Events and activities through November

The past 6 months have seen an evolution of insanity to sanity.  Just kidding!

One observation I have seen is that a few of the most vocal coin promoters have finally sat down and spoken with policy makers.  Or rather, they finally started attending events in which policy makers, regulators, and decision makers at institutions speak at.

For those of us who have been attending and participating in regulatory-focused events for several years, the general messaging hasn’t changed that much: laws and regulations around financial market infrastructure and financial instruments exist for legitimately good reasons (e.g., systemic risks can be existential to society).

What has changed is that there are a few new faces from the coin world — most of which have previously pretended or perhaps did not even know that there is parallel world that can be engaged with.

It is still too early to see whether or not this governance education will be helpful in moderating their coin-focused excitement on social media but it seems to be the case that regulators and policy makers are still further ahead in their understanding of the coin world than vice versa.  Maybe next year coin issuers and promoters will finally dive into the PFMIs which have been around since 2012.

Below are some of the activities I was involved and participated in.

Panels and presentations

Interviews and quotes

Op-ed

Cited

Send to Kindle

Interview with Ray Dillinger

[Note: the 10th anniversary of the Bitcoin whitepaper is this month.  Below is a detailed interview with one of the first individuals to have interacted with Satoshi both in public and private: Ray Dillinger.

All of the written responses are directly from Ray with no contributions from others.]

Logo from 2010: Source

Q1: Tell us about yourself, what is your background?

A1: I am originally from Kansas.  At about the same time I entered high school I became interested in computers as a hobbyist, although hobby computers were still mostly useless at that time.  I got involved in early BBS systems when DOS hadn’t been released yet, modems were acoustically coupled and ran at 300 bits per second or slower, and software was stored mostly either on notebook paper or cassette tapes.

The early interest in computers is part of my lifelong tendency to become deeply involved in technology and ideas that are sufficiently interesting. This has led me to develop interests, obsessions, and expertise in a huge variety of things most of which the public does not discover reasons to care about until much later.

I graduated from KU with a degree in Computer Science in December of 1995 after spending far too long alternating between semesters of attending classes and semesters of working to pay for classes.

After graduation I moved to the San Francisco Bay area.  I worked for several AI startups in the next seven years and hold a couple of patents in natural-language applications from that work.  After that, I worked the night shift for FedEx for some years while doing occasional security consulting gigs during daytime hours.  I am currently doing AI algorithm research and implementation (and some cryptographic protocol/document design) at a FinTech startup.  I work on General AI projects on my own time.

I am somewhat pessimistic by nature and tend to assume until given reason to believe otherwise that anyone trying to sell me something or convince me of something is a scammer.  I know that’s irrational, but knowing doesn’t make the belief stop.  I have an abiding hatred of scammers and find them viscerally disgusting.

I consider making noise to be rude, avoid crowds and public appearances, and distrust anyone speaking faster than they can think.  Although I write a great deal, I rarely speak and strongly dislike talking on the phone.

In spite of my peculiar interests and asocial tendencies, I somehow managed to get married to a wonderful woman who tolerates an unbelievable degree of geekdom in an unbelievable variety of subjects, ranging from mild interest to full-on mad scientist levels in scope. I am tremendously thankful to have her in my life, and to whatever degree
I might be considered social, she deserves most of the credit.

I became marginally involved with Bitcoin in its early development because cryptocurrency, and the application of block chains to cryptocurrency in particular, are interesting.  I ceased to be involved in Bitcoin when the next steps would necessarily involve salesmanship, frequent talking, and social interaction, because those things are not interesting.

Q2: Perry Metzger created the now infamous Cryptography mailing list years ago.  When did you join and what made you interested in cryptography?

A2: I joined so many years ago it’s hard to remember.  It was pretty much as soon as I became aware of the list, but I’m sure it was more than fifteen years ago. It may have been late 2001 or early 2002.

I think I may even have been one of the first twenty or thirty posters on that list – it was still very young.

I remember being vaguely annoyed that it hadn’t been available when I was actually still in college and doing a crypto project in a grad-level networking course – I’d been a member of the even-earlier ‘cypherpunks’ list back when I was in school, but its strident political ideologues (including a guy named Hal Finney, whom you’ve probably heard of)
annoyed me, even back then.

‘cypherpunks’ was where I became aware of and started corresponding with Hal.  Although, way back then, I think we were both mostly annoying to each other.  And possibly to others as well.  Hal had been stridently political all the way from those days (and probably before) to the day he died, and in retrospect, I think I really needed some ‘remedial human-being lessons’ and some wider education at the time.  I’ve learned a lot since then – and perspective outside the narrow specialties we studied in school really does matter.

Q3: There were a lot of other non-cryptocurrency related discussions taking place simultaneously in November 2008 and many of the frequent posters didn’t comment on Bitcoin when it was first announced.  What interested you in it?  How involved would you say you were with providing coding suggestions prior to the genesis block that following January?

A3: I was interested in it for several reasons.  First, Bitcoin was a digital cash protocol, and digital cash protocols have some significant challenges to overcome, and I’d been interested in them for a long time already.  I’d even designed a couple by then.  The first I designed was unsound. The second, which is the only one worth talking about, which I’ll talk more about below.

Second, Bitcoin used a central proof chain (which we now call a block chain) as means of securing the history of each note, and I had known for a long time that any successful digital cash protocol had to use proof chains in some form or it couldn’t circulate (couldn’t be spent onward by someone who’d been paid in it).  And I was very, very much interested in proof chains, especially for a digital cash protocol.  I had already used proof chains (very differently) for a digital cash protocol when I extended Chaum’s e-cash protocol in 1995.

(see Digression #1 below to understand the differences between my protocol and Satoshi’s, and their effect on protocol design.)

Third, Satoshi eventually convinced me that he wasn’t a scammer.  I’m sort of a natural pessimist at heart, and digital cash protocols have a long history of scammers, so at first I had assumed the worst.  I think a lot of others also assumed the worst, which would be why few of them responded.  I made my first couple of replies without even having read it yet, to see how he responded before I wasted mental effort on something that would probably turn out to be a scam.

When I finally bothered to actually read the white paper, and spent the mental effort to understand it, I realized that (A) it wasn’t the usual incompetent bullshit we’d seen in far too many earlier digital-cash proposals, and (B) Its structure really and truly contained no Trusted Roles – meaning the opportunity to scam people was NOT built into the structure of it the way it had been with e-gold, e-cash, etc.

Fourth, and absolutely the clincher for me; it was very very INTERESTING!  It was an entirely new paradigm for a digital cash protocol, and had no Trusted Roles!  Nobody had EVER come up with a digital cash protocol having no Trusted Roles before!

Of course it wasn’t a “serious” proposal, I thought. It wouldn’t work for any kind of widespread adoption (I thought at the time) because of course people would conclude that spent hashes which absolutely couldn’t be redeemed for the electricity or computer power that had been used to create them were valueless.  And it would never scale beyond small communities or specialized applications of course because of its completely stupid bandwidth requirements.

But it was INTERESTING!

I could never have come up with Bitcoin because of the tremendous bandwidth.  Without Satoshi’s proposal, the idea of transmitting every transaction to every user would just have bounced off my mind as inconceivable.  Hell, I didn’t even understand it the first couple of times through the white paper because I was looking for ANY WAY AT ALL to parse those sentences and ‘transmitting every transaction to every user wasn’t even a POSSIBLE parse for me until Satoshi explicitly told me yes, that really was what he meant.

When I finally understood, I started doing math to prove to him that it was impossible, tried to relate bandwidth to rate of adoption and got a largest possible answer that’s only about one-eighth of today’s number of nodes.   I was assuming transaction volume proportional to userbase, which would be at least three times the transactions that today’s blocksize-limited block chain handles, and looking at a version of the protocol which doubled it by transmitting every transaction twice.  So,GIGO, I was wrong – but for good reasons and in the correct order of magnitude anyway.

But that was a couple orders of magnitude larger than the highest answer I had expected to get!  And that meant Satoshi’s idea actually seemed…. surprisingly plausible, if people really didn’t care about bandwidth.

The fact that bandwidth seemed to be available enough for the proposal to be technically plausible was sort of mind-boggling.  So was the idea that so many people did not care, at all, about bandwidth costs.

(See digression #2 to understand why it was hard for me to accept that
people now consider bandwidth to be valueless.)

Anyway, problems aside, it was INTERESTING! If the proof-of-concept actually sort-of worked at least on scales like for a campus or community merchandise token or something it would extend our understanding of protocol design!

What I had done back in 1995 had been INTERESTING for a different reason. At that time nobody had ever come up with a digital cash protocol that allowed people who’d been paid digital coins to respend them if they wanted instead of taking them right back to the issuer.  Of course it wouldn’t work for general adoption because of its own problems, but it had extended our understanding of protocol design back then, so back then that had been INTERESTING!

And before that, Chaum had demonstrated a digital cash protocol that worked at all, and at the time that was INTERESTING!

And in between a whole bunch of people had demonstrated ways to cooperate with bankers etc to have different kinds of access to your checking account or whatever.  Some of those had had privacy features v. the other users, which were also INTERESTING!

And so on.  I was very much looking at things that improved our understanding of digital cash protocols, and had no idea that Bitcoin was intended for widespread release.

Anyway, Satoshi and I talked offlist about the problems, and possible solutions, and use of proof chains for digital cash, and my old protocol, and several previous types of digital cash, and finally he sent me the proof chain code for review.

And the proof chain code was solid, but I freaked out when I saw that it used a Floating Point type rather than an Integer type for any kind of accounting. Accounting requirements vs. floating point types have a long and horrible history.

So that prompted some more discussion. He was designing specifically so that it would be possible to implement compatible clients in languages (*cough* Javascript *cough*) in which no other numeric type is available, so he wanted to squish rounding-error bugs in advance to ensure compatibility.  If anybody gets different answers from doing the same calculation the chain forks, so it’s sort of important for everybody to get the same answer.  Because Javascript clients were going to use double float, and he wanted them to get the same answer, he was going to make sure he got correct answers using double floats.

He was trying to avoid rounding errors as a way of future-proofing: making it completely consistent so clients with higher-precision representations wouldn’t reject the blocks of the old chain – but on the ground he wanted to be damn sure that the answers from Javascript clients, which *would* by necessity use double float, could be compatible with checking the block chain.

The worst that could happen from a rounding error, as long as everybody gets the *SAME* rounding error, is that the miner (whose output is unspecified in the block and defined as “the rest of the TxIn values input”) gets a few satoshis more or less than if the rounding error hadn’t happened, and no satoshis would be created or destroyed.

But if people on different clients get *DIFFERENT* rounding errors, because of different representation or differently implemented operations, the chain forks. And That Would Be Bad.

I would have said *screw* Javascript, I want rounding errors to be impossible, and used integers.  If the Javascripters want to write a float client, they’d better accept accurate answers, even if they have to allow for answers different than their code generates.  And if they make transactions containing rounding errors, let everybody in the universe reject them and not allow them into blocks.  But that’s me.

It was when we started talking about floating-point types in accounting code that I learned Hal was involved in the effort. Hal was reviewing the transaction scripting language, and both the code he had, and the code I had, interacted with the accounting code. So Satoshi brought him in for the discussion on floating point, and both of us reviewed the accounting code. Hal had a lot of experience doing exact math in floating point formats – some of his crypto code in PGP even used float types for binary operations. So he wasn’t as freaked-out about long doubles for money as I was. We talked a lot about how much divisibility Bitcoins ought to have; whether to make ‘Satoshis’ an order of magnitude bigger just to have three more bits of cushion against rounding errors, or keep them near the limit of precision at 10e-8 bitcoins in order to assure that rounding errors would always fail. Failing, immediately, detectably, and hard, at the slightest error, is key to writing reliable software.

So I went over the accounting code with a fine-toothed comb looking for possible rounding errors.  And I didn’t find any.

Which is more than a little bit astonishing.  Numeric-methods errors are so ubiquitous nobody even notices them.  Inevitably someone multiplies and divides in the wrong order, or combines floats at different magnitudes causing rounding, or divides by something too small, or makes equality comparisons on real numbers that are only equal 65535 times out of 65536, or does too many operations between sequence points so that they can be optimized differently in different builds, or uses a compiler setting that allows it to do operations in a different sequence, or checks for an overflow/rounding in a way that the compiler ignores because it can prove algebraically that it’s “dead code” because it will never be activated except in case of undefined behavior (like eg, the roundoff or overflow that someone is checking for)!  Or SOMETHING.  I mean, in most environments you absolutely have to FIGHT both your language semantics and your compiler to make code without rounding errors.

Clearly I hadn’t been the first pessimistic screaming hair-triggered paranoid aware of those issues to go over that accounting code; I could not find a single methods error.  The ‘satoshi’ unit which is the smallest unit of accounting, is selected right above the bit precision that can be handled with NO rounding in the double float format, and every last operation as far as I could find was implemented in ways that admit no rounding of any bits that would affect a unit as large as a satoshi.

To cause rounding of satoshis in the Bitcoin code, someone would have to be adding or subtracting more than 21 million Bitcoins (I think it’s actually 26 million, in fact…).  So, the Bitcoin chain is, I believe, rounding-free and will continue to check regardless of whether clients use any higher floating point precision.

For comparison Doge, which has so many coins in circulation that amounts larger than 26 million Doge are actually transacted, has rounding errors recorded in its block chain.  If a new client ever uses a higher-precision float format, their old chain won’t check on that client.  Which would be seen as a bug in the new client, and “corrected” there (by deliberately crippling its accuracy when checking old blocks). In fact it’s a bug in the Doge coin design which will never be fixed because they’ve already committed too much to it.

Integers.  Even with code that is meticulously maintained and tested for consistency, even where methods errors have been boiled out by somebody’s maniacal obsessive dedication, Integers would have been so much cleaner and easier to check.

Digression #1:
Why I was VERY interested in proof chains and digital cash protocols.

When I extended Chaum’s protocol in 1995, I had used proof chains attached to each ‘coin’, which grew longer by one ‘link’ (nowadays we say ‘block’) every time the coin changed hands. That allowed coins to circulate offline because all the information you needed to make another transaction was in the chains attached to the individual coins.  In order to make it possible to catch double spenders, the ‘links’ contained secret splits which, if two or more contradictory links were combined, would reveal the identity of the spender.

So, it could circulate offline and make transfers between users who weren’t even connected to the Internet. It didn’t have the ferocious bandwidth expense and even more ferocious proof-of-work expense of Bitcoin. Double spenders couldn’t be caught until the differently-spent copies of a coin were compared, potentially after going through several more hands which meant you had to have some kind of resolution process. And a resolution process meant you absolutely had to have a Trusted Certificate Authority with a database that could link UserIDs to RealWorld IDs in order to figure out who the RealWorld crook was.

Buyer and seller had to have valid UserIDs issued by the Trusted CA, which were known to each other even if to no one else.  And although not even The Trusted CA could link UserIDs and transactions except in case of a double spend, the parties to each transaction definitely could. Either party could later show and cryptographically prove the details of the transaction including the counterparty’s UserID, so your transactions were “Private”, not “Secret”. Finally, the ‘coins’ were non-divisible meaning you had to have exact change.

It was, at best, clunky compared to Bitcoin, and not being able to identify double spends until unspecified-time-later would probably be a deal-killer for acceptance. But it also had some advantages: It didn’t create a central permanent ledger that everybody can datamine later the way Bitcoin does, so Trusted CA or not it might actually have been better privacy in practice.  It was completely scalable because no transaction needed bandwidth between anybody except buyer and seller. And it had no proof-of-work expense.  But it needed a God-Damned Trusted Certificate Authority built directly into the design, so that CA’s database was open to various kinds of abuse.

Digression #2:

I had no comprehension of modern attitudes toward bandwidth costs.

I mean, I knew it had gotten cheap, but it was still taking me hours, for example, to download a complete Linux distribution. I figured other people noticed big delays like that too, and wide adoption of Bitcoin would mean slowing down EVERYTHING else they (full nodes anyway) did.  I just hadn’t understood that – and still have trouble with – the idea that by 2008, nobody even cared about bandwidth any more.

I got my first computer, because at that time privately owned computers were INTERESTING!  So I had to, even though they were also mostly useless.  (See a pattern here?)

But at that time, computers were not communications devices.  At All. If you hadn’t invested in something called a “LAN”, which anyway could only work inside one building, probably cost more than the building itself, and was useless unless you’d also invested in multiple computers, you moved data back and forth between your machines and your friends’ machines using cassette tapes.  Or, if and your friend were both rich enough to buy drives, or had been lucky enough dumpster diving to get drives you could repair, and had access to the very expensive media through some kind of industrial or business supply place, you might have done it using floppy disks.  Which held eighty kilobytes.

I got my first modem a few years later, and modems at the time were flaky hardware only BARELY supported by single-tasking systems that had never been designed to handle any signal arriving anywhere at a time they did not choose.  If your computer didn’t respond fast enough to interrupts, a modem could crash it.  If you were running anything that didn’t suspend and resume its business correctly (and most things didn’t because they’d never had to before) or anything that was coded to use the same interrupt, the modem would crash it.  If the software on your end ever started taking too long to execute per input character, the modem would fill up the short hardware buffer faster than your software could empty it, and crash it.  If you transmitted characters faster than the software running on the remote system could handle them, you’d crash the remote system.  There were no error correcting protocols because none of us had the compute power to run them fast enough to avoid a crash at the speeds the modems ran.

And that modem couldn’t transmit or receive characters even as fast as I could type. Sometimes you could crash the remote system just by accidentally typing too fast for a minute or two.

Computer security wasn’t a thing. Pretty much anybody you allowed to connect could at least crash your system and probably steal anything on your computer or delete everything on your computer if they really wanted to.   The host programs weren’t *intended* to allow that, but something as simple as transmitting an unexpected EOT signal could often crash them – sometimes crashing the whole machine, sometimes leaving the caller at the all-powerful command-line prompt. Stuff like that happened all the time, just by accident!  So people were understandably reluctant to let strangers connect to their systems.

There was one place in my whole state that I could call with it where I found people who’d leave a modem running on their machine despite the risk of crashes, and would allow a stranger on their system.  That sysop, in an act of sheer grace that he didn’t have to extend and which nobody was paying him for, allowed me to connect to it.  There were no such things as commercial providers; they could not exist until at least some system security actually worked.

There was barely even any commercial software: Every machine came with its own BIOS and Operating System, and the ONLY way to distribute a program that would run on more than a tiny fraction of systems was to distribute it as source code which people could tweak and fix and adapt in order to get it running, and commercial vendors didn’t want to distribute any source code.

So our software was all shared.  It came from fellow hobbyists, and unless we were physically in the same room to exchange media (and had the ability to read and write media compatible with the other’s systems), we could not share it without using bandwidth.

Long distance calls were over a dollar a minute, modems ran at 160 or 300 bits per second, and I could have burned through my entire monthly paper route income in under three hours.

Finally, every second I was connected to that remote system, that phone line was busy and everybody else couldn’t use it. And the other users needed it for reasons FAR more important than I did. They were military veterans, some of them profoundly not okay after Viet Nam, using it as sort of a hobby-mediated support group, and I was a fifteen-year-old kid hobbyist with a paper route.  Hobby in common or not, I had no illusions about the relative value of our access.   So I tried to be a good guest; I took my turns as fast as possible, at times least likely to conflict as possible, using as many pre-recorded scripts (played off a cassette tape deck!) as possible to waste absolutely no time, and got off.  I didn’t want to keep anybody out of something which was that important to them.

That’s the way things were when I started learning about the value of bandwidth.

No matter how much bandwidth I’ve got now, no matter how cheap it becomes, I’m still aware of it and it’s still important to me to not waste it.  I’ve sweated every byte every time I’ve designed a protocol.

And that’s why – to me anyway – universal distribution of a globally writable block chain is still amazing.  Just the fact that it’s now POSSIBLE seems incredible.

Q4: When Satoshi released the white paper, you had many public exchanges with her on that mailing list.  For instance, you asked her about inflation and Satoshi seemed to think that there could be some price stability if the number of people using it increased at the same level as the supply of bitcoins increased.  But, relative to the USD, there has never really been much price stability in its history to date.  Is there a way to re-engineer Bitcoin and/or future cryptocurrencies to do so without having to rely on  external price feeds or trusted third parties?

A4: Whoof…  that’s a hard question.  “Is not Gross Matter Interchangeable with Light?”  was considered impossible until Einstein figured it out. And the people who’d been asking that question didn’t even recognize or care about Einstein’s answer because his answer wasn’t about bodies and souls and the afterlife.  If the answer is ‘yes’ but the re-engineering involved changes the fundamental qualities that make you (or anybody) value cryptocurrencies, then is the answer really yes?

Satoshi tried to do it by anticipating the adoption curve.  We know how that turned out.

I think it’s fundamentally impossible to plot an adoption curve before launch.  I mean, I was the pessimist who assumed that there’d be a small group, formed early, that wasn’t going to be growing at all as these additional millions of coins pumped into that campus or that community economy.  So I figured, some initial value and rapid inflation thereafter.

Satoshi was far less pessimistic in figuring a widespread and fairly gradual adoption, and had picked the logarithmic plot to put coins into the economy at about the rate envisioned for adoption, assuming Bitcoin would follow a logarithmic adoption curve. It wasn’t a bad guess, as it’s a decent approximation to the Bass Diffusion Model, but the
parameters of the curve were completely unknown, and the Bass curve often appears after something’s been around a long time – not just when it’s launched.

Most importantly, nobody anticipated Bitcoin’s primary use as being a vehicle of financial speculation. The Bass Diffusion Model isn’t applicable to speculative commodities, because price changes in speculative commodities are responsive to PREVIOUS price changes in the speculative commodity.  That makes them nonlinear and chaotic.

And that, I think, is what it comes down to.  If people will be using something as a vehicle of speculation, then its price point is chaotic and defies all attempts to stabilize it by predicting and compensating for it.  So I think we need to abandon that notion.

You’ve already ruled out the idea of external price feeds and trusted third parties, because those would change the fundamental qualities that make you value cryptocurrencies.

That leaves internal price feeds:  If a cryptocurrency is used as a medium of exchange in other fungible assets, and those exchanges are recorded in its own block chain, then exchanges of crypto for dollars and exchanges of crypto for, eg, gold bars are visible in the block chain and could at least in theory be used to detect economic conditions and adjust the rate of issue of cryptocoins.

But the fly in that ointment is, again, the fact that the crypto is being used as a speculative asset.  People can read the block chain before the changes are made, anticipate what changes the code is about to make, and will front-run them.  Or, operating as “Sybil and her Sisters”, make a thousand completely bogus transactions in order to fool the software into doing something crazy.  Either way reintroducing positive feedback via market manipulation.

Most schemes aimed at stabilizing the value of a coin via any automatic means assume that the price can be changed by changing the rate of issue.  But the more coins are in circulation, the less possible it becomes for changes in the rate of issue to shift the price, meaning it devolves back to the first case of nonlinear and chaotic feedback.  IOW, the new coins being added represent a much smaller fraction of the available supply, and withholding them will affect almost no one except miners.

Honestly I’m very surprised Tethercoin isn’t dead yet.  What they propose, economically speaking, simply will not work.  They got themselves somehow declared to be the only way to get money OUT of a major wallet, which props up their transaction volume, but if the people haven’t already walked away with most of the money they’re supposedly holding but won’t say where, then I’m very surprised.

Q5: About a year ago you wrote a highly-commented upon, passionate retrospection published on LinkedIn.  You called out a lot of the nonsense going on then, is there anything that has been on your mind since then that you wanted to expand upon?

A5: Um.  Artificial Intelligence, Financial Markets, Human Brains and how they are organized, the nature, origins and mechanisms of consciousness and emotion, a generalization of neuroevolution algorithms intended to scale to recurrent networks of much greater complexity than now possible, scope of political corruption and the politics of divisiveness, gene migration and expression, the way cells control and regulate mutation in different kinds of tissues, directed apoptosis via a multiplicity of P53 genes as a preventive for cancer (happens naturally in elephants; easy to do with CRISPR; engineered humans would probably be radiation-resistant enough for lifetimes in space, or just plain longer-lived, or both), history of the Balkans, history of the Roman Empire, ancient religions, writing a science fiction novel ….

You know, things that are INTERESTING!  I actually _can’t_ turn my brain off.  It’s a problem sometimes.

I have had a few thoughts about cryptocurrencies, however, which is probably what you intended to ask about.

The first:

I have figured out how to redesign the cryptographically secured history database built by cryptocurrencies so that you don’t need any full nodes.  There are other ways to organize the blocks that give the proof property you need; They don’t have to form something that’s only a chain, and you don’t have to have specialized nodes for the purpose of holding them because everybody can hold just the blocks they need to show the validity of their own txOuts.

In order to verify the validity of any txOut, you need three things:  to see the block where it was created, to be sure that block is part of the same database as that proposed for the transaction, and to be sure that no block exists between those two in which that txOut was spent in another transaction.

Call it a “Block Hyperchain”, by reference to the N-dimensional hypercube it’s based on and the block chain it replaces.

I should be clear and say there are things it does and things it doesn’t do.  If your goal is to check all transactions, you’ll download a scattering of blocks for each transaction that soon add up to most of the block database, so someone who wants to check every transaction will rapidly accumulate the whole database.

But most users should be happy with just the few blocks they need to demonstrate the validity of the txOuts they hold, and it’s damn nice to be able to download a client, open it up, and just use it with minimal delay because someone offered to pay you bitcoins one minute ago and you want to be able to make sure the transaction he’s offering is valid RIGHT NOW, instead of waiting to accumulate the whole chain to check anything.

Suppose we pick a base, for convenience, of 10.  This helps make things easy to explain because we work with base-10 numbers, but we could have picked 16 and used hexadecimal for our explanations.

In a base-10 Block Hyperchain, every block that’s published has its own set of transactions, and the hashes of the blocks  10^N blocks ago for every integer value of N from N=0 to N <= log10 of block height.

Every block would record its own transactions, and also one list of destroyed txOuts per integer value N over the same range.

Each destroyed-txOut list would be all txOuts created in blocks whose block numbers match (modulo 10^N) the current block number, that have been destroyed in the last 10^N blocks.

Example:
If someone shows me a transaction seeking to spend a txOut, I want to check and see if it’s valid.  Ie, I want to see the block where it was created, and see evidence that it hasn’t been spent since.

So I can look at that txOut’s ID and know it was created in block 124. If the current block is 7365,  I get block 7365 and 7364 to make sure it hasn’t been spent in those, the same way we can do with a block chain.

Then I have a block whose last digit matches the last digit of the block where the txOut was created.  So I start checking the 10-block txOut-destroyed lists.  I check the list in block 7364 to make sure it wasn’t spent in blocks 7354 to 7363.

Then, jumping back by 10-block increments (relying on the second recorded hash in the header), I can check to make sure it hasn’t been spent in the previous ten blocks to each of blocks 7354, 7344, and 7334.  Then I get block 7324.

Now I’m at a block whose last 2 digits match the block where the txOut was created, so I can start checking the previous hundred blocks using the second txOut-destroyed list, and jumping back by hundred-block increments using the third recorded hash.  So I get blocks 7224 and 7124.

Finally, I’m at a block whose last 3 digits match the block where the txOut was created, so I can start jumping back by thousand-block increments, checking the thousand-block txOut-destroyed lists.  So I get blocks 6124, 5124, 4124, 3124, 2124, 1124, and finally 124.

So finally, I have a txOut created over 7200 blocks previous to the current block, and I have downloaded a total of 15 blocks to make sure that it was created in the same Hyperchain and hasn’t been spent since.

The number of blocks downloaded is proportional to the log base 10 of the number of blocks in the chain.

The blocks I’ve downloaded are larger because of the spent-txOut lists, but the spent-txOut lists have an average length that is the same regardless of the span of blocks they cover.  Lists that report transactions from a set 10x as long, only need to report individual transactions from that set 1/10 as often.

With more efficient access to the history database, it is possible to substantially raise transaction bandwidth.  People who make transactions during the next 7 blocks or so would need to see that block;  Later on, people who accept txOuts created during that block will need to see that block. And there’ll be about 49 blocks worth of txOuts,  scattered through the earlier history, that someone eventually has to traverse this block to verify.

All this means you have drastically smaller bandwidth requirements (remember I obsess on bandwidth costs?) for the same transaction volume but larger data-at-rest requirements (for any weirdo who for whatever reason feels like they need to collect the WHOLE database in one place, and why would anybody do that?) by a factor of seven.

And I keep thinking I’m going to do it, because it’s INTERESTING! And I ought to do it, because it’s VALUABLE!  But then I think about the current state of the cryptocurrency world and the quality of the people it would bring me into contact with and the ways people would try to scam with it and the number of people who’d find reasons to lie to me or about me, and then I get a sour stomach and go on to do something ELSE!

And feel vaguely guilty for not doing it, because it actually would be valuable.

It’s really hard for me to be motivated or enthusiastic about a cryptocurrency project, until the whole field is more full of people I’d be happy to interact and exchange ideas with and less full of ….  um.

The words that come to mind really shouldn’t be printed.  [This is fine meme]  I don’t mind if people know I’m sort of upset with the conditions and business ethics out there, or even that being so upset is literally preventing me from doing something useful.  But I’d rather not have it expressed in terms that are an incitement to violence.

Anyway, moving on;  In order to mine, someone would have to be able to see seven of the previous blocks; a different set of seven every time. But if I thought bandwidth was going to waste, that doesn’t even START to address the costs of hashing!  Deploying something that saves bandwidth without also figuring out a way to save hashing would fail to address a critical point.

So, I’ve had a bunch of thoughts about mining.  Most of which aren’t as interesting or valuable as the thought about how to organize the history database.  In favor of mining, it’s good that someone is able to join the network permissionlessly, help secure it, get paid, and initially get coin into circulation going from “none” to “some”.

My thoughts for securing a chain without proof-of-work are something I suppose I ought to call “Proof-of-Total-Stake.”

Congratulations!  This conversation with you got me to name it!  I had been calling it “proof-of-activity” but I see that name has acquired a much more specific meaning than it had when I started calling this by it, and no longer fits.

I still need to figure out what to call my revised structure for the block history database though.

Proof-of-Total-Stake  means measuring the priority of a fork by the total value of TxOuts that existed BEFORE the fork that have been spent AFTER the fork.  In other words, the total stake: how much of EVERYBODY’s money the blocks formed after the fork represent.  That is a well-founded mechanism for security that doesn’t involve trusted parties nor burning hashes.  It’s the only one I’ve come up with.  In the long run, unless somebody comes up with another fundamentally new idea, or accepts the idea at least of trusted block signers, that’s what I think a proper cryptocurrency would have to wind up with.

But there’s a problem with it.

Proof-of-Total-Stake, by itself, doesn’t provide an obvious way to determine who gets to form the next block – which can be a CRUCIALLY important security concern.

And Proof-of-Stake, including Proof-of-Total-stake, doesn’t handle the initial, permissionless, distribution of coins.  They can’t go from “none” to “some.”  They can only go from “some” to “some more.”

So I think it could only be deployed along with some kind of mining.

Q6: We first started interacting some four years ago when I was doing some research on dead cryptocurrencies, most of which were just direct clones or copies of Bitcoin.  At the time you were doing the heavy lifting categorizing how they died in a BitcoinTalk thread.  Today sites like Deadcoins.com have tried to do something similar.  Even though loud advocates at events like to claim blockchains ” live immutably forever” empirically there are probably just as many dead blockchains than living blockchains.  What do you think the top reason for why so many blockchains lose support to the point of death and do you think those reasons will change much in the future?

A6: By far the vast majority of those people were not doing anything INTERESTING!  A lot of the honest ones discovered that it was a lot of work and had other commitments in life.  A lot of the dishonest ones made their money and walked away leaving the  suckers behind.  A lot of people discovered that maintaining a codebase needed more programming chops than they actually possessed, and quietly withdrew from the field. A fair number ran into scammers and crooks whose utterly disgusting behavior left them convinced they wanted to do something else rather than meeting any more of those guys.

But the most important point? Hardly any of those coins was ever used in any transaction for an actual thing – not even an initial experiment like Laszlo’s Pizza.

Most of them were only ever mined by people who intended absolutely nothing beyond immediately converting them into Bitcoin, and only ever held by people who daily watched their value trying to guess the right time to sell them for Bitcoin.

It’s not so much that most of them *failed* – it’s more the case that the vast majority never even remotely began to *succeed*. There was no economic activity, meaning sales of merchandise or payment for work, that they facilitated.  Put bluntly, they just didn’t do anything beyond providing a temporary and completely discardable medium for speculation and scamming.  And, as surely as atomic decay, they got used, for that purpose only, and discarded.

Q7: Based on the original white paper, the intent of Bitcoin was to be an e-cash  payment system which could be utilized without needing to disclose a real identity to an administrator.  It seems that over time several different tribes have popped up, including those who market Bitcoin as a form of “e-gold.”  What do you think of the visible fracture that has occurred between the various Bitcoin tribes?  Does proof-of-work really act as a type of DRM for coin supply or do all the forks we have seen turn the advertised “digital scarcity” and “digital gold” into an oxymoron?

A7: That endless fight, starting with the block size fight, with everybody yelling and nobody listening, pretty much convinced me that the “community” which had grown around Bitcoin was in deep trouble.

The differences between the various proposed technical changes to the block chain, are far less important to the futures of those forks, than the integrity of the people who support and do business using them.

But the technical merits were never discussed by most. Instead, repetitive sound bites and slogans about them containing absolutely no new information were shouted.  Integrity was seldom displayed either. Instead, the fight was carried forward almost exclusively by partisans who had already decided what was the only possible solution that they would accept, and in many cases using tactics that inspire an absolute refusal to support their interests, or even participate in the communities where they are found.

If someone hires a troll army to attack a community by astroturfing fake support for something, can you respect that person?  If someone drives people who disagree away with personal abuse, is that a reasonable method for coming to an agreement about a protocol?  Is it a valid form of technical reasoning to launch a sabotage against a block chain based consensus mechanism?  What can you say about someone who buys existing accounts of users whom others trust in order to fake trusted support for their agenda? How about when it happens after those users whom others trust have been driven away or left in disgust?  Is it a respectful negotiator interested in the insights of others in solving a problem, whose negotiating skills include locking the damn doors and refusing to let someone leave the room until they get his signature on an “agreement” that they wrote without his knowledge before he even got there?

Is someone who would participate in a fight, on those terms, someone whose agenda or business interests you really want to support?  Hint: You already know that people who fake support for their agenda, or tell lies about other in order to discredit them, or who deliberately deceive others about the merits of their own proposal or others’ proposals, are doing business by means of fraud.  Do you want to carry on until the fraud is financial and the victim is you?

These factions had no interest whatsoever in reaching a consensus.  And nothing prevented each from implementing their idea and launching, with no hard feelings from anybody and no fight.  The only thing they were really fighting over was the name “Bitcoin,”  which was absolutely unrelated to the technical merit of any proposal.  And, to a first approximation, the other merits of having the name is a thing that none of them even mentioned during the fight.

Technically speaking, there is not much wrong with any of these forks. They address certain problems in different ways slightly favoring the interests of different groups, but not seriously to anyone’s disadvantage.  None of them was entirely without technical merit.

On the other hand none of them make more than a tiny amount of difference.  None helped with the bandwidth or transaction volume by anything more than a small constant factor, so the problem they were supposedly about solving was not in fact solved, nor even very much affected.

So while none of the proposed changes were objectionable in themselves, there was really no *very* compelling reason for any of them to be implemented.  Each of those ideas is merely a stopgap that pushes the rock down the road another foot or two without moving it out of the way. If you want to move that rock out of the road, you will need a much more powerful idea.

Q8: You’ve mentioned that limited supplies simply incentivizes hoarding which leads to low economic activity.  You have proposed a type of “proof-of-activity” replacement.  Can you expand more on either of these views?

A8: Suppose you have an economy that’s growing (more value is being created) but has a constant supply of coins.

In that case your coins represent, let’s say, one-millionth or so of the money that’s in circulation.

And, as the economy continues to grow, your coins will continue to represent one-millionth or so of the money that’s in circulation.  But that will be one-millionth or so of a lot more actual wealth.  In fact, your money, just sitting there in your wallet, is GUARANTEED to rise in value by the same fraction that the economy is growing by.  In our terms, this would be exactly the market average, as though you were holding stocks invested in ALL the businesses in your economy in proportion according to their  capitalization.  This is what index funds and IRAs make, mostly, but it’s making it with no risk.

Now, if you offer any investor a risk-free investment that’s guaranteed to make the same return as the market average, that investor would be mad to pass it up.  No investor is confident that she’ll beat the market average in any given year.  That’s why they call it “AVERAGE!”  And volatility – variance in return – is an unqualified bad thing because it will always take an 11% gain to make up for a 10% loss.  That money sitting right there in her wallet is the best investment she could possibly make.  There might be things that would make as much or more money, but all of them involve risk out of proportion to their marginal return.  Let other investors do that; they’re suckers and she’ll make the same money they do.

The problem with that is that the other investors are looking at the same question.  And reaching the same conclusion.  Why invest in companies doing anything productive, and expose yourself to risk, when you can make the same money just by holding your investment in your wallet?

And then who invests in the businesses that, if they were working, would actually create the value these people all intend to have some share in?

… (sound of crickets chirping) …  Suckers.

Suckers who lose more often than they win, because it takes an 11% gain to recover a 10% loss.  And the money the lose? Eventually trickles into the hands of the people who are hoarding it.

With no reason for investors to invest in business, the businesses eventually starve and the economy shrinks.  And all those coins that represent one-millionth of the economy’s wealth start representing one-millionth of less and less actual value.

This is what happened to ancient Rome.  They used metals (gold and silver and bronze) as currency, and their economy collapsed WHILE people had plenty enough money to keep it going!  Everybody stashed all their coins expecting to benefit later from prospering businesses, and the businesses, for want of capital, did not prosper.

Then the death spiral started: everybody stashed their coins waiting for the economy to come back so the coins would be worth their “real” value, and the economy never came back.  The coins were never worth their “real” value, until the people who remembered where the coins were buried had also been buried.

It’s a millennium-and-a-half later and we are STILL finding stashes of Roman coins!  The people who could have gotten their economy moving again, if they had EVER supported a business, instead buried their money in sacks.

The government tried to get it moving again, or pretend for a while that it hadn’t collapsed, making coins with increasingly ridiculous adulterated alloys.  But that didn’t change the underlying dynamic.

The Gold bugs of course have all told each other a different version of this story, where the adulterated coins were the cause of the collapse rather than the increasingly desperate attempt to recover from it.  And it’s pointless to try to convince them otherwise; they believe they already know the only possible truth. But for those actually motivated to investigate, the chronology of the events is reasonably clear.

===============================================================

The next thing is about “Proof-of-Total-Stake”, which I guess is what I’m going to call this idea for securing the chain.

The fundamental idea behind Proof-of-Total-Stake is that the priority of any branch of a fork is the total amount of EVERYBODY’s money which that fork represents.  That means, coins generated in that fork and pre-existing coins brought into the fork by transactions.

Coins generated in a fork are the coinbase transactions; Coins moved into the fork from earlier parts of the chain are TxOuts from earlier in the block chain that have been spent during the fork.

But we have to know which BRANCH of the fork they were spent into. ie, someone trying to create a fork should not be able to stick transactions from the valid branch of the chain into it, or they can match the txOut spending from earlier in the chain.  This is the basic problem with most implementations of proof-of-stake, which some writers have called “nothing at stake.”   Whatever resource you are using to secure the chain is meaningless when it can be used to secure *BOTH* forks of the chain.

In order to prevent the replay attack, each transaction would have to “stake” a recent block, making a commitment to supporting only forks which include that block.  This adds a field to each transaction.

The new field would give the (hash) ID of a block, indicating that this particular transaction is not valid in any branch of the chain which does not include the staked block.

So, let’s say that two transactions “coffee” and “eggs” are made at the same time,  after the chain forks at block 50.  “Coffee” stakes block 48 and “eggs” stakes block 51A.

When “coffee” appears in block 51B, the total stake of fork B is increased by that amount; its weight counts toward that resolution of the fork.

Then “eggs” is added to block 52A, and can’t be placed in chain B because it staked a block doesn’t exist in chain B.  Now “eggs” counts as stake in favor of the A branch and “coffee” counts as stake in favor of the B branch.

But then “coffee” appears in branch 53A, where it is also valid because the same block 48 is behind both branches.  This cancels out its support for branch B, just by being equal – revealing that stake which can be used in favor of both chains counts for nothing.

Security happens because some finite resource (coins created before the branch point and spent in transactions that are staked after the branch point) is committed detectably and irrevocably to the support of one branch (by staking after the branch point), and cannot be used to support any other.

This is exactly what Bitcoin does with hashes:  Hashes per second and number of seconds spent hashing are finite.  Hashes are irrevocably used in support of one branch (because the hash preimage can never be made to match a different block).  And the fact that they are used to support a particular branch is detectable.

Well, strictly speaking there’s only one “detectable” hash in each block. All we know about the others is, on average, how rare that one “detectable” one was and therefore, on average, how many they must have been.

But it’s still the same basic criteria.  Some finite resource, committed detectably and irrevocably to the support of one branch, which cannot be used to support conflicting branches.  And proof-of-total stake says that resource is the amount of EVERYBODY’s coins that branch represents.

With transactions supporting the basic security of the chain, and the idea behind coinbases being that they are payment for providing chain security, we want our “coinbases” to reward the people who make transactions that stake recent blocks.

PoTS is strong in the long run, or when the chain is seeing a high volume of legitimate transactions, but has its own problems.

Transactions in most cryptocurrencies are a very bursty use of something with long latent periods.  Absent heavy transaction volume, you can’t really expect PoTS to definitively reject a branch in such a way that a crook couldn’t resurrect it with a very large spend.  If the crook has more coins than the difference in total-stake between the two forks, the crook could resurrect the “dead” fork.

This is why the “interest” payments (actually per-transaction coinbases of a particular sort) when a transaction staking a recent block are made. To encourage a fairly constant stream of transactions that support one particular version of the chain up to a very recent block.

But the peril with that is that you want to structure it in such a way that you don’t incentivize people to overwhelm your bandwidth by transferring every coin they own from their left pocket to their right every block either.  So the actual design would come down to some compromise between transaction fees, and interest payments on transactions staked in very recent blocks, where the breakevens represent the transaction volume you want.

And there are a couple of final things to address together.  First, PoTS, while it has a workable rule for figuring out which branch of forks is preferred, is pretty silent about who gets to form blocks and how.  Second, Interest on coins spent has the “nothing to something” problem where if you don’t have anything in the system to start with, you won’t have anything ever.  These are both classic problem with PoTS coins.  The final design has to include some additional kind of coin creation that doesn’t depend on previous holdings (even if it gets de-emphasized after a while) and some way to determine who forms the next block.

Q9: ICOs have been around in some form or fashion for about five years now.  What’s your view on these fundraising schemes?

A9: The SEC is bouncing on them pretty hard, and as far as I can see it’s pretty much deserved.  Everybody wants something they can freely trade on secondary markets, and sell on the basis of its future value, but they also want to lie about it by saying it isn’t a security.

It is a security.  If a security is sold by a company to raise money, but does not represent a bond (a promise to buy it back) nor a stock (a share in future earnings) then an investor is getting nothing for her money – except maybe a receipt for having made a donation.

Another investor (a “real” investor who knows and understands a broad market, not a speculator who made a lot of money by a couple of strokes of sheer luck) will not buy it from them, at any price.  Such a thing has only speculative value.

If something’s continued value depends on a company, but the company’s continued existence doesn’t depend on that thing having value, it would be an excellent thing to not buy.

And all of that, we can say without ever touching on ethics and business practices of the people who run them.  But when we do touch on the people who run them, the story gets worse.  Much worse.  Much, much worse.  In this most are following the path trod by Altcoins.  And racking up a very similar ratio of efforts that fail, or which never even start to succeed.

Q10: You have alluded to tokenized securities in the LinkedIn article as well as our correspondence, what is your take on this topic?  What are the advantages versus say, simply doing what Carta (formerly eShares) does?

A10: I would have to answer that admitting to some degree of ignorance about Carta.  As I remember eShares, it was very much a top-down stock and option management tool, in that a private company with (non-traded) shares typically uses it to keep track of who owns what – actually issuing assets or recording changes in their status, making info about them available for the holders but mostly just to view online.

What it does not do, as I understand it, is directly enable the shareholders to trade those shares or options with each other.  Nor does it handle securities involved with or created by more than one company at a time.  It is a management interface, not a market.

I envision a block chain – sigh, now I have to come up with a name again.  Phooey.  I never care about naming anything, and then someone wants me to talk about one of my ideas and I have to come up with a name for it on the spot.  Let’s go for the pun and call it the Stock Trading and Options CryptoAsset Keeper.  I could come up with  something even dumber, but for the sake of exposition, call it STOCK.

The idea is that STOCK would act both as a Transfer Agent (which Carta does) AND a market (which AFAIK Carta does not).   A company could issue securities such as stocks and bonds directly on the STOCK block chain (“cryptoassets”) and the block chain could record trades in those issues against its native cryptocurrency.  The benefit here is the clear record and history to keep track of all trades and the current disposition of all the different cryptoassets – the stocks, the bonds, and the “cash” used to trade in them, would all be on the chain.

As long as no off-chain assets like bushels of wheat or truckloads of sneakers need to be delivered, and dividends/prices/etc accruing to these instruments are paid out (or in) in the cryptocurrency, the block chain could then function directly as market, transfer agent, means of delivery, and payment channel.  The task of converting the cryptocurrency to and from actual fiat, and the heavily regulated business of delivering the fiat currency, could be left to already-established cryptocurrency markets.

Trading in stocks/bonds/etc is highly regulated, and debts (NEGATIVE amounts) can crop up unexpectedly when companies go south or options traders go bust. Stuff gets into the RealWorld quickly when someone has to be found for debt payments, served process, and/or prosecuted for fraud, etc.  So STOCK couldn’t be an  “anonymous/permissionless” chain, at least not for regulated trades.  Each person or entity authorized to actually make securities trades would have to have a vetted, verified ID as specified by KYC laws, and would have to sign each such transaction with a public/private key pair proving Identity.

From the point of view of investors, STOCK would be a very sluggish market – submit your trade, have a completely random execution window averaging ten minutes (or whatever) during which the price might change, then a whole block of transactions all fly past at once and everybody’s waiting for the next completely randomly-timed block.  On the other hand, you don’t need an agent, or a broker, or a company transfer agent, or a registrar, or a clearance period, or ANY of those people who normally collect fees on every trade.  You could actually have a market where the buyer and seller get the exact same price with no ‘float’ whatsoever.  And you don’t have to worry about what time it is.  NASDAQ closes at 5PM new york time, and then a whole bunch of “off-market,” “private,” and “over the counter”  trades that nobody but the insiders can participate in or see happen. But STOCK would go on making blocks twenty-four hours a day seven days a week.  Why should it ever stop?

The SEC would be all over it of course; they’d be sticking a microscope up the butts of everybody involved to make sure that there was absolutely no scamming the investors.  Which is, after all, their job. And they’d require KYC compliance, and a whole lot of other regulatory compliance.  But, y’know, that’s kind of how starting any _legitimate_ business in financial services works.  No need to feel special or particularly victimized about that.

And the regulators would need some privileged keys that could be used to “seize” assets when a court orders them to, as part of a settlement for fraud or theft or something.  And everything else.  There’s a great irony that they’re interested in nobody having the opportunity to scam the investors, but they structurally require, just to be able to do their fundamental mission, builtins to the protocol that if misused would allow somebody to scam the investors.

But once satisfied and functioning within the law, I think they’d welcome STOCK as something that puts down a visible, provable, inalterable, unfakeable history of all trades.

Q11: Is there any cryptocurrency you think could become widely used outside of geeks, cypherpunks, and ideologues?  If not, what would need to change and how?  Has any popular coin ossified to such an extent that it can’t meaningfully evolve?

A11: Homer Husband and Harriet Housewife want convenience and familiarity. Which is mostly about form factor and compatibility.  They do not want to deal with key management in any form.

To do that, you have to make a hardware wallet small enough to fit into a wallet or a purse.  It doesn’t have to be literally credit card sized, but couldn’t be much bigger.  It should be the size of a stack of five credit cards, at most.  Or maybe it gets stuck back-to-back onto their cell phone.  It has to have an end that acts like a chip card, or an edge that acts like a mag stripe, or both, so that it can interact with the grocery stores, auto shops, restaurants, etc that Homer and Harriet already do business with.

That’s very very important, because Homer and Harriet aren’t evangelists.  The mechanic they’ve been going to for fifteen years has never heard of cryptocurrency and is never going to deal with the inconvenience of getting set up to accept it.  He wants people to pay cash or pay with a card, and Homer and Harriet would NEVER consider arguing with him about it, don’t want to go to the effort of explaining it to him, and probably couldn’t explain it very well anyway.  If they have to do any of those things, that’s a deal-breaker.

After that you have to get your cryptocurrency onto the Plus or Cirrus network, using the same interface as a foreign fiat currency.  That would allow Homer and Harriet to automate the sale and exchange to whatever local people think is money, or the purchase and exchange to crypto, when they want to spend or accept stuff from that “card.”  This will mean that they get hit with some extra fees when they use it, but
those fees are both unavoidable if you want to be on those networks, and relatively familiar to them.

Finally, there’s that key management thing.  You could handle most of it by making the wallet do it.  But sooner or later, that hardware wallet is going to fall and bounce of the curb, and go crunch under the tires of a bus.  Or, you know, get dropped into the ocean accidentally, or just get lost.

Homer and Harriet are NOT willing to accept that this is not something they can recover.  The only thing that they accept not being able to recover, when they lose their wallet, is familiar, folding fiat currency.  And that’s why they don’t keep very much of folding fiat actually in their regular wallets.

If you do convince them that losing the wallet makes the funds unrecoverable, they will never want to have more than fifteen dollars on it, which will mean it isn’t useful.  So, your hardware wallet has to interact with SOMETHING that keeps enough information about what’s on it, to enable a new wallet to recover everything that got lost.

Q12: Mining farms, mining pools, and ASICs. Many accounts are that Satoshi did not anticipate the full industrial scale these would reach.  Do you agree with this?  What are your views on mining pools and ASICs as we know them know today (specifically as described by Eric Budish’s paper)?

A12: My first problem with ASICs is that they can be used for exactly two things:  Mining cryptocurrencies, and carrying out attacks on cryptocurrencies.

Every day of every year, people who own those enormous ASIC farms are deciding which is the most profitable use of them, on that day.

And the rewards for mining cryptocurrencies ratchet downward every couple of years.

That seems problematic.  I keep watching to see what emerges each time the reward ratchets down, but I haven’t seen evidence yet that any of the big ASIC farms have turned around on any large scale.

My second problem with ASICs is that they are sucking up ridiculous amounts of energy that can never be recovered or used for anything else. I don’t so much mind this when converting the energy into heat is actually useful – replacing electric heaters in the basement of a building with a bank of Antminers that use the same amount of power is
energy-neutral and helps secure the chain.

But that’s not what happens in huge ASIC farms.  All that heat is just waste. Nobody’s home is made more comfortable, no furnace’s power bill is alleviated, no greenhouses are enabled to grow food in the winter, nobody’s oven gets to bake bread with that heat, and all that energy is just plain gone.

The Bitcoin chain issues the same number of coins per day regardless of how much energy is spent; I’d like to think that spending a whole lot less of it, at least in ways where the heat produced isn’t useful, would be better.

But then we get back to the first problem;  If honest miners start spending a whole lot less on the energy costs of hashing, then there’s a whole lot of ASICs not being used, and the owners of those are going to be looking around making their daily decision about what’s more profitable….

So the logic finally does work out the same. Security requires the vast majority of those ASIC boxes to be in use mining.  It just seems such a colossal expenditure of power, and it might be that a different design could have achieved chain security without that global cost.

My third problem with ASICs is that they have become a way for their owners to steal money from the taxpayers in many nations.  Countries that mean to do a good thing for everybody, create “development zones” with subsidized electricity, paid for by the taxpayers of that country. And then people move in with ASIC farms to suck up that electricity which the public paid for, and convert it into bitcoins in their private possession.  These are business that employ very few people, drive the development of no other resources, and otherwise do pretty much nothing for the development of the local economy.  IOW, the taxpayers who paid for that electricity are definitely not getting their money’s worth in economic development.

My fourth problem with ASICs is that there really is no way to monitor centralization of hashing power.  People keep pretending that they’re tracking whether a 51% attack is underway, but I think most of them probably suspect, as I do, that what they’re really tracking is probably nothing more than whether or not the cabal of ASIC farm owners
remembered to configure that new warehouse full of machinery to use a different identifier.

In all fairness, this last thing results directly from anonymous, permissionless mining, which is something that was a very specific and very much desired part of Satoshi’s vision; he wanted anybody to be able to connect and participate, without any interference of a gatekeeper. But there can never be security from a Sybil attack when you don’t have any way of tracking RealWorld identities, and a “majority” can never be
relied on to be more than the front for some cabal or business interest, as long as a Sybil attack is possible.

And that was what Proof-of-work was supposed to prevent.  In those early days everyone was thinking of hashing power as a side effect of computing infrastructure that was likely to be there, or be useful, for other purposes when it wasn’t hashing.  And EVERYBODY has a use for warehouses full of computers, so it was easy to think that hashing power would remain at least somewhat distributed.  The idea that someone would amass enormous numbers of special-purpose machines which made every other kind of computer in the world utterly useless for mining and which are themselves utterly useless for any other job (except attacking the network), was not, I think, really considered.

Satoshi definitely understood, and planned, that there would probably be server farms devoted to mining and that economies of scale and infrastructure would eventually drive individuals with ordinary desktop machines out of the mining business by being more efficient and making it unprofitable for the less efficient machines.

But I’m pretty sure he didn’t think of miners in places with artificially low subsidized rates for electricity outcompeting all other miners because of that advantage, driving the concentration of the vast majority of hashing power into just one country where it’s subject to the orders and whims of just one government and a few businessmen who
pal around with each other.

So he probably figured, yes, there’d be a few dozen large-ish server farms and a couple hundred small-ish server farms, but I’m pretty sure he envisioned them being scattered around the planet, wherever people find it worthwhile to install server farms for other reasons.

I’m fairly sure Satoshi’s notion of the eventual centralization of hashing power didn’t really encompass todays nearly-complete centralization in a single country, owned by a set of people who are subject to the whims and commands of a single government, who very clearly know each other and work together whenever it’s convenient.

And I find it worrisome.

Those enormous mining farms, and the way economics drove them together, are a structural problem with converting electricity into security.

I am not comfortable with the implication that, for any Proof-of-Work block chain including Bitcoin, economics will eventually devolve to the point where, when Beijing says ‘jump’ the mining and security of that block chain says ‘how high?’

And that is one of the greatest reasons why I look around for a different means of securing block chains.

El Fin

Send to Kindle

How much electricity is consumed by Bitcoin, Bitcoin Cash, Ethereum, Litecoin, and Monero?

I recently created a thread that on Twitter regarding the lower-bound estimates for how much electricity the Bitcoin blockchain consumed using publicly available numbers.

The first part of this post is a slightly modified version of that thread.

The second part of this post, below part 1, includes additional information on Bitcoin Cash, Ethereum, Litecoin, and Monero using the same type of methodology.

Background

The original nested thread started by explaining why a proof-of-work (PoW) maximalist view tries to have it both ways.

You cannot simultaneously say that Bitcoin is – as measured by hashrate – the “most secure public chain” and in the same breath say the miners do not consume enormous quantities of energy to achieve that.  The fundamental problem with PoW maximalism is that it wants to have a free energy lunch.

All proof-of-work chains rely on resource consumption to defend their network from malicious attackers.  Consequently, a less resource intensive network automatically becomes a less secure network.1  I discussed this in detail a few years ago.

Part 1: Bitcoin

Someone recently asked for me to explain the math behind some of Bitcoin’s electricity consumption, below is simple model using publicly known numbers:

  • the current Bitcoin network hashrate is around 50 exahashes/sec
  • the most common mining hardware is still the S9 Antminer which churns out ~13 terahashes/sec

Thus the hashrate pointed at the Bitcoin network today is about 50,000,000 terashashes.

Dividing one from the other, this is the equivalent of 3,846,000 S9s… yes over 3 million S9s.

While there is other hardware including some newer, slightly more energy efficient gear online, the S9 is a good approximate.

Because the vast majority of these machines are left on 24/7, the math to estimate how much energy consumption is as follows:

  • in practice, the S9 draws about 1,500 watts
  • so 1,500 x 24 = 36kWh per machine per day

Note: here’s a good thread explaining this by actual miners.

In a single month, one S9 will use ~1,080 kWh.

Thus if you multiply that by 3,846,000 machines, you reach a number that is the equivalent of an entire country.

  • for a single day the math is: ~138.4 million kWh / day
  • annually that is: ~50.5 billion kWh / year

For perspective, ~50.5 billion kWh / year would place the Bitcoin network at around the 47th largest on the list of countries by electricity consumption, right between Algeria and Greece.

But, this estimate is probably a lower-bound because it doesn’t include the electricity consumed within the data centers to cool the systems, nor does it include the relatively older ASIC equipment that is still turned on because of local subsidies a farm might receive.

So what?

According to a recent Wired article:

In Iceland, the finance minister has warned that cryptocurrency mining – which uses more power than the nation’s entire residential demand – could severely damage its economy.

Recent analysis from a researcher at PwC places the Bitcoin network electricity consumption higher, at more than the level of Austria which is number 39th on that list above.  Similarly, a computer science professor from Princeton estimates that Bitcoin mining accounts for almost 1% of the world’s energy consumption.2

Or to look at it in a different perspective: the Bitcoin network is consuming the same level of electricity of a developed country – Austria – a country that generates ~$415 billion per year in economic activity.

Based on a recent analysis from Chainalysis, it found that Bitcoin – which is just one of many proof-of-work coins – handled about $70 million in payments processed for the month of June.  Yet its cost-per-transaction (~$50) is higher than at any point prior to November 2017.

You don’t have to be a hippy tree hugger (I’m not) to clearly see that a proof-of-work blockchains (such as Bitcoin and its derivatives) are currently consuming significantly more resources than they create. However this math is hand-waved away on a regular basis by coin lobbyists.

The figure also didn’t include the e-waste generated from millions of single-use ASIC mining machines that are useful for about ~12 months; or the labor costs, or building rents, or transportation, etc.  These ASIC-based machines are typically discarded and not recycled.

In addition to e-waste, many mining farms also end up with piles of discarded cardboard boxes and styrofoam (source)

Part 2: Bitcoin Cash

With Bitcoin Cash the math and examples are almost identical to the Bitcoin example above.  Why?  Because they both use the same SHA256 proof-of-work hash function and as a result, right now the same exact hardware can be used to mine both (although not simultaneously).3

So what do the numbers look like?

The BCH network hashrate has been hovering around 4 – 4.5 exahashes the past month. So let’s use 4.25 exahashes.

Note: this is about one order of magnitude less hashrate than Bitcoin so you can already guesstimate its electricity usage.  But let’s do it by hand anyways.

An S9 generates ~13 TH/s and 4.25 exahashes is 4.25 million terahashes.

After dividing: the equivalent of about 327,000 S9s are used.

Again, these machines are also left on 24/7 and consume about 36 kWh per machine per day.  So a single S9 will use ~1,080 kWh per month.

  • 327,000 S9s churning for one day: ~11.77 million kWh / day
  • Annually this is: ~4.30 billion kWh / year

To reuse the comparison above, what country’s total electricity consumption is Bitcoin Cash most similar to?

Around 124th, between Moldova and Cambodia.

How much economic activity does Moldova and Cambodia generate with that electricity consumption?  According to several sources, Cambodia has an annual GDP of ~ $22 billion and Moldova has an annual GDP of ~$8 billion.

For comparison, according to Chainalysis, this past May, Bitcoin Cash handled a mere $3.7 million in merchant payments, down from a high of $10.5 million in March a couple months before.

Also, the Bitcoin Cash energy consumption number is likely a lower-bound as well for the reasons discussed above; doesn’t account for the e-waste or the resources consumed to create the mining equipment in the first place.

This illustrates once again that despite the hype and interest in cryptocurrencies such as Bitcoin and Bitcoin Cash, there is still little real commercial “activity” beyond hoarding, speculation, and illicit darknet markets.  And in practice, hoarding is indistinguishable from losing a private key so that could be removed too.  Will mainstream adoption actually take place like its vocal advocates claim it will?

Discarded power supplies from Bitcoin mining equipment (source)

Part 3: Ethereum

So what about Ethereum?

Its network hashrate has been hovering very closely to 300 TH/s the past month

At the time of this writing, the Ethereum network is still largely dominated by large GPU farms. It is likely that ASICs were privately being used by a handful of small teams with the necessary engineering and manufacturing talent (and capital), but direct-to-consumer ASIC hardware for Ethereum didn’t really show up until this summer.

There are an estimated 10 million GPUs churning up hashes for the Ethereum network, to replace those with ASICs will likely take more than a year… assuming price stability occurs (and coin prices are volatile and anything but stable).

For illustrative purposes, what if the entire network were to magically switch over the most efficient hardware -the Innosilicon A10 – released next month?

Innosilicon currently advertises its top machine can generate 485 megahashes/sec and consumes ~ 850 W.

So what is that math?

The Ethereum network is ~300 TH/s which is around 300,000,000 megahashes /sec.

Quick division: that’s the equivalent of 618,557 A10 machines.

Again, each machine is advertised to consume ~850 W.

  • in a single day one A10 consumes: 20.4 kWh
  • in a month: ~612 kWh

So what would 618,557 A10 machines consume in a single day?
– about 12.6 million kWh / day

And annually:
– about 4.6 billion kWh / year

That works out to be between Afghanistan or Macau.  However…

Before you say “this is nearly identical to Bitcoin Cash” keep in mind that the Ethereum estimate above is the lowest of lower-bounds because it uses the most efficient mining gear that hasn’t even been released to the consumer.

In reality the total energy consumption for Ethereum is probably twice as high.

Why is Etherum electricity usage likely twice as high as the example above?

Because each of the ~10 million GPUs on the Ethereum network is significantly less efficient per hash than the A10 is. 4  Note: an example of a large Ethereum mine that uses GPUs is the Enigma facility.

For instance, an air-cooled Vega 64 can churn ~41 MH/s at around 135 W which as you see above, is much less efficient per hash than an A10.

If the Ethereum network was comprised by some of the most efficient GPUs (the Vega 64) then the numbers are much different.

Starting with: 300,000,000 MH/s divided by 41 MH/s.  There is the equivalent to 7.32 million Vega GPUs generating hashes for the network which is more in line with the ~10 million GPU estimate.

  • one Vega 64 running a day consumes ~3.24 kWh
  • one Vega 64 running a month: ~77.7 kWh

If 7.32 million Vega equivalent GPUs were used:

  • in a day: ~ 23.71 million kWh
  • in a year: ~8.65 billion kWh

That would place the Ethereum network at around 100th on the electricity consumption list, between Guatemala and Estonia.

In terms of economic activity: Guatemala’s GDP is around $75 billion and Estonia’s GDP is around $26 billion.

What is Ethereum’s economic activity?

Unlike Bitcoin and Bitcoin Cash, the stated goal of Ethereum was basically to be a ‘censorship-resistant’ world computer.  Although it can transmit funds (ETH), its design goals were different than building an e-cash payments platform which is what Bitcoin was originally built for.

So while merchants can and do accept ETH (and its derivatives) for payment, perhaps a more accurate measure of its activity is how many Dapp users there are.

There are a couple sites that estimate Daily Active Users:

  • State of the Dapps currently estimates that there are 8.93k users and 8.25K ETH moving through Dapps
  • DappRadar estimates a similar number, around 8.37k users and 8.57K ETH moving through Dapps

Based on the fact that the most popular Dapps are decentralized exchanges (DEXs) and MLM schemes, it is unlikely that the Ethereum network is generating economic activity equivalent to either Guatemala or Estonia.5

For more on the revenue Ethereum miners have earned and an estimate for how much CO2 has been produced, Dominic Williams has crunched some numbers.  See also this footnote.6

According to Malachi Salacido (above), their mining systems (in the background) are at a 2 MW facility, they are building a 10 MW facility now and have broken ground on a 20 MW facility. Also have 8 MW of facilities in 2 separate locations and developing projects for another 80 MW. (source)

Part 4: Litecoin

If you have been reading my blog over the past few years, you’ll probably have seen some of my Litecoin mining guides from 2013 and 2014.

If you haven’t, the math to model Litecoin’s electricity usage is very similar to both Bitcoin and Bitcoin Cash.  From a mining perspective, the biggest difference between Litecoin and the other two is that Litecoin uses a hash function called scrypt, which was intended to make Litecoin more “ASIC-resistant”.

Spoiler alert: that “resistance” didn’t last long.

Rather than diving into the history of that philosophical battle, as of today, the Litecoin network is composed primarily of ASIC mining gear from several different vendors.

One of the most popular pieces of equipment is the L3+ from Bitmain.  It’s basically the same thing as the L3 but with twice the hashrate and twice the power consumption.

So let’s do some numbers.

Over the past month, the Litecoin network hashrate has hovered around 300 TH/s, or 300 million MH/s.

Based on reviews, the L3+ consumes ~800 W and generates ~500 MH/s.

So some quick division, there are about 600,000 L3+ machines generating hashes for the Litecoin network today.

As an aggregate:

  • A single L3+ will consume 19.2 kWh per day
  • So 600,000 will consume 11.5 million kWh per day
  • An annually: 4.2 billion kWh per year

Coincidentally this is roughly the same amount as Bitcoin Cash does as well.

So it would be placed around 124th, between Moldova and Cambodia.

Again, this is likely a lower-bound as well because it assumes the L3+ is the most widely used ASIC for Litecoin but we know there are other, less efficient ones being used as well.

What about activity?

While there are a few vocal merchants and a small army of “true believers” on social media, anecdotally I don’t think I’ve spoken to someone in the past year who has used Litecoin for any good or service (besides converting from one coin to another).

We can see that — apart from the bubble at the end of last year — the daily transaction volume has remained roughly constant each day for the past 18 months.  Before you flame me with a troll account, consider that LitePay collapsed before it could launch, partly because Litecoin still lacks a strong merchant-adopting ecosystem.

In other words, despite some support by merchant payment processors, its current usage is likely as marginal as Bitcoin and Bitcoin Cash.

Genesis Mining facility with Zeus scrypt mining equipment (source)

Part 5: Monero

The math around Monero is most similar to Ethereum in that it is largely dominated by GPUs.

In fact, earlier this year, a large number of Monero developers convinced its boisterous userbase to fork the network to prevent ASICs from being used.  This resulted in four Monero forks and basically all of them are dominated by high-end GPUs.

For the purposes of this article, we are looking at the fork that has the highest hashrate, XMR.  Over the past month its hashrate has hovered around 475 MH/s.

Only 475 MH/s?  That may sound like a very diminutive hashrate, but it is all relative to what most CPU and GPU hashrate performance is measured in Monero and not other coins.

For example, MoneroBenchmarks lists hundreds of different system configurations with the corresponding hashrate.  Similarly there are other independent testing systems that provide public information on hashrates.

Let’s take that same Vega 64 used above from Ethereum.  For Monero, based on tweaking it generates around 2000 hashes/sec and consumes around 160 W.

So the math is as follows:

  • 475,000,000 hashes/sec is the current average hashrate
  • A single Vega 64 will generate about 2000 hashes/sec
  • The equivalent of 237,500 Vega 64s are being used
  • Each Vega 64 consumes about 3.84 kWh per day
  • So 237,500 Vega 64s consume 912,000 kWh per day
  • And in a year: 332 million kWh

The 332 million kWh / year figure is a lower-bound because like the Ethereum Vega 64 example above: it doesn’t include the whole mining system, all of these systems still need a CPU with its own RAM, hard drive, and so forth.

As a result, the real electricity consumption figure is much closer to Haiti than Seychelles, perhaps even higher.  Note: Haiti has a ~$8.4 billion economy and the GDP of Seychelles is ~$1.5 billion.

So what about Monero’s economic activity?  Many Monero advocates like to market it as a privacy-focused coin.  Some of its “core” developers publicly claimed it would be the best coin to use for interacting with darknet markets.  Whatever the case may be, compared to the four above, currently it is probably the least used for commercial activity as revealed by its relative flat transactional volume this past year.

A now-deleted image of a Monero mining farm in Toronto (source)

Conclusion

Above were examples of how much electricity is consumed by just five proof-of-work coins.  And there are hundreds of other PoW coins actively online using disproportionate amounts of electricity relative to what they process in payments or commerce.

This article did not dive into the additional resources (e.g., air conditioning) used to cool mining equipment.  Or the subsidies that are provided to various mining farms over the years.  It also doesn’t take into account the electricity used by thousands of validating nodes that each of the networks use to propagate blocks each day.

It also did not include the huge amount of semiconductors (e.g. DRAM, CPUs, GPUs, ASICs, network chips, motherboards, etc.) that millions of mining machines use and quickly depreciate within two years, almost all of which becomes e-waste.7 For ASIC-based systems, the only thing that is typically reused is the PSU, but these ultimately fail as well due to constant full-throttle usage.

In summation, as of this writing in late August 2018:

  • Bitcoin’s blockchain likely uses the same electricity footprint as Austria, but probably higher
  • Bitcoin Cash’s blockchain is at least somewhere between Moldova and Cambodia, but probably higher
  • Ethereum’s blockchain is at least somewhere between Guatemala and Estonia, but probably higher
  • Litecoin’s blockchain is at least somewhere between Moldova and Cambodia, but probably higher
  • One of Monero’s blockchains is at least somewhere between Haiti and Seychelles, but probably higher

Altogether, these five networks alone likely consume electricity and other resources at an equivalent scale as The Netherlands especially once you begin to account for the huge e-waste generated by the discarded single-use ASICs, the components of which each required electricity and other resources to manufacture.  Perhaps even higher when costs of land, labor, on-going maintenance, transportation and other inputs are accounted for.

The Netherlands has the 18th largest economy in the world, generating $825 billion per annum.

I know many coin supporters say that is not a fair comparison but it is.  The history of development and industrialization since the 18th century is a story about how humanity is increasingly more productive and efficient per unit of energy.

Proof-of-work coins are currently doing just the opposite.  Instead of being more productive (e.g., creating more outputs with the same level of inputs), as coin prices increase, this incentivizes miners to use more not less resources.  This is known as the Red Queen Effect.89

For years, proof-of-work advocates and lobbying organizations like Coin Center have been claiming that the energy consumption will go down and/or be replaced by renewable energy sources.

But this simply cannot happen by design: as the value of a PoW coin increases, miners will invest more capital in order to win those coins.  This continues to happen empirically and it is why over time, the aggregate electricity consumption for each PoW coin has increased over time, not decreased.  As a side-effect, cryptocurrency mining manufacturers are now doing IPOs.10

Reporters, if you plan to write future stories on this topic, always begin by looking at the network hashrate of the specific PoW coin you are looking at and dividing it by the most common piece of mining hardware.  These numbers are public and cannot be easily dismissed.  Also worth looking at the mining restrictions and bans in Quebec, Plattsburgh, Washington State, China, and elsewhere.

To front-run an example that coin promoter frequently use as a whataboutism: there are enormous wastes in the current traditional financial industry, removing those inefficiencies is a decades-long ordeal.  However, as of this writing, no major bank is building dozens of data centers and filling them with single-use ASIC machines which continuously generate random numbers like proof-of-work coins do.  That would be rightly labeled as a waste.

In point of fact, according to the Federal Reserve:

In the aggregate, U.S. PCS systems process approximately 600 million transactions per day, valued at over $12.6 trillion.

It shouldn’t take the energy footprint of a single country, big or small, to confirm and settle electronic payments of that same country.  The fact of the matter is that with all of its headline inefficiencies (and injustices), that the US financial system has — the aggregate service providers still manage to process more than three orders of magnitude more in transactional volume per day than all of the major PoW coins currently do.11 And that is just one country.

Frequent rejoinders will be something like “but Lightning!” however at the time of this writing, no Lightning implementation has seen any measurable traction besides spraying virtual graffiti on partisan-run websites.

Can the gap between the dearth of transactional volume and the exorbitantly high cost-per-transaction ratio be narrowed?  Does it all come down to uses?  Right now, the world is collectively subsidizing dozens of minuscule speculation-driven economies that in aggregate consumes electricity on par with the 18th largest real economy, but produces almost nothing tangible in exchange for it.

What if all mining magically, immediately shifted over to renewable energy?

Izabella Kaminska succinctly described how this still doesn’t solve the environmental impact issues:

Renewable is displacement. Renewable used by bitcoin network is still renewable not used by more necessary everyday infrastructure. Since traditional global energy consumption is still going up, that ensures demand for fossil continues to increase.

To Kaminska’s point, in April a once-shuttered coal power plant in Australia was announced to be reopened to provide electricity to a cryptocurrency miner.  And just today, a senator from Montana warned that the closure of a coal power plant “could harm the booming bitcoin mining business in the state.”

It is still possible to be interested in cryptocurrencies and simultaneously acknowledge the opportunity costs that a large subset of them, proof-of-work coins, are environmental black holes.12

If you’re interested in discussing this topic more, feel free to reach out.  If you’re looking to read detailed papers on the topic, also highly recommend the first two links listed below.

Recommended reading:

End notes

  1. If the market value of a coin decreases, then because hashrate follows price, in practice hashrate also declines.  See also a ‘Maginot Line’ attack []
  2. Another estimate is that Bitcoin’s energy usage creates as much CO2 as 1 million transatlantic flights. []
  3. There have been proposals from various developers over the years to change this hash function but at the time of this writing, both Bitcoin and Bitcoin Cash use the same one. []
  4. And because many of these mining systems likely use more-powerful-than-needed CPUs. []
  5. Note: Vitalik Buterin highlighted this discrepancy earlier this year with the NYT: The creator of Ethereum, Vitalik Buterin, is leading an experiment with a more energy-efficient way to create tokens, in part because of his concern about the impact that the network’s electricity use could have on global warming. “I would personally feel very unhappy if my main contribution to the world was adding Cyprus’s worth of electricity consumption to global warming,” Mr. Buterin said in an interview. []
  6. At 8.65 billion kWh * $0.07 / kWh comes to around $600 million spent on electricity per year.  Mining rewards as of this writing: 3 ETH * $267 / ETH * 6000 blocks / day equals to $4.8 million USD / day.  Or ~$1.7 billion per year.  This includes electricity and hardware.  Thanks to Vitalik for double-checking this for me. []
  7. Just looking at the hash-generating machines, according to Chen Min (a chip designer at Avalon Mining), as of early November 2017, 5% of all transistors in the entire semiconductor industry is now used for cryptocurrency mining and that Ethereum mining alone is driving up DRAM prices. []
  8. See Chapter 3 []
  9. As described in a Politico article this past spring: “To maintain their output, miners had to buy more servers, or upgrade to the more powerful servers, but the new calculating power simply boosted the solution difficulty even more quickly. In effect, your mine was becoming outdated as soon as you launched it, and the only hope of moving forward profitably was to adopt a kind of perpetual scale-up: Your existing mine had to be large enough to pay for your next, larger mine.” []
  10. Following the dramatic drop in coin prices since January, Nvidia missed its revenue forecast from cryptocurrency-related mining: Revenues from miners were $289 million in Q1, which was about 10% of Nvidia’s revenue. The forecast for Q2 was $100 million and the actual revenues ended up being $18 million. []
  11. On average, the Bitcoin network confirms about 300,000 transactions per day.  A lot of that is not commercial activity.  Let’s take the highest numbers from Chainalysis and assume that each major cryptocurrency is processing at least $10 million in merchant transactions a day.  They aren’t, but let’s assume that they are.  That is still several orders of magnitude less than what US PCS systems do each day. []
  12. The ideological wing within the cryptocurrency world has thus far managed to convince society that negative externalities are ‘worth the cost.’  This narrative should be challenged by both policy makers and citizens alike as everyone must unnecessarily bear the environmental and economic costs of proof-of-work blockchains.  See also the Bitcoin Energy Consumption Index from Digiconomist and also Bitcoin is not a good fit for renewable energy. Here’s why. []
Send to Kindle

Clouds and Chains

This past week I gave a presentation at the Deconomy event in Seoul.  Some of the slides are based on a similar talk I gave 18 months ago (coincidentally also in Seoul).

The topic discusses the impact that regulations such as GDPR have on infrastructure (such as blockchains).

Send to Kindle

Predictions for 2018

As mentioned in my previous post, below are five thoughts for what could take place in 2018, categorized by degree of likelihood: most likely –> least likely.

(1) Continued mania

The euphoria around cryptocurrencies and ICOs continues due almost entirely because of retail sentiment, not just because of institutional action.  Every valuation model that has been proposed to gauge what the price of a certain coin will be, fails almost entirely because of the inability to model sentiment.  Contra Chris Burniske (note: he did not really disclose that he owned bitcoins while covering cryptocurrencies as an analyst), there are no ‘fundamentals’ to nearly any coin, in fact, many of the “top” coins don’t even do what they claim to do.

Want proof?  Look at the most talked about ICOs and altcoins and airdrops that were created in 2013-2014.  How many of them have actually delivered what they marketed?  Basically none.  Yet, if they are still listed on an exchange, odds are they are trading at near all-time highs because retail investors really don’t care about functionality or utility: they want narratives that paint pictures of Moonlambos in their near future.

This phenomenon is best described as “coin nihilism”:

Source: Twitter

So as long as there is free-entry to create and market a cryptocurrency to the masses, coin domination (who is the king of the castle) will be fluid.  The only entities capable of changing that is law enforcement via coordinated regulatory action (e.g., debanking of exchanges due to regulatory guidance).1

Or as one of my OTC trader friends recently remarked:

“This is why crypto is doomed for pump and dump because the market can’t react to increased demand with more supply. So if interest fades you just keep getting clobbered with new supply like 2014 redux.”

When you have free-entry and no gatekeepers when it comes to creating money supply, people will just create a new coin as it always has more financial upside.

Besides governments, what else could stop the pump train?  Hackers seem focused on low-hanging fruit – no one bothers to actually attack technical weaknesses in a blockchain.  “Early adopters,” old guard (OG) whales cashing out faster than demand can absorb the coin supply may be the only other large counterbalance to the mania.2

(2) Lawsuits

Both criminal and civil lawsuits will continue to be filed against issuers and developers of both cryptocurrencies and ICOs.  On the criminal side, the wrinkle will be that it will not just be securities and/or commodities regulators.  Law enforcement agencies involved with monitoring money transmission (such as FinCEN and FINTRAC) will announce more than one criminal suit against developers who either enabled money laundering to take place on their platforms and/or failed to comply with some other area of BSA (or other regional equivalent).3

Rather than go through the laundry list of all the areas for regulatory and law enforcement action, check out (attorney) Christine Duhaime’s explanation.

With that said, while a case could be made that entities like Bitcoin Core – and its vocal surrogates – behave a lot like administrators, there are few indications that the any development team will be sued right now.

(3) Pumpers and VCs are going to pump and won’t be held accountable

Pretty much the most popular twitter personalities nowadays are the shills and pumpers who benefits from one anothers antics.  It’s a non-stop contest to see who can say the most outrageous things about what cryptocurrencies will do to the world.  The winner gets to cash out on a secondary market and buy a Swiss resort. The loser who said Junkcoin would only jump 10x instead of 100x also gets to cash out and retire in the Hamptons.

Will bagholding be a line on a resume?4

Nope.  Few if any of these personalities will be debunked let alone dragged to court.  Consider this well-crafted title from Bloomberg last month: “The Hottest ICOs Are the Ones That Have Done the Least Amount of Work.”

How many of the most egregious examples of investors and advisors that promoted these will be held accountable?  Probably very few even though the SEC put out a press release specifically around the promotion of ICOs… we still regularly see ads for ICOs on social media (e.g., “general solicitation”).

For those hoping that techbros and their apologists will be held accountable, this is probably not that year.  This includes lobbying groups involved in disinformation campaigns for their own ideological purposes.

(4) Enterprise-related DLT efforts generate recurring enterprise license-based revenue

If we were to aggregate the amount of revenue generated by enterprise-focused DLT vendors, based on the known RFPs that were won last year and are currently being bid on, I’d guesstimate that about $100 – $200 million is at play this year.  This is based on the fact that most RFPs seem to be for less than $10 million.  It’ll take at least 6-12 months to build an MVP and then even longer to get approval for additional phases.

As mentioned in my previous post: unfortunately our sample size of big infrastructure builds on the enterprise side is still limited.  Examples include the the DA / ASX deal (which took 2 years for a final decision to be made).  Another large one is the DTC trade, the vendor of which is IBM.  If built and put into production, these will eventually recoup costs but the bigger revenue will likely come from actual enterprise-licenses: seats to use the network.

For an inside perspective, I reached out to one of my close friends working at a DLT vendor who provided the following view:

This year’s revenue is one thing. There is also recurring revenue (run vs build).  There is also the fact that last year some/many deals were “bought” for marketing and credential building purposes (so they are subsidized).  But I think this year suppliers are less willing to buy the business and bid low on price. We (the industry) could be in steady state production by year end for some implementations.  I think $100-200m is broadly right for revenue to play for this year.

His estimate included Q/A support and SLAs.

I also would predict that, just like last year, there will be very few new enterprise-focused vendors entering the market from the early stage startup world.  And that enterprise vendors struggle as a whole to attract and retain junior developers because they have to compete with cryptocurrency-related projects that may provide higher compensation during this bull market.

(5) Cryptocurrencies as financial market infrastructure

I think this is the least likely theme to occur this – and we should thank the gods – is using a cryptocurrency (anarchic) chain as FMI.  Despite the mud that coin lobbyists and evangelists throw at enterprise-focused DLT vendors, cryptocurrency networks are systemic risks to the financial world and should be avoided at this time.

It is one thing to have a coin bubble driven by unsophisticated retail investors.  It is another to have a coin bubble because of leverage and integration with some real financial instruments.  And it is another to have a coin bubble – and the mission critical systems of the world’s financial intermediaries – directly impacted by these coin fluctuations and not be able to hold any of the validating nodes accountable… because they are pseudonymous miners in a jurisdiction that doesn’t recognize the standing of a foreign lawsuit.

If you are reading this, you are probably not terribly sympathetic to anyone who loses their shirt at this time for buying some random coin.  On the other hand, you would be justified if you are worried that a national payment or securities depository is being run on top of Bitcoin via some kind of colored coin Rube Goldberg system.  Reducing systemic risks to the financial world has been a top priority of financial regulators since 2008.

At the time of this writing, none of the existing cryptocurrencies being built seems to have gone through or respects a PFMI check-off.  Or maybe that is a risk regulators and regulated financial institutions will be willing to take?

Final remarks

As a friend recently said, with cryptocurrencies you always have to expect the unexpected.  People are quick to forget the bear market of 2014-2015.  Will the irrational exuberance die down once most of these cryptocurrency and ICO projects fail to deliver on their promises?  Maybe not, but then again, check out the coin rankings over time on these four charts.

I am actually kind of optimistic for new ideas being tested out in certain ecosystems, like Ethereum (note: this is not an endorsement of Ethereum or ETH/ETC).  Now that proof-of-stake, via Casper, is being brought out of the lab and onto a testnet, we might be able to scratch off the environmental impact issue that is a blight on proof-of-work networks.  CryptoKitties, via ERC721, is a neat demonstration of how to potentially create non-fungible property (assuming courts recognize it as such).  I have been giving this some thought on other areas that this could be reused and commercialized.  Note: there is an entire, virtual zoo of copy cats that has now arrived, including puppies and other animals.

What do you think, will heads begin to roll as law enforcement learns what shenanigans are going on?  Will an ETF-based on bitcoin futures be approved?  It seems likely that the CME and CBOE will add futures trading for ether, what about other coins? Coinbase and several other former bitcoin-only exchanges have already announced that they will add more altcoins and everybody is guessing which one will be next.  Will 2018 be a repeat of 2014 with altcoin mania again dominating mindshare?

Endnotes

  1. One reviewer who works at an OTC desk commented: “Almost all of the OTC trading counterparties and exchange we have use just a couple banks.  It would be trivial to cut the spigot off overnight.  Also if I’m a regulator and want to go after the toxic sludge flowing through the fiat side of this world I hit one of these banks that provides the liquidity.” []
  2. One trader at an OTC desk commented that: “Real institutional liquidity, beyond what we have now, would help. I’d argue part of the reason why things get so out of hand so fast is because the market infrastructure isn’t there to handle it correctly.” []
  3. One reviewer at an exchange commented: “I think regulatory scrutiny is actually gonna land next year from CFTC and SEC in a real way.  The CFTC in particular has a duty now to police spot, wait till we get the first settlement of CME or CBOE where someone intentionally puts the auction in the tank or DoS’s the exchanges.” []
  4. Most traders only brag about their winning trades, not their losses. []
Send to Kindle

Six bedtime stories from 2017

[Note: I neither own nor have any trading position on any cryptocurrency.  I was not compensated by any party to write this.  The views expressed below are solely my own and do not necessarily represent the views of my employer or any organization I advise.  See Post Oak Labs for more information.]

2017 taught us many things, including the fact that no one reads (or writes) or pays for long-form content any more.  Even with lovable memes and animated gifs, keeping an audience’s attention is hard.

Already too distracted to read further?  How about a quick video from JP Sears on how to appropriately Bitcoin Shame your friends and family:

The other takeaway for 2017 is that, if in doubt, open up hundreds of social media accounts and shill your way to riches.  The worst thing that could happen is no one buys your coin.  The best thing that happens is that someone buys your coin and you can then convert the coin into real money, retire, and act like you are super-wise thought leader with oodles of entrepreneurial and investing experience.

Some other stories with revisiting from the past year:

(1) “Legitimization”

If we were being intellectually honest we would say that the only goal post anyone cared about this year was that the price of cryptocurrencies, as measured in real money, and how high they soared.1 And that the main reason this occurred is because Bob knew Alice and Carol were both going to buy a lot of say, bitcoin, thereby pushing up the price, so he did too.  The Economist called it “the greater fool theory.”  But The Economist are great fools for not buying in at $1, so let’s ignore them.

Basically none of the feel-good goals about lowering remittance fees or increasing financial inclusion promoted in previous years by enthusiasts have really materialized.  In fact, at-risk users and buyers in developing economies probably got screwed on the ICO bandwagon as insiders and sophisticated investors who were given privileged early access to pre-sales, dumped the coins on secondary markets and hoi polloi ended up holding the bag on dozens of quarter-baked ICOs.2

Oh, but transaction fees for Bitcoin are at all-time highs, that’s a real milestone right?

There are many reasons for this, including the fact that Bitcoin Core’s scaling roadmap has thus far failed to achieve its advertised deadlines (see section 5 below).3 Maybe that will change at some point.

Shouldn’t higher fees be a cause for celebration with “champaign” (sic)? 4

Some Bitcoin Core representatives and surrogates have created an ever expanding bingo card of scapegoats and bogeymen for why fees have gone up, ranging from:

  • blaming Roger Ver and Jihan Wu as demonic-fueled enemies of Bitcoin
  • to labeling large chunks of transactions as ‘spam attacks’ from nefarious Lizard-led governments5
  • to flat out bitcoinsplaining: higher fees is what to expect when mass adoption takes place!

I’m sure you’ll be on their bingo card at some point too.

Just like Visa and other widely used payment network operators charge higher and higher rates as more and more users join on… oh they don’t.6 But that’s because they censor your freedom loving transactions!  Right?

So what’s the interim solution during this era of higher fees?  Need to send a bitcoin payment to someone?

You know how supermarkets used to hold items on layaway?  They still do, but it’s not as common to use, hence why you googled the term.  Well, in light of high fees, some Bitcoin Core developers are publicly advising people to open up a “tab” with the merchant.  You know, just like you do with your favorite local bartender.

Fun fact: the original title of the Satoshi whitepaper was, Bitcoin: a peer-to-peer electronic layaway system.

This faux comparison didn’t age well.  In 2014 this was supposed to be a parody. (Source)

For example, the ad above was promoted far and wide by Bitcoin enthusiasts, including Andreas Antonopoulos who still tries to throw sand in Western Union’s eye.  Seriously, watch the linked video in which Antonopoulos claims that Bitcoin will somehow help the poor masses save money such that they can now invest in and acquire clean water.  It’s cringe worthy.  Did Bitcoin, or Bitcoin-related businesses, actually do any of the things he predicted?  Beyond a few one-time efforts, not really.7 Never mind tangible outcomes, full steam ahead on the “save the world” narrative!

Many enthusiasts fail to incorporate in their cartoonish models: that the remittance and cross border payment markets have a set of inflexible costs that have led the price structure to look the way it does today, and a portion of those costs, like compliance, have nothing to do with the costs of transacting.8  There may be a way of reducing those costs, but it is disingenuous (and arguably unethical) to pull on the heart strings of those living on subsistence in order to promote your wares.9

Rather than repeat myself, check out the break down I provided on the same Western Union example back in 2014.  Or better yet, look at the frequently updated post from Save on Send, who has the best analysis bar none on the topic.

Back to loathing about ‘adoption’ numbers: few people were interested in actual usage beyond arbitrage opportunities and we know this because no one writes or publishes usage numbers anymore.10 I’ll likely have a new post on this topic next quarter but for a quick teaser: BitPay, like usual, still puts out headline numbers of “328% growth” but doesn’t say what the original 2016 baseline volume was in order to get the new number today.

I don’t strive to pick on BitPay (to be fair they’re like the only guys to actually publish something) but unfortunately for them, the market still has not moved their way: Steam recently dropped support for Bitcoin payments and a Morgan Stanley research note (below) showed that acceptance from top 500 eCommerce merchants dropped from 5 in 2016 to 3 in 2017.11

“This is possibly the saddest bitcoin chart ever” – BI. Source: Morgan Stanley

Due to a lack of relevant animated gifs, a full break down on the topic wouldn’t fit in this article.  But just a quick note, there were a number of startups that moved decisively away from their original stated business case of remittances and instead in to B2B plays (BitPesa, Bitspark) or to wallets (Abra). 12  These would be worth revisiting in a future article.13

So what does this all have to do with “legitimization”?

If you haven’t seen the Godfather trilogy, it’s worth doing so during or after the holiday break.14

This year we have collectively witnessed the techbro re-enactment of Godfather: Part 3 with the seeming legitimization of online bucket shops and dodgy casinos, aka cryptocurrency intermediaries, you wouldn’t talk about in polite company.

All of the worst elements of society, like darknet market operators, hate groups, and malware developers, effectively got eff you money and a cleansing mainstream “exit” courtesy of financial institutions coming in and regulators overwhelmed by all of the noise.15  Just like in No Country for Old Men, the bad guy(s) sometimes win.  This isn’t the end of that story but the takeaway for entrepreneurs and retail investors: don’t work or build anything. Just shill for coins on social media morning, noon, and night.

(2) Red Scares

I am old enough to remember back in 2013 when Bitcoin “thought leaders” welcomed Chinese Bitcoin users.  In late 2013, during the second bull run of that year, there were frequent reddit threads about how mainland Chinese could use Bitcoin to route around censorship and all the other common civil libertarian tropes.

Guess what happened?  On December 5th, 2013, the People’s Bank of China and four other ministries issued guidance which restricted activities that domestic banks could do with cryptocurrencies, thereby putting spot exchanges in a bit of a bind, causing panic and subsequently a market crash.  Within days there were multiple “blame China” threads and memes that still persist to this day.  Case in point: this thread titled, “Dear China” which had Mr. Bean flipping off people in cars, was voted to the top of /r/bitcoin within a couple months of the government guidance.  Classy.

As I detailed in a previous post, earlier in the autumn, several state organs in China finally closed down the spot exchanges, which in retrospect, was probably a good decision because of the enormous amounts of scams and deception going on while no one in the community was policing itself.16 In fact, some of the culprits that led Chinese exchanges into the dishonesty abyss are still around, only now they’re working for other high-profile Bitcoin companies. 17  Big surprise!

For example, Reuters did an investigation into some of the mainland exchanges this past September, prior to the closure of the spot exchanges.  They singled out BTCC (formerly BTC China) as having a checkered past:

Internal customer records reviewed by Reuters from the BTCChina exchange, which has an office in Shanghai but is stopping trading at the end of this month, show that in the fall of 2015, 63 customers said they were from Iran and another nine said they were from North Korea – countries under U.S. sanctions.

It’s unclear how much volume BTCC processed on behalf of North Koreans, one former employee says the volumes were definitely not zero.18 These were primarily North Koreans working in China, some in Dandong (right across the border).

For perspective: North Korea has been accused of masterminding the WannaCry ransomware attack and also attacking several South Korea exchanges to the tune of around $7 million this year.  Sanctions are serious business, check out the US Department of Treasury resource center to learn more.19

Isn’t China the root of all problems in Bitcoinland?

Source: Twitter

The sensationalism (above) is factually untrue yet look how many people retweeted and liked the quickly debunked conspiracy theory.  It’s almost as if, in the current mania, no one cares about facts.

As Hitchens might say: that which can be asserted without evidence, can be dismissed without evidence.  So to are the conspiracies around Bitcoin in China:

  • Is the Chinese government nationalizing Bitcoin?  No.
  • Is the Chinese government responsible for Bitcoin Cash.  No.
  • Is the Chinese government behind the rise in CryptoKitties. No.

In this bull market it is unclear why Paul has to resort to PR stunts, like making fearmongering tweets or opening a strike/call option at LedgerX with the bet that bitcoin will be worth $50,000 next year.20 There are many other ways to better utilize this capital: rethink investing in funds run by managers who are not only factually wrong but who spread fake rumors around serious issues like nationalization.

For instance, I don’t normally publicly write about who I meet, but this past July, while visiting Beijing I sat down with about a dozen members of their ‘Digital Money‘ team (part of the People’s Bank of China group involved in exploring and researching blockchain-related topics). 21 They had already spoken with my then-current employer as well as many other teams and companies (apparently the Zcash team saw them the very next day). While I don’t want to be perceived as endorsing their views, based on my in-depth discussion that day, this Digital Money team had clearly done their homework and heard from all corners of the entire blockchain ecosystem, both cryptocurrency advocates and enterprise vendors. They were interested in the underlying tech: how could the big umbrella of blockchain-related technology improve their financial market infrastructure?

Look at it another way: the Chinese government (or any government for that matter) has no need to nationalize Bitcoin, what value would it bring to them?  It would just be a cost center for them as miners don’t run for free.22  In contrast, their e-RMB team, based out of Shenzhen, has been experimenting with forks/clones of Ethereum.  This is public information.

But what about Jihan and Bitmain?  Aren’t they out to kill Bitcoin?

I can’t speak on his intentions but consider this: as a miner who manufacturers and sells SHA256 hardware that can be used by both Bitcoin and Bitcoin Cash (as well as any SHA256 proof-of-work coin), Bitmain benefits from repeat business and satisfied customers.  It is now clear that the earlier Antbleed campaign effort to demonize Bitmain was a massive PR effort to create a loss of confidence in Bitmain as it was promoted by several well known Bitcoin Core supporters and surrogates to punish Bitmain for its support for an alternative Bitcoin scaling roadmap and client.  In fact, as of this day, no one has brought forth actual evidence beyond hearsay, that covert ASICBoost is/was taking place.  Maybe they did, but you’d need to prove this with evidence.

Speaking of PR campaigns and mining…

(3a) Energy usage / mining

Over the past two months there have probably been more than a dozen articles whitewashing proof-of-work mining energy consumption numbers.  Coin Center, a lobbying group straight out of Thank You for Smoking, has its meme team out on continuous social media patrols trying to conduct damage control: no one must learn that Bitcoin mining isn’t free or that it actually consumes resources!

Source: Twitter

The title of the article above is complete clickbait BS.  Empirically proof-of-work mining is driving miners to find regions of the world that have a good combination of factors including: low taxes, low wages, low energy costs, quick time-to-market access (e.g., being able to buy and install new hashing equipment), reliable energy, reliable internet access, and low political turmoil (aka stability).23  Environmental impact and “clean energy” are talking points that Van Valkenburgh allege, but don’t really prove beyond one token “we moved to renewables!” story.  The next time Coin Center pushes this agenda item, be sure to just ask for evidence from miners directly.24.

Another example is in a recent Bloomberg View column from Elaine Ou (note: the previous company that she co-founded was shut down by the SEC).  She wrote:

Digital currency is wasteful by design. Bitcoin “miners,” who process transactions in return for new currency, must race to solve extremely difficult cryptographic puzzles. This computational burden helps keep the transaction record secure — by raising the bar for anyone who would want to tamper with it –- but also requires miners to build giant farms of servers that consume vast amounts of energy. The more valuable bitcoin becomes, the more miners are willing to spend on equipment and electricity.

Mining a proof-of-work coin (such as Bitcoin) can only be as ‘cheap‘ or ‘efficient’ as the block reward is worth. As the market price of a coin increases so too does the capital expended by miners chasing seigniorage.  This, we both agree on.

In the long run, proof-of-work miners will invest and consume capital up to the threshold in which the marginal costs of mining (e.g., land, labor, electricity, taxes, etc.) roughly equals the marginal revenue they receive from converting the bitcoins into foreign currency (aka real money) to pay those same costs.  This, we also both agree on.

What Ou makes a mistake on is in her first sentence: digital currencies are not all wasteful, only the proof-of-work variety are.  Digital currency != cryptocurrency.25

I know, I know, all other digital currencies that are not proof-of-work are crap coins and those who make them are pearl-clutching morons.  Contra Ou and Coin Center, it is possible for central banks, and even commercial banks, to issue their own digital currency — and they could do so without using resource intensive proof-of-work.26  The Bank of International Settlements recently published a good paper on the various CBDC models out there, well worth a read.  And good news: no mountains of coal are probably used in the CBDC issuance and redemption process.27

Back to proof-of-work coins: a hypothetically stable $1 million bitcoin will result in a world in which miners as a whole expend up to $1 million in capital to mine.  If the network ever became cheaper to operate it would also mean it is cheaper to permanently fork the network.  You can’t have both a relatively high value proof-of-work coin and a simultaneously non-resource intensive network.

While it is debatable as to whether or not Bitcoin mining is wasteful or not, it empirically does consume real resources beyond the costs of energy and the externalization of pollution onto the environment.  The unseen costs of hash generation for a $20,000 bitcoin is at least $13 billion in capital over a year that miners will eventually consume in their rent-seeking race albeit from a combination of resources.

Data source: BitInfoCharts

I quickly made the chart (above) to illustrate this revenue (or costs depending on the point of view).28 These are the eight largest proof-of-work-based cryptocurrencies as measured by real money market prices.

There are a few caveats: (1) some of the block rewards adjust more frequently than others (like XMR); (2) some of the coins have relatively low transaction fees which equates to negligible revenue so they were not included; (3) the month of December has seen some very high transaction fees that may or may not continue into 2018; (4) because block generation for some of these is based on an inhomogeneous Poisson process, blocks may come quicker than what was supposed to be “average.”

How to interpret the table?

The all-time high price for Bitcoin was nearly $20,000 per coin this year.  If in the future, that price held stable and persisted over an entire year, miners would receive about $13 billion in block rewards alone (not including transaction fees).  Empirically we know that miners will deploy and consume capital up to the point where the marginal costs equals the marginal value of the coin.29  So while there are miners with large operating margins right now, those margins will be eaten up such that about $13 billion will eventually be deployed to chase and capture those rewards.  Consequently, if all 8 of these proof-of-work coins saw their ATH extended through 2018, ceteris paribus, miners would collectively earn about $32.6 billion in revenue (including some fees).

There are a variety of sites that attempt to gauge what the energy consumption is to support the network hashrate.  Perhaps the most frequently cited is Digiconomist.  But Bitcoin maximalists don’t like that site, so let’s put together an estimate they cannot deny (yes, there are climate change denialists in the cryptocurrency world).

For the month of December, the network hashrate for Bitcoin hovered around 13.5 exahash/second or 13.5 million terahash/second (TH/s).

To get a lowerbound on how many hash-generating machines are being used, let’s look at a product called the S9 from Bitmain.  It is considered to be the most “efficient” off-the-shelf product that public consumers can order in volume.30 This mining unit generates around 13.5 TH/s.

So, if we were to magically wave our hands and replace all of the current crop of Bitcoin mining machines into the most efficient off-the-shelf product, we’d need about 1 million of these to be manufactured, shipped, installed, and maintained in order to generate the equivalent hashrate that the Bitcoin network has today.  Multiply 1 million S9’s times the amount of energy individually used by a S9 and you’d get a realistic lowerbound energy usage for the network today.31

Note: this doesn’t factor in land prices, energy costs, wages for employees, building the electrical infrastructure (e.g., installing transformers), and many other line items that are unseen in the chart above.  It also doesn’t include the most important factor: as more mining hashrate is added and the difficulty rating adjust upward, it dilutes the existing labor force (e.g., your mining unit does not improve or become more productive over time).

(3b) Energy usage upperbound

So what are the upperbound costs?

Source: Twitter

The tweet above is not a rare occurrence.  If you are reading this, you probably know someone who tried to mine a cryptocurrency from an office computer or maybe their computer was the victim of ransomware.

You may not think of much of the externalization and socialization of equipment degradation that is taking place, but because mining is a resource intensive process, the machines used for that purpose depreciate far faster than those with normal office usage.32  To date, no one has done a thorough analysis of just how many work-related computers have been on the receiving end of the mining process but we know that employees sometimes get caught, like the computer systems manager for the New York City Department of Education or the two IT staffers in Crimea.33

Even if miners eventually fully utilize renewable energy resources, most hash-generating machines currently deployed do not and will not next year.  These figures also do not factor in the fully validating nodes that each network has that run out of charity (people run them without any compensation) yet consume resources.  According to Bitnodes, Bitcoin has around 11,745 nodes online. According to EtherNodes, Ethereum has around 26,429 nodes online.

So is there an actual upperbound number?

There is, by dividing hashpower by cost and comparing to costs of various known processor types.  For instance, see this footnote for the math on how two trillion low-end laptop CPUs could be used.3435

Just looking at the hash-generating machines, according to Chen Min (a chip designer at Avalon Mining), as of early November, 5% of all transistors in the entire semiconductor industry is now used for cryptocurrency mining and that Ethereum mining alone is driving up DRAM prices.

This is not to say you should march in the streets demanding that miners should forgo the use of coal power plants and only use solar panels (which of course, require consumption of resources including semiconductors), there are after all, many other activities that are relatively wasteful.

But some Bitcoin and cryptocurrency enthusiasts are actively whitewashing the environmental impact of their anarchic systems and cannot empirically claim that their proof-of-work-based networks are any less wasteful or resource intensive than the traditional foreign capital markets they loathe.

In point of fact, while the traditional financial markets will continue to exist and grow without having to rely on cryptocurrencies for rationally pricing domestic economic activity, in 2018, as in years prior, Bitcoinland is still fully dependent on the stability of foreign economies providing liquidity and pricing data to the endogenous labor force of Bitcoin.  Specifically, I argue in a new article, that miners cannot calculate without using a foreign unit of account; that economic calculations on whether or not to deploy and consume capital for expanding mining operations can only be done with stable foreign currency.36

Keep in mind that cryptocurrencies such as Bitcoin only clear (not settle) just one coin (or token) whereas traditional financial markets manage, transact, clear and settle hundreds of different financial instruments each day. 37  For comparison, the Federal Reserve estimates that on any given day about 600 million payment, clearing, and settlement transactions take place in the US representing over $11 trillion in value.38  But this brings up a topic that is beyond the scope of this article.  Next section please.

(4) MIT’s Digital Currency Initiative

On the face of it, MIT’s DCI effort makes a lot of sense: one of the world’s most recognized institutions collaborating with cryptocurrency developers and projects worldwide.

But beneath the slick facade is a potential conflict of interest that has not been looked at by any media outlet.  Specifically, around its formal foray into building tools for central bank digital currency (CBDC).  Rob Ali, a well-respected lawyer turned research scientist (formerly with the Bank of England), was hired earlier this year by DCI to build and lead a team at MIT for the purpose of continuing the research he had started at the BoE.  This is no secret.

Less known is how this research has now morphed into a two-fold business:

  1. DCI charges central banks about $1 million a year to be a partner.39  What this allows the central bank to do is send staff to MIT and tap into its research capabilities.  This includes MIT representatives co-authoring a couple of papers each year focused on topics that the central bank is keen to explore.  Multiple central banks have written checks and are working together with DCI at this time.
  2. Building and licensing tools and modules to central banks and commercial banks.  DCI has hired several Bitcoin developers whom in turn have cloned/forked Bitcoin Core and Lightning.  Using this code as a foundation, DCI is building IP it aims to license to central banks who want to build and issue central bank digital currency.

Where is the conflict of interest?

DCI is housed within MIT’s Media Lab, whose current director is Joi Ito.  Ito is also the co-founder and director of Digital Garage.  Digital Garage is an investor in Blockstream and vocal advocate of Lightning; coincidentally Blockstream is building its own Lightning implementation. Having made several public comments in favor of Bitcoin Core’s hegemony, Ito also appears to be a critic of alternative blockchain implementations.

In looking at his publicly recorded events on this topic Ito does not appear to disclose that the organizations he co-runs and invests in, directly benefit from the marketing efforts that Bitcoin Core and Lightning receive.  Perhaps this is just miscommunication.

I’m all for competition in the platform and infrastructure space and think central bank digital currencies are legit (again check out this BIS paper) but this specific DCI for-profit business should probably be spun off into an independent company.  Why?  Because it would help reduce the perception that Ito – and others developers involved in it – benefits from these overlapping relationships.  After all, Bitcoin Core arguably has a disproportional political clout that his investment (Blockstream) potentially benefits from if/when Lightning goes into production.40 And again, this is not to say there shouldn’t be any private-public partnerships or corporate sponsorships of academic research or that researchers should be prohibited in investing in companies, rather just a recommendation for disclosure and clarity.

(5) Lightning Network

If you haven’t seen The Money Pit (with Tom Hanks), it is well worth it for one specific reason: the contractors and their staff who are renovating Hanks’ home keep telling Hanks that it will be ready in two weeks.

And after those two weeks are over, Hanks is informed yet again that it will be ready in another two weeks.

The Lightning Network, as a concept, was first announced via a draft paper in February 2015. Its authors, Tadge Dryja and Joseph Poon, had initially sketched out some of the original ideas at their previous employer Vaurum (now called Mirror).

Lightning, as it is typically called, is commonly used in the same breath as “the scaling solution,” a silver bullet answer to the current transactional limitations on the Bitcoin network.41 Nearly three years later, after enormous hype and some progress, a decentralized routing version still has not gone into production.  Maybe it will eventually but not one of its multiple implementations is quite ready today unless you want to use a centralized hub.42  Strangely, some of the terminology that its advocates frequently use, “Layer 2 for settlement,” is borderline hokum and probably has not been actually vetted to see if it fulfills the requirements for real “settlement finality.”43

And like multiple other fintech infrastructure projects, some of its advocates repeatedly said it would be ready in less than 6 months, several times.  For instance:

  • On October 7, 2015, Pete Rizzo interviewed multiple developers including Tadge Dryja and Joseph Poon regarding Lightning.  Rizzo wrote that: “In interview, Dryja and Poon suggested that, despite assertions project development could take years, Lightning could take as little as six months to be ready for launch.”
  • On April 5, 2016, Kyle Torpey interviewed Joseph Poon regarding expected time lines, stating that: “Lightning Network co-creator Joseph Poon recently supplied some comments to CoinJournal in regards to the current status of the project and when it will be available for general use. Poon claimed a functional version of the Lightning Network should be ready this summer.”
  • A month later, on May 5, 2016, Kyle Torpey interviewed Adam Back regarding his roadmap.  Torpey wrote that: “While all of these improvements are being implemented on Bitcoin’s base layer, various layer-2 solutions, such as the Lightning Network, can also happen in parallel. The Lightning Network only needs CHECKSEQUENCYVERIFY (along with two other related BIPs) and Segregated Witness to be accepted by the network before it can become a reality on top of the main Bitcoin blockchain.”
  • On November 12, 2016, Alyssa Hertig interviewed several developers including Pierre-Marie Padiou, CEO of ACINQ, one of the startups trying to building a Ligthning implementation.  According to Padiou: “The only blocker for a live Lightning implementation is SegWit. It’s not sure how or when it will activate, but if SegWit does activate, there is no technical thing that would prevent Lightning from working.”

Segregated Witness (SegWit) was activated on August 24, 2017.  More than four months later, Lightning is still not in production without the use of hubs.

Source: Twitter

Not to belabor the point, just this past week, one of the executives at Lightning Labs (which is building one of the implementations) was interviewed on Bloomberg but wasn’t asked about their prior rosy predictions for release dates.  To be fair, there is only so much they could cover in a six minutes allocation.

“Building rock solid infrastructure is hard,” is a common retort.

Who could have guessed it would take longer than 6 months?  Yes, for regular readers of my blog, I have routinely pointed out for several years that architecting and deploying financial market infrastructure (FMI) is a time consuming, laborious undertaking which has now washed out more than a handful of startups attempting to build “enterprise” blockchains.

For example, Lightning as a concept predates nearly every single enterprise-focused DLT vendor’s existence.  While not an equal comparison (they are trying to achieve different goals), there are probably ~5 enterprise-focused, ‘permissioned’ platforms that are now being used in mature pilots with real institutional customers and a couple could flip the “production” button on in the next quarter or so.4445

For what it is worth, enterprise DLT vendors as a whole did a very poor job managing expectations the past couple of years (which I mentioned in a recent interview).  And they certainly had their own PR campaigns during the past couple of years too, there is no denying that.  Someone should measure and quantify the amount of mentions on social media and news stories covering enterprise vendors and proposals like Lightning.46

Better late than never, right?  So what about missed time frames?

In a recent (unscientific) poll I did via Twitter (the most scientific voting platform ever!) found that of the more than 1,600 voters, 81% of respondents thought that relatively inexpensive anonymous Lightning usage won’t really be good to go for at least 6+ months.

Just as Adam Back proposed a moratorium on nebulous “contention” for six months (beginning in August), I propose a moratorium on using the term “Lightning” as a trump card until it is actually live and works without relying on hubs.  But don’t expect to see the crescendo of noise (and some signal) to die down in the meantime, especially once exchanges and wallets begin to demonstrate centralized, MSB-licensed implementations.47

With that suggestion, I can see it now: all of the Lightning supporters flaming me in unison on Twitter for not being a vocal advocate.  Sure beats shipping code!  To be even handed, Lightning’s collective PR effort was just one of many others (hello sofachains!) that could be scrutinized.  A future post could look at all funded infrastructure-related efforts to improve cryptocurrency networks.  Which ones, if any, showed much progress in 2017. 48

Interested in reading more contrarian views on the Lightning Network?  See Gerard and Stolfi (and Stolfi2x) (and Stolfi3x).  Let’s revisit in 6 months to see what has been launched and is in production.

(6) Objective reporting and analysis

Without sugar coating it: with the exception of a few stories, coin media not only dropped the ball on critically, objectively covering ICO mania this past year, but was largely complicit in its mostly corrupt rise.  This includes The Information, which is usually stellar, but seems to have fallen in the tank with the ICO pumpers.  That is, unless you’re a fake advisor and then they’ve got your number.

It took some time, but eventually mainstream and a few not-so-mainstream coverage has brought a much needed spotlight on some of the shady actions that took place this year. There were also a number of good papers from lawyers and academics published throughout 2017.

Your holiday reading list in no particular order:

One of my favorite articles this year should be yours too:

Just a few short months after Stephen Palley published the article above, a lawsuit occurred in which, surprise surprise, the plaintiffs highlighted specific claims in the white paper:

Source: Twitter

Note: that the SEC’s order against the Munchee ICO also relied on highlighting specific claims in the white paper.

Concluding remarks

Unfortunately 2017 will probably go down as the year in which several generations of nerds turned into day-trading schmucks, with colorful technical charts and all.50 This included even adopting religious slogans like:  Buy the dip!  Weakhands!  HODL!  We are the new 1%!  The dollar is crashing!  It’s not a bubble, it’s an adoption curve!

A few parting bits of advice: unfollow anyone that says this time things are different or the laws of economics have changed or calls themselves a “cryptolawyer” or who previously got shutdown by the SEC or who doesn’t have a LinkedIn page.  Rethink donating or investing funds to anyone who makes up rumors about mining nationalization or who was fired for gambling problems or has a communications team solely dedicated to designing memes for Twitter.51

Cryptocurrencies aren’t inherently bad and ideas like ERC721 are even cool.52 But as neat as some of the tech ideas may be, magic internet coins sure as heck continue to attract a lot of Scumbag Steves who are enabled by participants that have turned a blind eye.  It’s all good though, because everyone will somehow get a Moonlambo after the final boss is beaten, right?

Coda

I will have a separate post discussing predictions for 2018 but since we are reflecting on 2017, below are a few other areas worth looking into now that you’re a paper zillionare:

  • We have real empirical observation of hyperdeflation occurring: in which it is more rational to hoard the coin instead of spend it.  As a result, Bitcoin-focused companies that have accumulated bitcoin are still raising capital from external financial markets denominated in foreign currency instead of deploying (consuming) their own bitcoin. And these same startups are receiving valuations measured, not in terms of bitcoin, but in terms of a foreign unit of account.  What would change this trend?
  • Bitcoinland, with its heavy concentration of wealth, looks a lot like a feudal agrarian economy completely dependent on other countries and external financial markets in order to rationally deploy capital and do any economic calculation. Is there a way to build a dynamically adjustable cryptocurrency that does not rely on foreign capital or foreign reference rates?
  • How much proof-of-work related pollution has been externalized and socialized on the public at large due to subsidies in various regions like Venezuela?  What are the effects, if any, on global energy markets?
  • As traditional financial markets add products and solutions with direct ties to cryptocurrencies (futures, options, payments, custody), by the end of 2018 how much of the transactional activity on Bitcoin’s edges will be based on non-traditional financial markets (e.g., LocalBitcoins)?
  • There were a lot of publicity stunts this year.  Working backwards chronologically, the Andreas Antonopoulos donation could have been a publicity stunt, it also could be real.  The argument goes: how is someone with a best selling book, who charges $20,000+ for speaking engagements, and who has been receiving bitcoins for years (here is the public address), still in debt.  Maybe he is, maybe his family fell on hard times.  But few asked any questions when an anonymous person sent what amounted to $1 million in bitcoin enabling him to reset his tax basis.  (Hate me for writing this?  As an experiment, earlier this month I put up a Bitcoin and Ethereum address on the sidebar of the home page, feel free to shower me with your magic coins and prove me wrong.  I promise to convert it all into dirty filthy statist bucks.)  A few months prior to that, Jamie Dimon was accused of everything but eating babies after he said “Bitcoin is a fraud.”  Dozens of “Dear Jamie” letters were written begging him to see Bitcoin with their pure rose-tinted eyes.  At what point will Bitcoin enthusiasts grow some thick skin and ignore the critics they claim don’t matter?  And while we can continue to add PR stunts forever, the “fundraiser” for Luke-Jr’s home after Hurricane Irma had zero proof that it was his house, just a picture that Luke-Jr. says it was and the rest of the Bitcoin Core fan club promoting it.  Trust but verify?

[Note: if you found this research note helpful, be sure to visit Post Oak Labs for more in the future.]

Acknowledgements

Many thanks to the following for their constructive feedback: VB, YK, RD, CM, WG, MW, PN, JH

End notes

  1. Bitcoin fans basically walked onto the field before the football game, toppled the goal posts, and carried it outside the stadium declaring themselves victorious without having actually played the match. []
  2. How many of these unsophisticated buyers have subsequently lost the corresponding private keys?  See “Nearly 4 Million Bitcoins Lost Forever, New Study Says” from Fortune []
  3. I am sure I will be accused of being a “Bitcoin Cash shill” (which obviously I must be, there is no other explanation!) for pointing this out, but last week, one vocal Bitcoin Core supporter even proposed a commit to change the wording on Bitcoin.org surrounding low fees: “These descriptions of transaction features are somewhat open to interpretation; it would probably be best not to oversell Bitcoin given the current state of the network.” []
  4. As an actor on a classic Saturday Night Live sketch said: “You may ask how we at the Change Bank, make money? It’s simple, volume.” []
  5. I take issue with anyone claiming to be able to label transactions specifically as spam without doing an actual graph analysis.  See Slicing Data for more. Proof-of-lizard is not to be conflated with lizardcoin. []
  6. Note: this is not an endorsement of Visa, I do not have any equity or financial stake in Visa. []
  7. One reviewer commented: “One problem that affects all cryptocurrencies whether proof of work or of stake: What reason do most people have for using them that won’t run afoul of social policy objectives? As long as people need to convert them to regular fiat currencies, they have a distinct disadvantage. The only exception would be in failed economies where stable fiat currencies are restricted, until those governments see a cryptocurrency as a potential substitute and ban it. It is not even clear why a government would need to issue a cryptocurrency (not a CBDC). If it wants to serve unbanked people it could open or subsidize a bank for them which is what is being attempted in a few developing countries.” []
  8. One reviewer commented: “Fully peer-to-peer without banks ultimately leads to creating a new currency. A new currency means that for international payments you have the additional costs of converting into the currency and converting out of the currency. A currency not linked to a real world economy is always going to have a more volatile price (assuming it has any price at all). Volatility in FX always, always leads to higher transaction costs for exchange because the bid offer spread has to be wider. This is before you even get into the mining proof or work model and all its inherent flaws, which again ultimately result from trying to build a financial system without banks.” []
  9. One reviewer noted that: “Transferwise, Currency Fair, Revolut, Mondo and other startups are already doing it. And they’re doing it without having to break the rules and laws banks and Western Union have to play by. They’re building actual real, potentially sustainable businesses that are useful to society. They’re just not grabbing the headlines like the greater fool / Nakamoto Scheme is. When you build a real business, your scope for false promise making behind incoherent computer science jargon is pretty small.” []
  10. I even stopped aggregating numbers 18 months ago because fewer companies were making usage numbers public: it’s hard to write about specific trends when that info disappears.  Note: if you think you have some interesting info, feel free to send it my way. []
  11. BitPay has diversified its portfolio of services now, expanding far beyond the original merchant acceptance and recently closed a $30 million funding round.  However, the problem with their growth claims is they are typically measured in $USD volume. So, as the value of bitcoin has grown 10-20x (as measured in USD) in the past year, it is unclear how much BitPay has really grown in terms of new customers and additional transactions.  Note: the same can be said for most Bitcoin-specific companies making big growth-related claims, BitPay is just one example. []
  12. Movements occurred in other areas too, on the enterprise side, Chain was perhaps the most well known company to pivot away from that vertical. []
  13. One reviewer commented: “2017 was a good year for B2B players with some prominent funding rounds (e.g., Bitspark, Veem, BitPesa) and some claimed growth on blockchain “rails” (but also on non-blockchain) namely Veem and BitPesa. A big surprise of 2017 was a much broader awareness of cryptocurrencies, i.e., free massive PR. The Coinbase app became more popular than Venmo (and far ahead of any bank). As a result, one of the most intriguing questions right now for 2018 is if/how Coinbase could capitalize on this opportunity to become a full-fledged bank leveraging the best of banking-like services from players like Xapo, Uphold, and Luno?” []
  14. I suppose it is safe to assume that if you’re reading this, you are coin millionaire so you don’t worry about fiat-mandated holiday breaks like the rest of us. []
  15. Not all medium-to-large coin holders are the adopters you now see wearing suits on television talk shows.  Most coin holders, including the abusive trolls and misogynists on social media, have seen a large pay raise, enabling the worst elements to continue their bullying attacks and illicit activities.  See Alt-right utilizes bitcoin after crackdown on hate speech from The Hill []
  16. Worth pointing out that Ryan Selkis is attempting to push forward with a the self-regulatory effort called Messari.  See also: The Brooklyn Project. []
  17. Earlier this year, right after the law enforcement raids in China, one of the senior executives left BTCC but still remains on the board of the parent company that operates BTCC.  He quickly found a new senior role at another high-profile Bitcoin-focused company and uses his social media accounts to vigorously promote Bitcoin Core and maximalism. []
  18. As explored in a previous post, fake volumes among the Chinese exchanges was not uncommon and several of the large exchanges attempted to gain funding from venture capitalists while simultaneously faking the usage numbers. As one former employee put it: “That was an extraordinary attempt at fraud — faking the numbers through wash trading and simply printing trades, while using that data to attract investment and establish their valuation.” []
  19. Coinbase got into some problems in early 2015 when one of its investor decks highlighted the fact that cryptocurrencies, such as Bitcoin, could be used to bypass sanctions. []
  20. Ari Paul runs a small “crypto” hedge fund called BlockTower Capital (estimated to have between around $50-$80 million AUM) that like many companies in this space, faces an ongoing lawsuit.  Unclear why LPs didn’t just buy and hold cryptocurrencies themselves and cut out the hysteria and management fees. []
  21. Yea, I know, “money” is already digital… I didn’t give them that name, they did. []
  22. One reviewer noted: “The fact remains that if you replace the mining process with a a centralized system for validation of transactions and up-to-date of balances you could run the whole thing on an ordinary sized server for a few thousand dollars per year. Centralisation and a more logical data model are vastly better technically speaking. And it would be far easier to add in compliance and links to banks for more robust and honest methods for exchanging between a centralized bitcoin and fiat. What would the Chinese government gain from mining?” []
  23. One of the often overlooked benefits of setting up a mining farm in China is that many of the parts and components of mining equipment are either manufactured in China and/or final assembly takes place in China.  So logistically it is much quicker to transport and install the hardware on-site within China versus transport and use overseas. []
  24. I know a bunch and could maybe introduce them though some of them make public appearances at conferences so they can usually be approached or emailed. []
  25. In fact, many regulators, such as the ECB, categorize cryptocurrency as a type of “virtual currency,” separate from a “digital currency.” []
  26. There is often confusion conflating “transaction processing” and “hash generation,” the two are independent activities.  Today mining pools handle the transaction processing and have sole discretion to select any transactions from the memory pool to process (historically there have been thousands of ’empty’ blocks) — yet mining pools are still paid the full block reward irrespective of how many transactions they do or not process.  Hash generation via mining farms has been a discrete service for more than 5 years — think of mining pools as the block makers who outsource or subcontract the hash generation out to a separate labor force (mining farms) and then a mining pool packages the transactions into a block once they receive the correct proof-of-work.  Note: “fees” to miners is a slightly different but related topic. []
  27. CBDCs have their own issues, like the risk of crowding out ordinary banks in market for deposits in a low interest rate environment but they have little in common with anarchic crytocurrencies. []
  28. Many thanks to Vitalik Buterin for his feedback and suggestions here. []
  29. See also: Some Crypto Quibbles with Threadneedle Street from Robert Sams []
  30. There are other mining manufacturers, including some who only build for themselves, such as Bitfury. []
  31. Interestingly enough, the market price for one of these machines is around $2,000.  And if you do the math, you’ll see exactly what all professional miners do: it’d only cost $2 billion to buy enough machines to generate 100% of the network hashrate and claim all the $13 billion in rewards to yourself!  In other words, the seigniorage is big, fat, and juicy… and will attract other miners to come and bid up the price of mining to the equilibrium point. []
  32. There are many walk-throughs of bitcoin mining facilities, including this video from Quartz. []
  33. In the process of writing this article, a new story explained how more than 105,000 users of a Chrome extension were unknowingly mining Monero.  Heroic theft of CPU cycles, right? []
  34. In theory, and practice, the upperbound is not infinite.  We know from the hashrate being generated that there are a finite amount of cycles being spent repeatedly multiplying SHA256 over and over.  Perhaps a possible, but improbable way to gauge the upperbound is to take the processing speed of a low-end laptop CPU (which is not as efficient at hashing as its ASIC cousins are).  At 6 MH/s, how many seventh generation i3 chips would it take to generate the equivalent of 13.5 million TH/s?  On paper, over 2 trillion CPUs.  Note: 1 terahash is 1 million megahashes.  So 1 million laptop CPUs each generating 6 MH/s on paper, would collectively generate around 6 TH/s.  The current network hashrate is 13.5 exahash/s.  So you’d need to flip on north of 2 trillion laptop CPUs to reach the current hashrate.  In reality, you’d probably need more because to replace malfunctioning machines: a low-end laptop isn’t usually designed to vent heat from its CPU throttled to the max all day long. []
  35. One China-based miner reviewed this scenario and mentioned another method to arrive at an upperbound: “Look at the previous generation of ASICs which run at 2-3x watt per hash higher.  The previous generation machines normally get priced out within 18 months.  But with differing electricity costs and a high enough price, these machines get turned on.  Or they go to cheap non-petrodollar countries like Russia or Venezuela. So your base load of 1 million machines will have an upperbound of 2x to 3x depending on prevailing circumstances.” []
  36. It may be also worth pointing out that the “evil Chinese miners blocking virtuous Core” narrative is hard to justify because Bitcoin’s current relatively high fees are a direct result of congestion and has consequently increased miner revenue by 33% (based on December’s fees).  So in theory, it’s actually in the miners interest to now promote the small block position.  Instead, in reality, most miners were and are the ones advocating for bigger block sizes, and certain Bitcoin Core representatives were blocking those proposals as described elsewhere but we’re not going down that rabbit hole today. []
  37. One reviewer commented: “Financial instruments that either directly perform a service to our economy and even indirectly via speculation, enable price discovery for things that are important to people’s lives. Who’s lives is Bitcoin really important to right now? To this day the only markets it can claim to have any significant market share in, let alone be leader in, is illicit trade and ransomware. The rest appears to be just people looking to pump and shill.” []
  38. It’s also probably not worth trying to start a discussion about what the benefits, if any, there is for society regarding cryptocurrency mining relative to the resources it collectively consumes, as the comments below or on social media would simply result in a continuous flame war.  Note: colored coins and metacoins create distortions in the security assumptions (and rewards) for the underlying networks.  Watermarked tokens are neither secure nor proper for financial market infrastructure. []
  39. It is not $1 million straight, there are multiple levels and tiers. []
  40. There is an ongoing controversy around key decision makers within Bitcoin Core (specifically those who approve of BIPs) and their affiliation with Blockstream.  One of Blockstream’s largest investors, Reid Hoffman, said Blockstream would “function similarly to the Mozilla Corporation” (the Mozilla Corporation is owned by a nonprofit entity, the Mozilla Foundation). He likened this investment into “Bitcoin Core” (a term he used six times) as a way of “prioritiz[ing] public good over returns to investors.” []
  41. Because it is its own separate network, it actually has cross-platform capabilities.  However, historically it has been promoted and funded for initial uses on the Bitcoin network moreso than others. []
  42. Yes, I am aware of the demo from Alex Bosworth, it is a big step forward that deserves a pat on the back.  Now to decentralize routing and provide anonymity to users and improve the UI/UX for normal users. []
  43. To start with, see the Principles for Financial Market Infrastructures. []
  44. This is not an endorsement of a specific platform or vendor or level of readiness, but examples would include: Fabric, Quorum, Corda, Axcore, Cuneiform, and Ripple Connect/RCL. []
  45. While Lightning implementations should not be seen as a rival to enterprise chains (it is an apples to oranges comparison), the requirements gathering and technical hurdles needed to be overcome, are arguably equally burdensome and maybe moreso for enterprise-focused companies.  Why?  Because enterprise-focused vendors each need approval from multiple different stakeholders and committees first before they deploy anything in production especially if it touches a legacy system; most Lightning implementations haven’t actually formally defined who their end-customer is yet, let alone their needs and requirements, so in theory they should be able to “launch” it faster without the check-off. []
  46. For instance, CoinDesk currently has 229 entries for “lightning,” 279 entries for “DLT,” and 257 entries for “permissioned.” []
  47. It bears mentioning that Teechain, can achieve similar KPIs that Lightning can, via the use of hardware, and does so today.  BitGo’s “Instant” and payment channels from Yours also attempt to achieve one similar outcome: securely transmitting value quickly between participants (albeit in different ways). []
  48. We’d need to separate that from the enterprise DLT world because again, enterprise vendors are trying to solve for different use cases and have different customers altogether.  Speaking of which, on the corporate side, there is a growing impatience with “pilots” and some large corporates and institutions are even pulling back.  By and large, “blockchain stuff” (people don’t even agree on a definition still or if it is an uncountable noun) remains a multi-year play and aside from the DA / ASX deal, there were not many 2017 events that signaled a shorter term horizon. []
  49. Note: both the Fedcoin and CAD-coin papers were actually completed and sent to consortium members in November 2016 then three months later, published online. []
  50. One reviewer commented: “There seems to be a whole new wave of both suckers and crooks to exploit the geeks. I have read some the Chartist analysis on forums for more traditional forms of day-trading such as FX day-trading and it is exactly the same rubbish of trying to inject the appearance of intelligence and analysis into markets that the day-traders (and those encouraging them) simply do not understand.” []
  51. A former Coinbase employee, now running a “crypto” hedge fund, was allegedly fired for gambling issues.  Maybe he wasn’t but there are a lot of addicts of many strains actively involved in trading and promoting cryptocurrencies; remember what one of the lessons of Scarface was? []
  52. ERC20 and ERC721 tokens may end up causing a top-heavy problem for Ethereum. See Watermarked tokens and also Integrating, Mining and Attacking: Analyzing the Colored Coin “Game” []
Send to Kindle

External facing appearances for the final months of the year

The past several months have been pretty productive especially in terms of education.

For instance, my “Eight Things” article had over 100,000 views in its first week alone thanks largely to landing on the front page Hacker News and reshares on social media. I may write-up an article breaking down its reception at a later date.

And interestingly, one of my older articles from 2014 recently ended up on the front of /r/DataIsBeautiful generating 15k+ views over a couple of days.

Below are some of my outward facing appearances.  If you’re interested in chatting about the topics below, feel free to reach me via Post Oak Labs.

Interviews

Cited and acknowledged

Panels and presentations

Send to Kindle

How the CME (un)intentionally weighed in on chain splits

For background, this post assumes you have read some (or ideally all) of the previous posts:

Last year, when the CME first announced that it was considering backing a Bitcoin-related futures product, it also announced the CME CF Bitcoin Reference Rate (BRR).  At the time, the reference pricing data came from the following cryptocurrency exchanges: Bitfinex, Bitstamp, GDAX, itBit, Kraken and OKCoin.com (HK).

As of today, the CME has formally whittled down those six into a smaller group of four exchanges: Bitstamp, GDAX, itBit and Kraken.

They did not publicly disclose why they removed Bitfinex and OKCoin, although we can speculate:

  • It is likely they removed OKCoin because of the laws and regulations around cryptocurrencies in China over the past year included various types of bans.  OKCoin’s mainland spot price exchange for yuan <-> cryptocurrency have been shut down.  OKEX, an international subsidiary of OKCoin, replaced the China-based exchanges on its own index (including OKCoin itself).
  • Bitfinex’s corporate and organizational structure has been described in previous articles.  Even though it has the largest trading volume and is the key player to price discovery, it has a lot of red flags around compliance and transparency (described in the links at the top) that likely made organizations such as the CME uneasy.

It bears mentioning that the proposed Winklevoss COIN ETF also went through a similar evolution in terms of how to price the instrument.  The principals initially created and used the Winkdex.  The Winkdex included many different cryptocurrency exchanges over time, including Mt. Gox and BTC-e.  Eventually, in future amended filings to the COIN ETF, the Winkdex was completely discarded in favor of a daily auction price conducted at an exchange (Gemini) that the principals and creators of the COIN ETF owned and managed.  This is chronicled in a paper I wrote last year.

So what does this have to do with the CME and how did the CME (un)intentionally weigh in on the Bitcoin block size debate?

During the recent Bitcoin Core versus SegWit2X (S2X) political battle, one of the four exchanges that constitute the CME reference rate announced which ticker symbol would be attributed to a specific chain.

GDAX (Coinbase), made the following public announcement on October 25:

In our prior blog post we indicated that at the time of the fork, the existing chain will be called Bitcoin (BTC) and the Segwit2x fork will be called Bitcoin2x (B2X).

Since then, some customers have asked us to clarify what will happen after the fork. We are going to call the chain with the most accumulated difficulty Bitcoin.

We will make a determination on this change once we believe the forks are in a stable state. We may also consider other factors such as market cap and community support to determine stability.

It’s important for us to maintain a neutral position in any fork. We believe that letting the market decide is the best way to ensure that Bitcoin remains a fair and open network.

Note: original emphasis is theirs.

There have been several articles that attempted to track and chronicle what all of the exchanges announced with respect to the ticker symbol and the fork.  At the time of this writing, itBit, Kraken, and Bitstamp have not publicly commented on this specific fork (although they have publicly signaled specific views on other proposed forks in the past).

And this creates a challenge for any financial institution attempting to create a financial instrument that is compromised of a basket of cryptocurrency-specific prices from different, independent cryptocurrency exchanges.

Ignoring the lack of adequate market surveillance for the moment, if there is a future fork and the constituent exchanges that comprise the reference data choose different forks to be represented by the same ticker symbol, this will likely create problems for the financial product.

For instance, in a hypothetical scenario in which a fork occurs, and two of the exchanges comprising the BRR index choose one side of the fork to list as “BTC” and the other two exchanges choose the other fork to also represent “BTC,” because these forks are linked to separate different ecosystems and even economic systems the combination could impact the volatility of the product.

Or in short: there is no universal agreement or consensus from cryptocurrency exchanges comprising the BRR about what the ticker symbol, let alone the chain should be defined as.

Concluding remarks

Over the past several years the primary debate has been around scaling, specifically around block sizes.  What if future forks are fought over changes to transaction fees, money supply, or KYC requirements?  This isn’t idle speculation as these have been proposed in the past with both Bitcoin and other cryptocurrencies (Ethereum Classic  held an event last year to focus on what the future money supply generation rate should be).

Obviously this is a situation the CME (and similar financial institutions) wants to avoid at all costs.

In order to do this, it’ll have to pick a side and either:

a) force an errant exchange on its index to fall in line or lose the free marketing; or

b) ditch it from the index

Either way, as by far the largest player in the market, in doing so it will be governing what Bitcoin is.  Unlike what most Bitcoin promoters often think: traders follow liquidity not the other way around so the CME is likely to become kingmaker in Bitcoin political disputes.  It is going to become a key arm in its governance.  That said, as we have seen before, rather than directly get involved with the tribes and religions of development they might simply defer to the incumbent Bitcoin Core rules — so that they can remain above the politics and out of any legal liabilities.

For more detailed commentary on this topic, be sure to read the articles linked to at the top.  This will be worth re-visiting once the CME and other regulated institutions fully launch their proposed products.

Acknowledgements: special thanks to Ciaran Murray for several insights articulated above.

Send to Kindle

Eight Things Cryptocurrency Enthusiasts Probably Won’t Tell You

[Note: I neither own nor have any trading position on any cryptocurrency.  I was not compensated by any party to write this.  The views expressed below are solely my own and do not necessarily represent the views of my employer or any organization I advise.  See Post Oak Labs for more information.]

Alternative title: who will be the Harry Markopolos of cryptocurrencies?

If you don’t know who Harry Markopolos is, quickly google his name and come back to this article.  If you do, and you aren’t completely familiar with the relevance he has to the cryptocurrency world, let’s start with a little history.

Background

Don’t drink the Koolaid

With its passion and perma-excitement, the cryptocurrency community sometimes deludes itself into thinking that it is a self-regulating market that doesn’t need (or isn’t subject to) government intervention to weed out bad actors.1 “Self-regulation,” usually refers to an abstract notion that bad actors will eventually be removed by the action of market forces, invisible hand, etc.

Yet by most measures, many bad actors have not left because there are no real consequences or repercussions for being a bad dude (or dudette).

Simultaneously, despite the hundreds of millions of dollars raised by VCs and over a couple billion dollars raised through ICOs in the past year or so, not one entity has been created by the community with the power or moral authority to rid the space of bad apples and criminals.  Where is the regulatory equivalent of FINRA for cryptocurrencies?2

Part of this is because some elements in the community tacitly enable bad actors. This is done, in some cases, by providing the getaway cars (coin mixers) but also, in other cases, with a wink and a nod as much of the original Bitcoin infrastructure was set-up and co-opted by Bitcoiners themselves, some of whom were bad actors from day one.3

There are many examples, including The DAO.4 But the SEC already did a good dressing down of The DAO, so let’s look at BTC-e.

BTC-e is a major Europe-based exchange that has allegedly laundered billions of USD over the span of the past 6 years.  Its alleged operator, Alexander Vinnik, stands accused of receiving and laundering some of the ill-gotten gains from one of the Mt. Gox hacks (it was hacked many many times) through BTC-e and even Mt. Gox itself.5 BTC-e would later go on to be a favorite place for ransomware authors to liquidate the ransoms of data kidnapping victims.

Who shut down BTC-e?

It wasn’t the enterprising efforts of the cryptocurrency community or its verbose opinion-makers on social media or the “new 1%.”  It was several government law enforcement agencies that coordinated across multiple jurisdictions on limited budgets.6 Yet, like Silk Road, some people in the cryptocurrency community likely knew the operators of the BTC-e and willingly turned a blind eye to serious misconduct which, for so long as it continues, represents a black mark to the entire industry.

In other cases, some entrepreneurs and investors in this space make extraordinary claims without providing extraordinary evidence.  Such as, using cryptocurrency networks are cheaper to send money overseas than Western Union.  No, it probably is not, for reasons outlined by SaveOnSend.7

But those who make these unfounded, feel-good claims are not held accountable or fact-checked by the market because many market participants are solely interested in the value of coins appreciating.  Anything is fair game so as long as prices go up-and-to-the-right, even if it means hiring a troll army or two to influence market sentiment.

And yet in other cases, the focus of several industry trade associations and lobbying groups is to squarely push back against additional regulations and/or enforcement of existing regulations or PR that contradicts their narrative.8

Below are eight suggested areas for further investigation within this active space (there could be more, but let’s start with this small handful):

(1) Bitfinex

Bitfinex is a Hong Kong-based cryptocurrency exchange that has been hacked multiple times.9  Most recently, about 400 days ago, $65 million dollars’ worth of bitcoins were stolen.

Bitfinex eventually painted over these large losses by stealing from its own users, by socializing the deficits that took place in some accounts across nearly all user accounts.10  Bitfinex has – despite promising public audits and explanations of what happened – provided no details about how it was hacked, who hacked it, or to where those funds were drained to.11 It has also self-issued at least two tokens (BFX and RRT) representing their debt and equity to users, listed these tokens on their own exchange and allowed their users to trade them.12

There have been suggestions of impropriety, with its CFO (or CSO?) Phil Potter publicly explaining how they handle being de-banked and re-banked:

“We’ve had banking hiccups in the past, we’ve just always been able to route around it or deal with it, open up new accounts, or what have you… shift to a new corporate entity, lots of cat and mouse tricks that everyone in Bitcoin industry has to avail themselves of.”

Yet there is little action by the cryptocurrency community to seek answers to the open questions surrounding Bitfinex.  I wrote a detailed post several months ago on it and the only reporters who contacted me for follow-ups were from mainstream press.

There are a lot of reasons why, but one major reason could be that some customers have financially benefited from this lack of market surveillance because relatively little KYC (Know Your Customer) is collected or AML (Anti-Money Laundering) enforced, so some trades and/or taxes are probably unreported.13 This wouldn’t be an isolated incident as the IRS has said less than 1,000 United States persons have been filing taxes related to “virtual currencies” each year between 2013 – 2015.

But that’s not all.

The latest series of drama began earlier this spring: Bitfinex sued Wells Fargo who had been providing correspondent banking access to Bitfinex’s Taiwanese banking partners.  Wells Fargo ended this relationship which consequently tied up tens of millions of USD that was being wired internationally on behalf of Bitfinex’s users.  About a week later Bitfinex dropped the suit and at least one person involved on the compliance side of a large Taiwanese bank was terminated due to the misrepresentation of the Bitfinex account relationship.

This also impacted the price of Tether.

Tether, as its name suggests, is a proprietary cryptocurrency (USDT) that is “always backed by traditional currency held in our reserves.”  It initially used a cryptocurrency platform called Mastercoin (rebranded to Omni) and recently announced an ERC20 token on top of Ethereum.1415

As a corporate entity, Tether’s governance, management, and business are fairly opaque.  No faces or names of employees or personnel can be found on its site.16  Bitfinex was not only one of its first partners but is also a shareholder.  Bitfinex has also created a new ICO trading platform called Ethfinex and just announced that Tether will be partnering with it in some manner.17

Tether as an organization creates coins.  These coins are known as Tethers that trade under the ticker $USDT each of which, as is claimed on their webpage, is directly linked, 1-for-1, with USD and yen equivalents deposited in commercial banks.  But after the Wells Fargo suit was announced, USDT “broke the buck” and traded at $0.92 on the dollar.18   It has fluctuated a great deal during the summer currently trades at $1.00 flat.

Which leads to the question: are the seven banks listed by the recent CPA disclosure aware of what Tether publicly advertises its USDT product as?19

Source: Tether LTD

Who is responsible for issuance, and how if at all can they be redeemed?  Are they truly backed 1:1 or is there some accounting sleight-of-hand taking place behind the scenes?20  Where are those reserves going to be exactly?  Who will have access to them?  Will either Tether (the company) or Bitfinex going to use them to trade?21 These are the types of questions that should be asked and publicly answered.

The only reason anyone is learning anything about the project is because of an anonymous Tweeter, going by the handle @Bitfinexed, who seemingly has nothing better to do than listen to hundreds of hours of audio archives of Bitcoiners openly bragging about their day trading schemes and financial markets acumen (in that order).

Despite myself and others having urged coin media to do so, to my knowledge there have been no serious investigations or transparency as to who owns or runs this organization.  Privately, some reporters have blamed a lack of resources for why they don’t pursue these leads; this is odd given the deluge of articles posted every month on the perpetual block size debate that will likely resolve itself in the passage of time.

The only (superficial) things we know about Tether (formerly Realcoin) is from the few bits of press releases over time.22  Perhaps this is all just a misunderstanding due to miscommunication.23  Who wants to fly to Hong Kong and/or Taiwan to find out more?

(2) Ransomware, Ponzi’s, Zero-fee and AML-less exchanges

Last month a report from Xinhua found that:

China’s two biggest bitcoin exchanges, Huobi and OKCoin, collectively invested around 1 billion yuan ($150 million) of idle client funds into “wealth-management products.”

In other words, the reason these exchanges were able to operate and survive while charging zero-fees is partially offset by these exchanges using customer deposits to invest in other financial products, without disclosing this to customers.24

Based on conversations with investigative reporters and former insiders, it appears that many, if not most, mid-to-large exchanges in China used customer deposits (without disclosing this fact) to purchase other financial products.  It was not just OKCoin and Huobi but also BTCC (formerly BTC China) and others.  This is not a new story (Arthur Hayes first wrote about it in November 2015), but the absence of transparency in how these exchanges and intermediaries are run ties in with what we have seen at BTC-e.  While there were likely a number of legitimate, non-illicit users of BTC-e (like this one Australian guy), the old running joke within the community is that hackers do not attack BTC-e because it was the best place to launder their proceeds.

Many exchanges, especially those in developing countries lacking KYC and AML processes, directly benefited from thefts and scams.  Yet we’ve seen very little condemnation from the main cheerleaders in the community.25

For example, two years ago in South Africa, MMM’s local chapter routed around the regulated exchange, patronizing a new exchange that wouldn’t block their transactions.26  MMM is a Ponzi scheme that has operated off-and-on for more than twenty years in dozens of countries.  In its most current incarnation it has raised and liquidated its earnings via bitcoin.  As a result, the volume on the new exchange in South Africa outpaced the others that remained compliant with AML procedures.  Through coordination with law enforcement it was driven out for some time, but in January of this year, MMM rebooted and it is now reportedly back in South Africa and Nigeria.  The same phenomenon has occurred in multiple other countries including China, wherein, according to inside sources, at least one of the Big 3 exchanges gave MMM representatives the VIP treatment because it boosted their volume.

It was a lack of this market surveillance and customer protections and outright fraud that eventually led to many of the Chinese exchanges being investigated and others raided by local and national regulators in a coordinated effort during early January and February 2017.27

Initially several executives at the non-compliant exchanges told coin media that nothing was happening, that all the rumors of investigation was “FUD” (fear, uncertainty, doubt).  But they were lying.28

Regulators had really sent on-site staff to “spot check” and clean up the domestic KYC issues at exchanges.  They combed through the accounting books, bank accounts, and trading databases, logging the areas of non-compliance and fraud.  This included problems such as allowing wash-trading to occur and unclear margin trading terms and practices.29 Law enforcement showed these problems (in writing) to exchange operators who had to sign and acknowledge guilt: that these issues were their responsibility and that there could be future penalties.

Following the recent government ban on ICO fundraising (described in the next section), all exchanges in China involved in fiat-to-cryptocurrency trades have announced they will close in the coming weeks, including Yunbi, an exchange that was popular with ICO issuers.30  On September 14th, the largest exchange in Shanghai, BTCC (formerly BTC China), announced it would be closing its domestic exchange by the end of the month.31 It is widely believed it was required to do so for a number of compliance violations and for having issued and listed an ICO called ICOCoin.32

Source: Tweet from Linke Yang, co-founder of BTCC

The two other large exchanges, OKCoin and Huobi, both announced on September 15th that they will be winding down their domestic exchange by October 31st.33  Although according to sources, some exchange operators hope this enforcement decision (to close down) made by regulators will quietly be forgotten after the Party Congress ends next month.34

One Plan B is a type of Shanzhai (山寨) hawala which has already sprung up on Alibaba whereby users purchase discrete units of funds as a voucher from foreign exchanges (e.g., $1,000 worth of BTC at a US-based exchange).35  Many exchanges are trying to setup offices and bank accounts nearby in Hong Kong, South Korea, and Japan, however this will not solve their ability to fund RMB-denominated trades.36

It is still unclear at this time what the exact breakdown in areas of non-compliance were largest (or smallest).37  For instance, how common was it to use a Chinese exchange for liquidating ransomware payments?

As mentioned in an earlier post, cryptocurrencies are the preferred payment method for ransomware today because of their inherent characteristics and difficulty to reclaim or extract recourse.  One recent estimate from Cybersecurity Ventures is that “[r]ansomware damage costs will exceed $5 billion in 2017, up more than 15X from 2015.”  The victims span all walks of life, including the most at-risk and those providing essential services to the public (like hospitals).

But if you bring up this direct risk to the community, be prepared to be shunned or given the “whataboutism” excuse: sure bitcoin-denominated payments are popular with ransomware, but whatabout dirty filthy statist fiat and the nuclear wars it funds!

Through the use of data matching and analytics, there are potential solutions to these chain of custody problems outlined later in section 8.

(3) Initial coin offerings (ICOs)

Obligatory South Park reference (Credit: Jake Smith)

Irrespective of where your company is based, the fundraising system in developed – let alone developing countries – is often is a time consuming pain in the rear.  The opportunity costs foregone by the executive team that has to road show is often called a necessary evil.

There has to be a more accessible way, right?  Wouldn’t it just be easier to crowdfund from (retail) investors around the world by selling or exchanging cryptocurrencies directly to them and use this pool of capital to fund future development?

Enter the ICO.

In order to participate in a typical ICO, a user (and/or investor) typically needs to acquire some bitcoin (BTC) or ether (ETH) from a cryptocurrency exchange.  These coins are then sent to a wallet address controlled by the ICO organizer who sometimes converts them into fiat currencies (often without any AML controls in place), and sends the user/investor the ICO coin.38

Often times, ICO organizers will have a private sale prior to the public ICO, this is called a pre-sale or pre-ICO sale.  And investors in these pre-sales often get to acquire tokens at substantial discounts (10 – 60%) than the rate public investors are offered.39.  ICO organizers typically do not disclose what these discounts are and often have no vesting cliffs attached to them either.

The surge in popularity of ICOs as a way to quickly exploit and raise funds (coins) and liquidate them on secondary markets has transitively led to a rise in demand of bitcoin, ether, and several other cryptocurrencies.  Because the supply of most of the cryptocurrencies is perfectly inelastic, any significant increase (or decrease) in demand can only be reflected via volatility in prices.

Hence, ICOs are one of the major contributing factors as to why we have seen record high prices of many different cryptocurrencies that are used as gateway coins into ICOs themselves.

According to one estimate from Coin Schedule, about $2.1 billion has been raised around the world for 140 different ICOs this year.40  My personal view is that based on the research I have done, most ICO projects have intentionally or unintentionally created a security and are trying to sell it to the public without complying with securities laws.41 Depending on the jurisdiction, there may be a small handful of others that possibly-kinda-sorta have created a new coin that complies with existing regs.42  Maybe.

Ignoring the legal implications and where each fits on that spectrum for the moment, many ICOs to-date have pandered to and exploited terms like “financial inclusion” when it best suits them.43  Others pursue the well-worn path of virtue signaling: Bitcoiners condemning the Ethereum community (which itself was crowdfunded as an ICO), because of the popularity in using the Ethereum network for many ICOs… yet not equally condemning illicit fundraising that involves bitcoin or the Bitcoin network or setting up bucket shops such as Sand Hill Exchange (strangely one of its founders who was sued by the SEC now writes at Bloomberg).

The cryptocurrency community as a whole condemned the “Chinese government” for its recent blanket ban on fundraising and secondary market listing of ICOs.44 The People’s Bank of China (PBOC) is one of seven regulators to enforce these regulations yet most of the public antagonism has been channeled at just the PBOC.45

Irrespective of whether you think it was the right or wrong thing to do because you heart blockchains, the PBOC and other regulators had quite valid reasons to do so: some ICO creators and trading platforms were taking funds they received from their ICO and then re-investing those into other ICOs, who in turn invested in other ICOs, and so forth; creating a fund of fund of funds all without disclosing it to the public or original investors.46 ICO Inception (don’t tell Christopher Nolan).

In China and in South Korea, and several other countries including the US, there is a new cottage industry made of up entities called “community managers” (CM) wherein an ICO project hires an external company (a CM) who provides a number of services:

  1. for X amount of BTC the CM will actively solicit and get your coin listed on various exchanges;
  2. the CM takes a sales commission while marketing the coin to the public such that after the ICO occurred, they would take a juicy cut of the proceeds; and several other promotional services.47

The ICO issuers and fundraising/marketing teams usually organize a bunch of ICOs weekly and typically employ a market maker (known as an “MM” in the groups) whose role is to literally pump and dump the coin.  They engage in ‘test pumps’ and ‘shakeouts’ to get rid of the larger ICO investors so they can push the price up on a thin order book by 10x, 20x, or 30x before distributing and pulling support. You can hire the services of one of these traders in many of the cryptocurrency trading chat groups.48

There were even ICO boot camps (训练营) in China (and elsewhere) usually setup with shady figures with prior experience in pyramid schemes.49  Here they coached the average person to launch an ICO on the fly based on the ideas of this leader to people of all demographics including the vulnerable and at-risk.50  Based on investigations which are still ongoing, the fraud and deceit involved was not just one or two isolated incidents, it was rampant.51 Obtaining the training literature that was given to them (e.g., the script with the promises made) would make for a good documentary and/or movie.

Scene from Boiler Room

In other words, the ICO rackets have recreated many aspects of the financial services industry (underwriters, broker/dealers) but without any public disclosures, organizational transparency, investor protections, or financial controls.  Much like boiler rooms of days past.  It is no wonder that with all of this tomfoolery, according to Chainalysis, that at least $225 million worth of ETH has been stolen from ICO-related fundraising activity this past year.52

At its dizzying heights, in China, there were about sixty ICO crowdfunding platforms each launching (or trying to launch) new ICOs on a monthly basis.53  And many of these platforms also ran and operated their own exchanges where insiders were pumping (and dumping) and seeing returns of up to 100x on coins that represented “social experiments to test human stupidity” such as the performance art pictured below.

One recent estimate from Reuters was that in China, “[m]ore than 100,000 investors acquired new cryptocurrencies through 65 ICOs in January-June [2017].”54  It’s still unclear what the final straw was, but the universal rule of don’t-pitch-high-risk-investment-schemes-to-grandmothers-on-fixed-incomes was definitely breached.

As a result, the PBOC and other government entities in China are now disgorging any funds (about $400 million) that ICOs had raised in China.55  This number could be higher or lower depending on how much rehypothecation has taken place (e.g., ICOs investing in ICOs).  All crowdfunding platforms such as ICOAGE and ICO.info have suspended operations and many have shut down their websites.  In addition, several executives from these exchanges have been given a travel ban.56

Cryptocurrency exchanges (the ones that predated the ICO platforms) have to delist ICOs and freeze plans from adding any more at this time.  Multiple ICO promotional events, including those by the Fintech Blockchain Group (a domestic fund that organized, promoted, and invested in ICOs) have been canceled due to the new ban.57  Several well-known promoters have “gone fishing” overseas.  This past week, Li Xiaolai, an early Bitcoin investor and active ICO promoter, has publicly admitted to having taken the ICO mania too far (using a car acceleration example), an admission many link to the timing of this crackdown and ban.58

A real ICO in China: “Performance Art Based on Block Chain Technology” (Source)

For journalists, keep in mind this is (mostly) just one country described above.  It would be a mistake to pin all of the blame on just the ICO operators based in China as similar craziness is happening throughout the rest of the world (observe the self-serving celebrity endorsements).  Be sure to look at not just the executives involved in an ICO but also the advisors, investors, figureheads, and anyone who is considered “serious” lending credibility to dodgy outfits and dragging the average Joe (and Zhou) and his fixed income or meager savings into the game.

There may be a legitimate, legal way of structuring an ICO without running afoul of helpful regulations, but so far those are few and far between.  Similarly, not everyone involved in an ICO is a scammer but it’s more than a few bad apples, more like a bad orchard.  And as shown above with the initial enforcement actions of just one country, short sighted hustling by unsavory get-rich-quick partisans unfortunately might deep-six the opportunities for non-scammy organizations and entrepreneurs to utilize a compliant ICO model in the future.59

(4) VC-backed entities

Theranos, Juicero, and Hampton Creek, meet Coinbase, 21.co, Blockstream, and several others.

Okay, so that may be a little exaggerated.  But still the same, few high-profile Bitcoin companies are publishing daily active or monthly active user numbers for a variety of reasons.

Founded in May 2012, the only known unicorn to-date is Coinbase.  Historically it has kept traction stats close to the chest but we got a small glimpse at what Coinbase’s user base was from an on-going lawsuit with the IRS.  According to one filing, between 2013-2015 (the most recent publicly available data) Coinbase had around 500,000 users, of which approximately 14,355 accounts conducted at least $20,000 in business.60 This is a far cry from the millions of wallets we saw as a vanity statistic prominently displayed on its homepage during that same time period.61

What did most users typically do?  They created an account, bought a little bitcoin, and then hoarded it – very few spent it as if it were actual money which is one of the reasons why they removed a publicly viewable transaction chart over a year ago.62

To be fair, the recent surge in market prices for cryptocurrencies has likely resulted in huge user growth.  In fact, Coinbase’s CEO noted that 40,000 new users signed up on one day this past May.  But some of this is probably attributed to new users using Coinbase as an on-and-off ramp: United States residents acquiring bitcoin and ether on Coinbase and then participating in ICOs elsewhere.63

After more than $120 million in funding, 21.co (formerly 21e6) has not only seen an entire executive team churn, but a huge pivot from building hardware (Bitcoin mining equipment) into software and now into a pay-as-you-go-LinkedIn-but-with-Bitcoin messaging service.  Launched with much fanfare in November 2015, the $400 Amazon-exclusive 21.co Bitcoin Computer was supposed to “return economic power to the individual.”

In reality it was just a USB mining device (a Raspberry Pi cobbled together with an obsolete mining chip) and was about as costly and useful as the Juicero juicing machine.  It was nicknamed the “PiTato” and unit sales were never publicly disclosed.  Its story is not over: in the process of writing this article, 21.co announced it will be launching a “social token” (SOC) by the end of the year.64

Blockstream is the youngest of the trio.  Yet, after three years of existence and having raised at least $76 million, as far as the public can tell, the company has yet to ship a commercial product beyond an off-the-shelf hardware product (Liquid) that generates a little over $1 million in revenue a year.65  It also recently launched a satellite Bitcoin node initiative it borrowed from Jeff Garzik, who conceived it on a budget of almost nothing about three years ago.66

To be fair though, perhaps it does not have KPIs like other tech companies.  For instance, about two and half years ago, one of their largest investors, Reid Hoffman, said Blockstream would “function similarly to the Mozilla Corporation” (the Mozilla Corporation is owned by a nonprofit entity, the Mozilla Foundation).  He likened this investment into “Bitcoin Core” (a term he used six times) as a way of “prioritiz[ing] public good over returns to investors.”  So perhaps expectations of product roadmaps is not applicable.

On the flipside, some entrepreneurs have explained that their preference for total secrecy is not necessary because they are afraid of competition (that is a typical rationale of regular startups), but because they are afraid of regulators via banks.67  For example, a regulator sees a large revenue number, finds out which bank provides a correspondent service and if the startup is fully compliant with AML, CFT, and KYC processes, starts auditing that bank, and banks re-evaluates NPV of working with a startup and potentially drops it.  Until that changes, we will not know volumes for Abra, Rebit, Luno, and others and that is why a year-old claim about 20% market share in the South Korea -> Philippines remittance corridor remains evidence-free.6869

While we would all love to see more data, this is a somewhat believable argument.  A more insightful question might be if/when we get to a point where supporting Bitcoin players becomes enough of real revenue that banks would agree to higher investments and support.  In the meantime, business journalists should drill down into the specifics about how raised money has been spent, is compliance being skirted, customer acquisition costs, customer retention rate, etc.70

(5) The decline of Maximalism

If you were to draw a Venn diagram, where one circle represented neo Luddism and another circle represented Goldbugism, the areas they overlap would be cryptocurrency Maximalism (geocentrism and all).71  This increasingly smaller sect, within the broader cryptocurrency community, believes in a couple of common tenets but most importantly: that only one chain or ledger or coin will rule them all.  This includes the Ethereum Classic (ETC) and Bitcoin Core sects, among others.

They’re a bit like the fundamentalists in that classic Monty Python “splitters” sketch but not nearly as funny.

If you’re looking to dig into defining modern irony, these are definitely the groups to interview.  For instance, on the one hand they want and believe their Chosen One (typically BTC or ETC) should and will consume the purchasing power of all fiat currencies, yet they dislike any competing cryptocurrency: it is us versus them, co-existence is not an option!  The rules of free entry do not apply to their coin as somehow a government-free monopoly will form around their coin and only their coin.  Also, you should buy a lot of their coin, like liquidate your life savings asap and buy it now.

Artist rendering of proto-Bitcoin Maximalism, circa 14th century

This rigidity has diminished over time.

Whereas, three years ago, most active venture capitalists and entrepreneurs involved in this space were antagonistic towards anything but bitcoin, more and more have become less hostile with respect to new and different platforms.

Source: Twitter

For instance, Brian Armstrong (above), the CEO of Coinbase, two and a half years ago, was publicly opposed to supporting development activities towards anything unrelated to Bitcoin.

But as the adoption winds shifted and Ethereum and other platforms began to see growth in their development communities (and coin values), Coinbase and other early bastions of maximalism began to support them as well.

Source: Twitter (1 2)

There will likely be permanent ideological holdouts, but as of this writing I would guesstimate that less than 20% of the bitcoin holders I have interacted with over the past 6-9 months would label themselves maximalists (the remaining would likely self-identify with the “UASF” and “no2x” tags on Twitter).

So interview them and get their oral history before they go extinct!

(6) Market caps

There is very little publicly available analysis of what is happening with Bitcoin transactions (or nearly all cryptocurrencies for that matter): dormant vs. active, customers vs. accounts, transaction types (self-transfers vs. remittances vs. B2B, etc.).

On-chain transaction growth seems to be slowing down on the Bitcoin network and we don’t have good public insights on what is going on: are there are pockets of growth in real adoption or just more wallet shuffling?

In other words, someone should be independently updating “Slicing data” but instead all we pretty much see is memes of Jamie Dimon or animated gifs involving roller coaster prices.72

In the real world, “market cap” is based on a claim on a company’s assets and future cash flows.  Bitcoin (and other cryptocurrencies) has neither — it doesn’t have a “market cap” any more than does the pile of old discarded toys in your garage.

“Market Cap” is a really dumb phrase when applied to the cryptocurrency world; it seems like one of those seemingly straightforward concepts ported to the cryptocurrency world directly from mainstream finance, yet in our context it turns into something misleading and overly simplistic, but many day traders in this space who religiously tweet about price action love to quote.

The cryptocurrency “market cap” metric is naively simplistic: take the total coin supply, and multiply it by the current market price, and voila!  Suddenly Bitcoin is now approaching the market cap of Goldman Sachs!73

Yeah, no.

To begin with, probably around 25% or more of all private keys corresponding to bitcoins (and other cryptocurrencies too) have been permanently lost or destroyed.74  Most of these were from early on, when there was no market price and people deleted their hard drives with batches of 50 coins from early block rewards without backing them up or a second thought.

Extending this analogy, 25% of the shares in Goldman Sachs cannot suddenly become permanently ownerless.  These shares are registered assets, not bearer assets.  Someone identifiable owns them today and even if there is a system crash at the DTCC or some other CSD, shareholders have a system of recourse (i.e., the courts) to have these returned or reissued to them with our without a blockchain.  Thus, anytime you hear about “the market price of Bitcoin has approached $XXX billion!” you should automatically discount it by at least 25%.

Also, while liquidity providers and market makers in Bitcoin have grown and matured (Circle’s OTC desk apparently trades $2 billion per month), this is still a relatively thinly traded market in aggregate.  It is, therefore, unlikely that large trading positions could simultaneously move into and out of billion USD positions each day without significantly moving the market.  A better metric to look at is one that involves real legwork to find: the average daily volume on fee-based, regulated spot exchanges combined with regulated OTC desks.  That number probably exists, but no one quotes it.  Barring this, an interim calculation could be based on “coins that are not lost or destroyed.”

(7) Buy-side analysts and coin media

We finally have some big-name media beginning to dig into the shenanigans in the space.  But organizations like CoinDesk, Coin Telegraph, and others regularly practice a brand of biased reporting which primarily focus on the upside potential of coins and do not provide equal focus on the potential risks.75  In some cases, it could be argued that these organizations act as slightly more respectable conduits for misinformation churned out by interested companies.76

Common misconceptions include continually pushing out stories like the example above, on “market caps” or covering vanity metrics such as growth in wallet numbers (as opposed to daily active users).  It is often the case that writers for these publications are heavily invested in and/or own cryptocurrencies or projects mentioned in their stories without public disclosure.

This is not to say that writers, journalists, and staff at these organizations should not own a cryptocurrency, but they should publicly disclose any trading positions (including ‘hodling’ long) as the sentiment and information within their articles can have a material influence on the market prices of these coins.

For instance, CoinDesk is owned by Digital Currency Group (DCG) who in turn has funded 80-odd companies over the last few years, including about 10 mentioned in this article (such as Coinbase and BTC China).  DCG also is an owner of a broker/dealer called Genesis Trading, an OTC desk which trades multiple cryptocurrencies that DCG and its staff, have publicly acknowledged at having positions in such as ETC, BTC and LTC.77

What are the normal rules around a media company (and its staff) retweeting and promoting cryptocurrencies or ICOs the parent company or its principals has a stake in?

If coin media wants to be taken seriously it will have to take on the best practices and not appear to be a portfolio newsletter: divorce itself of conflicts of interest by removing cross ownership ties and prominently disclose all of the remaining potential conflicts of interest with respect to ownership stakes and coin holdings.  Markets that transmit timely, accurate, and transparent information are better markets and are more likely to grow, see, and support longer-term capital inflows.78

Source: Twitter

Source: Twitter

For example, if Filecoin is a security in the US (which its creators have said it is), and DCG is an equity holder in Filecoin/Protocol Labs (which it is)… and DCG is an owner in CoinDesk, what are the rules for retweeting this ICO above?  There are currently 16 stories in the CoinDesk archive which mention Filecoin, including three that specifically discuss its ICO.  Is this soliciting to the public?79

Similarly, many of the buy-side analysts that were actively publishing analysis this past year didn’t disclose that they had active positions on the cryptocurrencies they covered.  We recently found out that one lost $150,000 in bitcoins because someone hacked his phone.

At cryptocurrency events (and fintech events in general), we frequently hear buzz word bingo including: smart assets, tokens, resilience, pilots, immutability, even in-production developments, but there is often no clear articulation of what are the specific opportunities to save or make money for institutions if they acquire a cryptocurrency or uses its network to handle a large portion of their business.80

This was the core point of a popular SaveOnSend article on remittances from several years ago.  I recommend revisiting that piece as a model for similar in-depth assessments done by people who understand B2B payments, correspondent banking and other part of global transfers.  Obviously this trickles into the other half of this space, the enterprise world which is being designed around specific functional and non-functional requirements, the SLAs, compliance with data privacy laws, etc., but that is a topic for another day.

What about Coin Telegraph?  It is only good for its cartoon images.81

Source: LinkedIn

There are some notable outliers that serve as good role models and exceptions to the existing pattern and who often write good copy.  Examples of which can be found in long end note.82

Obviously the end note below is non-exhaustive nor an endorsement, but someone should try to invite some or all these people above to an event, emceed by Taariq Lewis.  That could be a good one.

(8) Analytics

What about solutions to the problems and opaqueness described throughout this article?

There are just a handful of startups that have been funded to create and use analytics to identify usage and user activity on cryptocurrency networks including: Chainalysis, Blockseer, Elliptic, WizSec, ScoreChain, Skry (acquired by Bloq) – but they are few and far between.83  Part of the reason is because the total addressable market is relatively small; the budgets from compliance departments and law enforcement is now growing but revenue opportunities were initially limited (same struggle that coin media has).  Another is that the analytic entrepreneurs are routinely demonized by the same community that directly benefits from the optics they provide to exchanges in order to maintain their banking partnerships and account access.

Such startups are shunned today, unpopular and viewed as counter to the roots of (pseudo) anonymous cryptocurrencies, however, as regulation seeps into the industry an area that will gain greater attention is identification of usage and user activities.

For instance, four years ago, one article effectively killed a startup called Coin Validation because the community rallied (and still rallies) behind the white flag of anarchy, surrendering to a Luddite ideology instead of supporting commercial businesses that could help Bitcoin and related ideas and technologies comply with legal requirements and earn adoption by mainstream commercial businesses.  For this reason, cryptocurrency fans should be very thankful these analytics companies exist.

Source: Twitter. Explanation: Wanna Cry ransomware money laundering with Bitcoins in action. Graph shows Bitcoin being converted to Monero (XMR) via ShapeShift.io

More of these analytics providers could provide even better optics into the flow of funds giving regulated institutions better handling of the risks such as the money laundering taking place throughout the entire chain of custody.

Without them, several large cryptocurrency exchanges would likely lose their banking partners entirely; this would reduce liquidity of many trading pairs around the world, leading to prices dropping substantially, and the community relying once again on fewer sources of liquidity run out of the brown bags on shady street corners.84

One key slide from Kim Nilsson’s eye-opening presentation: Cracking MtGox

And perhaps there is no better illustration of how these analytic tools can help us understand the fusion of improper (or non-existent) financial controls plus cryptocurrencies: Mt. Gox.  Grab some warm buttery popcorn and be sure to watch Kim Nilsson’s new presentation covering all of the hacks that this infamous Tokyo-based exchange had over its existence.

Journalists, it can be hard to find but the full order book information for many exchanges can be found with enough leg work.   If anyone had the inclination to really want to understand what was going on at the exchange, there are 3rd parties which have a complete record of the order book and trades executed.

Remember, as Kim Nilsson and others have independently discovered, WillyBot turned out to be true.

Final Remarks

The empirical data and stories above do not mean that investors should stop trading all cryptocurrencies or pass on investing in blockchain-related products and services.

To the contrary, the goal of this article is to elevate awareness that this industry lacks even the most basic safeguards and independent voices that would typically act as a counterbalance against bad actors.  In this FOMO atmosphere investors need to be on full alert of the inherent risks of a less than transparent market with less than accurate information from companies and even news specialists.

Cryptocurrencies aren’t inherently good or bad.  In a single block, they can be used as a means to reward an entity for securing transactions and also a payment for holding data hostage.

One former insider at an exchange who reviewed this article summarized it as the following:

The cryptocurrency world is basically rediscovering a vast framework of securities and consumer protection laws that already exist; and now they know why they exist. The cryptocurrency community has created an environment where there are a lot of small users suffering diffuse negative outcomes (e.g., thefts, market losses, the eventual loss on ICO projects). And the enormous gains are extremely concentrated in the hands of a small group of often unaccountable insiders and “founders.” That type of environment, of fraudulent and deceptive outcomes, is exactly what consumer and investor protection laws were created for.

Generally speaking, most participants such as traders with an active heartbeat are making money as the cryptocurrency market goes through its current bull run, so no one has much motive to complain or dig deeper into usage and adoption statistics.  Even those people who were hacked for over $100,000, or even $1 million USD aren’t too upset because they’re making even more than that on quick ICO returns.

We are still at the eff-you-money stage, in which everyone thinks they are Warren Buffett.85  The Madoffs will only be revealed during the next protracted downturn.  So if you’re currently getting your cryptocurrency investment advice from permabull personalities on Youtube, LinkedIn, and Twitter with undisclosed positions and abnormally high like-to-comment ratios, you might eventually be a bag holder.86

Like any industry, there are good and bad people at all of these companies.  I’ve met tons of them at the roughly 100+ events and meetups I have attended over the past 3-4 years and I’d say that many of the people at the organizations above are genuinely good people who tolerate way too much drivel.  I’m not the first person to highlight these issues or potential solutions.  But I’m not a reporter, so I leave you with these leads.

While everyone waits for Harry Markopolos to come in and uncover more details of the messes in the sections above, other ripe areas worth digging into are the dime-a-dozen cryptocurrency-focused funds.

Future posts may look at the uncritical hype in other segments, including the enterprise blockchain world.  What happened after the Great Pivot?

[Note: if you found this research note helpful, be sure to visit Post Oak Labs for more in the future.]

Acknowledgements

To protect the privacy of those who provided feedback, I have only included initials: JL, DH, AL, LL, GW, CP, PD, JR, RB, ES, MW, JK, RS, ZK, DM, SP, YK, RD, CM, BC, DY, JF, CK, VK, CH, HZ, and PB.

End notes

  1. One reviewer commented: “Another meta-topic is the notion of “community,” which is a myth if you ask me.  Why hasn’t the “community” done “X”? Because the word is mostly a marketing fiction.” See also the discussion of the idea that “Code is not law” []
  2. One former regulator mentioned: “The cryptocurrency community needs to police itself better or it risks being policed more severely by unfriendly and unsympathetic regulators.  Self-regulation is what certain hands-off banking supervisors attempted with US banks and other financial institutions 15 years ago and that ended poorly for many parties including those who were not directly responsible for making the poor decisions in the first place.  Even in sports it is understood, with the exception of golf, it doesn’t work. In this Wild West atmosphere where are the sheriffs?” []
  3. Not unique to cryptocurrencies, but by enabling such bad actors, certain platform operators may even increase their short term profit. []
  4. Report of Investigation Pursuant to Section 21(a) of the Securities Exchange Act of 1934: The DAO []
  5. For an in-depth look at how the various moving pieces of the ecosystem interact, see: The flow of funds on the Bitcoin network in 2015, Cryptocurrency KYSF: Know Your Source of Funds, and Cryptocurrency KYSF: Know Your Source of Funds part 2 []
  6. Bitcoin Exchange Was a Nexus of Crime, Indictment Says from The New York Times []
  7. For an in-depth look at these different costs, it is highly recommended to read this post from Save on Send.  Some are convinced that this is the case because, on a small scale, the illiquidity of the end points serves to finance the operation, i.e. buying BTC with USD then selling BTC for MXN, may allow an apparent savings when compared with traditional remittance service providers.  Also oft-forgotten is the cost of cash-out and distribution of cash at the end point; also KYC / AML / CFT functions are frequently left-off the calculation. []
  8. One reviewer stated that, “Any working groups advising the government on policy are certainly worthy of investigation. Who are these people and what are their potential conflicts of interest?  For starters, in the US look at The Bitcoin Foundation and the Blockchain Alliance.” []
  9. It has a complex corporate structure and is nominally based in Hong Kong, operations and incorporation of subsidiaries are in other jurisdictions including BVI. []
  10. There were exceptions. Some users reported smaller haircuts as they were customers of SynapsePay.  Another user claims to have retained a lawyer and he did not have any haircut.  I independently verified this with an executive at SynapsePay. []
  11. Phil Potter, an executive at Bitfinex, has spoken about the hack on multiple different podcasts including once in detail, but this has since been deleted. []
  12. Bitfinex also recently announced that they will be doing an ICO (called NEC) to capitalize on the current token mania. []
  13. Bitfinex does do KYC and AML when a user withdraws USD and when they receive subpoenas. []
  14. ERC20 tokens are arguably not the same thing as a cryptocurrency, they are more like colored coins. See “Watermarked tokens and pseudonymity on public blockchains” by Tim Swanson. []
  15. Tether brings tokenised USD to Ethereum network from Finextra []
  16. We only know who is involved through various reddit threads wherein users dox and identify themselves as employees and founders. []
  17. Tether brings tokenised USD to Ethereum network from Finextra []
  18. This wouldn’t be the first time that a peg “broke the buck;” money market funds have been propped up by a parent organization in the past. []
  19. Tether Update []
  20. One reviewer noted that: “Theoretically they could maintain a fractional reserve to service redemptions although this isn’t a problem per se, provided that it is disclosed.  By saying you have “cash” backing, you could have some really bizarre stuff, like USD loans to unsavory entities.  But maybe they do not do this either.”  []
  21. Source for some of these questions. []
  22. One reviewer commented: “Tether offers users a way to move USD from one country to another, much like Western Union. So Tether should be obligated to run KYC/AML checks on not only those who are depositing US$ funds to get new Tethers (as it currently does), but also everyone who uses second-hand Tethers (it doesn’t). Now if Tether was like bitcoin, and had no physical address, it would be complicated for the authorities to enforce this requirement. But Tether is anchored to the brick & mortar banking system, so law enforcement should be easier, will it?” []
  23. One reviewer commented: “Let’s assume the worst for Tether, what does that mean?  If it were to collapse would it harm the small investors or the whales? A few exchanges that allow Tether also allow you to hold your deposits in USD, aside from the ability to send USDT between exchanges, which arguably could actually be a net positive because it allows clients to net positions between exchanges potentially reducing the overall credit in the system. But this goes back to one of their continual issues: lack of communicating and transparency for how the whole money issuance and transmission process works.” []
  24. Note: they did have withdrawal fees which likely generated revenue from arbitrageurs.  Several of the larger exchanges also raised venture capital and setup (and still run) order books outside of China with other business lines which may help offset some costs. []
  25. Described in further detail, “Comments on the COIN ETF (SR-BatsBZX-2016-30)” by Tim Swanson []
  26. See the section “Stopping Predators” within A Kimberley Process for Cryptocurrencies []
  27. China Central Bank Said to Call Bitcoin Exchanges for Talks from Bloomberg []
  28. In addition to lying about being investigated, they were lying about the true volume on their exchanges.  When the zero-fee domestic exchanges were required to add a minimum fee (to discourage wash trading), volume plummeted. []
  29. Central bank warns Bitcoin exchanges over margin trading, money laundering from Xinhua and Chinese bitcoin exchanges resume withdrawals after freeze from Reuters []
  30. Li Xiaolai: Yunbi Is Winding Down In 3 Months from 8BTC []
  31. BTCC to Cease China Trading as Media Warns Closures Could Continue from CoinDesk []
  32. Sources: CNLedger and ICOcoinOfficial []
  33. Huobi, OKCoin to Stop Yuan-to-Bitcoin Trading By October’s End from CoinDesk []
  34. The 19th National Congress of the Communist Party of China starts on October 18th.  All exchanges involving fiat-to-cryptocurrency trades will be closed. Both OKCoin and Huobi have overseas platforms (with independent order books and bank accounts independent of the domestic Chinese exchanges).  These have cryptocurrency-to-cryptocurrency trading and will remain operating.  Currently, users of the domestic fiat-to-currency platform can move their coins to the overseas platforms. []
  35. Something similar was done with voucher codes sold on Taobao in 2014 as well.  See After Crackdown, A New Bitcoin King Emerges in China from Wired []
  36. At one time or another, the spot price for each of the three large Chinese exchanges was a constituent part of several different pricing indices including the Winkdex, TradeBlock XBX index, and others such as OKEX (OKEX is an international subsidiary of OKCoin who replaced these exchanges on its own index).  This is potentially problematic because, as I detailed in my COIN ETF report, these exchanges were prone to mismanagement, crashes, and ultimately quick closure.  Going forward, what other sources of reliable pricing data can ETFs use that also accurately reflect market prices? []
  37. One insider in China noted that: “These exchanges had multiple chances to clean up their act and even self-regulate but because of the competitive pressures in China towards zero-fees, no one wanted to be left behind.  It was a type of collective action failure, so the government finally had to come in and clean up the mess because no one else would.” []
  38. These are mostly ERC20 tokens, not coins. []
  39. One reviewer mentioned: “Depending on the jurisdiction, these pre-arranged discounts might be deemed as structured products.” []
  40. Is There a Cryptocurrency Bubble? Just Ask Doge. from The New York Times []
  41. “How the ICO, OCO, and ECO ecosystem works at a high level” by Tim Swanson and “Comments on the COIN ETF (SR-BatsBZX-2016-30)” by Tim Swanson []
  42. Note: volumes can and will be written on this section alone.  If not on the legalities but on the ‘pump and dumps’ that have taken place. []
  43. One former regulator suggested: “Ignoring for the moment the overarching legal implications of what they did, because these activities took place on blockchains, future researchers should be able to eventually provide very accurate estimates the costs and losses to investors who put their trust and money into deceptive ICO organizers who were unscrupulous.” []
  44. Some argue this ban may just be temporary and cite a CCTV 13 interview with Hu Bing with the Institute of Finance and Banking who says the government will issue licenses in the future. []
  45. As of this writing there are many rumors circulating regarding how these new guidelines could impact cryptocurrency mining operators based in China.  One recent story from the Wall Street Journal articulates a rumor that miners will need to also shut down operations because they are trading cryptocurrencies without a license.  More existentially, if all fiat-to-cryptocurrency exchanges shut down domestically, miners would need a new method to liquidate their coins because they need to pay utilities in RMB (e.g., it doesn’t help to have a JPY or KRW-denominated bank account because Chinese utilities require being paid in RMB). []
  46. This same phenomenon occurred several years ago with “wealth management products” doing the same re-investment into other WMPs; revisiting the P2P Lending scams that came to light in the past two years as well is helpful.  See China’s ICO ban makes more sense in light of its history with fintech by Nik Milanovic []
  47. One insider noted that: “A New Zealand based person (and company) is one of the main men in all of this. I’ve encountered him on a number of occasions. He’s a complete fraudster. For example he told a group I am in that MGO would be listed on Poloniex within weeks of launch. Months later he hasn’t even got it on Bittrex. He’s now buying up lots of it wholesale from disenchanted investors who’ve taken a massive hit recently and will inevitably be sitting on a pile when the intentionally delayed launch and pump happens.” []
  48. Whalepool and The Coin Farm on Telegram are both examples of this type of coordination. []
  49. ICO被定性为涉嫌非法集资,想一夜暴富的“韭菜”们醒醒吧 from Huxiu []
  50. Based on translated stories from after the investigations as well as conversations with observers of these training sessions. []
  51. According to a source close to the investigations, law enforcement are using WeChat correspondence to chronicle the intentional cases of fraud and deceit.  In some cases, ICO organizers would run a public WeChat group, providing investors with false information and then use a private WeChat group with a smaller circle of insiders to “laugh at the stupidity” of these investors and coordinate dumps.  As a result, ICO organizers are leaving WeChat to use platforms like Telegram.  See China’s WeChat crackdown drives bitcoin enthusiasts to Telegram from South China Morning Post []
  52. That is the best case scenario because it assumes that there were not additional losses to fraud and mismanagement, which we know there has been. []
  53. China bans companies from raising money through ICOs, asks local regulators to inspect 60 major platforms from CNBC []
  54. Cryptocurrency chaos as China cracks down on ICOs from Reuters []
  55. Ibid []
  56. China shuts down Bitcoin industry; bans executives from leaving the country from Australian Financial Review []
  57. Another ICO Conference Cancels in Wake of China Ban from CoinDesk []
  58. He had to refund the ICOs he promote (plus with an added premium). []
  59. One reviewer commented: “The inevitability of regulations coming down the pipeline is a certainty (not just “blanket bans”).  Whether it’s 1 month or 1 year, regulations or enforcement of existing regulations will be coming in. A lot of these participants in the market seem to want to get in before regulations come into effect but in many jurisdictions they can still be liable for past actions (depending on the statute of limitations). That’s part of what I think is driving this tremendous amount of ICOs right now.” []
  60. 14,000 Coinbase Customers Could Be Affected by IRS Tax Summons from CoinDesk and Legitimate? IRS Defends Coinbase Customer Investigation in Court Filing from CoinDesk []
  61. At the time of this writing Coinbase has raised more than $225 million.  By January 2015, Coinbase had in aggregate raised just north of $106 million.  The ongoing lawsuit with the IRS states that there were 500,000 users by the end of the 2013 – 2015 period, of which 14,355 had done $20,000 or more of trading.   Future research can look into Coinbase’s customer acquisition costs over time (e.g., switching costs) versus the same costs traditional banks have.  Note: this also does not include the user numbers at GDAX, their platform marketed to professional traders. []
  62. According to an alleged insider (which may be untrue), some Coinbase users allegedly didn’t even know they may have been entitled to things like CLAM coins.  Maybe they weren’t. Tangentially, the continual high percentage of hoarding done by cryptocurrency enthusiasts suggests that this still remains a virtual commodity and continues to fail the medium of exchange test needed to be defined as a transactional currency. []
  63. At this time, it is unclear what the breakdown of these new (or old) users are acquiring cryptocurrencies on Coinbase and then participating in ICOs.  As a company, Coinbase has been publicly supportive of the ICO zeitgeist and hosted multiple meetups where ICO creators presented.  Earlier this year it co-sponsored a publication discussing the securities law framework of tokens.  Based on several interviews for this article, users of both the Coinbase wallet and its subsidiary, GDAX, currently can send bitcoins and ether from their user accounts to participate in ICOs.  It is unclear how often this is screened and/or prevented.  For perspective, a former employee was allegedly fired for sending bitcoins from his Coinbase account to gamble on Chinese web casinos.  Assuming this is true (and it may not be) then Coinbase could have the knowledge and/or ability to prevent users from participating in ICOs or other off-platform activity that violates its terms of service. []
  64. Another tech company that supposedly struggled raising funding and later issued its own coin (through an ICO) is Kik, through its Kin Foundation. []
  65. If this post is true (and it may not be), a dozen or so exchanges paying between $7,000 – $10,000 a month is roughly $1.4 million a year.  The SaaS monthly estimate has been independently validated from conversations with a couple participating exchanges. []
  66. One reviewer recommended: “If I were a journalist, I would more closely scrutinize the social media habits of the executives (and their surrogates) on these teams so the ecosystem can ascertain the relationship between the amount of time senior employees spend opining on Twitter, Reddit, mailing lists, IRC, WhatsApp, Slack, WeChat, Telegram, BitcoinTalk, GitHub, Discord, etc., and the number of hours in a working day, or number of products shipped.  Other social media analytics ideas for journalists: look at the Twitter tribes of Bitcoin (and other cryptocurrencies). Who is aligned with whom and pushing what agendas? Who are the trolls associated with those different tribes?  How many suspect accounts are associated with each group? For example, how many accounts that were just created, or never tweeted before, or only have followers from within their own tribes?” []
  67. One reviewer argued that, “It could also because they want to protect their valuations and because they are privately held companies that may be legally forbidden to divulge this information.” []
  68. This article in Quartz did not provide actual data or evidence that these remittance numbers were real, no one fact-checked it and instead, reproduced similar headlines for several months. []
  69. According to a recent interview with Forbes, after nearly two years of operations Abra only has 73 users per day. They are currently raising another round at this time; it is believed that this will help fund their compliance team and for licenses which they currently lack. []
  70. One reviewer said, “A counterpoint could be: VC returns are even sharper than standard Pareto; 1:9 or even 1:99 as opposed to 2:8. Startups are hard – most fail – why should cryptocurrency world be any different?” []
  71. One reviewer suggested that: “In the future, you should explain why Maximalism is a type of Authoritarianism and is not to be conflated with cypherpunks.” []
  72.  In mid-September, vocal promoters and owners of cryptocurrencies such as Bitcoin collectively spent thousands of hours yelling on social media and conducting letter writing campaigns all to channel their anger towards comments made by Jamie Dimon.  A couple worthwhile followups include: JPMorgan handles bitcoin-related trades for clients despite CEO warning from Reuters and  MUFG CEO on Dimon Remarks: Bank Cryptocurrencies Have ‘Nothing to Do With Bitcoin’ from CoinDesk []
  73. Bitcoin was only used as an example, nearly all cryptocurrencies listed on CoinMarketCap have the same issue in terms of calculating a real “market cap.” []
  74. Learning from Bitcoin’s past to improve its future from Tim Swanson []
  75. The theatrics around “BearWhale”-like events still persists.  For example, one current conspiracy theory is that: “the Chinese government is shutting down Bitcoin miners to mine bitcoins themselves.”  This is most likely false and the proposed solution is to “use satellites.”  But in talking with professional miners in China, many of them have contracts directly with State Grid, so they could lose access to energy in a worst-case scenario and satellites would not be of any use (assuming any of those rumors are true). []
  76. To be fair, this is not unique to the cryptocurrency space. []
  77. Genesis Trading is also the marketing and distribution agent for Bitcoin Investment Trust and Ethereum Classic Investment Trust, two regulated financial products.  DCG also is an owner in Grayscale Investments which is the legal sponsor both of these Trusts []
  78. Research: How Investors’ Reading Habits Influence Stock Prices by Anastassia Fedyk and Effects of Misinformation on the Stock Return: A Case Study by Ahsan et al. []
  79. Some employees in coin media have used social media channels to discuss various cryptocurrencies including ICOs over the past year.  How many of these were sponsored or received a cut of the coins to do so? []
  80. A great paper on this topic is The Path of the Blockchain Lexicon (and the Law) by Angela Walch []
  81. Nearly all of the coin media site allow ICO advertisements as well.  What are the terms and benefits that these media sites receive in exchange for displaying these advertisements and advertorials? []
  82. Note: this is not an exhaustive list and I’ll likely be flamed for not including X but including Y.  Journalists who write good original stories include: Nathaniel Popper, Matt Levine, and Matt Leising.  There have been several good op-eds written by lawyers which have appeared on CoinDesk, including Joshua Stark, Jared Marx, Brian Klein, Benjamin Sauter and David McGill.  Some other original, constructive views that should be highlighted include Stephen Palley, Ryan Straus, George Fogg, Miles Cowan, Patrick Murck, Amor Sexton, Houman Shadab, Angela Walch, Scott Farrell, Claire Warren, Simon Gilchrist, and two perpetual curmudgeons: Izabella Kaminska and Preston Byrne (very prickly at times!).  Non-lawyer thought-leaders, technical, and subject matter experts with bonafides worth interviewing include: Adam Krellenstein, Alex Batlin, Alex Waters, Andrew Miller, Andy Geyl, Antony Lewis, Ari Juels, Arvind Narayanan, Christian Decker, Christopher Allen, Ciaran Murray, Colin Platt, Danny Yang, Dave Hudson, David Andolfatto, David Schwartz, Dominic Williams, Duncan Wong, Elaine Shi, Emily Rutland, Emin Gun Sirer, Ernie Teo, Fabio Federici, Flavien Charlon, Gideon Greenspan, Ian Grigg, Ittay Eyal, Jackson Palmer, Jae Kwon, James Hazard, James Smith, Jana Moser, Jeff Garzik, JP Koning, John Whelan, Jonathan Levin, Jonathan Rouach, Jorge Stolfi, Juan Benet, Juan Llanos, Kieren James-Lubin, Lee Braine, Leemon Baird, Makoto Takemiya, Mark Williams, Matthew Green, Martin Walker, Massimo Morini, Michael Gronager, Mike Hearn, Muneeb Ali, Piotr Piasecki, Richard Brown, Robert Sams, Ron Hose, Sarah Meiklejohn, Stefan Thomas, Stephen Lane-Smith, Vitalik Buterin, Vlad Zamfir, Yakov Kofner, Zaki Manian, Zennon Kapron, and Zooko Wilcox-O’Hearn, as well as dozens of others from several different financial institutions and enterprises too long to list.  I also think that Michael del Castillo, Ian Allison, Simon Taylor, Jon Southurst, and Arthur Falls try to do an honest job reporting too.  Epicenter TV is arguably the best podcast in this space. []
  83. For an example, see Cracking Mt. Gox by WizSec []
  84. Chainalysis has a partnership with Circle which in turn enabled Circle to open up an account with Barclays.  Two years ago, an alleged business plan for Chainalysis was leaked online and unsurprisingly, some in the community were up in arms that this small company provided these forensic services. []
  85. Partially inspired by this tweet. []
  86. Click farms are being used by various ICO and Bitcoin-related online personalities to boost their perceived importance. []
Send to Kindle

Which regulators have publicly commented on Initial Coin Offerings?

Below are some of the stated positions of several different regulators around the world regarding ICOs.  In chronological order:

    • Brazil’s equivalent of the SEC, the Comissão de Valores Mobiliários (CVM), published (July 13th) initial legislation instruction (Instrução CVM No. 588) regulating crowdfunding via ICOs: (Portuguese announcement)
    • The United States SEC published on July 25th on ICOs: (Report on investigation) (Investor bulletin) (Investor alert)
    • Monetary Authority of Singapore published its views on August 1st on ICOs: (Clarification statement) (Consumer advisory)
    • Canadian Securities Administrators (CSA), including the Ontario Securities Commission, published its views on August 24th on ICOs: (Staff Notice) (Announcement)
    • Israel Securities Authority announced on August 30th that it is forming a committee to look at ICOs: (Hebrew announcement) (English)
    • The Financial Supervisory Commission (FSC) in South Korea announced on September 3rd that it held a joint task force meeting to strengthen regulations around digital currency trading, including fundraising with ICOs: (BusinessKorea)
    • Central Bank of Russia issued a public statement on September 4th that included its views on ICOs: (Russian announcement) (English)
    • The People’s Bank of China, along with 6 other Chinese government bodies including the national securities regulator (CSRC), publicly banned ICO fundraising in China on September 4th: (CN announcement) (English) (Bloomberg) (Reuters)
    • SFC in Hong Kong announced its views on ICOs on September 5th: (Announcement)
    • The UK Financial Conduct Authority (FCA) announced that it was keeping a close eye on ICOs on September 6th: (FT)
    • The Securities Commission (SC) of Malaysia issued a press release cautioning investors in ICOs on September 7th: (DNA)
    • The Dubai Financial Services Authority (DFSA) warned investors that ICOs were risky on September 13th: (Statement)
    • The Securities and Exchange Commission in Thailand issued some statements regarding ICOs on September 14th: (Comments)
    • Gibraltar Financial Services Commission (GFSC) issued an official statement regarding ICOs on September 22nd: (Statement)
    • North American Securities Administrators Association (NASAA) issued its annual paper and warned of risks around cryptocurrencies and ICOs on September 26th: (Press release)
    • Macau Monetary Authority (MMA) announced that banks cannot engage with ICOs and cryptocurrencies either “directly or indirectly” on September 27th: (Statement)
    • The Australian Securities and Investments Commission (ASIC) released formal guidance and comments about ICOs on September 28th: (Information Sheet)
    • The Financial Services Commission in South Korea said all kinds of initial coin offerings (ICO) will be banned as trading of virtual currencies needs to be tightly controlled and monitored on September 29th: (Reuters) (Yonhap)
    • The Financial Market Supervisory Authority (FINMA) in Switzerland announced it is investigating ICO procedures and issued formal guidance on September 29th: (Press Release)
    • SEC Exposes Two Initial Coin Offerings Purportedly Backed by Real Estate and Diamonds on September 29th: (Press release)
    • Abu Dhabi’s Global Market’s Financial Services Regulatory Authority (FSRA) released guidelines on ICOs on October 9th: (Guidelines)
    • The Central Bank of Lithuania announced its position and guidelines regarding ICOs on October 11th: (Press release)
    • The US Commodity Futures Trading Commission (CFTC), through its internal division, LabCFTC, released a primer on cryptocurrencies including ICOs on October 17th: (Press release)
    • The Financial Markets Authority (FMA) released commentaries on cryptocurrencies and ICOs on October 25th: (Press release) (Commentary)
    • Japan’s Financial Services Agency (FSA) issued a short statement warning users and business operators about the risks of ICOs on October 27th: (Statement)
    • The European Securities and Markets Authority (ESMA) issued two public statements on ICOs: one on risks and the other on rules applicable to firms involved in ICOs on November 13, 2017: (Press Release)

What do they all say?  A friend who is an attorney said it concisely: when you sell securities, you have to comply with securities laws.

If you plan to do an ICO or some kind of token sale, be sure to speak with more than one lawyer or law firm to get a legal opinion about what it is you are actually selling (or not).

And if you’re interested, below is an interview of Nick Morgan.  He is an attorney who previously was part of the SEC’s enforcement team.  He discusses The DAO, securities regulations, and the current ICO frenzy.

Bonus:

  • ECB’s Draghi rejects Estonia’s virtual currency idea – Reuters
  • Initial Coin Offerings: Know Before You Invest – FINRA
Send to Kindle

Panels, quotes, cites for the 2nd quarter of 2017

Below are a variety of events I participated in the last several months.

Events, panels, and presentations:

Interview:

Send to Kindle

Activities for the first few months of 2017

NYU School of Business

There are a number of internal papers we published over the past several months that the R3 research team and I helped manage and edit.

This includes:

In addition, below are the various public / external activities and interactions I was involved with the past several months.

Events, panels, and presentations:

Interviews and quotes:

Citation:
Send to Kindle

Intranets and the Internet

It is early into 2017 and at fintech events we can still hear a variety of analogies used to describe what blockchains and distributed ledger technology (DLT) are and are not.

One of the more helpful ones is from Peter Shiau (formerly of Blockstack.io) who used an automobile analogy involving the Model T to describe magic internet chains:1

The Ford Motor Company is well known for its production engineering innovation that gave us the Model T. To this day, the Ford Model T is one of the best selling automobiles of all-time thanks to the sheer number produced and affordability for American middle class families.  And while it was remarkable that Ford was able to sell so many cars, it is well understood Ford’s true innovation was not the Model T but in fact the modern assembly line.

It was this breakthrough that enabled Ford to build a new car every 93 minutes, far more quickly than any of its competitors. Not unlike the Model T, cryptocurrencies like Bitcaoin, are every bit the product of a similar innovative process breakthrough that today we call a “blockchain.”

Carrying the analogy a little further, what is even more powerful about this modern equivalent of the assembly line is that it is not just useful for building cars but also vans and trucks and boats and planes. In just the same way, a blockchain is not just useful for creating a cryptocurrency, but can be applied to a many different processes that multiple parties might rely on to reach agreement on the truth about something.

Less helpful, but all the same plentiful, are the many red herrings and false equivalences that conferences attendees are subjected to.

Arguably, the least accurate analogy is that public blockchains can be understood as being “like the internet” while private blockchains “are like intranets”.

Why is this one so wrong and worthy of comment?

Because it is exactly backwards.

For example, if you want to use a cryptocurrency like Bitcoin, you have to use bitcoin; and if you want to use Ethereum, you have to use ether.  They are not interoperable.  You have to use their proprietary token in order play in their walled garden.

As described in detail below, the internet is actually a bunch of private networks of internet service providers (ISPs) that have legal agreements with the end users, cooperate through “peering” agreements with other ISPs, and communicate via a common, standardized routing protocols such as BGP which publishes autonomous system numbers (ASNs).

In this respect, what is commonly called “the Internet” is closer to interoperable private, distributed ledger networks sharing a common or interoperable communication technology than anarchic, public cryptocurrency blockchain networks, which behave more like independent isolated networks.

Or in short: by design, cryptocurrencies are intranet islands whereas permissioned distributed ledgers — with interoperability hooks (“peering” agreements) — are more like the internet.2

Sidebar

Let’s do a short hands-on activity to see why the original analogy used at fintech conferences is a false equivalence with implications for how we need to frame the conversation and manage expectations in order to integrate DLT in to our reference and business architecture.

If you are using a Windows-based PC, open up a Command window.  If you’re using a Mac or Android device, go to a store and buy a Windows-based PC.

Once you have your Command window open, type in a very simple command:

tracert: www.google.com

Wait a few seconds and count the hops as your signal traces the route through various network switches and servers until you finally land on your destination.  From my abode in the SF area, it took 10 hops to land at Google and 7 hops to land at Microsoft.

If you did this exercise in most developed countries, then the switches and servers your signal zigged and zagged through were largely comprised of privately owned and operated networks called ISPs.  That is to say, what is generally described as “the internet” is just a bunch of privately run networks connected to one another via several types of agreements such as: transit agreements, peering agreements, and interconnect agreements.

By far the most widely used agreement is still done via the proverbial “handshake.”  In fact, according to a 2012 OECD report, 99.5% of internet traffic agreements are done via handshakes.  There is also depeering, but more on that later.

What do all these agreements look like in practice?

According to the 2016 Survey of Internet Carrier Interconnection Agreements (pdf):

The Internet, or network of networks, consists of 7,557 Internet Service Provider (ISP) or carrier networks, which are interconnected in a sparse mesh. Each of the interconnecting links takes one of two forms: transit or peering. Transit agreements are commercial contracts in which, typically, a customer pays a service provider for access to the Internet; these agreements are most prevalent at the edges of the Internet, where the topology consists primarily of singly connected “leaf” networks that are principally concerned with the delivery of their own traffic. Transit agreements have been widely studied and are not the subject of this report. Peering agreements – the value-creation engine of the Internet – are the carrier interconnection agreements that allow carriers to exchange traffic bound for one another’s customers; they are most common in the core of the Internet, where the topology consists of densely interconnected networks that are principally concerned with the carriage of traffic on behalf of the networks which are their customers.

Colloquially it is a lot easier to say “I want to use the Internet” instead of saying “I want to connect with 7,557 ISPs interconnected in a sparse mesh.”

Back to topology, each ISP is able to pass along traffic that originated from other networks, even if these external networks and the traffic therein originate from foreign countries, because the physical systems can speak to one another via standardized transport protocols like TCP and UDP and route via BGP.3 4

Thus there is no such thing as a physical “internet rail,” only an amalgam of privately and publicly owned networks stitched together.

And each year there is inevitably tension between one more ISP and consequently depeering takes place.  A research paper published in 2014 identified 26 such depeering examples and noted that while depeering exists:

Agreements are very quite affair and are not documented for, they are mostly handshake agreements where parties mutually agree  without  any  on  record  documentation.  This  argument is supported by the fact that 141,512 Internet Interconnection Agreements out of 142,210 Internet Agreements examined till March 2011 were Handshake Agreements.

This is the main reason you do not hear of disputes and disagreements between ISPs, this also dovetails into the “net neutrality” topic which is beyond the scope of this post.

Intranets

Just as the internet is an imperfect analogy for blockchains and DLT in general, so is its offspring the “intranet” is a poor analogy for a permissioned blockchains.  As noted above, the internet is a cluster of several thousand ISPs that typically build business models off of a variety of service plans in both the consumer and corporate environments.

Some of these server plans target corporate environments and also includes building and maintaining “private” intranets.

What is an intranet?

An intranet is a private network accessible only to an organization’s staff. Generally a wide range of information and services from the organization’s internal IT systems are available that would not be available to the public from the Internet. (Source)

And while more and more companies migrate some portion of their operations and work flows onto public and private “clouds,” intranets are expected to be maintained given their continued utility.  From an infrastructure standpoint, notwithstanding that an intranet could be maintained one or more more servers through Software Defined Networks (SDNs), it is still a subset of a mash up of ISPs and mesh networks.

What does this have to do with magic internet chains?

A private blockchain or private distributed ledger, is a nebulous term which typically means that the validation process for transactions is maintained by known, identified participants, not pseudonymous participants.  Depending on the architecture, it can also achieve the level of privacy that is associated with an intranet while staying clear of the hazards associated with preserving true pseudonymity.

Why is the “intranet” analogy so misleading and harmful?

For multiple reasons.

For starters, it is not really valid to make a sweeping generalization of all identity-based blockchains and distributed ledgers, as each is architected around specific use-cases and requirements.  For instance, some vendors insist on installing on-premise nodes behind the firewall of an enterprise.  Some vendors setup and run a centralized blockchain, from one or two nodes, for an enterprise. Some others tap into existing operational practices such as utilizing VPN connections.  And others spin up nodes on public clouds in data centers which are then operated by the enterprise.

There are likely more configurations, but as noted above: from a topological perspective in some cases these private blockchains and distributed ledgers operate within an intranet, or on an ISP, or even as an extranet.

Fundamentally the biggest difference between using an ISP (“the internet”) and using an intranet is about accessibility, who has access rights.  And this is where identity comes into play: most ISPs require the account holder to provide identification materials for what is effectively KYC compliance.

Thus while you may be visit a coffee shop like Starbucks who provides “free” access, Starbucks itself is an identified account holder with an ISP and the ISP could remove Starbucks access for violating its terms of service.  Similarly, most coffee shops, airports, schools, etc. require users to accept a terms of service acknowledging that their access can be revoked for violating it.

Source: FireFox 51.0.1

In short, both the internet and intranet are in effect part of identity and permission-based networks.  There is no such thing as an identity-less internet, only tools to mask the users identity (e.g., Tor, Peerblock, Whisper).  In the same way that, “private” intranets are a fallacy.

Anarchic chains, which were designed to operate cryptocurrencies like Bitcoin, attempt to create an identity-less network on top of an identifiable network, hence the reason people involved in illicit activities can sometimes be caught.

Identity

Interestingly, where the internet analogy does hold up is in how public, anarchic blockchains are no less challenged by the effort and complexity of truly masking identity. I mentioned this in a footnote in the previous post, but it deserves being highlighted once more. Anarchic blockchains inspired by cryptocurrencies such as Bitcoin, used blocks because Satoshi wanted identity-free consensus (e.g., pseudonymity).  That implies miners can come and go at will, without any kind of registration, which eliminated the choice of using any existing consensus algorithm.

As a result, Satoshi’s solution was proof-of-work (PoW).  However, PoW is susceptible to collisions (e.g., orphan blocks).  When a collision occurs you have to wait longer to obtain the same level of work done on a transaction. Thus you want to minimize them, which resulted in finding a PoW on average every ten minutes.  This means that in a network with one minute propagation delays, not unlikely in a very large network (BGP sees such propagation times) then you waste ~10% of total work done, which was considered an acceptable loss rate in 2008 when Satoshi was designing and tweaking the parameters of the system.

Distributed ledgers such as Corda, use a different design and exist precisely as an identified network, where members cannot just come and go at will, and do have to register. With Corda, the team also assumes relatively low propagation times between members of a notary cluster.  One of the key differences between mere PoW (i.e. hashcash) and a blockchain is that in the latter, each block references the prior – thus PoWs aggregate.  It can be tough to do that unless all transactions are visible to everyone and there is a single agreed upon blockchain but if you do not, you will not get enough PoW to yield any meaningful security

When fintech panels talk about the notion of “open” or “closed” networks, this is really a red herring because what is being ignored is how identity and permission work and are maintained on different types of networks.

From the standpoint of miner validation, in practice cryptocurrencies like Bitcoin are effectively permission-based: the only entity that validates a transaction is effectively 1 in 20 semi-static pools each day.  And the miners/hashers within those pools almost never individually generate the appropriate/winning hash towards finding a block.  Each miner generates trillions of invalid hashes each week and are rewarded with shares of a reward as the reward comes in.

And if you want to change something or possibly insert a transaction, you need hashrate to do so.  Not just anyone running a validating node can effect change.

More to the point, nearly all of these pools and many of the largest miners have self-doxxed themselves.  They have linked their real world identities to a pseudonymous network whose goals were to mask identities via a purposefully expensive PoW process.  As a result, their energy and telecommunication access can be revoked by ISPs, energy companies, and governments.  Therefore calling anarchic or public blockchains “open” is more of a marketing gimmick than anything else at this stage.

Clarity

AOL and CompuServe were early, successful ISPs; not intranets.5  Conflating these terms makes it confusing for users to understand the core technology and identify the best fit use-cases. 6

Alongside the evolution of both the “cloud” and ISP markets, it will be very interesting to watch the evolution of “sovereign” networks and how they seek to address the issue of identity.

Why?

Because of national and supranational laws like General Data Protection Regulation (GDPR) that impacts all network users irrespective of origin.

For instance, Marley Gray (Principal Program Manager Blockchain at Microsoft) recently explained in an interview (above) how in order to comply with various data regulations (data custody and sovereignty), Microsoft acquired fiber links that do not interact with the “public” internet.  That is to say, by moving data through physically segregated “dark” networks, Microsoft can comply with requirements of its regulated customers.

And that is what is missing from most fintech panels on this topic: at the end of the day who is the customer and end-user.

If it is cypherpunks and anarchists, then anarchic chains are built around their need for pseudonymous interactions.  If it is regulated enterprises, then identity-based systems are built around the need for SLAs and so forth.  The two worlds will continue to co-exist, but each network has different utility and comparative advantage.

Acknowledgements: I would like to thank Mike Hearn, Stephen Lane-Smith, Antony Lewis, Marcus Lim, Grant McDaniel, Emily Rutland, Kevin Rutter, and Peter Shiau for their constructive feedback. This was originally sent to R3 members on March 31, 2017.

Endnotes

  1. His analogy is reused with permission. []
  2. From a network perspective, some of the integration and interop challenges facing DLT platforms could be similar to the harried IPv4 vs IPv6 coexistence over the past decade.  Who runs the validating nodes, the bridges — the links between the chains and ledgers — still has to be sorted out.  One reviewer noted that: If you equate IPv4 (TCP/UDP/ICMP) to DLTv4 where BGPv4 enables IPv4 networks to interact, we need an equivalent for BPGv4, say DLTGPv4 (DLT Gateway Protocol) for DLTv4 fabrics (ISPv4s) to interact and the same thing for IPv6 and DLTv6 where DLTv6 is a different DLT technology than DLTv4.  So the basic challenge here is solving integration of like DLT networks. []
  3. Venture capitalists such as Marc Andreessen and Fred Wilson have stated at times that they would have supported or invested in something akin to TCPIPcoins or BGPcoins.  That is to say, in retrospect the missing element from the “internet stack” is a cryptocurrency.  This is arguably flawed on many levels and if attempted, would likely have stagnated the growth and adoption of the internet, see page 18-19. []
  4. One reviewer noted that: Because of the IPv4 address restrictions (address space has been allocated – relying on auctions etc for organizations to acquire IPv4 addresses), some sites now only have an IPv6 address.  Most devices today are dual stack (support IPv4 and IPv6), but many ISPs and older devices still only support IPv4 creating issues for individuals to access IPv6 resulting in the development of various approaches for IPv4 to IPv6 (e.g. GW46 – my generic label).  I think, the question with DLTGW46 is whether to go dual stack or facilitate transformation between v4 and v6. []
  5. A reviewer who previously worked at AOL in the mid ’90s noted that: “In its early days, AOL was effectively a walled garden.  For example, it had its own proprietary markup language called RAINMAN for displaying content. And access to the internet was carefully managed at first because AOL wanted its members to stay inside where content was curated and cultural norms relatively safer — and also desirable for obvious business reasons.” []
  6. One reviewer commented: “In my opinion, the “internet” cannot be created by a single party. It is an emergent entity that is the product of multiple ISPs that agree to peer – thus the World Wide Web. DLT-based and blockchain-based services first need to develop into their own robust ecosystems to serve their own members. Eventually, these ecosystems will want to connect because the value of assets and processes in multiple ecosystems will increase when combined.” []
Send to Kindle

Chainwashing

I was recently talking with a friend who spent the past decade in an operations role at a large enterprise in the telecommunication sector.  He has a matter-of-fact personality that likes to cut through the smoke and mirrors to find the fire.

I explained to him my role of having to filter through the dozens of entities that my market research team at R3 speaks with each month. And the formal process that our small team uses to look and find organizations that would be a good fit for R3’s Lab project pipeline.

For instance, because we typically act as the first part of the funnel for our organization, we end up listening to a great deal of startup pitches. And we are continually bombarded by endless “blockchain” and DLT noise.  The first year alone we looked at and spoke to more than 300 entities, a number that has now reached about 400.

This is not to say that there are only 400 companies/vendors/organizations/projects billing themselves as “blockchain” related entities… unfortunately that nebulous term has ballooned to encompass everything from cryptocurrencies to big data to IoT and now probably numbers in the thousands.

If you’re working in capital markets, how to tell the pretenders from the real deal?

Should you seek advice from people who never interface with enterprises or institutions and get all their wisdom from social media?  Or listen to columnists whose only interaction with banks is the ATM or a cryptocurrency meetup?  Or to media outlets that do not disclose their (coin) holdings?  Before answering these, let’s look at a new phrase below.

Thirteen months ago I gave a short presentation talking about the “blockchain” hype cycle.

The month before that – in December 2015 – I mentioned how much of the enthusiasm surrounding “blockchains” seemed a bit similar to the exuberance around “gluten free” food: how most people at fintech conferences talking about “blockchains” really couldn’t explain why blockchains were great in much the same way that many people asking for “gluten-free” food couldn’t tell you why gluten is or is not good for you.

I explained this to my friend and he said that the euphoria surrounding blockchains – and its vertical rise on the Gartner hype cycle – is similar to what he observed and experienced in “the cloud” space earlier this decade.  And more specifically, to the phenomenon called “cloudwashing”:

Cloud washing (also spelled cloudwashing) is the purposeful and sometimes deceptive attempt by a vendor to rebrand an old product or service by associating the buzzword “cloud” with it. (Source)

So with that, I’d like to coin a new phrase: “chainwashing.”

I have personally seen dozens of decks from vendors along the entire spectrum of sizes during the current hype cycle.  And watched the evolution of “blockchain creep” — how over time the word “blockchain” would appear more frequently not just on each slide, but in scope and vertical.

For instance, there are couple dozen different startups that claim to have somehow built an enterprise-grade blockchain system without having to go through the arduous process of gathering the functional and non-functional requirements from the enterprises they intended to integrate with.  Magic!

While startup founders should shoulder the blame for these marketing gimmicks – as should the reporters that often own but do not disclose their (coin) holdings – investors are also to blame for not just talking their book, but also obfuscating their portfolio companies by pressuring them to rebrand retail-focused cryptocurrency products as bonafide “enterprise blockchain” platforms.  They are not the same thing.

So what are some evaluation criteria to help identity the signal from the noise?

If your job is to help filter vendors for financial institutions, governments, investment funds, or other large enterprises, then some of these questions may be helpful in determining whether or not your firm should engage with the vendor:

  • Why is the vendor using a blockchain?
  • What is the vendor’s definition of a blockchain?
  • Who has a problem that needs a blockchain in order to solve it: the vendor or the vendor’s customer?
  • What is it about a blockchain that solves a problem that couldn’t be solved with existing technoloogy?
  • If a blockchain-related infrastructure provides a solution to for the vendor, can it use any other existing technology to solve its needs?
  • Do the founders and management team have experience managing, building, and/or deploying enterprise-grade systems or critical infrastructure?
  • Does the vendor as a whole have the appropriate contacts and connections with institutions and regulators?
  • Does the vendor have enough run way to build through a long sales cycle?

By asking these types of questions our team has helped filter the 400 or so companies/projects into a much more manageable dozen.

We think the number of companies with legs will continue to increase over time but chainwashing will continue to be a noise pollution problem for the next few years in the enterprise world even after production systems have been integrated into institutions.

As a consequence, it is probably safe to assume vendors are trying to pull a fast one on you, especially if it involves needing your company to acquire a cryptocurrency or “permissioning off” an existing cryptocurrency.

Remember: cryptocurrencies in the vein of Bitcoin were intentionally not designed to integrate with and fulfill the requirements of regulated institutions (like settlement finality) any more than a helicopter was designed to handle long distance cargo hauling.  Chainwashing is the opposite of being fit-for-purpose and we see it with marketing gimmicks like “Layer 2,” the topic of the next post.

Update: see also Evolving Language: Decentralized Financial Market Infrastructure

Send to Kindle

DLT as FMI in Korea

Yesterday I gave a keynote talk at “The Future of Financial Payment Services Driven by Technology Innovation” organized and hosted by the Korea Finance Telecommunications & Clearings Institute (KFTC).

It was their 30th Anniversary Seminar and was held in Seoul, South Korea.

Below are the slides I presented on “Distributed Ledger Technology as Financial Market Infrastructure”:

Send to Kindle

Comments on the COIN ETF (SR-BatsBZX-2016-30)

Earlier today, with some help from the R3 research team (thanks for the grammar fixes!), I shipped a new paper to the consortium members.  This paper discusses several issues and challenges facing a Bitcoin-based ETF that was originally proposed a couple years ago by the Winklevoss twins (commonly called the COIN ETF).  It specifically looks at questions publicly raised by the SEC.

It bears mentioning that R3 itself is not in any shape or fashion involved with this ETF or in using the Bitcoin network.  This (tangential) paper solely represents my views and not those of my employer or companies I advise.  I worked on it in my spare time.

R3 typically makes research papers available 3-6 months after sending it to members, so check back here later next spring or summer to see if it has been posted.

Update 09/2017: many months later an egg tweeted that it has been posted online at Scribd and Docdroid (pdf)

Send to Kindle

Emochain and Statistchain

[Note: The views expressed below are solely my own and do not necessarily represent the views of my employer or any organization I advise]

Why open/permissionless and closed/permissioned terminology has become a muddled red herring of totems

It is common to see startups, enthusiasts, and advocacy groups boast how they support “open,” “public,” and “permissionless” innovation.  Their lollipops and rainbows narrative can be found on a multitude of websites, social media accounts, and on panels at conferences.

Similarly several well-to-do consultancies and buttoned-up fintech companies use stoic marketing terms like “permissioned,” “trusted,” and “private” to describe their platforms to what are assumedly monocle-wearing, high-brow clientele.

But very little long-form has been spent explaining what these actually mean beyond superficial warm feelings either side is trying to engender.

Both are at fault for taking a page from the politically charged play book of terms like “pro-choice” and “pro-life” — I mean who wants to be labeled as anti-choice or anti-life?  Or in this case, who would want to be known as anti-open and anti-permissionless?    Or as John Oliver might say, who wants to hang out in intranet sandboxes all day when there is a big fat thing called “The Internet” you can troll on all day instead?

Aside from the fact that “The Internet” is just a bunch of highly regulated, permissioned intranets tied together with KYC and peering agreements, let’s de-escalate and take a quick step back for a moment to focus on two diametrically polar opposites: anarchic and archic networks.1

Why?  Because that’s ultimately what these two camps are fighting a war of words and hashtagged rhetoric about.

Defining definables

There are some general commonalities between anarchic and archic chains but before getting there, what does anarchic mean in this context?

An anarchic network — in this case an anarchic blockchain — simply means a chain that purposefully lacks any ties to legal institutions and nation-state infrastructure.  That is to say, the architects of an anarchic chain set out to create an extralegal virtual-only entity that is divorced from governments and regulators; entities that could censor data transfers and on-chain activities.   Currently, anarchic chains are euphemistically called “public blockchains” to have better marketing varnish at cocktail parties in DC.

There have been multiple attempts to build anarchic-types of networks in the past (such as Tor); perhaps the most popularly known anarchic blockchains in use are Bitcoin and Ethereum.

Anarchic can also mean that a chain, or a network layer, has no formal or de jure governance process for handling disputes.  In this case, both Bitcoin and Ethereum (among others) are double-fisting anarchy.

I am a millennial, is there another way of saying all of this in less than 140 characters?

Not that there is an official marketing slogan but:

  • Bitcoin is supposed to be an unstoppable payment processor (title and abstract of the whitepaper)
  • Ethereum is supposed to be an unstoppable computer that can run and execute untrusted code (motto from Foundation’s website)

In contrast, as can be expected from its name, archic chains and networks explicitly tie into traditional legal infrastructure, into the ‘old world’ laws of physical nation-states.  In addition, many archic chain creators attempt to bake-in and enable on-chain dispute mechanisms and methods for handling disputes off-chain in the event there is a problem.2

Boring laws and wet oppressive code, right?

But wait, there’s more.

I think my favorite tweet last year was along the lines of: sometimes my browser crashes, occasionally I have to restart my phone, but gosh darnit my self-driving car will always work without a hitch!

And that naïve thinking pervades a lot of the development teams in the fintech space.

Sure it’d be cool if you can automate all of the value transfer processes globally with cryptographically assured, tamper-evident mechanisms — but in case something screws up or a governance dispute occurs, you have to design for the fact that somewhere Edward Murphy is in your system with Chaos Monkey.3 And so too it will be with magic internet chains.  Without explicit governance and dispute-resolution mechanisms we will just revert back to our lowest common denominator: arguing on reddit with memes.4

Common ground

By their nature these two worlds are polar opposites in terms of network designs, assumptions, and goals.

With that in mind, below are three commonalities that both types of networks have but each of which is handled differently:

(1) Both have permissioning

(2) Both have cryptographic-linked data structures

(3) Both use ‘other peoples computers’

What does each of these mean?

For anarchic networks like Ethereum and Bitcoin, permissioning — that is to say, deciding who gets to change and update the log of records, or in this case digitally sign blocks, is usually handled via proof-of-work.5

Permissioning in this specific case has nothing to do with what kind of applications can be used on it, who can look at the code, who can modify the code, who can send transactions, etc.  These are all tangential to the key foundational question of who gets to digitally sign and update the log of history in the first place.  After all, the Bitcoin whitepaper wasn’t an exegesis on cloning software libraries and GPL versus MIT licensing maximalism now was it?6)  In fact, to-date several vendors have released open-sourced versions of “private” gated chains — so you can have one without the other.7 Nor did KYCing internet access kill innovation on the internet.

While some promoters like to use terms like “dynamic” to describe the log signing / block validation process on the Bitcoin network, in practice there are roughly 15-20 ‘permissioned’ block makers / log signers on the Ethereum and Bitcoin networks at any given time.8

That is to say, the entire “membership pool” of block signers at any day of the week is fairly static.  Some come and go over time but in general there is a quasi-static membership pool of block signers; and the operators of these membership pools is generally known and no longer identity-less (pseudonymous).  They even sit on stage at public conferences and pose for pictures and… bring photo journalists to their actual data centers.9  There is a joke about the first two rules of Fight Club in there somewhere.

This creates some fundamental problems surrounding the goals of achieving censorship-resistance as well as the goals of routing around regulatory regimes.  Recall that neither Bitcoin nor Ethereum were designed to interface with the traditional legal system which compels validators, payment processors, custodians, and financial intermediaries to comply with a bevy of identity management and consumer protection requirements.

In fact, anarchic chains were designed to do just the opposite and instead maintain a network that enables identity-less participants to move data peer-to-peer without complying with a list of external rules and governance processes. As noted above, anarchic chains set out to be their own sovereign entity, a type of virtual nation-state divorced from traditional legal infrastructure altogether.

And to achieve their objective of enabling identity-less participants to transfer data from one to another without having to be vetted by a party capable of censoring the movement of data, the network designers believed they could make their network of validators and block makers — the cloud of machines processing payments and providing digital signatures — decentralized to the extent that the overall network could maintain reliable uptime in the face of network splits as well as malicious activity from governmental and Byzantine actors.

So in summation, anarchic chains:

(1) typically achieve permissioning and log appendation by requiring (originally) identity-less participants to submit proofs-of-work that consume and irreversibly destroy real economic value (e.g., fossil fuels);

(2) the log of history and payments therein is appended via a digital signature controlled by a nominally identity-less, quasi-static participant who is able to propagate the proof-of-work first across the rest of the network;10

(3) this log of history — in both theory and practice — is propagated to other people computers in other countries in order to attempt to achieve uptime in the face of network partitions and adversaries.

In other words, checkmate statists!

Law maximalism

So what about that cold, heartless world of closed, walled-off gardens managed by intranet builders and training wheel makers?  After all, anarchic chains are supposedly too woolly for regulated institutions like banks and according to random people on social media who talk to other random people on social media about financial infrastructure in 140 characters, banks now have decided to reinvent databases… But With Blockchain™.  Because banks — which collectively have built and operate the largest IT infrastructure globally — don’t understand technology and have just rebranded SQL databases to get some easy softball press releases.  Right?

It’s hard to talk about archic chains in the same snarky depth as anarchic chains because there are so many different ones under development that are taking different tact’s and approaches to solving who knows what.  But challenge accepted.

As Ian Grigg explains, part of the problem entrepreneurs are facing is that “permissionless” can be defined, sort of, but the opposite of permissionless is harder to define.  If we accept it means “with a permission” then we could ask, what permission?  How many?  When, where, who, etc.

Are we talking about permission to enter (walled garden), permission to make any transaction (identified keys not pseudonyms), permission to act (approved by regulator in each instance), permission to put money in, permission to take money out?  All of these permissions have regulatory, architectural, societal, and marketing success implications so it isn’t really plausible to talk about a permissioned system as a thing, it’s more an anti-thing.11

With the private/permissioned world of buzzword bingo, a lot of the platforms are ill-conceived forks of cryptocurrencies that weren’t customized at all for capital markets.

Satoshi wasn’t trying to solve for frictions in the post-trade world of clearing and settlement of regulated institutions.  And Vitalik didn’t wake up 3 years ago and say, “Holy hell the $65-$80 billion in post-trade reconciliation processes could be significantly reduced tomorrow if I build an unstoppable computer program replicated across thousands of nodes!”12

So simply forking Bitcoin and gutting the PoW mining apparatus to move pre-IPO cap tables around or track airline points cannot really be called “fit for purpose” especially since it seems that you can pretty much do the same exact thing with existing off-the-shelf technology.

What can’t be done with an extant databases?

That’s a good question, and one a lot of reporters miss because they aren’t interviewing IT managers at banks — who cares what some social media app designer or Bitcoin API developer thinks about back-offices at banks, talk to actual core banking architects.

The fundamental reason that regulated financial institutions have all collectively done steeplechase into magic internet chains track & field is this: there is no such thing as an off-the-shelf system that allows them to move value from their own internal ledgers to outside of their organization without having to rely on a cornucopia of 3rd parties.  There is no such thing as a global shared ledger standard designed around their operating requirements.   For instance, the aggregate reconciliation process and back-office operations that exist today doesn’t make sense to those used to Gmail swiftness or HFT speeds as seen in the front-office activities of trade.

Banks (and other institutions) are looking for novel, secure solutions to reduce certain legacy costs and have been looking at an army of different technology vendors for years to do so.  But as I have pointed out before, there is no such thing as a fit-for-purpose distributed ledger that can provide the type of back-office utility (yet).13

What does that mean?

Fit-for-purpose means that some team of geeks sat down with other teams of geeks at banks to talk about super unsexy things for months and years on end to solve specific issues based on a set of explicit functional and non-functional requirements at said bank.

If your team didn’t do that massively boring requirements gathering process then you’re gonna have a really bad time going to market.

If you simply just start building a blockchain app for blockchain app sake, you will likely end up like BitPay or ChangeTip.  At least with anarchic chain architects themselves, to their credit, are often attempting to solve for a specific problem-set: how to enable censorship-resistant activities in the face of censorable mandates.

On the other hand: if Bitcoin or Ethereum could do the zillions of things that Bitcoin or Ethereum proponents claim it can do, then of course everyone might use it.  It doesn’t, so unsurprisingly many companies and institutions don’t.  And before getting all high and mighty about “not giving little poor Bitcoin a chance” — financial institutions globally have done over 200 PoCs on forks of cryptocurrencies or even cryptocurrency networks themselves.  They discarded nearly all of them because — spoiler alert — anarchic chains were not built for the requirements that regulated banks have.

Archic chains are not a panacea to everything and they are certainly not the most exciting thing since the invention of the Internet: OxiClean was, and you could only originally get it by calling a 1-800 number.14

The tldr for archic chains is that they:

(1) typically achieve permissioning and log appendation by gating and white-listing the operators of the validation process; this usually involves drawing up a legal contract and service-level agreement specifying the terms of services, quality of service, and how disputes are handled.  Because validators are known and legally accountable, proof-of-work is unneeded and marginal costs actually remain marginal (as opposed to MC=MV relationship in PoW networks)15

(2) the log of history and payments therein, is appended via a digital signature controlled by a known, identifiable potentially-static participant who is can propagate the transaction and block to the rest of the participants whom are permitted to interact with the transaction

(3) this log of history — in both theory and practice — is propagated to ‘other people computers.’  In the archic case, it may be a regulated cloud facility (e.g., sovereign cloud) that complies with all of the regulated data requirements of a specific jurisdiction.  (This may sound like an unimportant area of interest, be sure to look at this presentation.)

Or in short, with archic chains: validation and block signing is handled by known, identifiable parties whom have the appropriate licenses to handle regulated data in the jurisdictions they operate in.

Because of laws like the General Data Protection Regulation (GDPR), replication of regulated data to everyone everywhere ends up in Bad News Bears territory pretty quickly.

Conclusions

I purposefully tried not to use the word “immutability” because the term has been bludgeoned by totem warriors on all sides this past year.  It’s to the point where some cryptocurrency advocates sound like Luddites because they do not acknowledge that immutability is simply achieved by running data through a hashing algorithm, that’s it.  It’s one-way and irreversible and has nothing to do with proof-of-work.  All PoW effectively does is delegate who can append a log in an untrusted network.

As a matter of fact, there is oodles of immutable data that predates cryptocurrency networks like Bitcoin, housed on a sundry of databases worldwide.  And on the other hand, you have consultancies wearing out the word “immutability” as if it about to go out of fashion and they get a year-end bonus for saying it three-times fast.

We are nearing the end of year two of the grand totem wars, of the nonsensical permissioned versus permissionless wannabe debate.  There is no versus.  Fundamentally Sams’ Law is empirically valid:  anything that needs censorship-resistance will gravitate towards censorship-resistant systems and anything that does not will gravitate towards systems that can be censored.16

There are ironclad trade-offs: a network cannot simultaneously be censorship-resistant and tied into legal infrastructure.  A chain cannot be both anarchic and archic.  One set of utilities has to have a priority over the other (e.g., definitive settlement finality versus probabilistic finality) otherwise it all begins to look like the chimera that is the permissioned-on-permissionless ecosystem.17

As a consequence, anarchic chains continue to act as testnets for archic chains.  That is to say, both the Bitcoin and Ethereum ecosystems are effectively providing free R&D to network designers who will learn from the mistakes and incorporate the relevant solutions into their own future systems.  After all, why use an anarchic chain in which governance is handled by anonymous eggs on Twitter and (ironically) censorship-happy moderators on reddit?  Perhaps things will change and the great expectations promised by anarchic chains will come to fruition.  In fact, if Boltzmann brains can exist then that is always in the realm of possibilities.

In the meantime, it’s worth reflecting on what Dave Birch recently pointed out: there is no such thing as a cloud, just other people’s computers.18  And each jurisdiction regulates the activities of what can and cannot be processed and serviced on certain machines.  Perhaps those laws will change, but they might not.  It will be worth checking in on the Emochain and Statistchain caricatures in the coming months: maybe the State will wither and die like Zerohedge has predicted 7,934 times in the past.  Or maybe Panoptichain will be built instead.  Or both simultaneously as the consultants behind Schrödingerchain would have you believe.

Immutability!  Immutability!  Immutability!

Endnotes

  1. Archy and Anarchic Chains []
  2. Smart Contract Templates: foundations, design landscape and research directions by Clack et al. []
  3. Edward Murphy is the namesake of “Murphy’s Law.”  See also: Netflix attacks own network with “Chaos Monkey”—and now you can too from ArsTechnica []
  4. Code is not law []
  5. Why does Ethereum plan to move to Proof of Stake? from StackExchange []
  6. “We were successful exactly because we were *not* maximalists.” – Linus Torvalds (source []
  7. See the Hyperledger github repo []
  8. The term “dynamic-membership multi-party signature” was used in the Blockstream whitepaper []
  9. Self-doxxing, dynamic block making and re-decentralization of mining []
  10. It’s actually not necessarily the first — as blocks can become orphaned — but rather which block ends up being built on by other block makers []
  11. “So maybe the debate is over comparing an apple to a citrus fruit – mandarins, tangerines, grapefruits, lemons etc, and everyone is assuming their particular flavour.” Many thanks to Ian Grigg for this passage. []
  12. Blockchain: Back-Office Block-Buster from Autonomous Research []
  13. Designing a Global Fabric for Finance (G3F); Blockchain, Bitcoin and the rise of banks as shared ledger providers; Explore the Blockchain, Ignore the Bitcoin Maximalists []
  14. OxiClean []
  15. See Some Crypto Quibbles with Threadneedle Street and Bitcoins: Made in China []
  16. See slide 13 []
  17. What is permissioned-on-permissionless?; Settlement Risks Involving Public Blockchains []
  18. Dave Birch, September 20, 2016: Source []
Send to Kindle

Non-technical Corda whitepaper released

Earlier today our architecture team released its first public whitepaper on Corda.

The WSJ covered it here and here.

Consequently I am somewhat puzzled by news stories that still refer to a “blockchain” as “Bitcoin technology.”  After all, we don’t refer to combustion engines in cars as “horse-powered technology” or an airplane turbine engine as “bird-powered technology.”

A more accurate phrase would be to say something like, “a blockchain is a type of data structure popularized by cryptocurrencies such as Bitcoin and Ethereum.”  After all, chronologically someone prior to Satoshi could have assembled the pieces of a blockchain into a blockchain and used it for different purposes than censorship-resistant e-cash.  In fact, both Guardtime and Z/Yen Group claim to have done so pre-2008, and neither involves ‘proof-of-work.’

Fun fact: Corda is not a blockchain, but is instead a distributed ledger.

Send to Kindle

Archy and Anarchic Chains

[Note: the views expressed below are solely my own and do not necessarily represent the views of my employer or any organization I advise.]

Yesterday, at block height 1920000, many elements of the Ethereum community coordinated a purposeful hardfork.

After several weeks of debate and just over a couple weeks of preparation, key stakeholders in the community — namely miners and exchanges — attempted to create a smooth transition from Ethereum Prime (sometimes referred to as Ethereum Classic) into Ethereum Core (Ethereum One).1

Users of exchange services such as Kraken were notified of the fork and are now being allowed to withdraw ETH to Ethereum Core, which many miners and exchanges now claim as “mainnet.”

Was the hardfork a success?  To answer that question depends on which parallel universe (or chain) you resided on.  And it also depends on the list of criteria for what “failure” or “success” are measured by.

For instance, if you ended up with ETH on the “unsupported” fork (Classic), who was financially responsible for this and who could attempt to file a lawsuit to rectify any loses?

Maybe no one.  Why?  Because public blockchains intentionally lack terms of service, EULA, and service level agreements, therefore it is difficult to say who is legally liable for mistakes or loses.

For instance, if financial instruments from a bank were sent to miners during the transition phase and are no longer accessible because the instruments were sent to the “unsupported” chain, who is to blame and bears responsibility?  Which party is supposed to provide compensation and restitution?

De facto versus de jure

This whole hardfork exercise visualizes a number of issues that this blog has articulated in the past.

Perhaps the most controversial is that simply: there is no such thing as a de jure mainnet whilst using a public blockchain.  The best a cryptocurrency community could inherently achieve is a de facto mainnet.2

What does that mean?

Public blockchains such as Bitcoin and Ethereum, intentionally lack any ties into the traditional legal infrastructure.  The original designers made it a point to try and make public blockchains extraterritorial and sovereign to the physical world in which we live in.  In other words, public blockchains are anarchic.

As a consequence, lacking ties into legal infrastructure, there is no recognized external authority that can legitimately claim which fork of Bitcoin or Ethereum is the ‘One True Chain.’  Rather it is through the proof-of-work process (or perhaps proof-of-stake in the future) that attempts to attest to which chain is supposed to be the de facto chain.3

However, even in this world there is a debate as to whether or not it is the longest chain or the chain with the most work done, that is determines which chain is the legitimate chain and which are the apostates.4 5

And this is where, fundamentally, it becomes difficult for regulated institutions to use a public blockchain for transferring regulated data and regulated financial instruments.

For instance, in March 2013 an accidental, unintended fork occurred on what many participants claimed as the Bitcoin mainnet.

To rectify this situation, over roughly four hours, operators of large mining pools, developers, and several exchanges met on IRC to coordinate and choose which chain they would support and which would be discarded.  This was effectively, at the time, the largest fork-by-social-consensus attempted (e.g., proof-of-nym-on-IRC).

There were winners and losers.  The losers included: OKPay, a payment processor, lost several thousand dollars and BTC Guild, a large mining pool who had expended real capital, mined some of the now discarded blocks.

In the Bitcoin world, this type of coordination event is slowly happening again with the never ending block size debate.

One team, Bitcoin Classic, is a small group of developers that supports a hardfork to relatively, quickly increase the block size from 1 MB to 2 MB and higher.  Another group, dubbed Bitcoin Core, prefers a slower role out of code over a period of years that includes changes that would eventually increase the block size (e.g., segwit). 6

Yet as it lacks a formal governance structure, neither side has de jure legitimacy but instead relies on the court of public opinion to make their case.  This is typically done by lobbying well-known figureheads on social media as well as mining pools directly.  Thus, it is a bit ironic that a system purposefully designed for pseudonymous interactions in which participants were assumed to be Byzantine and unknown, instead now relies on known, gated, and trusted individuals and companies to operate.

Note: if the developers and miners did have de jure legitimacy, it could open up a new can of worms around FinCEN administrative requirements. 7  Furthermore, the miners are always the most important stakeholders in a proof-of-work system, if they were not, no one would host events just for them.

arthur twitter pow

Source: Twitter

Ledgers

With this backstory it is increasingly clear that, in the legal sense, public blockchains are not actual distributed ledgers.  Distributed, yes; ledgers, no.

As Robert Sams articulates:8

I think the confusion comes from thinking of cryptocurrency chains as ledgers at all. A cryptocurrency blockchain is (an attempt at) a decentralised solution to the double spending problem for a digital, extra-legal bearer asset. That’s not a ledger, that’s a log.

That was the point I was trying to make all along when I introduced the permissioned/permissionless terminology!9 Notice, I never used the phrase “permissionless ledger” — Permissionless’ness is a property of the consensus mechanism.

With a bearer asset, possession of some instrument (a private key in the cryptocurrency world) means ownership of the asset. With a registered asset, ownership is determined by valid entry in a registry mapping an off-chain identity to the asset. The bitcoin blockchain is a public log of proofs of instrument possession by anonymous parties. Calling this a ledger is the same as calling it “bearer asset ledger”, which is an oxymoron, like calling someone a “married bachelor”, because bearer assets by definition do not record their owners in a registry!

This taxonomy that includes the cryptocurrency stuff in our space (“a public blockchain is a permissionless distributed ledger of cryptocurrency”) causes so much pointless discussion.

I should also mention that the DLT space should really should be using the phrase “registry” instead of “ledger”. The latter is about accounts, and it is one ambition too far at the moment to speak of unifying everyone’s accounts on a distributed ledger.

As I have discussed previously, public blockchains intentionally lack hooks into off-chain legal identification systems.

Why?  Because as Sams noted above: a KYC’ed public blockchain is effectively an oxymoron.  Arguably it is self-defeating to link and tie all of the participants of the validation (mining) process and asset transfer process (users) to legal identities and gate them from using (or not using) the network services.  All you have created is a massively expensive permissioned-on-permissionless platform.

But that irony probably won’t stop projects and organizations from creating a Kimberely Process for cryptocurrencies.

I cannot speak on behalf of the plethora of “private chain” or “private ledger” projects (most of which are just ill-conceived forks of cryptocurrencies), but we know from public comments that some regulators and market structures might only recognize blockchains and distributed ledgers that comply with laws (such as domestic KYC / AML regulations) by tying into the traditional legal infrastructure.10 This means tying together off-chain legal identities with on-chain addresses and activity.

Why?

There are multiple reasons, but partly due to the need to reduce settlement risks: to create definitive legal settlement finality and identifying the participants involved in that process.11

Finality

As illustrated with the purposeful Ethereum One hardfork and the accidental Bitcoin fork in 2013, public blockchains by design, can only provide probablistic settlement finality.

Sure, the data inside the blocks itself is immutable, but the ordering and who does the ordering of the blocks is not.

What does this mean?  Recall that for both Ethereum and Bitcoin, information (usually just private keys) are hashed multiple times by a SHA algorithm making the information effectively immutable.12 It is unlikely given the length of time our star is expected to live, that this hash function can be reversed by a non-quantum computer.

However, blocks can and will be reorganized, they are not immutable.  Public blockchains are secured by social and economic consensus, not by math.

As a consequence, there are some fundamental problems with any fork on public blockchains: they may actually increase risks to the traditional settlement process.  And coupled with the lack of hooks for off-chain identity means that public blockchains — anarchic blockchains — are not well-suited or fit-for-purpose for regulated financial institutions.

After all, who is financially, contractually, and legally responsible for the consequences of a softfork or hardfork on a public blockchain?

  • If it is no one, then it might not be used by regulated organizations because they need to work with participants who can be held legally accountable for actions (or inactions).
  • If it is someone specifically (e.g., a doxxed individual) then you have removed the means of pseudonymous consensus to create censorship resistance.

In other words, public blockchains, contrary to the claims of social media, are not “law” because they do not actually tie into the legal infrastructure which they were purposefully designed to skirt.  By attempting to integrate the two worlds — by creating a KYC’ed public blockchain — you end up creating a strange hydra that lacks the utility of pseudonymity (and censorship resistance) yet maintains the expensive and redundant proof-of-work process.

These types of forks also open up the door for future forks: what is the criteria for forking or not in the future?  Who is allowed and responsible to make those decisions?  If another instance like the successful attack and counter-attack on The DAO takes place, will the community decide to fork again?  If 2 MB blocks are seen as inadequate, who bears the legal and financial responsibility of a new fork that supports larger (or smaller) blocks?  If any regulated institution lose assets or funds in this forking process, who bears responsibility?  Members of IRC rooms?

If the answers are caveat emptor, then that level of risk may not be desirable to many market participants.

Conclusions

Who are you going to sue when something doesn’t go according to plan?  In the case of The DAO, the attacker allegedly threatened to sue participants acting against his interests because he claimed: code is law.  Does he have legal standing?  At this time it is unclear what court would have accepted his lawsuit.

But irrespective of courts, it is unclear how smart contract code, built and executed on an anarchic platform, can be considered “legal.”  It appears to be a self-contradiction.

As a consequence, the fundamental need to tie contract code with legal prose is one of the key motivations behind how Richard Brown’s team in London approached Corda’s design.  If you cannot tie your code, chain, or ledger into the legal system, then it might be an unauthoritative ledger from the perspective of courts.13

And regulated institutions can’t simply just ignore regulations as they face real quantifiable consequences for doing so.  To paraphrase George Fogg, that’s akin to putting your head in the sand.

We continue to learn from the public blockchain world, such as the consequences of forks, and the industry as a whole should try to incorporate these lessons into their systems — especially if they want anyone of weight to use them.  Anarchic blockchains will continue to co-exist with their distributed ledger cousins but this dovetails into a conversation about “regtech,” which is a topic of another post.

Endnotes

  1. Rejecting Today’s Hard Fork, the Ethereum Classic Project Continues on the Original Chain: Here’s Why from Bitcoin Magazine []
  2. This doesn’t mean that regulators and/or financial institutions won’t use public blockchains for various activities; perhaps some of them will be comfortable after quantifying the potential risks associated with them. []
  3. Ethereum developers plan to transition Ethereum from proof-of-work to proof-of-stake within the next year. []
  4. See Arthur Breitman’s interview on Epicenter Bitcoin and Mike Hearn’s interview on Money & Tech []
  5. Philosophically when Bob connects to “The Bitcoin Network” — how does Bob know he is actually connected to the “real” Bitcoin network?  One method is to look at the block header: it should take a specific amount of time to recreate the hash with that proof-of-work. This proves which network has the most work done.  However, in the meantime, Bob might connect to other ‘pretenders’ claiming to be “The Bitcoin Network.”  At this time, there does not appear to be any legal recognition of a specific anarchic chain. []
  6. The Bitcoin Core fork, which is euphemistically called a softfork, is basically a hardfork spread over a long period of time. []
  7. See Section 3.4 []
  8. Personal correspondence: March 9, 2016 []
  9. See Blockchain Finance by Robert Sams []
  10. This is not to say that regulators, governments, and various market participants will not use public blockchains for other activity. []
  11. See Section 3.1 []
  12. For proof-of-work mining, Ethereum uses ethash instead of SHA256.  For hashing itself, Ethereum uses SHA-3 which is part of the Keccak family (some people use the terms interchangeably but that isn’t technically correct). []
  13. See Section 9 []
Send to Kindle

Looking at public information for quarterly usage

[Note: the views expressed below are solely my own and do not necessarily represent the views of my employer or any organization I advise.]

It’s the beginning of a new quarter so that means its time to look at the last quarter and find out where public blockchain traction and usage is taking place, or not.  After all, we are continually bombarded by cryptocurrency enthusiasts each day telling us that exponential growth is occurring.  Or as GIF party posters like to say, “It’s Happening!” — so in theory it should be easy to find.

For more background, see previous posts from January and April.

Softballs

P2SH Q2

Source: P2SH.info

  • P2SH usage: above are two charts from P2SH.info which illustrates the movement of bitcoins into what most assume are multi-sig wallets of some kind.  There has been a visible increase over the past quarter, with about 200,000 or so more bitcoins moving into P2SH addresses.  Year-on-year, bitcoins held in P2SH addresses has increased from 8% to 13%.
total transactions over time blockstack

Source: Opreturn.org

  • OP_RETURN: above is a line chart from Opreturn.org which illustrates various 3rd party applications that typically use the OP_RETURN field in Bitcoin as a type of datastore (e.g., watermarked tokens).  It is hard to see it on this time scale but the average transactions during Q1 were roughly 1,500-2,500 per day whereas in Q2 it was a bit higher, between 2,500 to 3,500 per day.
percentage of transactions by each protocol opreturn

Source: Opreturn.org

  • Above is another chart looking at the percent of OP_RETURN transactions used by different watermarked token platforms.
  • Compared to Q1, the top 5 have shifted:
    • Blockstack 142,754 transactions (24.9%)
    • Colu 106,489 (18.6%)
    • Open Assets  82,696 (14.4%)
    • Monegraph 54,914 (9.6%)
    • Factom 47,328 (8.3%)
  • While Blockstack (Onename) still rules the roost, Colu has jumped ahead of the other users.  This is slightly interesting because the Colu team has publicly stated it will connect private chains that they are developing, with the Bitcoin network.  The term for this is “anchoring” and there are multiple companies that are doing it, including other Bitcoin/colored coin companies like Colu.  It is probably gimmicky but that’s a topic for a different post.
  • Incidentally the 5 largest OP_RETURN users account in Q2 for 75.8% of all OP_RETURN transactions which is roughly the same as Q1 (76%).
localbitcoins volume

Source: LocalBitcoins.com / Coin Dance

Above is a weekly volume chart denominated in USD beginning from March 2013 for LocalBitcoins.com.  As discussed in previous posts, LocalBitcoins is a site that facilitates the person-to-person transfer of bitcoins to cash and vice versa.

While there is a lot of boasting about how it may be potentially used in developing countries, most of the volume still takes place in developed countries and as shown in other posts, it is commonly used to gain access to illicit channels because there is no KYC, KYCC, or AML involved.  Basically Uber for cash, without any legal identification.

Over the past 6 months, volumes have increased from $10 million and now past $13 million per week. For comparison, most VC-backed exchanges do several multiples more in volume during the same time frame.1

Hardballs

bitcoin volatility 6 months

Source: Btcvol.info

In April, several Bitcoin promoters were crowing about how “stable” Bitcoin was.  Not mentioned: cryptocurrencies can’t simultaneously be stable and also go to the moon.  People that like volatility include: traders, speculators, GIF artisans, pump & dumpers. And people who don’t like volatility: consumers and everyday users.

What articles and reporters should do in the future is actually talk to consumers and everyday users to balance out the hype and euphoria of analysts who do not disclose their holdings (or their firms holdings) of cryptocurrencies.2

As we can see above, volatility measured relative to both USD and EUR hit a five month high this past quarter.  The average user probably would not be very happy about having to hedge that type of volatility, largely because there are few practical ways to do so.  Consumers want boring currencies, not something they have to pay attention to every 10 minutes.

And ether (ETH) was even more volatile during the same time frame: doubling relative to USD during the first half of the quarter then dropping more than 50% from its all-time high by mid-June.

Counterparty all time

Source: Blockscan

Counterparty is a watermarked token platform that, as shown in previous quarters, has hit a plateau and typically just sees a few hundred transactions a day.  Part of this is due to the fact that the core development team has been focused on other commercial opportunities (e.g., building commercial products instead of public goods).3

Another reason is that most of the public interest in “smart contract” prototyping and testing has moved over to Ethereum.

etherscan ethereum transactions

Source: Etherscan

As shown in the chart above, on any given day in Q2 the Ethereum blockchain processed roughly 40,000 transactions.  In Q1 that hovered between 15,000-30,000 transactions.  Note: the large fluctuations in network transactions during the spring may coincide with issues around The DAO (e.g., users were encouraged to actively ‘spam’ the network during one incident).

In addition, according to CoinGecko, Counterparty has lost some popularity — falling to 14th from 10th in its tables from last quarter.  Ethereum remained in 2nd overall.

Another trend observed in the last quarterly review remains constant: Ethereum has significantly more meetups than Counterparty and is 2nd only to Bitcoin in that measure as well.

long chain transactions q2

Source: Organ of Corti — Time period:  January 1, 2014 – June 27, 2016

We’ve discussed “long chain” transactions ad nausem at this point but I have noticed on social media people still talk about the nominal all-time high’s in daily transactions as if it is prima facie evidence that mega super traction is occurring, that everyday users are swarming the Bitcoin network with commercial activity.  Very few (anyone?) digs into what those transactions are.  Perhaps there is genuine growth, but what is the break down?

As we can see from the chart above, while non-long chain transactions have indeed grown over the past quarter, they are still far outpaced by long chain transactions which as discussed in multiple articles, can be comprised of unspendable faucet rewards (dust), gambling bets and a laundry list of other non-commercial activity.

Furthermore, and not to wade into the massive black hole that is the block size debate: even with segwit, there will be an upperbound limit on-chain transactions under the current Core implementation.  As a consequence some have asked if fee pressure would incentivize moving activity off-chain and onto other services and even onto other blockchains.

This may be worth looking into as the block size reaches its max limit in the future.  As far as we can tell right now, it doesn’t appear users are moving over to Litecoin, perhaps they are moving to Ethereum instead?  Or maybe they just pack up and leave the space entirely?

Wallets

We have looked at wallets here multiple times.  They’re a virtually meaningless metric because of how easy it is to inflate the number.  What researchers want to know is Monthly Active Users (MAU).  To my knowledge no one is willing to publicly discuss their monthly or daily user number.

For instance, two weeks ago Coinbase reached 4 million “users.”  But it is almost certain that they do not actually have 4 million daily or monthly active users.  This number is likely tied to the amount of email-based registrations they have had over the past four years (circa May 12, 2012).

Similarly, Blockchain.info has seen its “users” grow to just over 7.8 million at the time of this writing.  But this is a measure of wallets that have been created on the site, not actual users.

Any other way to gauge usage or traction?

Let’s look in the Google Play Store and Apple App Store.

abra downloads

Source: GoAbra / Google Play

Last October Abra launched its GoAbra app and initially rolled it out in The Philippines.  This past May, when CoinDesk ran a story about the company, I looked in the Google Play Store and it says the app had been downloaded 5,000 times.  Last week, Abra announced it was officially launching its app into the US.  As of this writing, it was still at 5,000 downloads.

“Wait,” you might be thinking to yourself, “Filipinos may prefer the iOS app instead.”

Perhaps that is the case, but according to data as of October 2015, Android has a ~81.4% market share in The Philippines.  Furthermore, the iOS version for some reason doesn’t appear on App Annie.  So it is unlikely that Abra has seen traction that isn’t reflected in these download numbers yet, perhaps it will in the future.

Anything else happening in the stores?

As of this writing, the top 5 Bitcoin wallets in the Google Play Store in order of appearance are:

  • Andreas Schildbach’s Bitcoin Wallet (1 million downloads)
  • Mycelium Bitcoin Wallet (100,000 downloads)
  • Coinbase (500,000 downloads)
  • Blockchain.info (100,000 downloads)
  • Airbitz (10,000 downloads)

The Apple App Store does not publicly state how many times an application has been downloaded.  It does rank apps based on a combination of user ratings and downloads. The top 6 on the iPhone in order of appearance:

  • Coinbase
  • Blockchain.info
  • Sollico (bitWallet)
  • breadwallet
  • Xapo
  • Airbitz

Interestingly however, the order is slightly different in the App Store on an iPad.  The top 6 are:

  • Coinbase
  • Blockchain.info
  • Sollico (bitWallet)
  • breadwallet
  • Airbitz
  • BitPay (Copay)

It may be worth revisiting these again next quarter.  If you want to burn some time, readers may be interested in looking at specific rank and activity via App Annie.

Incubators

Most new cohorts and batches at startup accelerators and incubators usually only stay 3-4 months.  A typical intake may see 10-15 companies each get a little bit of seed funding in exchange for a percentage of the equity.  During the incubation period the startup is usually provided mentorship, legal advice, office space, access to social networks and so forth.  It is common place to hear people of all stripes in Silicon Valley state that 9 out of 10 of these startups will burn out within a couple years — that the incubator relies on one of them having a big exit in order to fund the other duds.4

500 Startups, Boost.VC, Plug and Play, YCombinator and other incubators have added and removed startups from their websites and marketing material based on the traction startups have had.  And cryptocurrency startups are not too different from this circle of life. 5

For instance, at YCombinator, Bitcoin-specific mentions on applications has declined by 61% over the past year.

Based on pubic information, as of this writing, it appears that out of the roughly 100 Bitcoin-related startups that have collectively come and gone through the incubators listed above, just a handful have gone on to raise additional funding and/or purportedly have active users and customers.  Unfortunately, no one has consistently published user numbers, so it is unclear what the connection between funding and growth is as this time.

In fact, in an odd twist, instead of measuring success by monthly active users, customers, or revenue, many Silicon Valley-based companies are measuring success based on how much money they raised.  That’s probably only a good idea if the business model itself is to always be raising.

For example, 21inc regularly boasts at being the “best funded company in Bitcoin” — but has not stated what traction four separate rounds of funding have created.  How many bitcoins did it mine prior to its pivot into consumer hardware?  How many 21 computers were sold?  How many users have installed 21?  And what are its key differences relative to what Jeremy Rubin created in 2014 (Tidbit)?

Again, this is not to single out 21inc, but rather to point out if companies in the public blockchain space were seeing the traction that they generally claim to on social media and conferences — then as discussed in previous posts, they would probably advertise those wins and successes.

Hiring

With funding comes hiring.  Since it is very difficult to find public numbers, there is another way to gauge how fast companies are growing: who and how many people they are publicly hiring.

The last Bitcoin Job Fair was last held in April 2015.  Of its 20 sponsors, 6 are now dead and ~7 are either zombies and/or have have done major pivots.  It is unclear how many people that were hired during that event still work for the companies they worked for.

Where else can we look?

Launched in 2014, Coinality is a job matching website that connects employers with prospective employees with the idea that they’d be compensated in cryptocurrencies such as bitcoin and dogecoin.  Fun fact: Coinality is one of the few companies I interviewed for Great Chain of Numbers that is still alive today and hasn’t pivoted (not that pivoting in and of itself is a bad thing).

It currently lists 116 jobs, 105 of which were posted in the past 2 months.

A number of VC-backed companies and large enterprises (or head hunters recruiting on their behalf) have listed openings in the past month.  For example: WellsFargo, Blockchain.info, Circle, Fidelity, IBM, KeepKey, itBit, BNYMellon and SAP logos pop up on the first couple pages of listings.

Among the 67 job listed in June, twenty-six of the positions were freelance positions cross-listed on Upwork (formerly known as Elance / oDesk).

Notable startups that are missing altogether: many cryptocurrency-centered companies whose executives are very vocal and active on social media.  Perhaps they use LinkedIn instead?

Other stats

  • According to CoinATMRadar there are now 690 Bitcoin ATMs installed globally.  That is an increase of 78 ATMs since Q1.  That comes to around 0.86 ATM installations per day in Q2 which is a tick higher than Q1 (0.84).
  • Bitwage launched in July 2014 starting out with zero signups and zero payroll.
    • Fast-forward to January 2016: Bitwage had 3,389 cumulative user signups and cumulative payroll volumes of $2,456,916
    • Through June 2016 it has now reached 5,617 cumulative signups and cumulative payroll volumes of $5,130,971
    • While growing a little faster than ATM installations, this is linear not exponential growth.
  • Open Bazaar is a peer-to-peer marketplace that officially launched on April 4, 2016.  It had been in beta throughout the past year.  The VC-backed team operates a companion website called BazaarBay which has a stats page.
    • It may be worth looking at the “New Nodes” and “New Listings” sections over the coming quarters as they are both currently declining.6

Conclusion

It is unclear what the root cause(s) of the volatility were above.  According to social media it can be one of two dozen things ranging from Brexit to the upcoming “halvening.”  Because we have no optics into exchanges and their customer behavior, speculation surrounding the waxing and waning will remain for the foreseeable future.

Based on process of elimination and the stats in this post, the likely answer does not appear to be consumer usage (e.g., average Joe purchasing alpaca socks with bitcoins).  After all, both BitPay and Coinbase have stopped posting consumer-related stats and they are purportedly the largest merchant processors in the ecosystem.

Most importantly, just because market prices increase (or decreases), it cannot be inferred that “mass adoption” is happening or not.  Extraordinary claims requires extraordinary evidence: there should be ample evidence of mass adoption somewhere if it were genuinely happening.

For instance, the price of ether (ETH) has increased 10x over the past 6 months but there is virtually no economy surrounding its young ecosystem.  Mass consumer adoption is not happening as GIF artisans might says.  Rather it is likely all speculation based — which is probably the same for all other cryptocurrencies, including Bitcoin.

About a year ago we began seeing a big noticeable pivot away from cryptocurrencies to non-cryptocurrency-based distributed ledgers.  That was largely fueled by a lack of commercial traction in the space and it doesn’t appear as if any new incentive has arisen to coax those same businesses to come back.  After all, why continue building products that are not monetizable or profitable for a market that remains diminutive?

Let’s look again next quarter to see if that trend changes.

Endnotes

  1. For more granularity see also BNC’s Liquid index. []
  2. Speaking of interest and hype, CB Insights has some new charts based on keyword searches over time. []
  3. Several members of the development team also co-founded Symbiont. []
  4. Many of these incubators are too young to have a track record that proves or disproves this “conventional” wisdom.  See also Venture Capitalists Get Paid Well to Lose Money from HBR. []
  5. For instance, Mirror closed its Series A round 18 months ago, but was removed from Boost’s website because it no longer is involved in Bitcoin-related activities.  Boost currently lists the following companies out of the 50+ Bitcoin-companies it has previously incubated: BlockCypher, BitPagos, Abra, Stampery, Fluent, SnapCard, Verse.  500 Startups has removed a number of startups as well and currently lists the following on its website: HelloBit, Melotic, Coinalytics, BTCJam, Bonafide, CoinPip. []
  6. Since it has only been “launched” for a quarter, it is probably a little unfair to pass judgement at this time.  But that hasn’t stopped me before.  OpenBazaar has a lot of growing pains that its developers are well aware of including UX/UI issues.  But beyond that, it is unclear that the average consumer is actually interested in using peer-to-peer marketplaces + cryptocurrencies versus existing incumbents like Alibaba, Amazon and eBay — all of whom have customer service, EULAs, insurance policies and accept traditional currencies. I had a chance to speak with one of their investors at Consensus in May and do not think their assumptions about network operating costs were remotely accurate.  Furthermore, where is the market research to support their thesis that consumers will leave incumbents for a platform that lacks insurance policies and live customer service?  Note: OB1 developers and investors insist that their reputation management and arbitration system will increase consumer confidence and customer protection. []
Send to Kindle

A Kimberley Process for Cryptocurrencies

[Note: the views expressed below are solely my own and do not necessarily represent the views of my employer or any organization I advise.]

I have spent the past few weeks in East Asia, primarily in China visiting friends and relatives. Because the connection to the outside world was limited, the upside was that the cacophonous noise of perma cryptocurrency pumpers was relatively muted. I have had a chance to reflect on a number of ideas that are currently being discussed at conferences and on social media.

The first idea is not new or even unique to this blog as other companies, organizations and individuals have proposed a type of digital signature analytics + KYC tracking process for cryptocurrencies. A type of Kimberley Process but for cryptocurrencies.1

For instance, the short lived startup CoinValidation comes to mind as having the first-to-market product but was notably skewered in the media.  Yet its modus operandi continues on in about 10 other companies.2

A Formal Kimberley Process

For those unfamiliar with the actual Kimberley Process, it is a scheme enacted in 2003 to certify where diamonds originated from in order to help prevent conflict diamonds from entering into the broader mainstream diamond market.

The general idea behind proving the provenance of diamonds is that by removing “blood diamonds” from the market, it can cut off a source of funding of insurgencies and warlord activity.3

What does this have to do with cryptocurrencies? Isn’t their core competency allowing non-KYC’ed, pseudonymous participants to send bearer assets to one another without having to provide documentation or proof of where those assets came from? Why would anyone be interested in enabling this?

Some may not like it, but a de facto Kimberley Process is already in place.

For instance, in many countries, most of the on-ramps and off-ramps of venture-backed cryptocurrency exchanges are actively monitored by law enforcement, compliance teams and data analytic providers who in turn look at the provenance of these assets as they move across the globe.4

On the fiat side, while many jurisdictions in North America and Western Europe currently require domiciled cryptocurrency exchanges and wallets to enforce KYC and AML compliance requirements, several areas of Asia are less strict because the local governments have not defined or decided what buckets cryptocurrencies fall into.5

There are some other noticeable gaps in this system involving crypto-to-crypto exchanges.  Irrespective of regions: implementing harmonized KYC/AML standards on the non-fiat side of exchanges appears to be missing altogether.  That is to say that very few, if any, exchange does any kind of KYC/AML on crypto-to-crypto.6

What are some examples of why a Kimberley Process would be helpful to both consumers and compliance teams?

Below are three examples:

(1) During my multi-country travel I learned that there are several regional companies that sell debit cards with pre-loaded amounts of cryptocurrency on them. Allegedly two of of the popular use-cases for these cards is: bribery and money laundering. The example I was provided was that it is logistically easier to move $1 million via a thin stack of debit cards than it is to carry and disperse bags of cash with.7

Attaching uniform KYC and legal identities to each asset would aid compliance teams in monitoring where the flow of funds originated and terminated with cryptocurrencies.  And it would help consumers shy away from assets that could be encumbered or were proceeds of crime.

(2) Affinity fraud, specifically housewives (家庭主妇), are common targets of predators. This has been the case for long before the existence of computers let alone cryptocurrencies, but it came up several times in conversations with friends. According to my sources, their acquaintances are repeatedly approached and some actually took part in Ponzi schemes that were presented as wealth management products.

The new twist and fuel to these schemes was that there is some kind of altcoin or even Bitcoin itself were used as payout and/or as rails between parties. We have already seen this with MMM Global — which is still an active user of East Asia’s virtual currency exchanges — but two questionable projects that I was specifically shown were OctaCoin and ShellCoin.8

Note: in January 2016 multiple Chinese governmental bodies issued warnings about MMM Global and other Ponzi schemes.

[Video of MMM Global operations in The Philippines. Is that really Manny Pacqiauo?]

Victims who were not tech savvy and lied to, have no recourse because there is no universal KYC / KYCC / AML process to identify the culprits in these regions.  Similarly, when these illicit virtual assets are re-sold to exchanges, customers of those exchanges such as Alice and Bob, may receive potentially encumbered assets that are then resold to others who are unaware of the assets lineage (much like a stolen motorcycle being resold multiple times).  This creates a massive lien problem.

But property theft is not a new or unknown problem, why is it worth highlighting for cryptocurrencies?

Many of the original victims in East Asia are not affluent, so these scams have a material impact on their well being. The average working adult in many provinces is still less than $500 per month. Thus not only do they lack a cushion from scams but any price volatility — such as the kind we continue to see in cryptocurrencies as a whole, can wipe out their savings.

(3) Due to continual usage of botnets and stolen electricity — which is still a problem in places like China — the lack of identification from coin generation onward results in a environment in which ‘virgin coins’ sell at a premium because many exchanges don’t investigate where machines are located, who owns them, who paid for the opex and capex of those operations (e.g., documentation of electric bills).9

Unfortunately, the solutions proposed by many cryptocurrency enthusiasts isn’t to create more transparency and identification standards enabling better optics on coin provenance but rather to make it even harder to track assets via proposals like Confidential Transactions.10

Heists, thefts and encumbered coins

I am frequently asked how is it possible to know who received potentially encumbered cryptocurrencies?  For amateur sleuths, there is a long forum thread which lists out some of the major heists and thefts that occurred early on in Bitcoinland.

Above is a video recording of a specific coin lineage: transactions that came from the Bitcoinica Theft that ended up in the hands of Michael Marquardt (“theymos”) who is a moderator of /r/bitcoin and owner of Bitcoin Talk.11

Recall that in July 2012, approximately 40,000 bitcoins were stolen from the Bitcoinica exchange.12 Where did those end up?  Perhaps we will never know, but several users sued Bitcoinica in August 2012 for compensation from the thefts and hacks.

How are consumer protections handled on public blockchains?

In short, they do not exist by design. Public blockchains intentionally lack any kind of native consumer protections because an overarching goal was to delink off-chain legal identities from the pseudonymous interactions taking place on the network.

Thus, stolen cryptocurrencies often recirculate, even without being mixed and laundered.13

Consequently a fundamental problem for all current cryptocurrencies is that they aren’t exempt from nemo dat and have no real fungibility because they purposefully were not designed to integrate with the legal system (such as UCC 8 and 9).14 Using mixers like SharedCoin and features like Confidential Transactions does not fundamentally solve that legal problem of who actually has legal title to those assets.1516

Why should this matter to the average cryptocurrency enthusiast?

If market prices are being partially driven by predators and Ponzi schemes, wouldn’t it be in the best interest of the community to identity and remove those?17

Perversely the short answer to that is no. If Bob owns a bunch of the a cryptocurrency that is benefiting from this price appreciation, then he may be less than willing to remove the culprits involved of driving the prices upward.

For example, one purported reason Trendon Shavers (“pirateat40”) was not immediately rooted out and was able to last as long as he did — over a year — is that his Ponzi activity (“Bitcoin Savings & Trust”) coincided with an upswing in market prices of bitcoin.18  Recall over time, BS&T raised more than 700,000 bitcoins.  Why remove someone whose activity created new demand for bitcoins? 19

But this incentive is short-sighted.

If the end goal of market participants and enthusiasts is to enable a market where the average, non-savvy user can use and trust, then giving them tools for provenance could be empowering.  Ironically however, by integrating KYC and provenance into a public blockchain, it removes the core — and very costly — characteristic of pseudonymous, censorship-resistant interaction.

Thus there will likely be push back for implementing a Kimberley Process: doxxing every step of provenance back to genesis (coin generation) with real world identities removes pseudonmity and consequently public blockchains would no longer be censorship-resistant.  And if you end up gating all of the on-ramps and off-ramps to a public chain, you end up just creating an overpriced permissioned-on-permissionless platform.

Despite this, Michael Gronager, CEO of Chainalysis, notes that:

Public ledgers are probably here to stay – difficult KYC/AML processes or not.  I probably see this as a Nash equilibrium – like in the ideal world all trees would be low and of equal height but there is no path to that otherwise optimal equilibrium.   We believe that fighting crime on Blockchains will both build trust and increase their use and value.

One way some market participants are trying to help law enforcement fight crime is through self-regulating organizations (SRO).

For instance, because we have seen time and time again that the market is not removing these bad actors from the market, several companies have created SROs to help stem the tide.  However, as of right now, efforts like the US-based “Blockchain Alliance” — a gimmicky name for a group of venture-backed Bitcoin companies — has limited capabilities.20 They have monthly calls to discuss education with one another in the West (e.g., what is coin mixing and how does it work?) but currently lack the teeth to plug the KYC/AML gaps in Asia.  Perhaps that will change over time.

And as one source explained: consider this, has any Bitcoin thief been caught?  Even when there is decent evidence, we are not aware of a Bitcoin thief that was actually found guilt of stealing bitcoin, yet.21  Thus an open to question to people who argue that cryptocurrencies are great because of transparency: a lot of bitcoin has been stolen, and no one has been found guilty for that crime.  Why not?

Process of elimination

Over the past six weeks, there has been very little deep research on why market prices have risen and fallen. Usually it is the same unfounded narratives: emerging market adoption; hedge against inflation; hedge against collapse of country X, Y or Z; hedge against Brexit; etc.  But no one provides any actual data, least of all the investors financing the startups that make the claims.

Perhaps the research that has been done on the matter was from Fran Strajnar’s team at BNC.  For instance, on June 1st they noted that:

brave new coinI reached out to Fran and according to him, in early June, “Somebody dropped many many millions ($) across 4 different Chinese Exchanges in a 2 hour period, without moving price – 4 days before the price rise started last week. Because it was over multiple exchanges and these trades were filled, we are digging into it further.”

If there was a standardized Kimberley Process used by all of these exchanges, it would be much easier to tell who is involved in this process and if those funds were based on proceeds of illicit activity.

Furthermore, barring such a Process, we can only speculate why journalists haven’t looked into this story:

(1) many of them do not have reliable contacts in East Asia
(2) those that do have contacts with exchange operators may not be getting the full story due to exchanges lacking KYC / KYCC / AML standards themselves
(3) some reporters and exchange operators own a bunch of cryptocurrencies and thus do not want to draw any negative attention that could diminish their net worth

Third parties such as Wedbush Securities and Needham have also published reports on price action, but these are relatively superficial in their analysis as they lack robust stats needed to fully quantify and explain the behavior we have seen.

Strangely enough, for all the pronouncements at conferences about how public blockchains can be useful for data analysis, very few organizations, trade media or analysts are publishing bonafide stats.

After all, who are the customers of these virtual currency exchanges?  Because of reporting requirement we know who uses Nasdaq and ICE, why don’t we know who uses virtual currency exchanges still?

Stopping predators

Two months ago I had a chance to speak with Marcus Swanepoel, CEO of BitX, about his experiences in Africa.  BitX coordinates with a variety of compliance teams to help block transactions tied to scams and Ponzi schemes. In the past, BitX has managed to help kill off two ponzi schemes and has tried to block MMM Global which has spread to Africa.

Earlier this spring, some MMM users that were blocked by BitX just moved to another competing local exchange that didn’t block such transactions. As a result, over the course of 8 weeks this exchange did more than 3x volume than BitX during same time frame.22 BitX has subsequently regained part of this market share partly due to MMM fading in popularity.

Why is MMM so successful?  Users are asked to upload videos onto Youtube of why MMM Global is great and why you should join and are then paid by MMM as a reward.  This becomes self-reinforcing in large part because of the unsavvy victims who are targeted.

But MMM isn’t to blame for everything.

For instance, in China there have been a variety of get-rich-quick Ponzi schemes that rose and blew up, such as an ant farm scheme in 2007.  And earlier this year, Ezubao, the largest P2P lending platform in China fell apart as a $7.6 billion Ponzi scam.23 No cryptocurrency was involved in either case.

Yet as Emin Gün Sirer pointed out, some of the activities such as The DAO, basically act as a naturally arising Ponzi.

In fact, one allegation over the past couple weeks is that The DAO attacker placed a short of 3,000 bitcoin on Bitfinex prior to attacking The DAO (which was denominated in ether).24  If there was a Kimberley Process in which all traders on all exchanges had to comply with a universal KYC / KYCC / AML standard, it would be much easier to identify the attackers as well as compensate the victims.

Similarly, because ransomware remains a “killer app” of cryptocurrencies such that companies, police stations, hospitals, elementary schools and even universities are now setting up Coinbase accounts and stockpiling cryptocurrencies to pay off hackers.  What is the aggregate demand of all of this activity?  If it is large, does it impact the market price?  And how would a Kimberley Process help provide restitution to the victims of this ransom activity?

A strawman Kimberley Process

How can you or your organization get involved in creating a Kimberley Process for cryptocurrencies?

Right now there is no global, industry standard for “best practices” in mutualizing, implementing, or carrying out KYC / AML provisions for cryptocurrencies.25

In writing this post, several sources suggested the following process to kick-start an effort:

(1) organize an industry-level event(s) which brings together:

(a) AML analytics companies
(b) representatives from regulatory bodies and law enforcement (e.g., FATF, FinCEN)
(c) KYC/AML practitioners
(d) existing market structures and utilities such as SIFMA, ROC, Swift (e.g., KYC registry, LEI)
(e) compliance teams from cryptocurrency exchanges and wallets

(2) at the event(s) propose a list of baseline standards that exchanges and wallets can try to implement and harmonize:

(a) what documentation is required for KYC / KYCC / AML
(b) other financial controls and accountability standards that can assist exchange operators (e.g., remove the ability for an operator to naked short against its own customer base)

(3) tying these standards together with a uniform digital identity management system could be the next step in this process.

On that last point, Fabio Federici, CEO of Skry (formerly Coinalytics), explained:

In general I believe the biggest unsolved problem is still identity and information sharing. Obviously you don’t want all your PII and transaction meta data on a public blockchain, as this information could not only be leveraged by profit seeking organizations, but also malicious actors. So the question becomes what’s the right framework for sharing the right amount of information with only the people that need access to it (maybe even only temporarily).

PII stands for personal identifying information.  In theory, Zcash (or something like it) has the potential to solve some of Fabio’s concerns: relevant info can be encoded in the transaction, and only the relevant parties can read it.  But this delves into “regulated data” which is a topic for another post.26

Similarly, Ryan Straus, an attorney at Riddell Williams and adjunct professor at Seattle University School of Law explained that:

Identity is central to the legal concept of property. Property systems are information systems: they associate identified entities with identified rights.  With the sole exception of real currency, possession or control is not conclusive indicia of ownership.

Factual fungibility simply makes it harder to prove that you have a better claim to a specific thing than the person who now possesses or controls it.  The hard part about what you have written about is that it is difficult to avoid conflating KYC (which involves identity of people) and the Kimberley Process (which involves identifying things).

In order to enable participants to share information without being unduly hounded by social media, it was also suggested that the presence of: investors, cryptocurrency press and cryptocurrency lobbying groups should kept to a minimum for the initial phase.

Conclusions

In addition to implementing additional financial controls and external audits, cryptocurrency exchanges and wallets adopting a Kimberley Process would help provide transparency for all market participants.

While it is probably impossible to remove all the bad actors from any system, reducing the amount of shadows they have to hide could provide assurances and reduce risks to market participants of all shapes and sizes.

However, the trade-off of implementing such a Process is that it negates the core utility that public blockchains provide, turning them into expensive permissioned gateways.  And if you are permissioning activity from the get-go, you might as well use a permissioned blockchain which are cheaper to manage and operate and also natively bake-in the KYC, KYCC and AML requirements.  But that is a topic for another post as well.

End notes

  1. One reviewer argued that analytics may be superior to KYC.  In the event of a compromised account — so goes the argument — analytics can help provide linkage between the flow of funds whereas KYC of compromised accounts would be “illusory.” []
  2. This includes but is not limited to: Chainalysis, Blockseer, Skry, Elliptic, Netki and ScoreChain. []
  3. Incidentally there is a UK-based startup called Everledger which works with insurance companies and tracks a catalogue of diamonds vis-à-vis a blockchain. []
  4. See: Flow of Funds; KYSF; KYSF part 2; and bitcoin movements. To actively monitoring transactions at these entry and exit points, based on anecdotes, up to 20% of all nodes on the Bitcoin network may be managed and operated by these same set of participants as well. []
  5. Note: it bears mentioning that as of this writing, no country has recognized cryptocurrencies as actual legal tender and consequently cryptocurrencies are not exempt from nemo dat. This is important as it means the provenance of the cryptocurrencies actually does matter because those assets could be encumbered. []
  6. I asked around and my sources do not know of a single exchange that does KYC/AML on cryptocurrencies that are directly exchanged for other cryptocurrencies (e.g., Shapeshift).  Furthermore, as highlighted in the past, there are gaps in compliance when it comes to certain fiat-to-cryptocurrency exchanges such as BTC-e and LocalBitcoins. []
  7. This is in USD equivalence, usually not in USD itself. []
  8. OctaCoin is interesting in that the operators behind it claim that it is financed from revenue streams of 3 online casinos who purportedly payout users on a regular basis. Note: gambling in China is a bit like golf in China: it’s illegal but everywhere. It is only legal in a few internal jurisdictions such as Hainan and Macau and elsewhere on the mainland only a couple of state-run lotteries are given legal status. []
  9. Note: stealing electricity to mine bitcoins has occurred in other areas of the world too, including in The Netherlands. []
  10. The official motivation for developing Confidential Transactions is to enable more user privacy which then leads to more fungibility. As one source pointed out: “At the end of the day it’s a balance between privacy and security. Basically the story goes ‘just because I don’t what anyone to know what I’m buying, doesn’t mean I’m a drug dealer.'” []
  11. Marquardt also allegedly co-owns both Bitcoin.org and Blockexplorer.com, and co-manages the Bitcoin Wiki. []
  12. Here’s another video showing some of those transactions. []
  13. The Craig Wright / Satoshi saga is interesting because in a recent interview Craig admittedly used Liberty Reserve which was an illicit exchange based in Costa Rica shut down by the US government.  According to the interview he also had ties to Ross Ulbricht, the convicted operator of Silk Road. []
  14. See The Law of Bitcoin, Section 1.5 in the United States chapter from Ryan Straus.  There are exceptions, see UCC Article 2 – sale of goods. []
  15. See also: Learning from the past to build an improved future of fintech []
  16. Interestingly, SharedCoin.com (sometimes referred to as Shared Send) used to be a mixer run by Blockchain.info, a venture-backed startup.  It was recently shutdown without any notice and the domain now redirects to the CoinJoin wiki entry.  They also pulled the SharedCoin github repo and any material that links it back to Blockchain.info. []
  17. One reviewer mentioned that: “Ponzi schemes will always exist and should probably be fought not just in the crypto space but where in other industries too; requiring continuous education.  It would be way simpler and more effective to shut down domains owned by MMM than it would to be to do anything else, but here you actually meet the pseudonymity feature of the Internet.  Try to do that internationally – it is not easy!” []
  18. From between September 2011 to September 2012 market prices more than doubled.  See SEC vs. Trendon Shavers []
  19. Note: this is a similar argument that Rick Falkvinge made three years ago. []
  20. There are probably several dozen advocacy groups and non-profit working groups scattered across the world.  Each has different goals.  For instance, ACCESS in Singapore works with some regulators in SEA.  While others are merely trying to create technical standards. []
  21. Most of the criminals that are convicted are found guilty of money laundering and interaction with illicit trade, not theft of bitcoins themselves. []
  22. Two months ago, the Financial Times briefly covered this story and Marcus wrote about some of it in March as well. []
  23. There were some early warning signs for that industry.  For instance, according to a Bloomberg story in February 2015: “The value of China’s peer-to-peer lending transactions surged almost 13-fold since 2012 to $41 billion last year, according to Yingcan Group, which tracks the data,” notes Bloomberg. However, 275 of the more than 1,500 lending went bankrupt or had trouble repaying money in 2014, an increase from 76 just a year earlier, according to Yingcan. []
  24. No one has proven this allegation.  Furthermore, there are multiple exchanges to short cryptocurrencies. []
  25. Much of the technology needed to implement these type of processes, such as PKI anchored by certificate authorities. []
  26. For example, see HIPAA and EU-US Privacy Shield []
Send to Kindle

Missing out on the tech-market fit

[Note: the views expressed below are solely my own and do not necessarily represent the views of my employer or any organization I advise.]

One oft-repeated claims from venture capitalists, such as Fred Wilson at Union Square Ventures who have gone “all in” with cryptocurrency-specific investments, is that “banks need to give bitcoin a chance.”

The problem with this claim is that it shows a lack of market intelligence.  Over the past 24 months, banks and many other types of financial institutions have worked on more than 200 proof-of-concepts (PoCs) and pilots with dozens of companies big and small.  Most of these experiments were conducted using a fork or clone of a public blockchain or even a cryptocurrency such as bitcoin or ether itself.

In other words banks and other financial institutions have given Bitcoin many chances and probably many more in the future.

But nearly all of the PoCs have been rejected and will continue to be rejected not because banks have a reflexive knee-jerk reaction due to Bitcoin’s perceived stigmas, but because Bitcoin was intentionally not designed to solve problems that banks have.

Typewriters and airplanes

Consider the typewriter analogy.  At one point in the mid-20th century, there were dozens of typewriter manufacturers shipping millions of kit each year.  Yet irrespective of the anachronistic enthusiasm that VCs who like typewriters may have, it is unlikely that banks will acquire large quantities of typewriters in 2016.  Not because banks don’t like typewriters or haven’t given typewriters a chance, but rather, typewriters as they currently exist, do not solve many problems that banks actually have.

As a consequence, there is a visible misalignment between the supply of startups funded by many of the VC firms that advocate cryptocurrency-specific solutions, with the services and solutions actually needed by regulated financial institutions.  For instance, Wilson’s current USV current portfolio consists of several Bitcoin companies whose business models largely depend on:

(1) continued price appreciation of bitcoin; and/or

(2) massive adoption of bitcoin demand itself.

While I certainly do not speak for the financial service industry, over the past year I have spoken to hundreds of directors and managing directors at highly regulated financial institutions.  And by and large, their pain points and problems are not solved by a cryptocurrency.  After all, they already have access to dozens and in many cases, hundreds of different financial instruments and assets.  As a consequence, cryptocurrencies alone do not provide the utility that certain VCs think it does for the financial industry.

For instance, at R3, we have spent over a year sitting down with many disparate financial institutions to find out what their internal problems are, gathering copious amounts of functional and non-functional requirements along the way.   We have done our homework on what various platforms can and cannot do, publishing many of the findings to our members and to the public as well.

In contrast, Satoshi probably did not conduct that type of sector specific due diligence in 2007-2008, the time frame he purportedly worked on Bitcoin.  Or if he did, he didn’t publish it; nor have VCs since.  In point in fact, the original white paper was not an architectural design document to rework back office, post-trade systems for banks.  Rather, it was a design document explaining how pseudonymous participants could try to become their own sovereign banks without the need for using existing institutional or legal infrastructure.

Another salient analogy are heavier-than-air aircraft.  Neither Airbus nor Boeing reuse the same design or materials that the Wright Brothers did in 1903 in order to build planes in 2016.

Instead, these modern aerospace companies build customized, fit-for-purpose vehicles that specialize in certain tasks, conditions and environments — and are often made of materials that didn’t exist 100 years ago.  Consequently, enthusiastic VCs that fund startups which build copies of the Wright Flyer are probably not going to find much market demand outside of museums.

What does this have to do with the world of blockchains?

Public blockchains, such as Bitcoin, were designed for an environment in which unknown and untrusted parties could attempt to interact in an anarchic system.  Bitcoin, through its intentionally expensive mining process, allows it to route around regulated gateways and purposefully eschewed any native method for complying with KYC, AML and other government mandated provenance requirements.

In contrast, banks and other financial institutions must, by law, know who all parties of a transaction are as all interactions are tied back into the traditional legal environment. And if you know who the participants to a transaction are — by connecting legal identities to them — then the tools and processes needed for this compliant environment are completely opposite to the design constraints and threats that cryptocurrencies are built around.

Training wheels and open fields

While a recent Bloomberg op-ed used a false equivalence – equating public and private blockchains as being able to provide the same utility – the bigger flaw with the op-ed was that it described private blockchains as “training wheels” for banks.

Public and private blockchains, as described above, were designed for different discrete purposes.

To use another aerospace example: calling private blockchains as a type of “training wheel” would be like saying that an A380 is a “training wheel” for commercial cargo air fleets that should instead, for some reason, be solely comprised of F-18s.  Both types of planes were built for different purposes, for different environments and with different operational constraints.  Because of tradeoffs, neither plane can do it all and there is no shame in that.

Similarly, the usage of the word “open” is being misused by Mr. Wilson and others.  Public blockchains are not “open” like the internet.  In fact, the internet is an amalgamation of intranets (ISPs) with peering agreements and a patchwork set of governance mandates which typically includes fulfilling some kind of gating and KYC mandate.  Yet despite the fact that the on-ramps and off-ramps of the internet are permission-based, creative inclusion continues to flourish because all participants leverage the utility of an open, shared standard: TCP/IP.  Bitcoin is not TCP/IP, rather, it is one instantiation, one application of what a blockchain can be look like.

Similarly, once a common shared ledger standard and fit-for-purpose platform is created for financial institutions, after the permissioning of users and most importantly — validators — is done, the ecosystem that plugs into it could see the flourishing of innovation including increased financial inclusion due to harmonized and mutualized utilities.  In other words, rather than having to spend $450 million a year to operate a network of miners to create unneeded pseudonymous consensus, financial institutions can and will participate in robust platforms that solve their business cases and simultaneously align with traditional legal requirements.

Conclusion

Cryptocurrencies such as Bitcoin do not and cannot do many of the things that many VCs and vocal enthusiasts claim it can.  For instance, public blockchains weren’t designed to provide definitive legal settlement finality anymore than F-18s were designed for crop dusting.  Bitcoin wasn’t designed to provide the types of utility regulated financial institutions require and changing Bitcoin to be customized for this relatively alien environment, not only breaks its pseudonymous utility but also its anarchic security assumptions.

Instead of haranguing prospective customers for not buying a product they don’t want or need – or attempting to shoehorn everything onto one niche blockchain – why not cultivate and partner with those who build solutions that solve business cases for a known customer base?  Other VC and strategic investment firms familiar with the pain points of financial institutions are now cultivating startups based on market demand, the fruits of their labor will begin to blossom in the coming years.

Send to Kindle

Book Review: The Business Blockchain

[Disclaimer: The views expressed below are solely my own and do not necessarily represent the views of my employer or any organization I advise.]

William Mougayar is an angel investor who has been investigating the cryptocurrency and broader distributed ledger ecosystem over the past several years.

He recently published a book entitled The Business Blockchain that attempts to look at how enterprises and organizations should view distributed ledgers and specifically, blockchains.

While it is slightly better than “Blockchain Revolution” from the Tapscott’s, it still has multiple errors and unproven conjectures that prevent me from recommending it.  For instance, it does not really distinguish one blockchain from another, or the key differences between a distributed ledger and a blockchain.

Note: all transcription errors below are my own.  See my other book reviews.

Introduction

On p. xxii he writes:

“These are necessary but not sufficient conditions or properties; blockchains are also greater than the sum of their parts.”

I agree with this and wrote something very similar two years ago in Chapter 2:

While the underlying mathematics and cryptographic concepts took decades to develop and mature, the technical parts and mechanisms of the ledger (or blockchain) are greater than the sum of the ledger’s parts.

On p. xxiv he writes:

“Just like we cannot double spend digital money anymore (thanks to Satoshi Nakamoto’s invention), we will not be able to double copy or forge official certificates once they are certified on a blockchain.”

There are two problems with this:

  1. Double-spending can and does still occur, each month someone posts on social media how they managed to beat a retailer/merchant that accepted zero-confirmation transactions
  2. Double-spending can and is prevented in centralized architectures today, you don’t need a blockchain to prevent double-spending if you are willing to trust a party

Chapter 1

[Note: recommend that future editions should include labeled diagrams/tables/figures]

On p. 11 he writes:

“Solving that problem consists in mitigating any attempts by a small number of unethical Generals who would otherwise become traitors, and lie about coordinating their attack to guarantee victory.”

It could probably be written slightly different: how do you coordinate geographically dispersed actors to solve a problem in which one or more actor could be malicious and attempt to change the plan?  See also Lamport et al. explanation.

On p.13 he writes compares a database with a blockchain which he calls a “ledger.”

I don’t think this is an accurate comparison.

For instance, a ledger, as Robert Sams has noted, assumes ties to legal infrastructure.  Some blockchains, such as Bitcoin, were intentionally designed not to interface with legal infrastructure, thus they may not necessarily be an actual ledger.

To quote Sams:

I think the confusion comes from thinking of cryptocurrency chains as ledgers at all. A cryptocurrency blockchain is (an attempt at) a decentralised solution to the double spending problem for a digital, extra-legal bearer asset. That’s not a ledger, that’s a log.

That was the point I was trying to make all along when I introduced the permissioned/permissionless terminology!  Notice, I never used the phrase “permissionless ledger” — Permissionless’ness is a property of the consensus mechanism.

With a bearer asset, possession of some instrument (a private key in the cryptocurrency world) means ownership of the asset. With a registered asset, ownership is determined by valid entry in a registry mapping an off-chain identity to the asset. The bitcoin blockchain is a public log of proofs of instrument possession by anonymous parties. Calling this a ledger is the same as calling it “bearer asset ledger”, which is an oxymoron, like calling someone a “married bachelor”, because bearer assets by definition do not record their owners in a registry!

This taxonomy that includes the cryptocurrency stuff in our space (“a public blockchain is a permissionless distributed ledger of cryptocurrency”) causes so much pointless discussion.

I should also mention that the DLT space should really should be using the phrase “registry” instead of “ledger”. The latter is about accounts, and it is one ambition too far at the moment to speak of unifying everyone’s accounts on a distributed ledger.

Is this pedantic?  Maybe not, as the authors of The Law of Bitcoin also wrestle with the buckets an anarchic cryptocurrency fall under.

On p. 14 he writes about bank accounts:

“In reality, they provided you the illusion of access and activity visibility on it.  Every time you want to move money, pay someone or deposit money, the bank is giving you explicit access because you gave them implicit trust over your affairs.  But that “access” is also another illusion.  It is really an access to a database record that says you have such amount of money.  Again, they fooled you by giving you the illusion that you “own” that money.”

This is needless inflammatory.  Commercial law and bankruptcy proceedings will determine who owns what and what tranche/seniority your claims fall under.  It is unclear what the illusion is.

On p. 14 he writes:

“A user can send money to another, via a special wallet, and the blockchain network does the authentication, validation and transfer, typically within 10 minutes, with or without a cryptocurrency exchange in the middle.”

Which blockchain is he talking about?  If it is not digital fiat, how does the cash-in/cash-out work?  To my knowledge, no bank has implemented an end-to-end production system with other banks as described above.  Perhaps that will change in the future.

On p. 18 he writes:

“Sometimes it is represented by a token, which is another form of related representation of an underlying cryptocurrency.”

This isn’t very well-defined.  The reason I went to great lengths in November to explain what a “token” is and isn’t is because of the confusion caused by the initial usage of a cryptographic token, a hardware device from companies like RSA.  This is not what a “token” in cryptocurrency usage means. (Note: later on p. 91 he adds a very brief explanation)

On p. 18 he cites Robert Sams who is quoting Nick Szabo, but didn’t provide a source.  It is found in Seigniorage Shares.

On p. 18 he also writes:

“As cryptocurrency gains more acceptance and understanding, its future will be less uncertain, resulting in a more stable and gradual adoption curve.”

This is empirically not true and actually misses the crux of Sams’ argument related to expectations.

On p. 20 he writes:

“As of 2016, the Bitcoin blockchain was far from these numbers, hovering at 5-7 TPS, but with prospects of largely exceeding it due to advances in sidechain technology and expected increases in the Bitcoin block size.”

This isn’t quite correct.  On a given day over the past year, the average TPS is around 2 TPS and Tradeblock estimates by the end of 2016 that with the current block size it will hover around just over 3 TPS.

What is a sidechain?  It is left undefined in that immediate section.  One potential definition is that it is a sofa.

On p. 20 he writes:

“Private blockchains are even faster because they have less security requirements, and we are seeing 1,000-10,000 TPS in 2016, going up to 2,000-15,000 TPS in 2017, and potentially an unlimited ceiling beyond 2019.”

This is untrue.  “Private blockchains” do not have “less” security requirements, they have different security requirements since they involve known, trusted participants.  I am also unaware of any production distributed ledger system that hits 10,000 TPS.  Lastly, it is unclear where the “unlimited ceiling” prediction comes from.

On p. 20 he writes:

“In 2014, I made the strong assertion that the blockchain is the new database, and warned developers to get ready to rewrite everything.”

Where did you warn people?  Link?

On p. 21 he writes:

“For developers, a blockchain is first and foremost a set of software technologies.”

I would argue that it is first and foremost a network.

On p. 22 he writes:

“The fact that blockchain software is open source is a powerful feature. The more open the core of a blockchain is, the stronger the ecosystem around it will become.”

Some, but not all companies building blockchain-related technology, open source the libraries and tools.  Also, this conflates the difference between code and who can validate transactions on the network.  A “private blockchain” can be open sourced and secure, but only permit certain entities to validate transactions.

On p. 24 he writes:

“State machines are a good fit for implementing distributed systems that have to be fault-tolerant.”

Why?

On p. 25 he writes:

“Bitcoin initiated the Proof-of-Work (POW) consensus method, and it can be regarded as the granddaddy of these algorithms. POW rests on the popular Practical Byzantine Fault Tolerant algorithm that allows transactions to be safely committed according to a given state.”

There are at least two problems with this statement:

  • The proof-of-work mechanism used in Bitcoin is apocryphally linked to Hashcash from Adam Back; however this does not quite jive with Mougayar’s statement above. Historically, this type of proof-of-work predates Back’s contribution, all the way to 1992.  See Pricing via Processing or Combatting Junk Mail by Dwork and Naor
  • Practical Byzantine Fault Tolerance is the name of a specific algorithm published in 1999 by Castro and Liskov; it is unrelated to Bitcoin.

On p. 26 he writes:

“One of the drawbacks of the Proof-of-Work algorithm is that it is not environmentally friendly, because it requires large amounts of processing power from specialized machines that generate excessive energy.”

This is a design feature: to make it economically costly to change history.  It wasn’t that Satoshi conjured up a consensus method to be environmentally friendly, rather it is the hashrate war and attempt to seek rents on seigniorage that incentivizes the expenditure of capital, in this case energy.  If the market price of a cryptocurrency such as bitcoin declined, so too would the amount of energy used to secure it.

Chapter 2

On p. 29 he writes:

“Reaching consensus is at the heart of a blockchain’s operations.  But the blockchain does it in a decentralized way that breaks the old paradigm of centralized consensus, when one central database used to rule transaction validity.”

Which blockchain is he talking about?  They are not a commodity, there are several different unique types.  Furthermore, distributed consensus is an academic research field that has existed for more than two decades.

On p. 29 he writes:

“A decentralized scheme (which the blockchain is based on) transfers authority and trust to a decentralized network and enables its nodes to continuously and sequentially record their transactions on a public “block,” creating a unique” chain” – the blockchain.”

Mougayar describes the etymology of the word “blockchain” specific to Bitcoin itself.

Note: a block actually is more akin to a “batch” or “bucket” in the sense that transactions are bundled together into a bucket and then propagated.  His definition of what a blockchain is is not inclusive enough in this chapter though because it is unclear what decentralization can mean (1 node, 100 nodes, 10,000 nodes?).  Also, it is important to note that not all distributed ledgers are blockchains.

On p. 31 he writes:

“Credit card companies charge us 23% in interest, even when the prime rate is only at 1%”

Which credit card companies are charging 23%?  Who is being charged this?  Also, even if this were the case, how does a blockchain of some kind change that?

On p. 32 he writes:

“Blockchains offer truth and transparency as a base layer. But most trusted institutions do not offer transparency or truth. It will be an interesting encounter.”

This is just a broad sweeping generalization.  What does truth and transparency mean here?  Which blockchains?  Which institutions?  Cannot existing institutions build or use some kind of distributed ledger to provide the “truth” and “transparency” that he advocates?

On p. 33 he writes:

“The blockchain challenges the roles of some existing trust players and reassigns some of their responsibilities, sometimes weakening their authority.”

Typo: should be “trusted” not “trust.”

On p. 34 he writes:

“There is a lesson from Airbnb, which has mastered the art of allowing strangers to sleep in your house without fear.”

This is not true, there are many examples of Airbnb houses that have been trashed and vandalized.

On p. 34, just as the Tapscott’s did in their book, Mougayar talks about how Airbnb could use a blockchain for identity and reputation.  Sure, but what are the advantages of doing that versus a database or other existing technology?

On p. 37 he writes:

“Enterprises are the ones asking, because the benefits are not necessarily obvious to them.  For large companies, the blockchain presented itself as a headache initially. It was something they had not planned for.”

First off, which blockchain?  And which enterprises had a headache from it?

On p. 39 he writes: “Prior to the Bitcoin invention…”

He should probably flip that to read “the invention of Bitcoin”

On p. 40 he writes:

“… it did not make sense to have money as a digital asset, because the double-spend (or double-send) problem was not solved yet, which meant that fraud could have dominated.”

This is empirically untrue.  Centralized systems prevent double-spending each and every day.  There is a double-spending problem when you are using a pseudonymous, decentralized network and it is partially resolved (but not permanently solved) in Bitcoin by making it expensive, but not impossible, to double-spend.

On p. 41 he writes:

“They will be no less revolutionary than the invention of the HTML markup language that allowed information o be openly published and linked on the Web.”

This is a little redundant and should probably be rewritten as “the invention of the hypertext markup language (HTML).”

On p. 43 he writes:

“Smart contracts are ideal for interacting with real-world assets, smart property, Internet of Things (IoT) and financial services instruments.”

Why are smart contracts ideal for that?

On p. 46 he writes: “Time-stamping” and in other areas he writes it without a dash.

On p. 46 he writes:

“And blockchains are typically censorship resistant, due to the decentralized nature of data storage, encryption, and peer controls at the edge of the network.”

Which blockchains?  Not all blockchains in the market are censorship resistant.  Why and why not?

On p. 48 he mentions “BitIID” – this is a typo for “BitID”

On p. 51 he writes:

“Enter the blockchain and decentralized applications based on it. Their advent brings potential solutions to data security because cryptographically-secured encryption becomes a standard part of blockchain applications, especially pertaining to the data parts. By default, everything is encrypted.”

This is untrue.  Bitcoin does not encrypt anything nor does Ethereum.  A user could encrypt data first, take a hash of it and then send that hash to a mining pool to be added to a block, but the network itself provides no encryption ability.

On p. 52 he writes:

“Consensus in public blockchains is done publicly, and is theoretically subject to the proverbial Sybil attacks (although it has not happened yet).”

Actually, it has on altcoins.  One notable occurrence impacted Feathercoin during June 2013.

On p. 54 he writes:

“The blockchain can help, because too many Web companies centralized and hijacked what could have been a more decentralized set of services.”

This is the same meme in the Tapscott book.  There are many reasons for why specific companies and organizations have large users bases but it is hard to see how they hijacked anyone; but that is a different conversation altogether.

On p. 54 he writes:

“We can also think of blockchains as shared infrastructure that is like a utility. If you think about how the current Internet infrastructure is being paid for, we subsidize it by paying monthly fees to Internet service providers.  As public blockchains proliferate and we start running millions of smart contacts and verification services on them, we might be also subsidizing their operation, by paying via micro transactions, in the form of transaction fees, smart contract tolls, donation buttons, or pay-per-use schemes.”

This is a very liberal use of the word subsidize.  What Mougayar is describing above is actually more of a tax than a charitable donation.

The design behind Bitcoin was intended to make it such that there was a Nash equilibrium model between various actors.  That miners would not need to rely on charity to continue to secure the network because as block rewards decline, the fees themselves would in the long run provide enough compensation to pay for their security services.

It could be argued that this will not happen, that fees will not increase to offset the decline in block rewards but that is for a different article.

As an aside, Mougayar’s statement above then intersects with public policy: which blockchains should receive that subsidy or donation?  All altcoins too?  And who should pay this?

Continuing:

“Blockchains are like a virtual computer somewhere in a distributed cloud that is virtual and does not require server setups. Whoever opens a blockchain node runs the server, but not users or developers.”

This is untrue.  The ~6,400 nodes on the Bitcoin network are all servers that require setup and maintenance to run.  The same for Ethereum and any other blockchain.

On p. 58 he writes:

“It is almost unimaginable to think that when Satoshi Nakamoto released the code for the first Bitcoin blockchain in 2009, it consisted of just two computers and a token.”

A couple issues:

  1. There is a typo – “first” should be removed (unless there was another Bitcoin network before Bitcoin?)
  2. Timo Hanke and Sergio Lerner have hypothesized that Satoshi probably used multiple computers, perhaps more than a dozen.

On p. 58 he writes:

“One of the primary differences between a public and private blockchain is that public blockchains typically have a generic purpose and are generally cheaper to use, whereas private blockchains have a more specific usage, and they are more expensive to set up because the cost is born by fewer owners.”

This is not true.  From a capital and operation expenditure perspective, public blockchains are several orders of magnitude more expensive to own and maintain than a private blockchain.  Why?  Because there is no proof-of-work involved and therefore private blockchain operators do not need to spend $400 million a year, which is roughly the cost of maintaining the Bitcoin network today.

In contrast, depending on how a private blockchain (or distributed ledger) is set up, it could simply be run by a handful of nodes on several different cloud providers – a marginal cost.

Chapter 3

On p. 68 he writes:

“Taken as an extreme case, just about any software application could be rewritten with some blockchain and decentralization flavor into it, but that does not mean it’s a good idea to do so.”

Yes, fully agreed!

On p. 68 he writes:

“By mid-2016, there were approximately 5,000 developers dedicated to writing software for cryptocurrency, Bitcoin or blockchains in general. Perhaps another 20,000 had dabbled with some of that technology, or written front-end applications that connect to a blockchain, one way or the other.”

Mougayar cites his survey of the landscape for this.

I would dispute this though, it’s probably an order of magnitude less.

The only way this number is 5,000 is if you liberally count attendees at meetups or all the various altcoins people have touched over the year, and so forth.  Even the headcount of all the VC funded “bitcoin and blockchain” companies is probably not even 5,000 as of May 2016.

On p. 71 he writes:

“Scaling blockchains will not be different than the way we have continued to scale the Internet, conceptually speaking.  There are plenty of smart engineers, scientists, researchers, and designers who are up to the challenge and will tackle it.”

This is a little too hand-wavy.  One of the top topics that invariably any conversation dovetails into at technical working groups continues to be “how to scale” while keeping privacy requirements and non-functional requirements intact.  Perhaps this will be resolved, but it cannot be assumed that it will be.

On p. 72 he writes:

“Large organizations, especially banks, have not been particularly interested in adopting public blockchains for their internal needs, citing potential security issues. The technical argument against the full security of public blockchains can easily be made the minute you introduce a shadow of a doubt on a potential scenario that might wreak havoc with the finality of a transaction.  That alone is enough fear to form a deterring factor for staying away from public blockchain, although the argument could be made in favor of their security.”

This is a confusing passage.  The bottom line is that public blockchains were not designed with the specific requirements that regulated financial institutions have.  If they did, perhaps they would be used.  But in order to modify a public blockchain to provide those features and characteristics, it would be akin to turning an aircraft carrier into a submarine.  Sure it might be possible, but it would just be easier and safer to build a submarine instead.

Also, why would an organization use a public blockchain for their internal needs?  What does that mean?

On p. 78 he writes:

“Targeting Bitcoin primarily, several governments did not feel comfortable with a currency that was not backed by a sovereign country’s institutions.”

Actually, what made law enforcement and regulators uncomfortable was a lack of compliance for existing AML/KYC regulations.  The headlines and hearings in 2011-2013 revolved around illicit activities that could be accomplished as there were no tools or ability to link on-chain activity with real world identities.

Chapter 4

On p. 87 he writes:

“The reality is that customers are not going to the branch as often (or at all), and they are not licking as many stamps to pay their bills.  Meanwhile, FinTech growth is happening: it was a total response to banks’ lack of radical innovation.”

There are a couple issues going on here.

Banks have had to cut back on all spending due to cost cutting efforts as a whole and because their spending has had to go towards building reporting and compliance systems, neither of which has been categorized as “radical innovation.”

Also, to be balanced, manyh of the promises around “fintech” innovation still has yet to germinate due to the fact that many of the startups involved eventually need to incorporate and create the same cost structures that banks previously had to have.  See for instance, financial controls in marketplace lending – specifically Lending Club.

On p. 88 he writes:

“If you talk to any banker in the world, they will admit that ApplePay and PayPal are vexing examples of competition that simply eats into their margins, and they could not prevent their onslaught.”

Any banker will say that?  While a couple of business lines may change, which banks are being displaced by either of those two services right now?

On p. 89 he writes:

“Blockchains will not signal the end of banks, but innovation must permeate faster than the Internet did in 1995-2000.”

Why?  Why must it permeate faster?  What does that even mean?

On p. 89 he writes:

“This is a tricky question, because Bitcoin’s philosophy is about decentralization, whereas a bank is everything about centrally managed relationships.”

What does this mean?  If anything, the Bitcoin economy is even more concentrated than the global banking world, with only about a dozen exchanges globally that handle virtually all of the trading volume of all cryptocurrencies.

On p. 89 he writes:

“A local cryptocurrency wallet skirts some of the legalities that existing banks and bank look-alikes (cryptocurrency exchanges) need to adhere to, but without breaking any laws. You take “your bank” with you wherever you travel, and as long as that wallet has local onramps and bridges into the non-cryptocurrency terrestrial world, then you have a version of a global bank in your pocket.”

This is untrue.  There are many local and international laws that have been and continue to be broken involving money transmission, AML/KYC compliance and taxes.  Ignoring those though, fundamentally there are probably more claims on bitcoins – due to encumbrances – than bitcoins themselves.  This is a big problem that still hasn’t been dealt with as of May 2016.

On p. 95 he writes:

“The decentralization of banking is here. It just has not been evenly distributed yet.”

This is probably inspired by William Gibson who said: ‘The future is already here — it’s just not very evenly distributed.’

On p. 95 he writes:

“The default state and starting position for innovation is to be permissionless. Consequently, permissioned and private blockchain implementations will have a muted innovation potential.  At least in the true sense of the word, not for technical reasons, but for regulatory ones, because these two aspect are tie together.”

This is not a priori true, how can he claim this?  Empirically we know that permissioned blockchains are designed for different environments than something like Bitcoin.  How can he measure the amount of potential “innovation” either one has?

On p. 95 he writes:

“We are seeing the first such case unfold within the financial services sector, that seems to be embracing the blockchain fully; but they are embracing it according to their own interpretation of it, which is to make it live within the regulatory constraints they have to live with. What they are really talking about is “applying innovation,” and not creating it. So, the end-result will be a dialed down version of innovation.”

This is effectively an ad hominem attack on those working with regulated institutions who do not have the luxury of being able to ignore laws and regulations in multiple jurisdictions.  There are large fines and even jail time for ignoring or failing to comply with certain regulations.

On p. 95 he writes:

“That is a fact, and I am calling this situation the “Being Regulated Dilemma,” a pun on the innovator’s dilemma. Like the innovator’s dilemma, regulated companies have a tough time extricating themselves from the current regulations they have to operate within.  So, when they see technology, all they can do is to implement it within the satisfaction zones of regulators. Despite the blockchain’s revolutionary prognosis, the banks cannot outdo themselves, so they risk only guiding the blockchain to live within their constrained, regulated world.”

“It is a lot easier to start innovating outside the regulatory boxes, both figuratively and explicitly. Few banks will do this because it is more difficult.”

“Simon Taylor, head of the blockchain innovation group at Barclays, sums it up: “I do not disagree the best use cases will be outside regulated financial services. Much like the best users of cloud and big data are not the incumbent blue chip organizations.  Still their curioisity is valuable for funding and driving forward the entire space.” I strongly agree; there is hope some banks will contribute to the innovation potential of the blockchain in significant ways as they mature their understanding and experiences with this next technology.

An ending note to banks is that radical innovation can be a competitive advantage, but only if it is seen that way. Otherwise innovation will be dialed down to fit their own reality, which is typically painted in restrictive colors.

It would be useful to see banks succeed with the blockchain, but they need to push themselves further in terms of understanding what the blockchain can do. They need to figure out how they will serve their customers better, and not just how they will serve themselves better. Banks should innovate more by dreaming up use cases that we have not though about yet, preferably in the non-obvious category.

The fundamental problem with his statement is this: banks are heavily regulated, they cannot simply ignore the regulations because someone says they should.  If they fail to maintain compliance, they can be fined.

But that doesn’t mean they cannot still be innovative, or that the technology they are investigating now isn’t useful or helpful to their business lines.

In effect, this statement is divorced from the reality that regulated financial institutions operate in.  [Note: some of his content such as the diagram originated from his blog post]

On p. 102 he writes:

“Banks will be required to apply rigorous thinking to flush out their plans and positions vis-à-vis each one of these major blockchain parameters. They cannot ignore what happens when their core is being threatened.”

While this could be true, it is an over generalization: what type of business lines at banks are being threatened?  What part of “their” core is under attack?

On p. 103 he writes:

“More than 200 regulatory bodies exist in 150 countries, and many of them have been eyeing the blockchain and pondering regulatory updates pertaining to it.”

Surely that is a typo, there are probably 200 regulatory bodies alone in the US itself.

On p. 105 he writes:

“Banks will need to decide if they see the blockchain as a series of Band-Aids, or if they are willing to find the new patches of opportunity.  That is why I have been advocating that they should embrace (or buy) the new cryptocurrency exchanges, not because these enable Bitcoin trades, but because they are a new generation of financial networks that has figured out how to transfer assets, financial instruments, or digital assets swiftly and reliably, in essence circumventing the network towers and expense bridges that the current financial services industry relies upon.”

This is a confusing passage.

Nearly all of the popular cryptocurrency exchanges in developed countries require KYC/AML compliance in order for users to cash-in and out of their fiat holdings.  How do cryptocurrency exchanges provide any utility to banks who are already used to transferring and trading foreign exchange?

In terms of percentages, cryptocurrency exchanges are still very easy to compromise versus banks; what utility do banks obtain by acquiring exchanges with poor financial controls?

And, in order to fund their internal operations, cryptocurrency exchanges invariably end up with the same type of cost structures regulated financial institutions have; the advantage that they once had effectively involved non-compliance – that is where some of the cost savings was.  And banks cannot simply ignore regulations because people on social media want them to; these cryptocurrency sites require money to operate, hence the reason why many of them charge transaction fees on all withdrawals and some trades.

Chapter 5

On p. 115 he mentions La’Zooz and Maidsafe, neither of which – after several years of development, actually work.  Perhaps that changes in the future.

On p.118 he writes:

“There is another potential application of DIY Government 2.0. Suppose a country’s real government is failing, concerned citizens could create a shadow blockchain governance that is more fair, decentralized and accountable. There are at least 50 failed, fragile, or corrupt states that could benefit from an improve blockchain governance.”

Perhaps this is true, that there could be utility gain from some kind of blockchain.  But this misses a larger challenge: many of these same countries lack private property rights, the rule of law and speedy courts.

On p. 119 he writes about healthcare use cases:

“Carrying a secure wallet with our full electronic medical record in it, or our stored DNA, and allowing its access, in case of emergency.”

What advantage do customers gain from carrying this around in a secure wallet?  Perhaps they do, but it isn’t clear in this chapter.

On p. 126-127 he makes the case for organizations to have a “blockchain czar” but an alternative way to pitch this without all the pomp is simply to have someone be tasked with becoming a subject-matter expert on the topic.

On p. 131 he writes:

“Transactions are actually recorded in sequential data blocks (hence the word blockchain), so there is a historical, append-only log of these transaction that is continuously maintained and updated.  A fallacy is that the blockchain is a distributed ledger.”

It is not a fallacy.

Chapter 7

On p. 149 he writes: “What happened to the Web being a public good?”

Costs.  Websites have real costs.  Content on those websites have real costs.  And so forth.  Public goods are hard to sustain because no one wants to pay for them but everyone wants to use them.  Eventually commercial entities found a way to build and maintain websites that did not involve external subsidization.

On p. 150 he writes:

“Indeed, not only was the Web hijacked with too many central choke points, regulators supposedly continue to centralize controls in order to lower risk, whereas the opposite should be done.”

This conflicts with the “Internet is decentralized” meme that was discussed throughout the book.  So if aspects of the Internet are regulated, and Mougayar disagrees with those regulations, doesn’t this come down to disagreements over public policy?

On p. 153 he writes:

“Money is a form of value.  But not all value is money. We could argue that value has higher hierarchy than money. In the digital realm, a cryptocurrency is the perfect digital money.  The blockchain is a perfect exchange platform for digital value, and it rides on the Internet, the largest connected network on the planet.”

Why are cryptocurrencies perfect?  Perhaps they are, but it is not discussed here.

On p. 153 he also talks about the “programmability” of cryptocurrencies but doesn’t mention that if fiat currencies were digitally issued by central banks, they too could have the same programmable abilities.

On p. 160 he predicts:

“There will be dozens of commonly used, global virtual currencies that will be considered mainstream, and their total market value will exceed $5 trillion, and represent 5% of the world’s $100 trillion economy in 2025.”

Perhaps that occurs, but why?  And are virtual currencies now different than digital currencies?  Or are they the same?  None of these questions are really addressed.

Conclusion

This book is quick read but unfortunately is weighed down by many opinions that are not supported by evidence and consequently, very few practical applications for enterprises are explained in detail.

For regulated businesses such as financial institutions, there are several questions that need to be answered such as: what are the specific cost savings for using or integrating with some kind of blockchain?  What are the specific new business lines that could be created?  And unfortunately the first edition of this book did not answer these types of questions.  Let us look again at a future version.

See my other book reviews.

Send to Kindle

Book review: Blockchain Revolution

[Disclaimer: The views expressed below are solely my own and do not necessarily represent the views of my employer or any organization I advise.]

A couple weeks ago I joked that while containment is impossible, it would be nice to know who patient-zero was for using the term “blockchain” without an article preceding it.  The mystery of who exactly removed the “a” before “blockchain” is probably residing on the same island that Yeti, Sasquatch, and the New England Patriot’s equipment team are now located.

Don and Alex Tapscott, a Canada-based father-son duo, co-authored a new book entitled Blockchain Revolution that not only suffers from this grammatical faux pas but has several dozen errors and unproven assertions which are detailed in this review.

Below is a chapter-by-chapter look into a book that should have baked in the oven for a bit more time.

Note: all transcription errors are my own.  See my other book reviews.

Chapter 1

On p. 5 the authors write:

“A decade later in 2009, the global financial industry crashed. Perhaps propitiously, a pseudonymous person or persons named Satoshi Nakamoto outlined a new protocol for a peer-to-peer electronic cash system using a cryptocurrency called bitcoin.”

Ignoring the current drama surrounding Craig Wright — the Australian who claims to be Satoshi — during the initial threads on Metzdowd, Satoshi mentioned he had been working on this project for 18 months prior; roughly mid-2007.  So it was more coincidental timing than intentional.

And much like other books on the same topic, the authors do not clarify that there are more than one type of blockchain in existence and that some are a type of distributed ledger.

For instance, on p. 6 they write:

“At its most basic, it is an open source code: anyone can download it for free, run it, and use it to develop new tools for managing transactions online.”

With the ‘it’ being a ‘blockchain.’  The problem with this grammatical issue is that we know empirically that there many different types of distributed ledgers and blockchains currently under development and not all of them are open sourced.  Nor does being open source automagically qualify something as a blockchain.

On p. 6 they write:

“However, the most important and far-reaching blockchains are based on Satoshi’s bitcoin model.”

That’s an opinion that the authors really don’t back up with facts later on.

In addition, on the same page they make the “encryption” error that also plagues books in this space: the Bitcoin blockchain does not use encryption.

For example, on page 6 they write:

“And the blockchain is encrypted: it uses heavy-duty encryption involving public and private keys (rather like the two-key system to access a safety deposit box) to maintain virtual security.”

Incorrect.  Bitcoin employs a couple different cryptographic processes, but it doesn’t use encryption.  Furthermore, the example of a ‘two-key system’ actually illustrates multisig, not public-private key pairs.

On p. 8 they write:

“Bankers love the idea of secure, frictionless, and instant transactions, but some flinch at the idea of openness, decentralization and new forms of currency.  The financial services industry has already rebranded and privatized blockchain technology, referring to it as distributed ledger technology, in an attempt to reconcile the best of bitcoin — security, speed, and cost — with an entirely closed system that requires a bank or financial institution’s permission to use.”

There is a lot of assumptions in here:

(1) it is unclear which “bankers” they are speaking about, is it every person who works at a bank?

(2) the term ‘openness’ is not very well defined, does that mean that people at banks do not want to have cryptographically proven provenance?

In addition, in order for something to be privatized it must have been public at first.  Claiming that the “blockchain” toolkit of ideas and libraries was privatized away from Bitcoin is misleading.  The moving pieces of Bitcoin itself are comprised of no less than 6 discrete elements that previously existed in the cryptography and distributed systems communities.

The Bitcoin network itself is not being privatized by financial institutions.  In fact, if anything, empirically Bitcoin itself is being carved away by entities and efforts largely financed by venture capital — but that is a topic for another article.  Furthermore, research into distributed computing and distributed consensus techniques long predates Bitcoin itself, by more than a decade.

Lastly, and this is why it helps to clearly define words at the beginning of a book, it is important to note that some blockchains are a type of distributed ledger but not all distributed ledgers are blockchains.

On page 9 they write that:

“In 2014 and 2015 alone more than $1 billion of venture capital flooded into the emerging blockchain ecosystem, and the rate of investment is almost doubling annually.”

This is only true if you conflate cryptocurrency systems with non-cryptocurrency systems.  The two are separate and have completely different business models.  See my December presentation for more details about the divergence.

On p. 9 they write:

“A 2013 study showed that 937 people owned half of all bitcoin, although that is changing today.”

First off, this is a typo because the original article the authors cite, actually says the number is 927 not 937.  And the ‘study’ showed that about half of all bitcoins resided on addresses controlled by 937 on-chain entities.  Addresses does not mean individuals.  It is likely that some of these addresses (or rather, UTXOs) are controlled and operated by early adopters (like Roger Ver) as well as exchanges (like Bitstamp and Coinbase).

Furthermore, it is unclear from the rest of the book how that concentration of wealth is changing — where is that data?

On p. 18 they write about Airbnb, but with a blockchain.  It is unclear from their explanation what the technical advantage is of using a blockchain versus a database or other existing technology.

On p. 20 they write:

“Abra and other companies are building payment networks using the blockchain. Abra’s goal is to turn every one of its users into a teller. The whole process — from the funds leaving one country to their arriving in another — takes an hour rather than a week and costs 2 percent versus 7 percent or higher.  Abra wants its payment network to outnumber all physical ATMs in the world.  It took Western Union 150 years to get to 500,000 agents worldwide.  Abra will have that many tellers in its first years.”

There are at least 3 problems with this statement:

  1.  the authors conflate a blockchain with all blockchains; empirically there is no “the” blockchain
  2.  Abra’s sales pitch relies on the ability to convince regulators that the company itself just make software and doesn’t participate in money transmission or movement of financial products (which it does by hedging)
  3.  Abra was first publicly announced in March 2015 and then formally launched in the Philippines in October 2015.

Fast forward to May 2016 and according to the Google Play Store and Abra has only been downloaded about 5,000 times.

Perhaps it will eventually reach 500,000 and even displace Western Union, but the authors’ predictions that this will occur in one year is probably not going to happen at the current rate.

Furthermore, on p. 186 they write that “Abra takes a 25-basis-point fee on conversion.”

Will this require a payment processing license in each jurisdiction the conversion takes place?

On page 24 they write:

“Other critics point to the massive amount of energy consumed to reach consensus in just the bitcoin network: What happens when thousands or perhaps millions of interconnected blockchains are each processing billions of transactions a day?  Are the incentives great enough for people to participate and behave safely over time, and not try to overpower the network? Is blockchain technology the worst job killer ever?”

There are multiple problems with this statement:

  1.  on a proof-of-work blockchain, the amount of energy consumed is not connected with the amount of transactions being processed.  Miners consume energy to generate proofs-of-work irrespective of the number of transactions waiting in the memory pool.  Transaction processing itself is handled by a different entity entirely called a block maker or mining pool.
  2.  as of May 2016, it is unclear why there would be millions of interconnected proof-of-work blockchains.  There are perhaps a couple hundred altcoins, at least 100 of which are dead, but privately run blockchains do not need to use proof-of-work — thus the question surrounding incentives is a non sequitur.
  3.  while blockchains however defined may displace workers of some kind at some point, the authors never really zero in on what “job killing” blockchains actually do?

On p. 25 they write:

“The blockchain and cryptocurrencies, particularly bitcoin, already have massive momentum, but we’re not predicting whether or not all this will succeed, and if it does, how fast it will occur.”

Nowhere do the authors actually cite empirical data showing traction.  If there was indeed massive momentum, we should be able to see that from data somewhere, but so far that is not happening.  Perhaps that changes in the future.

The closing paragraph of Chapter 1 states that:

“Everyone should stop fighting it and take the right steps to get on board. Let’s harness this force not for the immediate benefit of the few but for the lasting benefit of the many.”

Who is fighting what?  They are presumably talking about a blockchain, but which one?  And why should people stop what they are doing to get on board with something that is ill-defined?

Chapter 2

On p. 30 they write that:

“Satoshi leveraged an existing distributed peer-to-peer network and a bit of clever cryptography to create a consensus mechanism that could solve the double-spend problem as well as, if not better than, a trusted third party.”

The word “trust” or variation thereof appears 11 times in the main body of the original Satoshi whitepaper.  Routing around trusted third parties was the aim of the project as this would then allow for pseudonymous interaction.  That was in October 2008.

What we empirically see in 2016 though is an increasingly doxxed environment in which it could be argued that ‘trusted’ parties could do the same job — movement of payments — in a less expensive manner.  But that is a topic for another article.

On p. 33 they write:

“So important are the processes of mining — assembling a block of transactions, spending some resource, solving the problem, reaching consensus, maintaining a copy of the full ledger — that some have called the bitcoin blockchain a public utility like the Internet, a utility that requires public support. Paul Brody of Ernst & Young thinks that all our appliances should donate their processing power to upkeep of a blockchain: “Your lawnmower or dishwasher is going to come with a CPU that is probably a thousand times more powerful than it actually needs, and so why not have it mine? Not for the purpose of making you money, but to maintain your share of the blockchain,” he said.  Regardless of the consensus mechanism, the blockchain ensures integrity through clever code rather than through human beings who choose to do the right thing.”

Let’s dissect this:

  1.  the process of mining, as we have looked at before, involves a division of labor between the entities that generate proofs-of-work – colloquially referred to as miners, and those that package transactions into blocks, called blockmakers.  Miners themselves do not actually maintain a copy of a blockchain, pools do.
  2.  while public blockchains like Bitcoin are a ‘public good,’ it doesn’t follow how or why anyone should be compelled to subsidize them, at least the reasons why are not revealed to readers.
  3.  the only reason proof-of-work was used for Bitcoin is because it was a way to prevent Sybil attacks on the network because participants were unknown and untrusted.  Why should a washing machine vendor integrate an expensive chip to do calculations that do not help in the washing process?  See Appendix B for why they shouldn’t.
  4.  because proof-of-work is used in a public blockchain and public blockchains are a public good, how does anyone actually have a “share” of a blockchain? What does that legally mean?

On p. 34 they write:

“The blockchain resides everywhere. Volunteers maintain it by keeping their copy of the blockchain up to date and lending their spare computer processing units for mining. No backdoor dealing.”

There are multiple problems with this:

  1.  to some degree entities that run a fully validating node could be seen as volunteering for a charity, but most do not lend spare computer cycles because they do not have the proper equipment to do so (ASIC hardware)
  2.  to my knowledge, none of the professional mining farms that exist have stated they are donating or lending their mining power; instead they calculate the costs to generate proofs-of-work versus what the market value of a bitcoin is worth and entering and exiting the market based on the result.
  3.  this is a contentious issue, but because of the concentration and centralization of both mining and development work, there have been multiple non-public events in which mining pools, mining farms and developers get together to discuss roadmaps and policy. Is that backdoor dealing?

On p. 35 they write:

“Nothing passes through a central third party; nothing is stored on a central server.”

This may have been true a few years ago, but only superficially true today.  Most mining pools connect to the Bitcoin Relay Network, a centralized network that allows miners to propagate blocks faster than they would if they used the decentralized network itself to do so (it lowers the amount of orphan blocks).

On p. 37 they write:

“The paradox of these consensus schemes is that by acting in one’s self-interest, one is serving the peer-to-peer (P2P) network, and that in turn affects one’s reputation as a member of the economic set.”

Regarding cryptocurrencies, there is currently no built-in mechanism for tracking or maintaining reputation on their internal P2P network.  There are projects like OpenBazaar which are trying to do this, but an on-chain Bitcoin user does not have a reputation because there is no linkage real world identity (on purpose).

On p. 38 they write:

“Trolls need not apply”

Counterfactually, there are many trolls in the overall blockchain-related world, especially on social media in part because there is no identity system that links pseudonymous entities to real world, legal identities.

On p. 39 the authors list a number of high profile data breaches and identity thefts that took place over the past year, but do not mention the amount of breaches and thefts that take place in the cryptocurrency world each year.

On p. 41 they write:

“Past schemes failed because they lacked incentive, and people never appreciated privacy as incentive enough to secure those systems,” Andreas Antonopoulos said. The bitcoin blockchain solves nearly all these problem by providing the incentive for wide adoption of PKI for all transaction of value, not only through the use of bitcoin but also in the shared bitcoin protocols.  We needn’t worry about weak firewalls, thieving employees, or insurance hackers. If we’re both using bitcoin, if we can store and exchange bitcoin securely, then we can store and exchange highly confidential information and digital assets securely on the blockchain.”

There are multiple problems with this statement:

  1.  it is overly broad and sweeping to say that every past PKI system has not only failed, but that they all failed because of incentives; neither is empirically true
  2.  Bitcoin does not solve for connecting real world legal identities that still will exist with our without the existence of Bitcoin
  3.  there are many other ways to securely transmit information and digital assets that does not involve the use of Bitcoin; and the Bitcoin ecosystem itself is still plagued by thieving employees and hackers

On p. 41 they write:

“Hill, who works with cryptographer Adam Back at Blockstream, expressed concern over cryptocurrencies that don’t use proof of work. “I don’t think proof of stake ultimately works. To me, it’s a system where the rich get richer, where people who have tokens get to decide what the consensus is, whereas proof of works ultimately is a system rooted in physics. I really like that because it’s very similar to the system for gold.”

There are multiple problems with this as well:

  1.  people that own bitcoins typically try to decide what the social consensus of Bitcoin is — by holding conferences and meetings in order to decide what the roadmap should or should not be and who should and should not be administrators
  2.  the debate over whether or not a gold-based economy is good or not is a topic that is probably settled, but either way, it is probably irrelevant to creating Sybil resistance.

On p. 42 they write:

“Satoshi installed no identity requirement for the network layer itself, meaning that no one had to provide a name, e-mail address, or any other personal data in order to download and use the bitcoin software. The blockchain doesn’t need to know who anybody is.”

The authors again conflate the Bitcoin blockchain with all blockchains in general:

  1.  there are projects underway that integrate a legal identity and KYC-layer into customized distributed ledgers including one literally called KYC-Chain (not an endorsement)
  2.  empirically public blockchains like Bitcoin have trended towards being able to trace and track asset movement back to legal entities; there are a decreasing amount of non-KYC’ed methods to enter and exit the network

On p. 43 they write:

“The blockchain offers a platform for doing some very flexible forms of selective and anonymous attestation. Austin Hill likened it to the Internet. “A TCP/IP address is not identified to a public ID. The network layer itself doesn’t know. Anyone can join the Internet, get an IP address, and start sending and receiving packets freely around the world. As a society, we’ve seen an incredible benefit allowing that level of pseudonymity… Bitcoin operates almost exactly like this. The network itself does not enforce identity. That’s a good thing for society and for proper network design.”

This is problematic in a few areas:

  1.  it is empirically untrue that anyone can just “join the Internet” because the Internet is just an amalgamation of intranets (ISPs) that connect to one another via peering agreements.  These ISPs can and do obtain KYC information and routinely kick people off for violating terms of service.  ISPs also work with law enforcement to link IP addresses with legal identities; in fact on the next page the authors note that as well.
  2.  in order to use the Bitcoin network a user must obtain bitcoins somehow, almost always — as of 2016 — through some KYC’ed manner.  Furthermore, there are multiple projects to integrate identity into distributed ledger networks today.  Perhaps they won’t be adopted, but regulated institutions are looking for ways to streamline the KYC/AML process and baking in identity is something many of them are looking at.

On p. 44 they write:

“So governments can subpoena ISPs and exchanges for this type of user data.  But they can’t subpoena the blockchain.”

That is not quite true.  There are about 10 companies that provide data analytics to law enforcement in order to track down illicit activity involving cryptocurrencies all the way to coin generation itself.

Furthermore, companies like Coinbase and Circle are routinely subpoenaed by law enforcement.  So while the network itself cannot be physically subpoenaed, there are many other entities in the ecosystem that can be.

On p. 46 they write:

“Combined with PKI, the blockchain not only prevents a double spend but also confirms ownership of every coin in circulation, and each transaction is immutable and irrevocable.”

The public-private key technology being used in Bitcoin does not confirm ownership, only control.  Ownership implies property rights and a legal system, neither of which currently exist in the anarchic world of Bitcoin.

Furthermore, while it is not currently possible to reverse the hashes (hence the immutability characteristic), blocks can and have been reorganized which makes the Bitcoin blockchain itself revocable.

On p. 47 they write:

“No central authority or third party can revoke it, no one can override the consensus of the network. That’s a new concept in both law and finance. The bitcoin system provides a very high degree of certainty as to the outcome of a contract.”

This is empirically untrue: CLS and national real-time gross settlement (RTGS) systems are typically non-reversible.  And the usage of the word contract here implies some legal standing, which does not exist in Bitcoin; there is currently no bridge between contracts issued on a public blockchain with that of real world.

On p. 50 they write:

“That was part of Satoshi’s vision. He understood that, for people in developing economies, the situation was worse.  When corrupt or incompetent bureaucrats in failed states need funding to run the government, their central banks and treasuries simply print more currency and then profit from the difference between the cost of manufacturing and the face value of the currency. That’s seigniorage. The increase in the money supply debases the currency.”

First off, they provide no evidence that Satoshi was actually concerned about developing countries and their residents.  In addition, they mix up the difference between seigniorage and inflation – they are not the same thing.

In fact, to illustrate with Bitcoin: seigniorage is the marginal value of a bitcoin versus the marginal cost of creating that bitcoin.  As a consequence, miners effectively bid up such that in the long run the cost equals the value; although some miners have larger margins than others.  In contrast, the increase in the money supply (inflation) for Bitcoin tapers off every four years.  The inflation or deflation rate is fully independent of the seigniorage.

Chapter 3

On p. 56 they quote Erik Vorhees who says:

“It is faster to mail an anvil to China than it is to send money through the banking system to China. That’s crazy!  Money is already digital, it’s not like they’re shipping palletes of cash when you do a wire.”

This is empirically untrue, according to SaveOnSend.com a user could send $1,000 from the US to China in 24 hours using TransFast. In addition:

  1.  today most money in developed countries is electronic, not digital; there is no central bank digital cash yet
  2.  if new distributed ledgers are built connecting financial institutions, not only could cross-border payments be done during the same day, but it could also involve actual digital cash

On p. 59 they write:

“Other blockchain networks are even faster, and new innovations such as the Bitcoin Lightning Network, aim to dramatically scale the capacity of the bitcoin blockchain while dropping settlement and clearing times to a fraction of a second.”

This is problematic in that it is never defined what clearing and settlement means.  And, the Bitcoin network can only — at most — provide some type of probabilistic settlement for bitcoins and no other asset.

On p. 67 they write:

“Private blockchains also prevent the network effects that enable a technology to scale rapidly. Intentionally limiting certain freedoms by creating new rules can inhibit neutrality. Finally, with no open value innovation, the technology is more likely to stagnate and become vulnerable.”

Not all private blockchains or distributed ledgers are the same, nor do they all have the same terms of service. The common theme has to do with knowing all the participants involved in a transaction (KYC/KYCC) and only certain known entities can validate a transaction.

Furthermore, the authors do not provide any supporting evidence for why this technology will stagnate or become vulnerable.

On p. 70 they write:

“The financial utility of the future could be a walled and well-groomed garden, harvested by a cabal of influential stakeholders, or it could be an organic and spacious ecosystem, where people’s economic fortunes grow wherever there is light.  The debate rages on, but if the experience of the first generation of the Internet has taught us anything, it’s that open systems scale more easily than closed ones.”

The authors do not really define what open and closed means here.  Fulfilling KYC requirements through terms of service at ISPs and governance structures like ICANN did not prevent the Internet from coming into existence.  It is possible to have vibrant innovation on top of platforms that require linkage to legal identification.

On p. 72 the authors quote Stephen Pair stating:

“Not only can you issue these assets on the blockchain, but you can create systems where I can have an instantaneous atomic transaction where I might have Apple stock in my wallet and I want to buy something or you.  But you want dollars.  With this platform I can enter a single atomic transaction (i.e., all or none) and use my Apple stock to send you dollars.”

This is currently not possible with Bitcoin without changing the legal system.  Furthermore:

  1.  this is probably not safe to do with Bitcoin due to how colored coin schemes distort the mining incentive scheme
  2.  from a technological point of view, there is nothing inherently unique about Bitcoin that would enable this type of atomic swapping that several other technology platforms could do as well

On p. 73 they write:

“Not so easy.  Banks, despite their enthusiasms for blockchain, have been wary of these companies, arguing blockchain businesses are “high-risk” merchants.”

Once again this shows how the authors conflate “blockchain” with “Bitcoin.”  The passage they spoke about Circle, a custodian of bitcoins that has tried to find banks to partner with for exchanging fiat to bitcoins and vice versa.  This is money transfer.  This type of activity is different than what a “blockchain” company does, most of whom aren’t exchanging cryptocurrencies.

On p. 74 they write:

“Third, new rules such as Sarbanes-Oxley have done little to curb accounting fraud. If anything, the growing complexity of companies, more multifaceted transactions, and the speed of modern commerce create new ways to hide wrongdoing.”

This may be true, but what are the stats or examples of people violating Sarbanes-Oxley, and how do “blockchains” help with this specifically?

On p. 78 they write:

“The blockchain returns power to shareholders. Imagine that a token representing a claim on an asset, a “bitshare,” could come with a vote or many votes, each colored to a particular corporate decision.  People could vote their proxies instantly from anywhere, thereby making the voting process for major corporate actions more response, more inclusive, and less subject to manipulation.”

First off, which blockchain?  And how does a specific blockchain provide that kind of power that couldn’t otherwise be done with existing non-blockchain technology?

On p. 80 they quote Marc Andreessen who says:

“PayPal can do a real-time credit score in milliseconds, based on your eBay purchase history — and it turns out that’s a better source of information than the stuff used to generate your FICO score.”

But what if you do not use eBay?  And why do you need a blockchain to track or generate a credit rating?

On p. 81:

“This model has proven to work.  BTCjam is a peer-to-peer lending platform that uses reputation as the basis for extending credit.”

BTCjam appears to have plateaued. They currently have a low churn rate on the available loans and they exited the US market 2 months ago.

On p. 83 they write:

“The blockchain IPO takes the concept further. Now, companies can raise funds “on the blockchain” by issuing tokens, or cryptosecurities, of some value in the company. They can represent equity, bonds, or, in the case of Augur, market-maker seats on the platform, granting owners the right to decide which prediction markets the company will open.”

From a technical perspective this may be possible, but from a legal and regulatory perspective, it may not be yet. Overstock has been given permission by the SEC to experiment with issuance.

On p. 86 they write:

“Bitcoin cannot have bail-ins, bank holidays, currency controls, balance freezes, withdrawal limits, banking hours,” said Andreas Antonopoulos.

That’s not quite true.  Miners can and will continue to meet at their own goals and they have the power to hard fork to change any of these policies including arbitrarily increasing or decreasing the issuance as well as changing fees for faster inclusion.  They also have the ability to censor transactions altogether and potentially — if the social value on the network increases — “hold up” transactions altogether.

Also, this doesn’t count the subsidies that miners receive from the utilities.

On p. 98 they write:

“To this last characteristic, Antonopoulos notes: “If there is enough financial incentive to preserve this blockchain into the future, the possibility of it existing for tens, hundreds, or even thousands of years cannot be discounted.”

It can arguably be discounted.  What evidence is presented to back up the claim that any infrastructure will last for hundreds of years?

On p. 100 they write:

“And just imagine how the Uniform Commercial Code might look on the blockchain.”

Does this mean actually embedding the code as text onto a blockchain?  Or does this mean modifying the UCC to incorporate the design characteristics of a specific blockchain?

On p. 102 they write:

“What interests Andreas about the blockchain is that we can execute this financial obligation in a decentralized technological environment with a built-in settlement system. “That’s really cool,” he said, “because I could actually pay you for the pen right now, you would see the money instantly, you would put the pen in the mail, and I could get a verification of that. It’s much more likely that we can do business.”

I assume that they are talking about the Bitcoin blockchain:

  1.  there is no on-chain settlement of fiat currencies, which is the actual money people are settling with on the edges of the network
  2.  since it is not fiat currency, it does not settle instantly.  In fact, users still have a counterparty risk involving delivery of the pen versus the payment.
  3.  if a central bank issued a digital currency, then there could be on-chain settlement of cash.

On p. 103 they write:

“If partners spends more time up front determining the terms of an agreement, the monitoring, enforcement, and settlement costs drop significantly, perhaps to zero.  Further, settlement can occur in real time, possibly in microseconds throughout the day depending on that deal.”

The DTCC published a white paper in January that explains they can already do near real-time settlement, but T+3 exists due to laws and other market structures.

On p. 105 they write that:

“Multisig authentication is growing in popularity. A start-up called Hedgy is using multisig technology to create futures contracts: parties agree on a price of bitcoin that will be traded in the future, only ever exchanging the price difference.”

As an aside, Hedgy is now dead.  Also, there are other ways to illustrate multisig utility as a financial control to prevent abuse.

On p. 106 they wrote that:

“The trouble is that, in recent business history, many hierarchies have not been effective, to the point of ridicule. Exhibit A is The Dilbert Principle, most likely one of the best-selling management books of all time, by Scott Adams. Here’s Dilbert on blockchain technology from a recent cartoon…”

The problem is that the cartoon they are citing (above) was actually a parody created by Ken Tindell last year.

The original Scott Adam’s cartoon was poking fun of databases and is from November 17, 1995.

On p. 115 they write:

“But the providers of rooms receive only part of the value they create. International payments go through Western Union, which takes $10 of every transaction and big foreign exchange off the top.”

Western Union does not have a monopoly on international payments, in fact, in many popular corridors they have less than 25% of market share.  In addition, Western Union does not take a flat $10 off every transaction.  You can test this out by going to their price estimator.  For instance, sending $1,000 from the US to a bank account in China will cost $8.

On p. 117 they write about a fictional blockchain-based Airbnb called bAirbnb:

“You and the owner have now saved most of the 15 percent Airbnb fee. Settlements are assured and instant.  There are no foreign exchange fees for international contracts.  You need not worry about stolen identity. Local governments in oppressive regimes cannot subpoena bAirbnb for all its rental history data. This is the real sharing-of-value economy; both customers and service providers are the winner.”

The problem with their statement is that cash settlements, unless it is digital fiat, is not settled instantly.  Identities can still be stolen on the edges (from exchanges).  And, governments can still issue subpoenas and work with data analytics companies to track provenance and history.

On p. 119 they write:

“Along comes blockchain technology.  Anyone can upload a program onto this platform and leave it to self-execute with a strong cryptoeconomical guarantee that the program will continue to perform securely as it was intended.”

While that may have been the case when these cryptocurrency systems first launched, in order to acquire ether (for Ethereum) or bitcoin, users must typically exchange fiat first.  And in doing so, they usually dox themselves through the KYC requirements at exchanges.

On p.123-124 they write about a ‘Weather decentralized application’ but do not discuss how its infrastructure is maintained let alone the Q-o-S.

On p.127 they write:

“Using tokens, companies such as ConsenSys have already issued shares in their firms, staging public offerings without regulatory oversight.”

The legality of this is not mentioned.

On p. 128 they write:

“Could there be a self-propagating criminal or terrorist organizations?  Andreas Antonopolous is not concerned.  He believes that the network will manages such dangers. “Make this technology available to seven and a half billion people, 7.499 billion of those will use it for good and that good can deliver enormous benefit to society.”

How does he know this?  Furthermore, the Bitcoin network itself is already available to hundreds of millions, but many have chosen not to use it.  Why is this not factored into the prediction?

On p.131 they write:

“What if Wikipedia went on the blockchain — call it Blockpedia.”

The total article text of English Wikipedia is currently around 12 gigabytes.  If it is a public blockchain, then how would this fit on the actual blockchain itself?  Why not upload the English version onto the current Bitcoin blockchain as an experiment?  What utility is gained?

From p. 129-144 they imagine seven ideas that are pitched as business ideas, but in most instances it is unclear what the value proposition that a blockchain provides over existing technology.

Chapter 6

On p. 148 they write that:

“The Internet of Things cannot function without blockchain payment networks, where bitcoin is the universal transactional language.”

What does that mean?  Does that mean that there are multiple blockchains and that somehow bitcoin transactions control other blockchains too?

On p. 152 they write:

“Last is the overarching challenge of centralized database technology — it can’t handle trillions of real-time transactions without tremendous costs.”

What are those costs?  And what specifically prevents databases from doing so?

On p. 153 they write:

“Other examples are a music service, or an autonomous vehicle,” noted Dino Mark Angaritis, founder of Smartwallet, “each second that the music is playing or the car is driving it’s taking a fraction of a penny out of my balance. I don’t have a large payment up front and pay only for what I use.  The provider runs no risk of nonpayment. You can’t do these things with a traditional payment networks because the fees are too high for sending fractions of a penny off your credit card.”

Depositing first and having a card-on-file are types of solutions that currently exist.  “Microtipping” doesn’t really work for a number of reasons including the fact that consumers do not like to nickel and dime themselves.  This is one of the reasons that ChangeTip had difficulties growing.

Furthermore, the tangential market of machine-to-machine payments may not need a cryptocurrency for two reasons:

  • M2M payments could utilize existing electronic payment systems via pre-paid and card-on-file solutions
  • The friction of moving into and out of fiat to enter into the cryptocurrency market is an unnecessary leg, especially if and when central bank digital currency is issued.

On pages 156-169 nearly all of the examples could use a database as a solution, it is unclear what value a blockchain could provide in most cases.  Furthermore, on p. 159 they discuss documentation and record keeping but don’t discuss how these records tie into current legal infrastructure.

Chapter 7

On p. 172 they write:

“We’re talking billions of new customers, entrepreneurs, and owners of assets, on the ground and ready to be deployed. Remember, blockchain transactions can be tiny, fractions of pennies, and cost very little complete.”

Maybe some transactions on some blockchains cost fractions of pennies, but currently not Bitcoin transactions.

On p.177 they write that “David Birch, a cryptographer and blockchain theorist, summed it up: “Identity is the new money.”

David Birch is not a cryptographer.

On p. 179 they write:

“Financing a company is easier as you can access equity and debt capital on a global scale, and if you’re using a common denominator — like bitcoin — you need not worry about exchange rates and conversation rates.”

Unless everyone is using one currency, this is untrue.

On p.185 they write:

“Sending one bitcoin takes about 500 bits, or roughly one one-thousandth the data consumption of one second of video Skype!”

But users still need to cash out on the other side which requires different infrastructure than Skype, namely money transmitter licenses and bank accounts.

On p. 192 they write that:

“Second, it can mean better protection of women and children. Through smart contracts, funds can be donated into escrow accounts, accessible only by women, say, for accessing food, feminine products, health care, and other essentials.”

How can a smart contract itself detect what gender the user is?

On p.194 they write:

“In jurisdictions like Honduras where trust is low in public institutions and property rights systems are weak, the bitcoin blockchain could help to restore confidence and rebuild reputation.”

How does Bitcoin do that?  What are the specific ways it can?

Chapter 8

On p. 202 they write:

“People can register their copyrights, organize their meetings, and exchange messages privately and anonymously on the blockchain.”

Which blockchain does this?  There are external services like Ascribe.io that purportedly let creators take a hash of a document (such as a patent) and store it into a blockchain.  But the blockchain itself doesn’t have that feature.

On p.214 they write:

“But surely a more collaborative model of democracy — perhaps one of that rewards participation such as the mining function — could encourage citizens’ engagement and learning about issues, while at the same time invigorating the public sector with the keen reasoning the nation can collectively offer.”

How?

Chapter 10

On p. 255 they mention that Greek citizens during 2015 would’ve bought more bitcoins if they had better access to ATMs and exchanges.  But this is not true, empirically people typically try to acquire USD because it is more universal and liquid.  Perhaps that changes in the future, but not at this time.

On p. 260 they write:

“The cost for having no central authority is the cost of that energy,” said Eric Jennings, CEO of Filament, an industrial wireless sensor network. That’s one side of the argument. The energy is what it is, and it’s comparable to the cost incurred in securing fiat currency.”

Where is the citation?  The reason the costs of securing the Bitcoin network are currently around $400 million a year is because that is roughly the amount of capital and energy expended by miners to secure a network in which validators are unknown and untrusted.  If you know who the participants are, the costs of securing a network drop by several orders of magnitude.

On p. 261 they write about the BitFury Group, a large mining company:

“Its founder and CEO, Valery Vavilov, argued the view that machines and mining operations overall will continue to get more energy efficient and environmentally friendly.”

Actually what happens is that while the ASIC chips themselves become more energy efficient, miners in practice will simply add more equipment and maintain roughly the same energy costs as a whole.  That is to say, if a new chip is 2x as efficient as before, miners typically just double the acquisition of equipment — maintaining the same amount of energy consumption, while doubling the hashrate.  There is no “environmental friendliness” in proof-of-work blockchains due to the Red Queen Effect.

On p. 274 they write:

“There will be many attempts to control the network,” said Keonne Rodriguez of Blockchain. “Big companies and governments will be devoted to breaking down privacy. The National Security Agency must be actively analyzing data coming through the blockchain even now.”

With thousands of copies being replicated around the world, it’s unclear who actually is storing it, perhaps intelligence agencies are.  We do know that at least 10 companies are assisting compliance teams and law enforcement in tracking the provenance of cryptocurrency movements.

On p. 282 they write:

“Indeed, Mike Hearn, a prominent bitcoin core developer, caused a quite a stir in January 2015 when he wrote a farewell letter to the industry foretelling bitcoin’s imminent demise.”

Wrong year, it was in January 2016.

On p. 291 they write that:

“Licensed exchanges, such as Gemini, have gained ground perhaps because their institutional clientele know they’re now as regulated as banks.”

Actually, Gemini hasn’t gained ground and remains relatively flat over the past ~5 months.  Even adding ether to their list of assets didn’t move the dial.

Conclusion

Overall the book was published a little too early as there hasn’t been much real traction in the entire ecosystem.

The content and perspective is currently skewed towards telling the cryptocurrency narrative and seemingly downplays the important role that institutions and enterprises have played over the past year in the wider distributed ledger ecosystem.

If you are looking for just one book to read on the topic, I would pass on this and wait for a future edition to rectify the issues detailed above.  See my other book reviews.

Send to Kindle

Self-doxxing, dynamic block making and re-decentralization of mining

There are currently two popular interrelated narratives on social media surrounding participation of the block making process on a public blockchain.  The stories are most pronounced within the Bitcoin community but are also reused by Litecoin, Ethereum and other cryptocurrencies too.

This includes the unchallenged statements that:

(1) anyone can still participate in block making, it is ungated and “permissionless”

(2) following a reward halving (“halvening”), networks become more decentralized because large, centralized farms and actors split apart due to economic pressures

This post looks at both of these and show that in practice neither is really true as of April 2016.

Named block makers

A year ago I reflected on some of the debate surrounding permissioned and permissionless blockchains.  Part of that post involved looking at how the mining market actually evolved in practice; not just based on the generalized claims made by enthusiasts at conferences.

For instance, based on block height below is a list of the first time a pool self-doxxed and signed a coinbase transaction, courtesy of Organ of Corti.  Only the first 50 are chronologically included:

Pool name                Block height                   Date
Eligius 130635 14-Jun-11
BitMinter 152246 7-Nov-11
BTC Guild 152700 10-Nov-11
Nmcbit.com 153343 15-Nov-11
YourBTC 154967 27-Nov-11
simplecoin.us 158291 20-Dec-11
Ass Penny Pool 161432 10-Jan-12
btcserv.net 163672 25-Jan-12
Slush 163970 27-Jan-12
BitLC 166462 12-Feb-12
pool.mkalinin.ru 170937 13-Mar-12
Bitclockers 173863 1-Apr-12
MaxBTC 174819 9-Apr-12
Triplemining 175144 11-Apr-12
CoinLab 180947 21-May-12
wizkid057 184148 12-Jun-12
Generated by General 194247 17-Aug-12
HHTT 197602 7-Sep-12
Ozcoin 207017 8-Nov-12
EclipseMC 208419 18-Nov-12
MTRed 219115 2-Feb-13
50BTC.com 219933 7-Feb-13
Bitparking 226272 17-Mar-13
Discus Fish 236494 17-May-13
ASICMiner 237050 20-May-13
ST Mining Corp 238456 29-May-13
Satoshi Systems 245445 8-Jul-13
GHash.IO 250205 5-Aug-13
175btc.com 253884 24-Aug-13
For Pierce and Paul 259214 21-Sep-13
Alydian5335 261051 1-Oct-13
Megabigpower 261530 4-Oct-13
GIVE-ME-COINS 267919 4-Nov-13
Polmine 282943 29-Jan-14
KoiSystems 285715 14-Feb-14
AntPool 286681 19-Feb-14
MMPool 294747 8-Apr-14
KNC Miner 300700 14-May-14
Bitfinex pool 306406 18-Jun-14
BitAffNet 309657 8-Jul-14
Bitfury 311333 18-Jul-14
Hashmine.io 313882 4-Aug-14
Solo.ckpool 319980 10-Sep-14
Kano.is 325306 14-Oct-14
BTCChina Pool 327211 27-Oct-14
Tangpool 339210 16-Jan-15
For Pyra 339547 19-Jan-15
BW Pool 341167 30-Jan-15
Huobi 341760 3-Feb-15
Dot pool 342104 6-Feb-15

Recall that even though it didn’t initially sign coinbase transactions, Slush began publicly operating at the end of November 2010.  Eligius was announced on April 27, 2011.  DeepBit publicly launched on February 26, 2011 and at one point was the most popular pool, reaching for a short period in July 2011, more than 50% of the network hashrate.

While many enthusiasts claim that “anyone can mine,” in practice, very few choose to for a number of reasons that will be discussed below.

But more to the point, the reason cryptocurrencies allegedly have a “permissionless” characteristic in the first place has to do exclusively with the fact that there is no administrative gating or vetting process for allowing actors on the network to participate in the block making process.  In 2009 there was no whitelist, blacklist, KYC or KYM (know your miner) process.

That is to say, those wanting to create a block did not need permission from a network administrator.1  That is the sole context of the term “permissionless.”

It is not related to developing other platforms that plug into the network.  It is not related to whether the network codebase is open source or not.  It is not related to being able to build software products that somehow utilize the network.  It is not related to being able to view or not view transactions.

Yet due to how the market evolved, today in 2016 while everyone is still paying for the high marginal costs to maintain a network designed for pseudonymous and anonymous interaction, few participants, specifically block makers, are actually capitalizing off of that utility.

For instance:

(1) Acquiring the necessary hardware to become a profitable miner invariably leaves a paper trail.  If instead you acquire the hardware on the second-hand market — in order to remain anonymous — you will still likely leave a paper trail with your legal identity in order to pay for the large energy bill and property taxes.  This is one of the reasons why miners in locations such as China do not publicize their fundraising activities or annual revenue: they don’t want to leave a paper trail to pay any extra taxes.2

(2) The other main mechanism for vetting miners now is through the use of data science itself.  Roughly 10 companies globally provide law enforcement, compliance teams and regulators access to relatively robust analytics tools to track provenance of bitcoins (or other cryptocurrencies) back to coin generation itself.  And in order to sell these mined bitcoins (e.g., to pay for the electricity and the mining hardware), nearly every bitcoin conversion to fiat marketplace now requires some compliance of local KYC and AML regulations.

While there are workarounds such as LocalBitcoins and SharedCoin, generally speaking the pseudonymous network itself in 2016 has largely become doxxed.  Yet the high costs of maintaining pseudonymity, via proof-of-work, still remain.

Hashrate distribution

Above is a pie chart that estimates the hashrate distribution among mining pools over the past 4 days (as of late April 2016).  The 10 largest pools collectively made 97% of the blocks during that time period.3

What about beyond 4 days?

Blocktrail

Source: Blocktrail

Above is the pool distribution of the past year based on coinbase data aggregated by Blocktrail.

The 10 largest pools collectively account for roughly 91.6% of all block making activity.  There is also a relatively long tail that includes roughly another 60 entities (some of whom do sign coinbase transactions) that represent the remaining 8.4% of all block making the past year.

Why do any actors sign transactions at all, after all, isn’t a core characteristic of a public blockchain pseudonymous consensus?  To my knowledge, no one has formally published a thorough explanation for the reasons why.  But one repeated rationale is that pools do so in order to prove to the miners (hashers) connected to the pool what the provenance of the block reward income is.

What does that mean?

For those who have never partaken in the mining process before, a quick history lesson: within the first two years of Bitcoin’s existence a division of labor arose in which block making became separated from hashing itself (e.g., generating proofs-of-work).

That is to say, the security of network security was outsourced to entities who create proofs-of-work and who are colloquially referred to as miners.4  Miners, in return for steady payouts of income, send their work to a pool operator who subsequently batches transactions together into blocks and pays workers based on a pre-arranged agreement (usually proportional, share-based).5

Today, if average Joe buys ASIC mining equipment, he typically does not connect them to his own pool but instead connects them to a pool run by Bob the devops professional.6  And how can Joe trust Bob not to shave off pennies from each share of work that Joe submits?

Block signing in theory provides some semblance of transparency: letting the hashers know if pool operators are skimming off the proceeds by not accurately reporting blocks found (e.g., income).

For instance, if a pool operator makes a block based off of the proof-of-work submitted by one of the hashers connected to a pool, such as Joe, but does not sign the coinbase, the pool operator can try to pretend that it didn’t win the block reward in the first place and therefore would not have to pay the workers (hashers).  This was allegedly more commonplace prior to 2013, before the advent of VC financed farms and pools.7 Now many of the medium and large hashing farm operators want to know the exact revenue number and hear good reasons for why some is missing or if the pool was just “unlucky.”8

Why doesn’t everyone become a block maker, after all, the process is billed as being “open” to all?

There are multiple reasons why, but the most important reason boils down to economics.  Dave Hudson has written about 10 different articles on the baked-in variance (inhomogenous Poisson process) that motivates individuals to continually pool  their mining effort versus solo mine.9 Spoiler alert: you are likely to be struck by lightning before you will ever create a block and reap a block reward by solo mining off of your laptop at home.

Other reasons for why few decide to become block-makers include: the added costs of providing DOS protection to your pool and the need to hire competent staff that can prevent and be on the lookout for problems like BGP hijacking which results in lost revenue.

This has not changed for multiple years and will likely not change for reasons discussed below.

Non-existent re-decentralization

With the upcoming Bitcoin block reward halving that is expected to take place in mid-July, there is a growing chorus of ‘hope’ that it will somehow lead to fewer large mining farms and pools.

This probably won’t occur for several simple reasons, namely due to economic incentives.

Recall that the major reasons why mining activity itself has gravitated to locations such as China isn’t due to conspiracy theories involving lizards but instead ancillary costs.

Specifically the following factors:

  • relatively low labor costs (e.g., professional hashing facilities need to be maintained by a workforce 24 x 7 and wages in China are lower than Russia and the US for this activity)
  • relatively low property costs (e.g., if you have good guanxi, you can utilize and own land at rates below those found in parts of Russia and the US)
  • lower energy costs; I and others have frequently written about this10
  • first-to-market with hardware; because a lot of the final assembly of hashing equipment takes place in southern China, in terms of logistics and transportation end-users have a lead-time advantage over other geographical regions
  • close personal connections with hardware manufacturers and fabrication plants in China and Taiwan; acquiring hardware for mining cryptocurrencies is just as relationship driven as other specialized non-commoditized industries.  Because medium and large miners know who the chip design teams are and what the ASIC roadmaps will be, they can stand in line at the front and acquire hardware before others.

What will happen after a block reward halving?

Just as oil producers with the highest marginal costs have been forced to exit the fracking market over the past couple of years, Bitcoin miners with the thinnest margins will likely exit the market immediately.

What this actually results in, at least the short run, is a more concentrated group of larger hashing farms and pools.

Why?

Because miners as a whole are effectively being given a 50% pay cut to provide the same utility as before.  And ceteris paribus, if Alice doesn’t currently have thick 50% margins, then she will likely exit the market.

In contrast, some of the most profitable miners in China and Republic of Georgia are now operating — even with the large difficulty rise over the past 6 months — with 50+% margins.  They may be squeezed, but they do not have to exit the market.

Basically, the less efficient players will be squeezed out and the more efficient players will remain.  Who is likely be be more efficient?  Larger farms in cheaper locations, or smaller pools made up of less sophisticated players with less capital?

But if the price of cryptocurrencies rise — in this case bitcoins — then won’t former miners come back into the market?

Maybe, but recall, we have seen this song and dance before and it is likely that the block reward halving is already factored into both the current market price and the hardware replacement cycle and as a result there probably will not be a doubling of the market price of bitcoins.  However, that is a topic for a different post.

Other public blockchains

What do mining pool distributions look like for other cryptocurrencies?

Above is the distribution of mining pools for Litecoin over the past day.  Interestingly, Coinotron — a pool I used when mining 3 years ago — currently represents 2.8% of the block making during that time frame.  Two years ago, in May 2014, it represented about 50%.

In August 2015, Litecoin underwent its first block reward halving.  Contrary to popular belief, its market price did not double.  In fact, nine months later the price of a litecoin measured in USD is just fifty cents higher than what it was pre-halving.11

Ethereum mining pool

Source: Etherchain

Above is the distribution of mining pools for Ethereum over the past day.

Interestingly Ethereum formally launched in August 2015 and has seen the same consistent pattern of 3-4 pools representing the majority of block making activity as other cryptocurrencies have witnessed.

In fact, Dwarfpool, despite its name, has flirted with the 50% threshold several times, most notably in March.  The Ethereum development team plans to transition the network from proof-of-work to proof-of-stake (Casper) later this year; it is unclear if the “staking” process will result in similar centralization.

Other cryptocurrencies continue to face similar pool centralization. This includes Namecoin which last year saw one pool, F2Pool provide more than 50% of the network hashrate for multiple months.  While it does not appear that F2Pool behaved maliciously, the fact that one block maker could potentially rewrite history by doing block reorgs motivated Onename to migrate away from Namecoin.

China

It is surprising that with the 60%+ hashrate located in China that there is scant detail in English about how that ecosystem works.  But there are reasons for this.

Recall that based on the current 25 BTC block reward, roughly $450 million in mining rewards has been divvied out over the past year to miners.  On paper that would mean that China-based miners received more than $270 million in revenue, which cements this industry as one of two that continually see large annual revenue flows (the second being exchanges themselves).

I contacted a mining operator in China that currently operates about 40 petahashes per second in equipment.  Note: miners use the abbreviated term ‘P’ and ‘PH’ to denote petahashes per second.

According to him:

“Our public hashing number is based on all our own hardware. This includes two facilities in western Sichuan plus a new Xinjiang site. All of these machines were originally S3’s from Bitmain but we have replaced them with S7’s.  We want to build larger operations than what we have today, but our goal is to maintain a specific percentage of the entire network.”

“Remember our electric rates changes from season to season: different time of year and that hydro power has problems in the winter because of less melt water which results in an energy price that is twice as the rate in the summer.”

“The land is basically free because it is in the mountains and no one is interested in buying property there. So all it takes is construction materials and labor. We hired 10 people last year. We intentionally hired more than we needed so we can build a team and send them places. Our front end operation probably only needs 4-5 people and we pay them $1,000 a month which is actually very competitive for that region.”

“We know a Chinese guy, Mr. LY.  He lives in Sichuan and was originally a hydroelectric operator but now owns his own hydro power station. He learned he could make more money mining than just running the station.”

“Why are people like us able to be competitive?  In Yunnan, Guizhou and Sichuan there was an overinvestment in hydropower last decade and now there is a surplus of electricity.12  Dam operators couldn’t sell the electricity generated so that’s where Bitcoin miners moved to. Also, in Liaoning, some people can free electricity because of the proximity to oil fields – they are given cheap electricity to local residents as compensation for confiscated land/polluting the environment — it is subsidized electricity.”

“No one really pays taxes because miners don’t generate something considered valuable. That’s to say from the perspective of taxpayer, miners don’t generate something of value, because the government doesn’t really recognize bitcoin. Bitcoin mining isn’t illegal, we still pay a small amount of taxes but it’s like running a company that doesn’t make money. Instead a miner just pays a small amount of taxes and all the profit is invisible to the law as it stands today.”

I also reached out to another mining operator based in southern China who explained that in practice, mining farms that produce 1 PH or more are usually not based in cities:

“Most of the time they are not in cities, more like in the middle of nowhere and it would be inaccurate to name towns.”

Instead he listed provinces where they are spread out including: Heilongjiang,Liaoning, Hebei, Sichuan, Tianjin, Anhui, Jiangsu, Ghuizhou, Inner Mongolia, Shanxi, Guangdong.  “Shenzhen for sure, there are testing facilities that are easily over 1P.”

What about ‘subprovincial’ locations?

“It is inaccurate to present information that way.  A lot of the time, the sites are between borders because it’s in the middle of nowhere.  And it normally spreads over lots of sites.  One place has nearly 200 sites crossing two provinces; a lot of small ones representing about 100KW of power each.  They are spread over several hundred kilometers; no economy of scale after a certain point.”

No service-level agreements

This type of self-doxxing, quasi-dynamic environment has led to another interesting phenomenon: ad hoc customer service via social media.

For example, two days ago, a user sent approximately 291.2409 bitcoins as a mining “fee.”13  A small pool called BitClub Network built the block that included this fee.  This fee is equivalent to about $136,000.

The community as a whole then began a crowdsourced investigation into who may have sent this fee and the motivations for doing so, with many believing it to be a mistake.  After all they reasoned, a typical “fee” that most mining pools require in order to be included in the next block is usually less than 25 cents on most days.

A user affiliated with BitClub has since publicly stated it would like to return the fee to the original entity that sent it, though it is unclear if he is speaking with any authority or if the whole thing was a ruse to begin with.

But, as I have argued before, this not only sets a bad precedent for miners as a whole due to a loss of revenue from the forthcoming ‘halvening,’ but the ability to contact a block maker sets a dangerous precedent for the core utility of the network: the disappearance of pseudonymous consensus.

Or as one redditor adroitly pointed out:

Or in other words, if block making was actually pseudoymous and decentralized, with 100+ unidentified pools creating blocks each day, it would be difficult if not impossible to locate and provide timely customer service to a user who made a mistake.

For instance, the most well-known block reorg occurred in March 2013 and it was only resolved when miners, including Slush and BTCGuild, contacted and coordinated with one another via IRC.  If the network was more decentralized and pseudonymous, this coordination would have been very difficult to do, and this was by design.

I pointed out this irony on Twitter earlier this week as well: that there are trade-offs with this approach and the downside of using a bearer asset-based system that had no service level agreement, no EULA, no terms of service results in a world in which users who make mistakes have to complain on social media and hope someone is charitable.

And this happens on a regular basis: earlier this month a user accidentally sent 13.65 bitcoins to the BTCC pool and used reddit as his customer service forum.

That type of friction is not what most consumers want.14  It is a poor user experience which has gradually led to the creation of ‘trusted’ intermediaries in this ecosystem which as described in previous posts, recreates the existing financial system but without the same level of oversight and financial controls.

The cryptocurrency community is learning the hard way why intermediaries exist, why SLAs exist, why legal identities are required for financial transactions, why consumer protection laws arose and so forth.  Pointing out these patterns is not malice or due to a lack of understanding of how cryptocurrencies work, but rather it serves as illustrations for why it has been hard to find real sustainable traction in the space.

How else is this visualized?

scaling bitcoin panel

Source: Jameson Lopp

This past December an event was held in Hong Kong called “Scaling Bitcoin.”

One of the sessions involved a panel comprised of the world’s largest mining farm and pool operators.

The individuals in the photo above allegedly represent about 90% of the network hashrate.

Thus, for all the hype around “trust anchors” tied into public blockchains such as Bitcoin, claims of decentralization and “trust-lessness” are empirically untrue.

In practice, due to centralization and identity leakage, the cost to successfully reorganize a block isn’t through a Maginot Line attack (e.g., via hashrate), but through cheaper out-of-band attacks, such as hosting events in which self-doxxed miners participate.  But that is also a topic for a different post.

Conclusion

16 months ago, Vitalik Buterin and others jokingly quipped that the trends towards centralization in Bitcoin mining (and other cryptocurrencies) resulted in a world where each coinbase transaction effectively arose from a multisig process.

To quote Buterin: “with Bitcoin, we’re paying $600 million a year on a 5-of-10 multisig.”

10 is roughly the amount of quasi-permanent block makers in a given day.  And $600 million was the amount of revenue that miners received at that time due to the higher market value of bitcoin.

In theory, anyone can turn on their computer and hope to become a block maker on a public blockchain — no one has to register with a “Blockchain Admin” because there is no admin.  However, in practice it requires a certain amount of technical knowledge and more importantly, capital, to profitably and sustainably operate a mining farm and pool.

And in order to scale this profitably, in practice, most miners at some point reveal their legal identities thereby negating the core characteristic of a public blockchain: pseudonymity.  How?  Miners, after having erected purpose-built facilities or to liquidate their holdings, may be required by external authorities to go through a gating / vetting process (such as KYC).

Ironically, a substantial increase in cryptocurrency prices may inevitably result in self-doxxing of all major farms. How?  As market prices increase, miners in turn expend more capital to increase their own hashrate to chase the seigniorage rents.

Because of the KYC requirements of utilizing resources like electricity at a hydroelectric dam and the subsequent identity leakage, this turns the block making process itself into a mostly known, permissioned activity.  Consequently, based on this past history, the term DMMS should probably be qualified with a “quasi” modifier in the front: QDMMS.

Similarly, while many enthusiasts have been led to believe a block reward halving will somehow re-decentralize the mining ecosystem, the fact of the matter is chip performance (as measured in hashrate efficiency) is only one factor in the total calculation that professional miners must account for.15

Furthermore, semiconductor engineering itself is effectively on a known, mature trajectory and which appears to be lacking any significant leaps in technological improvement.  The largest entities, such as Intel, see this relatively static path which is one of the reasons why they have formally abandoned their tick-tock roadmap and now plan to lay off 12,000 people.

In contrast, energy prices, land prices, labor costs and taxes are among other major components that professional mining operators look at as a whole and decide whether to stay in a market or not.  Even if there is some price increase after the halvening, home mining by amateurs outside of China will likely continue to remain unprofitable after July.

Thus a year from now the mining ecosystem will probably look a lot like it does today, with most farms and pools being self-doxxed and relatively centralized.16

[Special thanks to Antony Lewis for his constructive feedback]

Endnotes

  1. Censorship-resistance is an emergent property that arises from this design.  See also: Settlement Risks Involving Public Blockchains []
  2. There are other reasons too including not wanting to divulge any comparative advantage they might have that would incentivize new entrants to come into the market. []
  3. Note: it is believed that some large mining operators, such as Bitfury, may actually spread some of their hashers (workers) across multiple pools, in order to reduce their own pool percentage and thereby reduce the concerns over centralization.  This can only be proven with an on-site physical audit. []
  4. There has been research done on non-outsourceable block making. See Nonoutsourceable Scratch-Off Puzzles to Discourage Bitcoin Mining Coalitions by Miller et. al. []
  5. Analysis of Bitcoin Pooled Mining Reward Systems by Meni Rosenfeld []
  6. Most of the pools in operation do not require documentation of equipment or legal identification of miners. []
  7. Note: technically speaking nothing is stopping mining pools from signing blocks and in fact, some do it for advertising purposes. []
  8. There is also a term-of-art called “luck” which Organ of Corti and others analyze on a regular basis. []
  9. Incidentally for those wanting access to the block-making superhighway, to reduce orphan rates, there exists a centralized service: Bitcoin Relay Network. []
  10. See also Appendix B and Section 2 []
  11. Note: Dogecoin began to merge mine with Litecoin in September 2014 and in terms of hashrate the two have moved in tandem with one another ever since. []
  12. China’s water hegemony in Asia from Livemint []
  13. Note: a fee implies something that is mandatory.  The discussion surrounding what is and is not a fee or how it should be calculated and applied is a contentious topic in the cryptocurrency community. []
  14. Cryptocurrencies are effectively designed ‘for cypherpunks by cypherpunks.’  While caveat emptor may be desirable to certain demographics, others prefer consumer protection which bearer-based systems do not have. []
  15. Note: in terms of efficiency, 28nm chips are usually in the range of 0.25-0.35 watts/(gh/s), while the newer 14nm or 16nm ones are more likely 0.12 watts/(gh/s) or less. []
  16. See also: Permissioned-on-permissionless []
Send to Kindle