What is cold storage?

Imagine a cold, freezing vault deep underground in the Swiss mountains, with icicles decorating the thick steel door. That’s cold storage.

cold storage bitcoin - by Erol Ahmed for Unsplash
by Erol Ahmed for Unsplash

But “cold storage” in the bitcoin world (and in the tech world in general) is a bit more accessible. It implies the storage of data (in the case of bitcoin, of your private keys) completely offline. It could just be a pendrive or even a printout of the key (yes, on old-fashioned paper), shut in a drawer. Or, if you have a lot of bitcoin, locked away in a vault.

Security

The important characteristic of cold storage is that it is not connected to the internet. This makes it especially secure, as there is virtually no way in for hackers or viruses. So, cold storage is used to “park” large amounts of bitcoin in a more secure manner.

Why “more secure”, rather than “totally secure”? If your storage device is damaged by water or fire and your keys are not retrievable, nor are your bitcoins. For “totally secure”, you’d probably have to resort to the aforementioned freezing vault in the Swiss mountains. But the idea does highlight the (relative) vulnerability of anything stored online. Many bitcoin holders keep most of their bitcoin in cold storage, and the minimum necessary for transactions in their online, desktop or mobile wallet.

How?

But, I hear you ask, to move bitcoin to and from the cold storage address, to spend and to receive, surely you have to connect online?

To move bitcoin to the cold address, no. A cold address can receive bitcoins without connecting, since the bitcoins are stored on the blockchain, not the device. The device only stores the keys. The bitcoins sit on the blockchain, but are associated with those keys. You can check on your balance at any time by entering your public address into the search bars in either blockexplorer.com, or blockchain.info.

To send those bitcoins to another address, either for a purchase or a transfer, you do need to input the keys online. This is either done manually (typing in the keys, or scanning the QR codes with your phone camera or your computer webcam), or by temporarily connecting the device (switching it on and connecting via wifi, or plugging it in to your computer).

A problem arises when you want to use a different cold storage address each time you send coins there, for privacy reasons (re-using addresses is not a very secure practice). If the “cold” side is not connected, how can the “hot” (= online) side know the addresses that it needs to send the coins to? One solution would be for the cold side to connect every now and then to send a bunch of addresses over to the hot side. But that would reduce the cold storage’s security (each connection opens up a vulnerability).

HD Wallets

Another, more secure, solution lies with the hierarchical deterministic wallets that we looked at last week. Both the hot and the cold side work with the same root, or “seed”, which is usually a long string of words. The hot side generates the addresses using one algorithm, while the cold side generates the corresponding private keys using an offline “sister” algorithm. If the hot side is compromised, the private keys are still safe, as are the associated bitcoins.

The physical wallet

When we talk about cold storage, what does it actually look like? What are the “cold storage devices” that we mentioned earlier?

They can be anything that can store data. A pendrive, a laptop, a tablet, a piece of paper, a mobile phone… Or, a dedicated cold storage wallet.

Dedicated cold storage wallets

A more convenient and secure option is dedicated cold storage wallets, which can remain offline even when signing transactions. This may sound like magic, but the way it works is the following:

The electronic wallet is set up on an offline device (such as an old laptop, tablet or special hardware), using a previously downloaded program. A “watch only” copy (ie., only the public key, so it can only consult, not transact) is imported to your online computer using a pendrive, USB stick, or whatever you want to call it. This copy creates the transaction using the copied public key, and copies the transaction file onto the same USB device (or a different one, if you happen to have many lying around). The transaction is then imported into the software on the offline device, where it is signed using the private key. The signed transaction then gets downloaded onto the USB drive, and imported into the wallet software on the online device, which then broadcasts it to the network. There’s a lot of flaffing about with USB sticks, but your cold storage never “touches” the internet.

keepkey cold storage
screenshot from KeepKey

A new generation of gadgets promise to make cold storage even easier. Trezor, Ledger, KeepKey and Hardbit are some examples of the devices that make it easier to sign offline and then broadcast the transaction to the network. Most require plugging into an online computer, but strong encryption and barriers to keystroke hacking prevent an “attacker” (what the sector calls someone trying to get at your information) from getting access to the private key information stored there.

— x —

Cold storage is a recommendable solution for keeping significant bitcoin holdings safe. As with all ultra-secure options, though, it is not very straightforward, and should be used for storage, not for frequent transactions. Just as you keep most of your money in the bank but carry around cash for convenience even though it’s less safe, cold storage wallets are secure but online or mobile wallets are more convenient.

Bitcoin security is getting more and more attention these days, partially fuelled by media reports of hacking and theft, but also by more of us waking up to the idea that bitcoin is not just a payment mechanism. It is also an investment*, and investments need a different treatment than digital currencies bought for transaction purposes. Xapo is even developing a system that will allow you to store your bitcoins in outer space. Assuming that the satellite is recoverable, that removes any concern about jurisdictional risk, and highlights the importance of contemplating the worst case scenario. For anyone bullish on the potential value of the digital currency, the value and usefulness of cold storage, earth-bound or not, is becoming more obvious.

(*I am not recommending bitcoin as an investment. It is illiquid and risky, and you should form your own opinion before buying for investment purposes.)

What is an HD wallet?

While researching bitcoin wallets, I kept coming across the letters “HD”, which I at first thought might be the initials of the inventor. But no, they stand for “hierarchical deterministic”, and represent a pretty cool innovation that has made wallets even more practical. So, let’s try and put those two words with lots of syllables into plain language.

by Gabriel Santiago for Unsplash - HD wallets are a bit like trees, in that one "seed" can create many "branches" (=addresses)
by Gabriel Santiago for Unsplash – HD wallets are a bit like trees, in that one “seed” can create many “branches” (=addresses)

Old-style bitcoin wallets generate addresses and keys randomly. Random generation is obviously much more secure than user generation (given that users can be quite lazy or uncreative: “password” is still the most popular password). And new addresses are automatically generated when needed, which is convenient. But it also presents complications.

Wallets that transact frequently will have many associated addresses, since for privacy reasons some users prefer each bitcoin they purchase, or receive in exchange for a service, to have a separate address. Also, each transaction generates a “change address”: if I have three bitcoins at one address and want to spend two, I can’t just spend part of that address’ bitcoins, I have to spend the whole lot. So, I send all three and one automatically gets returned as change, to a new, automatically-generated address. Frequent transactors generate a lot of change addresses.

However, keeping up to date with the backups of a steadily increasing array of addresses is complicated. Backups are important, since if you lose your keys (your computer dies, your pendrive goes missing, whatever) you lose your bitcoins. Frequent generation of random addresses will require equally frequent backups, which can become a hassle.

What if there were a way to generate an almost infinite number of seemingly random addresses, but following some sort of pattern that could be replicated, but that at the same time was impossible to guess or hack?

Deterministic wallets (in this case “deterministic” can be taken to mean the opposite of “random”) generate addresses and keys according to a pre-set algorithm, which depends on a “seed”, or starting sequence of characters. This seed can be a sequence of words randomly assigned, and is a bit like a “master key” which can be used to generate any number of public and private key pairs.

With deterministic wallets, frequent backups are not as necessary, since your wallet addresses can be “re-created” from the seed string. Instead of spending a lot of time and computing power backing up a list of addresses, you focus on backing up the seed string. The rest can be recovered from that. You don’t need to worry about outdated backup copies.

“Hierarchical” deterministic wallets allow for the generation of keys from a “master” seed, in a cascade, an hierarchy, a stream of keys/addresses depending on one at master level. This allows for the sharing of keys below the master level – you can hand your auditor a sub-level key, even a private one (the one that allows spending of the bitcoins associated with that address), and not worry about him or her figuring out the private key for all the addresses that “belong” to the master seed. While this scenario is not free of security risks, it does open up an interesting range of possible uses within teams and even corporations.

To summarize: HD wallets are especially cool in that you can recover your addresses from a seed phrase, and you can “split” a bitcoin account into several addresses, sharing those among interested parties without compromising the others. The full repercussions of this have yet to be explored, as with most things bitcoin. And twists and evolutions will no doubt increase functionality and security in incremental steps.

Web-based vs. desktop vs. mobile bitcoin wallets

Assuming you’ve decided to download a bitcoin wallet, do you want a web, desktop or a mobile version?

This is more confusing than it sounds, since each performs a different function, with different levels of security. As we’ve seen before, a wallet is simply a way to store your public and private keys, and to display the net amount of bitcoin that you have associated with those keys. They can usually also show you the transaction history of those keys.

The word “wallet” may be confusing as it implies that your bitcoins are stored in it. They’re not, they’re actually stored on the blockchain, which itself is stored on servers (bitcoin “nodes”) around the world. Thanks to the user interface, the wallet just looks like it stores your bitcoins. And just like an online bank, it can show you your transaction history.

bitcoin wallet

Web-based wallets

Web-based wallets store your keys online, which is convenient as you can access them from any computer. However, it is not as secure as some other options, as your keys are stored on someone else’s server. Those servers are well protected – no wallet service provider wants to be hacked – but they’re not under your control. Since this is what bitcoin was created to avoid – your funds being in someone else’s control – this solution may seem ironic. It is convenient, though, especially if your wallet service provider also allows you to purchase bitcoin through their exchange.

Some web-based wallets such as Blockchain encrypt the keys before storage in the online server, which is a slightly more secure option than those that store the keys on their servers, such as Coinbase.

Desktop wallet

It’s worth remembering that an online wallet is not the same as a desktop wallet, although you access your online wallet via your desktop. For a desktop wallet, you install the software directly on your PC. Assuming that your security is thorough, this is one of the safer options, but if your hard drive is hacked, chances are your bitcoin keys will be copied and your bitcoins transferred without your knowledge. In other words, your bitcoins will be stolen.

Most desktop wallet are “lightweight”, which means they don’t download the entire blockchain (just as well, since it currently occupies almost 50GBs). Lightweight wallets only store block headers, rather than entire blocks – this allows them to take up less than a tenth of the space. However, the trade-off is that they are less secure than full blockchain wallets as they can’t examine all the transactions in the blocks to make sure that they are valid, because they doesn’t have the transaction history. Lightweight wallets, otherwise known as “SPV” (for Simplified Payment Verification), can only validate the transactions that concern them. They trust the fully validating nodes to check all the others.

If you have downloaded the bitcoin protocol, that acts as a wallet as well as a full node.

Mobile wallet

The mobile wallet is the most practical option in that your bitcoin are accessible at any time. Your smartphone can be used to pay for products with bitcoin, or to easily transfer funds to someone else. Your camera scans the recipient’s QR address, which is so much easier than typing in a long string of letters and characters. True, the desktop and web versions usually allow for copy and paste, but pointing your phone at a pixelated square is simpler and faster. Some phones enable NFC connections, which means that all you have to do in certain circumstances is tap your phone against a reader to pay.

Mobile wallets are also SPV or “lightweight” (see above), which compensates a reduction in necessary space with a reduction in thoroughness and blockchain integrity, but for most daily applications, they work very well.

However, since your phone can be lost or stolen, and your keys along with it, you could lose your bitcoins unless you have been smart enough to keep secure backups.

— x —

This may seem like a confusing sea of options, and differentiating between the different providers can get complicated. But it is not necessary to choose just one. Most bitcoin users have several wallets, to cover a variety of different needs. I have three, two of them web-based (Coinbase and Blockchain) and one mobile version (Blockchain, for now).

The three options covered here are especially useful for frequent transactions. With a few taps or clicks you can send bitcoin to any other wallet, move funds amongst your own, or purchase more to top up your holdings. These wallets do, however, imply a trade-off between ease of access and level of security. They are easier to use, but not as secure as some other more complex options. To safely hold a significant amount of bitcoin, offline storage is a stronger solution, and we’ll talk more about that next week.

(For more on how Bitcoin works, see Bitcoin Basics.)

What is a maker-taker market?

After looking into how a bitcoin wallet works, I felt that it was time to take the exchanges apart. But I kept coming up against the phrase “maker-taker trading”. You probably know what it is, but I didn’t, so I hit the search bar and this is what I found:

Back when I worked in the financial markets, exchanges were places where traders bought at one price and sold at another and hopefully made money on the difference. The traders paid a fee for the privilege, but customer orders (end buyers such as private individuals or investment funds) didn’t, and jumped to the head of the queue.

fx trading

Things have changed. The advent of high frequency trading and the proliferation of illiquid securities and assets led to the need to increase trading liquidity in certain markets.

“Maker taker” trading was designed to incentivize market makers (those who post possible trades) to provide liquidity, so that market takers (those that accept those trades) would have an assurance that their orders would be met. Market makers are those who are willing to buy or sell at a certain price. They publish their willingness. Market takers are those who actively want to buy or sell. They go looking for a suitable published proposed trade, and accept it. Market makers provide the gasoline for the market. Market takers step on the pedal so that the gasoline is used up.

Not all bitcoin exchanges have adopted this trading system, but it seems that most of the large ones have, including Kraken, Coinbase, Coinfloor, and itBit. In fact, itBit charges no maker fees at all, and Gemini, Coincheck and BTCC offer to pay (= a net rebate) dealers for posting bids and offers.

In the securities industry, maker-taker trading is coming under fire for allegedly distorting market pricing, and for possibly creating conflicts of interest. Most stock exchanges require brokers to route their clients’ trades to the best available price. Under the maker-taker system, market “makers” are more likely to take their bids and offers to the exchange that gives the best rebate, rather than the best price. Plus, effectively “paying” people to trade goes against the free market philosophy underpinning most official trading forums. And the model can lead to different settling prices than on a fee-based exchange.

Yet it is unlikely that this unease will spill over into bitcoin exchanges just yet. At the moment, liquidity seems to be a priority, and the maker-taker system encourages liquidity by incentivizing the posting of trades. As liquidity increases, it’s likely that the maker-taker model will come under more scrutiny. But by then it’s likely that trading technology will have advanced to the point that exchanges and traders need to operate under different rules anyway.

How does a bitcoin wallet work?

As we’ve seen already, there are many different kinds of bitcoin wallets (also called bitcoin clients). Each has different characteristics and functionalities, but each works in basically the same way: they store your public and private keys.

Your bitcoins – or rather, the pieces of code that represent them – are not actually stored in your wallet. They are stored on the blockchain, which in turn is stored on node computers all around the world.

bitcoin wallet

What your wallet contains is your bitcoin address, which is the same as your randomly generated public key (a long string of numbers and characters). Anyone can see this, it’s public information. The wallet also contains the private key that goes with that address/public key. Without the combination of the two keys, you can’t use your bitcoins. Actually, most wallets contain several addresses, and hold the public and private key pairings that make each of them work.

Obviously, most bitcoin wallets today do a lot more than that. They also relate your public and private keys to the bitcoins that match those keys, and display the list of related transactions and the current balance in a clean user interface (ie. a nice, easy-to-understand format).

But it’s important to understand that the wallet doesn’t actually contain your bitcoin. It contains permission to spend your bitcoin. And if you lose access to that permission to spend, then you effectively also lose your bitcoins, because you no longer have access to them. That is why it is so important to keep the keys secure.

Some wallets, especially the older ones, are full node wallets. This means that you download the entire blockchain, and act as a relayer or transmitter of transactions, even those that you had nothing to do with. You receive transactions from nodes and pass them on to other nodes, and thus contribute to the updating of the bitcoin network. While no actual work on your part is involved (the transmitting is done automatically), it is onerous – the blockchain occupies approximately 40GB of memory.

Most wallets, however, are “thin wallets”, or an SPV wallet (which stands for Simplified Payment Verification). If you have a wallet on your mobile phone, it’s almost certainly one of these, and an increasing number of desktop wallets are also offering this option. SPV wallets do not download the entire blockchain, they only download block headers. There are concerns that this weakens the security of the network as a whole, since they cannot tell the difference between a block with valid transactions and one with invalid ones. (Segregated Witness offers a potential solution to this problem, but the project is still at the testing phase.) But they rely on nodes to check the transactions for validity, and assume that after a certain number of blocks have been added on top, a transaction can be counted on to be correct.

Wallet technology is evolving rapidly in terms of efficiency and functionality, so this overview does not hope to cover all wallet types, but the basic principle is the same for most: wallets hold your keys, not your bitcoins, although the distinction is actually not that relevant for the average user. Bitcoin wallets are a fundamental piece in the path to increase bitcoin use beyond geeks and techies, as it is the only face of bitcoin that most will ever see. Wallet ease of use and security will increase confidence in transactions, while at the same time encourage more use cases. With more users comes even more innovation, and the entire sector – from front-end wallets to back-end miners and including the many applications in between – benefits.

What is Segregated Witness?

Segregated Witness (Segwit to its friends) was first unveiled at the recent Scaling Bitcoin workshop in Hong Kong in December of last year, where the bitcoin elite gathered to discuss the need for an increase in the block size, as a possible solution to the controversy surrounding the hard fork vs soft fork debate.

Pieter Wuille, the originator of the idea, at the Scaling Bitcoin workshop
Pieter Wuille, the originator of the idea, at the Scaling Bitcoin workshop – image via Coindesk

It was well received (although consensus would be too much to hope for), as it removes the need for a contentious hard fork. How does it do that? Through the rather ingenious idea of removing some of the data in the block to make room for more transactions. The size of the block would not change. Its internal structure would.

How? By replacing the signatures. Each transaction consists of two main components: the data (amount of bitcoin to be transferred, and where to), and the verifying signatures. Since the signatures “only” validate the previous ownership and the owner of the receiving address (although I’m not sure that “only” is the correct term, that sounds pretty important to me), they can be stripped out of the transaction itself. This makes the transactions smaller. That way, more transactions can fit in a block (apparently two or three times as many), without the block needing to increase in size. No hard fork needed.

But how can miners process the transaction block if there are no signatures? Because they’re still there, they’ve just moved position. The “removed” signatures are incorporated into a structure of hashes (compressed encrypted information) called a Merkle tree. This “tree”, now separated from the transaction data, is then further condensed and stuffed into an underused code space in the transaction block (reminder: bitcoin transactions are grouped into blocks which are then processed by the miners – one block contains many transactions, and the problem is that as the number of transactions increases, the block size limit acts as a cap on growth).

The beauty of this idea is that “older” nodes that have not yet upgraded to the newer Segregated Witness version will still be able to process transactions. The transactions won’t make a lot of sense since they’ll be missing some data, but they will comply with the protocol, will be deemed valid and thus can be passed on to the miners. The majority of miners will need to upgrade to the new protocol to be able to understand the new block structure, but the network can keep functioning while the rest catch up. With a hard fork, the whole network needs to upgrade at the same time to avoid the blockchain splitting.

Of course, the proposal is not without controversy. Some worry about the impact on investment-intensive mining that a “rushed” solution would have. Others claim that for it to last, it needs to be implemented with a hard fork – this would make the code cleaner and more efficient, but at the same time does not solve the problem that a hard fork is almost impossible to achieve when there isn’t full consensus. Segregated Witness does not solve transaction bottlenecks that are due to the logistical complications of quickly transmitting 1MB blocks around the network. Nor is it a long-term solution.

Yet it could be a good intermediate step, and it could lead to unexpected technological developments completely unrelated to the block size. The new protocol is currently in the public testing phase. It’ll be interesting to see what turns up.

Segregated Witness apparently opens up all sorts of opportunities to re-think how the structure of the transaction code works, even bringing into play the design of the blocks themselves. A new style of proof, the possibility of including more complicated instructions, even re-purposing lightweight wallets – these and other Segregated Witness-related ideas could end up transforming the organisation of this still young concept, and opening up its potential to even more applications.

Bitcoin Classic – more of the same?

The block size debate takes a new turn, possibly a 360º one, to end up back where it started. Yesterday Bitcoin Classic was launched as a hard fork. Developed by a team that includes the original Bitcoin Core maintainer Gavin Andresen (one of the proponents of the now-irrelevant Bitcoin XT) and Bloq CEO Jeff Garzik (who had also proposed the apparently popular Segregated Witness idea as an alternative to a block size increase), Bitcoin Classic updates the current and standard Bitcoin Core protocol with a 2MB block size limit (vs 1MB).

Since this involves a hard fork (transactions that are accepted in the new version would be rejected by the old version, resulting in two different chains), tension is high and opinions are divided. On the one hand, you have those that believe that a bigger block size is urgently needed, and a hard fork will not be that disruptive. On the other, you have those who fear the uncertainty a hard fork will unleash, who would like to find a less abrupt change or who don’t think the block size should be increased at all.

The public approval has been notable, with many of the large bitcoin companies (such as Coinbase, itBit, Xapo, OKCoin…) expressing support. Just over the past two days, the number of nodes running Classic jumped from under 500 to over 700, while about 4,100 are still on Core.

via coin.dance
via coin.dance

Yet it is worth remembering that Bitcoin XT attracted almost 900 nodes soon after launch in August of last year, before fizzling out. And today a group called The Bitcoin Roundtable published their rejection of the new protocol. This group allegedly represents 90% of bitcoin’s hash power, although that figure has been questioned as some of the signers work for firms who have publicly backed Classic. Confusing.

For the software to officially “activate” and become the main bitcoin protocol, a certain volume requirement has to be met. Of the last 1000 mined blocks, at least 751 (or, to put it another way, just over 75%) of them need to have been processed with Bitcoin Classic.

According to coin.dance, of the last 1000 blocks mined today, none used Bitcoin Classic.

via coin.dance
via coin.dance

So, this may all end with another shrug of the shoulders as the debate continues unresolved. Or, the need for a consensus-based change may become more pressing with the public pressure and scrutiny. It would be great to get this resolved, as it will set the tone for bitcoin development going forward. Not just on the transaction limit issue. On the governance issue, which is almost even more important.

Bitcoin vs. the blockchain

The terms bitcoin and blockchain get used interchangeably way too often, which hampers understanding of the potential. So let’s clear up the difference.

Bitcoin, as you no doubt already know, is the name given to the decentralized virtual currency invented in 2008 by the mysterious Satoshi Nakamoto. A few iterations later, it has reached a market cap of almost $7bn and is used for purchasing, service payments, trading and for sending money around the world in a quick, secure and low-cost manner. The term bitcoin refers interchangeably to the system (usually capitalized, as in Bitcoin) and the currency itself (usually lower case, as in here are some bitcoins).

The blockchain is what makes Bitcoin secure and decentralized. It is a public ledger of all bitcoin transactions that have ever been executed. Transactions are grouped into blocks, which then pass through a verification process, part of which includes an identifier from the previous block. Once validated, the current block is added onto the previous block, forming a chain. Because each block contains encrypted information from the previous block, it is almost impossible to change the previous block without also altering the current block. It is even harder to change information from a few blocks ago, as that would involve also changing every subsequent block, and with the current encryption systems, that would take millions of years. (For more on how Bitcoin works, see here.)

Bitcoin can’t exist without the blockchain.

But can the blockchain exist without Bitcoin?

by Maya Karmon for Unsplash
by Maya Karmon for Unsplash

 

This is a subject of heated debate, with innovators creating blockchains without bitcoin, and with purists claiming that those aren’t technically blockchains. Let’s take a look at the two arguments:

A significant part of the Bitcoin mechanism involves the successful validation of transaction blocks. This takes time, specialized hardware and a lot of electricity, all of which incur costs. To compensate and incentivize the validators, known as “miners”, a bitcoin reward is automatically produced when a block is added onto the chain. Without this reward, there would be no-one able to do the work and the system would collapse. Even if a very wealthy volunteer decided to finance his or her mining/validating operation out of his or her own pocket, just because, he or she would have few if any collaborators, and the system would no longer be decentralized. So, technically, the blockchain can’t work without bitcoin.

Non-bitcoin blockchains do exist, but they tend to be centralized. Usually run by banks, corporations or as academic experiments, the incentive for the validators is strategic, not commercial. Their “reward” is operational efficiency, cost reduction or even just additional blockchain experience. Also, often in “private” blockchains the validation does not need to be restricted or difficult, so the costs incurred are much lower. In these cases, the bitcoin incentive is not needed. But the system is not decentralized, and is therefore vulnerable to manipulation and attacks. Purists insist that while they may be chains of blocks, they are not part of the blockchain.

De-centralized non-bitcoin blockchains also exist (such as Ethereum), but they use a different virtual currency instead of bitcoin (such as Ethereum’s currency ether). Same principle, different names.

Now, it is true that bitcoin is not the blockchain’s only potential application. Far from it. The public blockchain can be (and is being) used for recording information, transmitting documents and verifying ownership. But it still needs some element of bitcoin attached as a transaction fee.

We will no doubt see increasing activity in the blockchain space, both private and public, with broader use cases and deeper applications. The distance between private and public blockchains will continue to widen, as experimentation increases and as “permissioned distributed ledgers” become common corporate fare. For true decentralized, permissionless and secure distribution, however, the blockchain, the original one, will continue to develop and to grow, overcoming obstacles, volatility and confusing reporting. It will probably even outgrow the currency that it was created to support. To do so, however, it will continue to need a virtual currency such as bitcoin. Like all long-term relationships, the dynamics will adjust to experience and technology. But the relationship will last.

Hard fork vs soft fork

The most interesting thing going on in the Bitcoin world this week hasn’t been the alleged unmasking of Satoshi Nakamoto (and I stress “alleged” because, no, I don’t think so). It’s the gathering of the Bitcoin influencers at the Scaling Bitcoin conference in Hong Kong. As the second part to the Scaling Bitcoin conference in Montreal earlier this year, the objective was to get miners and developers together to discuss a possible solution to the block size debate.

image via Coindesk
image via Coindesk

Up until now, everyone has been assuming that the choice is between leave things as they are, or launch a hard fork that will increase the block size and give Bitcoin more scalability. There are pros and cons for each version, and firm, uncompromising beliefs on both sides. Yet some interesting ideas have emerged.

To appreciate what’s at stake here, it is important to understand what a “hard fork” is. A hard fork is a change to the current Bitcoin Core protocol that renders older versions invalid. The Bitcoin Core protocol defines how Bitcoin works. It is the core program that nodes use to validate blocks, and dictates such parameters as the block size, the difficulty of the cryptographic puzzle that needs to be solved, limits to additional information that can be added, etc. A change to any of these rules that would cause blocks to be accepted by the new protocol but rejected by older versions, would lead to serious problems on the blockchain.

Let’s say that the protocol is changed in a relatively fundamental way that relaxes the rules or broadens the code’s scope. If this happens, mining nodes running new versions would produce validated blocks that will not be accepted by nodes running an older version. For instance, if the block size limit is increased from 1MB to 4MB, a 2MB block will be accepted by nodes running the new version, but rejected by nodes running the older version. Let’s say that this 2MB block is validated by an updated node, and added on to the blockchain. But what if the next block is validated by a node running an older version of the protocol? It will try to add its block to the blockchain, but it will detect that the latest block is not valid. So, it will ignore that block and attach its new validation to the previous one. Suddenly you have two blockchains, one with both older and newer version blocks, and another with only older version blocks. Which chain grows faster will depend on which nodes get the next blocks validated, and there could end up being additional splits. It is feasible that the two (or more) chains could grow in parallel indefinitely.

fork

This is a hard fork, and it’s messy. It’s also risky, as it’s possible that bitcoins spent in a new block could then be spent again on an old block (since merchants, wallets and users running the previous code would not detect the spending on the new code, which they deem invalid). The only solution is for one branch to be abandoned in favour of the other, which involves some miners losing out (the transactions themselves would not be lost, they’d just be re-allocated). Or, all nodes switch to the newer version at the same time, which unfortunately is almost impossible to achieve in a decentralized, widely spread system. Or, Bitcoin splits, which would damage its usefulness and scalability. With a hard fork, since new version blocks are only accepted by upgraded nodes, it is essential that all nodes upgrade as soon as possible. This is very hard to achieve.

In March 2013, an accidental hard fork – brought on by an update which led to a database glitch – split the blockchain. The chain mined by updated nodes was longer than the chain containing only older nodes, so it would have been more efficient for the shorter chain transactions to pass to the longer chain. But that would have required a massive forced upgrade, which would have been logistically complicated, so the community decided to abandon the update and go back to the previous version.

For examples of changes that would require a hard fork, see the “hardfork wishlist”.

If, however, the protocol is changed in a way that tightens the rules, that implements a cosmetic change or that adds a function that does not affect the structure in any way, then new version blocks will be accepted by old version nodes. Not the other way around, though: the newer, “tighter” version would reject old version blocks. Old-version miners would realize that their blocks were being pushed off (“orphaned”), and would upgrade. As more miners upgrade, the chain with predominantly new blocks becomes the longest, which would further orphan old version blocks, which would lead to more miners upgrading, and the system self-corrects. Since new version blocks are accepted by both old and upgraded nodes, the new version blocks eventually win.

For instance, say the community decided to reduce the block size to 0.5MB from the current limit of 1MB. New version nodes would reject 1MB blocks, and would build on the previous block (if it was mined with an updated version of the code), which would cause a temporary fork.

This is a soft fork, and it’s already happened several times. Initially, Bitcoin didn’t have a block size limit. Introducing the limit of 1MB was done through a soft fork, since the new rule was “stricter” than the old one. The pay-to-script-hash function, which enhances the code without changing the structure (more on this later), was successfully added through a soft fork. This type of amendment requires only the majority of miners to upgrade, which makes it more feasible and less disruptive.

Soft forks do not carry the double-spend risk that plagues hard forks, since merchants and users running old nodes will read both new and old version blocks.

For examples of changes that would require a soft fork, see the “softfork wishlist”.

One interesting development to come out of the Hong Kong talks is Pieter Wiulle’s “segregated witness” proposal, which would enable Bitcoin to increase the number of possible transactions in a block without a hard fork (more details later). This has the Bitcoin community quite excited, as it would enable a greater level of growth, while avoiding the risks and the controversy. The drama is far from over, though. And the next time you find yourself setting the dinner table, think about using spoons instead.

 

 

 

Smart property: what does that mean for the blockchain?

Smart contracts enable us to use the blockchain to lock in instructions contingent on something happening. If a certain price is reached, sell. If the package arrives, pay. If someone uploads a document that contains a specific sequence of words, send that person an image. I’ve written about smart contracts before, so I won’t go into much more detail at this stage. Today I want to talk about smart property.

Smart property is an extension of smart contracts. An interesting extension that could change our relationship with objects, and push the Internet of Things into practical, interactive uses.

by Negative Spade for Unsplash
by Negative Spade for Unsplash

The idea that physical things have technology embedded in them is no longer new. We have all heard of smart lightbulbs, smart clothing and smart trashcans that gather data, transmit and occasionally talk amongst themselves. So far, most of the uses for the Internet of Things (in which objects have sensors and link to other objects) have been about collecting information and transmitting data. Smart bus stops gather statistics about public transport use in specific areas, and can keep users informed about times and routes. Smart mattresses can record sleep patterns and help to diagnose any problems. Smart cups record how much liquid you consume, and advise you how on you’re doing compared to the ideal.

Smart property contracts, however, embed decentralized blockchain technology into objects, and make the relationship more interactive. Instead of giving the objects a data-collecting life of their own, they increase our control over their use. Smart property contracts can dictate the extent of our ownership and control over networked objects. And they do so in a decentralized, efficient and automatic way.

Perhaps you have had the experience of renting a car with RFID (radio frequency identification) technology, which gives you access to a vehicle without even passing through the rental office. Efficient and very clever, it saves the user and the rental company time, and makes it easier to track the cars and their use.

The smart property concept is even more efficient, in that it unifies the rental contract and the access in one tiny piece of code. If this amount is paid, open the car door for the bearer of this sequence of characters.

It is also more revolutionary, in that it opens up the rental field to just about anybody. With the current RFID system, the business structure does not change. You still pay one of the established car rental businesses, and they decide if you get access to the car, and to which one. It’s still a centralized system in which they own the asset and they decide who gets to rent it. And it’s limited to the big players, since the investment needed to kit out fleets of cars with the necessary technology is substantial. Smart property opens up the field to individuals or small businesses. Investment in technology will be necessary, but will be limited to the lock automation and the readers. Since smart property contracts run on open-source blockchain technology, no expensive proprietary software should be needed.

The concept enables the blockchain to become a tool for managing property rights. As with cars, it could make apartment or house rental agreements more secure. Computer rentals. Bicycles. Power drills. The “sharing economy” could get a boost as the hassle of renting out items when we’re not using them is significantly reduced.

Established sectors could also benefit from the potential efficiencies. Hotels, for example: imagine not needing to pass through the check-in desk. Your public Bitcoin address becomes your room key, and payment is automatic. Access automatically expires when your departure date rolls around.

And smart property can extend the use of credit, by removing trust from the equation. Smart objects can be used as collateral. The lender can program the restriction of access to a car or a property if payments are missed. While that sounds harsh and slightly dystopian – consequences with no human intervention and no room for appeal – it would make it easier to get loans and concessions, with less risk for the loaner. Access to car loans, loans for residential or commercial rent, etc., gets opened up to a much wider potential base, with all the social and economic benefits that that implies. In theory, anyway. Obviously, legal challenges would need to be ironed out, but the business potential is sound.

Even more potentially interesting is the impact that smart property can have on business structures. By “democratising” use of property and programming conditional access, the concept could give rise to new types of group governance, decision making and rule enforcement. New types of ownership structure could develop as a result, which would lead to new types of markets. The impact of Bitcoin and the blockchain could well be even deeper than most Bitcoin enthusiasts realise.