2015-12-31

Some crypto projects I'm most looking forward to in 2016

As the year draws to a close I would like to list off a few projects that I find interesting and would like to see develop further in 2016. So, in no particular order...

Sidechains


For those that don't know what Sidechains are, it's essentially a technology that would allow us to move bitcoins out of the Bitcoin blockchain, lock it in place while they are handled on a separate network, and then be able to redeem them at a later date without relying on a centralized third party. This would allow us to implement a lot more projects that aren't currently possible on the Bitcoin network without having to bootstrap an entirely new currency to do so (say, like BitShares or Ripple).

While I might've complained that Liquid doesn't live up to the promise of Sidechains, I still believe that Sidechains are a very important technology that I'd love to see on the Bitcoin MainNet and Blockstream is probably the most likely company to bring us the technology. Here's for hoping we might get the required soft-fork at the same time we fix the blocksize problem...

Tether


I loved the idea behind Tether even before I heard about Tether. It essentially boils down to having dedicated companies (gateways) focus only on fiat deposits, withdrawals and safely holding onto customer funds, while issuing digital IOUs for their deposits. This in turn would allow people to build currency exchanges and other financial services without having to rely on reinventing the wheel and also getting all the banking setup needed to create a complete product. Moreover, if you'd have multiple exchanges using the same fiat IOUs, it would be theoretically possible to have very fast exchange-exchange settlement in both BTC and fiat allowing for better arbitrage.

While I might disagree with the choice of technology and a few design decisions of how Tether operates, I'm still very much interested in seeing this concept developed further.

Bitcoin bridges


A bridge is a service allowing one to seamlessly transfer money in and out of a network. While the term itself is mainly used in Crypto 2.0 networks like Ripple, we have a few examples of bridges cropping up in the Bitcoin space as well - Coins.ph, Living Room of Satoshi (both outbound bridges, doing BTC->fiat), or BitWage (essentially an inbound fiat->BTC bridge). Having such bridges functional in more countries would allow us to start building some pretty interesting solutions in the near future...

Abra


Abra is a peer-to-peer remittance project (still in development) that is said to use Bitcoin in the background to do international settlement. It can develop into a very interesting project is handled correctly, possibly becoming the Uber of remittance. Unfortunately, since everything is still in development, there isn't much else to go on. Hopefully 2016 will bring us some more light on the subject.

Interledger


Interledger is an interesting initiative to create a payment protocol that could work across multiple ledgers / blockchains / banking networks. If implemented correctly, it could augment the technologies like Tether, bridges, Ripple and a few others and possibly bring us some really interesting projects in the future. However, like with any project that size, I doubt we will see much progress in just a years time, but time will tell.

R3CEV


It seems that there are more rumours and discussions of said rumours about what R3CEV does on various social media, rather than actual information from informed sources. However, with the amount of banks involved and some of the people on the team, the project is in perfect position to deliver us a lot of interesting news over the next year.

Ethereum


While Ethereum has launched this year, I still think we haven't see it reach its full potential. Using it feels like a developer-grade software, rather than a consumer application. I would like to see what new and interesting applications are developed on the platform in the coming year.

Codius


Unfortunately from what I heard, the Codius project has been shelved for the time being. It was aiming to be a universal protocol and hosting standard for smart oracles, in which everyone could review the code that the oracle was to execute. This would allow for a lot of interesting projects - decentralized voting pools for cryptocurrencies, automated arbitrage bots, distributed messaging and so on. While I'm not holding my hopes up, it would be interesting to see the project revisited in the upcoming year.

Conclusions


So that's my list of project I'm looking forward to hearing more good news about in 2016. Beyond that, I hope we finally figure out how to scale our Bitcoin blockchain, have a mostly uneventful halvening event and not experience much of a dip in the coin price. Here's for hoping for another great year in the Bitcoin world!

To the moon!

2015-12-22

An overview of eCurrency Mint

eCurrency Mint (not to be confused with MintChip) is a new startup backed by an eBay founder that is aiming to create what looks like a Crypto 2.0 network augmented with anonymous transactions. It looks to be aiming to create a digital cash system - allowing central banks to issue tokens that anyone can anonymously transact in, just like with physical cash. Lets have a look and see if the idea is feasible.

Features


Based on an article from Payments Source, the Mint appears to:


  • Allow central banks to issue digital currencies
  • The issued currency is untraceable ("eCurrency Mint [...] doesn’t let a central authority track the ownership and usage of the digital money"), although "individual countries could implement the technology differently"
  • The currency would take a form of "cryptocomplexes", which would either be similar to Bitcoin transactions, or be their own atomic tokens (the text is unclear) ("[I]nstead of printing a billion one-dollar bills, [a central bank] would issue digital objects called cryptocomplexes that it would inject into the financial system much as it does cash today")
  • "[E]ach [cryptocomplex] keeps track of itself. Through a unique identifier, each unit is forever associated with the original block from which it came. The central bank would know immediately if the total of all the pieces added up to more or less than a billion. But it wouldn’t know where each piece is, or who owns it."
  • "There’s no general ledger like bitcoin's blockchain for eCurrency."

Analysis


Based on those features, it looks like we are dealing with a ledger-less currency similar to either Open Transactions or what MintChip was supposed to be.

The biggest design challenge of what was described is the anonymous aspect of the currency. While the details of what the author meant by "cryptocomplexes" remains unknown and more details would be needed for a proper analysis of the technology, what is being presented is not beyond the realms of possibility. We can look at Dash's DarkSendBitShare's TITAN, Confidential Transactions proposed by Greg Maxwell as examples of how this can be achieved, at least in a ledger-based network. For a setup like Open Transactions, you would probably use some scheme based on blind signatures for the notaries.

While what is presented is technologically possible, the scheme could be found illegal under various rulings, such as the 2013 FinCEN guidelines on Virtual Currencies. While it would be feasible to perform full KYC on when the currency enters or exists the system (at least until there is even a need for such transfers before money becomes completely digital), losing the ability to track, freeze, seize and audit the financial records of various people might be seen as helping money laundering and criminal activities.

Conslusions


The information presented about the eCurrency Mint paint a technologically plausible picture of a new anonymous, ledgerless Crypto 2.0 system similar to some of the features described by MintChip. It would be interesting to see more technical explanation of the proposed system, as well as an overview of how such a system could fit into the existing regulatory framework.

Due to the heavy emphasis on anonymous transactions, I doubt the eCurrency Mint will ever be considered for adoption by any government or central bank in its current form.

Related articles:


2015-12-14

The speculation market of everything

Sometimes it is very interesting to take a step back and look at how we act in the modern world. We seem to be striving for passion and excellence in everything. If it can be compared, we are becoming connoisseurs in it. If it can be done, we will compete in who can do it best. And if it can be sold, it is very likely there will be plenty of room for us to speculate on.

Magic the Gathering and Bitcoin


Magic the Gathering and Bitcoin have some interesting history. One of the first and biggest Bitcoin exchanges originated from "Magic the Gathering Online eXchange" - MtGox. However, that is not the story we'll be talking about today.

A few months back at /r/Jobs4Bitcoins subreddit someone was paying people to buy out and burn some Magic card - Seance. Fast forward a few months to 5 days ago and the same user offered a bounty of $40k to a any pro tournament player who would build and play a deck in a Magic tournament around that specific card (the text of the original thread appears to be removed unfortunately). Some people are already putting up some theoretical decks around it, while a lot of people are asking what's going on. Some more astute redditors have already seen through to the real motivation behind those actions - market manipulation.

Yes, it looks like speculating on the market of Magic the Gathering cards is an interesting investment. If a card becomes popular to play in some tournaments and it is in limited supply, it can appreciate in value.

Even if you are not affecting the market, there seem to be a lot of people speculating on price of various cards. Some are also gambling on opening packs of old cards in full latex gloves in hopes of finding mint condition rare cards to later have them sealed and graded for resell value.

The unregulated, legal inclusive investment market of... sneakers


Collectible card games is not the only game in town when it comes to speculation, investments and human ingenuity when it comes to making money with a passion. Apparently, the secondary market for Nike shoes is quite interesting:


If you are savy enough, you can build your own portfolio of shoes, track its worth over time, and hopefully gain better return than investing in Apple stocks. The resell market for Nike shoes is apparently even bigger than the actual market for Nike's biggest competitor... Just watch the video - it's fascinating.

Everything else


It seems that this sort of behaviour is rather common in many places. Awhile back someone in the EVE Online subreddit described how he made his Internet fortune buying and selling limited-edition items (unfortunately, the original thread seems to be deleted). His total net worth was about 2.5 trillion ISK, worth about $40k at today's PLEX value of $20 - 1.2 Billion ISK (explanation on how this works). There are plenty of other stories from the EVE universe on people creating monopolistic cartels or speculating on future patches.

Of course, a lot of people will also point out the notable stories of Beanie Babies and the Tulip Mania bubbles and they would be right to do so. Collectors markets are inherently speculative and sitting under the Damocles Sword of the company that is creating the items. If they created it once, they could recreate it again and destroy any value such items would hold.

The future?


With all that being said, it would be interesting to see more sophisticated speculation markets pop up for collectible commodities. Being able to invest in portfolios of art, speculate on drug research, short some overhyped videogames, or perhaps bet on whether or not a terrorist attack might take place.

If there is money on the line, there is a room for a speculation market...

Related articles:

2015-12-07

Irrational Bitcoin mining

Last week we discussed the economics of P2Pool mining with low-powered miners. One of the more interesting comments I came across while doing some research for the topic talked about the possibility of companies like 21 Inc creating a scenario where the Bitcoin mining becomes completely unprofitable for anyone that has to pay their electricity bills. Lets examine how this scenario might impact Bitcoin.

Creating irrational miners


In game theory, one generally assumes that every player in the scenario behaves rationally, that is to say - they are motivated by maximizing their own profits. In the Bitcoin mining world, every large-scale miner is rational - they care about their bottom line and profits. If it is profitable to mine, they mine, if not, they either switch to more efficient hardware (CPU->GPU->FPGA->ASIC->better ASICs), don't turn on their miners (minimizing losses), or outright buy bitcoins from the market (if they aim to accumulate bitcoins).

Since the Bitcoin difficulty is self-correcting, eventually the market weeds out the most inefficient miners until mining becomes profitable again. All in all, it's a strange mix between the tragedy of commons and an arms race that makes Bitcoin more and more resilient to attacks (a potential attacker would have to incest more money into the attack than everyone else combined).

However, earning money from mining is only one motivator a potential miner might have. Just like Google indirectly benefits from laying down Google Fiber that gets more people onto the Internet where Google can monetize them with ads, Bitcoin companies might devote some of their resources to mining even at a loss. For example, SatoshiDice might want to have its own mining pool to push through all of its pending transactions that some other pools might consider to be spam. Big exchanges would similarly want to make sure all of their deposits and withdrawals are processed faster than its competitors, etc. Lastly, companies might want to mine just to make sure the Bitcoin network is more decentralized.

And now, with companies like 21 Inc pushing for inclusion of their mining chips into various devices, we might see an emergence of essentially botnets of low-powered miners contributing their hashing power to their creators.

Botnet mining


Botnet mining bitcoins isn't really all that new. We had some mining viruses bundled with torrents, esports server code, or even embedded in websites through WebGL. However, since nowadays mining with anything short of a dedicated ASIC chip is worth less than the coding time required to run it. However, if we start embedding small ASIC chips into devices, things might get more interesting...

It would be possible for hardware manufacturers to include physical bundleware / crapware into their products similar to how phones nowadays come with pre-installed bloatware. Like 21 Inc's investor slides suggest, those mining chips would probably come with pre-defined address they will be always mining a portion of their income to, creating a revenue stream for the chip or phone manufacturers, or perhaps network operators or the like. I would also suspect that for some amount of time most of those chips would be locked in to a specific pool (similar to carrier-locking), which means most of the value of the chip will probably be extracted in a controlled fashion.

All in all, what would this boil down to? Most likely, the people that purchase the device with a bundled miner that would mine for a specified pool say, when the device is plugged in or charged. Maybe if we're lucky, those devices would mine on something like P2Pool, but that has its own problems. The customers might not notice their devices eat up a few extra dollars of electricity and could break down faster after the warranty is over. They would get some dust balances to use in the Internet of Things, but that wouldn't matter much in comparison to some other implications.

The Bitcoin difficulty could be pushed up over time, accelerating its already fast growth. Traditional for-profit miners would have harder and harder time competing in the market against the botnet. If the miners would really be pushed into every device, they would probably be unable to compete shy of plugging new chips in straight from the factory for mining before consumer electronics devices would go through the process of production-shipping-sale-mining. ASIC manufacturers would probably start offering their own mining chips and compete to build their own botnets of devices with bundled miners. Perhaps there would be some market for second-hand mining chips - the manufacturers would first mine with a fresh batch of chips to get in on the lower initial difficulty (possibly under the pretext of "stress testing"), then when it becomes unprofitable, the chips would be sold to consumers, a bit like what Butterfly Labs was doing, only on a bigger scale.

At that point, we would probably see traditional Bitcoin mining pools be replaced with pools owned by chip / hardware manufacturers or network operators. While the talk of "redecentralizing Bitcoin" is all well and good, when push comes to shove I doubt final consumers would be mining through P2Pool if the profits could instead be directed through some big corporation's pocket. Providing the cost of running such a pool would be small, you could still squeeze in a bit of money out of your consumers by making them pay for the electricity used in mining.

Getting your bitcoins for cheap / free might be undesirable, if you subscribe to the labour theory of value (a good is worth about as much as it costs to produce it). While a mining pool today might be more careful with its hard earned coins - selling them for as much as possible, waiting to sell if the price dips, etc. - a botnet mining pool might not care as much. They might also not care as much about various Bitcoin issues - they might not vote on various BIPs, not care if their software provider creates a pool that censors some transactions, create empty blocks, be easier to sell their mining power to "double-spend-as-a-service" pools, etc. If the mining is forced onto the users, they can't vote with their feet unless they are willing to unplug their electronics completely.

Conclusions


While the current state of largely centralized mining pools might be a potential Sword of Damocles hanging over the Bitcoin network, they have a strong incentive not to attack the network:

If a greedy attacker is able to assemble more CPU power than all the honest nodes, he would have to choose between using it to defraud people by stealing back his payments, or using it to generate new coins. He ought to find it more profitable to play by the rules, such rules that favour him with more new coins than everyone else combined, than to undermine the system and the validity of his own wealth.

Giving the mining power to everyone through a P2Pool-like solution might be seen as similar to low information voters - a lot of them would not know what to do.

If embedded mining chips become more widespread, we could see them disrupting the current mining status-quo, but I ultimately doubt the new mining pools would be much more decentralized than the current ones. They would also have less incentives to care about the Bitcoin network - it's not their main business.

Only time will tell how this will play out.

2015-12-01

P2Pool and low power miners

Recently, we got a new insight into 21 Inc's plans for its mining computer / chips - allowing the device to connect and mine on any pool, and ultimately - mining on a P2Pool-like network to further "redecentralize Bitcoin". This got me thinking about whether P2Pool would actually be compatible with a potential large swarms of low-power devices mining together. Lets see how it might work.

What is P2Pool?


P2Pool is an interesting idea that came about around 2011 to address the growing centralization of Bitcoin mining in mining pools. Instead of connecting to a centralized pool, a miner would instead join the P2Pool decentralized network and start mining there. The block reward would be split between peers based on how many "shares" they contributed to the decentralized network - essentially creating a decentralized "Pay Per Last N Shares" mining pool.

What is very interesting about P2Pool is that it allows for the decentralization of mining - anyone can join the network and contribute, you are free to mine for any valid block as long as you respect the mining reward distribution and all in all it once again allowed smaller miners to mine for Bitcoin blocks without relying (or giving power to) any centralized third party.

However, P2Pool is not without its disadvantages.

It is reportedly underperforming / being "unlucky", indicating that it might be experiencing a higher rate of orphaned blocks. This could be due to traditional mining pools optimizing their new block discovery time (I heard someone mentioning a dedicated communication network for the mining pools, but I can't find a source for that claim currently), while P2Pool might be reliant on the Bitcoin network itself, which can take a few extra seconds to populate.

P2Pool coinbase transactions are pretty big in comparison to the traditional mining pools' transactions. This means the blocks themselves can process a few fewer transactions, and there is a practical limit to how many outputs one can reasonably fit into a transaction to pay for the last N mining shares.

Mining at a traditional pool uses about 20MB per day, or 600MB per month. In comparison, P2Pool puts a much higher burden on the data transfers at about 38GB per month before we start taking the resources used up by BitcoinQT which you also have to run.

All in all, if you are mining on a computer with a good internet connection, a reasonably powerful set of miners attached and you don't mind earning a few percent less than you otherwise could, then P2Pool is not a bad choice.

However, what if you are dealing with mobile devices equipped with low-power mining chips?

21 Bitcoin Computer with P2Pool


Looking at the limitations of P2Pool and what 21 Inc is aiming to do with their mining computer, there are a few problems that stand out.

Currently, P2Pool pays its miners directly in the block coinbase, while 21 Inc prefers to buffer the balances at its shared wallet before letting you withdraw the mined dust to a wallet. If the 21 Bitcoin Computer was instead to be paid directly with the coinbase, you might quickly run out of block space. Looking at some sample P2Pool coinbases (1, 2), we can see about 200-250 outputs being included on average, taking up about 8kB of space. This roughly puts an upper cap of 32'000 outputs on a transaction before a whole block is filled with only the coinbase. Equally divided, every output would receive about 78125 satoshis, worth about 27 cents (at  current 356 USD/BTC exchange rate). This would represent about two days of mining for one of the 21 Bitcoin Computers.

32k computers mining a block every two days is fairly incompatible with 21 Inc's vision of "buffered pool mining" (quick way of mining coins to use for transaction) and putting a mining chip into every gadget.

Based on the amount of unique entities you want on the Bitcoin network, we can start extrapolating how often they could get paid on average. Sticking with the 32k outputs per block, we would have 4'608'000 daily outputs. If we looked at the sales of only iPhones in Q4 2015 (48.05M), we would require over 10 days worth of blocks to credit each of those devices individually. This is all before those transactions are again spent, before taking into account all the other smartphones, quarters and every other potential device one could think of in the Internet of Things world. All in all, Bitcoin couldn't handle this level of spam even if the blocks were increased.

Looking at the mobile data plans of a company like AT&T, 40GB/month would cost one about $300, or about $10 per day. The data price for P2Pool alone is 37 times more than the 21 Bitcoin Computer would earn. Mining at a pool would cost somewhere between $20-$30 worth of a data plan, making the data only twice more expensive than the bits one would earn before taking electricity costs into consideration.

Optimizing for your needs


All in all, it would appear that with mining, like with project management, you have three variables:

  • Centralization vs decentralization
  • Low vs high variance
  • Whether small devices can efficiently mine or not
But we can only pick two of them. Decentralized low variance mining but not good for small miners? That's P2Pool. Centralized low variance mining for any device? Centralized pools. Decentralized mining for any device but with high variance? Solo mining.


Possible solutions?


While with the current technology it might be rather impossible to achieve what 21 Inc is aiming to achieve in full, there are some ways one could compromise while still achieving some of the desired outcomes.

First of all, one could try creating an intermediate solution between a fully decentralized P2Pool and a completely centralized mining pool. Perhaps we could see a lot of new, smaller mining pools popping up based on carrier, manufacturer, geography, etc. that the devices could connect to and contribute the mining power to instead. This would allow the balances to be stored on shared wallets and used accordingly, perhaps aggregated into bigger payments or some off-chain settlement between those nodes (and oh god, we're coming back to the tired 2013-era block size debate and ways of settling without bloating the blockchain...).

We could focus on creating bigger mining devices that would power our mobile wallets. This device could stay at home and mine coins using the standard P2Pool protocol, rather than having a miner in every device. This would probably just get us back to the buy vs mine debate once more though. We could even do without all the physical mining and purchase some virtual mining contracts instead... Moreover, the situation is no different than what one can currently do with the existing mining hardware and since we don't seem to be doing that en masse suggest we wouldn't do it in the future either.

Lastly, we could just ignore the variance and mining profitability altogether and just starting to waste money for the benefit of the Bitcoin network. While this might sound crazy, it might not be that far-fetched of a plan. Chip manufacturers would probably make more money than the chips could ever mine, so they could just fork over some money to pay the mining rewards in a Pay-Per-Share scheme. Mining would still go to secure the network, perhaps in an inefficient way, and we might just end up with the entire Bitcoin mining ecosystem being generally unprofitable to mine in. Since the cost of mining would be distributed between potentially many millions of people, the individual burden might be small in comparison. However, this entire idea would best be suited to an entirely separate post I might do at some other time.

Conclusions


All in all, P2Pool currently is rather incompatible with low-power miners, especially if data bandwidth and profitability is an issue. If there is some way to solve the the underlying problems with how P2Pool operates to address those issues, I would love to hear more, but I doubt we'll see any concrete informations on the subject any time soon.

2015-11-19

21 Bitcoin Computer - the Macintosh of Bitcoin

It looks like the 21 Bitcoin Computer has began shipping recently for $400 apiece. Moreover, we also got a few extra bits of information from the 21.co website about some features and solutions of the machine and the ecosystem in general. Since guessing the business model of 21 Inc seems to be everyone's favourite activity for about half a year now, lets not waste any more time and dig right in.

The hardware


First of all, we've got some photos of the actual machine. The packaging looks good, the mining component of the device looks sleek and elegant, while the actual computer is a standard Raspberry Pi 2 (according to the FAQ). Strange it doesn't come in a case, especially given that even their setup steps seem to be aware that this might cause some problems:



The 21 Computer's mining chip appears to have the following specs:

  • 0.16 Joules per Gigahash
  • 50 Gigahashes per second
At the moment there don't appear to be any upgrade / swap options for the machine.

This seems to put it in the same category as Antminer U3 Batch 2 - currently selling for $20 and clocking in at 63GH/s. The energy efficiency is rather odd - comparing it to existing solutions, it would be at roughly 6250 MHash/J, while the top performer, AntMiner S7 performs at 4000 MHash/J. This would seem to suggest the chip is underclocked to be more efficient.

This is a little ironic coming from a company that wants to put mining chips into mobile devices - if you're worried about the power efficiency of a device that runs straight from a power adapter, and yet you want to include extra power hungry hardware in devices that run off battery power...

At any rate, this puts the value of the whole package at under $100 (with the Rapsberry Pi 2 along with all the extras selling for about $70 at the moment). But, the hardware isn't everything, so lets look at what else we get with the 21 Computer.

The Software


It looks like the 21Inc's software is quite packed with features. The CLI looks exhaustive, you can run a full Bitcoin node, you have your wallet, etc. We have some reports of people running things like the Open Bazaar project on the device just fine.

All in all, it looks like the software is the meat of the package. I've seen a number of people being interested in the software component more so than the whole package itself. Luckily, it seems that one can get the whole open source software without having to buy the 21 Computer:

> curl https://install.21.co/bitcoin-computer/install.sh | sudo bash

Beyond that, I personally don't have much else to say about the software in general. It looks to be delivering on what it's promising in one neat package.

The Rest


Beyond the hardware and software, it looks like (at least for now during the launch week) 21Inc has some responsive consumer service, which is great to know. If some people get into Bitcoin because of this computer, this can be a very valuable service to make sure they stay interested in the service.

The 21 website has a few interesting tutorials on what could be done with the software. Moreover, with the $200 tutorial bounty, we can expect to see more articles popping up over time.

Beyond that, we come into some more interesting nuggets of what could either be something really insignificant in the future, or perhaps will end up as a starting point for something more insidious...

The Quirky


Wallets

It seemed that from the very beginning, 21Inc was aiming to sell everyone on the idea of combining Bitcoin mining with Internet of Things. However, as I discussed almost half a year ago exactly, this makes no economic sense whatsoever. Mining dust wouldn't even cover for the transaction fees, much less amount to anything useful.

However, in their tutorial on micropayments, we can see that probably the encouraged method of transferring money between individuals won't be the Bitcoin network itself, but the so called "BitTransfers", which looks like a fancy way of saying "shared ewallet transfers". In other words, 21Inc is building itself up to be something like CoinBase for the IoT world - settling peer-to-peer transactions using its centralized database.

Mining

Now, to load the wallet, one would of course mine the coins using the 21 Computer. Even in this area could be spruced up with some marketing talk, as we go into the mining tutorial and "buffered pool mining". 

We start with a time lesson talking about transitioning between CPU mining into pool mining when one couldn't realistically mine a block by themselves. Pooled mining allowed one to reduce the reward variance (without the pool, you either got a whole block and 50BTC, or no block and no reward, while pooled mining allowed you to get a fraction of the reward, but at a more regular pace). 

Afterwards, we seem to get a vision of what 21Inc wants to sell as the vision for its computers - "redecentralizing Bitcoin" by the use of "millions of mining chips worldwide each generate a small stream of bitcoin" as they believe the ASIC chip development will start following the Moore's law in the near future.

However, since the default way (and possibly the only way without modifying the software) to mine on the 21 Computer is to connect to the 21Inc's pool and receive the dust rewards in your 21 shared ewallet, it's not really a decentralization of mining as it is adding another central server to the equation.

Perhaps if we would instead see P2Pool on the device we could call it an effort in the right direction, but then you wouldn't be able to solve the mining variance problem very well, nor would you lock people into your walled garden of an ecosystem.

In the next section we get another new buzzword - "Buffered Pool Mining". You see, 21Inc believes that if you're mining in a pool, you will have to wait:
  • For the pool to mine a block before you get paid
  • To mine enough coins to reach the minimum withdrawal threshold
  • For the block to mature over 100 confirmations before you can get paid
  • To earn bitcoins before you can spend them again if you run out

Instead, 21Inc essentially combines its shared ewallet with the circa 2011 BitPenny's idea of Pay-per-share. As described in the Bitcoin Wiki:

The Pay-per-Share (PPS) approach, first described by BitPenny, is to offer an instant flat payout for each share that is solved. The payout is offered from the pool's existing balance and can therefore be withdrawn immediately, without waiting for a block to be solved or confirmed. The possibility of cheating the miners by the pool operator and by timing attacks is thus completely eliminated. 
This method results in the least possible variance for miners while transferring all risk to the pool operator. The resulting possibility of loss for the server is offset by setting a payout lower than the full expected value.

I wonder how hardened is the 21 mining pool against what an attacker with a state-of-the-art mining rig could throw at it...

But we also get one more interesting feature, which is essentially Bitcoin, lets say, nanolending:

Finally, you do not need to send N hashes to the server before getting N hashes worth of mined bitcoin. That is, by invoking 21 mine your 21 Bitcoin Computer can receive bitcoin in advance of future mining at the expense of a small asymptotic slowdown in the rate of bitcoin streamed to your device.

Which considering the price tag of the machine is still rather amusing.

We conclude the tutorial with:

The basic idea is that buffered pool mining is a new way of getting bitcoin: not by buying huge quantities slowly for investment purposes on an exchange, but by mining tiny quantities rapidly for programming purposes at the command line, rate-limited by a mining chip.

I guess someone forgot the middle-ground of being able to buy a small amount of BTC, for example by phone, getting small amounts of coins for free (through facets or by signing up to various wallets), or if you're really a developer, using TestNet Bitcoins.

Anything else?


As someone that frequents the Bitcoin-related subreddits, I noticed a large amount of submissions about the device recently. That's to be expected when a new, big product launches and everyone gets their hands on it. However, some of the submissions and discussion appears to be somewhat astroturfed. Submissions titled "Whoa" that aren't some Shiba Inu memes generally don't do very well on a crypto subreddit. Cynical quips usually stick better, you rarely see people talking in bold (1, 2), and hardware is rarely inspirationally compared to some major milestones in commercial computing. Even the self-post appear a bit defensive (1, 2). My money would be on at least some of the sentiment being not entirely as grassroots as it might appear in the first place...

Conclusions


Coming back to the title of my post - 21 Bitcoin Computer to me looks like a Macintosh Computer for Bitcoin - an overpriced, underpowered piece of hardware coupled with some decent software. It appears to be building the roots of a walled garden of closed-loop wallets and related ecosystems. If you're a developer, you can do better, both in terms of mining performance, computing speed and price for a throwaway machine for testing. Their software and related articles appear to be the main piece of value added.

For $400, even for a "dev kit" as it's sometimes advertised, I would still rather buy some BTC (by "buying huge quantities slowly for investment purposes on an exchange" - which would still be a smaller investment than the machine) instead of committing to mining. But perhaps it's like some random comment said on Reddit - "the investment will get you to commit to using it".

Related discussions:



2015-11-17

Sample bankchain feature set

In the recent months, many banks and other financial institutions started looking into the blockchain technology as a potential improvement on their current architecture. Below is a sample feature set of the cryptocurrency technologies that can be used to reimplement and possibly improve upon the banking system as it is today.

Transactions


In all cryptocurrency systems, transactions are the most basic building block of the value transfer network. They have a few important features, including:

  • Atomic nature - a transaction can either succeed fully, or fail completely. There is no middle-ground that wasn’t specified beforehand (for example, Ripple’s partial payment flag). It is even possible to have complex transactions that hop across multiple currencies that are still atomic. 
  • Self-contained - a transaction in most cases provides all the information that is needed to verify whether it is valid or not. It specifies exactly which money it is spending, quite often how much money is left, as well as contains a digital signature authorizing the move of funds. 
  • Undisputable ordering - once transactions are included in a block, their ordering is undisputable. This allows everyone to be able to verify exactly what state the system was before and after the transaction was applied. There is no data discrepancy between the participating institutions as to what happened without the need to resort to a centralized authority. 
  • Cryptographic authorization - in the crypto world, there is never a doubt whether someone is authorized to spend the money. Either they own the private keys and can authorize the payments, or they don’t. Moreover, each signature is only valid for a given transaction, so a few authorization problems are mitigated (replay attack, man-in-the-middle, etc.). 
  • Easy multi-party escrow - also known as multisig. This allows money to be held by multiple parties in such a way so as to only be spendable when a minimum threshold of parties agrees to spend them. 

Currencies


In the cryptocurrency space, there are essentially three types of currencies.

The most prevalent is a native crypto currency or a digital token. Those are currencies issued by decentralized autonomous organizations, either in the form of complete crypto-networks (like Bitcoin, Litecoin, etc.), or autonomous smart contracts. Those tokens are usually perfectly, mathematically scarce, have a predictable minting schedule and a clear set of rules on how to transact in them. However, due to their decentralized nature, they don’t represent real-world assets very well.

The second kind are derivative currencies (such as BitUSD), which are still created and maintained in a decentralized fashion (without a central or collective counterparty), but through known financial contracts (futures, contracts for difference) can track the value of real-world assets and currencies. Their counterparty risk takes the form of the financial derivative market.

The third kind are IOUs, digital currencies issued by centralized or collective parties usually backed by real-world assets and currencies (such as SnapSwap.USD, BitStamp.BTC, etc). While they are subject to counterparty risk, they have an advantage over the derivative currencies by most often being easily redeemable in kind from the issuer.

Different cryptographic systems have different requirements when it comes to those currencies. A decentralized network will have to have at least the native digital token to avoid spam attacks at the very least. Having that currency, they can also incorporate the remaining two as needed (see BitShares and Ripple for an example). Permissioned blockchains don’t need a native digital token, as the network participants are known entities and can be made liable in case they intentionally disrupt the network. As such, it makes a lot more sense for those networks to mainly feature digital IOUs.

IOU issuers


IOUs in a cryptocurrency network can be a powerful tool. They are useful for not only tracking the value of real-world assets, but also for tracking the trust associated with the currency issuer. If 1 USD from Bank A trades for 1.02 USD from Bank B, we can infer that A is more trusted than B.

When talking about IOUs, there are generally two models that can arise in a system - a web-of-trust or a gateway model (with the real-world examples usually being a mix of the two). In the first model all parties trust one or more parties in the web and money flow is rippling through the system between parties (this is a basis for old version of Ripple). In the gateway model, we have a few central authorities everyone relies on to securely issue and redeem the IOUs everyone else uses (this is a basis for the new version of Ripple). The latter approach might be more useful when there are different classes of peers on the network (governments vs big banks vs small banks vs credit unions, etc.), but the former is useful compliment for smaller-value settlement between the same classes of peers.

IOUs inherently track debt between parties (if you have 1USD IOU from me, it means I owe you 1 USD). In systems like Ripple it is also paired with another variable - trust. Trust limits the amount of IOUs / debt one is willing to take from another individual. This can be especially useful if say, two banks established a mutual trust between one another to simplify payments or reduce their costs. They might agree for example to extend $1M line of credit between one another and use that channel for settlement for any payments made between their accounts. If the credit limit is ever reached, they can still settle with potentially more expensive IOUs from a gateway (say, a government), or settle the debt in some other way and resume operating with the cheaper IOUs.

Decentralized exchange


Having a number of currencies issued on a decentralized network opens up a lot of possibilities. Most useful one perhaps being a decentralized exchange allowing trading between any currency pair. With an open market accessible to all peers, one could expect to drive the spread for performing FX trades to spot, even for small value transactions. Having that, one could expect to start seeing the Singularity of Money going into effect, where the currency you own would not matter as much as the value of that currency. Multi-currency hops would allow one to route money through the most efficient market in the web of value allowing for easy bootstrapping of new remittance platforms and applications.

KYC


An important aspect to consider while designing a crypto network is how it can comply with KYC regulations. While decentralized networks such as Bitcoin are focused on fostering strong pseudonimity, permissioned blockchain users in most cases would be interested in dealing only with known parties. This can be achieved by either having all entities in the system known and explicitly recognized, or having a more open system but with each peer being responsible for doing their own KYC.

The first is a model that seems the most popular with private permissioned blockchains such as MultiChain, where the creators of the system explicitly have to grant read and write permissions to every network participant (thus giving them an opportunity and potentially a responsibility to perform the KYC on everyone).

The latter model is more popular on public blockchains that allow permissioned access, such as Ripple. There, every gateway can explicitly either blacklist addresses to prevent them from using the IOUs they created, or create a whitelist of only the addresses that can send and receive the IOUs.

Block encapsulation


One of the more important differences between a database-based approach and a blockchain-based approach for processing transaction is the idea of encapsulating transactions in blocks. A blockchain, whether it is permissioned or public, has a few key advantages:
  • Order of transactions is strict - there is no doubt which transaction is to be applied first and at what time. This addresses the problem of race conditions and can be used to address the problem of frontrunning in a system without a central authority. 
  • History is immutable - since all blocks in a blockchain refer to a previous block’s hash, it is impossible to alter any record of what blocks and transactions took place in the past without rewriting it entirely. Paired with real-time anchoring of block hashes into a public immutable ledger such as Bitcoin ensures that any block forks would be evident and would have to be accounted for. 
  • Provable auditability - knowing only the latest block hash (which is a small digest in comparison to the actual size of the blockchain), one can not only audit the entire history of the blockchain, but the auditee can probably for the first time in history provide a positive proof that they disclosed all the data for the audit. Any records that are missing or have been altered will come up in a proper audit. 
  • Everyone can be sure they have all the data - if one is at the blockchain head, they know they have or can fetch all historical data. There is no doubt whether some chunk of data is missing or not. 

That being said, blockchains are not a silver bullet. They come with their own weaknesses:

  • Blocks are slower than individual transactions - while a transaction can be committed to a database within a few read/write cycles, a block takes awhile to be created and propagated. The fastest blockchains out there achieve about a block per 1-5 seconds. While each block can contain many transactions to possibly reach the required throughput, those transactions can only come in discrete quantas, not a constant stream (as they say, “Never underestimate the bandwidth of a station wagon full of tapes hurtling down the highway.”). 
  • Performance-wise, a blockchain will probably have a higher transaction overhead than an optimized database. There are a few possible reasons for this - the fact that in the end transactions from a block will have to be committed to a database anyway, the overhead of synchronizing the network and resolving forks, or the relative age of Bitcoin technology (7 years) vs say, SQL (about 40 years). 
  • Currently, there are many blockchain-based cryptocurrency solutions out there, but there are also cryptocurrency networks out there that don’t rely on blockchains, such as Open Transactions. The latter relies on having a few notaries verifying transactions in real time and providing cryptographic receipts for those transactions. It is an interesting approach that allows anyone to prove their balance by merely presenting the last receipt without having to hold onto any prior history.

Tiered blockchains and bandwidth reduction


As it became evident in the Bitcoin world, blockchains can become vulnerable with increased network activity. As such, a modern blockchain solution for high-transaction-volume environment should be prepared to address the bandwidth issue before it might become a problem.

There are a few possible approaches one can take - settle transactions off-blockchain (like the Lightning Network), create a separate permissioned blockchain (like Liquid), or create sidechains (like Credits or what Blocksteam initially wanted to create). Out of those three, sidechains appear to be the more ideal solution - allowing one to move value on and off the main blockchain, transact on that blockchain with the transactions being cryptographically linkable to the main chain (through anchors), and not rely on more centralized third parties.

As such, it might be feasible to construct a tiered blockchain that would be able to offload a good amount of transaction volume off the main chain while still allowing settlement between tiers. At the top of the chain we would perhaps have a public blockchain where the highest-tier peers would issue their IOUs - governments, biggest banks, etc. Below that, we would have sidechains maintained by various banks and other financial institutions. This would allow them to perform more internal transaction without cluttering up the main chain. If needed, more sub-sidechains could also be introduced to further increase transaction throughput. One could also perform sidechain-to-sidechain transactions through a dedicated protocol (such as what Interledger is proposing).

It would be useful for the top of the chain to be a public blockchain as it would allow more institutions and possibly even governments to join and integrate directly with it.

Sample network graph of a tiered blockchain:








Proof of Solvency


One very interesting concept that emerged from the Bitcoin world is so called “proof of solvency”. It allows institutions such as exchanges or gateways create a positive proof that they own a certain amount of currency and that their liabilities are no greater than their currency reserves. Depending on the system in question, the proofs can be either be complete (proving beyond a shadow of a doubt both the assets and the liabilities) or disprovable (one can present undeniable evidence that the institution is lying).

The first scenario is mainly applicable for completely open ledgers - in most cases, only cryptocurrencies and Crypto 2.0s. For example, BTC2Ripple can prove both that they own a certain amount of bitcoins AND the level of their outstanding liabilities on the Ripple network. Since both networks are open, the transaction can be verified to be true or false at any given time.

The second scenario applies whenever we’re dealing with either closed networks, or networks that don’t provide cryptographically signed proofs. This includes exchange’s private databases and bank statements (barring something like TLSNotary). In this case, we either have to rely on some signed documents or PDFs supplied by the banks about the account balances, or generate a merkle tree of all account balances on an exchange. An exchange cannot prove that the information is complete, but anyone can prove the data is invalid if they find their account balance either omitted or altered.

As such, Proof of Solvency can be an important tool for financial audits, allowing them to be performed at any time without disrupting the normal business operations. Some institutions might even opt for continuous proof - updating the required information in real time to bolster confidence in their business.

Proof of Solvency might be fairly straightforward in the above proposed tiered blockchain. Any balance in a sidechain should equal to the amount of assets held at the higher-level chain. The top-level chain would have clear balances of who has how many assets and liabilities.

Voting Pools and auditing competitors


Voting Pools are an interesting idea for keeping everyone honest. In this approach, we have multiple parties vouching for one another’s solvability and being liable for bailouts in case one of the parties goes under. For example, we could have multiple exchanges forming a voting pool and keeping their bitcoins in multisig addresses such that even if one of them turned rogue, they couldn’t defraud their customers nor turn insolvent. This is made possible with continuous proof of solvency, as explained above.

Voting Pools could also be useful for having multiple institutions creating IOUs backed by all of them. These could include:

  • The Euro currency, issued by the joint agreement between multiple EU countries 
  • International Special Drawing Rights issued by the International Monetary Fund 
  • Fiat IOUs backed by multiple banks 

While Voting Pools are the most efficient in a network based on native cryptocurrencies such as Bitcoin, the concept might also be used in permissioned blockchains.

Smart contracts


The final catch-all solution for everything one couldn’t predict while designing the system. Smart contracts are flexible programs that live on the blockchain and can execute commands based on the state of the network. Coupled with smart oracles, the contracts allow for creation of such projects like a decentralized prediction market.

Conclusions



There are many practical applications of the blockchain technology for banks and other financial institutions. Failing to embrace the new technology might make the old network obsolete. The above are only some of the examples of what can be achieved and it is very likely we will see a lot more innovation in the following years. Even from those building blocks we can construct innovative technologies (such as self-regulating universal basic income).

2015-11-09

Sidechains for bankchains

After talking about sidechains as an important feature for reimplementing the cyrptocurrency landscape and criticising Liquid for not living up to its full potential, I had some idea about a new area where sidechains could play an important role - in the permissioned ledger landscape for the banking industry.

A quick recap


While there is some debate as to what are the essential properties of sidechains, I usually go by the definition of "a sidechain is a blockchain with a distributed two-way pegged currency from other blockchains". Generally, something like Credits or BitBasket is aiming to do, but not what Liquid is currently offering.

Sidechains are useful as they:

  • Move some transaction volume off the main blockchain
  • Allow extra functionality on the sidechain not available on the main network
  • Allow the transfer of value back onto the main chain without the use of centralized or decentralized third parties


A permissioned ledger is a centralized or decentralized (but not distributed) blockchain ran by one or more parties where the access to the network or various functions on it is gated to only the approved parties. Here an some overview of how the technology compares to traditional, distributed databases.

A permissioned sidechain


If we relax the definition of a sidechain to include any currency (crypto-native, IOU, etc.) on any network (centralized, decentralized, distributed), we can create an interesting sidechain-bankchain combination that would be useful for an international settlement system.

The reason why we'd like to utilize a model like this would be to allow nations and big international organizations to:


  • Settle between one another on a global network
  • Have autonomy over their national / corporation networks
  • Allow for private settlement networks to operate, while still allowing for proof of solvency audits on the main network
  • Compartmentalize regional transactions from trans-regional tranasctions for speed and network throughput while still allowing for easy interoperability and global settlement




Tiered sidechain


If the above system was put into place, we probably would see a lot of companies big and small want to get onto the network. If the system would be anything like the current banking system, it would be unlikely that everyone would have the capital or meet other arbitrary requirements to connect directly to the main chain. However, there is nothing stopping us from designing the system with that in mind and perhaps having side-side chains - the biggest companies would connect directly to the main chain, while the smaller companies could connect to them and so on. This way we could have everyone on the same network while separating the peers on the network based on their size and needs (for better or for worse).


Lastly, we could add inter-chain settlement protocols like something Interledger is proposing. This would allow for direct connections between various sidechains without the need of going directly to the top level chain to increase throughput and decrease cost.

Tying it together - how would it work?


Now that we have some overview of how the network might be structured, lets explore a few ways it could work.

The top, global chain would be best served as either a multi-party permissioned ledger (like Eris or Multichain), or a distributed network (like Ethereum or Ripple). This way more participants are likely to join without seeing this as "the USA network" or "the Eurozone network" if it was a more centralized solution developed and controlled by one nation or company.

Ideally, the top chain would be where the various governments and big entities would track their debt / IOUs. This would give a clear insight into who owes who how much and allow lower-tiered chains to use that as base monetary system.

Lower-tiered chains would probably be either permissioned or completely centralized blockchains or other cryptograhy-based networks (like Open Transactions). They would be linked with the main chain through a two-way peg. This would allow for easy settlement between the sidechain and the main chain without completely relying on the chain custodian to forward all of the transactions back and forth by themselves.

The sidechains could also follow some safety mechanisms of the voting pools - being constantly audited for solvency and allowing anyone with a balance on the sidechain to redeem their underlying balance on the main chain according to the protocol.

If you wanted to connect to the network, you could do so by connecting to any of the existing peers on the network - usually some bank or corporation. After that one integration, it would be possible to send money to anyone else on the network easily (and hopefully cheaply).

Is this a good idea?


At the moment, I'm not sure how much of this idea would be useful when implemented in the real world. It seems that a lot of banks and institutions are interested in the blockchain technology, the concept of sidechains is a good way of segmenting the network transactions. Moreover, the entire idea seems similar enough to the way things work nowadays that it might be attractive to the companies from "the old world". That being said, I'm not sure if there are some hidden complexities in the proposed solution that would impair it in some way - a lot of the technologies mentioned are either still in development or are still in the conception phase. So for now I would categorize this as "an idea worth considering" and see where things might go from here.

Related links:




2015-10-26

The Money Protocols - Bitcoin, blockchain and others

I was recently sent a link to an article discussing the development of "the money protocol". The idea has been around for awhile - we have standardized protocols for communicating between computers in form of TCP/IP and others, so it would similarly make sense to develop protocols for moving money around on the Internet just like now we move information around it. However, we will likely have more one new protocol created from Bitcoin and related technologies...

Accounting for all payments


In an ideal world, we would have everyone using the same currency on the same network. However, there are many reasons why this probably won't happen. Instead of hoping everyone will start using Bitcoin in the near future, we should assume that we will be dealing with many different currencies, both cryptographic, fiat and otherwise. We will need a protocol that can handle:

  • Native cryptographic currencies like Bitcoin
  • IOUs, assets and debt, like what we see on Ripple
  • Financial derivatives, like BitUSD on BitShares
  • Private currencies on permissioned blockchains
  • Legacy banking systems
  • Credit, debit and gift cards
  • Other currencies created / tracked by private companies (perhaps shares, digital commodities, etc.)

Moreover, the protocol would also need to cover:

  • Sending payments across networks (bank->Bitcoin, altcoin to sidechain, etc.)
  • Finding an optimal payment path between the start and end of the payment
  • Atomically trading between multiple currencies at the same time
  • Locking in / confirming trades and money transfers
  • Providing digital receipts for the payment

All of those would need to be included in the same "money protocol". Once we figure out how to convey the information of who is sending the money, who is the receiver, which type of money is being spent and received (more on how this could look), we can finally start to connect different networks together. Whether it would be through W3C's Web Payments Community Group, something like Interledger or some other forms of bridges, we could finally be able to easily send money around (hopefully).

What's left?


When dealing with crypto as they say, money is the least interesting application. We also have smart contracts, proof of existence, etc. A lot of those applications of crypto will probably also warrant their own protocol - they don't exactly fall under "money protocol". I do believe the following will eventually become their own protocol on par with TCP/IP:

Proof of existence. As we all know, the Bitcoin blockchain is the most secure, inalterable record of history currently available due to the amount of computing effort put into it. Anything embedded in the blockchain can be forever referenced as the latest date some file could've been created. This functionality, perhaps expanded with protocols like Factom, can be a useful protocol for creating timestamped receipts and other applications.

Smart contracts / smart oracles / proof of execution. With Ethereum being released, we can expect to see more use of smart contracts for business applications. Smart oracles, such as the ones proposed by Codius. would compliment them to interface between the crypto and the real world. All in all, we could bundle those up into "proof of execution" - a protocol dictating what code needs to be run, at what time and by how many independent parties (some of them in form of computers, some in form of autonomous contracts), as well as what was the result of the execution. This could enable, for example, to build autonomous financial derivatives or contracts ("code is law").

Conclusions


It is very likely in the future we will see a "money protocol" similar to TCP/IP for money. It will have to encompass more than a single currency and network however. We are also likely to see more blockchain-based protocols emerge from the non-monetary applications of crypto.

2015-10-19

Gaming Proof of Stake

While working on a draft for a paper for the upcoming Ledger academic journal I came across the concept of "stake grinding". After considering this problem for awhile, I think I came up with a neat solution to it under some specific conditions. Lets discuss...

Proof of Stake and Stake Grinding


Proof of Stake is an alternative block generation algorithm to Proof of Work. In it, blocks are not generated by mining pools roughly in proportion to the computing power they hold, but by block producers / minters / notaries or however you want to call them roughly in proportion to the amount of coins they own / stake.

In PoW, blocks are created at random whenever a solution is found, making the network block creation time somewhat random and unpredictable.

In PoS, the blocks can be generated on a more fixed schedule since once a block is created there is no randomness as to who should create the next block - the minter is picked using the randomness inherent in block creation and the balances in the network.

However, if we use a naive implementation of PoS, we open ourselves to the block minters grinding the block to ensure they are also the creators of the next block or some other block in the future (say, if you use a scheme where a block minter is selected by an entropy from 100 blocks back). If you have only one attacker grinding the blocks, they will eventually become the only entity creating the blocks no matter how small their balance is. Since honest minters would select them to mine the blocks every now and then and the attacker would make sure their blocks nominate them to be the minters with 100% certainty, they will be minting more and more blocks.

From what I could find (see section 6.4), stake grinding has been used on a few systems like NXT or Peercoin with success, forcing the networks to abandon the naive approach.

Potential solutions


There are a few solutions to stake grinding. Peercoin appears to have adopted a hybrid PoS-PoW model to make grinding less trivial. BitShares used a Delegated Proof of Stake where the block minters each get to create one block before the order is reshuffled and everyone gets another turn - an interesting approach, but it treats a minter with 50% of support the same as one with 10% of support.

Now, there might be a way to implement Proof of Stake in such a way as to avoid the grinding problem altogether and reward all minters in proportion to their stake / support. It is inspired by CGP Grey's video on Mixed-Member Proportional Representation voting system (a part of his very interesting series "Politics in the Animal Kingdom"):




In the new scheme, we would need to create a list of all minters that want to participate in the block creation process and figure out their weight based on the amount of stake / support / votes they represent. The list would have to be locked in for a certain minting period, similarly to BitShares' implementation. Given this information, we can start creating blocks in a deterministic fashion. Each block minter would be chosen based on who is the most underrepresented in a given minting period. They would be chosen to be the next block minter. After a new block is created, the representation is updated and the next minter is chosen in the same fashion. You could also deterministically break up large chains of blocks being created by the same minter to prevent 51% attacks, or implement a punishment algorithm for creating forks.

This approach would both eliminate grinding and give fairer rewards than DPoS.

2015-10-14

Liquid - when sidechains say "fuck it"

We had big news in the Bitcoin world - Blockstream, the company that has been working on sidechains for awhile has announced they will be launching their first sidechain called Liquid. The announcement is all over CoinDesk, BitcoinMagazine, IHB and others. Unfortunately, when you look closer, what is being proposed is not really fulfilling the promise of sidechains...

What is Liquid?


Liquid is a settlement system for Bitcoin exchanges. It allows one to "[reduce] the time in which bitcoin-denominated funds can be transferred between accounts at these institutions" [1] and "allowing partner exchanges to move funds between order books without the need to transfer funds on the bitcoin blockchain" [1] for "an undisclosed monthly subscription fee" [1]. This will be accomplished by "[finding] partner exchanges transferring funds to a shared multi-signature wallet address, with a Byzantine round robin consensus protocol used to process transactions"[1]. The network will be run by known exchanges, essentially boiling down to a permissioned blockchain. The block signers will be running on proprietary hardware to prevent "tampering with the block signers when they are up and running [, further minimizing trust].".

What are sidechains?


Even more so than "blockchain", "sidechain" is a bit of a nebulous term. Blockstream, who are pretty much the main developers in this space have defined the term in their whitepaper as

"A sidechain is a blockchain that validates data from other blockchains"

This opens it up to interpretation as to what is and isn't a blockchain. Is Bitcoin a sidechain since it contains Factom blockchain data? Is Counterparty a sidechain since you can trade BTC on it? Is Ripple a sidechain since we have services like BitStamp and SnapSwap being Bitcoin gateways onto the system?

I personally expand the term to "a blockchain with a distributed two-way pegged currency from other blockchains" (a quick refresher on centralized, decentralized and distributed definitions). Generally, it should be a system that is not rely on a handful of centralized gateway / bridges to move value back and forth between the networks, but a more protocol-level way of achieving deposits and withdrawals.

Having a one-way peg is dead easy - we've done proof-of-burn years back. Two-way peg, unfortunately, requires a soft fork in the Bitcoin protocol, or an entirely new system to be built from grounds-up.

Liquid is not innovative


Looking at what has been said about Liquid - it's not an innovative technology. It can be boiled down to:
  • Funds are deposited in a multisig address controlled by multiple exchanges [2]
  • Transfers between the exchanges happen when multiple exchanges sign off on the transaction in a mechanism similar to green addresses [2]
  • Transfers require no confirmations because the network won't sign a double-spend against itself

The technology is nothing new - we've had multisig since 2012, and even frigging MtGox used a green address in 2011.

I'm also not yet sure whether Liquid provides some cryptographic receipts for deposits. If they don't - the network isn't entirely gox-proof. You may have proof-of-liquidity (balance in the multisig address), but you'd be lacking proof-of-liabilities - exchange clients or counterparties being able to prove who is owed how much in case the servers blow up due to incompetent PHP programming. Having a pile of bitcoins and a mob of people is not enough to know who is owed how much.

If Liquid has proof-of-liabilities or some other form of cryptographic receipts, that is great! It means they can be compared to Open TransactionsVoting Pools idea from 2014.

Now, to be fair - you don't need to be innovative to be useful, just be honest about it. What Liquid is, I wouldn't classify as a sidechain, but it can still bring a lot of value to their customers. That being said...

Liquid is not enough


Do I believe being able to speed up BTC transfers between exchanges is a useful thing? Yes. However, do you know what is the biggest pain point in Bitcoin exchanges and arbitrage? The fiat part. I'll be able to save an hour or two on my Bitcoin deposits to lock in a trade at a good exchange on another continent, but then I'll have to wait a few days for my fiat to move around so I can arbitrage in the other direction, great. Well, maybe pairing this with something like Tether would be good enough...

Other points


A few last points that don't fit anywhere before I wrap up:
  • Proprietary hardware requirement - if someone told me that to run some system that takes care of my coins I would have to use their proprietary hardware, that's where the conversation would end. I understand, you want the system to be hardened against attacks, but that's exactly why you need heterogeneous network - if everyone has the same hardware and software, you can take down the entire network with the same exploit. Not to mention, proprietary hardware doesn't fit well with "trust but verify" model of Bitcoin.
  • Obfuscated balances and trade data - cool feature, as long as it doesn't interfere with proof-of-liabilities

Conclusions


Liquid looks like a very interesting project, but it's not the sidechains we are looking for. I guess it's a fair compromise between not being able to do anything because one needs a soft fork to implement the full vision and launching a whole altcoin just to have sidechains properly implemented. I guess you can only wait so long for things to improve before you say "fuck it" and create something between where we're now and where you're aiming to be in the future.


[1] - http://www.coindesk.com/blockstream-commercial-sidechain-bitcoin-exchanges/
[2] - https://www.reddit.com/r/Bitcoin/comments/3ok8ga/blockstream_announces_liquid_bitcoins_first/cvydu7r

EDIT:


I heard rumours about the proprietary hardware used for Liquid being secured by thermite that would destroy the hardware if it was tampered with. Reportedly, the hardware would have to be picked up in person as well. While I can't find a reference for those statements, if they were true it would make the situation even weirder (perhaps making it quite problematic for companies to get a hold of those outside of the country they would be produced in - try bringing such highly flammable package onto a plane...).

Related discussions: