Bitcoin ETF approval: the long game

by Louis Blythe for Unsplash - Bitcoin ETF approval
by Louis Blythe for Unsplash

The looming decision by the US Securities Exchange Commission (SEC) is, according to market analysts, putting wind under the bitcoin price sails. Market attention and media headlines seem to be focusing on the short-term impact. A pity… they’re missing out on a more interesting story.

A brief summary of the situation so far: in June 2013, Cameron and Tyler Winklevoss – the owners of the New York-based Gemini bitcoin exchange – submitted a proposal to the SEC for a bitcoin exchange traded fund (ETF) to list on Nasdaq. Since then, the Winklevoss Bitcoin Trust proposal has gone through several amendments, including switching to the BATS exchange (newer, and allegedly more technologically advanced) and establishing pricing mechanisms and custodianship procedures. After seeking public comment and using up all the deadline extensions available, the SEC is due to make a decision on approval by March 11th.

Many doubt that it will be approved. In fact, BitMex is running a book on the outcome, which places the probability at less than 40%.

Why would the SEC say no? The decision is a complicated one, but can be broken down into three sections: the intrinsic (issues pertaining to the fund itself), the extrinsic (issues pertaining to the market) and the bigger picture.

Amongst the intrinsic considerations are the suppliers of the various services that the fund will need. The Winklevosses propose that price determination and custodianship be carried out by their Gemini exchange. In the ETF world, it is unusual for one entity to fulfil both of those functions and at the same time be the sponsor.

The SEC also has concerns about bitcoin and its market. Its recent request for information included questions about forks, immutability and hacking, which reveals uncertainty over the strength of the technology. Furthermore, most of bitcoin’s trading volume is in China and Japan, which raises the spectre of manipulation of a US asset by foreign entities.

While structure and market concerns are fundamental, the SEC is no doubt also considering abstract issues such as its own reputation, and the possible effect on financial instruments. Here’s where the more interesting long game shows itself.

The SEC’s main purpose is that of protecting investors. Supporting innovation is not on its list of priorities. Given the relative youth of bitcoin and the potential vulnerabilities of the technology (mining decentralization, accidental forks, quantum technology), the risks are high. And if the SEC approves and something negative happens, that’s their reputation shot.

So, will the SEC embrace evolution and innovation, and acknowledge that bitcoin is here to stay? If so, that would mark a precedent that could shape expectations for years to come.

Or, will the SEC play it safe and defer difficult decisions until a later date? In which case, think about the message sent to change-makers. While it’s impossible to suppress creativity, a “no” decision could send innovators scurrying to find alternative (and less-regulated) outlets.

It’s also important to think about the bitcoin market beyond the immediate impact.

The Winklevoss proposal was recently amended to increase the initial amount from $65m to $100m, which signals strong initial demand. Analysts Needham & Company estimate that $300m could pour into the fund if approved, which given the limited daily volume (US$ trading is usually under $50m/day) would push up the price. How much of that is already priced in, we don’t know. And it’s worth remembering that the estimated inflow is just that, an estimate based on the performance of other similar funds (which is tricky, given that this is a first).

If the SEC decides “no”, it’s probable that the price will fall sharply. But bitcoin has many other fundamentals in its favour, and the price is likely to find support at lower levels (how much lower, I don’t know).

So, the immediate impact, even if the ETF is approved, is uncertain. The longer-term impact, however, is clearer.

There’s the liquidity aspect. If approved, the increase in bitcoin demand will boost trading volumes overall, which will reduce volatility, making bitcoin even more attractive to investors. Most of the increase will be in the US, since the fund will be doing its trading on the Gemini exchange. This will even out the current geographical imbalance in trading volumes, and calm the unease of regulators. It’s worth noting that Gemini is one of two bitcoin exchanges to have a BitLicense, which makes it one of the most highly regulated exchanges in the world.

Beyond price and liquidity improvements, there’s the reputation. Bitcoin will go from being “something criminals use” to “something approved by the SEC”, which would add a lasting veneer of respectability. Institutions and investors, not just in the US, would start to see it as an asset class rather than a libertarian speculation.

This could rattle economists and policy makers, since bitcoin represents an alternative to the established system. But it is in line with increased interest in blockchain technology from institutions. Central banks around the world are studying cryptocurrencies, some with a view to launching their own. And the recent appointment of bitcoiner Mick Mulvaney as Trump’s Director of Office of Management and Budget could herald a shift in the official attitude.

Finally, it’s important to bear in mind that an approved bitcoin ETF would be the first “mainstream” fund to be based entirely on a digital concept, with no tangible underlying asset. This could unleash a stream of creative financial engineering which could usher in a new era of opportunity. Or, it could end up increasing market instability, especially when combined with a federal policy of more relaxed regulation of financial institutions.

So, the ramifications go well beyond a “yes” or “no” and the resulting impact on the price. The initial swings will be exhilarating or horrifying, depending on your position. But the bigger picture, which affects us all, is much more compelling.

What is the difference between an algorithm and a protocol, and why does it matter?

This is a deep dive into supremely nerdy territory, but being a stickler for detail, I think it’s worth clarifying: algorithms and protocols are not the same thing. And in the bitcoin-blockchain world, the difference is important.

Which is surprising, since they seem to be used interchangeably. I certainly have used them as if they were the same thing, as have people much more knowledgeable than myself. And my inner Thesaurus desperately wants it to be so, to avoid over-using one word or the other. But a niggling doubt at the back of my mind pushed me to look into it a bit, and here is what I found:

That our confusion in this respect is holding us back.

So in this article, I hope to clarify the differences, and to show how a deeper understanding of this can lead to new breakthroughs. In part, it’s my fondness for the pedantic, but mainly it’s because I firmly believe that if we can understand something more profoundly, it’s more likely that we can come up with useful variations, innovations and use cases.

Here goes:

A protocol is a set of rules that governs how a system operates. The rules establish the basic functioning of the different parts, how they interact with each other, and what conditions are necessary for a healthy implementation. The different parts of a protocol are not sensitive to order or chronology – it doesn’t matter which part is enacted first. And a protocol doesn’t tell the system how to produce a result. It doesn’t have an objective other than a smooth execution. It doesn’t produce an output.

It’s like the engine of a car, how a car works.

An algorithm, on the other hand, is a set of instructions that produces an output or a result. It can be a simple script, or a complicated program. The order of the instructions is important, and the algorithm specifies what that order is. It tells the system what to do in order to achieve the desired result. It may not know what the result is beforehand, but it knows that it wants one.

It’s what you need to do to drive the car, the actions that the driver performs.

The protocol is a set of rules that determines how the system functions.

The algorithm tells the system what to do.

The protocol is. The algorithm does.

In the kitchen, the protocol would be a set of conditions and instructions such as:

  • The knife cuts
  • The flame heats
  • Olive oil is delicious
  • Frying pans are good for sautéing onions
  • Wash your hands before handling food
  • Burnt food tastes bad

An algorithm in the same kitchen could be:

  • First, chop the onion
  • Then, heat up the olive oil in the pan
  • Put the onion in the pan, add some salt, and stir until the onion is translucent
by Matthew Wiebe for Unsplash - algorithm
by Matthew Wiebe for Unsplash – the bridge is a protocol, the bike is a protocol, the rider is an algorithm

How is any of this applicable to the blockchain? Because the blockchain needs both protocols and algorithms, and each have a distinct role.

In blockchains, the protocol:

  • tells the nodes how to interact with each other (without telling them to do so)
  • determines how data gets routed from one node to the next (without telling the data to move)
  • defines what the blocks have to look like
  • stipulates who decides which transactions are valid
  • establishes how consensus is determined (without dictating the procedure)
  • identifies who maintains the ledger
  • delegates who determines how the rules of the system change
  • decides if identities are needed
  • determines who can create new coins (but not how)
  • triggers procedures in case of error

The algorithm, on the other hand:

  • verifies signatures
  • confirms balances
  • decides if a block is valid
  • determines how miners validate a block
  • establishes the procedure for telling a block to move
  • establishes the procedure for creating new coins
  • tells the system how to determine consensus

So far so good, right? Now here’s the truly befuddling part: are “Proof of Work” and “Proof of Stake” protocols or algorithms? In crypto journalism they tend to get used interchangeably, with frequency coming down on the side of algorithms, but with protocols getting a relatively high score (check out “proof of work algorithm” vs “proof of work protocol” in Google). So I’ve been furrowing my brow and staring into my empty cup of coffee and I’ve concluded:

They’re algorithms. Not protocols.

Both Proof of Work and Proof of Stake tell the miners how to go about validating a block. They establish conditions, like protocols do, but the instructions are fundamental, and there is definitely a desired outcome: to process transactions, to determine which blocks enter the chain, and to provide a consensus as to which chain is the correct one. Both use the underlying protocol to achieve those goals.

Continuing along this brain-wrinkling train of thought, are Bitcoin and Ethereum algorithms or protocols?

They’re protocols. Not algorithms.

They establish the ground rules, set up the “engines” and determine who does what and how. We, the users, then play around with algorithms to get coins sent, to execute smart contracts and to create new business models. The algorithms are what make the protocols useful.

So, if we understand that the rules are one thing and the instructions are another, we can get creative. What is our desired outcome? And what algorithms, using the rules of the protocol, can we come up with to get us those desired outcomes?

That is why the difference is important. We need to understand the distinction between the state and the action. Between the rules and the procedure. Between what we can and can’t do. We can’t change the rules (if you want to, go ahead and set up a new blockchain). But we can create a series of actions, instructions and processes that can get us to where we need to be.

 

How can Bitcoin be hacked?

Don’t get excited, this isn’t a how-to article. I have no idea how to hack Bitcoin (and even if I did, I probably wouldn’t tell you). With the Bitfinex drama and the Cryptsy theft (by its own CEO??) still appearing in headlines, and with so many of my friends asking “But I thought Bitcoin couldn’t be hacked???”, I wanted to dig into the how, the why and the who. I’m not going to go into all the crypto hacks and thefts over the past few years, that would produce an article the length of a book. But I am going to look at some of the more interesting and relevant ones, going back to the middle of 2014.

First, we need to differentiate between a hack and a theft. Many assume that they are one and the same, but they are not. Technically, a hack is “unauthorized access to a computer”. Many hackers go in and out of others’ computers and servers just for fun (scary, but it happens). Some hacks are positive – there is a service that will try to hack your bitcoin wallet to recover funds for you. The DAO fiasco saw the hacker(s) being hacked to try to recover funds (it didn’t work). And hackers have been helping to root out the owners of alleged scam cloudmining company HashOcean. So, not all hacks involve theft. And not all theft is a hack, obviously. Theft does still happen out there in the physical world, with no computer getting involved.

by Dmitriy Me2dev for Unsplash - hacks
by Dmitriy Me2dev for Unsplash

But, it’s not news that cybercrime is an intensifying threat to individuals, businesses and even economies, as the tougher the security, the more fun the challenge. And as more and more of our lives and our wealth is online, the stakes get higher. All major law enforcement groups have their own cybercrime division, drawing on the skills of detectives, lawyers and, yes, hackers. But in most cases, figures on cybercrime are difficult to come by, as most victims have no interest in publicity, and many attacks are covered up.

In the cryptocurrency world, however, things are very different. The media seems to relish a “see-I-told-you-it-wasn’t-safe” rubbing of hands and pronouncements of crypto doom. Plus, given the community’s active presence in forums and chats, news of hacks, outages and breaches spreads fast. Trying to cover up a crypto hack forever just wouldn’t work. A stroll through reddit or bitcointalk will give you an idea of the volume of chatter, level of detail and degree of scepticism about practically any and every aspect of the sector. Suspicions are aired, spread and debated, and the senior team of the putative hack victim is usually on hand to answer questions. From what I gather, and lamentably with some notable exceptions, they generally do so as truthfully as they can, with good intentions, because they know that hiding stuff from the community (some of whom are hackers themselves) is futile.

So, it’s not that cryptocurrency businesses suffer more hacks than all other sectors. They don’t. It just seems like they do, because those hacks get a lot of public attention.

The most recent one to occupy the headlines is the absolutely huge Bitfinex hack, in which 119,756 bitcoins (worth about $70 million at the time) were siphoned off from the exchange in early August. We don’t yet know how it was done, which is perplexing given that in 2015 Bitfinex announced a collaboration with multisig wallet producer BitGo to enable additional multisig security on Bitfinex wallets. In theory, with the BitGo solution, it was supposed to be impossible to hack clients’ wallets and steal their bitcoin. Yet that is exactly what happened. Both BitGo and Bitfinex assure us that BitGo was not at fault in the hack, that the coding worked as it should. Fingers seem to be pointing at the configuration Bitfinex employed, keeping bitcoins in individual accounts rather than in a cold storage pool (kept offline), to comply with a recent CFTC (Commodity Futures Trading Commission) investigation which resulted in a $75,000 fine and the requirement to change the process of settling margin trades.

In an unprecedented move, Bitfinex decided that in order to stay open for business (and as the 3rd largest exchange in terms of volume and the largest in US$/bitcoin trades, it was important that it do so, for market stability) it needed to spread the losses amongst the clients’ accounts. Rather than have some clients’ accounts lose everything, it applied a 36% haircut to all accounts, instituting the first “bail in” in digital currency history. This is more or less the haircut the account holders would get if Bitfinex went into receivership, and at least this way there is a chance that they can get their money back. The company has replaced the reduced amount with a cryptocurrency token which itself can be traded, or redeemed at a later date for bitcoins, or dollars, or shares in Bitfinex’s parent company, it hasn’t been decided yet. In the end they may not be able to do this, however, as the words “unprecedented” and “finance” generally don’t go well together, and the legality of token trading (which has already started, no time to waste) is in question, as is the concept of “socialized losses”. And, who knows, they may yet be able to recover some of the stolen bitcoins, given the $3.6 million bounty on offer.

In June, the Ethereum project theDAO was hacked to the tune of 3.6 million ether, at the time worth $60 million. The response of the Ethereum developers was to hard fork the blockchain, winding time back to before the theft, and closing the platform on which it happened. Hard forks are contentious, though, because of the risk involved – for it to work as planned, all network participants need to upgrade to the new version, to avoid some validating blocks on the old “invalid” code, which could lead to potential false transactions and double spending. In this case, the proposal was particularly contentious because it demonstrated that public blockchains are not necessarily immutable, resistant to censorship, etc. The Ethereum code was working fine. The change would be to avoid losing money. A good enough reason? If Ethereum can change the code to suit them, what’s to stop them from doing it again in the future, due to self-interest or coercion?

The hard fork turned out not to have the consensus that the developers assumed, and a few holdouts insisted on sticking with the “old” Ethereum chain. The “old” ether became a new cryptocurrency called ETC, while the new one retained the old symbol of ETH. The developers didn’t object at first because they really thought that ETC would fizzle out and quietly disappear. But it is now the 6th largest cryptocurrency in terms of market capitalization. And the thief still has his (or her) 3.6m ethers, the old version, although they are worth a lot less than the original $60 million. It’s disconcerting how one hack can change the fundamental nature of a promising blockchain in unforeseen ways.

gatecoin - hacks

In May, Hong Kong-based crypto exchange Gatecoin reported the theft of 250 bitcoins and 185,000 ether, worth about $2 million at the time. While most clients’ crypto assets are stored in multisig cold wallets, the hacker managed to overwrite the protocol that handles this so that ether went directly to the hot wallet (keys kept online) instead of the cold, and ignored the self-imposed limit of 5% of assets in online storage. In the end, the hacker made off with 15% of the exchange’s crypto assets. Immediately after, Gatecoin announced that it would seek $4-5 million in funding to cover the losses, and offered a bounty and a lifetime of free trading for return of the assets. In the end, the exchange managed to raise $500,000 to strengthen the security infrastructure, and replaced its CTO, referring to him as a possible suspect. At time of writing, its web site was undergoing an overhaul, and is supposed to relaunch today (August 17).

In April, exchange Shapeshift reported a hack executed in stages of 469 bitcoins plus some ether and litecoin, worth at the time about $230,000. In this case they were victim of an inside job – an employee stole the bulk of the funds, sold server access to a professional hacker, and installed malware on colleagues’ computers to enable the hacker to access the refreshed passwords. Erik Voorhees, the founder of Shapeshift, gives a riveting account of the drama here. No customer money was lost, and the site had relaunched by the end of the month.

Also in March of this year, Canadian exchange Cointrader suddenly closed down, with the explanation that an audit had revealed an unexplained deficit of bitcoin. The media took this to mean a hack, but it might not have been. In an email to clients, the exchange explained: “A recent internal audit revealed a deficiency of Bitcoin in our wallets.” Previously, trading had been halted on shares of the parent company Newnote Financial Corp. (listed on the Canadian Securities Exchange, similar to the US’s OTC market), because of failure to file financial statements. The company was undergoing an audit to rectify this, most likely the same audit that uncovered the missing bitcoins. In an official statement, Newnote announced that the audit was still ongoing and that Cointrader would be shut down due to “rising maintenance costs and lower trading volume attributed to an increase in competitors within the Canadian market space”. No mention was made of the hack. So, did the hack even take place? Or had the audit uncovered something else?

Here’s an interesting one, still making headlines today: In December 2015, exchange Cryptsy and the media started receiving a stream of customer complaints about stalled bitcoin withdrawals, some pending for weeks. In early January, in the face of no response whatsoever from the company, a frustrated client initiated a class action lawsuit in an attempt to recover their funds. The next day, the founder published a post on the Cryptsy blog announcing suspension of trade and withdrawals, and confessing to the loss of 13,000 bitcoin and 300,000 litecoin, at the time worth about $5.7 million. The founder explained that a back door had been installed on the exchange by someone claiming to be a developer. The most startling revelation was that the coins had been missing for a year and a half.

Why hadn’t he told anyone? According to his post, because he wasn’t sure what happened (even well over a year later), and “didn’t want to cause a panic”. He assumed that he could replenish the accounts with profits over time. But then an article was published in the sector blog Coinfire (now part of 99 bitcoins), claiming that Cryptsy was under investigation from several Federal agencies (including the SEC, the Department of Homeland Security and the IRS) for a long litany of infractions ranging from operating without licenses to knowingly servicing accounts linked to terrorist financing, which triggered massive withdrawal requests that Cryptsy simply could not honour.

A couple of weeks later, the CEO’s ex-wife claimed in a court filing that she believed that he would flee the country with the funds, and was using the money to support his lover and her children in China. A few weeks after that, we’re now in February of this year, the ex-wife was added as a defendant in the class action lawsuit, since it turns out that in early 2015 she and her (then) husband had paid for a waterside mansion in Palm Beach with cash. In April the court appointed a receiver to dissolve the business and determine how much was recoverable. Last week the receiver revealed that he had discovered that the (now ex-) CEO had been siphoning off crypto funds the whole time.

After an apparent lull in crypto hacks (what were the hackers up to?), in May 2015, a well-known Hong Kong-based exchange suffered a breach and a theft. The exchange was Bitfinex (yes, them again), and this time the target was their online hot wallets, which store a very small amount of crypto assets. Apparently about 1500 bitcoins were stolen, worth approximately $340,000 at the time. Customer wallets were affected, but Bitfinex was able to replenish the losses out of their reserves.

Also in March 2015, Panama-based Coinapult briefly suspended operations following the theft of 150 bitcoins (then worth $42,900) from its online wallet. Customer funds were unaffected, but immediately after, the exchange announced its intention to move to multisig authentication as soon as possible.

The previous month, Chinese exchange Bter, at the time the world’s largest exchange of altcoins (bitcoin alternatives), admitted to a hack of 7170 bitcoin (then worth $1.75 million) taken from its cold wallet. Because of the unlikelihood of a cold wallet getting hacked (the keys are kept offline, so how would the hacker get at them?), some pointed fingers at Bter, accusing them of covering up an inside job. However, there are cold wallets and then there are cold wallets. Depending on the configuration, some cold wallets can be compromised when they connect with the internet, however briefly, which they sometimes need to do to either move bitcoins or update balances.

The size of this theft almost caused Bter to sell the exchange, claiming that it simply did not have the funds to reimburse the 20,000 affected customers. A 1000 BTC loan from mining group JUA saved the day, however, and Bter was able to use that plus the promise to continue to repay out of profits to make the accounts whole. JUA also took over the protection of Bter’s cold wallets.

February 2015 was a busy month for hackers: Excoin was also hacked. The exchange turned out to have a prophetic name, since the hacker managed to divert all of the bitcoin on the exchange, which left it no choice but to shut down.

photo by Loic Djim for Unsplash - hacks
photo by Loic Djim for Unsplash

In January of last year, Bitstamp – a Luxembourg-based exchange, currently the fifth largest BTC/USD exchanges – had 18,866 bitcoins (then worth just over $5 million) stolen in a hack that involved targeted phishing emails and messages which installed malware on the computers of Bitstamp employees. The hackers not only spent time profiling the employees and creating specific language and offers for each in the emails, but they cleverly staged the access and the theft over the New Year period, counting on a slower reaction time. As soon as the movements were discovered (the same evening as the account was drained), it shut down operations, and started work on rebuilding the trading software from scratch.

After another lull in crypto hacks making headlines, in August 2014, Bter was hit again. Almost 52 million NXT (another cryptocurrency, associated with the blockchain of the same name), at the time worth $1.65 million, disappeared from its account. It turns out that the hacker got access by gathering information on one of the Bter developers, hacking an account that he used on a different website, and taking advantage of the fact that he used the same password to get into Bter. The exchange had set up 2-factor authentication on many of its systems, but not on NXT, which to make matters worse was kept in a “hot” online wallet, directly accessible from the site. Given the scale of the attack (at the time the theft was of 5% of the market cap), NXT considered “rolling back” the blockchain to reverse the hack, much like what Ethereum has just done. As we have seen, however, this is a very controversial move for any blockchain based on immutability and censorship resistance, and the majority of the participants opposed the idea. This hack had a “happier” ending, however, since the exchange managed to negotiate the return of the bulk of the coins. Perhaps they used the threat of a hard fork? Keeping some and returning the rest is better than losing all?

And another happy ending: in December 2014, wallet giant blockchain.info was hacked for 255 bitcoins. And then the hacker gave the coins back. Awwww.

Let’s end this walk through history with a really juicy story, with several chapters but no happy ending: in July 2014, altcoin exchange MintPal was relieved of approximately 8 million of bitcoin alternative VeriCoin, which at the time was 30% of its market cap of $6.3 million. It is interesting to note that the exchange’s bitcoin holdings were also targeted, but they were held offline in cold storage and thus ended up untouched. The Vericoin were supposed to be in cold storage, but due to an error most of them weren’t. The community couldn’t allow that much VeriCoin in the hands of one attacker, since it would have given him or her enough weight to instigate a 51% attack, which made the decision to fork simpler – it was that or see the currency completely crash. The problem with hard forks, though, is that everyone in the network needs to update pretty much at the same time. That didn’t happen here, which meant that older versions processing new blocks effectively “reassigned” the attacker the stolen 8 million. A second hard fork a day later managed to fix the problem, diverting the coins to a new, MintPal-controlled wallet.

Trading volumes dropped sharply after the attack, which led to its acquisition by the end of the month by Moopay (more commonly known as Moolah, not to be confused with the payments services provider of the same name). Three months later, on October 14th, after several delays to MintPal’s relaunch, Moopay announced its plans to declare bankruptcy and shut down operations. MintPal had apparently already been transferred to new management, and the new team was focussing on “the resolution of issues surrounding missing balances”. Missing balances?

The following day, the CEO of Moopay insisted that the company had never bought MintPal, all that it had was a management agreement (documents subsequently released show that, indeed, Moopay did not own a stake in MintPal, but the CEO of Moopay did, he held 48% of the company that owned 100% of MintPal). To add to the confusion, less than 24 hours later, the CEO and founder announced that no, on second thoughts, Moopay was not going into bankruptcy after all. He then resigned. At the same time reports started to emerge tying the founder to other identities. The next day, this was separately confirmed by both a former lover and by an ex-associate who in the past had pressed charges against him for fraud. The following day (a busy week) it turned out that the name that they knew him by wasn’t his real name, either. The day after that (we’re now at the 18th of October), the ex-CEO fired all the staff, and the following day he confessed to the name change. And in case things weren’t confusing enough, he re-confirmed the bankruptcy.

At the same time, it emerged that 3,700 bitcoins were missing from MintPal’s wallets. It turns out that they were being held in the Moopay CEO’s personal wallet, and were moved as soon as this was discovered. Simultaneously, the CEO posted an abject apology on Moopay’s blog, which has since been taken down but part of the text is reproduced here. Then the lawsuits started flying, injunctions were handed down and the CEO went missing. In December, he and a former colleague (alleged to be his then girlfriend) were arrested in the UK but released on bail. And in August of this year, a couple of weeks ago, he was sentenced to 11 years in jail, not for theft or fraud, but for rape. I bet you didn’t see that one coming.

As you know, it’s not just cryptocurrencies that get hacked. Banks around the world are subject to a frightening number of hack attempts, some really sophisticated, and some successful. However, the bank hacks tend to be shrouded in secrecy, and many are never even revealed to the public – we wouldn’t want a panic, now, would we? Another big difference is that bank accounts are, in most systems, insured up to a certain amount. There is little if any risk of “losing it all”. With the uninsured crypto exchanges, however, that is not the case, and while the amounts are much smaller than with fiat bank hacks, the community is much more vocal.

How can we protect ourselves from bitcoin hacks? A relatively easy answer is to spread our bitcoin holdings across several wallets and exchanges, and throw the bulk in cold storage. It’s an easy answer, but it’s a hassle, which is why most casual bitcoin users don’t do it. Sticking with reputable exchanges is also a good idea, but a really big hack could decimate even the most solvent of business (crossing fingers for you, Bitfinex). When an exchange gets hacked, the loss of the cryptocurrency is not the only cost. There’s also the expense of the investigation, migrating servers, rebuilding the platform, lawyers…

It’s so easy to apply common sense in retrospect, but unfortunately much less so as we go about our daily lives. And as we’ve seen, crypto hacks can affect any exchange, even reputable, well-protected ones. Theft is lamentably a part of life which we will never be able to completely avoid. And the fact that it exists in no way makes the stolen asset more vulnerable and worthless. Cash is stolen every day, and yet that doesn’t make us suggest that cash is useless, does it? Gold, diamonds, cars… Anything that can be moved, can be taken. And nothing is easier to move, in terms of logistics, than bits and bytes of information. The fact that it doesn’t happen more often is a testament to the ingenuity of security experts, who are continually trying to stay on top of a moving pile of sand. With each hack, the community learns. And with that knowledge, gets stronger. While this doesn’t help the thousands who lose savings, it does strengthen the sector as a whole. And shows that if people are trying to steal what you have, it must be worth stealing.

What is Proof of Stake?

Bitcoin relies on a system called Proof of Work to ensure consensus and security on a blockchain. So do other cryptocurrencies such as Peercoin, NXT, Nubits, Qora and Bitshares,  But some strongly believe that Proof of Work is wasteful and unreliable, and instead implement an alternative system called Proof of Stake.

by Len de la Cruz for Unsplash
by Len de la Cruz for Unsplash

How does Proof of Stake work? By offering the chance to validate a block of transactions, and to receive the corresponding reward, to holders of the currency in question.

In Proof of Work, those most likely to validate a block are those with the most computing power. Taking control of the blockchain is, then, a question of churning computations, and would be prohibitively expensive. Work = cost. That is how Proof of Work secures the blockchain, by making it too expensive to retroactively change, and too difficult to control going forward. Consensus is understood to be the chain with the most work behind it, ie. with the greatest number of validated blocks (technically it is possible to have a sequence of blocks with a relatively low level of work behind them, but it is rare).

In Proof of Stake, holders of the underlying currency “deposit”, “pledge” or “bond” an amount, in exchange for the right to validate blocks. Generally, the likelihood that they will successfully validate a block is in proportion to the amount deposited. Security is achieved by the high cost required to control the majority of the network (a validator would have to hold over half of the market capitalization!). Consensus is achieved by the assumption that stakeholders have a strong interest in the health of the network. If trust disappears because of suspected bad behaviour, the value of the currency will crash and the manipulator’s holdings will be worthless. With Proof of Stake, trust becomes a self-fulfilling prophecy.

Also, Proof of Stake in theory is more democratic. With Proof of Work, influence tends to concentrate in the hands of those with the most powerful computers. Not everyone has the wealth to purchase or the skill to maintain that level of equipment. With Proof of Stake, the validation can be done on any computer. The investment required is in the actual currency itself.

Yet Proof of Stake in its simplest form is not conducive to reaching a consensus, since there is no cost associated with mining on a chain. In Proof of Work, if you mine on the wrong chain, you lose the amount that you invested in doing that work (= the cost). In Proof of Stake, it doesn’t matter which chain you try to mine on. You’re depositing an amount of currency, not incurring a cost. If it turns out that you’re trying to mine on the wrong one, you lose very little. In fact, you could theoretically mine on several chains at the same time, since there is no additional cost for doing so. This makes consensus harder to achieve.

And it will obviously lead to increasing concentration, not ideal for a decentralized concept. Why increasing concentration? Because if those that have the highest stakes are more likely to receive the newly issued coins, then their stakes will become even greater, which will make them even likelier to receive the newly issued coins, etc.

So, the currencies that use it have solved these weaknesses by tweaking and adding features, often ending up with a hybrid system that includes some Proof of Work characteristics.

For instance:

One of the earliest examples of Proof of Stake was PPCoin, subsequently called PeerCoin, in which miners process blocks by submitting a stake. They do this by sending to themselves a chunk of their own coins. Only PeerCoins that have been held for at least 30 days can be used for this, and the longer they have been held without being used (up until 90 days), the higher the chance that block production process has of being successful. Once used, the stake has to sit idle for 520 days. This system ensures that the minting of new coins does not concentrate in the hands of a few participants. The consensus chain is the one with the highest “consumed coin age” behind it. Peercoin also allows for Proof of Work mining as an alternative, but this is being phased out as Proof of Stake becomes more important to the network.

NXT was the first 100% Proof of Stake currency. Block validators are selected at random based on the amount of the currency they hold, and everyone knows who the next miner is going to be. This makes double-spending very difficult, as it the whole network will be able to see if a transaction occurred or not. NXT does not offer fresh coins as a reward for validation – all 1bn coins were created at launch. Block validators focus on maintaining a healthy network, which will increase the value of their stake.

Bitshares uses a derivative called Delegated Proof of Stake, in which wallet holders elect 101 delegates who carry out the voting on which transactions get validated. These delegates take turns producing a block every 10 seconds, in a random manner. This is a less decentralized system than simple Proof of Stake, but more manageable.

Ethereum, the second largest cryptocurrency by market capitalization, currently uses Proof of Work, but plans to move over to a Proof of Stake variation some time in 2017. The twist that Ethereum plans to put on the concept is that validators have a “stake” in the outcome. They stand to lose out if they mine on the wrong chain. To earn the right to try to mine, participants submit a deposit, and are then invited to “bet” on which block will be validated next. Yes, you heard right, you “guess” (presumably in an experienced and insightful way) which block will be the next one to be included in the chain. If you guess right (= if you bet well), you get a reward. If not, you lose your bet. This will make consensus naturally easy to achieve – everyone sees where everyone else is concentrating, and converges on that chain.

As you’ve probably noticed, securing a network and identifying consensus in a decentralized public network that is not controlled by any one entity, is not at all simple. Both systems – Proof of Work and Proof of Stake – are totally ingenious, even though they both have their flaws. Will one turn out to be much better than the others? It’s way too soon to tell. Proof of Work has served Bitcoin well over the past seven years, but the cost and the centralization are becoming serious issues as the profitability of mining falls. Will it withstand the test of time? Proof of Stake has yet to find the magic formula that combines efficiency, security and decentralization. But that doesn’t mean that it won’t happen. We are still in the experimentation phase, launching ideas into the wild and seeing what adaptations and unexpected consequences the users come up with. And the cryptocurrency sector may well end up converging on something totally different. What is most likely, though, is that we will end up with an ecosystem that supports and nurtures combinations of what we have now. And it will be very interesting to see if we can reach a consensus on consensus.

Rational selfishness and bitcoin vulnerabilities

Rational selfishness is the philosophical principle that an action is rational if and only if it maximises one’s self-interest. This can get your brain in knots faster than you can say “but is selflessness even possible?”. Digging deep, can we really say that we give money to charity for selfless reasons? Don’t we really do it because we feel good in doing so? Sure, we’re helping others. But we’re also helping ourselves. When you give the last bite of the chocolate bar to your partner, you feel kind and loving. When you give money to the beggar on the street, you feel altruistic. When you pay into your pension fund, you feel sensible. But are any of these “maximising” your self-interest? Being kind and practical and unselfish feels good. Which makes it, inherently, selfish. But not particularly rational.

by a-shuhani for Unsplash - bitcoin vulnerabilities
by a-shuhani for Unsplash

What has that got to do with bitcoin? Glad you asked. Bitcoin is, as you probably know, a decentralized autonomous platform for transferring value. It’s run by all the participants, and maintained by volunteers, for the benefit of everyone. There’s no central organization profiting from this. The design will have been proven a success if bitcoin manages to establish itself as a reliable alternative to fiat money. It’s totally decentralized, so it’s fair. And we collectively want it to work, so it’s resilient.

Or is it? Is there room for selfishness in bitcoin?

Of course there is. We want bitcoin to work because it will be a step towards a more independent financial system. If we profit from our trading or make money on our mining operation, so much the better. And many of us do focus on those potentially lucrative activities. But for most of us, the benefit is not directly economic. At least not just yet.

Which is one of the reasons why the concept of “selfish mining” is so fascinating. Mining is selfish in that the block validators rightfully expect to at least be able to cover their costs. So how is “selfish mining” different from normal mining?

(Note: if you need a reminder of what bitcoin mining and block production is, check this out.)

Selfish mining is based on the desire to influence the production of blocks, and effectively control the blockchain. Bitcoin is based on the resilience and fairness of decentralization. Selfish mining is a tactic, allowed in the current bitcoin protocol, that completely undermines those concepts.

First labelled and quantified by Emin Gün Sirer and Ittal Eyal of Cornell University (although the possibility had been previously mentioned in bitcoin forums), it is based on some miners not informing the network of processed blocks. In other words, by not “playing fair”.

How it works: a “selfish miner”, let’s call him S, processes a block. It’s linked to the previous block on the chain, but S doesn’t tell the network about it. Now, one of two things will happen. Either the next block will also be processed by S (how probable that is depends on how much computing power S has), in which case he now has a blockchain that is two blocks longer than the one that the rest of the network is looking at. Or, the “good guys”, let’s call them G, process a block and add it on to the blockbefore S’s first block. They think that’s the latest block, because S never told them about his. On seeing this, S “announces” the first block he processed. There are now confusingly two different public blockchains of the same length, one ending in S’s block and one ending in G’s block.

If that happens, which one will the next processed block be added on to? It depends who processes it. If it’s S, he’ll obviously add it on to the one ending in his block. If it’s G, it could be either one. Either way, the chances are greater that it will be the one ending in S’s. Why? Because you have to add the probability that S processes the block, to the probability that G processes it and adds it to S’s block (G has no idea that S does not have honourable intentions). That sum will almost always be greater than the probability that G processes the next block and adds it to the other chain.

So, while it may take a while, S’s “success” will increase. S will eventually end up with more processed blocks on the chain. If S is a mining pool, more miners will want to join him because of that success. S’s share of the computing power will increase, as will the probability that they can pull off selfish mining, which will increase their computing power some more, which will increase the probability that they can selfishly mine, etc. And soon we will end up with a group that has an uncomfortable consolidation of power in a platform designed to be decentralized and fair.

Selfish mining could also be used to facilitate double-spending attacks, which undermine reliability. If S has processed a few blocks in a row, and has not told the network about any of them, he can be pretty sure that he can “replace” the public blockchain with his. So, he could purchase something with bitcoins, and let G process that transaction. G would add that block on to the latest block that it is aware of. S would continue to try to mine blocks to add on to its private chain, the one that it is keeping secret. But G would add subsequent blocks on to the last one that it processed, because that is now the longest public chain. When G’s public chain is almost at the same length as S’s private one, S would publish its longer chain, thus invalidating all the transactions in G’s recent blocks. Including the one in which S purchased something with bitcoin. They would be invalid because they are no longer part of the longest chain. S has the goods it purchased. But the payment for those goods is now invalid.

There has been disagreement in the community over the realistically possible consequences of selfish mining. Vitalik Buterin, the founder of Ethereum, believes that it’s not that worrying, since in reality it is very unlikely and the potential profitability is doubtful. But the authors of the original selfish mining paper insist that “bitcoin is broken”. I believe that both are right. At this point in time, it’s not that worrying. There’s no evidence that this kind of attack has happened (and we should be able to detect from the confirmation records), and the economic cost to the system should it happen won’t be that high. Miners will “waste” work, but that’s about it. However, as the authors have repeatedly pointed out, the likelihood that this scenario, if enacted, will lead to concentration of power is very, very serious. It’s the potential destruction of the underlying concepts that is the most damaging. Will the desire to see the system work, for both economic and ideological reasons, trump the desire to benefit from enhanced mining rewards? We don’t know.

Rational selfishness reduced to its simplest form can be programmed into a computer, or a self-regulating protocol like bitcoin. Such-and-such is a good thing to do if it improves my value or the balance on my ledger. And rational selfishness no doubt forms an integral part of Artificial Intelligence research. But, as we all know, it’s not really part of our way of life. At least not the “rational” part. Humans are generally not very rational, let’s face it. We let emotions cloud even basic investment decisions. We allow unspoken biases or loosely held convictions to affect our reasoning. And we are very bad at predicting what will make us happy. Wanting to participate in interesting projects, wanting to be part of something important, wanting to help change what needs changing – these are also selfish aims. They will make us feel good, they will give our lives meaning. But the results don’t go into any quantifiable ledger anywhere.

This lack of rationality spills over into the world of bitcoin. Most of those who insisted back at the beginning (many still do) that it can never work, were letting their fear of fundamental change convince them that clinging on to old systems is the most intelligent option. Most of those who jumped at the chance to try bitcoin did so because of an irrational hope that we had finally found an alternative to centralized finance. That irrationality, strangely enough, is one of bitcoin’s enduring strengths. We collectively really want it to work, and not just for economic gain. If miners were purely rational, yes, they would join a selfish mining pool. But that reasoning overlooks the fact that miners, too, want bitcoin to succeed. They want to make money, yes. And we’re happy for them to make money, since it keeps the system going. But it’s unlikely that that’s their only objective. The opportunities to profit from bitcoin’s weaknesses are there. And they have not yet been taken advantage of. Absence of proof is not proof of absence, I know. But I don’t believe that the fact that it hasn’t happened is because the miners don’t know how. It’s because selfishness is not always rational.

(This post was originally published on LinkedIn.)

What is Proof of Work?

Bitcoin uses Proof of Work to ensure blockchain security and consensus. Fine, but what does that mean?

“Proof of Work”, as its name implies, requires that the decentralized participants that validate blocks show that they have invested significant computing power in doing so. As we saw in “How does Bitcoin work?”, bitcoin validators (known as “miners”) compete to process a block of transactions and add it to the blockchain. They do this by churning enough random guesses on their computer to come up with an answer within the parameters established by the bitcoin program.

Hang on, that’s confusing. So, they wildly guess and hope that their resulting answer ends up in a certain range? Sort of. The main character in this game is called a “nonce”, which for trivia lovers, is an abbreviation of “number used once”. In the case of bitcoin, the nonce is an integer between 0 and 4.294.967.296.

The other main character is a “hash”, which is an algorithm (= a really long and complicated formula) that converts any sequence of characters (it could be the word “dog”, or it could be an entire novel) into a string of 64 letters or numbers.

Hashes are a big part of what makes bitcoin secure. If you change so much as a comma in the text that is hashed (= has the algorithm applied to it), or if you so much as add a space, you get an entirely new hash. It could be a little different, or it could be very different, the outcome is random. Only it’s not really random, because every time you pass a particular text through a hash, you get the same string. If you change something, it’s different. For a given text, it’s always the same. Change one thing, and it’s not.

So, if you hash a real estate purchase agreement or a last will and testament or a stock purchase deal, and put that on the blockchain, no-one can change the details without everyone knowing. If a hash on the blockchain suddenly changes, things get messy. That’s what makes historical bitcoin transactions and records tamper-proof.

by Paulo Vizeu for Unsplash - proof of work
by Paulo Vizeu for Unsplash

Now, let’s leave hashes for a second. You have a block of transactions to process. You want to be the first one to process it, because then you get the “mining reward”. The “mining reward” is an amount of new, fresh bitcoins awarded to the first one to process a block. Fresh bitcoins are a good thing to have. So, how do you get them?

You know the hash of the previous block of transactions. That’s public information, it’s on the blockchain. That will form the beginning of your block of text. Next, you take the current block of transactions, the one you want to process, and add it onto the hash of the previous block. Your block of text is growing.

Now, you pick a nonce, the random number that we mentioned above, and add that to your block of text. You perform a hash of that block (= apply the algorithm to it), which now consists of the hash of the previous block + the transactions + a random number. The resulting hash needs to be a string that has a certain number of zeros in front of it.

That doesn’t sound too complicated, right? Well, bear in mind that to find the number, your computer has to perform approximately 10^21 computations. That’s a LOT. It takes on average 10 minutes to find a nonce that gives you the desired string. That is why it takes about 10 minutes to completely process a bitcoin transaction, to get it registered on the blockchain. There isn’t only one nonce that will do it, there are probably several, but you have no way of knowing what they are.

(And if you know your numbers and thought that the possible range for the nonce given above is not very large, you’re right. In most cases all possible nonces in that range won’t get you the hash you want. So then you go and change a second nonce that is buried in the block, incrementing it by 1 or whatever you want, and you start all over again. Complicated, huh? So the total number of possible nonces from the combination of the two is 4.294.967.296^2, which gives you a really huge number.)

Sometimes computing power improves and the pesky nonces are found increasingly quickly. If that happens, the difficulty is increased. This means that the number of zeros needed in front of the resulting hash for the block to be accepted is increased.

Given the immense amount of work that your poor computers have to do, you can see why this system is called “Proof of Work”.

How does that ensure security and integrity?

Imagine that you wanted to go back and change something in a transaction or a document registered on the blockchain a few blocks ago. As I explained above, if you change so much as a comma, the entire hash changes. And since that hash forms part of the next hash, that would change too. And so on. You would effectively have to re-mine every subsequent block. If one is difficult and expensive, how difficult and expensive would it be to successfully get several re-mined? Prohibitively so. Proof of Work helps maintain bitcoin transactions’ integrity.

It can also prevent double-spending attacks. Let’s say that you send bitcoins to one person. The person that you sent the coins to in the first transactions sees that you did that, and releases or sends the goods you wanted to purchase. A second later, you send the same bitcoins to another address that you own. Given bitcoin’s latency (it can take a few seconds for transactions to spread around the nodes, and your second one may arrive at some nodes before your first one), it’s possible that your second transaction gets processed and validated first. Your first transaction is invalid. Are you going to send back the goods? Probably not. This is why, if you are a merchant accepting bitcoin, it is recommendable to wait for a few blocks to pile on top of the one that sends you the bitcoins, to make sure that yours is the one that got processed, not the “nice try!” fraudulent attempt by the sender.

Now let’s assume again that you’re an unethical bitcoin user (shame on you!). To make it likely that your block with the dodgy transaction is the one processed and added onto the chain, you would need to control over 51% of the validating nodes. If it weren’t for the amount of work that each validating node has to perform, you could create as many as you wanted. As many as you needed, in fact, to get 51% of the network. With Proof of Work, you simply can’t afford to. All of those nodes would have to, you know, do the work. There’s no way that the colossal cost would be compensated by the economic benefit.

What does that have to do with consensus?

For any system to work, you have to assume that at least half of the participants have good intentions. You don’t know who they are, though. With bitcoin, it doesn’t matter. Since there’s no way of knowing who the successful validator will be (because the successful choice of the necessary nonce is random), there’s a greater than 50% chance that it is an honest participant.

But that’s not really consensus, true. That’s where the concept of the chain comes in. In bitcoin you can assume that the longest chain, the one with the most blocks, is the “correct” one, and has the network “consensus” behind it. Why? Because the most amount of work has gone into that chain. We’ve seen how each block requires a lot of computing power. So the one with the most blocks has the highest amount of accumulated work invested in it.

And bear in mind that since the blockchain is distributed amongst all participants, they all know what’s on there. If the validators are adding on to a chain, and if it is impossible to know who the validator is going to be, then we can safely trust that the longest chain has the network’s consensus.

If it turned out that we could not trust at least half of the bitcoin validators, and that there was a strong chance that bitcoin transactions could be filtered, manipulated or duplicated, we would pack up and go home and start work on a new system in which we could rely on that assumption. If that happened, all bitcoin validators would lose not only the value of the bitcoins that they hold, but also the investment they made in the super-fast computers that do the validating (and they’re not cheap). So, the network has an economic incentive to stay honest. The network needs the trust in the system to remain intact.

Another way in which Proof of Work helps consensus is the time it takes for each block to be validated. In 10 minutes, you can be reasonably sure that the latest blockchain has been propagated to all nodes. Everyone has had time to receive the updated version. That version has consensus.

by Aaron Li for Unsplash - proof of work
by Aaron Li for Unsplash

Problem solved, right? Not so fast.

Let’s look at the drawbacks.

First, it’s inefficient. Imagine hundreds of computers all around the world churning power looking for a solution to a pointless puzzle. It sounds crazy, right? But the puzzle is only pointless in that it that it doesn’t solve anything. It just acts as a barrier. It does its best to make mining difficult, so that it would be expensive to fake.

Second, it’s expensive. Electricity costs. The super-fast computers cost. To compensate for the high cost of processing these blocks and churning computer power to find the elusive nonce, the first participant who finds the elusive nonce automatically gets a reward of new bitcoins. This is why the block processors are called “miners”. It’s almost as if they dig fresh “gold” out of the ground.

Third, the high cost is leading to centralization of bitcoin block processing. Remember how I said “hundreds of computers all around the world”? Well, they’re not really. Most of them are in China, where electricity is cheap. A kilowatt/hour in China costs $0.11, vs $0.18 in the US and $0.21 in the UK. In Spain, where I live, the variable rate for heavy users reaches almost $0.17/KwH. There are not a lot of miners in Spain (we had headlines just last week of bitcoin miners getting arrested for, among other things, stealing electricity from the neighbours to run their fast computers). Over 70% of bitcoin computing power (evocatively called “hashing power”) is in China.

So where does that leave us?

That leaves us with a secure and decentralized protocol that solves the problem of verifiable consensus, and incentives. It works. It’s not perfect, but so far it seems to be the best option available, at least for bitcoin. It’s not the only option, though, and we will soon look at alternatives, both conceptual and real. The number of blockchains out there is increasing, and each uses a different way of achieving security and consensus. Some are based on Proof of Work, some aren’t, and each has advantages and disadvantages. And if that weren’t confusing enough, there are more and more ideas emerging to improve on or even radically change the current Proof of Work system. Innovators don’t tend to sit still for long.

I want my stuff now: Bitcoin and immediate transactions

By now you know that a bitcoin transaction can take at least 10 minutes to verify and process. And to be really sure that it is permanently and indelibly on the blockchain, you’re supposed to wait for another 6 blocks (at least!) to pile on top. So, technically, a bitcoin payment could take over 1 hour to go through. This obviously is not ideal if you want to buy something with the digital currency. Imagine if you were told that you had to wait at least an hour for your pizza. Or that you had to come back to the store later to pick up your new jacket. You’d be right in thinking that this could be a significant barrier to bitcoin adoption.

So, how do we get around that?

by Sean McAuliffe for Unsplash
by Sean McAuliffe for Unsplash

One method used “back in the day” and which has fallen out of favour is “green addresses”. These are bitcoin addresses that are set up by a “trustworthy” institution (probably an exchange or a wallet) that is willing to advance the funds to the seller, while waiting for confirmed reception from the buyer. If I wanted to send you bitcoins, and I wanted you to feel secure that you had received them immediately, I would open an account with a well-known intermediary, I would send them the bitcoins, and I would ask them to pay you using a green address. They would do so immediately, without waiting for confirmation that my transaction to them was valid. They would trust me because of our working relationship, and probably because I have a balance of bitcoins held with them. The receiver (the seller) would have heard of the intermediary, and would trust their reputation enough to accept that the green address payment is valid. In effect, the intermediary “vouches” for my payment, and the seller trusts the intermediary enough to accept that.

One of the reasons that this system is not used so much any more is that two of the main green address intermediaries back in 2011, when this form of transaction verification was at its peak of popularity – Mt. Gox and Instawallet – ended up imploding. Obviously, trusting intermediaries is no longer an obvious thing to do.

Another drawback is that green addresses are not as private, since the name of the intermediary has to be disclosed. The intermediary’s records would then identify the buyer. Without a green address, the receiver (the seller) has no idea through which intermediary the funds arrived.

Furthermore, using a green address creates an additional bitcoin transaction, which, given the current intense debate about bitcoin scaling, is probably not the most efficient solution.

And, there is the irony of depending on a centralized trustworthy entity to make a purchase with a currency designed to work in a decentralized environment where no trust is needed. 😉

bitgo instant

Some wallet companies are coming up with ingenious work-arounds. Earlier this year BitGo launched BitGo Instant to make immediate transactions possible. After initial risk checks, BitGo Instant guarantees the funds for the receiver. How does it do this? By co-signing. The keys to a BitGo Instant wallet are held by three participants: the user, BitGo Instant and a key recovery service (a third party that generates, stores and protects public and private key pairs). Two signatures are required on every transaction, and in most cases, those two signatures will be the user’s, and BitGo Instant’s. Obviously before co-signing, BitGo Instant will check that the coins have not been previously spent. If that condition is met, BitGo Instant’s co-signature implies a guarantee that the funds will be paid. The only way that those funds could be double spent is if the user enters into a conspiracy with the key recovery service to send those very same coins somewhere else. To prevent this, the service is required to inform BitGo before it co-signs anything. Also, the key recovery service adds a layer of assurance that the bitcoins will still be accessible in the event that BitGo Instant stops operating, as it could provide the necessary second signature, allowing the user to access the funds. BitGo Instant’s risk in this is low, as it can easily verify that the bitcoins are there. And it is an original way to monetize BitGo’s reputation.

As with green addresses, the privacy of this type of instant transaction is lower than the standard, slow option, as the receiver knows that BitGo is involved. With that information, it is possible to figure out who the buyer (sender of bitcoins) is. So these transactions will most likely be of interest to average users who want instant purchase confirmation, and traders who don’t want funds tied up, not even for an hour. Privacy is probably not their main concern.

We will probably (hopefully) see the emergence of other clever ideas that improve the efficiency of bitcoin over the coming months. Instant transactions will not only increase the liquidity in the system by increasing the circulation. It will also dramatically increase the use cases, by offering instant bitcoin trading settlement, instant purchase confirmation, and less risk that the bitcoin exchange rate will move during the waiting time.

“Zero confirmation transactions”, or transactions that have not yet been embedded on the blockchain, are accepted in some cases, but the risk is high, so the practice is actively discouraged. For bitcoin to one day be widely used as a payment method, the “zero confirmation transaction” risk needs to be resolved. Some exchanges and wallets have been looking at probability approaches, but the system needs to find a simpler and more secure way to transact quickly. Even transactions that are one or two blocks deep in the chain are not free from risk of a block re-write, and waiting over an hour (after which the probability of the block being modified falls to practically zero) is often not practical. And until using the digital currency becomes practical, the talk of bitcoin one day replacing cash will remain just that: talk.

Goodbye blockchain, hello ledger

We’ve seen how many bitcoin companies have pivoted away from the digital currency to become blockchain companies. Now, here comes the next pivot: the term “blockchain” is being replaced.

With what? With “distributed ledger”. Not nearly as sexy. But much more accurate, and by that I mean “less confusing”.

We have the bitcoin blockchain. In fact, many insist that the bitcoin blockchain is the only blockchain (“There can be only one”). That is open to fierce debate, and I am in the camp of the many-blockchained universe. I know very smart people who insist that without bitcoin (or other cryptocurrency – and many argue that bitcoin is the only cryptocurrency) as an incentive, the blockchain won’t work. That’s true, if you are operating a blockchain in which the participants don’t know each other. You need a financial incentive to keep it “honest” and to prevent identity-based attempts to control the majority.

But I also know very smart people who insist that blockchains can function well in situations that do not require that level of validation work. If you don’t need the same high level of decentralization and permissionless participation (ie., anyone can join), you don’t need the same incentives. These would be private blockchains, in which the range of participants is limited to a sector or field in which everyone knows each other. While you may not trust everyone in the group, you know who they are and can verify their identity. What you need is a way to allow modifications to the database and the chain of information, while keeping the process transparent.

I’m not going to go into the technical side any more than I already have, at least not today – it’s long-winded and convoluted (and actually only interesting to total geeks like me). To appreciate the trend and the hype, it’s only necessary to grasp the difference between public blockchains such as bitcoin, in which everything is open, transparent and decentralized, and private blockchains, in which participation is limited but which still offers significant business process improvements.

Both systems operate on the same principals, but have slightly different mechanisms. Both technically are “blockchains”. Yet they serve different purposes and have different markets, and calling them both blockchains is generating a lot of confusion. And confusion is not good for new systems struggling to grasp a new concept and explain it to its markets. So, we need to find another name for private blockchains. The obvious choice is “distributed ledger”.  Boring, perhaps. But that’s marketing’s problem. And I’m not sure that the financial sector should sound exciting.

I’m obviously not the only one. Big blockchain players are starting to distance themselves from the “blockchain” label. Some are substituting with “distributed ledger”. Others are not using either. This trend is fascinating to watch, and is just getting started. And in the process, it will bring on a greater clarity of purpose and communication, and foster even more innovation in a sector that really needs it.

Let’s take a look at some of the big names in the blockchain space:

blockchain digital asset holdings

Digital Asset Holdings is arguably one of the biggest. Created as a bridge between the digital currency sector and stuffy Wall Street, it boasts an impressive roster of directors from the financial sector, and deep pockets for blockchain startup acquisitions. Even though its mission is to advance blockchain technology, nowhere on its home page does it mention the word “blockchain”. Nor does the word appear on the explanation of the technology, although “distributed ledger” does.  They do refer to blockchains when talking about their recent acquisitions. But their technology apparently is blockchain-free. Now they call it “Business Logic Engines”. While it’s true that they’re not just focussing on distributed ledgers, it is striking that blockchains are so conspicuously absent from the sales text.

“Our platform can commit transactions to private or public distributed ledgers or traditional databases depending on the requirements of the use case.”

R3CEV has been making headlines recently with its initiative to get big banks to experiment with the blockchain technology. While the press still insists on calling it that, R3CEV has no mention of the blockchain on its home page, not until you get down to the list of press articles about them. They do refer to distributed ledgers, but only once.

Abra, a remittance company that uses the blockchain to send money around the world, has no mention of the blockchain on its home page.  Nor on the “How It Works” page.  If you persist, you can find a well-hidden reference to “modern blockchain technology” on the FAQ section when you click on “What is the technology behind Abra?”.

MoneyCircles is a P2P lending system built on the blockchain, that does not mention blockchain on their home page at all.  When you go to “How it works”, you find it:

“We allow people to create and operate their own credit unions on the Blockchain, which provide savings and lending services to their members without all the usual associated costs and restrictions.”

blockchain safeshare

Safeshare Insurance, which provides insurance for the marketplace economy (sometimes mistakenly called the “sharing economy”) over the blockchain, does not mention blockchains or even ledgers anywhere on their website (that I’ve been able to find, anyway).

BuyCo, which uses the blockchain to make it easier for businesses to get together to buy things, doesn’t mention blockchain anywhere on their home page.

The list goes on…

There’s a whole lot more going on here than a simple re-branding. We’re looking at a clarification, and a step back from the hype. The press will continue to label these companies as “blockchain” players for some time, though. It sounds a lot more interesting than “distributed ledger”, and the press needs a bit of hype to get the clicks. Yet the experimentation on both sides of the bitcoin/not-bitcoin blockchain divide, whatever the system is called, will lead to a greater understanding of the potential, the business models and the economic impact. And we all will get a clearer idea of what the future will look like, with blockchains, distributed ledgers, or whatever the next transformation will be called. Not boring at all.

 

A bouncy bitcoin visualization

Have you seen this? It’s totally hypnotic. You have been warned. It’s also beautifully done. And so over-the-top ridiculous that don’t be surprised if you find yourself laughing. BitBonkers is a physical representation of bitcoin transactions in 3d graphic form. I sat for a while and watched life pass me by, since I wasn’t involved in any of those transactions. And I thoroughly enjoyed myself.

bitbonkers

The balls represent transaction size. The block with the number is the most recent block, and its size. You can move the board around and look at it from any angle (no, you can’t tip all the balls off… although that would be fun!). The attention to detail in this visualization is totally unnecessary. And thoroughly delightful.

Ethereum and Bitcoin

The media seems to relish headlines proclaiming the triumph of a bitcoin rival. And it’s not surprising. Ever since the origins of theatre in ancient Greece we have been fascinated by the inevitable fall of the great and the successful, especially if at the hands of a young competitor. It makes for a very good story, in which we acknowledge the fragility of existence and console ourselves with the knowledge that everything changes. So, the recent headlines will no doubt sound like a compelling combat to the death between Ethereum and Bitcoin, with only one virtual currency emerging victorious.

But it’s not like that. I love a good headline as much as anyone, but positioning the two as competitors does each a disservice. Bitcoin will end up suffering even more blows of misunderstanding and misled scepticism. And Ethereum’s potential will get tarnished with the flimsy “just another virtual currency” brush. The reality is that both can, and should, co-exist, as each targets a different functionality.

ethereum homestead

What is Ethereum, and how is it different from Bitcoin?

It is often labelled an “altcoin” (alternate cryptocurrency), and while that is not inaccurate, it is only a small part of a very big picture. Ethereum does have its own cryptocurrency: ether. But ether is not meant to be a currency as much as it is meant to be used to facilitate Ethereum transactions. It’s complicated, but stick with me.

Glossing over Ethereum’s interesting history and parallels to early computers (which can lead to premature conclusions about its future, I’ll talk about this more another time), the most useful and novel feature is its capacity for complicated instructions. Bitcoin is what they call a “stack” script, which means it executes orders from top to bottom, but it can’t go back a few steps. It can’t loop. Ethereum can include loops, and conditions, and all sorts of cool computing functions that make it flexible and capable of executing relatively complicated sequences. Looping is especially useful for “while this, then that” and “if… then… else” instructions, which contemplate various outcomes and produce different results accordingly. Bitcoin can include “if… then” statements, but if the condition is not met, it simply moves down to the next instruction.

Bitcoin chose to not include “Turing-completeness” (the ability to execute relatively complicated programs) to avoid the possibility of infinite loops. Ethereum gets around this problem by requiring the attachment of a certain amount of “gas”, units of transaction currency which are exchangeable for ether, the official Ethereum currency. Each step in the code packet “spends” a unit of gas. This is what eliminates the problem of infinite loops. Each transaction has a certain amount of gas assigned, each step (including loops) subtracts from the gas available, and when the attached funds run out, the program crashes. End of problem.

Why not just use ether, the official Ethereum currency, to pay for the program execution? Because each function has a set cost in gas units. The exchange rate of ether will fluctuate with the market. By separating the Ethereum currency from the cost of the execution functions, the system strips out the cost volatility, which will make developers’ lives much easier. The cost of an application in gas can remain constant, it won’t need to be frequently updated. What fluctuates is how many gas an ether can buy.

This same system keeps Ethereum light. Running complex code will end up being expensive, not just in computing power and storage, but also in money terms. With each step carrying a cost, developers have a strong incentive to write tight code.

This complexity makes Ethereum ideal for blockchain-based smart contracts. You can issue currency, manage domain registrations, create an identity management system, set up a decentralized social network, program on-blockchain gambling, create Decentralized Autonomous Organizations, file crop insurance, generate financial derivatives, build a blockchain dropbox, run a P2P crowdfunding campaign, set up prediction markets, manage escrow payments, run decentralized auctions, play around with the internet of things, and much more.

A lot of this can also be done on Bitcoin. Theoretically it is possible to do pretty much anything with Bitcoin that you can with Ethereum (note the with Bitcoin, not in Bitcoin). But programming complicated smart contracts in Ethereum is easier.

If Bitcoin can be called “programmable money”, Ethereum is even more so. Only Ethereum is not about “money”. Bitcoin is. And therein lies the main difference. Unlike Bitcoin, ether is not intended to be a universal currency. It is intended to facilitate transactions. Even the Ethereum blog acknowledges the difference: “What Bitcoin does for payments, Ethereum does for anything that can be programmed.”

Ethereum is still new: it only officially launched its development platform last July, with an update released in February 2016, just over a month ago. And as such, it is still relatively untested. Yet that doesn’t seem to dampen enthusiasm. The ecosystem is growing, and includes not only techies but also musicians, artists, politicians, lawyers, sports fans…  I went to an Ethereum event recently in Madrid that ended up standing room only.

The potential of Ethereum as a platform lies in the hands of its developers, very smart people coming up with breathtaking ways of improving efficiency and adding functionality to information transfers. It also lies in the hands of non-developers who want to push the boundaries of what is possible, and to see how far we can reconfigure established ways of doing things. It’s exciting. Both Bitcoin and Ethereum are disruptive and revolutionary. Bitcoin has a longer history (all of six years!), and as a result also has a longer list of problems and obstacles. Ethereum is learning from Bitcoin’s mistakes, and is focussing on a different path, in technical and also in philosophical terms. Both will contribute to a new level of innovation that will have a material and lasting impact on how our society and our economy works. It’s not a competition. It’s a joint project, with the explicit goal of pushing boundaries. Like the Captain said: “To boldly go where no one has gone before.”

ethereum

(For more on how Bitcoin works, see Bitcoin Basics.)