2015-11-19

21 Bitcoin Computer - the Macintosh of Bitcoin

It looks like the 21 Bitcoin Computer has began shipping recently for $400 apiece. Moreover, we also got a few extra bits of information from the 21.co website about some features and solutions of the machine and the ecosystem in general. Since guessing the business model of 21 Inc seems to be everyone's favourite activity for about half a year now, lets not waste any more time and dig right in.

The hardware


First of all, we've got some photos of the actual machine. The packaging looks good, the mining component of the device looks sleek and elegant, while the actual computer is a standard Raspberry Pi 2 (according to the FAQ). Strange it doesn't come in a case, especially given that even their setup steps seem to be aware that this might cause some problems:



The 21 Computer's mining chip appears to have the following specs:

  • 0.16 Joules per Gigahash
  • 50 Gigahashes per second
At the moment there don't appear to be any upgrade / swap options for the machine.

This seems to put it in the same category as Antminer U3 Batch 2 - currently selling for $20 and clocking in at 63GH/s. The energy efficiency is rather odd - comparing it to existing solutions, it would be at roughly 6250 MHash/J, while the top performer, AntMiner S7 performs at 4000 MHash/J. This would seem to suggest the chip is underclocked to be more efficient.

This is a little ironic coming from a company that wants to put mining chips into mobile devices - if you're worried about the power efficiency of a device that runs straight from a power adapter, and yet you want to include extra power hungry hardware in devices that run off battery power...

At any rate, this puts the value of the whole package at under $100 (with the Rapsberry Pi 2 along with all the extras selling for about $70 at the moment). But, the hardware isn't everything, so lets look at what else we get with the 21 Computer.

The Software


It looks like the 21Inc's software is quite packed with features. The CLI looks exhaustive, you can run a full Bitcoin node, you have your wallet, etc. We have some reports of people running things like the Open Bazaar project on the device just fine.

All in all, it looks like the software is the meat of the package. I've seen a number of people being interested in the software component more so than the whole package itself. Luckily, it seems that one can get the whole open source software without having to buy the 21 Computer:

> curl https://install.21.co/bitcoin-computer/install.sh | sudo bash

Beyond that, I personally don't have much else to say about the software in general. It looks to be delivering on what it's promising in one neat package.

The Rest


Beyond the hardware and software, it looks like (at least for now during the launch week) 21Inc has some responsive consumer service, which is great to know. If some people get into Bitcoin because of this computer, this can be a very valuable service to make sure they stay interested in the service.

The 21 website has a few interesting tutorials on what could be done with the software. Moreover, with the $200 tutorial bounty, we can expect to see more articles popping up over time.

Beyond that, we come into some more interesting nuggets of what could either be something really insignificant in the future, or perhaps will end up as a starting point for something more insidious...

The Quirky


Wallets

It seemed that from the very beginning, 21Inc was aiming to sell everyone on the idea of combining Bitcoin mining with Internet of Things. However, as I discussed almost half a year ago exactly, this makes no economic sense whatsoever. Mining dust wouldn't even cover for the transaction fees, much less amount to anything useful.

However, in their tutorial on micropayments, we can see that probably the encouraged method of transferring money between individuals won't be the Bitcoin network itself, but the so called "BitTransfers", which looks like a fancy way of saying "shared ewallet transfers". In other words, 21Inc is building itself up to be something like CoinBase for the IoT world - settling peer-to-peer transactions using its centralized database.

Mining

Now, to load the wallet, one would of course mine the coins using the 21 Computer. Even in this area could be spruced up with some marketing talk, as we go into the mining tutorial and "buffered pool mining". 

We start with a time lesson talking about transitioning between CPU mining into pool mining when one couldn't realistically mine a block by themselves. Pooled mining allowed one to reduce the reward variance (without the pool, you either got a whole block and 50BTC, or no block and no reward, while pooled mining allowed you to get a fraction of the reward, but at a more regular pace). 

Afterwards, we seem to get a vision of what 21Inc wants to sell as the vision for its computers - "redecentralizing Bitcoin" by the use of "millions of mining chips worldwide each generate a small stream of bitcoin" as they believe the ASIC chip development will start following the Moore's law in the near future.

However, since the default way (and possibly the only way without modifying the software) to mine on the 21 Computer is to connect to the 21Inc's pool and receive the dust rewards in your 21 shared ewallet, it's not really a decentralization of mining as it is adding another central server to the equation.

Perhaps if we would instead see P2Pool on the device we could call it an effort in the right direction, but then you wouldn't be able to solve the mining variance problem very well, nor would you lock people into your walled garden of an ecosystem.

In the next section we get another new buzzword - "Buffered Pool Mining". You see, 21Inc believes that if you're mining in a pool, you will have to wait:
  • For the pool to mine a block before you get paid
  • To mine enough coins to reach the minimum withdrawal threshold
  • For the block to mature over 100 confirmations before you can get paid
  • To earn bitcoins before you can spend them again if you run out

Instead, 21Inc essentially combines its shared ewallet with the circa 2011 BitPenny's idea of Pay-per-share. As described in the Bitcoin Wiki:

The Pay-per-Share (PPS) approach, first described by BitPenny, is to offer an instant flat payout for each share that is solved. The payout is offered from the pool's existing balance and can therefore be withdrawn immediately, without waiting for a block to be solved or confirmed. The possibility of cheating the miners by the pool operator and by timing attacks is thus completely eliminated. 
This method results in the least possible variance for miners while transferring all risk to the pool operator. The resulting possibility of loss for the server is offset by setting a payout lower than the full expected value.

I wonder how hardened is the 21 mining pool against what an attacker with a state-of-the-art mining rig could throw at it...

But we also get one more interesting feature, which is essentially Bitcoin, lets say, nanolending:

Finally, you do not need to send N hashes to the server before getting N hashes worth of mined bitcoin. That is, by invoking 21 mine your 21 Bitcoin Computer can receive bitcoin in advance of future mining at the expense of a small asymptotic slowdown in the rate of bitcoin streamed to your device.

Which considering the price tag of the machine is still rather amusing.

We conclude the tutorial with:

The basic idea is that buffered pool mining is a new way of getting bitcoin: not by buying huge quantities slowly for investment purposes on an exchange, but by mining tiny quantities rapidly for programming purposes at the command line, rate-limited by a mining chip.

I guess someone forgot the middle-ground of being able to buy a small amount of BTC, for example by phone, getting small amounts of coins for free (through facets or by signing up to various wallets), or if you're really a developer, using TestNet Bitcoins.

Anything else?


As someone that frequents the Bitcoin-related subreddits, I noticed a large amount of submissions about the device recently. That's to be expected when a new, big product launches and everyone gets their hands on it. However, some of the submissions and discussion appears to be somewhat astroturfed. Submissions titled "Whoa" that aren't some Shiba Inu memes generally don't do very well on a crypto subreddit. Cynical quips usually stick better, you rarely see people talking in bold (1, 2), and hardware is rarely inspirationally compared to some major milestones in commercial computing. Even the self-post appear a bit defensive (1, 2). My money would be on at least some of the sentiment being not entirely as grassroots as it might appear in the first place...

Conclusions


Coming back to the title of my post - 21 Bitcoin Computer to me looks like a Macintosh Computer for Bitcoin - an overpriced, underpowered piece of hardware coupled with some decent software. It appears to be building the roots of a walled garden of closed-loop wallets and related ecosystems. If you're a developer, you can do better, both in terms of mining performance, computing speed and price for a throwaway machine for testing. Their software and related articles appear to be the main piece of value added.

For $400, even for a "dev kit" as it's sometimes advertised, I would still rather buy some BTC (by "buying huge quantities slowly for investment purposes on an exchange" - which would still be a smaller investment than the machine) instead of committing to mining. But perhaps it's like some random comment said on Reddit - "the investment will get you to commit to using it".

Related discussions:



2015-11-17

Sample bankchain feature set

In the recent months, many banks and other financial institutions started looking into the blockchain technology as a potential improvement on their current architecture. Below is a sample feature set of the cryptocurrency technologies that can be used to reimplement and possibly improve upon the banking system as it is today.

Transactions


In all cryptocurrency systems, transactions are the most basic building block of the value transfer network. They have a few important features, including:

  • Atomic nature - a transaction can either succeed fully, or fail completely. There is no middle-ground that wasn’t specified beforehand (for example, Ripple’s partial payment flag). It is even possible to have complex transactions that hop across multiple currencies that are still atomic. 
  • Self-contained - a transaction in most cases provides all the information that is needed to verify whether it is valid or not. It specifies exactly which money it is spending, quite often how much money is left, as well as contains a digital signature authorizing the move of funds. 
  • Undisputable ordering - once transactions are included in a block, their ordering is undisputable. This allows everyone to be able to verify exactly what state the system was before and after the transaction was applied. There is no data discrepancy between the participating institutions as to what happened without the need to resort to a centralized authority. 
  • Cryptographic authorization - in the crypto world, there is never a doubt whether someone is authorized to spend the money. Either they own the private keys and can authorize the payments, or they don’t. Moreover, each signature is only valid for a given transaction, so a few authorization problems are mitigated (replay attack, man-in-the-middle, etc.). 
  • Easy multi-party escrow - also known as multisig. This allows money to be held by multiple parties in such a way so as to only be spendable when a minimum threshold of parties agrees to spend them. 

Currencies


In the cryptocurrency space, there are essentially three types of currencies.

The most prevalent is a native crypto currency or a digital token. Those are currencies issued by decentralized autonomous organizations, either in the form of complete crypto-networks (like Bitcoin, Litecoin, etc.), or autonomous smart contracts. Those tokens are usually perfectly, mathematically scarce, have a predictable minting schedule and a clear set of rules on how to transact in them. However, due to their decentralized nature, they don’t represent real-world assets very well.

The second kind are derivative currencies (such as BitUSD), which are still created and maintained in a decentralized fashion (without a central or collective counterparty), but through known financial contracts (futures, contracts for difference) can track the value of real-world assets and currencies. Their counterparty risk takes the form of the financial derivative market.

The third kind are IOUs, digital currencies issued by centralized or collective parties usually backed by real-world assets and currencies (such as SnapSwap.USD, BitStamp.BTC, etc). While they are subject to counterparty risk, they have an advantage over the derivative currencies by most often being easily redeemable in kind from the issuer.

Different cryptographic systems have different requirements when it comes to those currencies. A decentralized network will have to have at least the native digital token to avoid spam attacks at the very least. Having that currency, they can also incorporate the remaining two as needed (see BitShares and Ripple for an example). Permissioned blockchains don’t need a native digital token, as the network participants are known entities and can be made liable in case they intentionally disrupt the network. As such, it makes a lot more sense for those networks to mainly feature digital IOUs.

IOU issuers


IOUs in a cryptocurrency network can be a powerful tool. They are useful for not only tracking the value of real-world assets, but also for tracking the trust associated with the currency issuer. If 1 USD from Bank A trades for 1.02 USD from Bank B, we can infer that A is more trusted than B.

When talking about IOUs, there are generally two models that can arise in a system - a web-of-trust or a gateway model (with the real-world examples usually being a mix of the two). In the first model all parties trust one or more parties in the web and money flow is rippling through the system between parties (this is a basis for old version of Ripple). In the gateway model, we have a few central authorities everyone relies on to securely issue and redeem the IOUs everyone else uses (this is a basis for the new version of Ripple). The latter approach might be more useful when there are different classes of peers on the network (governments vs big banks vs small banks vs credit unions, etc.), but the former is useful compliment for smaller-value settlement between the same classes of peers.

IOUs inherently track debt between parties (if you have 1USD IOU from me, it means I owe you 1 USD). In systems like Ripple it is also paired with another variable - trust. Trust limits the amount of IOUs / debt one is willing to take from another individual. This can be especially useful if say, two banks established a mutual trust between one another to simplify payments or reduce their costs. They might agree for example to extend $1M line of credit between one another and use that channel for settlement for any payments made between their accounts. If the credit limit is ever reached, they can still settle with potentially more expensive IOUs from a gateway (say, a government), or settle the debt in some other way and resume operating with the cheaper IOUs.

Decentralized exchange


Having a number of currencies issued on a decentralized network opens up a lot of possibilities. Most useful one perhaps being a decentralized exchange allowing trading between any currency pair. With an open market accessible to all peers, one could expect to drive the spread for performing FX trades to spot, even for small value transactions. Having that, one could expect to start seeing the Singularity of Money going into effect, where the currency you own would not matter as much as the value of that currency. Multi-currency hops would allow one to route money through the most efficient market in the web of value allowing for easy bootstrapping of new remittance platforms and applications.

KYC


An important aspect to consider while designing a crypto network is how it can comply with KYC regulations. While decentralized networks such as Bitcoin are focused on fostering strong pseudonimity, permissioned blockchain users in most cases would be interested in dealing only with known parties. This can be achieved by either having all entities in the system known and explicitly recognized, or having a more open system but with each peer being responsible for doing their own KYC.

The first is a model that seems the most popular with private permissioned blockchains such as MultiChain, where the creators of the system explicitly have to grant read and write permissions to every network participant (thus giving them an opportunity and potentially a responsibility to perform the KYC on everyone).

The latter model is more popular on public blockchains that allow permissioned access, such as Ripple. There, every gateway can explicitly either blacklist addresses to prevent them from using the IOUs they created, or create a whitelist of only the addresses that can send and receive the IOUs.

Block encapsulation


One of the more important differences between a database-based approach and a blockchain-based approach for processing transaction is the idea of encapsulating transactions in blocks. A blockchain, whether it is permissioned or public, has a few key advantages:
  • Order of transactions is strict - there is no doubt which transaction is to be applied first and at what time. This addresses the problem of race conditions and can be used to address the problem of frontrunning in a system without a central authority. 
  • History is immutable - since all blocks in a blockchain refer to a previous block’s hash, it is impossible to alter any record of what blocks and transactions took place in the past without rewriting it entirely. Paired with real-time anchoring of block hashes into a public immutable ledger such as Bitcoin ensures that any block forks would be evident and would have to be accounted for. 
  • Provable auditability - knowing only the latest block hash (which is a small digest in comparison to the actual size of the blockchain), one can not only audit the entire history of the blockchain, but the auditee can probably for the first time in history provide a positive proof that they disclosed all the data for the audit. Any records that are missing or have been altered will come up in a proper audit. 
  • Everyone can be sure they have all the data - if one is at the blockchain head, they know they have or can fetch all historical data. There is no doubt whether some chunk of data is missing or not. 

That being said, blockchains are not a silver bullet. They come with their own weaknesses:

  • Blocks are slower than individual transactions - while a transaction can be committed to a database within a few read/write cycles, a block takes awhile to be created and propagated. The fastest blockchains out there achieve about a block per 1-5 seconds. While each block can contain many transactions to possibly reach the required throughput, those transactions can only come in discrete quantas, not a constant stream (as they say, “Never underestimate the bandwidth of a station wagon full of tapes hurtling down the highway.”). 
  • Performance-wise, a blockchain will probably have a higher transaction overhead than an optimized database. There are a few possible reasons for this - the fact that in the end transactions from a block will have to be committed to a database anyway, the overhead of synchronizing the network and resolving forks, or the relative age of Bitcoin technology (7 years) vs say, SQL (about 40 years). 
  • Currently, there are many blockchain-based cryptocurrency solutions out there, but there are also cryptocurrency networks out there that don’t rely on blockchains, such as Open Transactions. The latter relies on having a few notaries verifying transactions in real time and providing cryptographic receipts for those transactions. It is an interesting approach that allows anyone to prove their balance by merely presenting the last receipt without having to hold onto any prior history.

Tiered blockchains and bandwidth reduction


As it became evident in the Bitcoin world, blockchains can become vulnerable with increased network activity. As such, a modern blockchain solution for high-transaction-volume environment should be prepared to address the bandwidth issue before it might become a problem.

There are a few possible approaches one can take - settle transactions off-blockchain (like the Lightning Network), create a separate permissioned blockchain (like Liquid), or create sidechains (like Credits or what Blocksteam initially wanted to create). Out of those three, sidechains appear to be the more ideal solution - allowing one to move value on and off the main blockchain, transact on that blockchain with the transactions being cryptographically linkable to the main chain (through anchors), and not rely on more centralized third parties.

As such, it might be feasible to construct a tiered blockchain that would be able to offload a good amount of transaction volume off the main chain while still allowing settlement between tiers. At the top of the chain we would perhaps have a public blockchain where the highest-tier peers would issue their IOUs - governments, biggest banks, etc. Below that, we would have sidechains maintained by various banks and other financial institutions. This would allow them to perform more internal transaction without cluttering up the main chain. If needed, more sub-sidechains could also be introduced to further increase transaction throughput. One could also perform sidechain-to-sidechain transactions through a dedicated protocol (such as what Interledger is proposing).

It would be useful for the top of the chain to be a public blockchain as it would allow more institutions and possibly even governments to join and integrate directly with it.

Sample network graph of a tiered blockchain:








Proof of Solvency


One very interesting concept that emerged from the Bitcoin world is so called “proof of solvency”. It allows institutions such as exchanges or gateways create a positive proof that they own a certain amount of currency and that their liabilities are no greater than their currency reserves. Depending on the system in question, the proofs can be either be complete (proving beyond a shadow of a doubt both the assets and the liabilities) or disprovable (one can present undeniable evidence that the institution is lying).

The first scenario is mainly applicable for completely open ledgers - in most cases, only cryptocurrencies and Crypto 2.0s. For example, BTC2Ripple can prove both that they own a certain amount of bitcoins AND the level of their outstanding liabilities on the Ripple network. Since both networks are open, the transaction can be verified to be true or false at any given time.

The second scenario applies whenever we’re dealing with either closed networks, or networks that don’t provide cryptographically signed proofs. This includes exchange’s private databases and bank statements (barring something like TLSNotary). In this case, we either have to rely on some signed documents or PDFs supplied by the banks about the account balances, or generate a merkle tree of all account balances on an exchange. An exchange cannot prove that the information is complete, but anyone can prove the data is invalid if they find their account balance either omitted or altered.

As such, Proof of Solvency can be an important tool for financial audits, allowing them to be performed at any time without disrupting the normal business operations. Some institutions might even opt for continuous proof - updating the required information in real time to bolster confidence in their business.

Proof of Solvency might be fairly straightforward in the above proposed tiered blockchain. Any balance in a sidechain should equal to the amount of assets held at the higher-level chain. The top-level chain would have clear balances of who has how many assets and liabilities.

Voting Pools and auditing competitors


Voting Pools are an interesting idea for keeping everyone honest. In this approach, we have multiple parties vouching for one another’s solvability and being liable for bailouts in case one of the parties goes under. For example, we could have multiple exchanges forming a voting pool and keeping their bitcoins in multisig addresses such that even if one of them turned rogue, they couldn’t defraud their customers nor turn insolvent. This is made possible with continuous proof of solvency, as explained above.

Voting Pools could also be useful for having multiple institutions creating IOUs backed by all of them. These could include:

  • The Euro currency, issued by the joint agreement between multiple EU countries 
  • International Special Drawing Rights issued by the International Monetary Fund 
  • Fiat IOUs backed by multiple banks 

While Voting Pools are the most efficient in a network based on native cryptocurrencies such as Bitcoin, the concept might also be used in permissioned blockchains.

Smart contracts


The final catch-all solution for everything one couldn’t predict while designing the system. Smart contracts are flexible programs that live on the blockchain and can execute commands based on the state of the network. Coupled with smart oracles, the contracts allow for creation of such projects like a decentralized prediction market.

Conclusions



There are many practical applications of the blockchain technology for banks and other financial institutions. Failing to embrace the new technology might make the old network obsolete. The above are only some of the examples of what can be achieved and it is very likely we will see a lot more innovation in the following years. Even from those building blocks we can construct innovative technologies (such as self-regulating universal basic income).

2015-11-09

Sidechains for bankchains

After talking about sidechains as an important feature for reimplementing the cyrptocurrency landscape and criticising Liquid for not living up to its full potential, I had some idea about a new area where sidechains could play an important role - in the permissioned ledger landscape for the banking industry.

A quick recap


While there is some debate as to what are the essential properties of sidechains, I usually go by the definition of "a sidechain is a blockchain with a distributed two-way pegged currency from other blockchains". Generally, something like Credits or BitBasket is aiming to do, but not what Liquid is currently offering.

Sidechains are useful as they:

  • Move some transaction volume off the main blockchain
  • Allow extra functionality on the sidechain not available on the main network
  • Allow the transfer of value back onto the main chain without the use of centralized or decentralized third parties


A permissioned ledger is a centralized or decentralized (but not distributed) blockchain ran by one or more parties where the access to the network or various functions on it is gated to only the approved parties. Here an some overview of how the technology compares to traditional, distributed databases.

A permissioned sidechain


If we relax the definition of a sidechain to include any currency (crypto-native, IOU, etc.) on any network (centralized, decentralized, distributed), we can create an interesting sidechain-bankchain combination that would be useful for an international settlement system.

The reason why we'd like to utilize a model like this would be to allow nations and big international organizations to:


  • Settle between one another on a global network
  • Have autonomy over their national / corporation networks
  • Allow for private settlement networks to operate, while still allowing for proof of solvency audits on the main network
  • Compartmentalize regional transactions from trans-regional tranasctions for speed and network throughput while still allowing for easy interoperability and global settlement




Tiered sidechain


If the above system was put into place, we probably would see a lot of companies big and small want to get onto the network. If the system would be anything like the current banking system, it would be unlikely that everyone would have the capital or meet other arbitrary requirements to connect directly to the main chain. However, there is nothing stopping us from designing the system with that in mind and perhaps having side-side chains - the biggest companies would connect directly to the main chain, while the smaller companies could connect to them and so on. This way we could have everyone on the same network while separating the peers on the network based on their size and needs (for better or for worse).


Lastly, we could add inter-chain settlement protocols like something Interledger is proposing. This would allow for direct connections between various sidechains without the need of going directly to the top level chain to increase throughput and decrease cost.

Tying it together - how would it work?


Now that we have some overview of how the network might be structured, lets explore a few ways it could work.

The top, global chain would be best served as either a multi-party permissioned ledger (like Eris or Multichain), or a distributed network (like Ethereum or Ripple). This way more participants are likely to join without seeing this as "the USA network" or "the Eurozone network" if it was a more centralized solution developed and controlled by one nation or company.

Ideally, the top chain would be where the various governments and big entities would track their debt / IOUs. This would give a clear insight into who owes who how much and allow lower-tiered chains to use that as base monetary system.

Lower-tiered chains would probably be either permissioned or completely centralized blockchains or other cryptograhy-based networks (like Open Transactions). They would be linked with the main chain through a two-way peg. This would allow for easy settlement between the sidechain and the main chain without completely relying on the chain custodian to forward all of the transactions back and forth by themselves.

The sidechains could also follow some safety mechanisms of the voting pools - being constantly audited for solvency and allowing anyone with a balance on the sidechain to redeem their underlying balance on the main chain according to the protocol.

If you wanted to connect to the network, you could do so by connecting to any of the existing peers on the network - usually some bank or corporation. After that one integration, it would be possible to send money to anyone else on the network easily (and hopefully cheaply).

Is this a good idea?


At the moment, I'm not sure how much of this idea would be useful when implemented in the real world. It seems that a lot of banks and institutions are interested in the blockchain technology, the concept of sidechains is a good way of segmenting the network transactions. Moreover, the entire idea seems similar enough to the way things work nowadays that it might be attractive to the companies from "the old world". That being said, I'm not sure if there are some hidden complexities in the proposed solution that would impair it in some way - a lot of the technologies mentioned are either still in development or are still in the conception phase. So for now I would categorize this as "an idea worth considering" and see where things might go from here.

Related links: