This past week I gave a new presentation at the 2nd annual Soranomics event (last year I presented on a related topic: pegged coins aka “stablecoins”). It includes a number of illustrations to discuss product market fit and infrastructure market fit.
Below is a copy of the deck as well as the A/V. Note: there are citations and references in the speaker notes. Note: I am to publish a long-form version based on this content.
Send to KindleI’ve previously reviewed at least seven blockchain-specific books in the past number of years. No one has paid me to review them, although I have received a couple copies for free. Unfortunately more than half of the books have been pretty bad… both technically wrong and often very polemical.
Fortunately, a page turner appeared in my inbox about a month ago: “The Billionaire’s Folly” by Faisal Khan. I’ve already posted a couple of short comments on the bird app and an usual for me – do not have a lot more to add. Mostly because it lacked many errors. Sure, it had a couple of typos here and there and a couple of debatable points but overall it was well-written and informative.
It also didn’t try to stray far away from what it aimed to do: discuss Khan’s perspective working at ConsenSys, an Ethereum-focused company, during what turned out to be the heady days of the ICO era. So in some ways, it is closer to Nathaniel Popper’s Digital Gold (which was equally well-written) than most of the other b-word books.
I didn’t mention this in the thread above but a number of anecdotes that Khan shares in the book were either relayed to myself (often through co-workers) or by actually witnessing it first hand. So it is interesting to see some of them independently confirmed.
One that did not (because Khan had yet to join the company) but definitely could have fit right in, involved an event held in the spring of 2016 near Seattle. About 60ish employees of this Fortune 100 tech company hosted a day-long powwow about “blockchains” and only three external companies were allowed to send representatives:
After presentations were given, the floor was opened for questions and a senior architect in the back questioned the urgency and immediacy that one of the promoters had claimed. And during the ensuing war-of-words, a partner at the consulting firm literally stood on the table at this closed-room event, crooning to everyone that “blockchain was the biggest thing in his career and that it would dramatically impact this tech company.” One of Khan’s future colleagues from the table over made eye contact with me and we just shook our heads. Although in retrospect, he was probably shaking his head for very different reasons than I was. I’m ngmi, right?
Either way, Khan has oodles of stories packed into a book that isn’t polemical. Check it out.
Send to Kindle[Note: Below is a guest post discussing a “real world asset” (RWA) tokenization use case that has been proposed and re-proposed for about a decade (first with Colored Coins and Counterparty). Among other articles, the author previously co-authored another thoughtful piece A Quick History of Cryptocurrenices BBTC — Before Bitcoin. Reprinted with permission; and the views are those of the authors alone.]
By Ken Griffith
Since the appearance of Bitcoin in 2008 numerous people have had the idea of issuing gold tokens on a blockchain, or using a blockchain to support a digital gold currency system. This short essay will look at some of the attempts to do this and suggest the reasons why this has not worked, and is unlikely to ever work.
In 2015 Roy Sebag borrowed a phrase from Satoshi and created a company called “Bitgold” which performed a reverse IPO on a Canadian stock exchange. Sebag raised several hundred million dollars to “put gold on the blockchain.” However, instead of creating Bitgold, he proposed a buyout to James Turk at GoldMoney.com. After buying out goldmoney.com, Sebag simply invested the funds into expanding that business which had been founded in 2001. Goldmoney has a ledger, but it does not use blockchain at all.
In the intervening years a dozen or more different gold tokens have been created on Ethereum and other platforms. Of these, many turned out to be scams, and one or two of them were legitimately backed by actual gold. However, none of these have gained any traction in the marketplace.
To understand why gold and blockchain do not mix we need to look at the history of digital gold and cryptocurrencies. E-gold was the first Internet money in 1996, 12 years before the Bitcoin whitepaper was published. By 2001 e-gold had one million users worldwide, and had an annual transaction volume of about US $2 billion per year worth of gold. By 2005 there were six such digital gold issuers. However, the US Treasury began a campaign of prosecuting the digital gold companies using the USA Patriot Act from 2006 to 2009, in which the four USA based issuers were indicted, their gold reserves seized, and officers indicted.
Goldmoney.com was the only digital gold issuer to survive the purge because they were fully licensed in Jersey, UK. However, they never allowed an independent network of exchange agents to provide exchange services to their users. So Goldmoney.com never became a popular means of payment. Goldmoney was primarily used by institutional investors to hold large amounts of physical gold.
The primary obstacle to developing a gold payments network is government regulations in various countries.
Blockchain tokens such as Bitcoin have the advantage of being decentralized with no person or company as the issuer. They are resistant to government regulation and control because there is no central server that can be seized or turned off. There is no person who can be arrested to stop the Bitcoin network from continuing to process transactions. The network continues to operate so long as the people operating servers with this software continue to operate them and keep the same rules.
When you create a gold-backed token you violate the basic social reason that has allowed blockchains to ignore government regulations. An asset-backed token is a promise by some person or company to deliver some asset in exchange for the token. That is implicitly a contract between the issuer and the holders of the token. The token may live on a blockchain, but the person who issues the contract lives in the real world. The physical assets used to back the token also exist in the real world. A government can arrest a person or a company and confiscate the physical assets.
Once a token is issued on a permissionless blockchain it is impossible for the issuer to control who gains access to that token. It can be transferred to someone in a country where such tokens are illegal or otherwise regulated.
We saw this in the case of EOS, which raised $4 billion in a year-long token sale from 2017 to 2018. The terms of the sale expressly forbade US Citizens from buying the tokens. The sale contract required the buyer to swear that they were not a US Citizen or resident of the United States. The website blocked US IP-addresses so the token sale could not even be seen by web browsers in the United States.
Two years after the token sale was complete, the SEC began an investigation, and a class action lawsuit was filed against EOS for selling tokens to US citizens. This means that some US citizens made a false statement under oath to buy those EOS tokens, and then handed that evidence to US law enforcement agencies. Because the company had raised $4 billion, the large pile of money was very attractive to US law enforcement agencies. EOS ended up settling with the SEC for 24 million dollars.
The value of the assets is the critical factor in determining which companies are prosecuted and which ones are ignored.
We conclude that any tangible asset digitized on a blockchain is vulnerable to lawsuits and criminal prosecutions from countries that regulate or otherwise make such payments illegal.
Law enforcement agencies do not immediately prosecute every company who issues such a token. They bide their time and wait until they see a large pile of value that is vulnerable to prosecution. Only then, do they begin an investigation and prosecution in order to seize those assets using asset forfeiture laws.
An Internet ecosystem which allows persons to issue real-world financial contracts for various assets would require a contract-based ledger such as one based on Ricardian Contracts.
Rather than creating one company, such as Goldmoney.com, that offers gold accounts to citizens of many countries, it is better to create a network of lawful institutions in different countries that only offer asset accounts to residents of that country. Thus, each institution need only concern itself with the laws of one nation, rather than the laws of all nations.
A clearing mechanism will allow payments to clear between different institutions in different countries. This short video explains the concept of a clearinghouse in two minutes:
It is better to have many small issuers of gold or other assets than one large centralized issuer. Each of the small issuers should have a license for a money service business in their jurisdiction.
Since corruption is part of human nature, and will always be a problem, it makes more sense to build a system that anticipates the cost-benefit factors that drive corruption. Even law enforcement agencies have a cost to seize financial assets. They have to bring a case in court, which costs money.
Many small piles of gold are much more expensive for a government to seize than one large pile of gold. If there are many issuers, then a government would have to indict each issuer with a separate court case in a separate jurisdiction. This is too expensive and inefficient. Ideally, you would want issuers to hold the amount of gold roughly equal or less in value than the cost of prosecution. So, for example, a typical prosecution of such a company would cost $1 to $5 million USD.
In traditional banking, bank ledgers were protected by financial privacy laws. Unfortunately, the twentieth century saw the steady weaponization of banks against their customers by the State. However, banking privacy worked effectively for centuries. The best long term solution is for states to reform their banking laws to restore and protect financial freedom and privacy.
We find that permissionless blockchains are not environments that are ever likely to work for contract-based financial transactions. They have no native means to record consent to a contract, nor to restrict access to a token to those who have consented to a contract.
By contrast, a Ricardian Contract based ledger would be ideally suited to enable an online financial ecosystem with securities and asset-backed tokens operating within the law. Ricardian Contracts were invented a decade before Bitcoin. Yet, there has been very little community interest in building Ricardian Contract based systems. The reason for this appears to be ideological.
The ideological spectrum of cryptocurrency users leans heavily towards anarchy. Even classical libertarians believe in the necessity of courts of law to enforce contracts. Yet, the majority of cryptocurrency fans seem to reject even the idea of courts of law, as seen in their reaction to the CSW defamation case. Without courts of law, contracts are unenforceable.
The idea that computer code can be a replacement for law and courts is popular but fatally flawed. It is extremely difficult to write and maintain error-free software. It is fine to say that the code is the law, until an error in the code allows an outcome that was not intended. Human courts of law are the ultimate error processing routine. This is unavoidable, and therefore should be embraced in the design of any financial ecosystem.
The dream of creating online financial ecosystems that live on the blockchain, free from courts of law is doomed to perpetual anarchy. Financial institutions, by definition, hold assets in trust for their account holders. Such relationships require contracts and courts of law to enforce. Without contracts and courts of law, all that can be expected is a wild west of online fraud. The long string of failed cryptocurrency exchanges and other projects testifies to the truth of that assertion.
Send to Kindle[Note: this is a non-exhaustive post on a trending topic. For a more in-depth view, be sure to read OFAC Sanctions & Ethereum PoS – Some Technical Nuances from BitMEX Research and The Case for Social Slashing by Eric Wall]
Last week I was interviewed in a Twitter Spaces hosted by Taariq Lewis at Paloma. The other guest was Ameen Soleimani, co-founder of Reflexer Labs, which created Rai (an unpegged, stabilized asset on Ethereum).
The primary topic of the conversation started with “stablecoins” in relationship to OFAC. OFAC is a governmental organization that we have discussed in some previous posts.
What is OFAC?
The Office of Foreign Assets Control (“OFAC”) of the US Department of the Treasury administers and enforces economic and trade sanctions based on US foreign policy and national security goals against targeted foreign countries and regimes, terrorists, international narcotics traffickers, those engaged in activities related to the proliferation of weapons of mass destruction, and other threats to the national security, foreign policy or economy of the United States.
Why is OFAC is in the news and why have we written about it before?1
OFAC has previously sanctioned cryptocurrency-related assets and addresses before, most notably, starting with proceeds of ransomware operated by several Iranian nationals.
OFAC maintains and updates a list of SDNs, or Specially Designated Nationals and Blocked Persons. Nearly four years ago, they added several Bitcoin addresses, not just human beings.2
Over the past four years, other cryptocurrency addresses have been added to the list. The Block recently put together an easy-to-read guide chronicling these actions.
So what is the big deal this time? After all, we have written about this potential scenario several times in the past including in mid-2015, dubbing one gated flavor “permissioned-on-permissionless” — it is a weird hydra that combines the worst of both worlds (e.g. no legal recourse).
Two weeks ago, OFAC went beyond sanctioning specific addresses and sanctioned a smart contract called Tornado Cash. What is Tornado Cash?
Recall that by default, all activity on public chains (and private chains) is unshielded. While there are several zero-knowledge-based proposals in the works, on-chain privacy only exists through mixing or tumbling coins together. In contrast, centralized applications (and intermediaries) such as Venmo, users can often shield their activity from 3rd parties.
Tornado Cash is a free, open-source protocol that was implemented first on Ethereum. The implementation that was sanctioned, could in theory, be deployed to virtually every EVM-compatible chain, public or private.
Yes, code was sanctioned which is arguably beyond the scope of what OFAC was intended to monitor and police.
Administrators of centrally issued pegged coins went different directions. The operators of USDC quickly blacklisted the ~$750,000 in USDC held by addresses linked to the 45 address OFAC had sanctioned.3 In contrast, Tether LTD announced it would only do so if explicitly requested by U.S. authorities.
But Gerard’s take is bad because the sanctions go beyond hitting SDNs (humans) to instead contracts and code, creating a chilling effect downstream by creating sanctions exposure for innocent people.4
For example, within 24 hours: the public repository for Tornado Cash was removed by Microsoft (owners of Github) and several developers who had contributed to the Tornado Cash, had their github accounts shut down. Infrastructure providers such as Alchemy and Infura blocked access to Tornado Cash. The Tornado Cash Discord server also was shut down.5
While the protocol still exists on Ethereum, activity on it has dwindled and some miners have stopped including TC-related transactions.
At least one other example of the unintended consequence of sanctioning code is the direct impact on researchers at both for-profit and non-profit organizations. For instance, if Matthew, a cryptographer, conjures up some code to help users retain privacy while transacting on-chain, yet does not implement or deploy the code — and someone else does — is Matthew now a target for sanctioning? This actually isn’t a hypothetical because Matthew Green, a tenured cryptographer at Johns Hopkins just did that yesterday.6
Are the people who develop the libraries that Matthew used also a viable target? Anti-coiner responses, such as Gerard’s 1,500 word post, do not delve into these real downstream effects.
What is another reason Gerard’s take is bad?
Because Bitcoin miners, and other cryptocurrency infrastructure operators, have included transactions from sanctioned addresses into blocks for about four years. While it may be a matter of “national security,” it is not consistent. For instance, in spring 2021, Marathon Digital – a U.S. based mining operator – announced that it would provide “OFAC-compliant” bitcoin mining. A month later it reversed this policy amid angst from Bitcoiners. Thus the question that Gerard and others who danced on Tornado Cash’s grave must ask: what about consistency?7
And Tim, what are your bonafides on this matter?
Above is a (mostly) one-way interaction between a coin lobbyist from Coin Center in 2015. What was Peter complaining about then and what does it have to do with OFAC’s recent actions?
The paper in question is “Watermarked tokens and pseudonymity on public blockchains.” Rather than re-litigating it, let’s pull out two small nuggets:
(1) A compendium: Integrating, Mining and Attacking: Analyzing the Colored Coin “Game” by Ernie Teo.8
This was a strawman cited throughout the paper that describes what later evolved into miner extractable value (MEV). MEV is a friendly acronym that describes what a number of lobbyists – and their think tank supporters – used to claim never would happen: proof-of-work miners (and other participants adjacent a miner) using discretion to (re)order transactions in a block. For more on MEV, highly recommend listening to episode 455 from Epicenter.
According to the Flashbots project, about $673 million in profits has been extracted by MEV over the past two-and-a-half years.
Okay, so at least in mid-2022 no one is arguing that MEV is non-existent nor are proof-of-work miners necessarily neutral parties (see Ethermine and Marathon Digital above).9.
So what was the other nugget?
(2) The story about Symbiont using Bitcoin (which they would later reverse):
Scrolling back through the 2015 archives is a blast from the past. “Enterprise blockchain” startups such as Chain, Digital Asset, and Symbiont first attempted to tokenize real-world assets (RWA) and embed them into the Bitcoin blockchain. Yet early on in each of their approaches, they were told by regulators that this probably would not fly due to sanctions. Don’t shoot the messenger!
What does that mean in the 2015-era? Recall that at the time, (incumbent) regulated financial institutions (typically banks) were already hesitant at doing something blockchain-related because of the negative connection with Mt. Gox and Silk Road. Adding sanctions screening to the list was a doozy.
What did sanctions actually have to do with tokenizing RWAs and Bitcoin mining?
At the time, the scenario was pretty straightforward: if tokenized interest rates swaps (IRS) or tokenized syndicated loans were mined by a pool based in a sanctioned country, such as North Korea or Iran, knowingly paying a transaction fee to that pool would likely be falling afoul of some sanction. So rather than having to deal with that headache (among others, such as, what happens to stolen tokenized assets on a public chain), regulated financial institutions punted on that and headed down into the sterilized world of permissioned chains, where every counterparty was known and screened ahead of time.
Obviously that does not mean sanctions violations do not occur — in aggregate the largest money laundering and violation of anti-money laundering laws still occur through banks — but the justification at the time was that block producers for permissioned chains would not be operating out of a sanctioned country. Yet as I mentioned on the Twitter Spaces interview: this approach kills composability. Why? Because all contracts would have to be whitelisted which is one of the reasons why the bulk of “enterprise blockchain” projects pivoted or shut down. But again, a topic for another day.
Concluding remarks
This post could continue on, discussing hypothetical scenarios in which U.S. based intermediaries involved in staking – such as centralized exchanges – are required by OFAC (or other regulatory / enforcement bodies) to censor sanctioned transactions. But there are already a lot of good twitter threads on that. Especially from Gabriel Shapiro.
Instead I think the most concise argument opposed to sanctioning contracts and code is from an attorney, Nelson Rosario:
We could have ended this post by discussing the 2013 guidance from FinCEN regarding administrators and how miners were not included. And how FinCEN / OFAC have had inconsistent enforcement toward North Korean – and other “bad” state actors – when it comes to mining. For instance, hardware manufacturers such as Bitmain sell equipment (first and second hand) to parties that commercially interact with miners in sanctioned countries.10 Or U.S. based miners and pools process Bitcoin transactions that involve proceeds of malware.11
But that would detract from Rosario’s excellent point about code. Code in public repositories. Code implemented by independent 3rd parties. The sanctioned Tornado Cash contract should highlight the need for privacy-by-default, not as a bolt-on afterwards.
And who better to describe this mantra than the coiner of Fedcoin, J.P. Koning:
You do not have to like blockchains or be an industry lobbyist at all to see the core issues at hand — on privacy — are reminiscent to the legal fights over PGP nearly three decades ago. To galvanize hoi polloi, worth listening to the reflections from Phil Zimmermann, who spearheaded the fight (and defense) of code during that time.
End notes
Send to KindleI have found a blockchain-related book that did not have me completely shaking my fist in the air. For background, I have reviewed six other blockchain-focused books, most of which were pretty bad and/or filled with inaccuracies (the exception thus far was Digital Gold).
In contrast, The Cryptopians by Laura Shin was a breezy read and one that – from a technical perspective – I feel comfortable recommending to both geeky and non-geeky audiences trying to understand some of the people that created the Ethereum ecosystem (as well as a few other blockchains).
For instance, I enjoyed the steady dripping of GRE words like pastiche and bucolic which were carefully placed throughout each chapter alongside detailed (physical) descriptions of venues and individuals. I look forward to seeing it turned into a mini-series (Luka Dončić will obviously play Vitalik).
In terms of “inside baseball,” while I have bumped into and interacted with many of the people mentioned, I don’t know enough to comment on several figures discussed so the review below is largely about other portions of the book.
With that said, there were a few areas that I had quibbles with. For instance, I probably would’ve highlighted how much aggregate fraud took place during the 2017-2018 ICO boom (e.g., why Chinese governmental authorities kicked out exchanges, etc.). But that likely would have distracted the main story around how Ethereum evolved as infrastructure.
And before I’m labeled a rose-tinted glasses fanboy, worth pointing out that when I first interacted with Shin years ago, we didn’t agree on a number of things. Rather than dwell on those past differences, I think it is a credit to her reporting that she provided nuances in the story (such as the early days of Hyperledger project and Enterprise Ethereum Alliance) that pundits who are new to this space are unaware of or put no effort in understanding. Calling everything a scam is the laziest form of concern trolling and fortunately readers have a list of citations to peruse instead of relying on innuendo from flash-in-the-pan Twitter personalities.
Note: all transcription errors are my own. See my other book reviews on this topic. Spoiler Alert: there are a bunch of spoilers below!
Preface
Before we begin, worth pointing out that the book covers a roughly four year timespan (January 2014-January 2018) and was published in February 2022. The preface included a helpful backdrop of what was occurring in the financial services area during this time frame. One paragraph stuck out, stating on p.3:
Soon financial institutions as powerful as JPMorgan Chase, Nasdaq, Visa, HSBC, State Street, UBS, Santander, and many others worldwide began exploring the technology. In late 2015, “Blockchain, not bitcoin” became the mantra on Wall Street, and from January 2014 into February 2017, more than fifty financial services firms invested in the space.1
To be pedantic, the very first person I am aware of that said “Blockchain, not bitcoin” is a VC named Adam Draper, who opportunistically pivoted the messaging from his portfolio companies in late 2015:
I attempted to chronicle some of these wordsmith shenanigans in October 2015.
Is it important in the scheme of things?
Maybe not. But I think it is worth re-highlighting this fairweather etymology. For instance, contemporaneously some anti-coiners actively attempt to memoryhole the slur that is “no-coiner” to play identity politics; e.g., People who purposefully do not own snow skis are not labeled as “no-skier” or someone who doesn’t own an airplane, a “no-planer” or someone who doesn’t own a computer a “no-computerer.” One of the reasons some anti-coiners do not call themselves anti-coiners is because they likely do not understand the etymology of “no-coiner” and how it is a grammatic corpse.
But that’s a different story, although germane for 2022.
Chapter 1
Chapter 1 provides readers with a short biography about Vitalik Buterin, including his early childhood (I was unaware of his prowess with Excel!).
I made a pedantic scribble on p. 12:
Shutting down Bitcoin would require tracking down and switching off the devices of every single person running the software — and that would require the coordinated action of every government in the world. But even shutting off all existing computer on the network wouldn’t stop anyone else from spinning up the Bitcoin software.
This is accurate at a high level. Pedantically however, in mid-2022 a well-resourced attacker (such cooperating governments) has a bit simpler task: (1) shut down large mining farms which ultimately slows down block production (e.g., the difficulty overhang would likely require a hard fork); (2) shut down or compromise just three ISPs or BRN/FIBRE — a protocol that propagates blocks directly between mining pools; (3) shut down or severely curtail liquidity providers (e.g., require large CEXs such as Coinbase to delist Bitcoin).
Again, we could argue (and Bitcoiners love to argue!) about the likelihood of either occurring but in my view a better illustration of geopolitical resiliency would be proof-of-stake (P-o-S) networks such as Avalanche, Polkadot, or Cosmos which do not rely on easily-identifiable points of failure (e.g., large mining farms) and are therefore mostly immune to scenario 1 (although clearly dependence on centralized cloud providers for any of these can be a weakness).
With that said, going down this rabbit trail clearly would have been confusing to the average reader so it is understandable why this hypothetical wargamming was not included.
Pages 15-17 provided some interesting background on how Bitcoin Magazine came into being (although maybe a missed opportunity to describe how it ultimately turned into a mother-son Bitcoin maximalist operation!).
On page 16, the author identified some good foresight:
Back home in Toronto after his globe-trotting, Vitalik was coding up a client using the language Python for Ethereum, while Gavin and Jeffrey worked on the C++ and Go clients, respectively. (Vitalik wanted Ethereum to work on different software clients so that a bug in one wouldn’t take the whole blockchain down; the entities on the network could run another one while the buggy one was fixed.)
This is an important paragraph and I am glad that Shin mentioned this so early on.
Why is implementation pluralism a good thing? Because as she described, it provides resiliency in the event something catastrophic or existential occurs (such as a bug that knocked 13% of Ethereum validators offline two years ago). Most blockchains, even a few years after launch, still are dependent on a single codebase maintained by a single team. Apart from resiliency (e.g,. a different implementation surviving a bug that knocks other implementations offline), this could lead to some perverse scenarios such as with Bitcoin wherein de facto gatekeepers ossifying around the BIP process (e.g., a priori anti-bigger blocks).
Today, there are at least four different “Eth 2” client implementations that are undergoing stress tests for the upcoming “merge.” Up through the spring, Prysm has been the most popular implementation and is actively attempting to reduce its marketshare by acknowledging that a network is more resilient with more active implementations.
Chapter 2
On a personal level Chapter 2 is interesting because during the time frame it takes place (January 20, 2014 to June 3, 2014) I was also writing a short book and had a chance to interview a few of the people mentioned. I witnessed odd behavior at least once: I had a Skype call with a couple members of the original Ethereum team. During the call, one person pointed a video camera (with its bright light) right back at me and video tapped it. I don’t recall the names but according to Shin, at least one person in that group was actively recording things which kind of seems off (or maybe I’m not sentimental enough!). I also thought Charles Hoskinson (who I separately interviewed) used phrases and words intimating as if he was a middle aged mathematics guru. And only learned he wasn’t through the book.2
Shin does a good job throughout the book articulating what the inner monologue was, what key people were thinking at the time. On p. 31 she writes about Gavin Wood who was brought on as the first developer and learns that the organization isn’t fully formed. Stating, “Why are they discussing this? If Ethereum hasn’t been founded yet, then damnit, I want to be a founder!”
This is followed-up with supporting details two pages later, “Later, Gavin would feel shafted as a lower-tier founder when he says he eventually found out that Charles had gotten into the Skype group only a day before he had.”
Another interesting detail on p. 36, “From Christmas to mid-February, for their respective Ethereum clients, Gavin and Jeff wrote more than seventy thousand lines of code.3 (Eventually, Vitalik’s Python client would mostly be used for research.)
On p. 40 the author pointed out how Charles had told at least one person in the team (Mihai) that he was Satoshi.
But as Shin notes,
The real Satoshi could easily prove his/her/their identity by moving a coin in the first block of the Bitcoin blockchain. There was no need for all of Charles’s hocus-pocus. Ultimately, most of the Zug group decided Charles was not Satoshi.
Pedantically the first sentence is both true and false. The real Satoshi could prove their identity by moving coins in the first block mined on January 9th, but not by moving coins in the actual Genesis block (from January 3rd). Why not? Because the Genesis block was hardcoded into the chain, the coins cannot be spent. Shin’s statement is a good barometer for filtering out wanna-be Satoshi’s, such as Craig Wright.
I’m also glad that Shin referenced Gavin Wood’s original essay on “Web 3” which was published in April 2014. You don’t have to agree with it, but unlike many of the VCs who promote “Web 3” or the anti-coiners who permahate on it, Wood provides some specific characteristics defining it. Is that too much to ask letter campaigns today?
Chapter 2 also goes into some details about the “holons” which I always thought was kind of bananas. Stating, “The Romanian Mihai, the Bitcoin Magazine founder who had lived in anarchist squats, enjoyed drinking, and was sociable, spontaneous, and creative, wanted Ethereum to comprise a series of live-work holons.”
The book goes into some depth about the drama these live-work locations, eventually they were dropped from official sponsorship and funding.
Page 48 mentions people, such as Vitalik, possible being “on the spectrum of Autism” and I seem to recall finger pointing at various events of who is and isn’t “on the spectrum.” Hopefully these antics will retire, there’s no room for the rudeness in polite society.
Chapter 2 closes with some nice imagery:
Vitalik walked out onto the front deck, the larger of the two on the top floor. It was drizzling outside. Beneath his feet were perfectly straight, cherry-stained wooden slats, and off to the side, a black barbecue grill, four black planters with bushes, and a yellow flower pinwheel.
Shin does a good job placing these details throughout the book, helping the reader imagine the scene.
Chapter 3
This is also an interesting chapter in terms of how certain events moved by quickly. For instance, with the crowdsale, on p. 71:
Stiftung Ethereum was finally established on July 9. By Friday July 18, the Ethereum crew had Pryor Cashman’s draft opinion letter. On Monday, July 21, they received it signed. On Tuesday, July 22, at midnight Central European Summer Time, they launched the crowdsale.
On p. 73 it is kind of funny to see some Bitcoin maximalists enter the chat:
Meanwhile, many Bitcoiners claimed “alt-coins” like Ethereum were unnecessary. For instance, a March blog post titled “The coming Demise of the Altcoins (and What You Can Do to Hasten It)” sad, “When people say, ‘But Ethereum can do smart contracts!’ this is actually false… Ethereum will therefore soon be forgotten like the rest once it inevitably fails to deliver on its promise.”
Coincidentally a few months ago I highlighted that same article and how the author ended up kicked out of the little institute he co-created, later joining the Bitcoin SV circus. Without endorsing Ethereum itself, it is empirically clear that it has not been forgotten and has delivered more than most publicly funded blockchain projects. This still doesn’t sit well with vocal maximalists (and anti-coiners).
On p. 84 the author mentions cold storage devices that stored the Ethereum Foundation’s bitcoin and specifically mentioned Michael Perklin.4 The one related anecdote I have about him: I spoke at Devcon 2 which took place from September 17-19 in 2016 in Shanghai. This is about a month after Bitfinex was hacked for around 119,000 bitcoin.
Just a total coincidence but when I got on the maglev, Perklin and I ended up sitting next to one another. Recognizing him, I started peppering him with questions about Bitfinex, who he was helping provide a security audit (he was mentioned in an official blog post on it). If I recall, my argument was that in traditional financial markets, an exchange operator that had suffered a similarly huge loss would have been closed down by regulators, least of all not been allowed to socialize losses and issue a couple of IOUs. Long story short, we disagreed on some fundamental issues and went our separate ways.
Chapter 3 concludes with the formal launch of Ethereum mainnet and the hiring of Ming Chan.
Chapter 4 & 5
Chapters 4 & 5 had lots of interesting anecdotes and drama I was unaware of. Geeky readers may be asking, “what’s with the big deal gossip?” In my view, I find it impressive that anything was built and delivered with the type of work dynamics described, e.g., it’s hard to imagine operating in an environment with a senior leader having loud outbursts throughout every conversation.
Chapter 4 ends with the termination of Gavin from the foundation and Chapter 5 concludes with The DAO being drained. A number of ICOs were mentioned, such as Lisk and DigixDAO. Where are they today? Lisk still exists, maintaining an SDK for developers. Digix suspended its operations five months ago, and is reviewing its license requirements in Singapore. A companion book could probably have been written to discuss (and scrutinize!) the types of ICOs and tokens that were created between the collapse of The DAO and early 2018, more on this later.
Chapter 6 & 7
Chapter 6 was quite the page turner. Even though I was actively providing analysis at that time, it’s always interesting to read a cohesive blow-by-blow, with comments from the key developers and stake holders (the timeline at the end is great!). The fact that Phil Potter had such a dismissive view about Ethereum (calling it a “shit coin” a couple of times, including p. 182), isn’t a huge surprise considering his previous antics of “cat and mouse” bank accounts.5
For instance, I had no idea the role Andrey Ternovskiy, the creator of Chatroulette, had in increasing the drama-per-second following The DAO hack, leading up to the hard fork (he pretended to be the original DAO hacker and tried to social engineer some outcomes).
An interesting technical point from an excellent Chapter 7 (especially the sleepless nights for the Robin Hood Group), on p. 166:
The hard fork was indeed less complicated, especially compared to a similar process on Bitcoin. Because Bitcoin was “a peer-to-peer electronic cash system,” as Satoshi Nakamoto described it in the Bitcoin white paper, it had a chain of custody that could be followed all the way from the creation of a bitcoin to the one (or fraction of one) that someone owned. It made possible the digital equivalent of being able to trace a dollar bill from the time it gets minted to the time it gets used to tip a cab driver, who then uses it to buy flowers from a florist, who then pays bus fare with it. In order to unwind something like the DAO on Bitcoin, to undo the cabbie’s tip, one would also have to rescind the bus ticket and return the flowers.
Bitcoin uses the UTXO model and Ethereum uses an accounts model, in principal, the forking process could work the same way if planned ahead of time. For example, while the flow of funds (payments) between users and merchants were not reversed when Ethereum split into ETH and Ethereum Classic, but with forks like Bitcoin Cash, if a blob of UTXO had ever been used, it really cannot be precisely excised and grafted onto the new fork without having to fully unwind the butterfly effect (see the 2013 accidental hardfork of Bitcoin for the winners-and-losers).
The brief discussion of Bitcoin maximalism on p. 181 as well as the quote from Aaron van Wirdum (a vocal Bitcoin maximalist at Bitcoin Magazine) reminded me of a tweet I posted just after the hardfork:
What’s the context of this dumpster fire? Recall that beginning in summer 2015, the Bitcoin “community” was undergoing a (negatively) transformative event: the Bitcoin civil war. At the heart was whether or not to hard fork and increase the block size. Several proposals, such as Bitcoin XT had been drafted up and a vocal wing, primarily composed of Blockstream-affiliated developers and organizations were opposed to any hard fork, let alone one that increased the block size (hence the “block size debate“).
This same group of antagonists regularly claimed that hard forks were unsafe and would lead to disaster, disarray, and the collapse of the entire ecosystem. Seriously, that’s how overdramatic some of these “small blocker” developers came across. Look up reddit and listserve discussions at the time, it was crazy talk.
Suffice to say, you don’t have to have an opinion over whether or not a hard fork should or should not have taken place on Ethereum to simultaneously observe that it did not lead to the collapse of the entire ecosystem. Hence, the egg-on-face, dumpster fire gif above. A number of other major L1s have successfully coordinated hard forks, multiple forks in fact, without leading to total pandemonium.
On p. 188-190, the author discusses the origins behind what is now called Ethereum Classic (ETC) as a separately traded coin. One personal anecdote: I distinctly recall the head of trading at a large U.S.-based exchange reaching out to me during this time period (July 2016) asking if I knew of any Ethereum holders who might be interested in selling their ETC. Worth pointing out, this was before it was listed on Poloniex. So the story of the various parties working in the background to get ETC off the ground probably could be expanded if a second edition is ever written (not that it needs a second edition!).
On p. 189, the author found a maximalist:
On the day of the fork, Bitcoin Magazine, Vitalik’s old publication, wrote an article about “the launch of a spin-off project: Ethereum Classic.” While the author, Aaron van Wirdum, noted that Ethereum Classic, “seems to be a bit of a joke, intended to make a point,” he wrote, the project has been gaining some traction, with a small-but-growing user-base on Reddit and Slack […]”
Fast forward nearly six years by several metrics such as TVL and active full-time developers, Ethereum Classic never really grew beyond its core group of devotees: Bitcoin maximalists who LARPed as Ethereans.6
Just as Litecoin and Dogecoin have not faded away (despite a lack of usage or developer interest), traders will probably continue to trade ETC until PoW coins are delisted for ESG reasons.
On this note, on p. 192 the author writes:
They could see that, in the community at large, Bitcoiners in particular felt that Ethereum’s hard fork would illustrate one of Bitcoin’s core features: its immutability.
Two quibbles with this:
(1) some of the largest Bitcoin holders are not maximalists but like Bitcoin for other reasons (e.g., can be used as collateral on other chains);
(2) from a technical perspective, no public chain is “immutable” in the sense that it cannot be forked, if anything immutability describes the one-way hash function. Bitcoin’s development has fully ossified over the past five-ish years, with those interested in building actual dapps having left for greener pastures. Arguably the only thing “immutable” with Bitcoin today is who acts as the gatekeepers to the BIP process: the same self-appointed guards that prevented bigger blocks back in 2015-2016.
Chapters 8 & 9
On p. 198-199 the author mentions some pro-ETC tweets from Barry Silbert (founder of DCG):
Bought my first non-bitcoin digital currency… Ethereum Classic (ETC)
At $0.5.0, risk/return felt right. And I’m philosophically on board
Vitalik was stunned. He had met with Barry at the DCG offices in March, and at that time Barry had offered to help him and be his advisor. Now he was finding out that despite the friendly overture, Barry had never bought ether and now instead had bought ether classic.
Somewhat ironically five years ago, a group of Bitcoin maximalists actually chided Barry Silbert for his tweets (turning it into a full on Medium post). Around the same time, Reuters did a story about whether or not someone in his position would be falling afoul of SEC regulations for the type of tweets he was publishing. Putting personalities aside for the moment, it is worth pointing out that ETC has since had multiple deep reorgs and as shown in the presentation from Electric Capital above, does not really have developer mindshare.
These two chapters also provided some interesting background to both Poloniex (now co-owned by a syndicate led by Justin Sun) and Bitcoin Suisse (who had a change in management last year).
For instance, on pgs. 217-218
The WHG was trying to return people’s money, but instead they’d gotten the majority of it frozen at an exchange. When they asked Polo why it had blocked the trade, Griff and Jordi say the rep asked how Polo was to know the difference between a white hat and a black hat hacker. According to Griff, the rep then said that Polo was going to hold the money because it wasn’t the WHG’s money. Bity and the White Hat Group told Poloniex that it wasn’t theirs either. (Eventually, the WHG would realize that although Kraken was happy to let the Bity account trade, the exchange had blocked its withdrawals.)
Around the same time, someone working in the Bity office, who was then helping the WHG, recalls hearing a rumor from what they believed to be a credible source that the FBI had opened an investigation into the WHG’s activity, which scared the shit out of some group members. For the next two days, they spent a lot of time staring up at a big screen, incessantly refreshing the Poloniex account page to see if the money had been unfrozen. During this stretch of time, they slept very little — going to bed at 8 a.m. the night they realized the funds were frozen — and when people passed out, they did so on the sofas around the office. Weed and bottles of whiskey were strewn about, though the White Hat Group didn’t partake.
Another example of a prominent Bitcoin maximalist attempting to derail Ethereum, on p. 221
A few days after Alexis of Bity published a blog post on the status of the ETC refund, which explained why the WHG had first wanted to convert everything to ETH, a Bitcoin maximalist who went by the online handle WhalePanda published a blog titled “Ethereum: Chain of liars & thieves,” in which he delineated the trades that the White Hat Group tried to do on the various exchanges and concluded, “TLDR; We market dumped the illegally obtained ETC to crash/kill ETC but failed and now we want the locked funds back, sorry.”
His real name is Stefan Jespers and despite the fact that he has publicly invested in Ethereum-related tokens, his social media personality is toxic to this day.
Moving along, although I participated at the tail end of Devcon 2, I was completely unaware of all of the drama that was going on in the background.7
For instance, on p. 238
In the end, Bob didn’t even hear the final answer from Gav himself. Brian Behlendorf of Hyperledger had a call with Parity: Gav’s firm had decided not to go through with it. Bob felt Gav was acting out of spite. Bob also wondered if Gavin wanted to kill a potential competitor to Parity. Gav said Parity’s lawyer, who handled the company’s licensing strategy, had decided against it. Parity had partly gotten its VC funding by pitching an enterprise Ethereum implementation, so if the C++ codebase was permissively licensed, it might compete with Parity’s future product.
This was interesting because in retrospect, this future scenario didn’t really happen. While Parity did participate in several “enterprise” pilots and projects, this codebase was ultimately deprecated and turned into OpenEthereum (and later dropped altogether by Gnosis). Also, Pantheon (from ConsenSys) was donated to the Hyperledger project and re-emerged as “Besu.”
On pgs. 245-246 we learn about a possible motivation behind the denial of service attacks that took place during Devcon2
The DoS attacks were finally over. Though the period was stressful, Vitalik found fighting–and winning– this cyberwar fun in a way. Throughout, the attacker’s motivation was unclear. There wasn’t an obvious financial gain, although he or she could have shorted ETH. (The price did slide from about $13 to below $10 over the two months of the attacks.) In fact, he or she had spent one thousand ETH (roughly $12,000) on the attacks, plus the time to research and execute them. Many mused that perhaps the only people with such an incentive would be Bitcoin maximalists. Regardless, Ethereum became stronger and more capable of handling a high load of transactions–a beneficial maturation given what lay ahead.
When discussing the salaries of Ethereum Foundation employees and candidates, on p. 250:
But even her good qualities had downsides. For instance, even after the foundation found itself in a financially comfortable spot, she lowballed potential employees. When Google employees were applying and stated their salary requirements, she would say things like “Nobody gets paid that much” or that she and Vitalik didn’t–as if developers’ salaries should be benchmarked against her own. (Entry-level Google engineers would typically have incomes higher than Ming’s at the time, plus get valuable stock, and senior-level engineers’ compensation could be $1 million including stock.) At least one former Googler at the foundation was paid half his previous earnings; plus he was made a contractor, so he had no leave or benefits; another applicant from Google simply didn’t join the EF.
I don’t think these are good arguments for a couple of reasons:
(1) The Ethereum Foundation, like most coin foundations, is non-profit. We can argue about what the role of non-profits should or not be in society or what the salaries of their staff should or not be, but there is an implicit assumption that Foundations in general typically cannot offer the same types of compensation that many for-profit organizations can. For instance, the executive director role for both Hyperledger Project and the Enterprise Ethereum Alliance is around $400,000 a year. Since there is no equity or coin rewards for that role, is that high or low? Maybe it is low relative to the value that these organizations are perceived to create for the ecosystems they operate in.
(2) Having worked in the Bay area for five years (where my wife as a hardware engineer), with the current mini bear market in tech equities, arguably the salaries of Big Tech (software) employees were inflated. Plus in the case of Google, virtually all of their revenue comes from adtech which effectively monetizes personally identifiable information (PII) which is morally dubious at best. I don’t know what the “fair market value” of a senior engineer at Google should or should not be able to command after this mini bear market concludes, but the author should have used an apples-to-apples comparison: the salary of an experienced, senior engineer at other Foundations, and not with for-profit adtech companies in the Bay area.
Chapters 10 & 11
As mentioned at the beginning I don’t think the book was critical enough of ICOs in general, and specifically the way some organizers effectively fleeced retail by not disclosing much, if anything. Or how in many cases, a token was not needed.
One example of trying to force a token where one is probably unneeded on p. 256:
Many projects were, like the DAO, fund-raising by creating a token designated for use on that specific network. He said these tokens weren’t just being used to line initial coin offering (ICO) issuers’ pockets with ETH; they were actually being used in the dapps themselves. The people who offered services to the network could be pad in that token, which could then be exchanged for other money. Setting these projects apart was the fact that each was not a traditional app with a company at the center pushing out updates and making business deals; these were “decentralized software protocols” (emphasis added). Historically, such protocols had not been profitable. For instance, the people working on simple mail transfer protocol (smtp) for email did not make money. Outlook, Hotmail, and Gmail, the applications using smtp, had. However, now tokens made it possible for protocol builders to reward themselves since tokens could be created with the network, and they could keep some, like retaining equity in a start-up, and allocate some for continued work on the protocol.
A few quibbles about this passage:
(1) What the author (and the VC) is describing is: public goods, problem of free-riders, etc. Basically there is some useful internet infrastructure (smtp) that could be built but… : who builds it, who pays for the labor, who owns the IP, and so forth. The “Web 2” world now dominated by an oligopoly often referred to as Big Tech that sometimes builds out socially useful technology in exchange for monetizing personally identifiable information (e.g., rent-seeking). That is a morally bad exchange that has been normalized. We don’t have time to go into the years of abuse and exploitation (e.g., Cambridge Analytica scandal) that has occurred but this was one of the original motivations for proponents of “Web 3” in 2014. In practice, over the past eight years many VCs attempt to reinsert themselves and/or their portfolio companies (intermediaries like CEXs) in place of these tech incumbents. That’s not really mentioned in the book but probably should in a future edition.
(2) A sundry of ICO issuers did in fact attempt to line their pockets at the expense of retail. While some useful dapps and infrastructure have arisen out of the chaos of the 2016-2018 ICO mania, continually pointing to these is textbook survivorship bias. We don’t have time to go into how crowdfunding should or should not look like, but clearly there were a lot of victims who had no recourse and that’s not typically mentioned by coin promoters (such as the coin VCs of that era). The author doesn’t say it, but others have defended this time frame as “the ends justify the means” and I don’t think that is a good argument either. Nor is having to donate to unaccountable public goods (e.g., Wikipedia) the only other viable alternative.
(3) Unlike anti-coiners, I don’t think it is fair to throw the baby out with the bath water when it comes to creating new methods of funding public goods. Not everything was a scam or a fraud. Even securities regulators are okay with certain forms of crowdfunding from retail. Simultaneously I’ve been consistent over the years that a “tcpipcoin,” if it had been created almost 50 years ago, would have likely led to distractions for the stakeholders of that era, much like today.
For instance, below is a passage from a paper I wrote in April 2015 (pgs 18-19)
Moving along, on p. 257 the author put together a concise (and interesting!) history of ERC-20:
Suddenly everyone was on the hunt for the next big protocol tokens. And creating new ones on Ethereum was so easy. The previous fall, Fabian Vogelstellar of the Robin Hood Group had solicited comments on an idea that Vitalik had long discussed: standardizing a smart contract for creating new tokens. Fabian made it issue number twenty on a board designated for discussing protocol improvements called Ethereum Request for Comments. After 362 comments, they settled on a standard called ERC-20 tokens, which became a class of tokens that, because they were in a standardized smart contact, could be added easily be exchanges, wallets, and so forth.
In the discussion of crowdfunding, on p. 260 the author mentioned a now mostly dead project, Augur:
Right when they launched, the presale for Augur, a decentralized prediction market in which people could make predictions and bet on the outcome, was happening. When Taylor went to put money in, she was stymied, again, by challenging technical instructions. She asked Kosala to make a one-click button for her. He did, and they added an “Augur Crowdsale” tab to the site. Late in the sale, which ended October 1, 2015, teh Augur newsletter gave a shout-out to MyEtherWallet for the button. Taylor and Kosala exchanged chats peppered with “omg omg”–thrilled to have been noticed by others in the community.
Apart from the handful of people who bought it at < $2 immediately post-launch, the insiders of Augur did okay.8 Why? Today at around $8, Augur (REP) trades at roughly the same level as it did five summers ago. While money may not be the motivating factor for all crowdsale participants, ETH grew and sustained several multiples higher over the same time period (e.g., opportunity cost of capital). Apart from betting on the outcome of U.S. presidential elections, the platform – like Open Bazaar – remains a ghost town. To its credit, unlike other ICO survivors from that era, the Augur team converted 90% its ETH holdings for real money to build and deploy a working prediction market that is updated from time to time.
On p. 269 we learn how Poloniex operated a lot like Binance did pre-2021:
By the time of that victory, the exchange was facing a new problem. Due to US sanctions, it needed to block Iranians from using Poloniex. However, it could not, because the exchange did not have a robust know-your-customer (KYC) program to verify customers’ identities. (The one instituted in 2015 was, according to an early employee, “super basic” and “really, really easy to work around.”) It was a three-tiered KYC system that granted users greater trading access in exchange for higher levels of verification, and part of the reason for it was that Jules and Mike wanted to minimize friction for users to sign up and deposit funds. These discussions dragged on from the end of 2016 into the first half of 2017, when Jules and Mike finally relented.
Even cynical readers familiar with the cyber coin world were probably shaking their heads at this passage: how can operators of a U.S.-based CEX enrich themselves for years intentionally slow-walking compliance with the BSA?
It reminded me of when news leaked around Circle’s acquisition of Poloniex several years ago:
Speaking of the SEC, to-date they have prosecuted and/or settled with around 60 token issuers since the start of 2017 (collectively Canadian provinces and individual U.S. states have pursued about as many). The book spends a bit of time on The DAO report, published in July 2017, but doesn’t really highlight retail-focused solicitations, such as Kik (e.g., Kik was mentioned on p. 271 but nothing about their very public fight with the SEC). A second edition could include some retrospection around these retail-focused raises; e.g., why did different governmental bureaus in China ban ICOs around the same time frame?9
On pgs. 282-283 Poloniex is described as a panopticon:
In 2017, Poloniex’s volume grew fifty to seventy-five times what it had been in December 2016. With more customers, more volume, and now more processes, the company became buried. About twenty people were managing almost five million accounts, and the owners had not invested in the company at all. Instead of hiring a third-party know-your-customer vendor, as many companies would, to make sure each submitted ID matched the selfie taken and that the address given wasn’t for, say, a strip mall in Nevada, Polo employees had to process IDs one by one. Support was still bare-bones: according to a manager at the time, five people handled more than one hundred thousand support tickets. In the first half of the year, Johnny managed to “poach” a few troll box moderators to be new support agents, brining the total to eight. According to Johnny, Jules made workers put their phones in cubbies upon entering the office, forbade them from listening to music, and though this might also be for security reasons, blocked their computers from the internet so they could only do one thing on those machines: work. They had to wear headphones so that they wouldn’t accidentally overhear any conversations, they were recorded via cameras inside the office, and they were instructed to communicate with each other only on chat. (Later Jules would acknowledge to employees that they were surveilling all staff chats, including direct messages.)
On p. 288 the author mentioned some of the exuberance during the “Consensus” event in 2017:
The next day, EOS, which billed itself as a faster (but more centralized) competitor to Ethereum, kicked off its nearly year long ICO. The month before, it had advertised its sale on a massive billboard in Times Square, during the consensus conference, which had twenty-seven hundred attendees. The advertisement was ironic given that the EOS ICO blocked US IP address. That week, the ETH price again traded with highs in the $330s and lows in the $200s.
I attended this event and recall visiting the “official” afterparty wherein one of Block.One (the commercial backer of EOS) pointed out that the EOS billboard was just aesthetics and wasn’t encouraging anyone to participate in the ICO. One update for a future edition of the book: in September 2019 Block.One, settled with the SEC for a small sum of $24 million. Not-so fun fact: one of the defense attorney’s who worked on that case also (successfully) defended several other 2017-era ICOs that had purposefully focused on retail investors. This is part of the history that anti-coiners, who are new to town, should probably focus their wrath on instead of trafficking conspiracy theories.
On p. 294 we hear a prominent ICO promoter mentioned in passing:
Meanwhile, on the rocky, lizard- and fern-filled island of Ibiza the Parity team and friends were at a lovely terra-cotta-tiled, exotic-plant-adorned home rented by Brock Pierce, the former Mighty Ducks actor turned crypto VC, wrapping up a weeklong retreat that, for at least some attendees, was at times an alcohol-and drug-fueled blur. The previous Sunday, in the VIP room of the club Amnesia, the group had made merry.
There are a number of similar party-the-night-away excerpts throughout the book. One wonders how anything was shipped during this time frame! Speaking of Pierce, in early February 2018, The New York Times published a critical story of Pierce (and his crew) arriving in Puerto Rico to take advantage of the lenient tax treatment of capital gains (and income) without contributing much in return. Later that same month, clearly without any motivation to clear his name, he publicly pledged to donate $1 billion. To-date, there has been no follow-up, despite folks asking what he has done beyond drumming up easy PR. This is a pattern with some of the prominent coin promoters (post ICO mania) who promise big donations, yet little materializes beyond the press release.
Another example of why a future chapter dedicated to ICO then-and-now reflection is found on p. 298,
For instance, on May 26, the day after Token Summit, there was an ICO for something called Veritaseum that hadn’t open-sourced its code, hadn’t published a white paper, and, based on its jumbled marketing, appeared to be a centralized company that could have easily accepted US dollars for payment — not a decentralized network. It did not even take the basic step of having a secure website, despite the hacks rampaging throughout crypto. It raised $11 million. Early on, VERI tokens ranked tenth among crypto assets by market cap. On July 22, the market cap based on circulating supply was $458 million. But accounting for the fact that Veritaseum had only released 2 percent of its tokens, its market cap by the total float was $22.9 billion. By that measure, the one-month-old company was almost twice as valuable as Nasdaq. Its market cap was more than that of Ethereum’s, which on that day closed $21.5 billion. And who controlled 98% of VERI? The founder.
Two things that stuck out:
(1) In November 2019, Reggie Middleton (the founder of Veritaseum) settled with the SEC for about $9.5 million (most of which was disgorgement), this could be added in a future edition.
(2) Intermediaries such as Nasdaq have an oligopoly on the services (and infrastructure) they provide. If anything, the entire “blockchain” set of experiments (including those initiatives Nasdaq has rolled out into production) should highlight the large amount of market share that systemically important financial institutions and utilities are able to capture and hold and gorge upon. Dismissing all alternatives out-of-hand, as most anti-coin commentators frequently do, raises the question: who are anti-coiners actually trying to help? Financial incumbents who get bailed out by governments? Retail who get fleeced with PFOF? If their goal is to somehow “help” the average Joe, then clearly defending the status quo isn’t very helpful either since it largely rewards incumbents who despite having a regulatory moat, in times of need also get bailed out because they are “too big to fail.”
For all of the discussions around The DAO, Slock.it, and securities regulations, there was one interesting info nugget on p. 301:
While the document was incriminating and put the crypto industry on notice, it wasn’t entirely accurate (The SEC, which declined to comment on this matter, had not interviewed Slock.it and reached out only to at least one American curator. An October 2020 FOIA request turned up no documents on any discussion around who deployed the DAO) Slock.it hadn’t set up the DAO-hub forums (though it had set up the Slack), it hadn’t deployed the DAO smart contract (unknown DAO community members had created eight of them and Taylor’s then fiancé Kevin had tossed the coin that had chosen which DAO to use), and the Robin Hood and White Hat groups, which included some Slock.it employees on their own time, helped resolve the attack. Regardless, the SEC had meant the document to be foundational, to show how the SEC was looking at the space. Lawyer surmised the agency had chosen a “21a report”–giving others notice that going forward the commission would likely follow up with enforcement actions for similar behaviors–because the DAO no longer existed and people had not lost money.
What other regulators may have reached out to Slock.it and curators? Was there a line-in-the-sand somewhere?
On p. 307 we learned about one Ethereum co-founder’s involvement in several ICOs:
At this time, during the ICO craze, Anthony had made a name for himself–not necessarily in a good way. He was slapping his name on ICOs as an advisor in exchange for tokens: Civic, Blockmason, Etherparty, Enjin Coin, Worldwide Asset eXchange, Skrumble Network, Cindicator, Polymath, AION, PayPie, Storm, Unikrn, WAX, Po.et, and Veriblock. Although Civic, Polymath, WAX, and Unikrn were somewhat well-known, the others were no-name projects. He’d also invested in two Chinese projects, Vechain and Qtum.
Not sure why the Chinese angle was worth highlighting; also not an endorsement but both Vechain and Qtum are around and still putting out “announceables.” It is worth mentioning that there are a number of high profile coin VCs who have removed or whitewashed their shilly ICO past, to somehow become… thought-leaders. In the U.S. it is more than two hands can count. Despite the collective “coinesia,” retail-focused promoters-turned-investors probably deserved to be named in a future edition.
On p. 319, more interesting information about Poloniex was described:
That fall, Poloniex’s dominance began to slip. If in June it had sometimes seen trading volume of $5 billion per week, early that fall the peaks were more like $4 billion. Still, even with the dip, the exchange was making a killing. One reason for the drop was that competitors were investing in upgrades, but Polo was doing the bare minimum. Seeing competitor Kraken boast about a slew of new features, Polo employees asked, “Why are we not doing this? Why are we just letting them take our business?” One example: Kraken launched an efficient, self-service feature for two-factor authentication allowing users themselves to disable it. Even though customer service said launching a similar feature would cut a third of all open support tickets, Jules and Mike wouldn’t let Tristan work on it. (As far as most people could tell, Tristan controlled nearly every aspect of Poloniex’s code–a grasp of its intricacies wasn’t spread out among a team of people, as would be expected of an exchange transacting in billions of dollars’ worth of crypto every week.) By this point, according to someone familiar with the matter, the exchange had almost half a million open support tickets. Johnny managed to poach more trollbox moderators to act as customer service agents, reaching twelve total by year’s end. He would feel really good the few times in the fall of 2017 that they got the number of open support tickets down to one hundred thousand. Jules and Mike did let them hire a few freelancers, who Johnny, the head of customer support, trained to help out with the backlog of KYC verification. They were good, so he suggested hiring them all immediately. He recall Jules and Mike said, essentially, No, we’re not going to hire anyone. Work with what you’ve got.
It’s interesting to hear this side of the story because throughout this time period, on social media and in chat groups, people would complain about Poloniex’s customer service. Now we know why.
Dentacoin was name dropped on p. 325. It is routinely lampooned for as you can guess, what it is named after.
Chapter 12 & 13
On pgs. 335-336 readers are presented with a thought experiment:
But most of all, things had been different during the DAO drama. Back then, Ethereum had done so many forks before, the community thought forking was without consequences. At that time, not forking was the threat. However, after the DAO, they knew that a hard fork could create yet another Ethereum. And that became the threat. Another factor was that, unlike with the DAO, there was no time pressure. The funds were frozen, and absent any decisions, they would be frozen forever. With the DAO the time for a rescue was limited, and that had prompted people to act. Additionally, with so many new tokens having been built on Ethereum, a contentious hard fork created the risk of producing all kinds of duplicate assets on another chain–Gnosis Very Classic, BAT Very Classic, Status Very Classic, and so forth.
I chuckled at the “Very Classic” names. But truth be told, both Ethereum and Ethereum Classic have had hard forks since the time frame this passage took place (late 2017). So technically speaking, those alt tokens could exist, although to my knowledge no major exchange supported the now-deprecated forks and alts.
On p. 343 we see mentions of Julian Assange and efforts like Pineapple Fund. Assange is frequently lionized by some Bitcoin promoters but he willingly only dumped secrets that damaged one specific U.S. political party and went out of his way not to publish anything that damaged Putin’s government. Ecuador’s government (which allowed Assange to live in its embassy for several years) found direct ties between Assange and the Russian government. In 2017, then-Trump advisor Dana Rohrabacher visited Assange in London and offered a pardon in exchange for Assange publicly stating “the Russians were not involved in the email leak that damaged Hillary Clinton’s presidential campaign in 2016 against Trump.”
Obviously this would have been a distraction in the book but in my mind it is hard to mention this very controversial character without providing context on why he was likely a willing Russian asset.
Epilogue
The epilogue tries to tie many of the threads into complete knots. Some worked, like the Poloniex conclusion on p. 358:
Circle’s acquistion of Poloniex closed on February 22, 2018. Fortune reported the deal was for $400 million, but according to a source familiar with the matter, the actual amount eventually paid out was between $200 million and $300 million. The sale was almost perfectly time to when not only the flood of trading volume began to wane at Polo but also the crypto bubble itself began to burst and volumes globally were lower than at their peak in mid-December. Polo had been shopping itself since the spring of 2017, such as to Barry Silbert’s Digital Currency Group and Blockchain.com. Circle had been hoping to close the deal in November, but Jules, Mike, and Tristan, citing the crushing amount of work (which the staff and another person who worked with them attributed to their “greedy” refusal to hire additional employees), managed to drag it out while the exchange was still bringing in obscene amounts of revenue–and yet to close before the employees’ shares vested. Some early staff calculated they’d been strong-armed out of $5 million to $10 million apiece.
Wow, that sucks. I have some close friends that had a similar story about a different NYC-based technology company during the same time frame.
Other knots didn’t quite close, like the lawsuits between ConsenSys management and its former employees discussed on p. 364-365. One recently settled and at least one of the lawsuits is ongoing and continues to garner headlines and involves a fight over IP rights for infrastructure such as Metamask.
Concluding remarks
From a technical standpoint the book was pretty good, just a few small quibbles. As mentioned at the beginning, while I heard rumors, I don’t know enough about a bunch of the inner circle to comment on a number of the personalities that were the focus of the book.10
There are several other books describing the ins and outs of how Ethereum was created that I hope to read through this summer, and time willing write-up a review. In the meantime, if you are looking for a page turner that doesn’t require a PhD in cryptography to understand, I think The Cryptopians is worth adding to your reading list.
Also, if you’re interested in hearing a credible candidate for who The DAO hacker may have been, Shin published a related thread with links a few months ago.
Endnotes
Send to KindleThis is not the first time Bitfinex has been “debanked” before. Phil Potter, the CFO of Bitfinex, recently gave an interview and explained that whenever they have lost accounts in the past, they would do a number of things to get re-banked. In his words: “We’ve had banking hiccups in the past, we’ve just always been able to route around it or deal with it, open up new accounts, or what have you… shift to a new corporate entity, lots of cat and mouse tricks that everyone in Bitcoin industry has to avail themselves of.” [↩]
[Note: The views expressed below are solely my own and do not necessarily represent the views of my employer or any organization I advise.]
As we have discussed before, “Web3” is a nebulous term that has been used to market a slew of products and services, often via “chainwashing.”
What is “Web3?”
This past week 25 guys and one gal signed and published a 741-word letter to senior U.S. legislators calling for “Support of Responsible Fintech Policy.” And while many “Web3” promoters do deserve a good chastising, this letter has many technical shortcomings and is a disappointment to those who have been in the trenches for years… before being a “critic” was considered en vogue. Worst, it doesn’t define what “Web3” or even a “blockchain” is or is not.
But let’s start with a comment that I thought was pretty good, the intro:
“Today, we write to you urging you to take a critical, skeptical approach toward industry claims that crypto-assets (sometimes called cryptocurrencies, crypto tokens, or web3) are an innovative technology that is unreservedly good. We urge you to resist pressure from digital asset industry financiers, lobbyists, and boosters to create a regulatory safe haven for these risky, flawed, and unproven digital financial instruments and to instead take an approach that protects the public interest and ensures technology is deployed in genuine service to the needs of ordinary citizens.”
I – along with a number of other independent researchers such as Angela Walch (who they referenced) – have publicly made similar requests in the past. For instance, the original conclusion in my 2018 WSJ op-ed expanded upon the lack of transparency and surveillance sharing for why the SEC has not approved a bitcoin-denominated ETF by stating, “…the retail public wants seductive narratives and fantastical returns. The supply of fraud will therefore grow to meet that demand.”
To reuse a cliché analogy, throughout most of 2021 you could probably throw a baseball at a collection of dapps and hit one that at the very least, played fast and loose with marketing high APR yields.
This was followed with a quizzical take:
“Not all innovation is unqualifiedly good; not everything that we can build should be built. The history of technology is full of dead ends, false starts, and wrong turns. Append-only digital ledgers are not a new innovation. They have been known and used since 1980 for rather limited functions.”
The first sentence probably has a lot of supporters, including myself, as it relates to non-proliferation of weapons of mass destruction. The somber and horrific legacies of the atomic and hydrogen bombs are certainly an example of something that should not have been built.
But the shade thrown at “append-only digital ledgers” is pretty farcical. Why do these authors get to determine what is or is not useful in the spring of 2022?
For instance, if we look at the core moving pieces of the Bitcoin blockchain, all of the main elements (“prerequisites“) had been around for years. And it was by assembling them together that we have arguably the first blockchain.1 The authors are taking a page from the lazy Maximalist playbook, one that does not withstand empirical scrutiny.
In looking at the “tech stack” of Big Tech, Google maintains a project called “Certificate Transparency” (implemented as “Trillian“).2 Certificate Transparency is not a blockchain, but it is a Merkle tree of things which are interconnected and signed and in production today.
From the Trillian team:
The ideas underpinning Certificate Transparency, Revocation Transparency and related efforts are not specific to certificates, but can in fact be used to make almost anything transparent. These technologies are strongly related to the much-hyped blockchain. The reality, of course, is that there isn’t a “the” blockchain, and that decentralisation is not always the answer. We are not making “the” blockchain, and we do not claim to support decentralisation.
As mentioned in a previous post, the problem with the a priori position that anti-coiners (and many maximalists) have is that over time they continually get backed up into a corner. Why? Because over the past decade we continue to see – empirically – how blockchains and blockchain-like elements are incorporated by a spectrum of organizations from Big Tech and Big Finance all the way down to small startups.
As Matthew Green (a cryptographer) explains in a thread on this topic, the granular fine points around “blockchain technology” is mostly bad:
Unfortunately the authors – while seemingly well intentioned – do not clearly state what parts of a blockchain they dislike, what parts of “distributed ledger technology” that they explicitly think is bad.
Furthermore, the idea of a neutrally owned, shared ledger is not a new concept. Several initiatives in the financial industry — such as a Joint Back Office (JBO) — pre-date the euphoria around blockchains but languished in concept mode.3 What is the lure for maintaining a shared ledger between (competing) organizations? Resiliency and reduction of reconciliation often come up as two of the main reasons but the list is long and deserves its own post. Suffice to say, claiming that “append-only digital ledgers” are a plaything of the ’80s is not even wrong.
Another broad sweeping set of statements that lack precision:
As software engineers and technologists with deep expertise in our fields, we dispute the claims made in recent years about the novelty and potential of blockchain technology. Blockchain technology cannot, and will not, have transaction reversal mechanisms because they are antithetical to its base design.
As Green and Byrne (among other responders) have pointed out, there is a missing nuance by the authors in that there are different types of blockchains. For instance, depending on the implementation some permissioned blockchains allow – in theory – certain participants to freeze transactions.4
Likewise on public chains, administrators of USDC, USDT, and other collateral-backed pegged coins, regularly blacklist and freeze transactions. In fact, any chain with smart contract functionality can provide some form of reversibility (or at the very least, freezing of state). We also see this empirically during and after exploits, with developer teams freezing tokens.
This is a strange miss because one of the signatories is Stephen Diehl, who as far back as July 2017 (when I spoke to him in an official meeting) was/is the CTO and director at Adjoint, which is a British private blockchain firm that has previously announced payment-related partnerships.
This statement starts out good:
Similarly, most public blockchain-based financial products are a disaster for financial privacy; the exceptions are a handful of emerging privacy-focused blockchain finance alternatives, and these are a gift to money-launderers. Financial technologies that serve the public must always have mechanisms for fraud mitigation and allow a human-in-the-loop to reverse transactions; blockchain permits neither.
Green (and suzuha) points out that the authors are trying to have their cake and eat it too:
For example, as far back as 2015, banks involved in R3 presented use-cases that required – by law – protection of PII. At the time, any company or organization wanting to engage with regulated financial institutions quickly learned how PII was an unmovable touchstone (see this related presentation). And so from those functional requirements arose different solutions ranging from hardware-based solutions (like SGX) to software-based solutions (like ZK-Snarks). The public chain world was often where these ideas either first originated or at the very least, first tested.5
Over the years I have regularly pointed out how privacy and confidentiality-features could be used for a sundry of illicit activities. But just because it could be used by those types of actors, does not mean it regularly is.
On that point, in 2016 I helped edit a paper on this very topic. It was co-authored by Danny Yang (founder of Blockseer), Zooko Wilcox-O’Hearn, and Jack Gavigan. Wilcox-O’Hearn and Gavigan are executives at the Electric Coin Company, a for-profit company leading the development of Zcash. Worth pointing out that one of the signatories on the letter above amplified false information about myself two months ago, claiming I was not an advisor at Blockseer. Not only is this false, but I still own the equity in DMG Blockchain (which acquired Blockseer four years ago). This calls into question the credibility of the individuals amplifying information they did not fact check. What other false information are they claiming about blockchains?
Scare quotes is not the only thing that harms this section:
By its very design, blockchain technology, specifically so-called “public blockchains”, are poorly suited for just about every purpose currently touted as a present or potential source of public benefit. From its inception, this technology has been a solution in search of a problem and has now latched onto concepts such as financial inclusion and data transparency to justify its existence, despite far better solutions already in use.
The paragraph preceding this one also mentions “public blockchains” but doesn’t use quotes around it. And neither defines or provides nuance to explain the differences between “permissioned” (or private) blockchains compared with “public” (or anarchic) blockchains.
Either way, the authors make a good argument about how pulling on the heart strings of financial inclusion is mostly bupkis and I agree, and others have pointed that this rings hollow too.6 To strengthen this, the authors should have provided a citation or at least an example of “far better solutions already in use.” For example, Raúl Carrillo (who is not one of the listed authors) has pointed to Postal Banking as a possible avenue for (re)banking not just marginalized persons. Blockchains aren’t need for that or arguably for other retail activity.7
The next part of the paragraph is painfully arbitrary:
After more than thirteen years of development, it has severe limitations and design flaws that preclude almost all applications that deal with public customer data and regulated financial transactions and are not an improvement on existing non-blockchain solutions.
First of all, the first web browser (appropriately called the “WorldWideWeb“) was launched in 1990. It wasn’t until 2004 that Google revealed Ajax-based Gmail followed by Google Maps. If the authors are trying to make the claim that anything (everything?) useful should have been invented in 13 years then they should hold other tech initiatives to the same standard.
The lack of nuance in this letter is striking because not every blockchain is based on the purposefully limited architecture of Bitcoin. Between 2009-2015, a typical on-chain user could only access Bitcoin or a Bitcoin-based fork or clone (like Litecoin). Ethereum and other chains with a virtual machine, did not launch until the summer of 2015.8 That is part of the reason why regulated financial institutions (Big Banks) and large technology companies (Big Tech) began deploying resources in this sector in 2015: first with consortia and later setting up their own internal teams of subject matter experts. What a user could do with a blockchain changed over time thus a priori declaring “almost all applications” dead is incredulous.
And again, the authors provide no examples of what “existing non-blockchain solutions” they are referring to. For example, every single major vendor that provides core banking software for banks — such as FIS, Fiserve, and Jack Henry — have integrated tools that enable the software to interact with or hook into a blockchain. Every major Big Cloud vendor provides both tools for blockchain node operators as well as dedicated “Web3” development teams to compete with Alchemy and Infura. Several CSDs and CCPs have invested in a blockchain-focused company (like Digital Asset or Axoni) and have announced blockchain-based pilots. Pretending that this digitization and tokenization trend is not occurring beyond niche NFT art collections is intellectually dishonest.
I agree with most of this statement but it needs nuance:
Finally, blockchain technologies facilitate few, if any, real-economy uses. On the other hand, the underlying crypto-assets have been the vehicle for unsound and highly volatile speculative investment schemes that are being actively promoted to retail investors who may be unable to understand their nature and risk. Other significant externalities include threats to national security through money laundering and ransomware attacks, financial stability risks from high price volatility, speculation and susceptibility to run risk, massive climate emissions from the proof-of-work technology utilized by some of the most widely traded crypto-assets, and investor risk from large scale scams and other criminal financial activity.
The nuance these authors need to include is defining what “blockchain technology” is and is not. Trillian is not a blockchain but shares several common elements. Thus throwing the baby with the bath water flies in the face of the empirical reality.9 As far as criticisms around the negative externalities created by proof-of-work-based blockchains: I 100% agree. I have written on this topic roughly every 18 months. What would strengthen their statement is to provide actual statistics and data regarding each of their points (the data exists from companies like Chainalysis or previously, Blockseer).
Their polemical statement meanders on a bit more but this statement is worth assessing:
The catastrophes and externalities related to blockchain technologies and crypto-asset investments are neither isolated nor are they growing pains of a nascent technology. They are the inevitable outcomes of a technology that is not built for purpose and will remain forever unsuitable as a foundation for large-scale economic activity.
The second sentence falls under Hitchens razor: that which is presented without evidence can be dismissed without evidence. In fact, we do know why Bitcoin was built, Satoshi explained it at length on mailing lists and in the white paper. And Bitcoin was just the first “blockchain,” other chains have arisen later that fulfill other requirements. Onyx from JP Morgan is now being used for trading intraday repos. Maybe Onyx is just a flash in the pan, but it serves as a narrative violation — and there are more than a dozen other examples that the authors are likely unaware of, just read Ledger Insights each week.10
Lastly, in the Financial Times, one of the authors was quoted saying:
“The computational power is equivalent to what you could do in a centralised way with a $100 computer,” said de Icaza. “We’re essentially wasting millions of dollars’ worth of equipment because we’ve decided that we don’t trust the banking system.”
This is true with respect to proof-of-work-based blockchains but not at all relevant to alternate Sybil resistant models like proof-of-stake (P-o-S). Conflating the two is not accurate. Also, de Icaza and others needlessly defend the status quo, both with comments like this as well as the letter itself. Fortunately for retail, “the banking system” is not completely static and changes over time (it is also not a single monolithic entity). Also, not a single author listed works for a financial institution yet opines on it; there are plenty of blockchain “skeptics” within the financial industry why not find one?
Which brings us to the next section.
(Un)intentionally defending the status quo
The only reason to publicly identify themselves is to give weight or credibility to the matters discussed in the letter. Even though this letter was directed at U.S. congressmen and women, more than half of the signees are neither US residents or citizens. Even though more than a handful work at public tech companies or large organizations that rely on donations, let us give them the benefit of the doubt that they were not explicitly defending the status quo.
Yet without offering specifics beyond vague “non-blockchain solutions,” the authors are implicitly defending both systemically important financial institutions (SIFIs) and systemically important cloud providers. Both are bad for society and we should not defend their existence.
It is worth pointing out apart from two or three, most of these authors were not actively critical during the very public 2017-2018 ICO boom.11 What has motivated them to self-deputize and attempt to police what can and cannot be done with a blockchain in 2022 and ignore those who have been pathfinders in prior years? Perhaps there is a good reason, busy solving other worldly problems. I am certainly a fan of more introspection by disinterested parties!
I have written about it before but if the aim is to (1) influence policy makers and work with (2) regulators, there are at least two ways to achieve their goals:
The blockchain world needs critics and criticism but it also needs criticism that is technically valid. And this letter is not only imprecise but sounds like something incumbent technology firms would write to defend their turf (which probably isn’t how it originated).
Bonafides
Over the past 18 months, the most recent coin bull market brought in a slew of new commentators a few of whom have attempted to co-opt the term “critic.” Clearly no one owns this term, there is no monopoly on it. Heck, I’ve even been labeled a “crypto” or “bitcoin” critic on more than one occasion. Yet we are seeing a cottage industry of professional “skeptics” who have a priori made up their mind irrespective of the evidence presented.
In addition to writing the most widely cited paper on “permissioned” blockchains, I wrote the first long form discussion on potential systemic important cryptocurrency networks in 2018 and think it is a bit absurd that some anti-coin commentary claims that cyber coins currently threaten the entire financial system. Feel free to disagree, but the onus is on the party making the positive claim. The counterfactual occurred the past five months: more than half of the aggregate coin marketcap evaporated. As collateral-backed pegged coins unwound, they did not lead to massive treasury liquidations crushing the traditional financial market.12
This is not defending the way centralized, commercial-bank backed pegged coins arose or currently operate.13 Rather it is a statement of fact: today the cyber coin world is not “too big to fail” and hopefully it never will be. Contagion can be real and should be simulated and stress tested!14 There are plenty of good criticisms to be lobbed at the “Web3” world, none of which requires making up fanciful conspiracies or playing fast and loose with technical verbiage.
If we are going to (rightly) criticize startups, investors, and other interested parties for mis-marketing “Web3” we should provide specific reasons as well as definitions. And while we are at it, let us bring a fine comb and scrutinize other hyped tech verticals that dramatically impact the well being of individuals such as: A.I. and workplace discrimination, privacy rights over data (including identity).15
Crusades can be big tent and incorporate more than just a small echo chamber of folks who (rightly) point out that a lot of cryptocurrency buzz is likely a financial grift with little real utility. Yet it is not a coincidence that perhaps the best critics are actual practioners, engineers, and architects who saw the limitations or drawbacks in certain blockchain designs and decided to build a different way. If there is a second version of this letter, it is highly recommended that input from outsiders be solicited. Including the world’s richest man, Colin Platt!
Or maybe we’ll just have to settle for a Kimberley process for Web3 claims, for both promoters and pundits alike.
End notes
Send to KindleWe (the ‘royal we’) have previously discussed various flavors of pegged coins, “stablecoins,” as well as CBDC proposals. This short, non-comprehensive post will look into the rise and rapid fall of the Luna and UST, two cryptocurrencies native to the Terra blockchain.1
What are the separate categories that the “stablecoin” idea can be bucketed into?
Above is a helpful taxonomy created by Klages-Mundt et al. and adapted by Robert Sams.2 One of the commonalities among all of these efforts above is that they are intended to administer an elastic money supply (as opposed to fixed, deterministic, or inelastic supplies used in many cryptocurrencies such as bitcoin).
Most analysis on this topic lacks the important nuances separating custodial and non-custodial “stablecoins” as well as those that depend on exogenous collateral versus endogenous collateral.
We are not going to dive into each one of the projects above. Furthermore, the usage of a name or logo is not an endorsement of a particular company or project.
So what happened to Luna and the UST this past week?
To answer that we need to quickly explain what the Terra blockchain is and how and why there are more than one layer 1 token such as Luna, UST, KRT (Korean Won) and SDT (an SDR token). 3
Brief history
Launched just over two years ago – in April 2019 – the Terra blockchain incorporated elements of the “Seigniorage Shares” idea with a couple of twists. Whereas several other projects attempted to collateralize (back stop) a single stabilized asset through a mint/burn mechanism, Terra enabled arbitrageurs to burn Luna (the volatile, staking token) and mint one of several different pegged coins, the most prominent of which is UST. UST was marketed as being stable relative to the USD. That is to say, through an automated on-chain program, a trader could burn $1 worth of Luna (at Luna’s prevailing market price) and receive 1 unit of UST (irrespective of the prevailing market price of UST), and vice versa: a trader could exchange 1 unit of UST and receive $1 worth of Luna.4 In theory.
You might be asking yourself, what guarantees that traders will be able to redeem $1 of either at any point in time? Terraform Labs (TFL) is the main developer behind the the Terra blockchain. One of the ways TFL attempted to architect guaranteed redemption and simultaneously mitigate a “death spiral” (an existential crisis that multiple “algo stablecoins” have crashed into), was by capping the daily minting of UST.5 The exact amount has changed over time but the goal was to help throttle the unbounded risk of an oversupply of UST (or some other pegged coin).
Why is this important?
Because as mentioned above: UST (and the other pegged coins that can be minted) were explicitly uncollateralized — although there has been an implicit acknowledgement that the aggregate UST (and other minted currencies) needs to remain below the marketcap of Luna which is the key conduit for redemptions. An imbalance, or “flippening,” could (and did) result in a crisis of confidence and collapse.
The chart (above) shows the aggregate market caps of both UST and Luna over the past 12 months. At their height last month, they together represented almost $60 billion in (paper) value. Today that has dropped to just over $1 billion.6
Why did things go wrong?
Before we answer that, let us look at when “the flippening” occurred.
What is another way to visualize this?
What does this mean? Due to the “macro” bear market in cryptocurrencies (the aggregate coin market is more than 50% off its all-time high from last year), Luna’s market cap saw a rapid decline that quickly became a vicious cycle due to the Why.
While there are a bunch of mostly cliché conspiracy theories as to which traders took advantage of the knowledge and conditions to short Luna (and UST), the conditions that led to UST’s rapid ascent (relative to Luna) seen in Figure 2, are pretty pedestrian.
What was the key reason for this ascent starting in November? The popular Anchor dapp on the Terra blockchain. What is Anchor?
Launched in March 2021, Anchor is an all-in-one asset management dapp that allowed traders to deposit their Luna as collateral and borrow UST against it. Often traders would go to an exchange and convert the UST into Luna, depositing the Luna into Anchor and lever up several more times. Its ease of use led to rapid growth, with total-value-locked (TVL) growing from zero to $6 billion within six months. The loan-to-value (LTV) ratio shifted over time but was northward of 70% when UST overtook Luna this past week.
Why did TVL grow so fast on Anchor?
The main reason was the dapp subsidized both lenders and borrowers through the emission of a governance token called ANC. For over 6 months, Anchor marketed itself as being able to provide 19.5% APY on all UST deposits via a blended combination of Luna staking emission and reoccurring ANC airdrops.7 Both sophisticated and unsophisticated investors, believing that $1 UST was redeemable at par with $1 USD, deposited large quantities of $UST (which others could then borrow as well). Anecdotally we have heard of startups at incubators and seasoned fintechs in emerging markets offering retail users access to this high yield product. The yield was unsustainable and developers knew it so various interest groups (including several high profile investors) proposed ways to reduce the ANC yield each month depending on economic indicators.
But by the time the downward adjustment was implemented it was too late. This relatively high yield had turned UST into a “hodl asset,” a “store of value” — something that the uncollateralized system was not properly designed to absorb.8
Prior to the collapse of Luna and UST, the development teams behind Terra and Anchor recognized this shortcoming and this past February announced the Luna Foundation Guard (LFG) and organization that would accumulate exogenous collateral to defend the $1 USD peg.
Recall that at the very top in Figure 1, Terra was categorized as using endogenous collateral, that is capital native to the protocol itself (e.g., Luna, UST). As part of the initial LFG announcement, the organization aspired to accumulate large quantities of exogenous coins starting with bitcoin and later others (such as AVAX, and even both USDC and USDT). At its height, LFG’s reserves tallied over $3.5 billion and as of this writing it has shrunk to around $80 million (sans some squirrelly BTC).
Anchor aweigh
Even without Anchor the fundamental problem is that the underlying collateral is volatile, so what is over-collateralized can become under-collateralized very quickly (whether it is endogenous or exogenous).9
Those who argue that the solution for decentralized stablecoins is to be “fully backed” are still kind of missing the point. If these protocols are all using the same 3-5 major coins as collateral, you can get the same ‘death spiral’ scenario materializing if the stablecoin supply grows large vis-à-vis the collateral marketcap. After all, even LFG’s liquidation of $1.6 billion BTC moved the largest coin cap.
So who is the buyer-of-last resort? If it is actually decentralized, it can only be the parties who can liquidate or redeem the collateral. CDP systems like Maker have the incentives for this behavior, but suffer from the coin supply side being driven by lending and no mechanism to equilibrate that supply to the demand side (the mechanism is the stability fee and savings rate, but that is set by governance, not the market)
The root problem for UST and Luna, (as Kevin Zhou, Matt Levine, and others have mentioned), was that neither had any source of value independent of the other. If the market decided to sell both, there was nothing to give you confidence that they would recover. UST was built on Luna and for the past 6 months Luna was built on essentially Anchor yield savings. Even a large “stabilization fund” – with a transparent and automated mechanism for how it would be deployed – would not prevent the Luna/UST market cap from growing to dwarf the LFG backstop, thus a sequence like this past week was always a risk.
We could spend pages describing alternate plans and paths the development teams, users, traders, and other interest groups could have taken to stymie the collapse. Instead we wanted to highlight one final chart that we found interesting.
Divergence
The chart (above) shows the intraday prices each day over the course of a week between Luna (in dark pink) and bLuna (in blue).
What is bLuna? bLuna is a liquid staking mechanism managed by Lido in a partnership with Anchor.10 Liquid staking is actually an interesting concept. Most readers are probably vaguely familiar with staking on a proof-of-stake network: users deposit their coins to an address on-chain and receive some form of remuneration (emission) for helping to secure the network (and process transactions, if they are a validator).
But the coins used in staking are effectively frozen and cannot be easily used elsewhere as collateral. Enter liquid staking. As the name suggests, liquid staking is a concept that has been implemented in two different ways: at the dapp layer (via Lido, Marinade, and a few others) or at the native L1 layer (Osmosis in the Cosmos ecosystem is about to be the first to do so).
Liquid staking is neat because it allows all of the locked up (“frozen”) capital to be used as collateral for lending. An imperfect example: Bob purchases $200,000 of Apple stock. He wants to buy a new home and instead of selling the stock he finds a bank willing to use his Apple stock as collateral for the down payment on the house. Similarly, liquid staking is not rehypothecation as no new asset is created.11
The reason a lot of brain cycles have been spent on creating liquid staking dapps (like Lido) is that the vast majority (>95%) of all staked assets on proof-of-stake networks is illiquid. If they can become liquid that would enable more capital to be used for endogenous lending — instead of having to rely on exogenous capital like wrapped assets (WETH, WBTC) or real world assets (USDC, USDT).
In theory, when an asset transforms from a staked asset into a liquid staked asset, the market prices of the two should be very similar. In some cases, such as stETH (ether deposited in Lido on Ethereum) or mSOL (sol deposited in Marinade on Solana), the liquid asset accrues the emission reward therefore becoming slightly more valuable over time (in proportion to the emission rate).
In the case above, bLuna and Luna were tightly coupled but clearly broke down between May 9th-11th due to the massive selling pressure and unstaking that took place (more than 95% of all Luna has been unstaked down considerably over the past month). This brings us to the final section.
Proposed category
Surprise! I have a couple ideas on how to evolve the “algo stabilization” world, including adding a (possible) new category to the four incumbents above: a demurrage-based settlement asset.
But first, let’s take a step back and ask the question what amount of UST could Luna have absorbed?
Even the most hardened maximalist or anti-coiner would concede that a single solitary 1 UST could probably be absorbed by Luna’s market cap.
So where is the limit? Where do the wheels fall off? When do things become unwieldy?
It was not the UST borrow side that was a priori the fundamental culprit. Amplifying the problem was goosing the UST demand side with 19.5% “risk free” returns on Anchor. For instance, if the arbitrage mechanism only allowed the creation of UST (or other pegged assets) based on a small single digit percentage of Luna’s marketcap, it is likely this collapse might not have happened in such a dramatic fashion.
Yet as mentioned above, this approach alone still would not have staved off simultaneous sell-offs of both UST and Luna and/or hyperlunaflation.
Future developers looking to enter this arena could construct an asset with a stabilized unit-of-account that maintains a diminutive aggregate relative to the staked asset being burned. E.g., depending on the use case, an aggregate the size of $100,000 could conceivably power a small on-chain economy much like in traditional markets rely on a high velocity of money to grease the economy (where money is circulates among participants like a hot potato).12
That is to say, a high velocity stabilized unit-of-account, one that is used as a medium-of-exchange and not as a store-of-value or hodl asset, probably has a lot more longevity so as long as its creation (or borrowing) is not heavily subsidized. Sprinkle in some demurrage – or negative interest rates – to further disincentivize hodling and focus on a handful of uses (n.b. “hodling” is not using).1314
Final remarks
It is pretty easy to dance on the grave of another dead / dying cryptocurrency, there have been a few dozen marathon’s worth of victory laps on social media this past week. Despite autopsies and red flags, it is likely that some folks will attempt to emulate the heavily subsidized borrowing model too.
Apart from designing a purposefully limited high velocity, stabilized unit-of-account, what can non-developers do?
Arguably, the most accurate commentator on this topic is a friend, Kevin Zhou (founder of Galois Capital), who publicly predicted what would occur months ago. But unlike the maximalists and anti-coiners who stridently label everything a scam and a fraud, Zhou actually modeled out several scenarios in detail. Give him a follow.
Future analysis could look into the on-chain contagion such as dapps that were impacted including Mirror protocol (did the yield at Anchor cannibalize the other use cases by acting as a liquidity gravity well?). As of this writing it is unclear what direction a “LunaV2” will take but worth pointing out that key stake holders in the ecosystem agreed to shut down the network twice and switched to PoA.
Endnotes
Send to KindleApril 17 7:30pm EST — 63%
April 30 11:30am EST — 66%
May 7 5:00pm EST — 78%
May 7 6:30pm EST — 81%
May 8 9:00am EST — 90%
May 9 1pm EST — 95%
May 9 3pm EST — 113%
May 9 11pm EST –125%
May 10 7:30am EST –149%
May 10 3:45pm EST– 166%
May 10 5:30pm EST — 207%
May 10 6pm EST — 211%
May 11 5:30am EST — 291%
In April, the ratio flirted with and fell below the 2/3rd mark. But due to the persistent bear market coupled by sell side pressure of both UST and Luna, by the morning of May 10th, ‘hyper hyperinflation’ was well underway with a massive expansion of Luna’s total supply. [↩]
Since there are still a lot of misconceptions about what tokens are, below is a short presentation I gave at the Web 3.1 Unconference discussing several tokenization attempts over the past decade. Note: this is non-exhaustive, as a full landscape report would involve hundreds of other examples.
See also the previous post: Tribes of maximalism
Send to KindleMost people uninvolved or newly involved in the world of cryptocurrency are unaware of the prickly connotations, histories, and etymology of many different memes and phrases. Below is a short explanation of a few of them.
For instance, as it relates to coins, the term “maximalist” or “maximalism” first appeared in 2014. In March 2014, Daniel Krawisz, a co-founder of the Nakamoto Institute (who was later purged for supporting BSV), wrote “The Coming Demise of the Altcoins (And What You Can Do to Hasten It).” It never said the word maximalism but used many of the same arguments and logic that maximalists would later adopt. In November of that year, Vitalik Buterin wrote perhaps the first article explaining its origin and then-usage. Subsequently, there are about a million twitter threads (in English alone) that use it in some form or fashion.
In general, its original usage was similar to how “maximalism” is used in politics, economics, sports, and other areas of human competition, with connotation similar to dominance or hegemony.
What did Bitcoin maximalism – or any coin maximalism – mean? In short, it meant that Bitcoin (or some specific coin) – for a variety of reasons – was the Highlander coin, the one coin to rule them all. And that the rest were pretenders to the throne, predestined to fail or at a minimum be a far distant number two. Uni-coin maximalism.
This all sounds silly and cultish and it truly is. Especially the “predestined” element.
Why? Because cryptocurrencies fundamentally rely on blockchains, and blockchains are run by machines that are maintained by humans. Hence the term: Soylent Blockchains. Blockchains come and go, there are hundreds of dead coins that failed for one reason or the other. Thus empirically we know that claiming a priori, one specific chain will dominate (or fail), is both fallacious and a fools errand. There is nothing mystical or supernatural about cyber coins and their underlying infrastructure. That is not to say that all chains are going to fail or that all chains have the potential to become widely used. There is a lot of middle ground in the spectrum between all dead and a popular meme coin.
But back to the topic at hand: coin tribes. Note: it bears mentioning that “tribe” itself is a centuries old term, the etymology dating back to medieval France and Roman times.
By mid-2017, mania surrounding initial coin offerings (ICOs) throttled up, resulting in not just large public capital raises, but also unadulterated tribalism. Us versus them attitudes reached fever pitch in late 2017 with dozens of coins hitting all-time highs in market value. Bitcoin peaked at just under $20,000 on December 17th.
During this time, promoters and advocates of uni-coin maximalism started exploring new ways to segment other tribes. Often this involved smearing one or more coins, loudly, repeatedly calling someone or some project fraudulent or scams. Paying for twitter bots to brigade threads with nonsense or defamatory claims or both. FUD, inglorious FUD.
Arguably the worst offender was the attempt to segment specific clusters of people who held similar views into arbitrary categories that were at a minimum, demeaning pejoratives.
For instance, below is the original definition of “nocoiner”:
It is baffling that anyone would write this but we (probably) know who co-created it: Pierre Rochard and Elaine Ou, both prominent Bitcoin maximalists. Rochard is the co-founder of the Nakamoto Institute (now at Kraken) and Ou was the co-founder of Sand Hill Exchange, which was sued and shut down by the SEC.
In reading this definition it is unclear why anyone would actively want to self-identify as a “nocoiner.” Yet, it is clear by how the original authors and their close circle of friends used it: not as a term of endearment. 1 On panels, podcasts, news articles: the overtones were understood and explicitly baked into demeaning attacks up through the present day.
Care to engage and object to this definition and its intent? Ou states in her “Reject Nocoiner Orthodoxy” to “never engage a nocoiner.” Michael Goldstein, the other remaining co-founder of the Nakamoto Institute goes into further detail about the various categories (pre-coiner, nocoiner, bitcoiner, etc.) in a 2019 podcast. What is a pre-coiner? Someone who has not yet bought a coin (specifically bitcoin) but who is not a “hysterical loser” nocoiner. Rochard’s numerous interviews leave nothing to the imagination about what the intended connotation we are supposed to conjure up with these categories. Together they laid the foundation for other maximalists not just in the US — see this talk from last year — but also abroad.
Fun fact: the very first time I was called a dirty, filthy “nocoiner” was by a venture capitalist on WeChat, and it came in floods on Twitter immediately thereafter. December 2017 is an amazingly cherished month in this household!
Obviously people are free to identify how they see fit. However, it is worth reconsidering adopting terms with connotations that at the very least were originally crafted to be a hateful pejorative, a slur. And handwaving away its origins, perhaps because you have adopted it as your own identity, does not memoryhole its ill intent.
I used to write a newsletter that chronicled this behavior, perhaps at some point I will get a chance to post some of the doozies.
Is that all the major maximalists?
Oddly enough, although they often fashion themselves as “nocoiners,” a group of anti-coiners exists. Unlike the pejorative nocoiner, anti-coin maximalism can be described thusly: utilizing deduction alone, anti-coin maximalists are individuals who are against the existence of cryptocurrencies (or tokens) without any exception. Follow this group on social media and you will see many of the same set of manners and memes that coin maximalists often deploy.
Are anti-coin maximalists inherently right or wrong? Hitchens’ Razor states: “What can be asserted without evidence can also be dismissed without evidence.”
This cuts both ways: for coin promoters who claim that coin X is the best and the rest are rubbish – without providing evidence – this is just polemical and can be discarded. Similarly, a priori dismissing all crypto projects as scams – without providing evidence of each project – can be dismissed. The burden of proof is clear: the onus is on the party making a positive claim, that is how prosecutors must operate in court.
Why are not all cryptocurrency / tokenization / blockchain projects a scam?
As mentioned in Section 5 in the previous post:
This is a non sequitur though because law enforcement, regulators, and courts in multiple different jurisdictions repeatedly state that the burden of proof rests with the prosecution and must involve “facts and circumstances.”
Philosophically it is also a fallacy of composition. Enterprises big and small often use public key cryptography, append-only databases, and synchronizing distributed systems for day-to-day operations. These are the key pieces of a blockchain, so which part is fraudulent or a scam exactly? Is all tokenization a scam? Is PBFT a scam? Is Onyx a scam? Is Allianz’s project a scam? Is geth a scam? Is Tendermint a scam? Maybe they all are, but the onus rests on those making the positive claim, in this case: the anti-coiners. Continually throwing the baby with the bath water seems like an intellectually dishonest raison d’être.
The attempts at disparage tokenization includes lazily lumping all blockchains — whether they are permissioned or permissionless, or use Proof-of-Work or Proof-of-Stake — altogether as an amorphous blob. One example of rhetoric-filled declarations is that all blockchain usage will lead to the melting of glaciers. Actually it is proof-of-work chains that could eventually lead to this negative externality and unfair (and dishonest) to lump alternative Sybil resistant mechanisms in with the PoW albatross.
But it is too hard to filter through the noise to find a (semi) legitimate protocol!
Yea, it can be unforgiving work. But that is the only intellectually honest way to go about providing analysis or drawing conclusions. Contrary to the memes, harassing blockchain developers or researchers on the bird app is not a perfect substitute for writing a facts-and-circumstances-based case. It is probably not a coincidence that several of the loudest anti-coin voices today seem to have no idea what the history or lineage of tokenization is (hint: it didn’t start with Cryptokitties). Ignorance is a badge of honor!
Disagree? Still hate any and all coins? That is fine but simply disliking tokenization or blockchains because everyone you have encountered turned out to be a scam, does not automatically make all of them scams. If you think you have a good case for why each one undoubtedly is, write it up, and submit it to a three or four letter agency. I am sure they would love to have the ultimate case against all coins to use as a trump card for their next case.
Or as the old law adage goes: if you have the facts on your side, pound the facts; if you have the law on your side, pound the law; if you have neither the facts nor the law, pound the table.
Still disagree? HFSP! Kidding, kidding. It would take pages to write but worth subscribing to LedgerInsights who cover all of the enterprises and institutions attempting to incorporate blockchains and tokenization into their trade lifecycles. The DTCC are clearly scammers!
What is the main takeaway Tim?
Just like sportsball or e-gaming, it is really easy to get caught up in tribes, in us versus them mentality. And for a slew of reasons, social media amplifies the emotions and strong views that seem tightly wed to the coin world. It is not super fun but it is possible to be tribeless, to take a nuanced approach at filtering projects, protocols, and other digitalization efforts. Maybe try out anti-maximalism maximalism for the next few years! And at the very least, try not to throw the baby out with the bathwater.
Send to Kindle
[Note: The views expressed below are solely my own and do not necessarily represent the views of my employer or any organization I advise.]
Stop: if you are looking for a single article to discuss price action and trading activity, I can recommend Kevin Zhou’s latest “State of the Market” from Galois Capital.
Below is my own belated, very short reflection on the past year:
(1) Back in early 2019, a reporter quoted my (critical) take regarding a high yield product from BlockFi. The genesis of that conversation started from a Twitter thread in which I was told by multiple responders that the marketed (high) yield was legit and to DYOR! I had, in fact, asked around prior to publicly commenting on this product and learned that BlockFi was reinvesting deposits into other coins and tokens. Not scandalous but not really transparent either.
Fast forward three years later: BlockFi was sued by and settled with the SEC and several US states (coordinated via the NASAA). This is not an endorsement of the settlement terms (or settlement process) rather this is a reminder that prominent coin promoters on Twitter — although paper rich — are sometimes substantively and materially wrong. In this case, BlockFi followed the path of Robinhood who in December 2018 announced with much fanfare a purported 3% yield produce that marketed as being insured by SIPC… only to have to backtrack completely after the CEO of SIPC said this claim was spurious.
Clearly I am a huge fan of low-yield boomer products! HFSP!
(2) One of my most widely cited articles happened to be on a topic that has been near and dear to myself and past and present clients: collateral-backed pegged coins. Or as I fashioned some of them: parasitic stablecoins. Parasitic because they asymmetrically rely on external financial and legal systems and infrastructure, like Fedwire and US courts.
Strangely, parts of the industry not only became vocal advocates of intermedization (commercial banks) but have spent millions donating to political incumbents (plus candidates) and lobbying organizations to sway public opinion away from options such as retail-accessible central bank accounts (e.g., FedAccounts). Why is this strange? Because the ill-fated STABLE Act, which was demonized by some coinbros, specifically provided legislators and regulators with the ability to create Narrow Bank-like entities which would be more appropriate for stablecoin issuers (versus the more onerous state banking charter).
What has happened since?
In October the BIS and IOSCO — the same two entities who drafted the industry standard PFMIs — released a consultation paper covering many of the same systemic risks (and more!) that I and others had previously identified with the rise of some pegged coins. The following month, the President’s Working Group published its own report on stablecoins.
And in the past month alone, three separate papers from Federal Reserve affiliated entities have published research reports on central bank digital currencies (CBDCs) as well as pegged coins:
In mid-February, the grand daddy of all systemic risk-focused regulators – the Financial Stability Board – released its own paper that analyzed the risks to financial stability.
And that is just a hand pruned set of papers, there is even more if we wade beyond regulatory circles.
My informed nuanced views can be found on the bird app. In short: in the digital era, why should commercial banks alone be granted the privilege of having access to public money, central bank money? For instance, the Bank of England, is once again allowing non-banks to have access to a master account. Why shouldn’t this access be fully liberalized allowing retail consumers to bypass commercial banks, allowing users to go straight to the source instead of dealing with intermediaries that introduce credit and liquidity risks?
One of my colleagues put it this way: the pro-intermedization argument is a bit contradictory. To be consistent, the anti-CBDC / anti-CBDA argument would conclude that we should not have central bank money at all (nada M0). Once you introduce central bank money, you end up either arguing for a system where everyone must hold money in the private sector liabilities of a privileged cartel that can have an account at the central bank, or you argue that everyone can do that, which drives commercial banks out of business and all money is a public sector produced good.
Access to a master account is arguably not arbitrary, rather it is deliberate and for a set of reasons: namely preservation of a monetary order where money and credit originate in private banks. Allow narrow banks and stablecoin issuers that same access, let them hold all their reserves in central bank money, then our current monetary order may transform into something where banks go out of business and credit originates outside the banking sector. Bankers and many economists think that is a bad thing, others think it might be a very good thing. Either way, the stakes and implications are very high which is one of the reasons why TNB has not been approved a master account.
What does this have to do with the “Overton window” today?
In the short and medium run, collateral-backed pegged coins will continue to thrive and grow, probably without even having to whitelist specific addresses (dapps). Putting aside the tactics in self-preservation, their products are sticky, provide utility to a wide range of users, and do illustrate the desirability of having a reliable on-chain settlement asset that enables some of the use cases that traditional finance has been experimenting with for 6+ years.
Separately, it is interesting to see the algorithmic stablecoin market evolve and grow, with both UST and Frax experimenting on two different approaches. But that is a topic for another day.
(3) Perhaps the funniest and saddest time waster last year was having to deal with two separate camps on the same day: coin promoters and anti-coin promoters.
About two weeks after I announced I had conjured up a protocol idea – the Tau Protocol – one of the projects that attempted to implement it (BTCST) put my face on a banner that included a widely despised blockchain (Tron). I am frequently invited to speak at events, podcasts, and even TV and for the most part, don’t see the harm in speaking to a wide range of audiences… including religious maximalists or token aficionados.
Often conference organizers will include an headshot or simply scrape the internet for an older image. In this case, I answered two questions at a public AMA in the Tron telegram room and within hours was treated as public enemy number one. I did not create BTCST, I did not even chat in their own TG room, all I offered was assistance in implementing a protocol that utilized their “hashrate token.” I didn’t hack an exchange, I didn’t promote a specific coin (there is no Tau token), I didn’t advocate forcing a country to adopt a specific coin as legal tender. In fact, if you look at the actual short Tau paper, it was purposefully bland on implementation details or possible collaborations — no project was mentioned.
Alas several vocal coin promoters who handsomely profited off of ICO mania in 2017 did not bother to look at the separate parties (Tau, BTCST, Tron) and instead disingenuously lumped them altogether. Simultaneously a group of anti-coin promoters took to the bird app to echo the same defamatory comments. None seemed actually interested in actually looking at the moving parts. How do I know? Because they would have realized that BTCST (not Tau) was created by a team of Chinese miners who formally, publicly partnered with ~5 other large mining farms to create a “hashrate token” on BSC via Binance Launchpad (Poolin, the largest mining pool in the world, and a few other PoW mining outfits have launched similar projects).
So if I truly was the creator of BTCST (which both groups implicitly claimed) then I have some highly undermarketed technical capabilities: (1) I have stealthily been mining and working with global miners all while censuring PoW mining; (2) I somehow designed and got a new coin listed on a major exchange after just a couple months of ideation. Neither is true but don’t let the truth get in the way of an angry clickbait narrative. It’s pretty obvious what the goal and agenda that these groups have based on how they continue to portray the Tau idea to this day. Thanks for the snitch tags!
Unfortunately my family and I caught Covid at the tail end of March and I ended up in the hospital for a couple of days. Pushing back on these fact-free missives was clearly the top priority! What should have been an interesting project – to help beta test a path for PoW miners to move over to a proof-of-stake chain (BSC) – got purposefully butchered by two different sects bent on manufacturing narratives that fit their ideology. RIP Tau v1.
Want more details? Scroll on down to the Interviews section in the previous post, I said as much in three different interviews on this topic.
(4) Speaking of agendas and shifting narratives. In 2014-2017, proto-PoW maximalists insisted that mining does not use that much electricity or semiconductor resources. Then after the 2017 bubble the narrative shifted to whataboutisms: so what if a single chain that is infrequently used for actual payments consumes the energy footprint of a medium-sized country, whatabout this completely other unrelated industry that in aggregate wastes energy but totally is not involved in payments and actually contributes to socially useful products. Whatabout this! Or that! Whatabout pop muzik!
Spurred by political patronage, and friends like Uncle Musk, over the past year PoW maximalists have attempted to deflect additional criticism by spuriously claiming that:
(a) Bitcoin mining is good for grids because they absorb otherwise extraneous energy without concurrently recognizing the multitudinal other socially useful activities that could use that same energy
(b) hash-generating equipment are like batteries, nouveau batteries… that only consume and never re-emit because nothing is actually stored
(c) Bitcoin mining incentivizes construction of (renewable) energy infrastructure, projects that could have otherwise not been constructed in the first place due to decarbonization and that likely crowd out other productive uses (e.g., opportunity costs)
(d) Bitcoin mining incentivizes oil & gas producers to… use natural gas to power hashing equipment that would have otherwise been immediately flare; slight delayed usage and emission is obviously cutting-edge science guys! Make Flaring Great Again!
Actually, it’s nearly impossible to keep track of the stream of outrageous claims that PoW maximalists and their sycophantic armies are pumping out on a daily basis. This includes dredging up the lamest anti-proof-of-stake arguments that have been debunked for over half a decade. They are using privatized gains in dubious locales to conduct a multi-pronged information war that includes direct government subsidies, tax breaks, and even outright regulatory capture in several countries. Attempting to fact-check all of the nonsense and propaganda runs into Brandolini’s law. I have got other things to do but hopefully I’ll be able to set aside some time this summer to publish an irregular update on this topic.
(5) Tether Truthers and anti-tokenization armies unite. What started as a legitimate analysis of reserve composition and executive backgrounds has morphed into a new cult-like entity: USDTQ. Complete with “teThEr is a fRaUd!” capitalization bots, anonymous reply guys, and innuendo-laden podcasts all echoing the same mantras.
For background: while not the first, I was one of the earliest analysts to question the composition and business model of Tether LTD (and its relationship Bitfinex). Likewise, reporters Matt Leising and Nathaniel Popper coverage on this topic predate nearly all of the current crop of Johnny-come-lately’s who arrived just in time to add their very strident views that largely recycle what Leising and Popper already gathered (FT reporting is perhaps the exception to this morass).
The gumshoeing ultimately culminated when the New York Attorney General and the CFTC announced settlements last year with Tether LTD that included findings, such as the fact that during large portions of the time frames investigated, USDT was not fully backed or collateralized as advertised. And the executive team knew that and repeatedly lied to the public.
Instead doing a victory lap and riding into the sunset with a solid “W,” a side group of the USDTQ group doubled-down on every possible avenue of corruption real or imagined. Yet in lieu of providing evidence for cabals, we were presented with innuendos layered on innuendos. At least a half dozen predictions by prominent self-identified members were made last year and passed without occurring, including: the collapse of USDT, collapse of major centralized exchanges, collapse of the NFT market, collapse of Bitcoin, imminent arrest of Tether LTD executives and so forth.
Where’s the accountability for such bold claims? Despite predictions that have come and gone, why are they perceived as having credibility? I made a public bet with Spencer Macdonald (aka Bitfinexed) about a specific scenario he regularly claims is just around the corner. The deadline for the wager arrives at the end in January 2023. Maybe it happens, then I’ll obviously eat crow.
Yet the ultimate indication that this group is more interested in LARPing as researchers for bird app engagement and uninterested in providing evidence for their hunches: Hindenburg Research – an activist short-selling focused firm – offered a bounty of up to $1 million for information on Tether LTD. With their raucous confidence you would think that USDTQ participants would be rushing to the front of the line with detailed exposes. Easy money! Yet it is likely none of them have. Why is that? I’ve got a conspiracy theory about their grift, subscribe to my newsletter today!
The missing nuance here is that: based on information provided by the NYAG and CFTC between 2016-2018, Tether LTD and its then-executive team were lying to investors and users about the reserve composition and solvency of the organization. Yet none of the prominent Tether Truthers knows 100% for sure if Tether LTD is currently operating fraudulently. Maybe they are. If so, would be an easy fine for the CFTC and NY AG to collect since Tether LTD and Bitfinex are on the hook for meeting regular reporting requirements the next couple of years. Whistleblower forms are right here.
What does this have to do with anti-tokenization hysteria?
Coincidentally, some of the key USDTQ folks have morphed into a priori anti-blockchainers. That’s to say, by default any type of tokenization (NFTs!) or cryptocurrency or blockchain-project is either a scam or the people promoting them are deluded, or both. Nuance is thrown out the door.
This is a non sequitur though because law enforcement, regulators, and courts in multiple different jurisdictions repeatedly state that the burden of proof rests with the prosecution and must involve “facts and circumstances.”
Philosophically it is also a fallacy of composition. Enterprises big and small often use public key cryptography, append-only databases, and synchronizing distributed systems for day-to-day operations. These are the key pieces of a blockchain, so which part is fraudulent or a scam exactly? Is all tokenization a scam? Is PBFT a scam? Is Onyx a scam? Is Allianz’s project a scam? Is geth a scam? Is Tendermint a scam? Maybe they all are, but the onus rests on those making the positive claim, in this case: the anti-coiners. Continually throwing the baby with the bath water seems like an intellectually dishonest raison d’être.
The attempts at disparage tokenization includes lazily lumping all blockchains — whether they are permissioned or permissionless, or use Proof-of-Work or Proof-of-Stake — altogether as an amorphous blob. One example of rhetoric-filled declarations is that all blockchain usage will lead to the melting of glaciers. Actually it is proof-of-work chains that could eventually lead to this negative externality and unfair (and dishonest) to lump alternative Sybil resistant mechanisms in with the PoW albatross.
More to the point, attempts to tokenize wares — such as off-chain assets — predates the current NFT craze that arguably started with Spells of Genesis and Rare Pepes, both launched on Counterparty a couple of years before Cryptokitties and the existence of the ERC 721 standard.
Wait, something came before SoG and Pepes? The multiple groups that attempted to implement “colored” coins in late 2012-2014 followed by Mastercoin in 2014-2015 ran into a variety of hurdles worthy of a small book.
A couple of the lessons learned in previous tokenization attempts:
(1) the lack of widely used neutral protocol standard (e.g., 721, 1155) plagued not just trade lifecycles on public chains but also permissioned projects (and that doesn’t delve into non-technical constraints: what happens to a tokenized financial instrument as it goes between chains managed by different consortia domiciled in different jurisdictions?).
(2) intense difficulty to fuse hooks into off-chain items, especially those in the real world. Some lawyers think the latter – especially as it relates to DAOs – should be verboten because it opens up participants to an exogenous legal systems (and liabilities).
Attempting to engage in public, non-Twitter debate on these merits and demerits often meets with deafening silence, because just like Bitcoin maximalism in 2014-present day, anti-tokenization appears to be a feelings based movement driven by performative theatrics. Disagree? Let’s do a Zoom debate at your leisure!
(6) Predictions! I’ve made them in the past. Some turned out to be pretty good (look at the NFT remark!) and others not so on the mark (a couple of Bitcoin Core developers have faced civil lawsuits but nothing BSA or RICO-related). Here are my latest for 2022.
One prediction that didn’t make it into that thread: decentralized derivatives. Despite a cornucopia of well-funded players and mature products on centralized exchanges, this is where you will probably see the largest on-chain trader-led growth the next couple of years.
Why? Part of it is the inevitable desire to replicate traditional finance products and compress trade lifecycles through post-trade automation on-chain. But increasingly likely, the barriers to entry are lower for new products in part because creators do not have to jump through the expensive and time consuming gatekeeping process. Hint: the $75 annual membership to ISDA isn’t the expensive part! In addition to the Injective’s, Mango’s, and dYdX’s of the world, and non-blockchain-projects like Kalshi are worth keeping any eye on. Be sure to read Delphi’s comprehensive market research from last year too.
One addition to a prediction in that thread: tokenized projects on public chains (e.g., art-related NFTs) will increasingly attempt to store digital assets (e.g., SVG art) on-chain such that the only off-chain involvement are trading venues (CEXs). Several NFT projects have spearheaded that effort last year including Chain Runners, Anonymice, and OnChainMonkey.
Why is this important? Party because of IP claims and disputes which have arisen (e.g., after you mint an NFT and sell it, do you still have commercial rights to it?). Efforts like Mintangible are attempting to create easy-to-use NFT license agreements to protect both creators and collectors.
(7) Lastly, your moment of zen for 2021. A US-based managing partner of a US-based coin fund stating that he is betting against the US, along with a former partner of a major US-based VC fund (who was a candidate to lead the FDA and later immigrated to Singapore). The new non-aligned movement owned by a handful of coin promoters and miners, sounds like a win-win for democracy and the rule of law.
Send to KindleHere are most of the public engagements I’ve been involved with over the past year or so. Unfortunately due to parenting a toddler during the pandemic, I had to cancel all F2F invitations but hopefully the coming summer will bring a respite to virtual-only meetings.
Interviews / panels
Quoted
Cited
Presentations / guest lecture
Send to Kindle[Note: the short TAU paper is available here]
Outside of my day job (at Clearmatics) I have spent the past couple of months designing a new synthetic asset protocol that uses a rebase technique to stabilize an asset at a target level. I call it the (τ) TAU Protocol.
Frequent readers have probably seen my writings on stablecoins, mining, and DeFi- related topics. For TAU, I started the process in reverse: I knew what I wanted to stabilize but wasn’t quite sure how to get there. What do I mean?
The landscape of synthetic asset-focused projects is something I have discussed multiple times. My most recent pinned tweet was an entire paper on a specific type of stablecoin that relies on exogenous banks to provide utility.
As a thought experiment, what if instead of trying to stabilize around $1 USD, the protocol tries to stabilize an existing cryptocurrency but do so on a separate blockchain… and do so with as little manual intervention as possible. In steps rebasing.
Note: in 2014 several proposals were published on the idea of stabilizing bitcoins price with respect to the U.S. dollar:
My boss (Robert Sams) wrote a paper around the same time called “Seigniorage Shares,” which outlined a way to stabilize a PoW coin using endogenous information. The idea would later spawn a couple dozen (mostly broken) efforts now live on a couple of public chains.
One notable exception to these failures is FRAX (thus far), which uses a reserve fund partially collateralized in USDC. This is an interesting workaround.
One of the problems with rebase protocols is that once the peg declines from the 1.0 target level it can be hard to credibly move it back up: if it goes above the target the process is a bit easier, solved via inflation.
So to recap: the goal is to synthesize an asset (tAsset) and maintain its target value relative to its facsimile on a different blockchain… and to have a credible way of supporting the rebasing process. How would you go about stabilizing a tAsset in practice?
One way is to follow the model of FRAX or other (partially) collateralized stablecoins: with a fund. But setting up a fund of coins that reside on one blockchain to be used on another is hard. For instance, Bitcoin only resides on the Bitcoin network, right?
Actually over the past couple of years there have been ways to tokenize or “wrap” assets from one chain and shuttle them over to another. However, these often involve new trust models (and attack surfaces).
To-date about 1% of all mined bitcoins have been tokenized or wrapped and “transported” over to Ethereum. But to interact with WBTC on Ethereum mainnet can be expensive at times. Back in January I thought: has anyone tokenized hashrate itself onto another chain? Yes it has.
After some googling I came across a paper from Alex Zhao at BTCST. They had figured out how to tokenize hashrate onto a fairly inexpensive EVM chain (BSC). I reached out to explain what I had in mind for a new Protocol idea. And they decided to try and implement it.
Another quick reminder: a Protocol is separate from an implementation. For instance, in Ethereum the “Yellow paper” provides a neutral Protocol specification from which independent parties can build client implementations of. For TAU, I am striving to reuse a similar model.
Today, the initial Protocol idea (and paper) was announced for TAU. Next week the BTCST team will implement it live. Note: while I am currently assisting them as a protocol advisor I want to make it clear that this isn’t my day job and that others can build implementations.
Lastly, I have some additional ideas for how to expand and enhance the Protocol in the future and am keen to see what kind of feedback and modifications the larger cryptocurrency community may have, especially if it includes ways to minimize manual inputs.
Send to KindleWas recently talking to a close friend who has been working on an insurance-focused technology company the past couple of years.
I gave him this list of projects and asked him how he would categorize them:
At first glance he thought there were roughly two buckets: protection against loss, theft, and smart contract failure versus DeFi insurance platforms and parametric risks. But then Nayms is a platform and marketplace so what are other nuances?
According to him, a lot of “insurance” above is really just a derivative product so in practice most of these are basically just prediction or options markets: you are betting a contract will not fail and hoping the pseudonymous claims committee rules in your favor.
A counter-argument is that all insurance is like that conceptually. But in reality, insurers try to underwrite the risk which then leads to a pricing exercise, but the prices are grounded first and foremost in risk and then market forces adjust pricing. As opposed to a pricing exercise which seems a bit divorced from the risk but mainly driven by the price action of a coin.
Other categories
What are some other projects and categories to add in the future?
For more context, I highly recommend this thread on “DeFi insurance” from Lucius Fang (who is a trained actuary).
Lastly, I reached out to Stephen Palley, a cryptocurrency-nerd / attorney who specializes in suing insurance companies. According to him:
So the big issue for me — and I am planning on doing a long form piece on this — is that people who sell insurance are subject to a maze of state level regulatory and licensing requirements that they so far have seemed happy to ignore. If/when/as this gets bigger, people will go to prison.
It’s a huge opportunity for people who want to do things the right way. But as is typical, you have a lot of people who are jumping in who don’t actually know eff all about the foundations they are building on.
Send to KindleOver the past couple of years there has been a lot of activity not just in DeFi but in the evolution of on-and-off chain platforms for trading derivatives and perpetual contracts.
Below is a non-exhaustive table that attempts to segment and differentiate who some of the major players known. It is a work in progress and likely is missing some parts. For instance, of those listed: Synthetix and uSTONKS are the only ones that track indices and Mirror (built on Terra) attempts to track real world assets. A notable company excluded from the list: FTX (a large CEX) trades tokenizes equities and indices.
| Product | Oracle | Exchange | Contract |
|---|---|---|---|
| Own Layer I | |||
| Perpetual Protocol (xDai Chain) | ChainLink | DEX | Perpetuals |
| Terra | BAND/Own | DEX | Synthetics |
| Ethereum Layer I / II | |||
| Synthetix | ChainLink | DEX | Synthetics |
| MCDEX | ChainLink | DEX | Perpetuals |
| dYdX | ChainLink | DEX | Perpetuals |
| FutureSwap | ChainLink | DEX | Perpetuals |
| UMA (uSTONKS) | Self-refer | DEX | TWAP |
| Centralised | |||
| BITFOREX | N/A | CEX | Perpetuals |
| HBDM | N/A | CEX | Perpetuals |
| Binance | N/A | CEX | Perpetuals |
| BBX (sub of OKEx) | N/A | CEX | Perpetuals |
| Huobi Futures | N/A | CEX | Perpetuals |
What is missing, what should be added, what nuances should be made?
Send to KindleBelow are list of interviews, presentations, panels and other public facing engagements I have been involved with the past couple of years. Taking care of a newborn (now toddler) during a pandemic has dampened some of the external engagement relative to prior years.
Quotes and interviews
Events, presentations, and interviews
Cited
Send to Kindle[Note: an IPFS and PDF version of this paper is available. The views expressed below are solely my own and do not necessarily represent the views of my employer or any organization I advise.]
Abstract
This paper looks at the energy consumption of seven proof-of-work-based anarchic (public) blockchains such as Bitcoin and Ethereum. By using a hashrate division method – similar to the Cambridge Bitcoin Electricity Consumption Index – a lower bound and upper bound of mining hardware are provided. Based on this method we are able to show that proof-of-work chains continue to consume resources in direct proportion to the underlying coin value. Due to the rapid increase in coin value, proof-of-work-related activities – such as semiconductor manufacturing – are once again squeezing supply chains and retail channels, crowding out socially productive goods and services from entering the marketplace.
The model identified a bounded range for energy consumption. If we took the most efficient energy consumption assumptions (the lower bounds), these seven proof-of-work chains in aggregate consume 59.3 TWh per year, or roughly the footprint of Kuwait. In most cases – such as with Bitcoin itself – the lower bound is not realistic because the necessary amount of hashing equipment (miners) for that degree of efficiency has not been manufactured. In contrast, if we took a less conservative assumption and used the upper bound these same proof-of-work chains in aggregate consume 180.1 TWh per year, or roughly the footprint of Poland or Thailand. The upper bound scenario is likely unrealistic for coins that have seen their value (measured in USD) decline or stay the same (such as Litecoin). For those that have seen rapid appreciation (such as Bitcoin), it is possible that older equipment has temporarily been reconnected.
The paper is organized into several sections. Sections 1-4 provide a foundation for understanding how traditional financial market infrastructure, such as a real-time gross settlement (RTGS) system, operates, and uses Bitcoin and Ethereum as examples of how proof-of-work-based systems inherently result in socialized losses and e-waste. Section 5 contains calculations of smaller proof-of-work networks. Section 6 is a summary of the calculations found in the preceding sections. Sections 7 and 8 briefly look at misinformation spread as memes on social media. Sections 9 and 10 look at news reports covering several large ASIC and GPU mining operations. Section 11 provides several recommendations framed as a Call to Action.
(1) Background
This paper is a sequel to our occasional series on the energy consumption of proof-of-work (PoW) cryptocurrencies such as Bitcoin.
We will get to resource consumption in the next section, but let us start in reverse order this time.
Many Bitcoin promoters conjure a future world in which the future of finance clears and/or settles on the Bitcoin blockchain, and in which that the demand for PoW generating equipment (miners) will simultaneously usher in a greener world.
Putting aside the continual greenwashing that many advocates are guilty of, some of the same promoters are unaware of how clearing and settlement occur in existing financial market infrastructure.1 Take for example, a real time gross settlement (RTGS) system such as Fedwire.
Fedwire is categorized as systemically important financial market infrastructure due to the enormous amount of value it transfers and secures.
According to (Bilger 2020):
In 2018, Fedwire executed 158 million transfers with an aggregate value of $716 trillion (Federal Reserve, 2019). While many of the fund transfers executed by Fedwire were of small value, the average value per transfer in 2018 was $4.5 million.
Bureau of Economic Analysis (2019) estimated that 2018 total gross domestic product (GDP) was $20.5 trillion (para. 12). Fedwire may be viewed as a kind of force multiplier for the American economy by processing annual banking payments at 35 times the country’s GDP. Further evidence of Fedwire’s role promoting the efficiency of American financial markets can be seen by considering Fedwire payments against the aggregate value of all deposits at U.S. lending institutions – $12.6 trillion in March of 2019 (Federal Reserve Bank of St. Louis, 2019). Fedwire payments for the previous year were 57 times this figure.
We have discussed these types of large aggregates before in the past. For instance, a December 2015 paper from the Federal Reserve Board pointed out that, in the aggregate, U.S. payment, clearing and settlement systems process approximately 600 million transactions per day, valued at over $12.6 trillion.
Per day!
When we mention these large, socially significant aggregates in conversations and debates at cryptocurrency-related conferences and events, many promoters are at a loss for words because they are unaware of these post-trade processes.
Another group – typically self-deputized coinfluencers – will proclaim that Bitcoin can move and secure the same value if not more, via metaphors.
The container ship fetish is a sleight-of-hand trick because Bitcoin versus a RTGS is not even a false dichotomy.
Why?
Simply: the Bitcoin blockchain only transfers and secures bitcoins. It does not move actual money like Fedwire does.2 In point of fact, all ramps into and out of the Bitcoin network necessarily involves connections and hooks into traditional financial infrastructure. Bitcoin is co-dependent on traditional finance, not the other way around. In other words, Fedwire can (and does) live without Bitcoin but Bitcoin intermediaries cannot live without Fedwire or other RTGS systems.
A tangentially related argument is that Bitcoin transactions are structured to move blocks of data that can include additional information beyond bitcoin itself: even if a single coin is a ‘container ship,’ Bitcoin structurally has more capacity or flexibility than traditional networks.
The problem with this argument is that it is entirely possible to do that with a non-proof-of-work system as well. In fact, a blockchain may not be necessary at all. The fact the U.S., or international co-ops like SWIFT, set up its payments system to move around specific types of (messaging) data was a generational choice but not a permanent design constraint. In other words, a PoW-based network architecture does not have an exclusive monopoly on richer or broader forms of data. That is a red herring when comparing the two systems.
What about “stablecoins” piggybacking on top of Bitcoin?
The ongoing growth of parasitic stablecoins (such as Tether) rely on reliable banking access, specifically dollars cleared by the New York Federal Reserve. Not to mention all the new traditional-style institutions and intermediaries hooking into Bitcoin for custody and trading. Don’t like old, monocle-wearing trusted third parties? Here are newer, hoodie-wearing trusted third parties to hold your coins!
More to the point, the majority of Bitcoin transactions today are simply bitcoins moving from one known intermediary to another, typically between coin exchanges for speculative purposes. If most of the endpoints and miners are self-doxxed then there is no longer a Sybil attack problem, removing the raison d’etre for proof-of-work.
How can we visualize this?
The monthly line chart (above) shows the USD value of bitcoins received by merchant services during the four year period (January 2017 – December 2020). Merchant services include processors such as BitPay, whom we have written about many times.3
Despite oodles of free marketing that bitcoin has received, payment-related activity is still lower than during the 2017 bubble. By some measures it is a zombie chain because Bitcoin users do not spend volatile chainletter earnings. Or more precisely, merchant processors handled less than $4 billion of bitcoin last year.
What is another key difference between an RTGS and proof-of-work chain such as Bitcoin?
Settlement finality.4
We have discussed this multiple times but it bears repeating: proof-of-work chains – by design – allow mining participants to fork or reorganize the chain. Block making is permissionless. Now in practice, this does not frequently happen because the cost to acquire hash-generating equipment needed to successfully double-spend or reorg a chain is often quite prohibitive.
Either way, all a proof-of-work chain can guarantee is probabilistic finality that some type of confirmation has occurred but that there is a possibility that a well-funded attacker could reverse or reorganize the chain. For example, in August 2020, Ethereum Classic was hit by three separate 51% attacks, one that was more than 7000 blocks deep.
In practice, the way some financial institutions involved in the cryptocurrency world (such as trading desks) mitigate the risk of a double-spend or reorg is requiring a certain amount of blocks confirmed (often 3-6 confirmations) before allowing users to have access to recently transferred funds.
In contrast:
Fedwire transfers are one-way, which means banks can wire funds out, but cannot debit other banks and wire funds in. Fedwire is a payment system and does not perform the traditional banking functions of managing deposits and withdrawals. It simply transfers funds between accounts within the Federal Reserve System. Once Fedwire transactions are complete, they are irrevocable.
What about the actual network infrastructure? Surely Fedwire needs millions of hash-generating machines to secure all of those transactions each day!
According to (Bilger 2020) Fedwire has around 6600 nodes, 25 which are considered “core” which also have backups in case of disruption. Critically: none of the nodes in Fedwire is purposefully consuming oodles of extra energy to generate hashes.
Why not?
Because there is no Sybil attack problem in Fedwire, there are no nyms. Anarchic chains such as Bitcoin – by design – allow pseudonyms to participate in block making. To make it expensive to double-spend or conduct a block reorganization, proof-of-work was purposefully integrated in Bitcoin so that the attacker has to expend real economic resources to succeed.
This entire kludge is negated in Fedwire because all participants are known: it is permissioned.
What does this image (above) represent?
A single day of Fedwire transactions in 2004. According to (Bilger 2020), a group of researchers isolated links and the nodes that connect them, that team was able to determine that just 66 nodes and 181 links comprised 75% of the value of daily payments. These core nodes and links are illustrated above. And as mentioned a moment ago, the inner ring of approximately 25 densely connected financial institutions is also evident.
What does this all mean?
The participating computing infrastructure for Fedwire involves between ten and twenty thousand computers, none of which need to generate SHA256 hashes. Its participants securely transfer trillions of dollars in real value each day. And most importantly: Fedwire does not take the energy footprint of Egypt or the Netherlands to do so.
As we will see below, the more than 2 million machines used in Bitcoin mining alone consume as much energy as Egypt or the Netherlands consumes each year. And they do so while simultaneously only securing a relatively small amount of payments less than $4 billion last year.
In other words, Bitcoin currently uses about three orders of magnitude more computing machinery than Fedwire yet processes and secures significantly less.5 It is monumentally less efficient per watt on purpose.
Remember, the original purpose of Bitcoin was to enable P2P payments between unknown participants without intermediaries. Today, it has metastasized into a network that is primarily used for speculators to trade various coins and rarely used for actual payments. 6 And it involves a vestigial PoW infrastructure whose participants are identifiable because nearly all of the miners and major endpoints are self-doxxed.
This oxymoronic phenomenon — a resource intensive permissioned-on-permissionless infrastructure — has led to Ray Dillinger – one of the first Bitcoin users – to declare Bitcoin a disaster:
Bitcoin mining has encouraged corruption (Because it’s often done using electricity which is effectively stolen from taxpayers with the help of government officials), wasted enormous resources of energy, fostered botnets, centralized mining activity in a country where centralization means it’s effectively owned by exactly the kind of government most people thought they *DIDN’T* want looking up their butts and where the people who that government allows to “own” this whole business work together as a cartel.
There’s a pretense of monitoring the network to guard against a 51% attack, but to me it seems pretty clear that what they’re guarding against is merely the mistake of the cartel failing to give the latest warehouse full of miners a distinct network identity. The whole idea of proof-of-work mining is broken the instant hardware comes out which is specialized for mining and useless for general computation because at that point the need to have compute power for other purposes is absolutely irrelevant in having any effect on mining, and there ceases to be any force that causes mining to be distributed around the world. It becomes a “race to the bottom” to find where people can get the cheapest electricity, and then mining anywhere else – anywhere the government tries to make sure ordinary people actually get the benefit from electricity bought for tax money, for example – becomes first pointless, then a net loss.
We interviewed Dillinger a couple of years ago. Be sure to check it out.
Nornickel is a Russian mining and smelting corporation. Last year a series of news articles described how BitCluster, a Russian cryptocurrency mining company, was building a mining farm above the Arctic Circle in Norilsk. It chose this location in part because of the natural ambient cooling and in part to re-use land from a closed nickel smelting plant. The farm will utilize a local coal power plant to generate 11.2 MWh to power bitcoin miners.
The next several sections will dive into the energy consumption of the largest proof-of-work chains, including Bitcoin. As we will show, PoW chains are the equivalent of adding an undead country – a zombie chain – to the power grid: one that consumes energy and produces little beyond emissions.
If you are an asset manager considering whether or not to include proof-of-work coins in your portfolio – and have an ESG mandate – or a policymaker considering whether or not to encourage the proliferation of these types of coins in your jurisdiction, it is pretty clear that PoW coins such as Bitcoin are an ESG nightmare and not a suitable fit. If and when some (or all) of these coins transition to proof-of-stake is beyond the scope of this article.
(2) Bitcoin
There are multiple ways to estimate how much energy and how many resources (mining equipment, physical plant) are used generating hashes for a PoW chain.
One involves surveying miners and mining pools, and hoping they provide accurate self-reported information. Another method involves a bit of detective work, physically visiting locations or obtaining purchase order documents from mining manufacturers. However, this makes it hard to ascertain how much second hand equipment is being re-used.
For example, Bitcoin has a carbon footprint comparable to that of New Zealand, producing 36.95 megatons of CO2 annually, according to Digiconomist’s Bitcoin Energy Consumption Index (BECI). According to this tool, Bitcoin consumes as much power as Chile — around 77.82 TWh.
The Cambridge Bitcoin Electricity Consumption Index (BECI), a separate tool from researchers at Cambridge University, shows a much larger figure of 121.88 TWh — more than the entire annual energy consumption of the Netherlands.
There is one more simple method that everyone can do at home on their own computer. One that can create lower and upper bounds with a high degree of confidence. This is the hashrate division method which we have used multiple times in the past.
The way this works is by taking the publicly known hashrate of a network and dividing it by common hashing (mining) equipment metrics.
For example, on December 30, 2020, the Bitcoin network hashrate momentarily spiked to a record high 178.6 EH/s. That is exahashes per second (an exahash is one million terahashes).
How can we derive aggregate energy usage from this singular number?
Last May, Bitmain began shipping its Antminer S19 Pro. There is a bit of public information on how much each of these hashing units consumes and performs.
On paper a single S19 Pro generates a maximum hashrate of 110TH/s or terahashes per second with a power consumption of 3250 watts.
If the entire Bitcoin network were solely comprised of S19 Pro’s (which it is not), it would consist of around 1.624 million hashing machines consuming 46.2 TWh in a year. According to estimates from the EIA, that is about as much as Portugal or Singapore consumes each year. This is a likely lower bound for how much energy is being used.
But wait, where does the Egypt number come from?
Recall that the S19 Pro is basically the most efficient, mass produced machine available today. Due to variance (the inhomogeneous Poisson process), the network hashrate varies day to day. In the process of writing this article it has gone from as low as 140 EH/s to the spike mentioned above.
Due to the rapid increase in Bitcoin’s price over the last few months — because hashrate follows coin value — over the next several months it is likely that the hashrate will continue to grow as purchase orders are fulfilled and hit 200 EH/s by the end of this summer. This is why manufacturers like Bitmain are crushing it, with $327 million in cash holdings as of last month.
In practice, the network is not comprised of 1.6 million S19 Pro’s because Bitmain has not even produced half a million of them.
To get a more accurate figure we must look at older, but more common systems that are still running.
For instance, the Antminer S17e system can churn out 64TH/s running at around 2880 watts. If the entire network was comprised of S17e systems there would be about 2.8 million machines involved.
That’s about 70.4 TWh in a year. Which is about as much energy as Colombia or Bangladesh use.
But that is still not the upper bound.
Enter the older, but reliable Antminer S9i first released in May 2018 which can churn out 14 TH/s and consumes 1320 watts.
If the whole network was using S9i’s, then there would be about 12.8 million of these machines churning out hashes.
In a year these would consume 147.5 TWh or roughly the same amount of energy that Malaysia or Egypt use each year (this is larger than either Chile or the Netherlands).
While there are probably botnets trying to use CPUs or GPUs to mine bitcoin, the amount of hashrate generated by them is likely marginal. Thus the S9i approximation is probably the upper bound.
Manufacturers such as Bitmain, MicroBT, or Canaan will eventually reveal how many systems they have sold which will give us some better refinement on the lower bound, the minimum amount of machines being used.
But it is clear that the spectrum is at a bare minimum Portugal and likely closer to Malaysia or Egypt, especially with so many people and companies trying to bring on older systems right now. This would put Bitcoin around the 27th largest ‘country’ by energy consumption.
Is the hashrate division method a better estimate than the Cambridge or Digiconomist BECI models?
They both have their tradeoffs. The Digiconomist model is inherently more conservative because it is based on miners’ income, whereas the Cambridge model uses a similar framework as the hashrate division method, starting with mining hardware that is available.
In any case, it is clear that while the energy consumption is somewhere between the Netherlands and Egypt, there is not an equivalent economic gain to the same degree.
Another way to say this is that: historically as a country develops it produces more economic output per unit of energy input, getting more output with less input. For example, U.S. energy consumption has been relatively flat since 2000 yet its GDP has more than doubled over the same period. Likewise following reunification, Germany’s GDP growth rapidly outpaced energy consumption.
But the opposite occurs with Bitcoin and other PoW coins. The more valuable a PoW coin becomes, the more energy is used to extract (mine) it. We have written about this phenomenon before, in which the marginal cost to mine eventually equals the marginal value of the coin (MC=MV).7
As a result, PoW is clearly not something a fund with an ESG mandate should want to be involved in.
(3) Socialized losses and e-waste
Speaking of older systems, because these hash generating systems are single use ASICs (i.e., they can only do one specific thing: generate SHA256 hashes), they are often discarded in a time frame of 18-24 months. Some parts are salvaged and reused – such as the power supplies – and sometimes a new buyer is willing to acquire used machines second hand (as in the case of North Korean coin miners).
One estimate is that around half of all data center energy usage is now tied to Bitcoin mining. In fact, the energy consumption of Bitcoin is more than the combined energy use of Amazon, Google, Microsoft, Facebook, and Apple. And the e-waste that is generated annually from discarded mining equipment is roughly equivalent to what Luxembourg throws in the trash each year.
This also does not include the socialized costs – and privatized gains – that miners place on specific geographies due to the type of energy used in generating the hashes.
Below are several recent examples:
Why? Because state-run facilities are regularly targeted by electricity thieves:8
Beginning with the 2017 “crypto boom,” Rosseti started noticing abnormal jumps in electricity consumption in numerous Russian regions. The firm identified unauthorized cryptocurrency mining farms and estimated the damage to be over 718 million rubles—about $9.5 million—a significant part of which has already recovered through court procedures.
The “black” miners are known to do more than just tap into power lines. Illegal Bitcoin operations actually build their own transformer stations.
This is by no means an exhaustive set of sources on the topic. The examples serve to reinforce how PoW mining can be a one-way wealth extraction (privatizing gains) whilst externalizing environmental costs.
(4) Ethereum
Like Bitcoin, the past month has seen Ethereum (ETH) hit several new record prices. Unsurprisingly this has also led to a new record in hashrate, at over 360,000 GH/s.
In December 2020, a mining manufacturer in China, Linzhi, revealed an early demonstration of its new Phoenix mining machine via F2Pool. According to the demo, the Phoenix could generate 2,600 MH/s and consume 3,000 watts. It has not shipped any to the retail market and it is unclear when it might.
In contrast, the most efficient ASIC mining system on the market today (for Ethash) is the InnoSilicon A10+ Pro. A single A10+ Pro can generate 500 MH/s and consume 1,300 watts. This is just slightly faster than the A10 which the previous article used as a baseline.
The Ethereum network hovers at over 360,000,000 MH/s per day. That is equivalent to 720,000 A10+ Pro’s.
Annually these machines would consume 8.2 TWh. That’s about as much as the Congo (DRC) or Trinidad and Tobago consume. This would probably be the lower bound.
As mentioned in the previous article, there are many mining farms that still use GPUs to mine Ethereum. So much so that it has led to a massive, publicly reported on shortage of high end cards from Nvidia and AMD.
Without any modifications, the top-of-the-line GeForce RTX 3090 can churn out 122 MH/s and consumes 350 watts. ((With some tweaking this can reportedly be increased to 150 MH/s.)) This makes it about 50% faster compared with the 3080.
A network entirely composed of 3090’s would involve 2.95 million GPUs. Altogether they would consume about 9.1 TWh per year. This is about as much as Bolivia or Panama consume annually.
As you can see, as these GPUs have closed in on the previous generation of ASIC, this has led to some speculation that GPU manufacturers such as Nvidia may once again roll out GPUs just for cryptocurrency mining (again). The last time was a major dud as Nvidia had to write-off over $57 million in hardware due to a glut in 2018.
What is an upper bound for Ethereum mining?
This is a bit harder to guesstimate compared with the upper bound for Bitcoin or Bitcoin Cash, because of the unknown factor: how many GPUs are being used. Anecdotally it appears that a lot of less efficient GPUs and older ASICs are likely being used due to the run-up in ETH.
For example, an overclocked RTX 2080 can generate 35.3 MH/s and consume 235 watts.
An entire network of overclocked 2080’s would consist of 10.2 million GPUs. These would consume about 21 TWh per year. This is about as much as Azerbaijan or Ecuador uses annually.
In the summer of 2018 it was estimated there were around 10 million GPUs churning hashes for the Ethereum network. For instance, JPR Research estimated that 3 million GPUs were sold to cryptocurrency miners in 2017. During those heady days, mining farms such as Genesis Mining, rented 747s to fly large batches of GPUs to its mining farms.
Because of the mix of older, less efficient GPUs (such as the RTX 10 series) or first generation ASICs that have been switched back on, it is likely that the network hashrate is closer to the upper bound of Ecuador than mid-range of Bolivia or Panama. This would put Ethereum around the 70th largest country by energy consumption.
Unlike many Bitcoin promoters, most Ethereum developers – and even some miners – believe that this energy footprint is temporary, pointing to an ongoing transition to proof-of-stake which started with the Beacon chain (Phase 0) launched last December. Obviously the work-in-progress towards PoS has been known since before mainnet was even launched, yet it has been a slow slog.
Despite the desire of developers to quickly sunset proof-of-work, last month we contacted Vitalik Buterin who pointed out that there is currently no EIP to switch over from PoW to PoS. Based on the roadmap at least one EIP is expected to be crafted during the year.
It also bears mentioning that Buterin – unlike Bitcoin promoters – recognizes the large aggregates of energy consumption that PoW chains account for. In an interview three years ago he explained:
“I would personally feel very unhappy if my main contribution to the world was adding Cyprus’s worth of electricity consumption to global warming.”
While “DeFi” usage and total-value-locked (TVL) has soared since the previous two articles on this topic were published, this would be an ends-justify-the-means argument. Not a fallacy per se, but also not a frequently used argument, because greenwashing is not part and parcel to the Ethereum ecosystem.
(5) Other large PoW chains
(5a) Litecoin
The fact that Litecoin is still a “Top 10” coin in 2021 should indicate how ridiculous proof-of-work coins are for society. No one really uses it for anything. Except one guy who invested more than he could afford to.
In fact, the hashrate is roughly the same today as it was two-and-a-half years ago because — as pointed out many times — hashrate follows coin price. Its most recent surges were due to PayPal adding it as an option users could buy or sell with, and an adult website (PornHub) that announced it would accept it as a form of payment.
Despite having launched several years ago, Bitmain’s Antminer L3+ is still basically the top ASIC mining unit that is used today. It generates ~500 MH/s with ~800 watts. A slightly more powerful L3++ is on the market as well.
At around 300 TH/s, there are the equivalent of about 600,000 L3+ machines generating hashes for Litecoin. In aggregate, these machines would consume 4.2 TWh per year. It would be placed around 130th, between Namibia and Cyprus.
The Antminer L3++ specifications are similar:
If only L3++’s were used, the outcome would be about the same. 9
This consumption is pretty absurd once we factor in things like how there are only a couple of active developers who basically just merge changes from Bitcoin into Litecoin. In other words, one of the largest PoW networks has very few users or developers, yet consumes the same amount of energy as Cyprus.
How is that a socially useful innovation?
(5b) Bitcoin Cash
Unlike Bitcoin, Bitcoin Cash has seen a dramatic decline in hashrate since it briefly peaked at over 5 million TH/s in 2018. In fact, it is now oscillating around 1.3 million TH/s, or half of what it was 15 months ago.
The calculations for Bitcoin Cash are very straightforward since it is just a modified version of Bitcoin.
Recall from above that a single S19 Pro generates a maximum hashrate of 110TH/s or terahashes per second with a power consumption of 3250W.
A network consisting of just Bitmain S19 Pro systems would comprise about 12,000 systems.
In a given year these would use about 336 GWh, this will serve as our lower bound.
Not counting e-waste, that would put the energy usage of Bitcoin Cash somewhere around 174th or about the same as Burundi. Despite the fact that BCH has almost doubled in value since the last article, the hashrate decline is likely due to more efficient hardware now available.
This presents a problem for potential malicious forks as an attacker could rent hardware (via NiceHash) or purchase older discarded hardware previously used for Bitcoin mining. There are disagreements as to how to prevent this but most of them involve some kind of centralized group of developers manually inserting themselves into the validation process (via block signing).
For an upper bound, let us use an S9i for approximation. Recall it churns out 14 TH/s and consumes 1320 watts. That would involve about 93,000 systems consuming 1,073 GWh placing it somewhere between Fiji and Benin at 160th place.
Unlike last update, there is relatively little economic activity beyond speculators moving coins from one intermediary to another. In fact, an economist with Chainalysis noted that Bitcoin Cash saw less merchant processor volume, about $12 million in 2020.10
Clearly on-chain payments is not the use case, even though the infrastructure exists to do so.
(5c) Monero
Unlike the previous article, it appears that the decision makers behind Monero stopped trying to fork it every six months to prevent involvement from ASICs.
At the time of this writing Monero’s hashrate is hovering near its all-time high, likely due to the fact that XMR’s price has also risen, reaching a two-and-a-half year high.11
Compared with the previous article, the hashrate has increased nearly six fold to about 2 GH/s. And it is believed that most of this hashrate is still generated by GPUs and CPUs.
There are lots of how-to guides for building a CPU-focused Monero mining system, and NiceHash even has an easy-to-use profitability calculator.
In the previous article we looked at a Vega-based GPU build, which could still work, but again, CPU mining is still typically used for Monero. Currently the top performing CPU system on Monero Benchmarks is a modified 3990X Threadripper which generates 64,000 hashes/s and sips 600 watts. Note: these are self-reported, user-submitted numbers.
If the entire network were composed of just this type of machine, there would be 31,250 systems running. They would consume 164 GWh annually. This would place it around 195th, between American Samoa and Saint Kitts and Nevis. This would be the lower bound.
For comparison, a slightly more common Ryzen 3600 generates 7,400 hashes/sec and consumes 100 watts. A network would consist of around 271,000 systems. They would consume about 237 GWh annually. This would place it around 190th between Chad and Sierra Leone.
In terms of GPUs, a RTX 3090 generates 2053 hashes/sec and consumes 350 watts. A network of these would involve 974,184 systems. Altogether they would consume about 2,987 GWh per year. This would place it around 136th, between Montenegro and Jamaica. This is not the upper bound.
As you can see, just like ASICs in sections above each older or slightly less energy efficient CPU or GPU system will incrementally increase the aggregate energy consumed.
For instance, in the previous article we looked at a 12-card Vega build, the user was able to generate 28,100 hashes/sec and consume 1920 watts. That’s about 2341 hashes per card.
That’s about 854,335 GPUs each sipping 160 watts. Altogether these consume 1,197 GWh annually. This is still not the upper bound.
What is the upper bound then?
Without knowing how many large scale (organized criminal botnet) farms there are, it would be hard to guess because of how easy and common CPU mining is, especially CPU-cycle theft. For instance, cryptojacking malware is so common today, that there is a distinct possibility that you know someone who is a victim, it might even be you. Monero is typically the top coin mined in this process. We could do an entire article on all of the variants that have come and gone.
A few months ago a manufacturer, ASICLine, claimed to be shipping a mining system that can generate hashes for Bitcoin, Litecoin, Ethereum, and Monero. Because of how inflexible ASICs are, it is unlikely that their claim is true. While we would like to be able to say for certain how much energy Monero is consuming, there is a possibility that someone has built a custom ASIC (or FPGA) which could throw off our estimate.
Based on the same electricity consumption chart as the others, we can guesstimate that Monero drinks around 1 GWh a year and would be placed somewhere definitely above Chad and probably below Montenegro.
(5d) BSV and ZEC and DOGE
There are hundreds, if not thousands, of dead PoW coins. Three proof-of-work coins that have remained in the “Top 50 as measured by USD” over the past few years are Bitcoin SV (BSV) and Zcash (ZEC) and Dogecoin (DOGE).
BSV was created (forked) by Craig Wright, an Australian who claims – without sufficient evidence – to be Satoshi Nakamoto.
Due to a lack of interest beyond a core group of his followers, BSV — as measured in USD — has declined relative to its cousins BTC and BCH. As a result, its hashrate has also declined. At the time of this writing it is just over 600 PH/s, which is a two-and-half-year low. This makes it relatively inexpensive to successfully double-spend or reorg the chain.12
If the BSV network was composed only of S19 Pro’s there would be around 5,454 systems consuming 155 GWh per year. That is about as much as America Samoa at around 200th place. This is the lower bound. An upper bound is unknown but if we re-use the S9i there would be about 43,400 of these systems consuming 502 GWh. That would put it around Andora or South Sudan, around 170th place.
There are a number of gambling-related apps that have been built around BSV, but no substantive economic analysis beyond the regular speculation that dominates in other chains.
Zcash received a lot of attention when it first launched for its privacy and confidentiality (opt-in) properties. For one reason or another, it has not seen as much market interest as Monero (despite arguably having stronger technical capabilities).
Either way, at the time of this writing Zcash’s current hashrate (6.79 GH/s) is hovering near its all-time high. That may sound like a relatively small number compared to Bitcoin or Ethereum, but it uses a hashing algorithm called Equihash, which is more difficult to generate hashes. Unlike Monero, it is primarily mined via GPUs instead of CPUs. There are a variety of online calculators and guides comparing different setups.
There are also multiple ASIC miners for ZEC available including the Antminer Z15. The Z15 churns out 420 KH/s and consumes 1,510 watts. If the entire network were comprised of these ASIC machines there would be about 1,620 of them. Altogether they would consume 21.4 GWh each year. It would rank around 215th, near the Falkland Islands and Kiribati. This would be the lower bound.
One of the slightly dated comparisons involved tweaking a Nvidia 1080 Ti. One user was able to achieve around 641 H/s at 300 watts. A network of these GPUs would comprise 1.06 million GPUs. These would consume about 2,783 GWh. That would place it around 140th, between New Caladonia and Mauritius. While there may be older GPUs and even some CPUs mining, this is probably closer to the upper bound.
What about Dogecoin?
We wrote a bit about Dogecoin in 2014 but stopped because it merge mined with Litecoin in September of that year. While it is no longer independent — as it piggybacks off of Litecoin mining — people still mine it with the same L3+ machines mentioned above (both Litecoin and Dogecoin use the same hash generating algorithm called ‘scrypt’). Despite new record highs in prices, Dogecoin’s hashrate is about 30% less than its all-time high. In fact, it is nearly identical to Litecoin’s hashrate because it uses the same farms and pools. While some have suggested that this is an efficient usage of resources (two-chains-for-the-price-of-one) it creates a top-heavy situation that in theory, makes them both less secure.
(6) Status check
With all of these numbers and calculation spread around, let us briefly collate them in an easy to view section.
If the entire Bitcoin network were solely comprised of:
If the entire Ethereum network were solely comprised of:
If the entire Litecoin network were solely comprised of:
If the entire Bitcoin Cash network were solely comprised of:
If the entire Monero network were solely comprised of:
If the entire BSV network were solely comprised of:
If the entire ZEC network were solely comprised of:
What does this all mean?
As mentioned above (and in numerous previous articles) there are hundreds if not thousands of dead or dying PoW chains.
If we took the most efficient energy consumption assumptions above (the lower bounds), these seven PoW chains consume 59.3 TWh per year. Roughly the footprint of Kuwait, around 46th place. But in most cases – such as with Bitcoin itself – the lower bound is not realistic because the necessary amount of efficient hashing equipment (miners) have not been manufactured.
In contrast, if we took a less conservative assumption and used the upper bound these same PoW chains consume 180.1 TWh per year. Roughly the footprint of Poland or Thailand, around 25th place. The upper bound scenario is likely unrealistic for coins that have seen their value (measured in USD) decline or stay the same. For those that have seen rapid appreciation (such as Bitcoin), it is possible that older equipment temporarily comes back online until newer replacements are installed.
And yet, in either scenario, these PoW networks are not also adding the equivalent GDP output of similar sized countries. Society is in effect, at a net loss.
How so?
As we have mentioned in this article and others, historically, as a country industrializes, its growth is often limited by access to energy which throttles its energy consumption. Simultaneously, as it grows and develops, it becomes more efficient per wattage of input.
For example, according to the Energy Information Agency:
In the United States, energy intensity has been declining steadily since the early 1970s and continues to decline in EIA’s long-term projection. A country’s energy intensity is usually defined as energy consumption per unit of gross domestic product (GDP). Greater efficiency and structural changes in the economy have reduced energy intensity.
Despite dozens of RTGS systems being deployed across the world, in no instance do any of them consume the footprint of a small or medium sized country to operate.
The next section will look at some of the coin promoters and how they try to whitewash this issue away.
For instance:
Only two nuclear reactors have been built in the U.S. in the past 25 years. One of the reasons why others may not be built in the future: the shale boom.
Interested in hearing the twenty-first century equivalent of “smoking is good for you”?
On with the show!
No, Bitcoin is not a battery.
Contrary to the musings of venture capitalists with a heavy stake in coins (and coin mining), mining PoW chains is not the same as a battery. It should be obvious that energy used in mining is not reusable, it is turned into heat as it enters the environment. When miners pay bills they convert some of their holdings into actual money, energy is not released in this process because no energy was stored to begin with.
It is hard to know where to start with this batch of Bitcoin promoters, nearly all of whom work for prominent cryptocurrency intermediaries.
Fun fact: despite continual claims that Bitcoin will spur development of Thorium-based nuclear power plants, to date, there have been zero Thorium plants built let alone funded by Bitcoin personalities.
What about stranded energy?
In practice “stranded energy” means there is some kind of inefficiency in storage and/or the transportation grid. In some cases capital could be used to increase efficiencies (e.g., new pipelines) which could reduce the price of energy extraction or transmission. Yet because it is stranded, it centralizes PoW mining in that specific area.13
But what about renewables?
Hitchen’s Razor: That which can be asserted without evidence, can be dismissed without evidence.
Even when a region has hydroelectricity available, the hydro power is not consistent throughout the year. Consistent energy generation has led Bitcoin miners to areas which they perceive as stable, which often involves coal power. The “renewable argument” that many Bitcoin promoters use, neglects to account for the ‘seen and unseen’ opportunity costs involved. For example, solar panels and wind farms still require land that could otherwise be used for different, more productive purposes; likewise dams can be deconstructed allowing habitats to regrow and rivers restored. 14
In terms of cyclical generation, even in the summer, when hydroelectric dams are at their peak output in the northern hemisphere, Cambridge BCIE estimates that more than half of energy generation still relies on non-renewables such as coal or gas.
Many miners themselves do not provide any reason to believe this. Cambridge surveys miners, and they indicated that while a majority has renewables in the energy mix, only 39% of mining is done with renewables (as it can be a small part of the energy mix).
The location data above is from Cambridge, sourced from mining pools rather than a survey. If you look at where miners are situated most of the time, you also see that while they use some renewables during the summer (wet season) in China, they are using fossil fuels the rest of the year.
According to Stoll et al., the carbon intensity of the energy used for mining Bitcoin was 480-500g CO2 per kWh in 2019 and went up to more than 550g CO2 per kWh recently due to increasing popularity of Iran and Kazakhstan. 8% of miners are now using sanctioned Iranian oil-based energy to mine.
There is also a steady stream of on-the-ground local stories providing anecdotes to the rush for relatively cheap energy. For instance, clandestine Bitcoin mining in Iran is believed to be one of the reasons for a rash of blackouts (and smog).
Lastly, even if Bitcoin miners were mostly run on renewables (which is not occurring) Bitcoin mining could not be considered environmentally friendly. Why? Because of the regular cycle of e-waste that is created as next generation ASICs are introduced.
(8) Whataboutisms
Whataboutery is commonplace and normalized in the cryptocurrency world.
Tired of policy makers pointing out that illicit activity is attracted to KYC-less chains? Whatabout HSBC! Dislike the moans from hospitals impacted by Bitcoin-funded ransomware operations? Whatabout nuclear warfare!
This fallacy rears its head in the discussion of energy consumption: ignore this category of waste because there is also a category of waste there!
This is not a contest to waste as much energy as possible. Aircraft carriers, submarines, and airborne infantry divisions do not protect RTGS systems. All wasteful activities – such as nuclear warhead production – can clearly be categorized as bad and undesirable. It is also unclear from that thread how Bitcoin can end war or reduce military spending.
Speaking of poor analogies:
If we are going to play along with this game above: we actually know who participates in Federal Reserve decision making processes. Whereas we still do not have a regularly updated list of who funds those with merge control in the Bitcoin Core github repo.
At the time of this writing about 70 RGTS systems are live across the world. But only a small handful of countries with an RTGS also have nuclear weapons and/or aircraft carriers. And only six have both. 15 This illustrates that you can have one – a secure large value transfer system – without the other.
Held’s argument is a Whataboutism. Why? Because this is not a contest over who wastes more (or less).
As Galloway correctly points out in that thread: no one is trying to run a PoW-based payment system with Christmas lights. Christmas light operators are not incentivized to string up more lights as the aggregate market capitalization of light manufacturers increases.16
No one is trying to run a PoW-based payment system with smartphones. Furthermore, telecoms do not need to consume oodles of more energy per extra unit of phone added to their networks. PoW chains empirically and theoretically will consume energy in direct proportion to the value of the coin price. That is why we continue to see ever larger amounts of ASIC machinery sold by Bitmain and MicroBT to miners, not less. Yet PoW chains do not have a monopoly on securing permissionless payment systems.
Proof-of-stake (PoS) chains require some electricity too. If this was a comparison of say Polkadot or Avalanche (both of which are PoS-based), they would consume several orders less than Bitcoin does today.
And if these were compared to running full nodes (since there is no hash generation needed)?
For instance, according to Bitnodes there are approximately 9,415 nodes relaying transactions on the Bitcoin network (including the 25 or so mining pools).
At the time of this writing, there are about 110 validators alive on Polkadot and about 830 up on Avalanche. Yet both PoS networks are arguably just as secure as Bitcoin yet neither requires burning mountains of coal to stymie malicious actors. While we could debate ways to quantify “decentralization,” more is not necessarily better. 17 In this case, the thousands of extra non-block making validators in Bitcoin are essentially superfluous.
Virtually every sentence is incorrect. And this is all Whataboutery. Bitcoin mining usage could boil the ocean? But what about banks!
For what it is worth, nearly every large bank has announced some kind of carbon neutral initiative or has attempted to provide some semblance of where the energy is sourced. 18 That is not an excuse to justify their wastes or privatized gains (and socialized losses).
The bar should be: how can a value transfer system reduce its energy consumption and externalities, not to distractingly point fingers at other entities that also waste.
Speaking of which, in her examples above, it is also a different type and magnitude of waste. Banks do not generate more revenue if they leave their computers on 24/7 whereas PoW miners have to be left on around the clock to generate hashes in order to compete for block rewards.
Furthermore, banks as a whole provide many more services (and products) beyond just processing payments. In contrast, Bitcoin has very limited functionality, including the inability to do any on-chain lending.
That is not an accurate description of boiling gold (alchemy?) or what proof-of-work is as described by the original creators (Dwork and Naor). Neither its supply schedule nor energy consumption is what creates value for PoW coins, external demand is.
Claiming that PoW imbues a cryptocurrency with value because it requires real effort to produce it is a variation of the Labor Theory of Value. And saying PoW can promote energy efficiency is like saying paying people to dig holes and fill them up again helps the economy. 19
The chart (above) that Held uses, does not actually describe what he is saying about Kardeshev scale civilizations. If anything, assuming a “million dollar” bitcoin happens, PoW will actually drag Norway, China, and the U.S. back down towards Afghanistan. Why? Because if energy consumption goes up in those countries (via PoW mining), per capita GDP is decreasing because Bitcoin itself does not really produce anything.20 As a result, productive capacity for goods and services is being squeezed (or crowded out) by PoW-related endeavors.
In his accompanying article for this image Held states that: “The pressure to find cheap electricity sources will accelerate the effort to build fusion reactors.”
But that basically saying if you leave your car running it is good because it incentivizes finding alternate power sources.
Speaking of which:
Due to the demand shock from COVID-19, depending on geography, the cheapest sources of energy today might actually be oil and gas. Perhaps the near-future of mining are cars parked outside of refineries in Houston, churning up hashes for PoW networks.
And last but not least:
According to modeling from the Resources for the Future, a think tank, Miami will become the most vulnerable major coastal city in the world with “100-year floods” occuring every few years rather than once a century in many locations. A quarter of all homes at risk from flooding due to climate change reside in Miami-Dade county. If the mayor wanted to stave off this crisis the last thing he should be encouraging is direct investments in proof-of-work based cryptocurrencies.
(9) Competing for scarce resources
Due to the rapid rise in some cryptocurrency prices, foundries that churn out semiconductors have months of backlogs due to GPU and ASIC demand. Why? Because there are only a small handful of foundries capable of manufacturing state-of-the-art chips and as a result there is a limited capacity irrespective of what the ultimate destination may be.
This has led to a shortage of chips used in automobiles to the point where large manufacturers such as Ford or General Motors (GM) have announced plant shutdowns. In its most recent earnings announcement, GM estimated that:
The semiconductor shortage will shave $1.5 billion to $2 billion off adjusted earnings before interest and taxes this year.
How much semiconductor output capacity is being squeezed because of PoW miners?
Digiconomist estimates that TSMC – the largest semiconductor manufacturer in the world which produces most, if not all, ASICs for cryptocurrency mining – would need 3-4 months at full-capacity of its 7nm output just to produce the ASICs for PoW mining equipment that have been ordered. 21
This also impacts any industry or job that needs cutting edge GPUs, including squeezing smartphone manufacturers, console manufactures, graphic designers, and e-sport gamers. Why? Because the surge in mining demand has resulted in street prices for GPUs doubling what the original MSRP is.
History repeats itself: in November 2017, Chen Min (a chip designer at Avalon Mining) gave a presentation which noted that 5% of all transistors in the entire semiconductor industry were used for mining and that was driving up DRAM prices. Last cycle this negatively impacted a variety of ancillary set of actors, such as astronomers who rely on GPUs to chug through cosmic signals.
We are witnessing a similar phenomenon today. For instance, MSI announced that it may launch mining-specific GPUs this year.22
The current surge in demand for GPUs for mining has led some participants to acquire hundreds of gaming laptops en masse, crowding out, again, anyone who needs a high performance GPU. The image (above) comes from a Weibo account tracking various China-based miners who are showing off their GPU farms consisting of high-end laptops.
“Laptop mining” has pushed new buyers down the performance curve, to hardware that is two generations old.
Below are three publicly listed companies that have announced large purchases of mining equipment in the past several months:
A few days ago UK-listed Argo Blockchain announced it would build a 200 MW mining facility in West Texas.
Private companies have also announced large purchases of coin miners. For instance, last month Blockstream announced that it had purchased $25 million worth of equipment from MicroBT and that this would be part of its 300 MW of mining capacity.
And an anonymous buyer in Russia, recently acquired 20,000 mining systems that consume 70 MW for a new farm in Bratsk, Siberia.
And this is just the tip of the iceberg.
A GPU farm of 78 GeForce 3080s was photographed (above) churning up hashes for Ethereum last month.
An entire paper or two could be written on large bulk purchases of ASICs or GPUs which crowd out other industries that need the same resources for actual productive activities.
(10) Undead countries are an ESG nightmare
Is it a stretch to call Bitcoin a ‘smoldering Chernobyl sitting at the heart of Silicon Valley’?
In May 2014 we briefly discussed a hypothetical “million dollar” bitcoin. At the time, Bitcoin’s price had dropped below $500 and we were already able to empirically discern that hashrate grows (or declines) directly proportional to coin value.
In the previous articles we found that, despite the introduction of increasingly energy efficient hardware, a PoW network like Bitcoin consumes ever larger amounts of energy. That is because of the Red Queen’s Race: miners do not downsize farms in aggregate, they simply replace aging hardware with newer ones; they must run faster in order to stay in the same place.
That is why anyone that has access to a hashrate chart can project with decent certainty what the likely outcome of a “million dollar” bitcoin will be in the future.
If a $40,000 bitcoin has already led miners to consume the energy equivalent of the Netherlands or Egypt, a million dollar bitcoin would be about 25 times as much.
What does that mean in actual numbers?
Critical to any analysis of energy usage is economic output. In a million dollar bitcoin world, society would be bearing the externalities of mining activity that does not produce a proportional amount of GDP. For instance, much of the coin mining industry is reliant and dependent on taxpayer funded utility companies and grids. As a result, we would see the equivalent of an additional U.S.-sized energy usage without seeing anywhere near the economic output, this would be a huge net loss.
This also does not take into account e-waste that is created via discarded single-use ASICs. And it does not take into account other PoW networks such as Litecoin which are basically ghost towns yet consume country-sized energy units too.
Miners will surely lead to greener sources of energy production, right?
This is a red herring.
Through the usage of either permissioned systems (like an RTGS) or a proof-of-stake chain, the energy consumed by PoW chains did not need to take place at all. In fact, PoS chains can provide the same types of utility that PoW chains do, but without the negative environmental externalities. PoW chains are the equivalent of adding an undead country – a zombie chain – to the power grid: one that consumes energy and produces little more than emissions.
Because of disputes among its undead participants these zombie chains must utilize the judicial and legal resources of third party countries. The chains also have a parasitic relationship to other government-run services that they continue to rely on such as taxpayer-financed energy grids.
(11) Call to Action
What can be done?
For starters, do not patronize coin lobbying organizations that weaponize misinformation. They are not dedicated to protecting consumers or the environment. Their mission is to convince legislators around the world to take a hands-off approach to regulations, including potential taxes on miners.
Nearly three years ago, the executive director of Coin Center, Jerry Brito, solicited names to hire to whitewash easy-to-prove energy consumption numbers.
Why? Because it is bad for business. Some Bitcoin promoters like to present themselves as being part of the cutting-edge future, one disassociated with the ancien régime. But as we have seen repeatedly in this paper, PoW miners compete for the same scarce resources and capacity that society relies on to generate real goods and services.
This is not true. Agrawal, who works with Brito at Coin Center, attempts to limit the available options when there are a wide range of other possibilities.
For instance, according to The New Republic:
In 2020, Tesla sold about $1.58 billion worth of these [carbon] credits—almost exactly the value of the Bitcoin purchased.
Tesla is going to account for its Bitcoin holdings as intangible assets (goodwill) which is not how this line item was intended for. This is clearly shrewd opportunism (and accounting), not some re-imagination of resource consumption.
According to Digiconomist:
If 12 million people used Bitcoin to buy a Tesla, it would be enough to completely offset the combined total of CO2 saved by these EVs (by Tesla’s own account).
Elon Musk says he is now a fan of Bitcoin but PoW miners are directly cannibalizing the chip production capacity required to produce Tesla vehicles, a point that Tesla’s latest 10-K filing indirectly touches on.
Like parasitic stablecoins, miners in proof-of-work networks such as Bitcoin piggyback on top of the current energy extraction and generation infrastructure. 23 Furthermore, Bitcoin itself is not an alternative to an RTGS (traditional finance) so much as it is a shadow payment service that enables illicit activities to occur via a spectrum of intermediaries (e.g., underregulated coin exchanges). Continually comparing one versus the other is specious because one fully depends on the other to exist.
What can you do?
Most developed and developing countries levy taxes on polluters or “sin” activities. 24 Clearly proof-of-work mining falls into both categories.
Contact your local Public Utility Company and explain the socialized losses and privatized gains that are possibly accruing to miners. In addition to levying a tax on coin mining activity, perhaps introducing a tax on PoW-based holdings at intermediaries could be discussed since they directly benefit from miners providing the underlying blockchain infrastructure.
And if you are a user of a cryptocurrency, publicly advocate for switching to proof-of-stake (PoS) chains or accelerating such transitions if they are already underway. You can still enjoy decentralized finance in a way that does not dramatically contribute to climate change.25
Acknowledgements
Thanks to the following people for their helpful feedback: CK, JG, VB, RG, KR, JH, MW, and AV.
Endnotes
Send to Kindle
[Note: this is a sequel to my previous post: Systemically important cryptocurrency networks, which critically examined how certain digital tokens parasitically leech off the U.S. banking system. There is an accompanying Appendix to this document as well.]
The second half of 2020 saw a large set of draft regulations and proposals surrounding cryptocurrencies and specifically, “stablecoins.”1
For instance, in July, the influential Group of Thirty published its investigation into digital currencies and stablecoins. In late September, the E.U. announced an expansive regulatory framework called Markets in Crypto Asset Regulation, or MiCA.2 A month later the Financial Stability Board (FSB), the top global stability watchdog, released its “final” report on what they called global stablecoins (GSCs). A month after that, the Bank for International Settlements (BIS) released a report specifically looking at stablecoins.
A few days later there was a flurry of tweets and articles written up in response to the newly proposed STABLE Act in the United States. And coincidentally, this past month the President’s Working Group on Financial Markets released a report on stablecoins that came out swinging against “multi-currency” projects like Facebook’s Diem (formerly Libra) as well as broad pieces of enabling infrastructure. 3
While each was written by different sets of authors in different jurisdictions, all had some common ground: regulation and risks of panjurisdictional commercial bank-backed “stablecoins.”4
This post will go through some of the background for what commercial bank-backed stablecoins are, the loopholes that the issuers try to reside in, how reliant the greater cryptocurrency world is dependent on U.S. and E.U. commercial banks, and how the principles for financial market structures, otherwise known as PFMIs, are being ignored.5
Let’s start in reverse order.
PFMIs
What are the PFMIs?
We have discussed the Principles for Financial Market Infrastructures (PFMIs) before. It is an evolving set of principles and guidelines for financial market infrastructures (such as CSDs, CCPs, payment systems) that are maintained and updated based on research and collaboration between two international regulatory bodies: BIS and IOSCO. Their joint 2012 paper is considered the gold standard and is frequently cited in the press, academia, and regulatory bodies.
For the purposes of this article, we will look at just once slice of the 2012 document. Principle 9 of the PFMIs states:
An FMI should conduct its money settlements in central bank money where practical and available. If central bank money is not used, an FMI should minimise and strictly control the credit and liquidity risk arising from the use of commercial bank money.
We have ample evidence from the 2007-2009 Great Financial Crisis (and other eras) that dependence on commercial banks is subpar and adding yet another (underaccountable) layer on systemically important financial institutions (SIFIs) is not ideal. 6
Without going into weeds, the PFMIs and the committees involved in drafting them, state and then re-state the importance of reducing credit risk exposure to commercial banks. Yet in all instances today, almost every collateral-backed stablecoin that has thus far been issued does so through tokenizing deposits custodied at commercial banks.
This is improper for a variety of reasons and there are remedies and solutions. For instance, while we await liberalized access to central bank digital accounts (CBDAs) or currencies (CBDCs), setting up “narrow banks” or FedAccounts have been highlighted as complimentary solutions in the United States.78
When presenting these alternatives in public — especially on social media — a noticeable amount of “fist shaking” and “pearl clutching” occurs from partisans unaware of how reliant stablecoins are on the U.S. and E.U. commercial banking systems. 9 10
For example, a number of prominent cryptocurrency promoters claim that draft legislation (such as the STABLE Act) would destroy innovation or even blockchains themselves. 11
As it stands today, non-compliance with the Bank Secrecy Act (BSA) is strictly speaking not “innovation.” It is regulatory arbitrage which can create a race to the bottom that may harm consumers.1213 Commercial bank-backed stablecoins are ‘innovative’ insomuch as they are not playing by the same explicit rules that other bank-like entities have to.
We will discuss them at length further below but currently – as measured in trading volume – the two most “popular” commercial bank-backed stablecoins are USDT (Tether) and USDC (USD Coin).14 Both claim to be collateralized by U.S. dollars held in custody at commercial banks. Together they accounted for nearly 90% of all stablecoin trading volume this past year. 15
How big is that volume?
As an aggregate, in 2020, on-chain volume alone from these stablecoins reached more than $1 trillion. That does not count the exchange-based (off-chain) transactions that also use these collateral-backed coins. And problematic for policy makers: the on-chain volume was exchanged with limited oversight or surveillance sharing, which is part of the reason why various governments are moving quickly to pass laws to deanonymize self-hosted wallets that are exchanging this parasitic “e-banknote” or “shadow deposit.”161718
For example, Tether and USDC are not being stifled through the proposed STABLE Act, rather they would be required to jump through the same hoops as anyone else providing similar financial services.19 Based on how their product is used, these issuers are arguably a form of wildcat banks (from the 19th century) or what is called a shadow bank or shadow payments today. Lots of shadows!
What is a “shadow bank”?
The term itself is just over a decade old but these entities existed prior to 2007. In general they are “non-bank financial intermediaries that provide services similar to traditional commercial banks but outside normal banking regulations.”20 Readers can imagine that this type of activity is what organizations such as the Financial Stability Board (FSB) would like to keep track of.
One member of the FSB is the Federal Reserve. The screenshot (above) is a relevant portion of their mandate and why they could – in theory – be interested in obtaining information of off-shore entities that are attempting to (anonymously) use U.S. linked e-banknotes.21
“Shadow banking” is occurring off-shore through intermediaries (e.g., coin exchanges and lending protocols) that use Tether or USDC without needing to connect to a local bank who would require some semblance of surveillance such as AML or CFT compliance.2223
Based on their external messaging, multiple centralized exchanges (CEXes) claim to operate banklessly but this is a superficial: they each maintain an umbilical cord to the U.S. dollar via USDT or USDC. 24 Similarly, decentralized lending protocols such as Compound or Aave accept commercial bank-backed stablecoins as collateral and allow rehypothecation of these same tokens (or others). 25
Putting aside new proposed legislation for the moment: stablecoin issuers (administrators) have fought feverishly to categorize themselves under a “lighter” more lenient regulatory regime (money service business) despite more stringent laws covering deposit-taking activities that are not enforced, such as 12 USC 378 (a)(2) being on the books. 2627
More precisely, in retrospect specific activities enabled by commercial banks (such as issuance of e-money) were not properly regulated. Righting this wrong that exists to day – so the argument goes – all MSBs (not just commercial bank-backed stablecoin issuers) should no longer be able to conduct unregulated shadow payments or banking activities.2829
Related to the concept of shadow banking is shadow money, and clearly stablecoins fit the bill. When he was a Governor at the Federal Reserve, Dan Tarullo gave a speech, stating:
“Shadow banking also refers to the creation of assets that are thought to be safe, short-term, and liquid, and as such, “cash equivalents” similar to insured deposits in the commercial banking system. Of course, as many financial market actors learned to their dismay, in periods of stress these assets are not the same as insured deposits.”
The classic example of shadow money is money market funds which were deemed to be “money good” pre-2008 crisis. Reforms were implemented post-crisis, such as redemption gates and floating NAVs for certain money funds, but in March 2020 the Federal Reserve still had to backstop money funds via the money market mutual fund liquidity facility (MMLF). Last month the President’s Working Group on Financial Markets released a report highlighting the need for further reforms to money market funds.
If consumers and investors think stablecoins are the same as insured deposits because they are “backed” by insured deposits at a commercial bank, they are clearly not. Does this mean that if stablecoins become big enough, the U.S. government would bail the sector out just like they have bailed out other shadow money investors? This is an open question but the answer should arguably be no. 30
While regulators have informally discussed systemically important cryptocurrencies networks and potentially overlap with PFMIs, to date there have been few discussions in long-form prose.31 Let us check back in on this topic next year.
Double the credit risk
As mentioned above, the credit risk (solvency) of commercial banks is worse than central banks.32 During the 2007-2009 financial crisis, while a number of commercial banks received direct taxpayer-funded bailouts that immediately underwent public scrutiny, the entire financial industry was effectively propped up through the coordinated actions of central banks and finance ministries around the world.
We could always argue about which policies should or should not have been implemented during that time. The Dodd-Frank Act was just one set of legislation that was passed in an attempt to prevent another, similar systemic crisis from happening again.
What does this have to do with parasitic stablecoins?
Transactional users and speculators of commercial bank-backed stablecoins are faced with at least two potential credit risks:
A conventional bank account exposes to the account holder to a single level of credit risk, the risk that the bank becomes bankrupt and is unable to meet its liabilities to account holders. In most developed countries and many developing countries, deposits are protected by a national deposit insurance scheme ranging between tens and hundreds of thousands of dollars.
Even if Signature Bank or Silvergate Bank have impeccable credit quality, they are not the lender of last resort. They rely on the implicit and explicit backing of the FDIC and the Federal Reserve.33
As a result, stablecoins present a double layer of credit risk. There is the risk that the issuer of the coins fails and the risk that the party holding the reserves (e.g. a bank, fails). Generally stablecoins would not benefit from the deposit insurance provided for bank accounts.34 Where the issuer invests in a more complex range of assets to act as reserves, such as debt instruments, it also exposes the stablecoin holder to the risk that assets fall in value, which can be an issue, even for relatively short-dated assets, where reserves have to be liquidated. 35
This raises a major question: who bears losses, the issuer or the holder of coins? An issue banks deal with (to a certain extent) by having to set aside regulatory capital.3637
In other words: a stable coin backed by commercial bank deposits has worse credit risk than simply having money in the bank because it would not benefit from any deposit insurance scheme.38
CBDCs
Tangentially related to the PFMIs are central bank digital currencies (CBDCs). Public discussions surrounding the regulation of stablecoins often neglects prior research conducted by central banks, industry, and academia.
For instance, several years ago, the Bank for International Settlements (BIS) published one of the most widely cited papers on the topic of CBDCs. In it, the so-called “money flower” Venn diagram illustrated how existing money could be categorized:
As we can see, the current crop of stablecoins (such as USDC) and cryptocurrencies (such as Bitcoin) are clearly in different categories from CBDCs.
Representatives of coin lobbying organizations, such as the Chamber of Digital Commerce, makes the common mistake of conflating the two:
Are commercial bank-backed stablecoins a central bank digital currency (CBDC)?
No. There is a lot of commentary which blends stablecoins with CBDCs but they are not the same. Unless a stablecoin is backed by reserves at the central bank or issued directly by a central bank, a stablecoin marketing itself as a CBDC is being dishonest.
Furthermore, the DC/EP initiative in China is not a CBDC. It is a liability of an intermediary that is not the People’s Bank of China.39
Are CBDCs a stablecoin?
No, although in theory central bank reserves could be tokenized and put onto a blockchain. But that’s not what is happening today (yet).41
Any other reasons why stablecoins are lumped together with CBDCs?
Stability. Credible central banks such as the Federal Reserve, provide a reliable unit-of-account such that more than two dozen countries “dollarize” their domestic economies with it. This article will not go into the merits or demerits of issuing CBDCs or if a blockchain is needed in doing so.42
Ironically, while some vocal coin promoters have claimed a “hyperbitcoinization” event will occur soon. But the cryptocurrency ecosystem as a whole has seen the opposite take place: rapid dollarization due to the growth of commercial bank-backed stablecoins. This is the central conceit for much of the coin world today: promoters and meme artisans often claim they are about to launch off from planet Earth all while drilling ever deeper foundations into the Earth’s crust.
For example, in the second half of 2020 at least four U.S.-based cryptocurrency companies applied for deposit-taking licenses or banking charters.43 And because of how embedded these tokens have become to “DeFi” apps, portions of it have turned into centralized DeFi (CeDeFi), which is an oxymoron.44
As a result, it has made anarchic chains less resilient which will be discussed later.45
Reliance on external U-o-A
One characteristic or function of actual “money” is something called the unit-of-account (U-o-A). A unit-of-account is used to price goods and services in an economy. On a macro level, economic aggregates such as GDP are measured by a stable U-o-A, such as the USD or EUR.
Similarly, international commerce and trade is often denominated in a stable U-o-A. In this case, foreign exchange ultimately takes place somewhere along on “the edges” but the price discovery and (often) payment settlement occurs in the stable U-o-A. 46
For instance, despite doomsday predictions, the USD is becoming more dominant – not less dominant – in financial markets.
What does this have to do with cryptocurrencies and specifically stablecoins?
More precisely, the question should be: why are stablecoins so popular?
The answer is one that has been discussed many times on this site: volatility.47 Contrary to what some promoters claim, Bitcoin is not becoming less volatile over time. As JP Koning illustrated in the chart (above), bitcoin is more volatile today than it was in early 2017 when it had a ‘market cap’ of just $15 billion or in 2013, when it was worth just $1 billion.
While some early coin investors and hoarders may be okay with rampant swings in volatility, actual users (such as day traders or remitters) desire stability. As a result, more than 20 different U.S. dollar-linked stablecoins have been created to fill that need. And unsurprisingly, because the identity of on-chain activity can be obfuscated, another set of stablecoin users are criminals involved in money laundering and terrorism, as identified by the Financial Action Task Force (FATF).
For the purposes of this article “stablecoin” is a catch-all term used to describe a spectrum of coins that attempt to peg a token to exogenous (external) value.48 Typically the exogenous value is denominated in USD. In terms of trading volume, the two biggest buckets of stablecoins are:
In practice, nearly all collateral-backed tokens in use today are commercial bank-backed tokens that are centrally issued by a singular entity.50 In contrast, virtually all of the algorithmic tokens are launched by anonymous teams and often use a form of rebasing or Seigniorage Shares model to arrive at a value.51
The focus of this article is on the former not the latter. Let’s dive into a few of them.
Barnacles
USD Coin (USDC) is a stablecoin issued through the Centre Foundation and backed by Circle, Coinbase, and others. This entity is registered as a MSB in the United States. USDC is an ERC20 token that can be moved around the Ethereum network however the “backend” on-and-off ramps are fully powered by U.S.-based commercial banks such as Silvergate in San Diego.52
At the time of this writing about $4.3 billion of USDC has been issued. In Q4 2020, the trading volume of USDC was usually between $335 million to $1.3 billion per day.53
USDT is issued by Tether Ltd which is also registered as a MSB in the United States.54 Customers that want to use USDT, create an account on the Tether website and link their bank account. Then using the traditional financial system, wire cash to Tether’s partner banks. USDT has been issued onto multiple different blockchains, including Bitcoin and Ethereum. As of this writing, it is the most actively used ERC20 token.
Tether Ltd and its parent company (iFinex) have been debanked multiple times. Why?
Because both are under multiple investigations from several regulators and law enforcement (such as the New York Attorney General) for lying about their collateralization levels, among other allegations.
At the time of this writing about $21.3 billion USDT has been issued. In Q4 2020, the trading volume of USDT was usually between $25 billion to $80 billion per day.55
When it was initially launched in December 2017, DAI was collateralized only with ETH and the software company that created it, Maker, is not registered as a MSB (though it could be categorized as a “shadow MSB“). About 18 months ago, DAI transitioned to accept “multi-collateral” which includes other types of coins, such as commercial bank-backed stablecoins. In addition to being listed on most major cryptocurrency exchanges, traders can also buy DAI directly via 3rd party partners (such as Wyre and MoonPay).
However, depending on the day of the week, the proportion of U.S. commercial bank-backed stablecoins can comprise more than 50% of the collateral backing DAI (which is why it was identified by authors of the STABLE Act):
The chart (below) shows the growth (measured by ‘supply’) of the most popular collateral-backed stablecoins this past year.
Assuming the self-reported numbers are correct, this illustrates an increase in USD deposits sitting in banks on behalf of stablecoin issuers.
Note that at the time of this writing about $21.3 billion USDT has been issued and about $4.3 billion of USDC has been issued.
The bar chart (below) shows the daily trading volume of roughly the same collateral-backed stablecoins over the past three year:
Recall from above that in Q4 2020, with a few outliers the trading volume of USDT was between $25 billion to $80 billion per day and the the trading volume of USDC was between $335 million to $1.3 billion per day.
In other words, the average daily turnover for USDT was about 2 to 4 times the amount allegedly deposited with their banking partners. This likely shows that some forms of leverage, credit creation, and rehypothecation are taking place. 5657
The line chart (below) shows the total value of tokens that are locked up (TVL) in DeFi-related projects over the past ~3 years:
As we can observe above, growth of TVL substantially increased between January 1, 2020 and January 1, 2021 by about 2,000 percent. DAI contributes to about 20 percent of these deposits.
What about Diem née Libra?
With mountains of press and marketing the past 18 months, they are finally planning to launch (soon). What Libra initially proposed in the summer of 2019 (to the chagrin of regulators and payment-related partners) was that Libra would deposit user funds in multiple custody banks (like Citi) but purposefully do it in a way such that no single regulator (such as FinCEN or OCC or the Fed) would have complete oversight. That was shot down and the proposal evolved further the past year.
For example, it initially involved pegging to a basket of currencies (including SGD) kind of like an SDR, but without FSB or IMF oversight. This put commercial banks at risk in part because of non-existent AML controls. Thus the entire proposal was scrapped and a new narrative created through the use of a commercial bank-backed stablecoin similar to USDC.
There are other bits and bobs that we can dive into – such as the older generation of algorithmically “stabilized” coins Nubits or BitUSD – but that’s a separate, mostly irrelevant category of faux stablecoins.
What would happen if issuers of collateral-backed stablecoins had to obtain something akin to a bank charter?58 Last month Paxos (PAX) applied for a national charter in the United States, will other issuers do the same?
While there may be rigorous surveillance at the on-and-off ramps of USDC or USDT today, the same cannot be said for on-chain activity where the “Travel Rule” is ignored or compliance with the BSA is non-existent.
If the self-reported volumes at coin exchanges is accurate, then tens of billions (measured in USD) of these stablecoins are traded each day likely in a non-compliant manner. This undersurveilled activity is part of the motivation behind a new draft rule from the U.S. Treasury department.
For perspective, according to The Block in the first 11 months of 2020 stablecoins hit some hockey stick growth:
And as mentioned in the first section above, total stablecoin on-chain volume surpassed $1 trillion during 2020.59
If payment processors are held liable for the activities (e.g., knowingly processing payments for scams) that take place on their networks, the argument goes, so should stablecoin issuers. In the past, both Tether and USDC have frozen funds and blacklisted addresses due to law enforcement orders, so at a minimum they should be held to the same standard as a payment processor (but are not).
Either way, it is clear that from trading activity and total-value-locked up (TVL), that the DeFi ecosystem (and all coin worlds really), are reliant on maintaining frictionless U.S. banking access.
Is this DeFi-in-name-only (DeFi-ino)? Without the on-and-off ramps into U.S. banks and most importantly – parasitic access to a stable unit-of-account, arguably the middle (TVL) activity would be a lot less than it is today.60
If the (end) goal or ethos of the DeFi world — and broader anarchic cryptocurrency universe — is to be self-sovereign and enable self-custody and not reliant on U.S. commercial banks or the Federal Reserve, the exact opposite has occurred.61
A quick DAI diversion
It is not a full barnacle however some have previously argued that DAI could become a victim of its own success. 62
How’s that? Maker’s current governance leans heavily on identifiable humans and VCs which would be hard to quickly anonymize/decentralize. Recall that its human-led governance process modified the collateralization process, allowing new types of coins and tokens to be included.63
As a result:
What are some solutions for Maker (DAI), whose investors and developers are identifiable?
Regarding that last point, here’s an example:
Let us check back next year to see what Maker, Compound, and Aave do with their formal governance and collateralization processes.
Breaking pegs
Worth noting that USDT, USDC, and DAI have either broken their pegs with the USD or at some point dramatically drifted from their pegs. There are multiple reasons why.
For example, in April 2017, USDT dropped below $1.00 and traded at $0.91.
Why the sudden drop?
As mentioned in a previous post, a lawsuit revealed that Bitfinex sued WellsFargo because the bank had refused to process Bitfinex’s international wires. Over a span of a few months, tens of millions of USD had been wired through WellsFargo into and out of four different banks in Taiwan which Bitfinex, Tether Ltd, and other affiliated subsidiaries had bank accounts with. At some point prior to March 2017, someone on the compliance side of WellsFargo noticed this large flow of USD and for one reason or other (e.g., fell within the guidelines of a SAR?), placed a hold on the funds. In early April 2017 Bitfinex’s parent company filed a lawsuit for WellsFargo to release these funds.
WellsFargo eventually returned the USD-denominated funds but without those funds, the peg was unable to withstand sell pressure. In other words, WellsFargo was integral to Tether Ltd’s correspondent banking relationships. About a week later Bitfinex withdrew its lawsuit but not before causing a Streisand Effect.
This was not the first time Bitfinex has been “debanked.” Phil Potter, then-CFO of Bitfinex, gave an interview and explained that whenever Bitfinex had lost accounts in the past, they would do a number of things to get re-banked. In his words:
“We’ve had banking hiccups in the past, we’ve just always been able to route around it or deal with it, open up new accounts, or what have you… shift to a new corporate entity, lots of cat and mouse tricks that everyone in Bitcoin industry has to avail themselves of.”
With this blasé attitude, it is any wonder they are under active investigations from the Department of Justice, the CFTC, and the NY AG.
The ethos of blockchainology is supposedly: “don’t trust, verify.” Above is a tweet from Paolo Ardoino, current CTO of Bitfinex and Tether.
Because no reputable firm will provide regular audits of Tether Ltd, we are left having to trust a non-credible actor.66 For instance, in April 2019, during its legal proceedings with the New York Attorney General, Stuart Hoegner, the general counsel for Tether Ltd admitted that USDT was not backed 1:1 as was claimed on their website. Instead it was running an undisclosed fractional reserve operation that was only uncovered due to this ongoing lawsuit.
In its filing with the court, Hoegner states:
“As of the date [April 30] I am signing this affidavit, Tether has cash and cash equivalents (short term securities) on hand totaling approximately $2.1 billion, representing approximately 74 percent of the current outstanding tethers.”
Executives at the parent company (iFinex) would not even acknowledge ownership of Tether Ltd until an exposé from The New York Times revealed it was the case due to leaks from the Paradise Papers (be sure to also read Amy Castor’s timeline).
We know historically that other intermediaries have lied or misled users (and investors) of what they do with deposits. For instance, during a series of investigations in 2017 in China, at least two major domestic cryptocurrency exchanges (Huobi and OKCoin) were found to have secretly re-invested customer deposits into other financial instruments.
This type of abuse is the reason why at a minimum regular audits from reputable, independent firms are required for financial service providers. Let us check in next year to see if Tether Ltd gives us more than tweets to audit.
Innovation theater
We briefly mentioned this topic at the beginning of the article but worth looking at this closer.
In the early 2010s, several prominent VC-backed fintech efforts insisted they needed carve-outs for what they knew were highly regulated activities.67 Some even hired lobbying organizations to push the “don’t suffocate innovation” meme which persists today in the form of “deregulated finance.”68
For instance, in 2014 the New York State Department of Financial Services (DFS) proposed a new virtual currency regulation dubbed the “BitLicense.” Prior to its enactment in 2015, the same sort of “everyone will leave the US” argument was made by its opponents. Throughout the second half of 2014, DFS held multiple public comment periods, the responses of which were made public. Among others, the EFF submission included the word “innovation” thirteen times. 69 Upon its enactment, a few coin-related companies claim to have left, some vowing never to return.
From a systemic risk standpoint, is society worse off because of the small handful of coin companies that had no intention of becoming compliant with a stricter MSB, let alone a banking license, left New York? No. Is the BitLicense perfect or flawless? No.
But contrary to views of partisans, entrepreneurs continue to seek it out as a stamp of approval: as of this writing there are 25 entities that have been approved for a BitLicense (although a couple overlap).70
Three years after its enactment, in May 2018, coin-focused media gave softball interviews to the “refugees” that left New York, notably Shapeshift and Kraken. Both are cryptocurrency exchanges and had (have?) legal and regulatory issues.
At the time Shapeshift allowed KYC’less transfers to take place. That changed in September 2018 after The Wall Street Journal did an investigation discovering that Shapeshift was being used to launder proceeds of crime such as the infamous WannaCry ransomware.
Perhaps publicly telling the world that you are not going to comply with the BitLicense was a redflag?71
The other prominent “departure” from New York was Kraken, another U.S.-based cryptocurrency exchange.73 The CEO publicly has written multiple articles and posts on social media for why the organization would no longer cater to New York residents. But upon closer examination, in September 2018 the New York Attorney General announced that it had evidence that Kraken was still operating in New York. While that investigation simmers in the background, a year later a lawsuit was filed by Jonathan Silverman, who had run Kraken’s OTC desk in NYC for a couple of years. He sued the exchange because they had stiffed bonus payments. It is unclear what the current status of Kraken’s business is in New York, however, a number of employees appear to reside there.74
Likewise many prominent ICO promoters made similarly grandiose statements after the SEC released its report on The DAO in 2017. That capital pooling and investments would move off-shore and the U.S. would be left behind. Regulatory arbitrage certainly did take place, with hundreds of ICOs being registered in Singapore, Taiwan, and other island nations (such as The Caymans).75 But we also saw that in practice, coin-focused developer teams continue to be hired here in United States.
Either way, as Nathan Tankus correctly pointed out:
Shadow banks have always sold themselves as providing competition to the regular banking system. And to a certain extent, they do. But its an undesirable form of competition which causes a race to the bottom.
If other nations want to put their own financial infrastructure at risk due to underaccountable shadow banking – so the argument goes – that is not a great outcome but not a terrible outcome for the U.S. banking system in terms of systemic risk.76 For example, the aim of the STABLE Act is not to globally enforce a regime: it is to prevent systemic risk in the U.S. and this can be done by strictly enforcing existing laws or enacting new laws on entities such as stablecoin issuers reliant on U.S. commercial banks.
This may sound repetitive, one cannot overstress systemic risk in the context of an underaccountable IOU layer, as Tankus once more explains:
The [STABLE Act] is aiming at systemic risk. leaving unlicensed stablecoins as a fringe financial product offered in other jurisdictions unlisted or on minor exchanges that can survive not being able to interact with the U.S. legal system accomplishes the goal
Recall that in the U.S., the only entities that have access (accounts) at the Central Bank are commercial banks. And we empirically know that the credit risk of commercial banks is worse than a Central Bank because there is just one type of money: reserves at the central bank.
Everything beyond coins, notes, and money equivalents is arguably a credit risk. Thus, not only should we want Narrow Banks and FedAccounts created, but from a resiliency standpoint at the very least we should require stablecoin-issuers to stop piggybacking on other commercial banks due to their modus operandi.
Miners and block makers
We have touched on this topic more than a dozen times on just this site alone. Let us look at this issue from a different angle.
Visa and other payment providers are liable for certain activities that take place on their networks, hence why they on-board certain merchants and off-board others that are deemed “higher risk” or whom have violated some law.77 Similarly all FMIs have various binding agreements (MSA, TOS, EULA, SLA), and the penalty for violating them could result in a participant being removed (e.g., Fedwire has a terms of service that is effectively passed on to the users of commercial bank wiring services). ISPs and telecoms are also regulated and permissioned and they can (and do) kick users off for violating their TOS.
Proof-of-work chains like Bitcoin intentionally did not include a ‘terms-of-service’ and by design did not include hooks into any legal agreement or, for that matter, attempt to integrate AML screening of participants.78
But this is just RICO theater: in an “even Steven” world, miners should be held to the same standard as other processors. Assuming some or just one of the frameworks mentioned at the top of this article is ratified, issuers can be held accountable for additional disputes that arise.79 What then of the block makers who process transactions that fail to comply with a specific jurisprudence?
For example, in terms of proof-of-work chains – in practice – nearly all of the mining pools for both Bitcoin and Ethereum are operated by identifiable entities. FinCEN’s 2013 guidance gave miners a carve-out based on the assumption that mining pools were neutral, but in practice they are not and do manually add (or censor) transactions.
For instance, at a public event in 2019, Roger Ver and Tone Vays (aka Anthony Vaysbrod) made a bet on stage regarding sending transactions – and importantly the associated fees – across both the Bitcoin and Bitcoin Cash blockchains. To aide Vays’ attempt to send a below-market transaction fee, Slush (a mining pool), manually included it despite the below-market fee. They were not neutral the opposite to how miners are often portrayed to regulators.
During the frenzy of ICO mania, the rush to get into a “capped” raise meant that some speculators would “bribe” mining pools to guarantee that their transaction could be included in a specific block. For example, in May 2017, a principal at a Canadian-listed fund successfully paid more than $6,000 to an Ethereum mining pool so that his transaction could be included during the sale of the Basic Attention Token (BAT).
We could spend a couple of posts just walking through the subreddit /r/bitcoin in what is basically the de facto customer service forum in the event that a user accidentally sends a mining fee that is too big or small.
What these human-run chains independently highlight are some of the lessons from 2015. How can validators become BSA compliant or apply for a MSB license?80
Why would they need to?
In what became the “permissioned chain” or “enterprise chain” vendor world, startups like Symbiont and Digital Asset first looked at using Bitcoin mining pools to process transactions for regulated financial institutions (e.g., banks) but ultimately walked back for a couple of reasons:8182
The discussions surrounding identifiable validators (this paper uses the term “KYM” – know your miner) – and the legal and regulatory buckets they fall under – has been an ongoing topic since at least 2013. The STABLE Act potentially fixes that loophole.83
Why hasn’t law enforcement prosecuted mining pool operators in the past? Partly because of coin lobbying organizations have successfully pushed a one-sided agenda on behalf of their donors and rallied external support by fear mongering about criminalizing node operators.8485
This is a red herring and is not the aim of the STABLE Act; in fact its co-authors believe that would be a bad strategy. But a bigger issue has been a lack of resources. Agencies like FinCEN have in general been underresourced and went after the lower hanging fruit (e.g., ransomware profiteers in Iran).8687 It is an open question whether they will have more resources under a new administration to look at miners.88
With the roll out of real-time transaction monitoring from many different vendors, intermediaries such as cryptocurrency exchanges and mining pools can identify and flag suspicious or illicit activity before participants can fully realize their gains.
For instance, almost four-and-a-half years ago, Bitfinex was hacked and lost 119,756 bitcoins. At the time this was worth about $65 million of actual money. Today that is around $4 billion. The hacker(s) have never been (publicly) caught. Proportionally, this would be equivalent to a large commercial bank losing $20 – $30 billion USD. There have been Congressional hearings for much less.
As I have pointed in previous posts and presentations (slides 10-12), at the time 9 out-of-the-first 10 mining pools that processed the stolen Bitfinex tokens operate outside of the U.S. (specifically in China).89 If a U.S.-based financial intermediary was hacked and $4 billion in customer deposits was stolen, the fine print in the terms-of-service kicks into high gear to protect customers. Despite the billions in VC funding and headline-grabbing coin prices, similar consumer protections do not exist in the coin world.90
Even with the existence of real-time monitoring from multiple vendors, intermediaries including miners have gotten away with profiteering from processing illicit transactions that would have shook up FMIs or PSPs. Ransomware, a blight on critical public infrastructure, and the processing of its transactions are something that well-resourced prosecutors could disgorge.91
Conclusion
The motivation behind anarchic chains, such as Bitcoin and Ethereum, was about creating an alternative, sovereign economy that was independent of any nation-state. But if your alternative economy uses USD (or any other fiat-linked cryptocurrency) as its unit-of-account, it is not really an alternative economy, but a subsystem subordinate to the monetary policy and pricing system of the nation that the system is supposed to be independent of.
If the aim or ethos of anarchic cryptocurrencies is to truly reduce moral hazard (e.g. taxpayer funded bailouts of banks) and systemic risks that unfortunately occur during a financial crisis, the DeFi ecosystem has a long way to reverse the current trend.92 It is not too late and in fact, client pluralism (in Ethereum) is one way to reduce systemic risk.93
“Pegged coins” are clearly fragile because they rely on an exogenous judiciary system to resolve disputes and an exogenous banking system to maintain a unit-of-account. Much of the proposed legislation above should serve as a motivation for building a more resilient on-chain U-o-A.
Perhaps the one call to action is to encourage education around “narrow banks” which could be viewed as a ‘middle ground’ between a bank charter and a MSB.94 If you are interested in learning more on the short history of commercial bank-backed stablecoins, worth re-reading the prequel from 2018 to see what has changed.
Acknowledgements
I would like to thank the following people for their feedback: AC, RG, RS, RR, CW, MW, LR, JM, PE, FC, JG, JK, KV, DZ, AV, JW, and VB
Send to Kindle[Note: this is part of a standalone document written by Martin Walker in late 2019. It has been edited and condensed as it provides important considerations surrounding the topic of stablecoins. For more context, be sure to read the accompanying Parasitic Stablecoins article.]
Introduction
In spite of the relative immaturity of “Stablecoins” as both an asset class and as a form of financial sector technology, they has recently attracted a huge degree of attention from regulators, central banks, academia, the media and many parts of the financial sector. This attention has particularly intensified since the announcement by Facebook of its own stablecoin (Libra) on June 18, 2019.
Reportedly prompted by this, a joint committee was formed by central banks from the G7 group of major economies, the International Monetary Fund (IMF) and the Bank for International Settlements (BIS).1 This group reported its own findings, focusing on potential regulatory and economic impact in October 2019.2
Defining stablecoins can be challenging business because there are already a significant number of variations and some of the most discussed stablecoins are still in development. The most basic and broadest definition includes three main characteristics,
While most research on stablecoins focuses on the economic and regulatory implications, the purpose of the this paper is to present an analysis of the practical implications for key processes such as payments and settlement, not to mention the potential impact on systems within financial institutions and overall financial market infrastructure. Stablecoins as both an asset class and to some extent a form of financial sector. Consequently they have challenges to adoption in terms of competing with the current world and interacting with it.
Stability and Collateral
The most straightforward step to create a form of digital currency that has a stable value is to peg its value to a financial asset with a stable value. Most stablecoins are pegged in value to a specific currency. Tether is pegged in value to the U.S. dollar on a one-to-one basis. Others are pegged (or proposed to be pegged) to a basket of currencies. Libra was originally proposed to be pegged in value to a basket consisting of the U.S. dollar, euro, yen, British pound and Singapore dollar. Other stablecoins attempt to achieve a higher degree of stability by pegging their value to a basket of assets, including cryptocurrencies, in the belief that diversification alone will achieve a higher degree of stability. Finally there are stablecoins pegged in value to commodities such as gold or oil. Claiming to have a pegged value does not (as is discussed below) mean a stablecoin is fully backed by funds in that currency.
Maintaining a peg is much harder than simply claiming a stablecoin has a value pegged to another asset or basket of assets.3 The degree of stability depends on
Real or proposed stablecoins have reserves in one or more of the following types
It is easy to claim a stablecoin is pegged to the value of an established currency and is backed by reserves is not by itself, it is another matter to maintain a stable value for a stablecoin some of which, such as USDT, experience periods of extreme instability.
Maintaining Stability
Central Banks could potentially issue a form of electronic money that had the same economic characteristics as physical cash or central bank reserves. This is typically referred to as Central Bank Digital Currency (CBDC). CBDC could be issued on some form of DLT (making it a form of stablecoin) or a centralised system. While there have been experiments by central banks with central bank money issued on distributed ledgers, no central bank has announced plans to create a “stablecoin.” The People’s Bank of China has been developing the concept of a form of using digital cash (potentially using DLT) for five years but nothing is in production yet. As of late-2019 the closest thing to a real world CBDC system was Ecuador’s failed attempt, the Dinero Electrónico, which was launched in 2015 and closed in 2018.6
Other relevant issues to maintaining the stability, or even basic credibility of stablecoin relate to legal and operational issues. If the issuer of a stablecoin fails, the assets ideally should be in a legal structure that is “bankruptcy remote” (i.e. the holders of the coins can claim the reserves in preference to other creditors of the issuer). The bankruptcy remoteness of the Libra foundation, or even the general recourse Libra holders would have to the reserves of the Libra foundation are currently unclear. For the stablecoins used in cryptocurrency trading such as Tether and the Gemini Dollar there are varying degrees of bankruptcy remoteness. In the USC model, Fnality funds would be set up in a bankruptcy remote structure. JPM Coin (or almost any commercial bank issued stablecoin) is supported by the overall balance sheet of the bank. Holders of JPM Coins would most likely be treated like any other bank account holder.
For any stablecoin to remain truly stable it would need an issuer willing to buy and sell the stablecoin at par, or a very small spread above and below par. Even existing stablecoins with better controls that Tether such as Pax or the Gemini Dollar shows significant fluctuations in price. Convertibility on demand causes challenges for stablecoins, it would increase the probability in most jurisdictions that issuers would need to treat the owners of their coins as their customers for AML/KYC purposes. It would also cause challenges in terms of liquidity management. According to the Libra white paper, only specified liquidity providers will be able to buy and sell Libra directly with the Libra foundation. Other holders of Libra will not be able to redeem their Libra directly. JPM Coins will simply be transferred to or from client’s existing J.P. Morgan bank accounts.
Auditing of the reserves and the controls that are put in place to ensure the reserves are segregated from the issuers other liabilities is another fundamental feature required for maintaining price stability against the assets pegged against. One of the major reasons for the volatility of Tether was the lack of a recognised audit of their reserves and the worry, subsequently proved to be correct, that the Tether was not fully backed by reserves held as bank balances.7
Payment and Settlement Processes
For stablecoins to be effective as a part of conventional Financial Market Infrastructure as opposed to just being a tool to support cryptocurrency trading, they need to support the following fundamental processes that involve the transfer of money, either one way movement or synchronised with the movement of money or securities in the other direction.
| Process | Description |
| Domestic Payments | Payments in between two parties in the same jurisdiction in the local currency. |
| International Payments | International payments typically involve a foreign exchange transaction as the sender’s home currency is converted in the recipient’s home currency. In many cases such as cross-border payments within the Eurozone there may be no need for a foreign exchange transaction. |
| DVP | Delivery versus Payment is the synchronised exchange of a security for cash. DVP is used in both the settlement of purchase/sale of securities and the temporary exchange of cash in securities in areas such as Repo and Securities Lending. In conventional financial markets. Currently DVP requires the use of a trusted third parties such as a Central Securities Depository/Securities Settlement System e.g. DTCC or Euroclear or a custodian. |
| PVP | Payment versus Payment, is the synchronised exchange of two different currencies. PVP is used for the majority of transactions by volume in the foreign exchange payments using the services of CLS Bank. |
| Custody | Holding a financial asset on behalf of the economic owner of the asset. Custodians provide of a variety of services in addition to basic safe keeping of assets including, lending securities, financing long positions and dealing with corporate actions and events. |
| Collateral | Temporarily delivering financial assets to another party to offset credit risk is fundamental part of the operation of most financial markets. Collateral in the form of money, securities or other financial assets may be delivered to the counterparty, a central bank, a tri-party agent or a CCP depending on the nature of the transaction |
| Novation | Novation is the transfer or contractual obligations and rights from one of the original parties to a contract to another party. |
Payments
Domestic payments between customers within the same bank are always the most technically and operationally simple to process. Most banks should have little difficulty in processing payments in anything less than a few seconds and at minimal cost. Fundamentally all users of a particular stablecoin will essentially have an “account” at the same virtual bank, or in the case of JPM Coin or Signet, the same actual bank. Even if a bank has archaic batch-based or even paper-based solutions for internal transfers, using DLT is just one of many possible approaches to speeding up transfers.
Domestic payments between parties that bank use different banks is more considerably more complicated than payments within the same bank because of the need for banks to manage intra-day liquidity in order to avoid running out of the funds required to meet their liabilities.
However huge progress has been made in this area over the last two decades. Payments between parties that bank at different banks has been made close to instant in most developed countries through the implementation of low cost and efficient Real-Time Gross Settlement (RGTS) systems and internationally via initiatives such as SWIFT gpi.
Previously settlement of domestic payments was based on systems that used Deferred Net Settlement (DNS), basically settlement of payments was made at the end of the day after all payment instructions had been received and the net amount each bank owed each other was calculated. The existence of RTGS in over 90 countries has demonstrated that making payments instantly and settling in central bank cash does not remove the problems of liquidity or even credit risk. Central Banks have found the need to implement additional measures to avoid problems resulting from the “lumpy” nature of payments flow between banks, stress conditions and banks passively releasing their own payments after receiving payments from other banks.8
To deal with these issues central banks introduced a variety of mechanisms including Liquidity Savings Mechanisms (LSM), which group together payments before releasing to get smoothing payment flow, targets for the proportion of payments released immediately, and lower fees for the releasing payments earlier during the day. Stablecoins, if they reach sufficient scale, would not get rid of any of these problems and it is likely they would have to replicate the same mechanisms. It is worth noting that as part of its experiment with DLT in domestic payments (Project Ubin) the Monetary Authority of Singapore implemented an LSM using DLT.9
While small scale international payments for many countries can take minutes, wholesale payments can still take days, particularly if they involve the settlement of a related foreign exchange transaction. Based on analysis by SWIFT some of the key sources of delays in international payments include, errors within the systems and processes of both the sending and recipient banks, the need to carry out checks for Anti-Money Laundering (AML) and combatting the financing of terrorism (CFT) and in some countries the operations of exchange controls.
Stablecoins do not innately solve any of these issues, particularly where the desired end result of a payment in a deposit in the bank account of the ultimate recipient in the appropriate currency. More retail-focused stablecoins such as Libra may simplify international payments if Libra is used to directly purchase goods and services. However, holders of Libra (assuming Libra is backed by assets in a basket of currencies) will be exposed to the market risk of fluctuations in exchange rates. It is also unclear what the costs will be on converting into and from Libra.
PVP
The need for payment-versus-payments is an essential need for wholesale FX trading, to avoid settlement or “Herstatt” risk. This is risk that one party to an FX transaction delivers the currency they have sold but the other party does not deliver the currency they are owed, for example due to bankruptcy.
PVP currently requires a trusted third-party to manage cash flows including the release of funds when both parties have delivered the required currency. The majority of foreign exchange transactions are settled through CLS Bank, which provides multilateral netting and connections to the RTGS systems of 17 central banks. On a typical day CLS settles $5 trillion of transactions. The ability to net settlements on a multilateral basis for over 90 of the world’s largest financial institutions allows CLS to reduce the net amount of funds that have to be transferred by 96%.10
The potential opportunity claimed for some stablecoins is the ability to implement a PVP mechanism without the need for having a third party involved and a shorter (if not instant) settlement cycle. The mechanisms required to support PVP using a stablecoin depend on where and how the two currencies are represented. Excluding cryptocurrency related stablecoins such as Tether or Pax, there are the following combinations.
Scenario 1 – USC is currently planned for up to 5 currencies and also plans to have separate ledgers for each currency. Therefore to achieve PVP they would need to create smart contracts that operate on two ledgers simultaneously. Fnality plans to use an architecture called Ion produced by Clearmatics but this is still a work in progress.11 Ion is also planned to support PVP between different ledger technologies such as Ethereum and Hyperledger Fabric.
A more commonly discussed model for dealing with assets on different ledgers, potentially ledgers implemented using different DLT is the “Atomic Swap” where a smart contract on one ledger will only allow the transfer of funds if funds have been transferred on the other ledger:
“Atomic swaps solve this problem through the use of Hash Timelock Contracts (HTLC). As its name denotes, HTLC is a time-bound smart contract between parties that involves the generation of a cryptographic hash function, which can be verified between them. Atomic swaps require both parties to acknowledge receipt of funds within a specified timeframe using a cryptographic hash function. If one of the involved parties fails to confirm the transaction within the timeframe, then the entire transaction is voided, and funds are not exchanged.”12
All the proposed technical models for achieving PVP for ledger-based assets are in the early stages of development. In some proposed stablecoins the degree of centralisation of the stablecoin would make it easier to use an established technology and process design to achieve PVP.
Achieving PVP between a stablecoin and a conventional currency, without involving an intermediary is considerably more problematic. The nature of conventional forms of money mean they are inherently centralised either as a record at a commercial bank or a central bank. Possible models of interaction with existing payment infrastructure is described in the next section “Interaction with Current Financial Market Infrastructure.”
In terms of shortened settlement cycles, stablecoins used for PVP are likely to come into competition with services such as CLS Now, which allows same day settlement of FX transactions using PVP for Canadian dollars, Euros, Pound Sterling and US dollars.
Interest Charges and Payments
It is very easy in a low interest rate environment to forget stablecoins are likely to need some capacity for the payment and collection of interest on balances. This is a particularly strong requirement even now for stablecoins that are proposed to be based by central bank reserves.
For currencies (at time of writing) where the central bank has negative interest rates on balances in reserve accounts (for example the -0.5 % charged by the European Central Bank), it will be necessary to pass on the charge to the holders of stablecoins otherwise the issuer of stablecoins will rapidly become involvement. The issuer of the stablecoins (who holds the backing funds in a reserve account) will need to carefully track who held what balances for what time periods and charge relevant holder, deducting interest owed from balance in the stablecoin or be able to charge interest directly if there are insufficient balances in their stablecoin wallet to pay interest. This inherently introduces and element of credit risk.
Similarly, where a central bank pays interest on reserve accounts it will be necessary for interest to largely be paid on to the relevant stablecoin holder otherwise there is a major disincentive (even at low positive rates) for firms to hold balances in stablecoins for anything other than the shortest possible duration.
DVP
Delivery versus payment is the synchronised exchange of a security for cash. DVP is used in both the settlement of purchase/sale of securities and the temporary exchange of cash in securities in areas such as Repo and Securities Lending. Currently DVP requires the use of a trusted third parties such as a Central Securities Depository (e.g. DTCC or Euroclear or a custodian).
DVP presents many of the same challenges and opportunities as PVP. Three key scenarios would need to be dealt which are similar to the PVP scenarios.
Neither Fnality, JP Morgan, nor Libra have currently announced plans to issue securities on the ledgers they are planning to build to support their stablecoins. This currently leaves only scenarios 2 & 3 as plausible short-term possibilities. Scenario 2 raises the same challenges described for PVP but assumes a significant number of securities would be available as securities that are initially issued as on a distributed ledger or are tokenised versions of conventional securities.
A “tokenised” security is one where the original security is “immobilised” i.e. held in trust by a third party such as custodian and economically and legally equivalent representation of the security is recorded on a Distributed Ledger. There is currently only a small number of securities either issued on distributed ledgers or tokenised. Those that have been issued are typically small scale pilots. Interacting with a CSD to achieve DVP is problematic for the same reasons as trying to achieve PVP between a stablecoin and a conventional asset.
Custody
In the existing financial world, financial assets are held in the name of a third party for a variety of reasons including security and the desire to gain access to the range of service offered by custodians. Custodians provide a range of services that go beyond simply safe keeping of assets. These include operating lending programmes for securities, lending funds against the security of assets held and the processing of corporate actions on securities.
Keeping cryptocurrencies and other crypto-assets with a third party has grown in popularity because of the inherent vulnerability to theft of that most cryptocurrencies and crypto-assets. Obtaining a private key is all that is necessary to transfer all the assets associated with that key.
It is nearly impossible to cancel ore reverse transactions if assets are stolen or even sent to the wrong party by mistake. This is a feature included in cryptocurrencies such as Bitcoin, by design. Reversing transactions in the event of crime or area depends on either law enforcement seizing the private keys or other parties co-operating to return assets (which may have costs) – This is due to lack of central control. Anyone can attempt to “fork” most blockchain based systems but this technical process which basically comes down to re-writing history and pretending certain events did not happen is dependent on the co-operation of a critical mass of infrastructure providers called “miners.” And the loss of the private key means the assets are essentially gone for ever and impossible to retrieve.
Custody of most crypto-assets means handing over the private keys to a third party and attempting to ensure that private key is not used by the third party or their staff to steal. With some custodians, private keys are printed on paper and kept in physical safes. Private keys are broken up into pieces and distributed across multiple systems. In the worst case this simply increases the risk of losing access to the crypto assets.
The need for this form of custody essentially depends on the extent to which a stablecoin is operated on a decentralised ledger. For Libra the extent of decentralisation is currently unclear. For Fnality and JPM Coin the high degree of central issuance makes it unlikely that cryptocurrency type of custody would be required. It is likely that organisations wishing to hold wholesale forms of stablecoins may wish a third party to hold their balances in order to outsource the processing of stablecoin transactions, including payments, receipts and conversion to or from conventional currencies.
Collateral
The final area of processing that stablecoins would need to support is the ability to give or receive them as collateral. Collateral is provided either to a counterparty or trusted third party such as tri-party agent or CCP to offset the credit risk arising from other financial transactions such as derivatives trades. In principal there should be no major issues providing stablecoins as long as the recipient has the technical infrastructure to process stablecoin transactions, value stablecoins and the ability to represent them correctly in systems such as their risk, finance, accounting and operational systems.
Inter-Operating and Competing with Existing Infrastructure
Overview
Stablecoins that are designed to appeal to a wider range of users than cryptocurrencies have to be capable of integration with existing financial market infrastructure. To be accepted by regulators they also need to comply with the appropriate regulations for each jurisdiction. This section describes the types of market infrastructure that will need to be integrated with and the challenges that creates.
The Challenge of Integration
One of the major and inherent weaknesses in the design of cryptocurrencies is the problems that arise when a new form of financial infrastructure is designed without giving any thought to how to integrate with existing infrastructure, whether in terms of market level infrastructure or internal to financial services firms.
The current cryptocurrency industry did not grow to its existing size by operating as a parallel payments and banking system that provides alternative ways to make payments or store value. It grew by throwing away the basic principles of decentralisation and disintermediation by recreating centralised systems (i.e., intermediaries) that kept a parallel record of cryptocurrency holdings to that stored on the ledgers of the relevant cryptocurrency. The repeated hacks, thefts, and other failings consistently demonstrated that this centralised infrastructure to support decentralised assets was seldom built with any regard to meeting the BIS Principles, or even in some cases local laws.13
Challenges to integration largely arise from the factors present in most forms of DLT:
Many of these features have been abandoned or worked around as the various forms of DLTs have evolved but to vary degree represent challenges both in terms of integration to FMI and the operation of the key processes related to settlements and payments. Sometimes to the point where it is questionable why a form of DLT makes any sense at call compared to conventional Centralised or Distributed Systems.
Forms of inter-operability
The following are the potential conventional forms of infrastructure that the next generation of proposed stablecoins will would potentially need to interact with.
In the following section we focus on the conventional types of financial market infrastructure described below that would be significantly impacted by the more widespread adoption of stablecoins.14
| Systems | Description15 |
| Payment Systems (PS) | “A set of instruments, procedures, and rules for the transfer of funds between or among participants; the system includes the participants and the entity operating the arrangement.” This includes the various RTGS. |
| Central Securities Depositories (CSD) | “An entity that provides securities accounts, central safekeeping services, and asset services, which may include the administration of corporate actions and redemptions, and plays an important role in helping to ensure the integrity of securities issues (that is, ensure that securities are not accidentally or fraudulently created or destroyed or their details changed).” |
| Securities Settlement Systems (SSS) | “An entity that enables securities to be transferred and settled by book entry according to a set of predetermined multilateral rules. Such systems allow transfers of securities either free of payment or against payment.” |
| Central Counterparties (CCP) | “An entity that interposes itself between counterparties to contracts traded in one or more financial markets, becoming the buyer to every seller and the seller to every buyer and thereby ensuring the performance of open contracts.” |
| CLS | “CLS Bank (CLS) is a limited purpose bank for settling FX, based in New York with its main operations in London. It is owned by 69 financial institutions which are significant players in the FX market. It currently settles trades in 17 currencies. CLS removes principal risk by using PVP – you get paid only if you pay. On settlement day, each counterparty to the trade pays to CLS the currency it is selling – eg by using a correspondent bank, as with the example in the previous box. However, unlike the previous example, CLS pays out the bought currency only if the sold currency is received. In effect, CLS acts as a trusted third party in the settlement process.”16 |
| Internal Financial System Infrastructure | The core internal infrastructure of banks and financial institutions. This includes systems used for risk management, P&L calculation, transaction execution and accounting |
Payment Systems (PS)
Stablecoins that are backed (in whole or in part) by bank balances at commercial or central banks will need some degree of integration with a payments system or the payments infrastructure of a given bank. This will be necessary to process the receipt of funds that preceded the issuance of new coins, outgoing payments when there is a redemption and potentially payments or receipts of interest on stablecoin balances. A stablecoin based on central bank reserves would generally need to be connected to some of Real-Time Gross Settlement system to minimise delays in the issuance of new coins.
Such integration is generally straightforward assuming the issuer of stablecoins is allowed to access directly relevant payment systems. A more interesting question is the impact of stablecoins as a competitor to conventional payment systems.
A stablecoin denominated in a single currency needs to demonstrate it has some form of superiority in terms one or more of the following
While at the same time dealing with the challenges of ensuring there is sufficient liquidity in the stablecoin network for parties to meet their obligations. The experience of introducing RTGS in over 90 central banks since 1980s demonstrated that allowing a pure system of gross settlements in payments, with participants free to release payments at any time can cause liquidity issues that need to be dealt with by technical changes, such as the implementation of Liquidity Saving Mechanisms (LSM).17
To quote the New York Fed:
“Liquidity-saving mechanisms (LSMs) are queuing arrangements for payments that operate alongside traditional real-time gross settlement (RTGS) systems. LSMs allow banks to condition the release of queued payments on the receipt of offsetting or partially offsetting payments;”18
Some central banks also created rules/targets for when payments should be released or financial incentives for early release of payments.
Retail focused stablecoins need to be able compete with faster payments, credit card and debit card networks. Payments mechanisms that can be highly efficient in many economies. In cross-border payments, stablecoins need to be able to demonstrate they are a more efficient mechanism for dealing with the major areas of delays and costs such as compliance with AML rules and in some markets exchange controls.
Central Securities Depositories & Securities Settlement Systems
For infrastructure such as Euroclear, DTCC, ASX’s CHESS system or Takasbank in Turkey to perform delivery versus payment, they need to have access to a security register to update ownership records and a funds belonging to participants, either held directly at the FMI or at a Central Bank. They also need to be able to provide trade capture, matching and netting capabilities.
For a stablecoin to be used in the DVP settlement, the FMI needs to be able to directly access stablecoin balances belonging to the participants in trades, either directly or on behalf of participants by a third party. This would require work by both the CSD/SSS and the stablecoin provider. There is no obvious benefit from this arrangement. Other systems belonging to the CSD/SSS would need to be modified to represent what is effectively a new currency. For countries that have long established infrastructure in this area, it quite likely adding an additional currency would require additional effort.
Central Counterparties (CCP)
Any organisation likely to acquire large balances in high quality stablecoins is likely to want to be able to provide those stablecoins as collateral in bilateral transactions, with central banks and with Central Counterparties. Should CCPs chose to accept stablecoins they would need to make significant changes to their systems to interact with the relevant distributed ledgers and set them up as new currencies or asset classes within their systems.
CLS
CLS is such a fundamental part of the global financial market infrastructure that any stablecoin that is used on a very large scale is likely to need some degree of integration. It should be remembered though that the vast majority of currencies (by number not importance) are not supported by CLS. Potentially a stablecoin could be added as another CLS currency allowing the benefits of multilateral netting and integration into the core global FX processing. However it would depend on a very high degree of demand and a many regulatory approvals.
In many ways stablecoins compete directly with existing CLS services so it is also questionable the extent to which CLS may support their adoption.
Interoperability with Financial Sector Internal Systems
There are two main areas where the internal systems of financial sector firms would require modification. Their outward facing interfaces that would need to interact with a range of distributed ledgers (unless they outsource this interaction to third parties – essentially creating a new class of correspondent bank) and modifications to inward facing systems such as those belonging to the risk, finance, trading, operations and treasury departments. Perhaps the closet analogy was the creation of an offshore version of the Chinese Yuan, commonly known as “CNH.” Though no wholescale re-engineering was required, it did commonly require changes to be made across a great many systems to recognise the difference between CNH and the on-shore version of the Yuan, “CNY.” This had a particularly large impact for those banks offering services in CNH.
Having two versions (or more) of essentially the same currency creates a great deal of scope for confusion in trading, treasury and support processes. Subtle differences in liquidity and conversion costs also mean that the different versions of the same currency have to be treated differently in many different ways including charges, interest rates and the curves used in pricing positions.
Interoperability with Distributed Ledger Based Infrastructure
Interoperability with emerging infrastructure based on DLT is also likely to create a number of challenges.
Some forms of Market Infrastructure in-progress (or beta) such as ASX’s CHESS system (for securities settlement) and the HQLA-X system for exchange of High-Quality Liquid Assets for lower grade assets are essentially centralised systems that use elements of DLT as part of the overall system design. Interfaces would need to be like any other form of FMI. Those interfaces would need to take into consideration security, privacy and the need for agreed data standards. There would also be the complications of adding what is effectively a new currency.
One of the proposed methods of allowing interaction between different types of ledger or even different instances of the same DLT but recording different assets or used by different parties, is the Atomic Swap. Using this method, funds on the two different ledgers are only released when both parties acknowledge that assets have been transferred. If the two acknowledgements are not received within the agreed time, the assets will be transferred back to the original addresses.
Atomic Swaps are still an emerging technology that have been widely tested in cryptocurrencies. However on a theoretical level they raise governance issues. If assets are on ledgers ultimately controlled by two different parties, whose has governance over the transaction? It also provides an element of optionality to each party to change their mind about whether to go ahead with the transaction. They could simply not deliver and have their asset returned to them. There are similar problems in the current world. Some counterparties have high rates of settlement failure on securities related trades because of issues in their operational processes or systems. Others at times have financial incentives to allow trades to fail, which had created significant problems in the operation of the Repo market.19 This has resulted in stricter rules and fines in many jurisdictions.
Conclusions
Creating stablecoins as forms of either financial market infrastructure (i.e. used by multiple financial bodies in the case of USC or as essentially internal systems, as is in the case of JPM Coin, Wells Fargo Digital Cash or Signet) clearly does not require the use of any form of Distributed Ledger Technology. Most of the use cases ultimately involve some form of book transfer of funds within essentially the same systems. Allowing customers of the same bank to transfer funds between each other in real-time 24*7 at little to no cost is a service provided by many banks today. The only bottleneck to allowing this in other banks is either a lack of willingness to provide the service or the use of antiquated systems that rely on batch processing.
Liquidity issues out of hours
At the market level, real-time payments within a currency bloc, that settle in central bank money have been implemented using Real-Time Gross Settlement Systems in over 90 countries to date. Some of those payments systems such as the Eurosystem’s TARGET2 have been extended to support securities settlement (T2S) and smaller scale instant payments (TIPS). For the cross-border market CLS connects together the RTGS of 17 currencies to allow PVP settlement against central bank reserves.
The challenges faced in creating creditable stablecoins that can grow beyond simply supporting speculation in cryptocurrency trading are large. Stablecoins backed by Central Bank reserves require the explicit backing of the relevant central banks. Stablecoins such as Libra have attracted extreme scrutiny if not outright opposition from Central Banks and politicians both because of concerns over the stability of the financial system and a lack of trust by some politicians in Facebook as an organisation. Any stablecoin that is regarded as a key part of Financial Market Infrastructure is likely to be required to meet strict regulatory controls, reflecting the principles laid out by the BIS in “Principles for financial market infrastructures.”
Creating interoperability between the infrastructure on which stablecoins operate and existing infrastructure, not to mention potential future infrastructure that runs on different versions of DLT is a non-trivial task, not made any easier by the use of DLT. Such interoperability will be vital if stablecoins ever hope to be anything more than parallel RTGS systems.
Finally the obstacles that have been encountered by RTGS in managing liquidity are unlike to be removed by the use of DLT. In many countries the introduction of RTGS, identified the need to create mechanisms to ensure firms did not hold back payments, creating intra-day funding needs, intra-day credit risk and general systemic risk. If is very likely that if stablecoins were used in a significant volume of transactions there would be a need to introduce many of those measure described that had to introduced for RTGS such as Liquidity Savings Mechanisms.
Then there are the challenges with DLT. None of the various forms of DLT have proven themselves at scale and in a regulated environment and it is questionable whether they a better form of technology, even for implementing stablecoins that existing technologies.
Stablecoins may succeed in the long-run if they can demonstrate an ability to support better ways to manage liquidity including broader, if not continuous, settlement cycles for both money and securities. Finally one of the key concepts between more advanced forms of DLT such as Ethereum or Fabric was to allow parties to agree bilaterally or in groups to deploy agreed business logic in the form of “Smart Contracts” that can be executed when transactions are processed. This type of flexibility could be a potential path to the a higher degree of standardisation in processing financial transactions without the need to have a central, and inherently slow moving body, setting standards for a whole area of business or jurisdiction.
References
Send to Kindle
[Note: I neither own nor have any trading position on any cryptocurrency. I was not compensated by any party to write this. The views expressed below are solely my own and do not necessarily represent the views of my employer or any organization I advise.]
Summer has nearly arrived in the northern hemisphere and several friends have reached out to ask several unanswered questions and rumors.
Note that many of the questions below are about commercial and trade secrets where there is no obligation to make the information public.
For instance, we could openly ask how much Cargill (the largest private corporation in the US) spends to manufacture its wares but they are under no obligation to provide that to anyone beyond their managers, shareholders, and regulators.
Similarly, most of the companies (and individuals) below are under no obligation to provide answers. However since we think it is in the public interest to know who benefits from certain decision-making (such as who first knew about #NoBugFix last year), we are publishing them here with the aim of answering them over time.
This is a non-exhaustive list and arranged in no particular order:
(1) We were promised a public audit, so who hacked Bitfinex in August 2016? Was it an inside job? Compromised BitGo account? Who was moving the ‘stolen’ coins last month? Will the current NY AG lawsuit versus Bitfinex/Tether reveal these details?1
(2) Ripple’s co-founders gave (granted?) ~80 billion XRP to Ripple Inc. back in January 2013 when it was still called OpenCoin. How much XRP was/is given to early investors like a16z and/or future partners?
(3) When R3 sued and settled with Ripple in 2018, rumors circulated that R3 won the equivalent of ~$500m in XRP and were limited to selling just as Jed McCaleb is constrained by.2 How much was the settlement for and how much XRP has been sold? How much do XRP sales account for R3 and other organizations revenue? For instance, Ripple has sold at least $1.1 billion in XRP to finance its operations through mid-2019. What are the ramifications if XRP is deemed a security?
(4) Three years ago several Bitcoin Core developers were allegedly involved with an astroturfing campaign (such as Antbleed) via coordination in a “Dragon’s Den” Slack room. Was this real and if so, who are these people? Are they still active?
(5) A couple years ago, Jackson Palmer and Angela Walch separately asked who were the people that had merge access in the Bitcoin Core repo. They were rebuffed and told this is a necessary secret to maintain. Is this a secret? If so, why the lack of transparency and who made this decision? How common is this secrecy in other coin projects?
(6) As Bitfinex is an investor in Blockstream, what’s the formal relationship between the two organizations today, specifically with respect to Tether?3 Do either organizations operate OTC trading desks? If so, where and how are those licensed or legally structured?
(7) It is alleged in a lawsuit that EOS organizers recycled its year-long ICO proceeds back into its own sale thereby inflating its raise and generating hype. How much actual coin money from retail investors was sent into this generally solicited ICO?
(6) In April 2017 Bitfinex (briefly) sued Wells Fargo regarding the cutting off of correspondence banking… and a week later withdrew the suit. What were the names of the Taiwanese banks that were supposedly at the center of this (non) compliance controversy? Did these banks eventually reopen accounts on behalf of Bitfinex or Tether?
(7) Based on an interview with George Fogg, a 2015 FT article pointed out that Bitcoin (and likely other coins) has a lien problem: that due to rampant thefts and DNM activity there were probably more claims on specific bitcoins than there were bitcoins.4 What percentage of bitcoin (or other coins) are encumbered today?
(8) A rumor since 2014 is that a US-based coin exchange signed a deferred adjudication agreement with the federal government due to money laundering issues. If true, will it be revealed if/when an IPO is filed?
(9) Since SAFTs are largely considered cadavers in the US, what (if anything) will happen to its creators and early promoters? Enriched and sauntering off into the sunset? Or disbarred and disgorged?
(10) Will deposit-taking coin intermediaries ever be required to comply with federal laws as banks do in the US? Will they simply end up lobbying and moving shell entities into the state of Wyoming for an SPDI?
(11) FinCEN carved out a loophole for proof-of-work miners in 2013. Yet in practice, mining pool operators can and do select or censor transactions.5 Will they be held liable as an MTO or PSP as more value is moved through their machines and regulators catch-on?
(12) It is alleged that Craig Wright has plagiarized and used ghost writers for publishing papers. Who are they and how much were they paid?
(13) Last year, a former senior executive at a US-based coin exchange is alleged to have undue influence on listing coins based on his bags. What, if any, are the internal controls erected to prevent this type of behavior in coin exchanges? Several coin creators and issuers have joined and/or created coin exchanges in the past.6 Have any of them used their position to profit off of the asymmetric knowledge on listing their coins (or others)? If so, how to prevent this in the future?
(14) Lightning Network was frequently marketed as being ‘just around the corner’ yet it appears to have stagnated in activity over the past 18 months. Who(m) is responsible for this continued delay? Will it reach its marketed potential in the next year or too much of a Rube Goldberg machine? When will LN hubs need to become compliant with the Travel Rule?
(15) Who acquired the @Bitcoin user on Twitter last year? Did the acquisition or transfer violate the Terms of Service?
(16) Regarding the revolving door: how many former regulators now work at coin intermediaries? And vice-versa: how many former coin employees work with regulators? With the push for additional stablecoins and potential CBDCs, will there be transparent interactions between regulators (and politicians) and vendors? If a single vendor oversees a proprietary codebase, how will this not result in a Hold-Up problem?
(17) At least one Chinese exchange, pre-2017, went out of its way to support scams like MMM. How many exchanges knowingly profited from allowing MMM or BitConnect-like actors to operate? Are regulated stablecoin issues such as Paxos aware of this?
(18) bitFlyer was accused of knowingly laundering money for the Yakuza. How many other exchanges have done so as well? In a given year, what percentage of exchange revenue comes from laundering the proceeds of organized crime?
(19) A conspiracy theory (joke?) is that whenever a coin exchange operator in South Korea gets a tax bill, they hack themselves in order to reduce the tax liability. Is this true and if so, how much has been pilfered?
(20) Jackson Palmer, Gwern Branwen, and others have poked into the original source code of Bitcoin and found the seeds of a marketplace and poker lobby.7 Was the original goal to also include a coin exchange or DNM?
(21) Why is Coinlab still dragging its feet during the never ending Mt. Gox bankruptcy proceedings? 8
(22) Was that really Gerald Cotten’s body or is he just mostly dead? Did Cotten act alone as the narrative leads us to believe or did Michael “identity theft” Patryn have a roll in the missing funds? As it was during their honeymoon, is Jennifer Robertson aware of anything odd about the circumstances surrounding Cotten’s death?
(23) Late last year, one of the allegations against Virgil Griffith included somehow helping move a computer system to act as a mining rig across the border to North Korea. We have heard rumors of used, second-hand mining hardware making its way across the same border in the past. Hardware manufacturers have said it is difficult to police because even if they KYC the original buyer, they have no control of where used hardware is sold over time. How much hashrate for Bitcoin or Ethereum and other PoW coins are generated out of North Korea?
(24) Common conversations at events imply that virtually every coin exchange has been hacked yet most simply eat the losses without publicly disclosing it. How many major hacks of coin exchanges in the US have still not been disclosed?9
(25) Several podcasters have openly bragged about not paying taxes on their coin dealings. For instance, the co-creator of a coin launched in 2014 from an organization based in California, now avoids California due to not having paid the state’s capital gains tax. How many others are virtue (vice) signaling? Or are they still counting on lax enforcement?
(26) Ethereum Classic (ETC) is technically the original Ethereum chain. During the debates over the ETH-ETC hard fork in late July 2016, a small handful of investors including Barry Silbert were vocally claiming on social media to support ETC.10 Several subsequent separate investigations into Silbert’s social media activity raised questions around anti-touting provisions of securities laws. If ETH or ETC was a security in 2016 due to a coordinated hard fork that was not sufficiently decentralized, who could be held liable for actively promoting a coin to unsophisticated investors? For instance, earlier this year actor Steven Seagal was penalized for not disclosing his paid endorsement of Bitcoiin2Gen (B2G). Does touting matter if a coin is or is not a security?
(27) The scandal and fallout around Joi Ito (and MIT) knowingly accepting funds from sex offender Jeff Epstein is still on-going. Last year we learned that Epstein was not just interested in Bitcoin, but he reached out to invest and fund Bitcoin-related companies and efforts (perhaps even DCI). For instance, Elizabeth Stark (from Lightning Labs) pointed out that she turned down an investment offer. Did Epstein put money into entities such as Digital Garage, which Ito co-founded?11 What about Digital Garage’s portfolio companies?
(28) The IOTA mainnet was stopped for days then weeks, and the non-anonymous founders fought in public about past grievances including funds that were supposed to build hardware devices… that were unaccounted for. The IOTA network, like EOS and Cardano, are arguably still centralized due to the smattering of nodes operated by a handful of entities. At what point are these types of networks deemed centralized money transmission operators (MTO) with the need to register with FinCEN and other similar regulators?12
(29) Where is Binance’s headquarters? Their executives often claim to not have offices – even when they are visited by the police… yet these same Binance executives appear in photo-ops on islands and jurisdictions found on the FATF blacklist. Where are they domiciled from a legal perspective? Do they pay taxes somewhere?
(30) In 2017, OKCoin and Huobi were penalized for not disclosing to their customers that they were re-investing deposits in other financial products. It is rumored that other coin exchanges have used their customer deposits and cash reserves to manipulate various coin prices which ultimately wreck retail investors, all because they can see trader’s positions and know exactly what amount of manipulation will close positions. How common is this?
(31) What happened to all of the funds donated to the dubiously self-serving ‘DefendCrypto’ effort? Recall that Kik conducted an ICO because it was running out of fundraising options… and then later sued by the SEC. Were all of the ‘community donations’ simply handed over to their lobbying organization (Blockchain Association) to spend carte blanche?
(32) Why do some coin exchanges employ outspoken tribalists or maximalists? What does this mean for how the exchange treats trades and orders for non-tribal-approved coins?
(33) How much do coin lobbying organizations charge to get fines or sanctions reduced? At least one DC-based organization removed the name of a prominent coin exchange (despite accepting their funds) after a lawsuit from NY AG was announced. Do these types of advocacy / lobbying organizations return the funds from illicit actors? When will the coin holdings of staff at coin lobbying organizations be required to be disclosed?13
(34) Over the past five years, numerous corporates and enterprises have publicly announced partnerships with more than a dozen different coin issuers. Most of these are vanity projects that end after 3-6 months. However, prior to the public announcement, it is alleged that insiders acquire coins with the expectation of a jump in prices.14 How common is this and how to remove this temptation from future decision-makers?
(35) CryptoDeleted was silenced by embarrassed social media personalities as it screen grabbed their boisterous coin shilling. How many other times has this specific type of suspension occurred on Twitter and other platforms with respect to documenting coin shills?
(36) Without providing any proof at the time, several prominent coin promoters claimed to have – or will have – donated large quantities of money to charitable organizations. In the case of Brock Pierce, more than two years ago his plans to donate $1 billion was uncritically reported on. Binance and other coin intermediaries that are in continuous legal limbo, also frequently claim to donate to causes in developing countries or for COVID-19. How much has actually been donated? Do operators believe such donations make up for listing P&D coins that fleeced retail investors?
(37) During the height of the fraudulent ICO boom days of 2017, dozens of coin funds were purportedly spun up to capitalize off the quick pump-and-dump on retail investors that was taken place globally.15 At the time, one article listed 15 such funds, most of whom appear to have fallen to the way side, and at least one (Polychain) that was sued by multiple different LPs for lack of transparency. How many of these funds got early access discounts and quietly dumped coins as soon as the coin got listed? How many actually paid taxes on the rumored ill-gotten gains?
(38) Soldering ASIC mining chips into always-on devices has repeatedly proven to be a bad deal for the consumer due to the fixed unit of labor within each device. Yet nearly every year starting with the 21.co toaster and Bitfury light bulb, a new manufacturer jumps into the fray to release yet another one of these environmental hazards. As an aggregate, how many of these all-in-one Earth sizzling devices have been shipped to consumers?
(39) Whatever happened to Halong mining? Their Dragonmint rig was repeatedly hyped by prominent maximalists back in late 2017 and early 2018. They shipped some units but they’ve been silent for a couple of years. Just one-and-done?
(40) With the release of the latest Raspberry Pi 4 and increasingly cheap SSDs, will node operators begin to (again) support larger block sizes? Aside from politics and ideology, what are the show-stopping technical reasons for not doing so? Too much to sync for a mobile device?
Bonus! Is ransomware fully dependent on the liquidity of cryptocurrencies? If so, will regulators and law enforcement eventually close down coin exchanges in order to snuff out this evergrowing parasite?
Again, this list is non-exhaustive and fairly US-centric. It also doesn’t even scratch the surface of C-level executives and apparatchiks who repeatedly use their social media platforms to push “buy the dip” memes onto unsophisticated investors.
For the future: what are some other types of questions that would serve the public interest in knowing the answer to? Recommended reading: Eight Things Cryptocurrency Enthusiasts Probably Won’t Tell You
Acknowledgements: many thanks to AC, GW, JS, CP, VB, AW, RS, AC, and CK for their feedback and suggestions.
Endnotes:
Send to Kindle[Note: this memo was written for the IIEL Issue Brief Series for Seminar on Sustainable De-Fi]
It’s been about six years since I began tracking the fintech space through my market research role at a couple of different firms. Fads have come and gone, a few have stayed. For instance, in the United States, P2P lending was all the rage in the early part of the last decade but has wasted away, despite a growing economy. In China, P2P lending became intertwined with the informal ‘shadow’ banking sector which not only blew up, but led to now notorious multi-billion dollar Ponzi schemes.
We can partially see this illustrated via The Disruption House (TDH), a data and benchmarking analytics firm focused on the financial sector, which found that some of the fintech exuberance peaked almost five years ago.
While this is not a fully comprehensive or exhaustive survey (TDH primarily focuses on wholesale capital markets), what has led to this particular decline? Part of it is unrealistic expectations that promoters failed to manage during the initial marketing phase… such as blockchains killing banks!
Another recurring issue is capital costs. Contrary to the narrative that a couple of bros with laptops in a Silicon Valley café can whip together an app that finally crushes too-big-to-fail banks, most, if not all of the fintech sectors require large capital investments to build out and eventually integrate Widget X, or Base Layer Y, into the existing financial infrastructure.
For example, last fall Apple humblebragged about its partnership with Goldman Sachs for the Apple Card, where on the one hand Apple tried to take credit for creating the product as a tech company but didn’t mention that Goldman also spent $300 million to develop it.
In response, Yakov Kofner, a managing partner at Gartner who focuses on payments and fintechs in general, mentioned last month that: “FSIs love to PR its Agile culture and open banking scale, but when it comes to launching a new product it somehow still requires hundreds-of-million budget and thousands of developers.”
Most startups, irrespective of geographic region, simply do not have the runway to build out these types of products, at least if we’re talking about apps with actual users and not mockups solely intended as Powerpoint viewership.
Another recurring issue is, even after launching a product, a lack of continued traction. Typically, a company that is actually experiencing real continual growth will boast specific metrics, milestones, and KPIs. But in the fintech world, we often see obfuscation:
In some corners of the financial press (like Alphaville), fintech became synonymous with simple user-interface facelifts, or at worst scams.
Despite this possibly cynical take, there are some bright spots of actual engagement. For instance, a couple weeks ago Zelle announced that it processed $56 billion in payments involving 230 million transactions during Q4 2019. This amounted to growth of 14% and 17%, quarter-over-quarter. Altogether they processed $187 billion in payments involving 743 million transactions in 2019. This amounted to growth of 57% and 72% year-over-year.
Yet according to a payments expert, Zelle may be double counting some send-receive volume and that growth is mostly legacy transfers moving to a new rail rather than some new payment use case or business model. In addition, in the United States, Venmo (and others including Square Cash) which is slowly catching up to Zelle in volume, arguably created a new use case, payment model, and improved customer experience (CX). Will these apps eventually vacuum in other features, pulling a reverse of what WeChat did over the years?
To be holistic, let’s look at some other relevant charts from other regions.
Source: CB Insights
CB Insights is an analytics company that, like TDH, tracks venture funding into startup ecosystems. In contrast to TDH, CBI saw increased activity globally in 2018, largely due to the Ant Financial raise. According to an analyst at CBI: “Fintech deals are down year over year, and the deals happening are at later stages.” Note: TDH looks narrowly at the European market whereas CBI’s remit is wider.
Lest we be accused of having an American-centric view (which obviously we do), FTPartners provided some already dated numbers… because the UK is no longer part of Europe as of a few days ago. Will Brexit impact local fundraising?
Source: FTPartners
An easier way to visualize this is via colorized bar charts:
Source: FTPartners
And how does European fintech deal activity compare to the rest of capital raises in other sectors throughout Europe?
Source: Dealroom
According to Dealroom, since 2013 fintech-related companies have “created over 2x more value than any tech sector in Europe.” That is interesting considering that venture rounds (and valuations) in Europe are often stereotyped as lagging their peers at the same stage in the United States.
But as we see below, for the past few years, that stereotype appears incorrect.
Source: Dealroom
It bears mentioning that the Dealroom stats do not include biotech in health.
And what happens with these companies in the long-run? What’s the exit?
Source: Dealroom
According to Dealroom, traditional banks are not able to acquire their way into fintech because “they do not have the mandate as their valuation multiples are too low and synergies are likely limited. Instead, financial institutions and other corporates are more involved via partnerships or by investing in minority stakes.”
As someone who has previously worked for a company (R3) that became bank (majority) owned, I find it unusual that some of these companies aren’t fully acquired by a bank or two. But we’ve been told, especially in terms of lending platforms, that some banks – at least in the short run – have found it as an alternative source to try and generate revenue from. So maybe this is just an experimental era? It also bears mentioning that the track record of such acquisitions, or setting up captive fintech subsidiaries, is abysmal, with many ending up being shut down altogether.
China is a touchstone today, more so than other times because of the ongoing coronavirus epidemic. This has also turned a bit personal as my wife is from northern China, as is our au pair. While we are all hoping for the best and for a speedy recovery, it is likely that deals and deal flow this year will look a lot different than they have in the past few years.
Source: CB Insights
Perhaps the most well known of the most recent exits (and coincidentally largest) is ZhongAn, an insurance company, who exited at an inflated valuation. How do we know? Because it has lost more than 60% from its peak after going public in late 2017.
We could, but won’t, go into the topic of P2P lending, but we’d like to give readers an idea of what happened aside from the aforementioned Ponzi schemes. According to the South China Morning Post: due to rampant fraud, all of China’s 427 remaining P2P lenders (from 6,000 back in 2015) will have to either close down within two years or become qualified small loan financial institutions.
Worth pointing out that this sector, P2P lending, meant the original fintechs before that word became popular. While they all started as P2P, they quickly pivoted to institutional capital. Many of them also promised incredible data insights by using social media feeds only to later default back to good old credit scores and cash flow analysis.
Does that mean all of the companies in the CBI chart above will suffer the same fate? No, but remaining grounded and realistic in the face of relentless positive press releases might be the balanced approach.
To round out this important region, let’s look at a larger breakdown.
Source: FinTech Global
According to FinTech Global, fintech investments between 2014-Q1 2019 in China reached a cumulative $60.1 billion. The largest aggregate was payment and remittances companies, which received $24.7 billion in funding. It’s also worth pointing out that one company, Ant Financial, distorts the overall number as it raised $14 billion in its series C and is currently valued in the private market at around $150 billion. Is this another WeWork valuation or a more legitimate Plaid valuation?
Conclusion
From the charts above it appears we are too early to say much other than the fintech world as a whole has a lot of work to do to deliver the claims it made to users. Capital seems ample but identifying legitimate operators, as in any sector, appears to be one of the largest ongoing challenges.
It is generally faux pas to add a new factoid in the conclusion of an article, but we’ll self-certify this exception.
Source: CBI
The spastic world of cryptocurrencies and blockchains arguably has yet to deliver on its ballyhooed promises beyond speculation, ransomware, and get-rich-quick schemes.
In aggregate, despite the billions in deals, as shown in the diagram above, there is a marked decrease in the word “blockchain” during earnings calls in 2019 compared to the previous year.
Why? Hype is subsiding. If we measure success based on user growth, increased revenue, and acquisitions (or public listings) we do not see much new activity outside the realm of mining, trading on exchanges, and throwing large conferences. And most activity targeting “the enterprise” is hovering around the relatively mundane documentation management and provenance arenas.
To be fair, there is a fundamental difference between conventional fintechs and the wild anarchic world of cryptocurrencies. There are definitely fintechs which brought massive value – and markedly improved CX – to businesses and consumers, including Lemonade, Next Insurance, and of course Ant Financial. Besides, valuations may not be the best measurement of the success of an industry.
Let’s follow-up in a couple of years to see what infrastructure is used and sustainable business models have silenced critics. Until then, a healthy dose of skepticism is warranted and seems justified in an era of anonymous twitter accounts reliably documenting… VCs congratulating themselves.
Send to KindleMore than a couple of people have asked for an update to a popular post published 14 months ago.
What has changed?
Before we begin, a quick reminder: the basic security model behind proof-of-work (PoW) blockchains is to make it economically costly to successfully rewrite the chain’s history. Finite resources, whether it is in the form of electricity or semiconductors, have to be consumed.
Therefore, a PoW chain such as Bitcoin, cannot simultaneously be secure and inexpensive to operate. Because if it was inexpensive to operate it would also be inexpensive to successfully attack.
Bitcoin
For Bitcoin, Bitmain announced its S17e system which can churn out 64TH/s. Each machine consumes ~2880 watts at the wall. The first of these units are scheduled to be shipped to customers in November (however other less powerful variants shipped during the summer).
The current Bitcoin hashrate has been oscillating around 100 million TH/s the past few weeks.
[Source: Blockchain.info]
If the entire network was comprised of the unreleased S17e-based machines, there would be around 1.56 million of them. In a given year these would gulp down about 39.4 billion kWh. But we know that is not the case yet. Thus, this will serve as our lower bound.
Bitmain is also shipping several other newly released systems, including the T17e. Like its cousin above, the T17e also consumes about ~2880 at the wall. But it is not as efficient per hash: creating only 53 TH/s with the same amount of electricity.
Why manufacture and sell two (or more) different machines that draw roughly the same amount of power?
Cost. the T17e costs $1665 and the S17e is $2483. The target market for the T17e is supposedly for miners who have low or no electricity costs.
How many T17e’s would it take to generate the 100 million TH/s network hashrate? About 1.88 million; or an additional 300,000 more machines than the S17e.
A quick pause. these types of bulk purchases are not idle speculation. In the middle of last summer, during a two-week period of time, the equivalent of 100,000 mining machines was added to the Bitcoin network (likely early variants of the S17). This is a reversal from last November, wherein the equivalent of ~1.3 million S9s were taken offline during one month.
Again, we know that in practice that there are many more less efficient miners still online. But crunching the numbers, 1.88 million machines each pulling in 2.88 kWh over one entire year results in… ~47.6 billion kWh annually.
Another Bitmain machine purchasable today is the new T17 that generates 40 TH/s, drawing about 2200 watts at the wall. It would take about 2.5 million of these to generate the Bitcoin hashrate all while consuming… ~48.2 billion kWh per year.
To be thorough, Bitmain released the S9 SE in July which generates 16 TH/s, drawing 1280 watts. It’s unclear how many of these have been sold but if the entire network was comprised of these: 6.25 million would need to be used. And they would collectively guzzle ~70 billion kWh. This would be a plausible upper bound.
For comparison, if Bitcoin (T17) were its own country it would at minimum consume roughly the same amount of electricity as Romania or Algeria. If the network were comprised of just S9 SE’s, that’d be about the energy footprint of Austria. In either case, very little is value is produced in return… aside from memes and lots of social media posts. And no, despite historical revisionism by maximalists, “hodling” is not what Bitcoin was originally designed for.
As mentioned in the previous post: no other payment system on earth uses the same amount of electricity, let alone aggregate number of machines, as a PoW coin network. That is a dubious distinction.
In looking at my previous post you will see a similar figure. In August 2018, using the (older) S9 machine (~13 TH/s) as a baseline, the Bitcoin network consumed about ~50.5 billion kWh / year.1 Some of these types of machines (like the S9 SE) are still on.
Thus whenever you hear a PoW promoter claim that:
You can rightly tell them all of those claims are empirically false. In fact, the only way for the resource demands of a PoW coin to decline is if there was a long decline in the coin price.
What do taxpayers – who underwrite the state-owned utility companies – get in return for subsidizing these energy guzzlers? New economic zones of growth and prosperity?
Nope. According to Chainalysis, in a given day more than 90% of activity on the Bitcoin network is simply movement from one intermediary to another. 2 Coin trading is by far the largest category.
And since most of these coin intermediaries increasingly require some form of KYC / AML compliance, the Bitcoin network has morphed into a expensive permissioned-on-permissionless network that has the drawbacks of both and the benefits of neither. There is no point in using PoW in a network in which all major participants are known: Sybils no longer exist.
A common refrain by PoW promoters is, Christmas lights and set-top boxes also consume huge amounts of energy!
First of all, that’s a whataboutism. But it also ignores how several Bitcoin mining manufacturers have actually tried to embed chips into these wares.
For instance:
As you can imagine, a fixed unit of labor eventually becomes unprofitable once difficulty levels increase. It’s the same fundamental problem that faced the 21.co toasters. Thus neither of these took off (the light bulb didn’t ship) even though retail users often keep both their home routers and living room lights on all day. Historically PoW equipment becomes e-waste fast and the last thing consumers want is embedded e-waste that guzzles electricity.3
We haven’t even touched on other PoW coins such as Ethereum, Bitcoin Cash, or Monero… but it is worth pointing out that nearly all of the money going to miners via the block reward is value leaking from the system, either to semiconductor manufacturers or state-owned utilities.
This isn’t idle speculation either, as Nvidia counted on massive consumption of its GPUs in early 2018 which didn’t materialize due to the crash in coin prices. This led to a glut of high-end GPUs in its channel partners, which hit Nvidia’s bottom line and was later reflected by a 50% decline in share prices (the same phenomenon impacted AMD too):
Apart from a couple of small investments, the value that a couple of semiconductor manufacturers or a clique of state-owned utilities receives via mining is money that is not being invested towards developing the chain itself.
And some of these mining manufacturers have privatized gains at the expense of taxpayers. For instance, Bitfury, used its political connections to obtain cheap land in the Republic of Georgia where it setup massive mining farms:
“The efforts have given Georgia, with 3.7 million people, a dubious distinction. It is now an energy guzzler, with nearly 10 percent of its energy output gone into the currency endeavor.”
In Kyrgyzstan, 45 “crypto” mining firms consumed more energy than three local regions combined:
“[They] consumed 136 megawatts of electricity, which is more than the amount consumed by three Kyrgyzstan regions: Issyk-Kul, Talas and Naryn.”
Uzbekistan’s Ministry of Energy has introduced a new bill that would dramatically increase the electricity price to miners who are viewed as being “very energy intensive.”
We could probably create an entire post on these types of stories too.
At least Bitcoin is “decentralized,” right?
While the farms may be geographically dispersed to areas with the cheapest electricity, the mining pools, mining manufacturers, and other infrastructure participants are a small and centralized enough group that they can fit into a hotel for regular conferences.
Source: Twitter
Time to look at other chains.
Bitcoin Cash
Because it is nearly identical to Bitcoin (albeit with a few changes such as a larger block size), we can pretty much do the same set of calculations as we already did above.
Source: BitInfoCharts
Unlike Bitcoin, Bitcoin Cash has seen a dramatic decline in hashrate since it peaked at over 5 million TH/s earlier in the summer. It is now oscillating around 2.5 million TH/s.
For Bitcoin Cash, with a Bitmain S17e system, remember it generates 64TH/s and consumes ~2880 watts at the wall. If the entire network was comprised of the unreleased S17e-based machines, there would be around 40,000 of them. In a given year these would use about 985 million kWh. This will serve as our lower bound.
Bitmain’s S9 SE generates 16 TH/s, drawing 1280 watts. It’s unclear how many of these have been sold but if the entire network was comprised of these: ~156,000 would need to be used. And they would collectively use ~1.75 billion kWh. This would be a plausible upper bound.
Not counting e-waste, that would put the energy usage of Bitcoin Cash somewhere around 150, between Benin and The Bahamas. Compared with last year (when it was around 122), this decline is largely due to the nearly 60% price decline in BCH. This once again illustrates that hashrate follows price (e.g., miners expend capital chasing seigniorage).
Ethereum
Coupled with “the thirdening” in February (in which block rewards declined from 3 to 2 ETH), and an overall decline in ETH prices, hashrate also declined over the past year:
Source: Etherscan
According to Coinwarz, the hashrate is oscillating around 200 TH/s, about 1/3 it was when the previous article was written.
A proposed ASIC from Linzhi that hasn’t been built or shipped aims to generate 1400 MH/s with an electricity consumption level of 1 kWh. As the story goes:
To put those figures in perspective, NVIDIA’s GTX TitanV 8 card is now one of the most profitable piece of equipment on the ethash algorithm, able to compute 656 MH/s at an energy consumption level of 2.1 kWh, according to mining pool f2pool’s miner profitability index.
There are a couple of other ASICs on the market including one from Innosilicon and another from Bitmain. The previous post looked at the same Innosilicon A10 on the market, so to simplify things and because the Bitmain machine is roughly just as efficient, let’s reuse it here.
The A10 generates 485 MH/s and consumes ~850 W. The Ethereum network is around 200,000,000 MH/s. That’s the equivalent of 412,371 A10 machines.
Annually these would consume about 3.1 billion kWh per year. Around 132, about as much as Senegal or Papua New Guinea.
If we used the GTX TitanV 8 card, as described in the article above, we find that 304,878 GPUs would be used. These would consume 5.6 billion kWh per year. That’d be around the same amount that Mongolia does annually.
This is one of the reasons why Ethereum is transitioning over to proof-of-stake. As Vitalik Buterin said last year:
I would personally feel very unhappy if my main contribution to the world was adding Cyprus’s worth of electricity consumption to global warming.
Will the nebulously defined “DeFi” on an actual proof-of-stake system change the usage dynamics in the future?4
Litecoin
Litecoin, better known as Bitcoin’s other testnet, has seen its hashrate decline along with its price.
Source: BitInfoCharts
For simplicity sake, let’s call it an even 300 TH/s which coincidentally it was at 14 months ago too. CoinWarz says it is also currently around that, who are we to argue with them?
As mentioned in the previous article, Bitmain’s L3+ is still around. It generates ~500 MH/s with ~800 watts. A slightly more powerful L3++ is on the market as well.
There are the equivalent of about 600,000 L3+ machines generating hashes.
As an aggregate:
It would be placed around 124th, between Moldova and Cambodia.
According a distributor, the Antminer L3++ specifications:
If only L3++’s were used, the outcome would be about the same. 5
This consumption is pretty absurd once we factor in things like how there is only a couple of active developers who basically just merge changes from Bitcoin into Litecoin.6 In other words, one of the largest PoW networks has very few users or developers, yet consumes the same amount of energy as Moldolva. How is that a socially useful innovation?
Note: an easy way to double-check our math on this specific one: the price of LTC is nearly the same today as it was 14 months ago. Ceteris paribus, miners will expend capital no higher than the coin price, to ‘win’ the seigniorage.
Monero
In terms of mining, it appears that several decisions makers (administrators?) in the Monero world really dislike ASICs. So much so that they routinely coordinate forks that include “ASIC-resistant” hashing algorithms. Stories like this are mostly just PR because we know that any PoW coin with a high enough value, will eventually become the target of an ASIC design team.7
From the chart above, you can clearly see when the forks occurred that added “ASIC-resistance.”
Compared with the previous article, the hashrate has declined by about 1/3rd to about 325 MH/s. And it is believed that most of this hashrate is generated by GPUs and CPUs.
There are lots of how-to guides for building a Monero mining rig. Rather than getting into the weeds, based on this crazy 12-card Vega build, the user was able to generate 28,100 hashes/sec and consume 1920 watts. That’s about 2341 hashes per card (more than 10% faster than the one used in the previous article).
That’s about 138,829 GPUs each sipping 160 watts. Altogether these consume 194 million kWh annually. That’s likely a lower bound for GPU mining.
If we reused the Vega 64 mentioned in the previous article, there would be about 162,500 GPUs at the current hashrate. These would consume around 228 million kWh annually.
Not surprisingly, coupled with the “ASIC-resistant” fork and a coin price decline of nearly 50%, this resulted in about 1/3 energy used from the previous year. But this is still not an upper bound because it is likely that CPUs contribute to a non-insignificant portion of the hashrate via persistent botnets and cryptojacking.
Based on the same electricity consumption chart as the others, Monero would be placed somewhere above Grenada and the Mariana Islands. Perhaps a bit higher if lots of CPUs are used. Remember, this is called CPU-cycle theft for a reason.8
Conclusion
In aggregate, based on the numbers above, these five PoW coins likely consume between 56.7 billion kWh and 81.8 billion kWh annually. That’s somewhere around Switzerland on the low end to Finland or Pakistan near the upper end. It is likely much closer to the upper bound because the calculations above all assumed little energy loss ‘at the wall’ when in fact there is often 10% or more energy loss depending on the setup.
This is a little lower than last year, where we used a similar method and found that these PoW networks may consume as much resources as The Netherlands. Why the decline? All of it is due to the large decline in coin prices over the preceding time period. Again, miners will consume resources up to the value of a block reward wherein the marginal cost to mine equals the marginal value of the coin (MC=MV).9
This did not include other PoW coins such as Dash, Ethereum Classic, or Bitcoin SV… although it is likely that based on their current coin value they each probably consume less than either Litecoin or Bitcoin Cash.
Thus to answer the original question at the beginning, the answer is no.
PoW networks still consume massive amounts of electricity and semiconductors that could otherwise have been used in other endeavors. Some of these power plants could be shut down entirely. PoW-based cryptocurrencies crowd out and bid up the prices of semiconductor components.10 Apart from a few stories designed to pull on our heartstrings, little evidence exists (yet) for PoW coins creating socially useful economic output beyond moving coins from one intermediary to another.
And because most coins are mined via single-use ASICs, they generate large amounts of e-waste which leaks value from towards a small clique of semiconductor manufacturers and (mostly) state-owned utilities, neither of whom typically contribute back to the coin ecosystem.11 Will this change in the next 14 months?
Related links
Endnotes
Send to KindleA friend of mine sent me a copy of The Truth Machine which was published in February 2018. Its co-authors are Michael Casey and Paul Vigna, who also previously co-wrote The Age of Cryptocurrency a few years ago.
I had a chance to read it and like my other reviews, underlined a number of passages that could be enhanced, modified, or even removed in future editions.
Overall: I do not recommend the first edition. For comparison, here are several other reviews.
This book seemed overly political with an Occupy Wall Street tone that doesn’t mesh well with what at times is a highly technical topic.
I think a fundamental challenge for anyone trying to write book-length content on this topic is that as of 2018, there really aren’t many measurable ‘success’ stories – aside from speculation and illicit activities – so you end up having to fill a couple hundred pages based on hypotheticals that you (as an author) probably don’t have the best optics in.
Also, I am a villain in the book. Can’t wait? Scroll down to Chapter 6 and also view these specific tweets for what that means.
Note: all transcription errors are my own. See my other book reviews on this topic.
Preface
on p. x they write:
The second impact is the book you are reading. In The Age of Cryptocurrency, we focused primarily on a single application of Bitcoin’s core technology, on its potential to upend currency and payments.
Would encourage readers to peruse my previous review of their previous book. I don’t think they made the case, empirically, that Bitcoin will upend either currency or payments. Bitcoin itself will likely exist in some form or fashion, but “upending” seems like a stretch at this time.
On p. xi they write in a footnote:
We mostly avoid the construct of “blockchain” as a non-countable noun.
This is good. And they were consistent throughout the book too.
Introduction
They spent several pages discussing ways to use a blockchain for humanitarian purposes (and later have a whole chapter on it), however, it is unclear why a blockchain alone is the solution when there are likely other additional ways to help refugees.
For instance, on p. 3 they write:
Just as the blockchain-distributed ledger is used to assure bitcoin users that others aren’t “double-spending” their currency holdings – in other words, to prevent what would otherwise be rampant digital counterfeiting – the Azraq blockchain pilot ensures that people aren’t double-spending their food entitlements.
But why can’t these food entitlements be digitized and use something like SNAP cards? Sure you can technically use a blockchain to track this kind of thing, but you could also use existing on-premise or cloud solutions too, right? Can centralized or non-blockchain solutions fundamentally not provide an adequate solution?
On p. 4 they write:
Under this new pilot, all that’s needed to institute a payment with a food merchant is a scan of a refugee’s iris. In effect, the eye becomes a kind of digital wallet, obviating the need for cash, vouchers, debit cards, or smartphones, which reduces the danger of theft (You may have some privacy concerns related to that iris scan – we’ll get to that below.) For the WFP, making these transfers digital results in millions of dollars in saved fees as they cut out middlemen such as money transmitter and the bankers that formerly processed the overall payments system.
Get used to the “bankers” comments because this book is filled with a dozen of them. Intermediaries such as MSBs and banks do take cuts, however they don’t really dive into the fee structure. This is important because lots of “cryptocurrency”-focused startups have tried to use cryptocurrencies to supposedly disrupt remittances and most basically failed because there are a lot of unseen costs that aren’t taken into account for.
Another unseen cost that this book really didn’t dive into was: the fee to miners that users must pay to get included into a block. They mention it in passing but typically hand-waved it saying something like Lightning would lower those costs. That’s not really a good line of reasoning at this stage in development, but we’ll look at it again later.
On p. 6 they write:
That’s an especially appealing idea for many underdeveloped countries as it would enable their economies to function more like those of developed countries – low-income homeowners could get mortgages, for example; street vendors could get insurance. It could give billions of people their first opening into the economic opportunities that the rest of us take for granted.
That sounds amazing, who wouldn’t want that? Unfortunately this is a pretty superficial bit of speculation. For example, how do street vendors get insurance just because of the invention of a blockchain? That is never answered in the book.
On p. 7 they write:
The problem is that these fee-charging institutions, which act as gatekeepers, dictating who can and cannot engage in commercial interactions, add cost and friction to our economic activities.
Sure, this is true and there are efforts to reduce and remove this intermediation. The book also ignores that every cryptocurrency right now also charges some kind of fee to miners and/or stakers. And with nearly all coins, in order to obtain it, a user typically must buy it through a trusted third party (an exchange) who will also charge a markup fee… often simultaneously requiring you to go through some kind of KYC / AML process (or at least connect to a bank that does).
Thus if fee-charging gatekeepers are considered a problem in the traditional world, perhaps this can be modified in the next edition because these type of gatekeepers exist throughout the coin world too.
On p. 8 they list a bunch of use-cases, some of which they go into additional detail later in the book. But even then the details are pretty vague and superficial, recommend updating this in the next edition with more concrete examples.
On p. 9 they write:
Silicon Valley’s anti-establishment coders hadn’t reckoned with the challenge of trust and how society traditionally turns to centralized institutions to deal with that.
There may have been a time in which the majority of coders in the Bay area were “anti-establishment” but from the nearly 5 years of living out here, I don’t think that is necessarily the case across the board. Recommend providing a citation for that in the future.
On p. 10 they write:
R3 CEV, a New York-based technology developer, for one, raised $107 million from more than a hundred of the world’s biggest financial institutions and tech companies to develop a proprietary distributed ledger technology. Inspired by blockchains but eschewing that lable, R3’s Corda platform is built to comply with banks’ business and regulatory models while streamlining trillions of dollars in daily interbank securities transfers.
This whole paragraph should be updated (later in Chapter 6 as well):
On p. 10 they briefly mention the Hyperledger Project. Recommend tweaking it because of its own evolution over the years.
For example, here is my early contribution: what is the difference between Hyperledger and Hyperledger.
On p. 11 they write:
While it’s quite possible that many ICOs will fall afoul of securities regulations and that a bursting of this bubble will burn innocent investors, there’s something refreshingly democratic about this boom. Hordes of retail investors are entering into early stage investment rounds typically reserved for venture capitalists and other professional.
This paragraph aged horribly since the book was published in February.
All of the signs were there: we knew even last year that many, if not all, ICOs involved overpromising features and not disclosing much of anything to investors. As a result, virtually every week and month in 2018 we have learned just how much fraud and outright scams took place under the guise and pretext of the “democratization of fund raising.”
For instance, one study published this summer found that about 80% of the ICOs in 2017 were “identified scams.” Another study from EY found that about 1/3 of all ICOs in 2017 have lost “substantially all value” and most trade below their listing price.
Future versions of this book should remove this paragraph and also look into where all of that money went, especially since there wasn’t – arguably – a single cryptocurrency application with a real user base that arose from that funding method (yet).
On p. 11 they write:
Not to be outdone, Bitcoin, the grandaddy of the cryptocurrency world, has continued to reveal strengths — and this has been reflected in its price.
This is an asinine metric. How exactly does price reflect strength? They never really explain that yet repeat roughly the same type of explanation in other places in this book.
Interestingly, both bitcoin’s price and on-chain transaction volume have dramatically fallen since this book was first published. Does that mean that Bitcoin weakened somehow?
On p. 12 they write:
Such results give credence to crypto-asset analysts Chris Burniske and Jack Tatar’s description of bitcoin as “the most exciting alternative investment of the 21st century.”
Firstly, the Burniske and Tatar book was poorly written and wrong in many places: see my review
Secondly, bitcoin is a volatile investment that is arguably driven by a Keynesian beauty contest, not for the reasons that either book describes (e.g., not because of remittance activity).
On p. 12 they write:
The blockchain achieves this with a special algorithm embedded into a common piece of software run by all the computers in the network.
To be clear: neither PoW nor PoS are consensus protocols which is implied elsewhere on page 12.
On p. 12 they write:
Once new ledger entries are introduced, special cryptographic protections make it virtually impossible to go back and change them.
This is not really true. For coins like Bitcoin, it is proof-of-work that makes it resource intensive to do a block reorganization. Given enough hashrate, participants can and do fork the network. We have seen it occur many times this year alone. There is no cryptography in Bitcoin or Ethereum that prevents this reorg from happening because PoW is separate from block validation.2
On p. 13 they write:
Essentially, it should let people share more. And with the positive, multiplier effects that this kind of open sharing has on networks of economic activity, more engagement should in turn create more business opportunities.
These statement should be backed up with supporting evidence in the next edition because as it stands right now, this sounds more like a long-term goal or vision statement than something that currently exists today in the cryptocurrency world.
On p. 13 they mention “disintermediation” but throughout the book, many of the cryptocurrency-related companies they explore are new intermediaries. This is not a consistent narrative.
On p. 14 they write:
If I can trust another person’s claims – about their educational credentials, for example, or their assets, or their professional reputation – because they’ve been objectively verified by a decentralized system, then I can go into direct business with them.
This is a non sequitur. Garbage in, garbage out (GIGO) — in fact, the authors make that point later on in the book in Chapter 7.
On p. 15 they write:
Blockchains are a social technology, a new blueprint for how to govern communities, whether we’re talking about frightened refugees in a desolate Jordanian output or an interbank market in which the world’s biggest financial institutions exchange trillions of dollars daily.
This is vague and lacks nuance because there is no consensus on what a blockchain is today. Many different organizations and companies define it differently (see the Corda example above).
Either way, what does it mean to call a blockchain “social technology”? Databases are also being used by refugee camp organizers and financial infrastructure providers… are databases “social technology” too?
Chapter 1
On p. 17 they write:
Its blockchain promised a new way around processes that had become at best controlled by middlemen who insisted on taking their cut of every transaction, and at worst the cause of some man-made economic disasters.
This is true and problematic and unfortunately Bitcoin itself doesn’t solve that because it also has middlemen that take a cut of every transaction in the form of a fee to miners. Future editions should add more nuance such as the “moral hazard” of bailing out SIFIs and TBTF and separate that from payment processors… which technically speaking is what most cryptocurrencies strive to be (a network to pay unidentified participants).
On p. 18 they write:
Problems arise when communities view them with absolute faith, especially when the ledger is under control of self-interested actors who can manipulate them. This is what happened in 2008 when insufficient scrutiny of Lehman Brother’s and other’s actions left society exposed and contributed to the financial crisis.
This seems to be a bit revisionist history. This seems to conflate two separate things: the type of assets that Lehman owned and stated on its books… and the integrity of the ledgers themselves. Are the authors claiming that Lehman Brother’s ledgers were being maliciously modified and manipulated? If so, what citation do they have?
Also a couple pages ago, the authors wrote that blockchains were social technology… but we know that from Deadcoins.com that they can die and anything relying on them can be impacted.
Either way, in this chapter the authors don’t really explain how something Bitcoin itself would have prevented Lehman’s collapse. See also my new article on this topic.
On p. 19 they write:
A decentralized network of computers, one that no single entity controlled, would thus supplant the banks and other centralized ledger-keepers that Nakamoto identified as “trusted third parties.”
Fun fact: the word “ledger” does not appear in the Bitcoin white paper or other initial emails or posts by Nakamoto.
Secondly, perhaps an industry wide or commonly used blockchain of some kind does eventually displace and remove the role some banks have in maintaining certain ledgers, but their statement, as it is currently worded, seems a lot like of speculation (projection?).
We know this because throughout the book it is pretty clear they do not like banks, and that is fine, but future editions need to back up these types of opinions with evidence that banks are no longer maintaining a specific ledger because of a blockchain.
On p. 20 they write:
With Bitcoin’s network of independent computers verifying everything collectively, transactions could now be instituted peer to peer, that is, from person to person. That’s a big change from our convoluted credit and debit card payment systems, for example, which routes transactions through a long sequence of intermediaries – at least two banks, one or two payment processors, a card network manager (such as Visa or Mastercard), and a variety of other institutions, depending on where the transaction take place.
If we look back too 2009, this is factually correct of Bitcoin at a high level.3 The nuance that is missing is that today in 2018, the majority of bitcoin transactions route through a third party, some kind of intermediary like a deposit-taking exchange or custodial wallet.4 There are still folks who prefer to use Bitcoin as a P2P network, but according to Chainalysis, last year more than 80% of transactions went through a third party.5
On p. 20 they write:
Whereas you might think that money is being instantly transferred when you swipe your card at a clothing store, in reality the whole process takes several days for the funds to make all those hops and finally settle in the storeowner’s account, a delay that create risks and costs. With Bitcoin, the idea is that your transaction should take only ten to sixty minutes to fully clear (not withstanding some current capacity bottlenecks that Bitcoin developers are working tor resolve). You don’t have to rely on all those separate, trusted third parties to process it on your behalf.
This is mostly incorrect and there is also a false comparison.
In the first sentence they gloss over how credit card payment systems confirm and approve transactions in a matter of seconds.6 Instead they focus on settlement finality: when the actual cash is delivered to the merchant… which can take up to 30+ days depending on the system and jurisdiction.
The second half they glowingly say how much faster bitcoin is… but all they do is describe the “seen” activity with a cryptocurrency: the “six block” confirmations everyone is advised to wait before transferring coins again. This part does not mention that there is no settlement finality in Bitcoin, at most you get probabilistic finality (because there is always chance there may be a fork / reorg).
In addition, with cryptocurrencies like Bitcoin you are only transferring the coins. The cash leg on either side of the transaction still must transfer through the same intermediated system they describe above. We will discuss this further below when discussing remittances.
On p. 20 they write:
It does so in a way that makes it virtually impossible for anyone to change the historical record once it has been accepted.
For proof-of-work chains this is untrue in theory and empirically. In the next edition this should be modified to “resource intensive” or “economically expensive.”
On p. 20 they write:
The result is something remarkable: a record-keeping method that brings us to a commonly accepted version of the truth that’s more reliable than any truth we’ve ever seen. We’re calling the blockchain a Truth
