included a cross section of developers, entrepreneurs, academics and a few investors.  It was purposefully scheduled to coincide with O’Reilly Media’s own “Bitcoin and the Blockchain” conference which took place in the middle of it.

I attended what amounted to four days of seminars, brainstorming and networking sessions.  Below are my summarized thoughts.  Note: these are my opinions alone and do not reflect those of other participants or the companies I work with.  You can view pictures/info of the event: #cryptoecon and @cryptoecon

Rather than going through each session, I will just highlight a few areas that stood out to me and include outside relevant content.

What is cryptoeconomics?

According to Vlad Zamfir, of the Ethereum project, cryptoeconomics as a field might be defined as:

A formal discipline that studies protocols that govern the production, distribution and consumption of goods and services in a decentralized digital economy.  Cryptoeconomics is a practical science that focuses on the design and characterization of these protocols.

Zamfir discussed this at length (slides) (video) and rather than going too in-depth with what he said I wanted to reiterate his main points he gave:

Cryptoeconomic security as information security

  • Mechanisms are really programs
  • They can distribute payoffs
  • The programs have a certain behaviour in the Nash equilibrium case
  • The NE has a cryptoeconomic security
  • We can be assured that a program will run a particular way

He also argues that “cryptoeconomics” should be see as more economics for cryptography rather than cryptography for economics:

  • Economic mechanisms can give guarantees that a program will run in a particular way that cryptography alone can’t provide.
  • Incentives are forward facing, cryptography is a function of already-existing information
  • How do we provide custom cryptoeconomic guarantees?

The last part in relation to his talk that really stuck out to me was on the final day.  In his view (slides) the technical term that should be applied is, “distributed cryptoeconomic consensus” which would assuage concerns from the academic “distributed consensus” community that uses different terminology.  Under this definition, this means:

  • A cryptoeconomic mechanism with the Nash equilibrium of assuring distributed byzantine fault tolerant consensus
  • We should be able to assert and prove the cryptoeconomic assurances of any consensus mechanism
  • Distributed consensus mechanisms can create a pure cryptoeconomy. Even the execution of the mechanisms is has a measurable assurance.

Most interesting comment of the event

I think the most apt comment from the economics discussion came from Steve Waldman, a software developer and trader over at Interfluidity on the first day of the event.

While there will likely be a recording posted on Youtube (video), in essence what he said was that in the blockchain space — and specifically the developers in the room — they are creating an enormous amount of supply without looking to see what the corresponding demand is.  That is to say, there is effectively a supply glut of “blockchain tech” in part because few people are asking whether or not this tech actually has any practical consumer demand.  Where are the on-the-ground consumer behavior surveys and reports?

Again, if Bitcoin (the overall concept) is viewed as an economy, country or even a startup, it is imperative that the first question is resolved: what is the market need?  Who are the intended consumers?  So far, despite lots of attention and interest, there has been very little adoption related to blockchains in general.  Perhaps this will change, maybe it is only a temporary mismatch.  Maybe it these are the chicken-egg equivalent to computing languages like Ruby or PHP and eventually supply somehow creates the demand?  Or maybe it suffers from the Kevin Costner platform trap (e.g,. if you build it, will they come?).

To illustrate this contrarian view:

why startups fail

Source: David Norris https://twitter.com/norrisnode/status/561262588466839553

Maybe there is no real market need for these first generation concepts?  Perhaps the network will run out of block rewards (cash incentives) to the miners before these blockchains can gain mainstream traction?  Maybe the current developers are not quite right for the job?

Or maybe, blockchains such as Bitcoin simply get outcompeted in the overall marketplace.  For instance, there are currently 1,586 Payment startups listed on AngelList and 106 P2P Money Transfer startups listed on AngelList.  Most of these will likely burn out of capital and cease to exist, but there are probably at least a dozen or so of each that will (and have) gained traction and are direct competitors to these first generation blockchains.

Perhaps this will change, but then again, maybe the market is more interested in what William Mougayar (who unfortunately was not part of the event) pointed out a few days ago.  Simply put, maybe there is more room to grow in the “Blockchain Neutral Smart Services” and “Non-Blockchain Consensus” quadrants:

Crypto_Tech

We cannot know for certain a priori what market participants will decide.  Perhaps Bitcoin is good enough to do everything its enthusiastic supporter claim it can.

Or maybe, as Patrick Collison, CEO of Stripe, wittily stated in Technology Review:

“Bitcoin is kind of a financial Rorschach test; everyone projects their desired monetary future onto it.”

Now, to be fair, Collison (who was not part of the event) has a horse in the race with Stellar.  Fortunately there was not much emphasis on token prices going to the moon at the Cryptoecon event.  When incentives did come up, it was largely related to how a consensus mechanism can be secure through a self-reinforcing Nash equilibrium.

Perhaps a future event could discuss what Meher Roy (who unfortunately was not in attendance either) adroitly summarized and modeled in relation to how actors are betting on crypto-finance platforms:

meher roy table

Source: https://medium.com/@Meher/a-model-to-makes-sense-of-beliefs-and-associated-crypto-finance-platforms-f761a7d782cb

Back to the show

There were a number of startups at the event, probably around a dozen or so.  In my view, the most concise overview was from Sergey Nazarov co-founder of SmartContract.  The interface was clean, the message was clear and “issuance” can be done today.  I’m not necessarily endorsing the stack he’s using, but I think he has clearly talked to end-users for ease of use feedback (note: be sure to consult a lawyer before using any ‘smart contracting’ system, perhaps they are not recognized as actual “contracts” in your jurisdiction).  Also, drones.

It would have been nice to see a little longer debate between StorJ, Maidsafe and Filecoin groups.  I think there was probably a little too much “it just works” handwaving but thought that Juan Binet-Betez from IPFS/Filecoin gave the most thorough blueprint of how his system worked (he also showed a small working demo).

It was not recorded but I think messaging for Augur (a variation of Truthcoin) was pretty poor.  Again, just my opinion but I was vocal about the particular use-case (gambling) proposed as it would simply bring more negative PR to a space smashed with bad PR.  The following day other members of the team discussed other uses including prediction markets for political events (similar to what Intrade did).  I am skeptical that in its current form it will become widely adopted because futures markets, like the CME, already do a relatively competitive job at providing this service for many industries and these decentralized markets could likely just attract marginal, illicit activities as has been the trend so far.  I could be wrong and perhaps they will flourish in emerging markets for those without access to the CME-like institutions.

Things that look less skeptical

  • There were about 10-12 people affiliated with Ethereum at the event, all of them were developers and none of them seemed to push their product as “the one chain to rule them all” (in fact, there was a healthy debate about proof-of-stake / proof-of-work within their contingent).  I’ve been fairly skeptical since last summer when their team looked gigantically bloated (too many cooks in the kitchen) but they seem to have since slimmed down, removing some of the pumpers and focusing on the core tech.  This is not to say they will succeed, but I am slightly less skeptical than I was 3-4 months ago.
  • I also had a chance to sit down with a couple members of the IBM ADEPT ‘Internet of Things’ team.  They held a ~3 hour workshop which was attended by around 20 people.  The session was led by Henning Diedrich (IBM), David Kravitz (IBM) and Patrick Deegan (Open Mustard Seed Project).  Again, even though I’ve paged through the ADEPT whitepaper, I was hesitant to believe that this was little more than marketing on the part of IBM.  But by the time the session was over, I was a little less skeptical.  Perhaps in the future, when more appliances and devices have secure proplets, they could use a method — such as a blockchain/cryptoledger — to securely bid/ask on resources like electricity.  B2B and machine-to-machine ideas were discussed and piggybacked on.  Obviously there are all sorts of funny and sad ways this could end but that is up for Michael Bay to visualize next year.
  • This also intersects with another good comment from Stefan Thomas (CTO of Ripple Labs).  In a nutshell, on a panel during the first day, he thinks there is some confusion and conflation of the terms “automation,” “decentralization,” “smart contracts” and “blockchains.”  That is to say, while blockchains are automated, that is not to mean that it is the only means to achieve automation.  Nor is decentralization necessary for automation to be achieved in every use-case.  Nor are smart contracts the only way to control automated devices.  When the video is posted I’ll be sure to link it (video).
  • Ethan Buchman, lead dev for Eris, was both witty and on top of his form, noting that in practice users don’t need a new browser every time they go to a new site, so they shouldn’t need a new client to view a different blockchain.  Let’s keep our eye on Decerver to see how this germinates.
  • Lastly, the two investors that attended the VC panel on Wednesday included Shahin Farshchi from Lux Capital and Pearl Chan of Omidyar Network.  What I liked about them is they weren’t pushing a certain binary viewpoint.  They were both upfront and honest: neither had invested in this space, not because they hated it, but because they were taking their time to see what opportunities actually fit within their mandate.  Perhaps they will at some point.  One joke that Farshchi mentioned was that back when cellular telephony was growing, “everyone and their mom” was selling base station equipment and chips.  Similarly there were over 300 companies creating thin film solar cells before bankruptcies and mergers.  So the type of euphoria we see in the Bitcoin-space is not necessarily unique.

Room for improvement

Perhaps if there is a next event it could include representatives from Blockstream, Bitfury and other Bitcoin-centered projects.  It would be nice to have some perspective from those deeply concerned about with maintaining secure consensus and the Blockstream team has some of the most experienced engineers in this space.  Hearing their views next to what Peter Todd (who attended and had some interesting calculations for the estimated costs to attack a network), could help developers build better tools.  Similarly, developers from Peernova, Square, Stripe, M-Pesa and Western Union would also likely be good resources to provide empirical feedback.

Additional clarity for what a decentralized autonomous organization (DAO) actually is and is not could be spelled out as well.  And how do these intersect with existing legal jurisprudence (can they? as Brett Scott might ask).   For anyone who has read “The Cookie Monster” by Vernor Vinge, both Matt Liston and Vitalik Buterin made some not-entirely-unreasonable points about machine-rights and whether or not machines should trust humans (e.g., humans expect bots to provide truthful information, but can the reverse be expected?  And what happens if a bot, like a DAO, is deemed too successful or broke a law in some jurisdiction — does it get “carted” away in a truck?).

Lastly, I think by the time there is another event, there will hopefully be more clarity for what a “smart contract” is.  One panel I moderated, I tried to get the participants to use the word “banana” instead because the term “banana” is overused and often conflated to mean many things it is legally not.  Primavera De Filippi from the Cryptolaw panel made some good comments too about whether or not “bananas” are actual legally binding contracts; she previously did a workshop with Aaron Wright (also in attendance) at the recent Distributed Networks and the Law event held at Harvard/MIT.  Steve Omohundro also spoke realistically about these scenarios on the final day, where does liability start and stop for developers of DAOs?

[Note: I would like to thank Kieren James-Lubin, Vitalik Buterin, Tom Ding, Sri Sriram for organizing the event, Robert Schwentker for acting as emcee/photographer, and CFLD and Omidyar Network for sponsoring the event including the delicious food.]

Send to Kindle

The Continued Existence of Altcoins, Appcoins and Commodity coins

Yesterday I gave a presentation at a Bitcoin Meetup held hosted by Plug and Play Tech Center in Sunnyvale.

I discussed the economic incentives for creating altcoins, appcoins, commodity coins and also covered several bitcoin 2.0 proposals.  The slides and video from the event are viewable below.  Download the deck for other references and citations.

Send to Kindle