Hi all! I have to pause Bitcoin Bits for a bit (ha). I’m involved in a bitcoin-blockchain project now that includes an activity similar to publishing Bitcoin Bits, and I don’t want there to be any conflict of interest. Since I’m actually getting paid for that, it has to take priority.
I can’t tell you what the project is yet, but maybe soon. (wink)
I’m not abandoning the blog, though. Somehow I will find the time to continue with my research, and as you know, I enjoy sharing it with you. So there will still be new articles. Perhaps not as frequently (not that they were ever frequent, cough).
And Bitcoin Bits might well be back one day! I hope so, it was a lot of fun to do. My new job is a lot of fun, too though, and I look forward to talking more about it.
To end the weekend with a smile, this has nothing to do with anything blockchain, but you have to see this stunning photo of what must be the happiest looking caiman ever. 🙂
This article had me rubbing my hands in glee. My theory (based on not much other than a nerdish fascination with economic history) is that if it is pissing off economists, it must be worth taking a look at.
Kyle reels off a list of well-known economists that have spoken out against bitcoin, although they have yet to demonstrate that they understand it. From Krugman’s labelling it a “scam” (really? And how’s that, Paul?) to Stiglitz declaring that the US government had managed to shut it down (a slip, no doubt, that will haunt him for many years), most seem to dismiss it as a peripheral fad or as something put in the market to annoy them.
An entertaining article with a gritty bunch of characters… I feel there’s a movie script in here waiting to come out.
— x —
A cryptocurrency thriller made for TV
On Tuesday, Sony released its new series “Startup”, streaming on Crackle, starring Martin Freeman and Adam Brody. It’s about bitcoin. Ok, not really, it’s about idealism and power and relationships and violence. And bitcoin. Only the protagonist is a currency called Gencoin, supposedly better than bitcoin, because bitcoin is open source and therefore susceptible to third party interference.
Hunh?? This article in Fortune has an intriguing excerpt (annoying that the only female VC at the table prefaces her first question with an apology, but that’s entirely off topic). And you’ll see that the arguments for Gencoin vs bitcoin are spurious at best. But whatever, this is TV, and it has Martin Freeman, so I might give it a chance.
Nice try, but no cookies. Richard Lumb from Accenture (the firm is plugged several times in the article – is this branded content?) tries to allege that blockchains are of no interest to financial services if they are immutable, if they can’t be “rewound”, if previous transactions can’t be erased or changed. And for someone from Accenture, who are actively positioning themselves in the pages of the New York Times, to conflate Bitcoin and the private blockchains that banks are looking at, is utterly bewildering.
“One thing is clear: If the financial services industry is to embrace a new technology, it cannot be one in which mischief and mistakes are immutable and fraudsters can defend their actions on spurious ideological grounds.”
This is a narrow way of looking at things. Immutable does not mean “not fixable”. Handing over cash is pretty immutable, right? If it’s in someone’s hands, it’s his? So, you go to the store and you pay for something with cash. You get home to find that it’s defective. You take it back to the store, and they give you your cash back. Immutable, but at the same time, fixable.
Laws. Public blockchains don’t have them, outside the basic functioning of the protocol. Private blockchains can. Fraudulent or erroneous transactions can be reversed without rewriting the blockchain. Just like in the store they can give you your money back without rewinding time.
“The financial services industry needs to face the question of how to balance the appeal of pristine accounting with the demands of the real world, where some things simply need to be struck from the records.”
Why do they “need” to be struck from the records? Again, I question the premise. The “right to be forgotten” ruling applies to information displayed publicly. It does not imply the complete erasure of that information. If someone committed a crime and did the time, that information is not going to be simply erased from all records everywhere, just because the person in question manages to get it struck from all public records and search engines. Private blockchains, such as those that financial services are looking at, can hold whatever information they want. They just can’t make it public. But since that is most likely not part of their business model, I don’t see the conflict.
No disrespect meant to the New York Times, but if they are going to blatantly plug a firm’s services in an op-ed, shouldn’t the veracity of the firm’s insight be vetted first? This article was harmless, but neither party came out looking good.
“I was left wondering what was so great about a distributed ledger when it simply distributes the functions of the present system over multiple computers.”
In this article for CoinDesk, she points out that most blockchain applications are missing the big opportunity: to radically re-think how we do things. Most just to try to improve existing processes. Which is ok, unless you consider that once the processes are passed over to the blockchain, we won’t collectively get this thinking-outside-the-box opportunity again until the next technological revolution comes along.
“To use radical new technology effectively, you have to be radical – otherwise, all you end up with is a retro-fitted version of the present system.
The benefits of the new technology are watered down or overwhelmed by the need to maintain the practices associated with the old system – many of which only exist precisely because of its inefficiencies. The new technology can even seem less efficient than the old one, simply because it isn’t designed for use with processes from the past.”
So let’s not waste it.
“The real benefits from DLT will come not from re-engineering capital markets as they currently function, but from re-imagining capital markets for a radically different future.”
— x —
Nothing to do with cryptocurrencies, but I couldn’t resist sharing these with you… They’re cakes. Yes, cakes. Created by former architect and current genius Dinara Kasko, these are definitely way to amazing to eat.
Check out more (they’re all unbelievable) at mymodernmmet.com.
Wow. Apparently about 20% of Korea-Philippine remittances are now done using bitcoin.
I wrote a while ago about how hard I thought it would be for bitcoin to make a dent in this lucrative and logistically difficult market. Which I thought was a great pity, given the potential to lower costs for people who really need it. But apparently the proliferation of smartphones is smoothing the way. That, combined with a flurry of startups looking to enter the space, is convincing people to give it a try. Especially since many of the current users don’t even know that it is bitcoin they’re using.
“Senders pay for their transactions in local currency, and the cash is converted into bitcoins before being transmitted to the destination country. Once there, the bitcoins are converted into the local currency of the beneficiary. The facilitating company takes a cut during the currency exchange, as with a traditional provider, and neither customer is necessarily aware that bitcoins were involved.”
We need to bear in mind that this article was written by the co-founder of one of the Philippines’ most prominent bitcoin remittance startups, but he left the startup and its parent company Satoshi Citadel Industries (briefly mentioned in the article) last year. He is currently working on blockchain and other tech solutions for remittance companies, and so it’s possible that his rosy-tinted view on the outlook for the remittance sector is influenced by his need for the outlook to be rosy. But, it’s also probably safe to assume that he has access to better information than most of us. And if he didn’t believe the outlook to be rosy, he wouldn’t be working in the sector. However, the prospects may be not quite so potentially lucrative for both sides of the table as he claims. The path to mainstream adoption will be difficult and bumpy, and that’s even before regulators decide to step in and take their slice. To Luis’ credit, he seems to recognize this:
“Because of their customers’ dependence on hard currency, remittance providers must also have cash-out partners in every town and district, which tacks on additional costs and introduces security risks. Digital currency can’t magically transform into paper money when you need to buy vegetables at the local market, or pay transit fare to get your kids to school.”
— x —
Enjoy what’s left of your weekend! And give ’em hell next week…
Since the Bitfinex hack we’ve been hearing the term “multisig security” thrown around as if it were supposed to be some sort of talisman that wards off the evil eye of bitcoin theft. So it’s time we took a look at how it works, so that maybe when we find out how the hack happened, we’ll understand (maybe).
A multisig transaction, as its name implies, requires several valid signatures for it to be accepted. Traditional, simple transactions involve me sending bitcoin to another address and signing with my private key. But what if my computer was hacked and my private key was copied? Then the hacker could create a transaction with my bitcoins and sign with my private key. How can I protect my funds against that happening?
I could establish a rule that more than one signature is necessary for a transaction. Instead of just one private key, my public address could have two private keys, one held by me and one held by a trusted third party. For the transaction to go through, it has to be signed by both private keys. That way, if someone does get hold of my private key and tries to send him- or herself my bitcoins with that signature, it won’t go through unless the second signature (with the second private key) is also applied. It’s a bit like the rule in some banks that two signatures are required for withdrawals. It puts a “check” in place, and makes it much, much harder for a thief to get at my account.
That sounds simple enough, but how do I know the third party won’t disappear or go offline? And what if I don’t want to give a third party that much access to what I do with my bitcoins? Isn’t one of the cryptocurrency’s main advantages independence and anonymity? Multisig transactions can be set up to be 2-of-3. Instead an address having two private keys, it has three. Two are held by me (one easy to access, the other in cold storage, for example), and one by the third party. Normally myself and the third party would sign. But if the third party refuses or can’t for whatever reason, and I really want to enable the transaction anyway, I can dig up my other key and commit the second signature with that.
Another potential application is that of e-commerce trust. What if I bought something with bitcoin, sent the transaction, signed it with my private key and then never received the merchandise? I can ask for my money back, but it’s unlikely I’ll get it. To make both myself and the vendor more comfortable, I could send the payment to an escrow account with multisig security, for which myself, the vendor and a trusted third party hold the private keys. The vendor sees I have done this, and releases the goods. When I receive the goods, I create the payment transaction, instruct the third party to add his or her signature, and everyone is happy. If I refuse to pay, the vendor could try to convince the third party that I am behaving badly. If the third party believes that the vendor should be paid, he or she and the vendor sign the payment transaction. Presumably I’m not happy, but at least the vendor isn’t out of pocket.
Although the term “multisig transaction” is often used, it’s actually the address that is multisig. Any movement of funds from that address needs to be co-signed. The address can be a one-time public key created for a specific transaction (in which case “multisig transaction” and “multisig address” are interchangeable). Or it can be a multisig wallet, from which all transactions require more than one signature. Most multisig wallets are HD (hierarchical deterministic), which means that a sequence of addresses can be generated from a “seed”. These addresses can be re-generated at any time from that seed, but it is impossible to determine the seed from one of the addresses. Each address generated in this way can in turn generate a series of corresponding private keys. This increases security even further, by allowing each transaction from a wallet to use a different address.
The most common configuration for co-signing is 2-of-3, in which three private keys are issued for an address, and any two of them are enough to authorize the transaction. But the combination could be anything: 5-of-7, 2-of-2, 6-of-10… And the multisig feature does not always have to involve a trusted third party. It could be your partner if you have a shared account. It could be you, your Treasurer and your COO for a company address. Or you could hold both keys, but on separate computers (or one online, one offline), to reduce the possibility of a hacker getting hold of both of them.
Multisig functionality was not part of the original bitcoin platform. It was added in BIP 11 (the first standard Bitcoin Improvement Proposal) in late 2011, but did not start to be widely used until 2014, as commercial services started to make it easier to configure. At the beginning of 2014, only 0.02% of all bitcoins were multisig protected. Today the figure is up to almost 12%. (Note the big slump end-July/beginning-August – yup, that’s the Bitfinex hack, the graph shows a significant amount of bitcoins being transferred out of multisig accounts).
There is no universal configuration format – each business case has different requirements, and each collaboration shares different priorities. Armory, for instance, introduced fully decentralized multisig functionality in July 2014, in which the user generates as many private keys as he or she wishes (up to 7), and can distribute and protect them separately. There is no “trusted third party” unless the user specifically designates one. As a digital custodian, Circle controls all the keys, in physical isolation, for the multisig security it uses to protect the bitcoins it holds for others. Xapo Vaults require 3-of-5 signatures from different cold storage vaults around the world.
In the bitcoin lifespan, multisig transactions are old news. They have been possible for 2/3 of bitcoin’s history (BIP11 was accepted in December 2011). But even now, they are not very widely used. Why? I suspect that it’s largely because of added complications. We’re lazy, and until we have a scare, we don’t see the point of implementing extra security measures. The recent Bitfinex hack could be enough to jolt us out of complacency, and send us searching for a safer option for our wallets. And wallet service providers will most likely continue to iterate and improve on their interfaces and their security. So multisig will increasingly become a relatively easy option, and who knows, perhaps even ending up as the default.
But the fact remains that multisig, as we have seen over the past week, is not as safe as we were led to believe. Once we know more about how the hacker managed to compromise two private keys, we’ll be able to draw conclusions about multisig’s reliability and needed updates.
Some potential weaknesses of multisig technology that come to mind:
In many cases, the third party signing is automated, and flags are only raised in certain circumstances (large amounts, sudden high volume of transfers, etc.). It would be theoretically possible for a thief to siphon off bitcoins without raising any flags.
Insider collusion. A hacker happens to work for a multisig wallet provider. He or she gets hold of the user’s private key, and then double-signs with the wallet’s key, diverting funds to his or her own account. Or, a hacker could be working in collusion with an insider. Or, a government could force the multisig third party to act a certain way…
The keys could be copied at time of creation. In some cases, the user’s two keys are sent to him or her by email. How hard would it be for a hacker to access that email?
Multisig configurations in which 2-of-3 keys are held by the user do not protect the user from coercion (sign this transaction with both of your keys or I’ll…).
As with any wallet software, you are trusting it has no “back door” for a hacker to use. The hacker would have to be either in collaboration with the software provider, or have created a convincing replica that he or she gets you to download instead.
We can’t go through life fearing every eventuality. No system is completely infallible, and all of the above situations are extremely unlikely. But they are possible. And the Bitfinex hack has shown us that multisig isn’t always enough.
Uncertainty is never good for any ecosystem, especially when the economic risk is so high. But knowledge is power, and identifying weaknesses does lead to additional strength. Multisig is a cool feature. It’s obviously not perfect, but as with most code, it can be tweaked and worked on to become even stronger.
The incentive to steal is as old as time itself. The incentive to protect ourselves from that theft has given birth to today’s technology, society, political systems and way of life. The bitcoin community continues to pour considerable time and effort into innovating, improving and staying one step ahead of the bad guys. And they will continue to do so because they have more to gain than the bad guys. After all, safe bitcoin deposits that are also easy to transact with, that will extend the use of the cryptocurrency and encourage a reform of the way we handle value – that’s a pretty good incentive.
This enigmatic opening sets the tone for what follows:
“The best that can be said about Bitcoin right now is that it still exists.”
What follows is a sobering and narrow take on the outlook for a cryptocurrency that has people re-thinking economics and the role of money, that has innovators re-designing business processes, that has libertarians rubbing their hands in glee at the decentralizing potential and that has regulators realizing that they are hopelessly behind on technology.
“Split by internal divisions while its most useful aspects are harvested by the very financial behemoths it once hoped to destroy, Bitcoin is fast becoming the tech world’s version of Waiting for Godot, wherein a hermetically sealed community squabbles and bickers over arcane points of code and law as their world slowly crumbles around them. In the last 12 months, attempts made to produce a road map for the cryptocurrency’s future have come to naught, all while core developers abandon the project and opaque Chinese mining concerns wield outlandish power.”
And that’s just the warm-up. Apart from the mystifying claim that that bitcoin’s influence on fintech via the blockchain mechanism means that bitcoin has failed… Aside from the superficial assumption that internal bickering means chaos not caution… I would imagine the “world crumbling around them” might be mitigated by the Cambrian explosion of new businesses, and the fact that the price is 2.5x what it was a year ago. So a road map hasn’t been produced in the past 12 months, so what? It will be. Core developers abandon the project? Does anyone know of a project that has been going for 7 years that hasn’t had turnover? And “outlandish power” sounds marvellous, but I have no idea what it means.
That was fun. Next paragraph, please.
Don’t worry, I won’t go through the article paragraph by paragraph. It’s actually a very good read, beautifully written, whether you’re a bitcoin skeptic or not. If you are a skeptic, you’ll enjoy the drama. And if you’re not, well, you’ll enjoy the drama and probably have a good chuckle as well. Or feel like throwing your computer across the room. Whatever.
I like this part:
“In comparison to the almost $5 trillion traded on the international currency markets each and every day, Bitcoin’s $10 billion market cap is next best thing to a rounding error. It could vanish entirely and only a small cadre of true believers (and high-end drug dealers) would even mark its passing.”
What the author says in the article is not false. And his disappointments are presented with a flourish. But they miss the point. Bitcoin does not need to dominate the world to be a success. It does not need to replace banks, monopolize asset transfer nor claim the credit for the transformation of business. By putting control over one’s assets in users’ hands, by allowing new business models to grow and by introducing a new concept of value, bitcoin has earned its place in history. And a steadily growing faith in its usefulness in these times of financial turmoil could well push the price higher still. If not, even that doesn’t mean that the experiment was a failure.
The overblown hype in the early days was just that, overblown hype, which as the author points out, is endemic to virtually all revolutionary technologies. I’ve argued before that I don’t think that overblown hype is a bad thing. I think it’s a necessary and potentially useful phase.
And finally, can anyone point to an asset class that did not need to overcome obstacles at first? Especially the obstacle of public skepticism. Which, by the way, is healthy…
— x —
Spectacular and unintentional earth art: the solar panel field in Nevada. Amazing images by award-winning photographer Reuben Wu, via Colossal. Surreal. Beautiful. Disconcerting and hopeful at the same time.
(Anyone read “A Visit From the Goon Squad” by Jennifer Egan? These photos made me think of the short story told entirely in PowerPoint, in which they end up in a solar-panel field. “They remind me of robotic ninja warriors doing Tai Chi.” If you haven’t read it, I thoroughly recommend it – engrossing, clever and eye-opening, one of my favourite fiction reads from the past few years.)
Walking us past the WEF’s much-talked-about blockchain report, and R3’s distributed ledger consortium approach, Elaine highlights the potential impact of the blockchain on settlement of trades.
“Clearing and settlement of trades — that is, making sure the cash and assets involved in the deals actually get to their new owners — is difficult because records are distributed across thousands of different institutions, each of which maintains its own accounts in its own unique format. Multiple players must somehow come to agreement on who owns what and who owes what to whom — a reconciliation process that requires a lot of time, money and human involvement.”
A situation that is obviously crying out for some applied efficiency. A sector that obviously needs some loving disruption. We have had the technology for some time. So why hasn’t it happened yet?
“…the only thing previously stopping the standardization of reconciliation processes was the unwillingness of financial institutions to collaborate. Financial institutions spend $65-80 billion on back office reconciliation every year. The employees working in back offices probably offered lots of excellent reasons why their roles couldn’t simply be standardized away.”
In spite of a considerable amount of hype, misdirection and confusion, it seems that progress is being made.
“Maybe one of the biggest effects of all the blockchain hype will be getting a bunch of security-conscious egoists to come to an agreement that benefits them all. That would truly be magical.”
Almost as a response to the previous entry (but it’s not), here you have an excellent article on an exciting project: a consortium of banks (UBS, Deutsche Bank, Santander, BNY Mellon) have combined forces with settlement house ICAP and blockchain developer Clearmatics to create a “Utility Settlement Coin” to enable securities trading settlement on the blockchain.
“Getting industry-wide agreement on moving to same-day settlement is like pulling teeth (even moving to T + 2 has taken years to implement). So, it looks like our consortium banks want to take matters into their own hands. Blockchain gives them a technical excuse to bypass the existing moribund processes.
There is another reason, too. Reserves and collateral are low-yielding assets that clog up bank balance sheets. Banks would really like to find a means of settling without having to pledge collateral at central banks. In fact, ideally they would like not to have to use central bank money at all.”
Apart from the fact that 4 big banks have managed to agree on a protocol and a provider, which is newsworthy in itself, you have the compelling idea of using a “token” on the blockchain to represent cash payments for security settlement.
“Bank reserves can’t be used for settlement on a permissioned blockchain: they can only be used for settlement via a central bank RTGS system. In contrast, our Utilities Settlement coins – we assume – would be used for settlement on a permissioned blockchain collectively owned and managed by the consortium. A private settlement system for real-world currencies, effectively backstopped by central banks.”
How far can we take this “representation” of cash via tokens on a blockchain concept? And how could this impact/replace/leverage the creation of money supply through fractional reserve banking? Would it increase financial system fragility or decrease it? Told you it was exciting.
This is an interesting example of misdirect and incomplete reporting, that ends up performing a worthwhile public service.
“In the most recent study, the rate of closure for bitcoin exchanges in Moore’s research edged up to 48 percent among those operating from 2009 to March 2015. Hacking did not necessarily trigger the closure in each case.”
A risk and security analyst has called this high percentage “not acceptable”, which opens a layered series of philosophical debates (such as, how do you propose to prevent it?). “Unfortunate” would be a more appropriate word, because it is. It is not surprising, however. Bitcoin exchanges are startups. Startups fail, close to 90% of them, according to a report by Forbes. So, relatively speaking, bitcoin exchanges are doing pretty well, especially when you take into consideration that many of them operate in an unregulated sector.
“Profitability is a big problem for bitcoin exchanges, with many of them unable to generate enough volume to keep afloat.”
I do get that vulnerable exchanges are more of a potential menace to the public than vulnerable startups. Startups come and go, but usually don’t take our money with them. Investors’ money, yes, but that’s a risk that is clearly set out up front. With exchanges, not so much. We aren’t aware that we are “investing”, because technically we’re not, but our money is at risk anyway.
Unlike startups, bitcoin closures often result from hacks. You don’t as often hear of startups closing because of theft. A study funded by the US Department of Homeland Security revealed that between 2009-2015, 33% of all bitcoin exchanges were hacked. Yikes. It’s not that bitcoin exchanges are being particularly targeted:
“Among the world’s stock exchanges, however, security breaches are much higher, with hackers attracted to the large pools of cash moving in and out of these trading venues. The latest survey of 46 securities exchanges released three years ago by the International Organization of Securities Commissions and World Federation of Exchanges found that more than half had experienced a cyber attack.”
The public service part from this article comes from highlighting the vulnerability of bitcoin exchanges. We should be reminded of that often. And we should be shown alternative and secure ways of storing our bitcoin. We won’t solve the problem, we won’t stop hacking nor cash flow mismanagement, and we probably can’t do much about bad luck. But maybe we can reduce our personal vulnerability through more publicity about the potential risks and more knowledge about how to mitigate them.
Bitcoin as a new asset class for investment portfolios, and a “safe haven” asset at that:
“Bitcoin provides a good option for a small percentage of someone’s portfolio to park their money in a place that’s completely uncorrelated to the rest of the capital market.” [quote from Chris Burniske, blockchain analyst at ARK Invest]
That in itself should generate a new use case, especially if regulatory support comes through.
“Like any new industry, the world of crypto is a wild west frontier with its fair share of failed experiments and bad actors,” said Hayter [founder and CEO of CryptoCompare]. “It’s only through this phase of experimentation and evolution that lessons are learned and practical solutions put in place. Regulation to protect consumers will be important, but too soon and it could snuff out the opportunity.”