What is Ethereum’s difficulty bomb?

With an alarming name for a relatively straightforward workaround (although in blockchain land, even straightforward things aren’t really), the “difficulty bomb” is an ingenious way to get all Ethereum miners to switch to another consensus system.

by Blake Richard Verdoorn for Unsplash - Ethereum
by Blake Richard Verdoorn for Unsplash

A bit of background: Ethereum currently uses the Proof of Work consensus algorithm, but has always planned to switch to a Proof of Stake system at some point in the future. Casper, as its Proof of Stake system will be called, is in development, and will be rolled out sometime in early 2017, according to the current plan.

One problem has been, as with every decentralized permissionless system, how to get everyone to switch over to the new system, to avoid split chains, replay attacks, etc. As we saw with the recent hard fork, there is always a strong possibility that some will stick with the old system, and there’s not much that the Foundation can do to coerce them into following everyone else.

Unless it’s in their interest to do so. Here’s the ingenious part: the difficulty of mining Ethereum blocks (= the time it takes to find the nonce that will, when combined with the block data, give a hash within a certain parameter) has been gradually increasing since August 2015, and will continue to do so with exponential increments.

What does that mean? That Ethereum blocks will gradually take longer and longer to mine. The time between bitcoin blocks is in theory about 10 minutes (although recently it’s more like 20 minutes). The time between Ethereum blocks is about 17 seconds. This is one of several aspects that makes Ethereum more attractive to some.

But that is likely to change when Ethereum blocks take longer to process than bitcoin blocks. And it will certainly change, for the miners especially, when Ethereum blocks are so “difficult” to process that it no longer is profitable to mine them, since the electricity consumed in the calculations costs more than the potential ether reward.

The “difficulty bomb” is a clever way to force miners to stop using one system and move to another. Rather than pressure through centralized control (“do this or else…”), it does so through decentralized incentives. No-one is told what to do. But the current Proof of Work algorithm has a built-in self-destruct function that, since it is part of the code, no-one can do anything about. You either move to the new system, or you go out of business. Your choice. No coercion.

Since the increase occurs very gradually, “bomb” is perhaps not the best word for the concept, since no explosions or sudden changes disrupt operations. But it does successfully imply the destructive intent of the code, and subliminally encourages everyone to jump over as soon as Casper becomes available. Ethereum developers call it the “difficulty adjustment algorithm” or the “difficulty adjustment scheme”, which are not nearly as dramatic.

It’s worth noting that the difficulty bomb was conceived as a way to get everyone to move over to Casper when the time came. But it could be used to get everyone to move over to a different hard fork. Ethereum has committed to moving to a version of Proof of Stake. But who knows? Change happens. There’s also no guarantee that Casper will be ready in time. What everyone jumps over to, is not yet “written in stone”, as they say. But they will be jumping over to something different.

It’s also worth noting that the difficulty increase could be modified in the upcoming hard fork that will introduce Metropolis, the next planned iteration of the Ethereum platform (expected in the fall of 2016). This type of modification has already happened once. With the Homestead release in mid-March, the difficulty adjustment algorithm was relaxed a bit. Could this indicate a delay in the release of Casper? With the adjusted system, blocks will become un-mineable by 2021, but the slowness will, according to the founder of Ethereum, become “very annoying by the second half of 2017”. This may change.

Ethereum Classic, the alternative result of the latest fork, also has this ticking difficulty bomb, obviously. But what it doesn’t have is the obligation to migrate to a Proof of Stake consensus system, it doesn’t have the commitment to move to Casper. Its miners do have to move to a different algorithm, though. Or, Ethereum Classic could hard fork to remove the difficulty bomb. It will probably let Ethereum launch Casper and see how it goes, before deciding or not to adopt it. Only by then it will have had to do something about its difficulty levels. Assuming, of course, that it’s still around.

The genius here was in knowing that a possibly contentious hard fork was coming, and devising a way to pre-empt resistance. That doesn’t mean that the process won’t be without drama, though. It’s possible that disagreement emerges as to whether Casper is the right consensus algorithm to be using. Some may believe that another alternative is preferable, and independently fork to that. As we’ve seen with Ethereum Classic, it is possible for more than one Ethereum chain to exist (for now, anyway). The difficulty bomb does not solve the problem of trying to get intelligent and strong-willed people to agree on an optimum process, to facilitate the communication as to why the Casper version is the best, and to demonstrate that the entire community is buying into the Ethereum mainstream creed. Clever as it may be, what the difficulty bomb fails to do is to achieve consensus about consensus.

Blockchain and supply chain examples

A couple of weeks ago we looked at the potential impact of the blockchain on supply chain management, but we didn’t go into detail about actual examples and current trials in this bigger-than-you-probably-expect sector. Even leaving aside the physical logistics sector, which is enormous, the size of the supply chain software industry has grown in recent years to over $10bn, according to research from Gartner. Research and Markets predicts 11% annual growth in this sector at least until 2020. Add in the $18bn of the trade finance market, and you have a considerable slice of the world economy, and not just in terms of strategic importance. Below are some of the startups and projects that are hoping to take a good chunk of that market away from the traditional suppliers such as SAP and Oracle, while re-thinking processes and introducing new efficiencies.

by Erwan Hesry for Unsplash - supply chains
by Erwan Hesry for Unsplash

The startup with the most VC funding in the sector is US-based Fluent, with $2.5 million in seed investment from firms such as ff Venture Capital, Draper Associates, 500 Startups, Digital Currency Group, SixThirty and many more. Founded in 2014, its aim is to streamline supply chain finance with a custom-built blockchain based on bitcoin’s architecture. Invoices can be tokenized once a buyer approves them, avoiding duplicate and fraudulent invoices across the network. Companies can send and receive payments on the Fluent network. The platform also includes a peer-to-peer working capital marketplace which can provide financing for invoices, whole or partial.

California-based SkuChain has also received seed funding from Digital Currency Group among others, although of an undisclosed amount. It wants to open up trade finance to small- and medium-sized businesses by removing the need for Letters of Credit (payment guarantees issued by a bank). This could have a positive impact on exports from developing countries, while reducing the global economy’s dependence on banks and large freight companies. Using the bitcoin network as well as SkuChain’s own technology, the platform hopes to enhance transparency for all participants in the supply chain, while at the same time improving access and broadening the base of its participants.

Wave, based in Tel Aviv, was one of the first startups in the supply chain sector to sign a deal with a big bank. After graduating from Barclays’ fintech accelerator last October, the startup has focussed on developing a platform to help the banks’ clients reduce their supply chain financing costs by substituting physical bills of lading with blockchain-registered digital versions that streamline the shipping process.

London-based Provenance is working on a chain-of-custody solution on both the Bitcoin and the Ethereum blockchains. Founded in 2013, it focuses on not only the verification of origin, but also the authenticity of the data. One of their more interesting projects involves the tracking of fish from the boats in Indonesia to the high-end sushi restaurants in Japan. If this pilot works as expected, we should soon be able to confirm that the steak we ordered at the restaurant did, in fact, come from the plains of Argentina, and that the olive oil that we purchased at the supermarket was, in fact, pressed from arbequina olives in Spain.

Everledger, also based in London, is building a system to track the movement of diamonds from the mine to the jewellery store, creating a provable provenance as well as facilitating diamond trade. This should significantly increase not only the security of the gem supply chain (which still relies largely on paper documents which can be amended or forged), but also the insurance costs.

Australia-based Blockfreight, launched in April of this year, is developing “an open network for global freight” that combines blockchain apps with smart contracts and RFID sensors. Clients will be able to access the platform with the Blockfreight token, launched last month and run on the Counterparty rails, which can be purchased from the company and eventually from licensed agents (I couldn’t find any active exchanges that deal in this token, but it’s early days still), for $1 each as of a few days ago.

CargoChain, still at development stage, won the Shanghai Blockchain hackathon in January 2016 with their chain of custody innovation that records the Bill of Lading on the blockchain, providing a transparent and traceable record, and uses RFID sensors to track the physical shipment. Built on Ethereum, it also plans to offer a smart contract escrow system, which removes the need for the parties of a trade to either rely on a bank to facilitate the transaction, or to know and trust each other. Other planned functions include automatic payment release upon document receipt, and built-in penalties for delays.

While Barcelona-based Consentio will also use the blockchain to digitize and store the documentation, its main focus is on the financial side. Working with regulated payment platforms, it will use smart contracts to offer financial services such as proof of deposit, deposit release and payment upon delivery.

It’s not just startups that are pushing the innovation boundaries in the supply chain field. The Finnish city of Kuovola has received €2.4 million of European funding to develop a project called SmartLog that applies the blockchain and smart contracts to shipping containers. The city is a hub for trade between the EU, Russia and Asia, and its region is host to around 700 logistics companies.

A few weeks ago Toyota Motor Corp. announced that it was joining R3 CEV’s blockchain consortium to test applications for its supply chains. And big boy IBM just last week launched a supply chain service on its enterprise blockchain, which allows companies to experiment with new forms of document storage for their trade processes (one of the first to sign up was Everledger, mentioned above).

Pressing problems yet to solve are the Know Your Client (KYC) requirements that 80% of sector participants cite as the main barrier to sector growth. Since this requirement is tied to the thorny problem of identity, especially difficult in online, automated processes, it would be optimistic to expect mass migration to blockchain-based supply chain solutions. But the potential economic savings and increased transparency and efficiency make the end goal worth the pursuit. And with a wide assortment of business models and technologies working on this potentially very lucrative objective, it certainly will be an interesting space to watch.

(This article was originally published on LinkedIn.)

What is the difference between an algorithm and a protocol, and why does it matter?

This is a deep dive into supremely nerdy territory, but being a stickler for detail, I think it’s worth clarifying: algorithms and protocols are not the same thing. And in the bitcoin-blockchain world, the difference is important.

Which is surprising, since they seem to be used interchangeably. I certainly have used them as if they were the same thing, as have people much more knowledgeable than myself. And my inner Thesaurus desperately wants it to be so, to avoid over-using one word or the other. But a niggling doubt at the back of my mind pushed me to look into it a bit, and here is what I found:

That our confusion in this respect is holding us back.

So in this article, I hope to clarify the differences, and to show how a deeper understanding of this can lead to new breakthroughs. In part, it’s my fondness for the pedantic, but mainly it’s because I firmly believe that if we can understand something more profoundly, it’s more likely that we can come up with useful variations, innovations and use cases.

Here goes:

A protocol is a set of rules that governs how a system operates. The rules establish the basic functioning of the different parts, how they interact with each other, and what conditions are necessary for a healthy implementation. The different parts of a protocol are not sensitive to order or chronology – it doesn’t matter which part is enacted first. And a protocol doesn’t tell the system how to produce a result. It doesn’t have an objective other than a smooth execution. It doesn’t produce an output.

It’s like the engine of a car, how a car works.

An algorithm, on the other hand, is a set of instructions that produces an output or a result. It can be a simple script, or a complicated program. The order of the instructions is important, and the algorithm specifies what that order is. It tells the system what to do in order to achieve the desired result. It may not know what the result is beforehand, but it knows that it wants one.

It’s what you need to do to drive the car, the actions that the driver performs.

The protocol is a set of rules that determines how the system functions.

The algorithm tells the system what to do.

The protocol is. The algorithm does.

In the kitchen, the protocol would be a set of conditions and instructions such as:

  • The knife cuts
  • The flame heats
  • Olive oil is delicious
  • Frying pans are good for sautéing onions
  • Wash your hands before handling food
  • Burnt food tastes bad

An algorithm in the same kitchen could be:

  • First, chop the onion
  • Then, heat up the olive oil in the pan
  • Put the onion in the pan, add some salt, and stir until the onion is translucent
by Matthew Wiebe for Unsplash - algorithm
by Matthew Wiebe for Unsplash – the bridge is a protocol, the bike is a protocol, the rider is an algorithm

How is any of this applicable to the blockchain? Because the blockchain needs both protocols and algorithms, and each have a distinct role.

In blockchains, the protocol:

  • tells the nodes how to interact with each other (without telling them to do so)
  • determines how data gets routed from one node to the next (without telling the data to move)
  • defines what the blocks have to look like
  • stipulates who decides which transactions are valid
  • establishes how consensus is determined (without dictating the procedure)
  • identifies who maintains the ledger
  • delegates who determines how the rules of the system change
  • decides if identities are needed
  • determines who can create new coins (but not how)
  • triggers procedures in case of error

The algorithm, on the other hand:

  • verifies signatures
  • confirms balances
  • decides if a block is valid
  • determines how miners validate a block
  • establishes the procedure for telling a block to move
  • establishes the procedure for creating new coins
  • tells the system how to determine consensus

So far so good, right? Now here’s the truly befuddling part: are “Proof of Work” and “Proof of Stake” protocols or algorithms? In crypto journalism they tend to get used interchangeably, with frequency coming down on the side of algorithms, but with protocols getting a relatively high score (check out “proof of work algorithm” vs “proof of work protocol” in Google). So I’ve been furrowing my brow and staring into my empty cup of coffee and I’ve concluded:

They’re algorithms. Not protocols.

Both Proof of Work and Proof of Stake tell the miners how to go about validating a block. They establish conditions, like protocols do, but the instructions are fundamental, and there is definitely a desired outcome: to process transactions, to determine which blocks enter the chain, and to provide a consensus as to which chain is the correct one. Both use the underlying protocol to achieve those goals.

Continuing along this brain-wrinkling train of thought, are Bitcoin and Ethereum algorithms or protocols?

They’re protocols. Not algorithms.

They establish the ground rules, set up the “engines” and determine who does what and how. We, the users, then play around with algorithms to get coins sent, to execute smart contracts and to create new business models. The algorithms are what make the protocols useful.

So, if we understand that the rules are one thing and the instructions are another, we can get creative. What is our desired outcome? And what algorithms, using the rules of the protocol, can we come up with to get us those desired outcomes?

That is why the difference is important. We need to understand the distinction between the state and the action. Between the rules and the procedure. Between what we can and can’t do. We can’t change the rules (if you want to, go ahead and set up a new blockchain). But we can create a series of actions, instructions and processes that can get us to where we need to be.


How can Bitcoin be hacked?

Don’t get excited, this isn’t a how-to article. I have no idea how to hack Bitcoin (and even if I did, I probably wouldn’t tell you). With the Bitfinex drama and the Cryptsy theft (by its own CEO??) still appearing in headlines, and with so many of my friends asking “But I thought Bitcoin couldn’t be hacked???”, I wanted to dig into the how, the why and the who. I’m not going to go into all the crypto hacks and thefts over the past few years, that would produce an article the length of a book. But I am going to look at some of the more interesting and relevant ones, going back to the middle of 2014.

First, we need to differentiate between a hack and a theft. Many assume that they are one and the same, but they are not. Technically, a hack is “unauthorized access to a computer”. Many hackers go in and out of others’ computers and servers just for fun (scary, but it happens). Some hacks are positive – there is a service that will try to hack your bitcoin wallet to recover funds for you. The DAO fiasco saw the hacker(s) being hacked to try to recover funds (it didn’t work). And hackers have been helping to root out the owners of alleged scam cloudmining company HashOcean. So, not all hacks involve theft. And not all theft is a hack, obviously. Theft does still happen out there in the physical world, with no computer getting involved.

by Dmitriy Me2dev for Unsplash - hacks
by Dmitriy Me2dev for Unsplash

But, it’s not news that cybercrime is an intensifying threat to individuals, businesses and even economies, as the tougher the security, the more fun the challenge. And as more and more of our lives and our wealth is online, the stakes get higher. All major law enforcement groups have their own cybercrime division, drawing on the skills of detectives, lawyers and, yes, hackers. But in most cases, figures on cybercrime are difficult to come by, as most victims have no interest in publicity, and many attacks are covered up.

In the cryptocurrency world, however, things are very different. The media seems to relish a “see-I-told-you-it-wasn’t-safe” rubbing of hands and pronouncements of crypto doom. Plus, given the community’s active presence in forums and chats, news of hacks, outages and breaches spreads fast. Trying to cover up a crypto hack forever just wouldn’t work. A stroll through reddit or bitcointalk will give you an idea of the volume of chatter, level of detail and degree of scepticism about practically any and every aspect of the sector. Suspicions are aired, spread and debated, and the senior team of the putative hack victim is usually on hand to answer questions. From what I gather, and lamentably with some notable exceptions, they generally do so as truthfully as they can, with good intentions, because they know that hiding stuff from the community (some of whom are hackers themselves) is futile.

So, it’s not that cryptocurrency businesses suffer more hacks than all other sectors. They don’t. It just seems like they do, because those hacks get a lot of public attention.

The most recent one to occupy the headlines is the absolutely huge Bitfinex hack, in which 119,756 bitcoins (worth about $70 million at the time) were siphoned off from the exchange in early August. We don’t yet know how it was done, which is perplexing given that in 2015 Bitfinex announced a collaboration with multisig wallet producer BitGo to enable additional multisig security on Bitfinex wallets. In theory, with the BitGo solution, it was supposed to be impossible to hack clients’ wallets and steal their bitcoin. Yet that is exactly what happened. Both BitGo and Bitfinex assure us that BitGo was not at fault in the hack, that the coding worked as it should. Fingers seem to be pointing at the configuration Bitfinex employed, keeping bitcoins in individual accounts rather than in a cold storage pool (kept offline), to comply with a recent CFTC (Commodity Futures Trading Commission) investigation which resulted in a $75,000 fine and the requirement to change the process of settling margin trades.

In an unprecedented move, Bitfinex decided that in order to stay open for business (and as the 3rd largest exchange in terms of volume and the largest in US$/bitcoin trades, it was important that it do so, for market stability) it needed to spread the losses amongst the clients’ accounts. Rather than have some clients’ accounts lose everything, it applied a 36% haircut to all accounts, instituting the first “bail in” in digital currency history. This is more or less the haircut the account holders would get if Bitfinex went into receivership, and at least this way there is a chance that they can get their money back. The company has replaced the reduced amount with a cryptocurrency token which itself can be traded, or redeemed at a later date for bitcoins, or dollars, or shares in Bitfinex’s parent company, it hasn’t been decided yet. In the end they may not be able to do this, however, as the words “unprecedented” and “finance” generally don’t go well together, and the legality of token trading (which has already started, no time to waste) is in question, as is the concept of “socialized losses”. And, who knows, they may yet be able to recover some of the stolen bitcoins, given the $3.6 million bounty on offer.

In June, the Ethereum project theDAO was hacked to the tune of 3.6 million ether, at the time worth $60 million. The response of the Ethereum developers was to hard fork the blockchain, winding time back to before the theft, and closing the platform on which it happened. Hard forks are contentious, though, because of the risk involved – for it to work as planned, all network participants need to upgrade to the new version, to avoid some validating blocks on the old “invalid” code, which could lead to potential false transactions and double spending. In this case, the proposal was particularly contentious because it demonstrated that public blockchains are not necessarily immutable, resistant to censorship, etc. The Ethereum code was working fine. The change would be to avoid losing money. A good enough reason? If Ethereum can change the code to suit them, what’s to stop them from doing it again in the future, due to self-interest or coercion?

The hard fork turned out not to have the consensus that the developers assumed, and a few holdouts insisted on sticking with the “old” Ethereum chain. The “old” ether became a new cryptocurrency called ETC, while the new one retained the old symbol of ETH. The developers didn’t object at first because they really thought that ETC would fizzle out and quietly disappear. But it is now the 6th largest cryptocurrency in terms of market capitalization. And the thief still has his (or her) 3.6m ethers, the old version, although they are worth a lot less than the original $60 million. It’s disconcerting how one hack can change the fundamental nature of a promising blockchain in unforeseen ways.

gatecoin - hacks

In May, Hong Kong-based crypto exchange Gatecoin reported the theft of 250 bitcoins and 185,000 ether, worth about $2 million at the time. While most clients’ crypto assets are stored in multisig cold wallets, the hacker managed to overwrite the protocol that handles this so that ether went directly to the hot wallet (keys kept online) instead of the cold, and ignored the self-imposed limit of 5% of assets in online storage. In the end, the hacker made off with 15% of the exchange’s crypto assets. Immediately after, Gatecoin announced that it would seek $4-5 million in funding to cover the losses, and offered a bounty and a lifetime of free trading for return of the assets. In the end, the exchange managed to raise $500,000 to strengthen the security infrastructure, and replaced its CTO, referring to him as a possible suspect. At time of writing, its web site was undergoing an overhaul, and is supposed to relaunch today (August 17).

In April, exchange Shapeshift reported a hack executed in stages of 469 bitcoins plus some ether and litecoin, worth at the time about $230,000. In this case they were victim of an inside job – an employee stole the bulk of the funds, sold server access to a professional hacker, and installed malware on colleagues’ computers to enable the hacker to access the refreshed passwords. Erik Voorhees, the founder of Shapeshift, gives a riveting account of the drama here. No customer money was lost, and the site had relaunched by the end of the month.

Also in March of this year, Canadian exchange Cointrader suddenly closed down, with the explanation that an audit had revealed an unexplained deficit of bitcoin. The media took this to mean a hack, but it might not have been. In an email to clients, the exchange explained: “A recent internal audit revealed a deficiency of Bitcoin in our wallets.” Previously, trading had been halted on shares of the parent company Newnote Financial Corp. (listed on the Canadian Securities Exchange, similar to the US’s OTC market), because of failure to file financial statements. The company was undergoing an audit to rectify this, most likely the same audit that uncovered the missing bitcoins. In an official statement, Newnote announced that the audit was still ongoing and that Cointrader would be shut down due to “rising maintenance costs and lower trading volume attributed to an increase in competitors within the Canadian market space”. No mention was made of the hack. So, did the hack even take place? Or had the audit uncovered something else?

Here’s an interesting one, still making headlines today: In December 2015, exchange Cryptsy and the media started receiving a stream of customer complaints about stalled bitcoin withdrawals, some pending for weeks. In early January, in the face of no response whatsoever from the company, a frustrated client initiated a class action lawsuit in an attempt to recover their funds. The next day, the founder published a post on the Cryptsy blog announcing suspension of trade and withdrawals, and confessing to the loss of 13,000 bitcoin and 300,000 litecoin, at the time worth about $5.7 million. The founder explained that a back door had been installed on the exchange by someone claiming to be a developer. The most startling revelation was that the coins had been missing for a year and a half.

Why hadn’t he told anyone? According to his post, because he wasn’t sure what happened (even well over a year later), and “didn’t want to cause a panic”. He assumed that he could replenish the accounts with profits over time. But then an article was published in the sector blog Coinfire (now part of 99 bitcoins), claiming that Cryptsy was under investigation from several Federal agencies (including the SEC, the Department of Homeland Security and the IRS) for a long litany of infractions ranging from operating without licenses to knowingly servicing accounts linked to terrorist financing, which triggered massive withdrawal requests that Cryptsy simply could not honour.

A couple of weeks later, the CEO’s ex-wife claimed in a court filing that she believed that he would flee the country with the funds, and was using the money to support his lover and her children in China. A few weeks after that, we’re now in February of this year, the ex-wife was added as a defendant in the class action lawsuit, since it turns out that in early 2015 she and her (then) husband had paid for a waterside mansion in Palm Beach with cash. In April the court appointed a receiver to dissolve the business and determine how much was recoverable. Last week the receiver revealed that he had discovered that the (now ex-) CEO had been siphoning off crypto funds the whole time.

After an apparent lull in crypto hacks (what were the hackers up to?), in May 2015, a well-known Hong Kong-based exchange suffered a breach and a theft. The exchange was Bitfinex (yes, them again), and this time the target was their online hot wallets, which store a very small amount of crypto assets. Apparently about 1500 bitcoins were stolen, worth approximately $340,000 at the time. Customer wallets were affected, but Bitfinex was able to replenish the losses out of their reserves.

Also in March 2015, Panama-based Coinapult briefly suspended operations following the theft of 150 bitcoins (then worth $42,900) from its online wallet. Customer funds were unaffected, but immediately after, the exchange announced its intention to move to multisig authentication as soon as possible.

The previous month, Chinese exchange Bter, at the time the world’s largest exchange of altcoins (bitcoin alternatives), admitted to a hack of 7170 bitcoin (then worth $1.75 million) taken from its cold wallet. Because of the unlikelihood of a cold wallet getting hacked (the keys are kept offline, so how would the hacker get at them?), some pointed fingers at Bter, accusing them of covering up an inside job. However, there are cold wallets and then there are cold wallets. Depending on the configuration, some cold wallets can be compromised when they connect with the internet, however briefly, which they sometimes need to do to either move bitcoins or update balances.

The size of this theft almost caused Bter to sell the exchange, claiming that it simply did not have the funds to reimburse the 20,000 affected customers. A 1000 BTC loan from mining group JUA saved the day, however, and Bter was able to use that plus the promise to continue to repay out of profits to make the accounts whole. JUA also took over the protection of Bter’s cold wallets.

February 2015 was a busy month for hackers: Excoin was also hacked. The exchange turned out to have a prophetic name, since the hacker managed to divert all of the bitcoin on the exchange, which left it no choice but to shut down.

photo by Loic Djim for Unsplash - hacks
photo by Loic Djim for Unsplash

In January of last year, Bitstamp – a Luxembourg-based exchange, currently the fifth largest BTC/USD exchanges – had 18,866 bitcoins (then worth just over $5 million) stolen in a hack that involved targeted phishing emails and messages which installed malware on the computers of Bitstamp employees. The hackers not only spent time profiling the employees and creating specific language and offers for each in the emails, but they cleverly staged the access and the theft over the New Year period, counting on a slower reaction time. As soon as the movements were discovered (the same evening as the account was drained), it shut down operations, and started work on rebuilding the trading software from scratch.

After another lull in crypto hacks making headlines, in August 2014, Bter was hit again. Almost 52 million NXT (another cryptocurrency, associated with the blockchain of the same name), at the time worth $1.65 million, disappeared from its account. It turns out that the hacker got access by gathering information on one of the Bter developers, hacking an account that he used on a different website, and taking advantage of the fact that he used the same password to get into Bter. The exchange had set up 2-factor authentication on many of its systems, but not on NXT, which to make matters worse was kept in a “hot” online wallet, directly accessible from the site. Given the scale of the attack (at the time the theft was of 5% of the market cap), NXT considered “rolling back” the blockchain to reverse the hack, much like what Ethereum has just done. As we have seen, however, this is a very controversial move for any blockchain based on immutability and censorship resistance, and the majority of the participants opposed the idea. This hack had a “happier” ending, however, since the exchange managed to negotiate the return of the bulk of the coins. Perhaps they used the threat of a hard fork? Keeping some and returning the rest is better than losing all?

And another happy ending: in December 2014, wallet giant blockchain.info was hacked for 255 bitcoins. And then the hacker gave the coins back. Awwww.

Let’s end this walk through history with a really juicy story, with several chapters but no happy ending: in July 2014, altcoin exchange MintPal was relieved of approximately 8 million of bitcoin alternative VeriCoin, which at the time was 30% of its market cap of $6.3 million. It is interesting to note that the exchange’s bitcoin holdings were also targeted, but they were held offline in cold storage and thus ended up untouched. The Vericoin were supposed to be in cold storage, but due to an error most of them weren’t. The community couldn’t allow that much VeriCoin in the hands of one attacker, since it would have given him or her enough weight to instigate a 51% attack, which made the decision to fork simpler – it was that or see the currency completely crash. The problem with hard forks, though, is that everyone in the network needs to update pretty much at the same time. That didn’t happen here, which meant that older versions processing new blocks effectively “reassigned” the attacker the stolen 8 million. A second hard fork a day later managed to fix the problem, diverting the coins to a new, MintPal-controlled wallet.

Trading volumes dropped sharply after the attack, which led to its acquisition by the end of the month by Moopay (more commonly known as Moolah, not to be confused with the payments services provider of the same name). Three months later, on October 14th, after several delays to MintPal’s relaunch, Moopay announced its plans to declare bankruptcy and shut down operations. MintPal had apparently already been transferred to new management, and the new team was focussing on “the resolution of issues surrounding missing balances”. Missing balances?

The following day, the CEO of Moopay insisted that the company had never bought MintPal, all that it had was a management agreement (documents subsequently released show that, indeed, Moopay did not own a stake in MintPal, but the CEO of Moopay did, he held 48% of the company that owned 100% of MintPal). To add to the confusion, less than 24 hours later, the CEO and founder announced that no, on second thoughts, Moopay was not going into bankruptcy after all. He then resigned. At the same time reports started to emerge tying the founder to other identities. The next day, this was separately confirmed by both a former lover and by an ex-associate who in the past had pressed charges against him for fraud. The following day (a busy week) it turned out that the name that they knew him by wasn’t his real name, either. The day after that (we’re now at the 18th of October), the ex-CEO fired all the staff, and the following day he confessed to the name change. And in case things weren’t confusing enough, he re-confirmed the bankruptcy.

At the same time, it emerged that 3,700 bitcoins were missing from MintPal’s wallets. It turns out that they were being held in the Moopay CEO’s personal wallet, and were moved as soon as this was discovered. Simultaneously, the CEO posted an abject apology on Moopay’s blog, which has since been taken down but part of the text is reproduced here. Then the lawsuits started flying, injunctions were handed down and the CEO went missing. In December, he and a former colleague (alleged to be his then girlfriend) were arrested in the UK but released on bail. And in August of this year, a couple of weeks ago, he was sentenced to 11 years in jail, not for theft or fraud, but for rape. I bet you didn’t see that one coming.

As you know, it’s not just cryptocurrencies that get hacked. Banks around the world are subject to a frightening number of hack attempts, some really sophisticated, and some successful. However, the bank hacks tend to be shrouded in secrecy, and many are never even revealed to the public – we wouldn’t want a panic, now, would we? Another big difference is that bank accounts are, in most systems, insured up to a certain amount. There is little if any risk of “losing it all”. With the uninsured crypto exchanges, however, that is not the case, and while the amounts are much smaller than with fiat bank hacks, the community is much more vocal.

How can we protect ourselves from bitcoin hacks? A relatively easy answer is to spread our bitcoin holdings across several wallets and exchanges, and throw the bulk in cold storage. It’s an easy answer, but it’s a hassle, which is why most casual bitcoin users don’t do it. Sticking with reputable exchanges is also a good idea, but a really big hack could decimate even the most solvent of business (crossing fingers for you, Bitfinex). When an exchange gets hacked, the loss of the cryptocurrency is not the only cost. There’s also the expense of the investigation, migrating servers, rebuilding the platform, lawyers…

It’s so easy to apply common sense in retrospect, but unfortunately much less so as we go about our daily lives. And as we’ve seen, crypto hacks can affect any exchange, even reputable, well-protected ones. Theft is lamentably a part of life which we will never be able to completely avoid. And the fact that it exists in no way makes the stolen asset more vulnerable and worthless. Cash is stolen every day, and yet that doesn’t make us suggest that cash is useless, does it? Gold, diamonds, cars… Anything that can be moved, can be taken. And nothing is easier to move, in terms of logistics, than bits and bytes of information. The fact that it doesn’t happen more often is a testament to the ingenuity of security experts, who are continually trying to stay on top of a moving pile of sand. With each hack, the community learns. And with that knowledge, gets stronger. While this doesn’t help the thousands who lose savings, it does strengthen the sector as a whole. And shows that if people are trying to steal what you have, it must be worth stealing.

Blockchain and supply chains

Almost everything you touch during your day is the result of a supply chain. The product originated somewhere. It then moved somewhere else, and after that somewhere else, and so on until it ended up in your life. Your toothbrush, your breakfast cereal, your clothes, your car or bus or bike… You get the picture… We hardly ever think about this, nor should we have to. Because we trust that its sourcing did no harm, that the quality is acceptable and that it’s going to do what it needs to do.

What if you could know so much more? That your toothbrush was made in Texas? That your T-shirt was made in Nepal? That your shoes were designed by someone in Turin but manufactured in Romania? Too much information, you might say. But think about how it would change our relationship to things. Which would change our attitude to consumption. Which could lead to a new commercial culture, one based on transparency, trust and process.

by Lewis Pratt for Unsplash
by Lewis Pratt for Unsplash

Now let’s stop for a second and zoom out. Let’s picture all those toothbrushes and T-shirts and shoes criss-crossing the world to reach their destination. Most by container-stacked ships, some by truck. And all with reams of paperwork to accompany them from one stage to the next. There’s the “pull” order from the end retailer, which probably gets passed to an international distribution agent, which probably gets passed to a local distribution agent before ending up with the actual manufacturer. Of course, there are new forms along the way. Then there’s the “push” paperwork, in which the manufacturer documents the exit from the factory, in which someone else documents the reception and the placing on in the container, in which the goods are expedited from one off-loading stage to another. In this day and age, still, much of that paperwork is physical, using paper, often in triplicate.

That hardly sounds efficient. Or safe, since paperwork can be falsified, mistakenly rerouted, or simply lost. Even most digital versions consist of pdfs or similar, which have the same potential vulnerabilities.

Surely there has to be a simpler way? Of course there is: blockchain-based supply chain management. Here’s how it could work:

The documentation could be digitized, and stored on a blockchain (if you’re not familiar with how they work, see here). This will make it impossible to change or tamper with, without everyone knowing. It would also make it easy to pass from one stage in the journey to the other. And each receipt can be programmed to trigger an action, such as a payment, or a message, or the emission of another document. This could be made even more secure if we include sensors in the containers that automatically inform that the container has physically arrived. Smart contracts could be written that say something like “when the container is loaded onto the distributor’s truck, issue payment and the corresponding documentation”. More automated, more verifiable, more transparent. Retailers and/or end clients could follow the merchandise’s progress, which reduces uncertainty. And the considerable manual work needed to process the transactions could be reduced considerably, which at the same time will lower costs and friction.

This will not only streamline the process of trade, potentially saving billions. It will also make the progression of the merchandise more transparent, allowing more trustworthy documentation and greater confidence in the end product. The manufacturer is happy because it costs much less to get the merchandise to the end user. The end user is happy because he or she feels better about the sourcing and quality.

And the middlemen? It’s easy to assume that they would be happier at having less paperwork to handle, which would require fewer employees, overheads and risk. But their very usefulness is called into question. Would we still need middlemen in a blockchain-based supply chain world?

Yes, of course we would. No amount of automation can replace the need for a flexible and agile supervisor, to make sure that the routing is taking place as planned, and to react when nature and/or man intervene. But less checking of documents, stamping of bills of trade and filing and/or sending the appropriate pieces of paper means not only lower costs, but fewer opportunities for human error.

The lowering of costs would improve distribution profits, as well as perhaps lower the costs for the final customer. Lower costs and smoother processes should lead to increased trade. Increased trade leads to economic growth. And economic growth leads to increased trade. A nice, mutually-reinforcing circular process, based on code, connections and confidence.

An increasing number of startups and established businesses are getting involved in this potentially very lucrative sector. Just last week IBM announced the launch of a new platform that allows businesses to experiment with the “blockchainization” of their supply chains, a sign that this is serious business and that the shift will happen sooner or later. The potential impact will transform sectors as diverse as electronics and agriculture, while spreading the efficiencies along the whole supply chain and benefitting a broad range of communities and economies.


Blockchain and IoT examples

The Internet of Things is such a broad and confusing space, with so much potential impact in business, society and home life, that talking about it feels a bit like talking about the universe. After all, what isn’t a “thing” that can be connected to the Internet? When we’re referring to the Internet of Things, do we include our smartphones? Our cars? Our televisions? What about our satellites and our aeroplanes? Our 3d printers and our factory robots? And getting metaphysical on the issue, what about Facebook pages? Video games? Bank accounts? They’re things too, right? But to bring the discussion of the impact of the Internet of Things into the realm of practicality, most studies and businesses focus on gadgets, either big or small. The smartphone is so obviously a thing connected to the Internet that it is usually not featured in the sector studies, except as a conduit for information from other things. The same goes for computers and sensors. Those obviously-connected devices are what we embed in physical things to get them talking to us and to each other. So, when we refer to the “Internet of Things”, or IoT, we’re really talking about things connected via other things. Sensors, computers and phones talking to each other is the backbone of today’s development. But it’s not new and it’s not news. It’s what those sensors, computers and phones are talking about, what data they are transmitting and what objects they represent, that is of interest.

by Todd Quackenbush for Unsplash - blockchain and IoT
by Todd Quackenbush for Unsplash

For this discussion, I’m just focussing on physical gadgets not related to transport, the supply chain or to the energy sector (there’s so much going on there that we have the basis for a separate series of studies). While IoT is already a reality, its impact so far has been useful but fragmented, more an indication of what’s possible tomorrow than what we can change today. Blockchain technology is increasingly looking like a potential unifier for the different device-specific, manufacturer-specific and sector-specific networks currently in operation or under development. Yet its application is still fraught with obstacles and issues, most of which will be overcome with experimentation and creativity. Here I look at some of the more advanced projects participating in this journey – I fully expect that we’ll be hearing more from them in the months to come, as well as adding interesting newcomers to the list.

As with most blockchain activity these days, experimentation in the Internet of Things space is not limited to startups. In one of the first major papers on the subject, at the beginning of 2015 IBM revealed ADEPT (Autonomous Decentralized Peer-to-Peer Telemetry), a proof-of-concept of a universal IoT blockchain platform that combines P2P messaging, BitTorrent and Ethereum. Two interesting case studies were included: a washing machine that can manage its supply of detergent, self-diagnose and solve maintenance issues, and “negotiate” with other household devices the optimum time for an energy-consuming cycle run; and electronic billboards that manage, allocate and automatically charge for ad display. The proof-of-concept code was supposed to be shared on GitHub, although as far as I can tell it hasn’t yet, perhaps because the project leader left IBM at around the time of the paper release. IBM have certainly not been idle, though, and a few months ago revealed that they are working on combining the blockchain with Artificial Intelligence to manage IoT ownership, access and diagnostics. This is part of IBM’s commitment, announced in March 2015, to invest $3bn in the Internet of Things. Yes, that’s billion with a b. This should be fascinating.

One of the best-funded startups in the blockchain + IoT area is US-based Filament, which has received $7.35m in investment from VCs such as Bullpen, Pantera, Verizon, Crosslink, Samsung, Digital Currency Group and others. Its focus is long-range wireless networks, and its main product is the Tap, a device registered on the blockchain with environmental sensors that can integrate with other sensors, and which has a wireless range of over 15km that does not depend on wifi or cellular networks. These sensors help farmers to monitor soil quality, cities to control outdoor lighting, and vending machine operators to optimize inventory, among a host of other potential applications. While most uses at the moment do not need universal registry, the blockchain base will enable connectivity in the future, which will encourage the development of additional efficiencies and possibilities. Running on the bitcoin blockchain allows for micro-transactions, which will open up the project to a wide range of new business models. And if things are going to talk to and transact with each other, they’re going to need Filament’s blockchain-based help with decentralized identity creation for inanimate objects. The Patch, their other main product, is an embeddable version of the Tap that adds wireless connectivity to any hardware. Filament is one of the most advanced IoT and blockchain companies, in that it actually has paying clients and a seemingly viable business model: it owns the sensors, and charges for the configuration, the data, the maintenance and the updates.

IOTA approaches the issue from the other direction. Instead of focussing on the devices, it has created a cryptocurrency to facilitate micro-transactions between devices. Rather than a heavy blockchain, though, it runs on a lightweight “Tangle”, a “block-less” distributed ledger that makes it possible to transact without fees. Tangle doesn’t have miners that need incentivizing, but “verifiers” that are also users. They process transactions as they use the network, which allows for transactions at no cost, ideal for the high-frequency, low-value, light and constant transactions of the Internet of Things. Technically IOTA does not use a blockchain, but I include it here for its decentralized, trust-less approach to the exchange of value, and its innovative approach to the sticky problem of micro-transactions (still relatively expensive, even on the blockchain), both of which could put the goal of a viable and efficient Machine Economy within reach.

Chainofthings focusses on the security of the data collected and uploaded by the Internet of Things. Run as a consortium composed of several startups and established businesses active in the IoT and blockchain space, it supports and collates research and organizes events designed to promote solutions-based exploration. Participants and supporters include blockchains Ethereum, Lisk and Emercoin; IoT startups Filament and IOTA (mentioned above); blockchain businesses Skuchain and Everstore; bitcoin node hardware manufacturer Bitseed; solar power startups SolCrypto, SolarCoin and ElectriCChain; advisory businesses such as Zerado and Neuroware; and large international conglomerates such as electricity company RWE. Its first case study, revealed at a recent Chainofthings event in London, looked at the application of distributed ledgers to solar power generation, and the next one will focus on sensor mobility.

UniquID is a young project that was first presented at the Consensus conference in May 2016. Based in the US and in Italy, it allows users (still in beta) to create a private blockchain which acts like a sort of “wallet”, on which they can register their devices. All devices registered on that blockchain can communicate with each other, without the need for external authentication. Access to these “wallets” could be from a range of configured devices, which would give flexibility to the format and the deployment of these “local” IoT networks. Unlike other efforts in the sector, UniquID’s idea seems to be to maintain the separation of IoT networks, and it remains to be seen how this is better than a simpler database approach.

Riddle&Code is another young project in development, with an interesting twist. According to its website, the platform “connects blockchain technology to real world objects”, which is what most participants in the sector want to do. The twist is that it uses NFC technology that permits the secret exchange of data and of the cryptographic keys that determine who can access that data.

As you can see, the intersection of blockchain and the Internet of Things is attracting attention, but not yet at the scale the potential warrants, and not yet with a “success story” business model (Filament seems to be on the right track, but there is little public information, and it’s still early days). The ideal balance between hardware and software, centralization and decentralization, complexity and convenience will be difficult to find. But it will emerge as the sector gets more competition and as the businesses move along the timeline from idea to implementation to revenues. This progress is worth encouraging, as the end results will not only open up new potential Internet of Things business models. They will also teach us even more about the potential and actual real-world applications of blockchain technology and its derivatives, which will lead to more innovation and creativity. It won’t be easy – there are many conceptual issues revolving around identity and data that will need to be addressed – but the most important things in history never are.

(If I’ve gotten anything wrong on any of the businesses mentioned, please let me know! I don’t ever want to mis-represent a company or an individual, ever. A similar version of this post was published on LinkedIn. I twitter away at @NoelleInMadrid, come and say hi!)

Hard fork confusion and unexpected twists

So, the Ethereum hard fork happened. And then things got confusing. So I rolled up my sleeves, opened something like 24 tabs on Google Chrome, and furrowed my brow in concentration. Almost a week later, I’m still confused. So much so that I almost decided to not write about this. But then I figured that I’m probably not the only one, and my confusion is itself pretty telling. I’m not a total beginner when it comes to cryptocurrencies. And if I’m confused, then this whole scenario not good for mainstream adoption. So, here is an account of what I understand, and what I don’t, and I share it with you in the assumption that I will continue to learn more about this as the situation unfolds. Things sure ain’t boring in cryptoland.


First of all, for those who don’t know what the fork is or why it happened (if you do, skip the next two paragraphs): Ethereum is a powerful blockchain platform that aims to be “the world’s computer” by making it easy to program smart contracts in a decentralized, token-based network. It has attracted a lot of attention from cryptocurrency enthusiasts and businesses alike, and is well on its way to being a solid sibling for bitcoin, only focussed more on utility than currency. Ether, its virtual currency, is the second largest cryptocurrency by market capitalization, although still only 1/10th that of bitcoin. Just over a couple of months ago, a ton of hype exploded around theDAO, a complex smart contract coded on Ethereum, which wanted to decentralize project investment by collecting investable funds from the “community” and then letting the “community” vote on which projects would get those funds. The novelty was that no management was necessary, the community would run things, everything was democratic, and the code was the law. The appeal of the idea exceeded all expectations, and ended up raising over $150 million from over 16,000 investors. It was called “the end of business as we know it”, “the organization that will kill corporations” and a whole lot of other hype-fuelled declarations. And then all hell broke loose.

A hacker spotted a flaw in the code and siphoned off about $50 million worth of ether. This was obviously not good for the investors, some of whom were Ethereum developers. While to some it seemed like a fair hack (if “the code is law” and the code allowed it, was it a crime?), to many it was unfair, and they wanted their money back. So the Ethereum community decided to change the code, and to turn back code-time to before the hack, so everyone could pretend it didn’t happen. Because this was a pretty fundamental change (and the proposed soft-fork code had flaws), it would have to be done via a hard fork, which means that everyone who uses or works with Ethereum would have to move over to the new system, or we would end up with two different Ethereums. The possibility that some participants would not move over was deemed so unlikely as to not be a problem, and the hard fork went through on July 20th.

Only it turned out to be not quite so unlikely. Some holdouts did refuse to move over, citing philosophical differences with the idea that a cryptocurrency, based on immutability and resistance to censorship, could be changed to suit the convenience of a few. So what if the DAO hacker gets to keep his (or her) ill-gotten gains? Much more than money is at stake: cryptocurrency code can’t be manipulated for profit, period.

But cryptocurrencies can make mistakes, right? There could be an error in the code, and that should be fixed, shouldn’t it? Yes. But that’s not what happened here. I’m not saying that Ethereum’s coding is perfect. But the DAO hack was because of faulty coding on the part of the DAO team, not the Ethereum team. It was not Ethereum’s fault, and Ethereum was not therefore under a moral obligation to restitute losses. So why did it?

It’s about more than just getting their money back. Without the fork, $50 million that was destined for project investment would be removed from the market. That would have a significant impact on the Ethereum ecosystem. And, with a loss of that size, the SEC and other regulatory bodies would take an interest and most likely clamp down on cryptocurrency crowdsales, other DAO projects, etc. The negative effect on experimentation and creativity would set the evolution of the sector back. Pro-fork advocates insist that the DAO was an experiment, just that, and it went wrong. There’s no point in deeply hurting the development of Ethereum because of an experiment gone wrong.

It turns out that the group of holdouts is nowhere near as small as Ethereum expected, and seems to be growing by the day. It is now about 15% of the total Ethereum market, measured by market capitalization, and is now the 6th largest cryptocurrency. Several “big names” in the cryptocurrency world have expressed support. Barry Silbert (early bitcoin adopter, founder of the Digital Currency Group), Charles Hoskinson (former CEO of Ethereum, co-founder of Bitshares, current adviser to Lisk), the Stampery team… The pre-fork Ethereum chain, instead of dwindling away as everyone switches over to the post-fork chain, is growing, and more and more exchanges, miners and wallets are adding functionality. Ethereum Classic is even having its first meetup in London in August. And while most Ethereum-friendly businesses did upgrade their software for the fork, many exchanges, mining pools and wallets are choosing to incorporate trading/storage/mining/support for the old pre-fork Ethereum into their offering: Poloniex, Kraken, Shapeshift, Bitfinex, Yunbi, F2Pool, Ledger, MyEtherWallet to name just a few.

Here’s how it works, technically (and this is the part I understand least, so please correct me if I get any details wrong): anyone who owned ether (Ethereum’s cryptocurrency) right before the fork, now owns that amount in both the new Ethereum (ETH) and the old Ethereum, now called Ethereum Classic (ETC). So, all pre-fork ether holders have, in effect, been given free ether. This didn’t seem like a bad idea at the time because no-one expected the old ether (ETC) to have any value. But it does, not as much as the new ether, but at $1.78 at time of writing (vs price of $12.70 for the new), not insignificant, either.

The problem is that both ETH and ETC accounts have the same public and private keys. So, if someone broadcasts a transaction on one network, it could also be reflected in the other network (this is known as a replay attack). In effect, this would be like spending more than you need to. You only meant to transfer ETH, but you ended up also transferring an equivalent number of ETCs, even though that wasn’t your intention. Or, you could get an unexpected result if you go to withdraw ether. This shouldn’t happen if the networks have taken proper precautions. But it has happened, and it can be (is being?) used by some to profit at the expense of others. Vitalik Buterin, the founder of Ethereum, has urged the Ethereum Classic developers to update their code (yes, to do another hard fork) to close off this possibility. The Ethereum Classic developers have responded that it’s not their responsibility, that Ethereum should have coded this intotheir hard fork. Until this is solved, confidence in the network will be understandably low.

“For transactions to be final and unmodifiable, blockchains need to be immune to third party interference. This promise was completely broken by Ethereum. Hard forks should only happen when a catastrophic bug puts in danger the core values of the technology. In this case the consensus mechanism worked just fine. The blockchain was modified simply because a group of people lost too much money and they decided to bail themselves out.” – Stampery, in an article on Medium

Medium-term things are going to get even more interesting. Will ETC survive as a separate cryptocurrency? Will it eclipse the new ETH? Or will it enjoy a brief spurt of enthusiasm before participants realise that the resulting confusion doesn’t benefit anyone?

I think it will survive. I see a philosophical enthusiasm for the Classic chain that reminds me of bitcoin. It goes beyond the practical and cherishes the original ideals. It seems willing to accept sacrifices to maintain those ideals. Among those sacrifices are a divided community, and the fact that the DAO hacker has a stash of over 3.6m of the currency, which he (or she) will presumably want to offload at some stage. That threat should keep the price low for a while.

But the trading volume of ETC is almost 1.5x that of the new ETH. And the hash rate (a function of how many miners are participating) has been steadily increasing from 2% a few days ago to over 12% at time of writing. The ETC price at time of writing is 135% higher than the price immediately post-fork. New ether’s price (ETH) has fallen by 15% over the same period.

“We believe in decentralized, censorship-resistant, permissionless blockchains. We believe in the original vision of Ethereum as a world computer you can’t shut down, running irreversible smart contracts. We believe in a strong separation of concerns, where system forks are only possible in order to correct actual platform bugs, not to bail out failed contracts and special interests. We believe in censorship-resistant platform that can be actually trusted – by anyone.” – from the Ethereum Classic manifesto

So, the “successful hard fork” that everyone was celebrating a couple of days ago? Not looking so successful now. Ethereum has been plunged into a whirl of confusion which, given that it’s pretty confusing anyway, is not going to help its image. Emotions are high, with each side accusing the other of greed and complicity. Insults are flying, reputations are called into question, and motives are doubted. Conspiracy theorists are pointing fingers at the bitcoin community, accusing them of deliberately trying to destroy the competition. We all know that people behave strangely when money is at stake. And that the very idea of a decentralized, censorship-resistant form of value transfer incites passions. But Twitter and Reddit clearly show how extensive and deep the lack of information combined with strong opinions go. And we thought the bitcoin bickering was silly…

Meanwhile, the core Ethereum team is maintaining its cool and staying above the fray, while getting down to the tricky business of managing the new chain and the communication around it. Other key crypto participants and ETH supporters are scratching their heads and elegantly saying “whoa, didn’t see that coming”. Vitalik himself has said that he welcomes any Ethereum spin-off. So whether you agree with the hard fork or not, it does seem that the sector heavyweights are handling the situation with poise and good intentions.

What we are all getting from this situation is an insight into hard forks. We’ve never had the chance to witness one up close before, and this is relevant to the battle going on in bitcoin over the block size. We also get – and this is potentially even more useful – the opportunity to reflect on what we think cryptocurrencies should stand for, the inevitability of human error, and the dignity of owning your mistakes.

(Note: I do not own any ether, old or new, and did not subscribe to theDAO. A similar version of this post was first published on LinkedIn, and I twitter away at @NoelleInMadrid. Come and say hi!)

How can the blockchain save the Internet of Things?

Have you ever been to one of those parties in which everyone is talking really loudly at the same time because the noise is such that they can’t tell that the other person’s talking? Let alone hear what they’re saying? Everyone is just shouting into the cacophonic mess of sound and pointlessness?

This isn’t the beginning of a bleak novel about contemporary society, but an apt metaphor for the Internet of Things (IoT). We’re seeing more and more items promising greater smartness all around. And yet we’re not really seeing the benefits of this smartness. I speak as someone who has found it easy to resist the pull of the smart wristband since I really don’t want someone telling me how many steps I need to take before lunch. And knowing how many I have taken wouldn’t make me smarter, just more burdened with guilt, or triumphant with empty victory, depending on the day.

While some gadgets may be useful, many do not compensate the additional hassle with enough additional information to really make a difference. I love the idea of smart lightbulbs. But turning the light on and off was never really very taxing. I wouldn’t say no to a smart toaster. But burnt toast is not the bane of my life. And for a good chuckle, check out WePutAChipInIt.


A large part of the pointlessness and the noise is due to the limitations of current IoT platforms. We hear a lot about how the Internet of Things will change our daily lives, change our relationship with things, change society… Your connected humidity detector, door lock, refrigerator and mattress not only try to fit into your lifestyle, they also try to feed you (and others) information about that lifestyle. More information than you can possibly absorb (unless you are obsessed with self-quantification, I suppose), and delivered via a multitude of apps in a multitude of formats. Today’s gadgets don’t really talk to each other. The sector is built around hundreds of different systems, each with different interfaces and data sets. And your wristband knows that you’ve had a really hard day but it can’t transmit that information to your stereo so that it can pipe relaxing music through the connected speakers. Your refrigerator knows that you’re low on milk but it can’t coordinate that purchase with your washing machine’s need for detergent.

The Internet of Things is full of efficient if slightly obsessed potential. But until we can start to unify systems and coordinate value, it’s not going to give us the revolution that it promises. APIs and sharing agreements that connect affiliated products are convenient patches, but will always be platform-specific and vertically integrated, rather than universal and horizontal. We end up with atomized services in which we eventually lose interest when something even more compelling and colourful comes along.

We need to figure out how the devices and the gadgets can coordinate, compare and collate the information that we actually can use to improve our productivity and quality of life. We need to find a way to unite the various systems into a compelling web of services that seamlessly runs in the background while we enjoy our enhanced performance and time management. We need to find a way to get our things to talk to each other more than they talk to us. Only then will they work for us, rather than us for them.

Enter: the blockchain.

By now you probably know how the blockchain works (if not, see here). How can the blockchain help with IoT?

In standard IoT devices, embedded sensors track activity, and relay the relevant information through wireless connections to the relevant database or file system, where it is then parsed, formatted and either presented or enacted upon. But the information stays within the device’s network. What if the information could be relayed to the blockchain, where it is combined with information from all the other devices in your life? As well as information from other devices in other people’s lives?

by Tracy Thomas for Unsplash
by Tracy Thomas for Unsplash

Before you cry “Privacy!”, the collective information shared does not have to belong to a personal identity. It could instead be associated with certain parameters (male, young, lives in Frankfurt) that could help to decipher aspects of human behaviour. Collective information about our lifestyle combined with data about our interaction with products and services would enable businesses and institutions to improve design and processes, especially if that information could be shared (again, without “full identity” attached). The economic value of this data exchange and the redistribution of that value could form the basis of a re-thinking of business models and even public finances, but that’s a topic for a different debate.

Back to the blockchain… The technology allows for decentralized sharing of data between participants. It also ensures that the data cannot be falsified or changed. Both of these factors are crucial to the development of a useful IoT network. Decentralized distribution will mean greater engagement, lower costs, greater efficiency and a broader application. And immutable data implies trust, a base requirement for effective use of that data. Machine-to-machine communication could start to replace some human-to-machine communication. That is not as scary as it might seem. Do you really need to be the one to call the dishwasher maintenance guy? Or could your dishwasher do it for you? With decentralization, and no need for trust, you would have a choice of maintenance options, or you could let your machine choose the most economical or fastest option.

Decentralized sharing and immutable data combined with algorithmic options could also lead to a more efficient usage of excess capacity. Driverless cars automatically re-routing according to need. Airplane parts being 3d-printed and shipped directly to where they are needed, rather than sitting in a warehouse. Containers on ships sharing space with other manufacturers, lowering the price of transport.

With distributed data, the end use would be up to the participants. We could have a mixture of private and public entities, each with different objectives, pulling the information that they need for their purposes. A wider choice of information available, with greater applicability and personalization, at a lower overall cost.

And since sensors are much better at multitasking than us humans are, the gain in efficiency would not be a one-time thing, but an exponential improvement in productivity. Sensors embedded in products could also multi-task as tracking devices, ensuring that the microwave, car or computer moves from assembly to final client with a smoother blockchain-based exchange of bills of trade, shipping documentation and sales slips. Fewer delays, less cost overhead and greater transparency… The retailer and the final client would know where the purchase was at any given time, as well as where it was put together and where its components were sourced from.

Imagine sensors embedded into containers of non-IoT items, offering the same trade efficiencies and transparencies by making the containers easy to track and process. Payments could become automatic upon sensor confirmation that the container had reached a certain destination, removing uncertainty, the need for collateral and potential delays. The cost savings of lower overhead and faster delivery could be shared between the manufacturers, the facilitators and the final client, improving economic activity and generating even more trade.

Municipal sensors are already starting to make the concept of smart cities a reality, although the adoption is so far limited and slow. Imagine the impact a blockchain system could have on this potential. Imagine a network of closed data silos opening up to developers from both the public and private sector, as well as to city planners, academics, economists and entrepreneurs, accessible to all but corruptible by no-one, with no single point of failure. Real-time data from real life collective activity, being applied in practical and creative ways.

The potential of IoT technology is exciting, but so far has shown no signs of being able to live up to the hype. Brilliant minds have been and are still coming up with ingenious applications, and the innovation is, well, a lot of fun. But simply enabling connectivity does not necessarily make a device smarter, or us, for that matter. And the noise and overcrowding in our already overloaded attention spans is already starting to drown out the possibility of IoT achieving its full promise. With the application of blockchain technology, however, not only could it start to do so, but it could open up areas of opportunity that even the optimists have not yet seen. New marketplaces, new efficiencies, new business models and economies of scale… Decentralized, distributed networks that allow collaboration and communication between machines, with benefits enjoyed by humans, would create a base from which we could amplify the content and transaction networks of today and reach new levels of productivity. So, it’s not so much a question of the blockchain helping IoT. We need the blockchain to step in and save it.

(This post was originally published on LinkedIn.)