2017-02-20

Blockchain Terminology - a developer perspective

One of the discussions I had with SCC's committee on "Blockchain and electronic distributed ledger technologies" was about the various terminologies used by the Bitcoin / blockchain community. In light of that, I figured I would put together some of my interpretations of those terms as they might be viewed by a developer working in the field. The following list is by no means exhaustive and it could be further refined, but I hope at least some of the examples and nuances in meaning would be helpful in expanding some of the definitions of more rigorous dictionaries.

Address

A string of characters representing the destination of a funds transfer on a Blockchain. For example, "1PiachuEVn6sh52Ez7o6Fymvw54qvQ4RBm" is a Bitcoin address, "0xcd234a471b72ba2f1ccf0a70fcaba648a5eecd8d" is an Ethereum address. Addresses are usually a human-readible representations of a Public Key composed using a fixed scheme, but they can also represent concepts that don't correspond to Keys, like Ethereum's contract addresses.

In most blockchain systems, every entity can own many addresses. Some blockchains like Bitcoin focus on creating a lot of addresses, while others, like Ripple, focus on reusing the same address many times over.

Addresses are analogous to bank account numbers.

Altcoin

A term that originated early in the Bitcoin history, an Altcoin refers to "an alternative coin implementation", usually being an alternative to Bitcoin. It has often been used dismissively and sometimes even derogatorily, especially when referring to a lot of "copycat coins" that are a carbon copy of Bitcoin with minor tweaks. Most well known Altcoins include Litecoin and Dogecoin.

A lot of Altcoins mostly focus on tweaking small parameters of Bitcoin while preserving how the system operates on a higher level. The tweaks most often focus on the Hashing Algorithm, Block creation time, Coin distribution, name and branding.

When an Altcoin is created solely to be speculated on and then abandoned, it's usually referred to as a "pump and dump" or a "ScamCoin".

Some part of the community refers to every non-Bitcoin cryptocurrency as an Altcoin, while others shy away from this term when talking about more sophisticated projects that differ greatly from Bitcoin, such as Ripple or Ethereum.

Block

A Block is a cryptographically secured collection of Transactions along with some extra information stored in the Block Header. That extra information usually states the Hash of the previous Block, the current time, and the Merkle Root of the transactions, among other information.

There is usually some limitation to how many and how often Blocks are created in a given Blockchain project. In Bitcoin, the Blocks require a Proof of Work to be valid. Ripple Blocks require a consensus to be reached.

Blocks are usually referred to by their Hash. Due to how their Hash is computed, the Block cannot be altered without creating a completely different Hash.

Blockchain

A Blockchain is a collection of Blocks refering to one another in a linear sequence all the way to a Genesis Block. Because of how the chain is created, any change to any Block in the sequence would invalidate all of the Blocks that came afterwards. This is one of the core features of a Blockchain known as Immutability.

If two or more Blocks refer to the same previous Block Hash, this is known as a Fork. In most systems, only one of those Blocks will be considered valid, usually the one that will end up in the longest branch.

The term "Blockchain" is also used to refer to the projects that use Blockchains. Bitcoin is a Blockchain project that contains the Bitcoin Blockchain. This term was popularized in mid-2015 by large enterprises such as Overstock and NASDAQ wanting to use the then called "Bitcoin technology" without using the term "Bitcoin" due to its various connotations.

Colored Coins

A Colored Coin is an idea of "earmarking" particular outputs of a given Transaction and assigning some extrinsic value to them, usually representing some real world assets or currencies. This is the most basic implementation of a Crypto 2.0 system, allowing simple Blockchains such as Bitcoin to track non-native currencies.

There are specific rules governing how a perticular implementation of Colored Coins handles transaction mixing and other related features.

CryptoCurrency

A CryptoCurrency is a cryptographically secured currency. The authorisation of transfers of CryptoCurrency between Addresses is handled either by public-key cryptography, or Smart Contracts.

Most Blockchain projects contain at least one form of Native CryptoCurrency, often referred to as a Coin or a Token. Bitcoin the project is used to transact in bitcoin the currency, Litecoin - litecoins, etc. Some projects have multiple native tokens (such as Factom with its Factoids and EntryCredits), while a few projects (usually Permissioned Blockchains) have none (such as Hyperledger or Eris).

Some Blockchain projects, sometimes referred to as "Crypto 2.0", can also support user-created CryptoCurrencies. Those usually take a form of an IOU for a real-world asset, such as BitstampUSD on Ripple, or TetherUSD on Omni. A few projects also create currencies based on derivatives from the Native Tokens, such as BitUSD. Some of the Crypto 2.0 projects that support Smart Contract allow for complex script to manage how the currency behaves.

Decentralized Autonomous Organizations

A Decentralized Autonomous Organization (or DAO) is a computer software that is able to manage money without being reliant on third parties. They usually take a form of an automated Smart Contract, but the definition can also include some Blockchain Projects as a whole, such as BitShares.

DAOs are created with a set of rules governing how it will handle its money (usually in a form of the Native Cryptocurrency). Once put in place those rules are usually immutable.

DAOs can exist in a legal gray area due to their distributed nature. One of the first concepts for a DAO is that of a decentralized casino. While operating an online casino might be illegal in some jurisdictions, it is hard to say whether a DAO casino is legal or not.

The most well-known example of a DAO was called "The DAO".

Distributed Ledger Technology

Distributed Ledger Technology is a term used to describe a superset of the Blockchain Technology and ledgerless crypto suites (such as Corda or Open Transactions).

The term is relatively new as of February 2017 and it may be seen as a way for governments and big companies to further move away from the terms "Bitcoin" and "Blockchain".

Fork

There are multiple different concepts in the Blockchain space that are referred to as "forks".

The simplest Fork is a Repository Fork - a term originating from software development where a developer copies a repository of a given project to create their own version of the software. This is most often used to create Altcoins - most of them are Forks of the Bitcoin repository, or other forked repositories.

Another type of Fork is a Blockchain Fork. It is an event in which there are multiple competing blocks of the same height. Those Forks may occur naturally due to multiple Miners creating a Block each at a similar time, or they can be malicious, for example - a result of a 51% Attack.

The last type of Fork is a Blockchain Fork caused by changes in the software operating the Blockchain (such as bitcoind). Those Forks may be incidental (such as the March 2013 Bitcoin fork), or deliberate (Ethereum's DAO fork). The latter are generally split into two kinds - Soft Forks and Hard Forks.

Soft Forks are less invasive and mainly require the Miners to upgrade their software. Old software will still recognize new blocks created after the Soft Fork as valid. An example of a Soft Fork could be the bugfix for Value Overflow Incident.

Hard Forks are more invasive and require everyone to upgrade their software. Old software will not recognize new blocks or transactions as valid after the Hard Fork. The Ethereum DAO Fork is perhaps the most famous example of a Hard Fork.

Contentious Hard Forks can sometimes lead to network splits, where a part of the network and community decide not to opt into the Forked code and Blockchain, and instead decide to take a different approach. Ethereum Classic is a network split that resulted from the DAO Fork.

Hash

A Hash is a cryptographic digest of a piece of data. Hashes are most often used to refer to a given Transaction or a Block, as each of them would have a unique Hash, and the length of that Hash is short enough to be easy to use.

Most Blockchain Projects use the SHA256 hashing algorithm dominantly, with ocasional use of other algorithms (such as RIPEMD-160 being used by Bitcoin for creating its Addresses).

The Block Hash is also an integral part of the Proof of Work Mining algorithm.

Merkle Tree

Merkle Tree is a tree build out of Hashes. Each node in the tree is a hash of its child nodes. The final hash in the Merkle Tree is called a Merkle Root.

Merkle Trees are used to create a single Hash that represents a collection of Hashes. It can be used in Simplified Payment Verification or Proof of Existence to prove a given Transaction was part of a Block by specifying only log2(n) hashes, rather than n hashes it would take to list all of the Transaction Hashes. SPV is an important part of Light Nodes / Wallets.

Miner

Miner is an entity involved in the Mining process of a Proof of Work Blockchain, such as Bitcoin. Other Block generation schemas use different terminology for similar functions - Validators, Farmers, etc.

The term Miner can refer to:
  • The machine doing the computations
  • The business owner running said machines
  • Less frequently, to the piece of software performing the computations
Miners often use Mining Pools to pool their computation resources and create Blocks together to reduce the variance of their income.

Mining

Mining is the process by which Miners create a Proof of Work Block in Blockchains such as Bitcoin. It is a process of iterating through many possible Blocks (often iterating using the Nonce) until the Block satisfied the PoW criteria. This involves the Hash of the Block being a number smaller than the Target for a given block (see: Difficulty).

The Miners are rewarded for creating a valid Block by the Block Reward and any Fees spent by Transactions included in the Block.

There are also a handful of minor activities similar to Block Mining that serve a different purpose. As Addresses are essentially random numbers, some people iterate over them in a process of Vanity Address Mining to create a desirable looking Address (similar to vanity plates for cars). One can also mine for different Transaction Hashes, but it's a fringe activity used only in special cases.

Node

A Node is a computer running the specialized software used to communicate directly with a Blockchain Network. A Node is often a Wallet, but it doesn't need to be.

Generally, there are two types of Nodes - a Full Node and a Light Node.

A Full Node downloads and stores all of the Blockchain information. It can provide the data to other Nodes in the network as needed. Distributed Blockchain Networks require a web of Full Nodes to be operating at all times to maintain the network.

A Light Node only downloads the core data it needs to validate the current Blockchain status (most often - Block Headers) and any information relating to the Addresses it cares about. It has a much lower memory and network footprint than a Full Node, but it cannot provide all of the information a Full Node might. A set of Full Nodes is till required to maintain the network.

Nonce

A nonce is a random number used to easily create a different input. It is most notably used in a Block Header to create a different Block Hash without changing any important information stored in a Block. This is most often used in Proof of Work Blockchains that need to iterate over many block hashes. Due to the avalanche effect, changing even a single bit in the nonce creates a completely different Hash.

Permissioned Blockchain

A Permissioned Blockchain is a Blockchain Project that restricts access to its Blockchain in some way to the users. It could require user authentication before they can connect their nodes to the network, or even download their Clients.

In constract, Permissionless Blockchains, such as Bitcoin, are inclusive by nature, allowing anyone to join and transact on the network.

Permissioned Blockchains are still in early phases of adoption as of February 2017. For their time being, their target market consists of banks, governments and other large entities that want to exert some form of control over their Blockchain network. This could be done due to regulatory, KYC or other reasons.

Some Permissionless Blockchains do offer some features for their users to restrict access to some of their financial assets. Ripple allows explicit white- and blacklists of Addresses, while Smart Contract scripts give even finer control over how a given asset can be used.

Proof of Existence

Proof of Existence is a cryptographics-based proof that a given piece of data existed, unchanged, at a given point in time. It can be used as a replacement for a notary service.

Proof of Existence relies on a public Blockchain, such as Bitcoin's. The data in question is hashes and embedded into a Transaction or a Block. Given that a Block contains a timestamp and it is impossible to rewrite old Blocks without invalidating the proceeding Blocks, it is possible to prove the data existed in its current form no later than when that Block was created.

Factom is one Blockchain project that focuses on providing Proof of Existence "as a service". It maintains its own Blockchain that is itself "anchored" into the Bitcoin Blockchain, extending the Proof of Existence to a bigger amount of data.

Proof of Stake

Proof of Stake is an alternative Block creation algorithm to Proof of Work. Instead of relying on a lot of computational power to create a Block, one instead relies on a large supply of Coins. The reasoning behind Proof of Stake is that an attacker trying to subvert the network would be risking a lot of their wealth in the attempt, therefore they would be disincentivised to attack the network to preserve the value of their Coins. Similarly, users with a lot of Coins have a high stake in keeping the Blockchain operating properly to increase the value of their Coins.

Proof of Work

Proof of Work is a Block creation algorithm that uses a Hashing algorithm to ensure predictable Block creation rate. It relies on the fact that a Hash of a Block is essentially a very large random number, and that it takes some computational time to create the Hash. While it might take a fraction of a second to create one Hash, having to create a lot of Hashes takes a significant amount of time and resources.

A valid Block has a Hash smaller than a given Target (see Difficulty). To create a Hash that satisfies that criteria, the Miner needs to compute many potential Hashes until they find a satisfactory one. Since Hashes are essentially random numbers, it is easy to approximate how many times one would need to compute a Hash to get one that is small enough.

As more Miners join the network with more powerful Mining machines, they naturally can compute more Hashes in the same amount of time. The Proof of Work algorithms are designed to handle that by making it harder to compute a valid Hash by lowering the Target more and more. If the Miners leave the network and the available computational power decreases, the Target increases to maintain the Block creation speed.

Another important design of the Proof of Work algorithm is that it takes a lot of computational power to create a valid Hash, but very little to verify it (one needs to hash the data once).

Proof of Work is used to secure the Blockchain Network from attackers trying to subvert it (they would need to have a lot of spare computing power), as well as to create a fair distribution model for the Coins (Miners are rewarded with newly minted Coin for creating a valid Block).

Smart Contracts

A Smart Contract is a simple computer script that represents an implicit contractual agreement between the parties to transact in the way described by that contract ("Code is Law"). Smart Contracts are an important aspects of such Blockchain Projects like Ethereum. In contrast to traditional legal contracts, Smart Contracts do not need a legal team to enforce them, and once put in place they usually cannot be altered. Smart Contracts can contain functions that can be called by creating a specific Transaction. The code execution is deterministic and is carried out by the Miners.

Smart Contracts may be paired with legal contracts (such as in the case of Corda), but that's rarely the case on most Blockchains.

See also: Decentralized Autonomous Organizations.

Transactions

A Transaction is an atomic operation on the Blockchain. It usually involves transfer of Cryptocurrency between Addresses, but some Blockchain Projects also have non-monetary Transactions (such as invoking a function in a Smart Contract on Ethereum, or setting a trustline in Ripple). Transactions are grouped into Blocks.

In Blockchains like Bitcoin, Transactions specify the Transaction outputs they consume to cover their fees and the outputs they create. There are some Blockchains (like Ripple or Factom) that operate on account-balance model, which keeps a running tally of the funds remaining in an account, so a Transaction doesn't need to specify which outputs they are consuming.

Transactions are authorised by the use of private-public key cryptography. A Transaction spending an output from a given Address is only valid if the private key associated with a given Address has signed the transaction.

Most Blockchain projects contain some special Transaction types. Most common special Transaction type is the Coinbase Transaction. It is the first Transaction of a given Block that credits the Miner newly minted Coins for creating that Block. This Transactions has no Inputs and is not signed by any Address. Coinbase Transactions are both rewards to the Miners and a way to distribute new Coins into the network.

Wallet

A Wallet is a collection of Addresses along with their associated private keys. The term can also refer to the piece of software that manages that Wallet, and the file that stores the data (a Wallet file).

Wallets can take the form of a standalone application (sometimes paired with a Node or a daemon, such as BitcoinQT), a web application (such as Blockchain.info's MyWallet), or be managed by a third party (such as Coinbase).

Access to the private keys is an important aspect of the Wallet design. There are services that host encrypted Wallet files, but don't have access to the keys as the user is encrypting and decrypting the file on their local machine. Other services secure their own keys and manage user's funds akin to a bank.

2017-01-30

Corda and the Distributed Ledger Technology

Recently I became involved with SCC's committee on "Blockchain and electronic distributed ledger technologies". During one of the discussions, I've learned about a new term that seems to have become very popular in the banking industry - "Distributed Ledger Technology" (DLT). Apparently companies like Deloitte or even the UK government have picked up on this new thing and seem to be abuzz with it.

Instantly this reminded me of 2015 when big companies like NASDAQ and Overstock expressed their interest with "the Bitcoin technology", but they didn't want to be associated with "Bitcoin", therefore decided to rename this whole thing as "blockchain technology". Maybe this was just another way for companies to invent a new five dollar word and charge a hefty sum to consult on it?

After doing some research, I couldn't find much on what exactly DLTs were - there doesn't seem to be a concrete definition floating around yet. However, a few people pointed me to one example of an actual implementation of a DLT - Corda. Lucky enough, someone coincidentally decided to organize a meetup about Corda around the time, so I had some good opportunity to learn what it's about.

Corda


Corda is a Distributed Ledger Technology implementation by the R3 consortium. It is open source, comes with a Slack, a whitepaper and all that.

Corda has been created from the grounds-up for the use by banks and other financial institutions, prioritising their needs first. This dictated a few important design choices:

  • Private transactions - transactions in the system are only disclosed to the parties involved. They are not globally broadcast for everyone to verify, instead only circulating in very limited circles as small as two peers.
  • No blockchain - since there is no need to let everyone know about every transaction that took place, there is also no need for a blockchain, be it public or permissioned
  • Legal smart contracts - much like a Ricardian Contract, the smart contracts executed on the Corda network have explicit legal prose attached to them.
  • Optional notaries - if two parties don't trust one another, they can bring in optional notaries to verify various aspects of the transaction (no double-spending, uniqueness of transaction, etc.)

Knowing these features, we can try figuring out what existing cryptocurrency project it resembles most. Looking at this chart comparing various projects in the space (provided funnily enough by Tim Swanson a few years back before he joined R3):

Tim Swanson's "Current Cryptoprotocol Infrastructure" from his "Great Chain of Numbers"

It looks like Corda can fall in only one spot, which is the "Ledgerless Crypto Suite", alongside Open-Transactions. Indeed, the resemblance is quite strong.

The following explanation is based on the "Introduction to Corda" presentation and other materials I managed to come by.

Corda's base building block is a cryptographic transaction. It can be a simple payment, or a more complex smart contract. The transactions specify which inputs they are spending and what outputs they are generating (this works just like Bitcoin and is different from an "account-balance" approach of say, Ripple). Each transaction has a hash of a legal prose attached to it which governs how the transaction should operate. The transaction is then signed by all of the participating parties that agree to execute it - it could only be one entity when it is a simple "send money" transaction, or span multiple parties if it is a more complex swap or financial agreement.

The transaction can also be notarised or verified by third parties as needed. This could be as simple as a server doing a blind signature to verify the transaction is unique, or perhaps the whole transaction could be disclosed to some auditors as needed.

After a transaction is signed, that's about it - every party that knows about the transaction records it in their ledgers and the financial contract is thus binding. There might be some follow-up on the smart contract as it matures or other trigger points execute it, but with no blockchain, block generation or the like, there isn't much else to it.

As it stands, Corda seems to fit in as a common middleware for banks and financial institutions to standardise their interactions with one another, especially in the realm of financial contracts. This puts the project in a similar space to Open Transactions or Interledger, not too far from Ripple or Ethereum.

Corda criticism


Due to its focus on catering to the financial institutions, Corda might be seen as "more of the same", rather than trying to revolutionise the field like Bitcoin. Some people might dismiss it out of principle for not fighting to make the banks more transparent.

A system built on private transactions will be easier to manipulate than a proper blockchain. Unless all of the transactions need to be accounted for by some independent auditor, you loose the option to have "negative proofs". Since the amount of parties involved is so small, they can easily conspire to rewrite or delete the past transactions to suit their present needs. This could be mitigated by using a proof of existence and anchoring the various hashes of transactions into something like Factom.

However, if properly maintained, the system can enforce accountability. While the transactions may not be a part of a blockchain, they do form a transaction chain - every transaction spending the previous output. Having any single transaction signed by the various parties could be used against them - they might be compelled to provide the full, unbroken chain of transactions leading up to that transaction. While this might not uncover all of the transaction branches, there is at least some cryptographic trace of what happened.

Linking the legal prose to the smart contract is also asking for trouble. Even now people can have legal disagreements as to which interpretation should take precedent when you have a contract written in two human languages. Woe to anyone who wishes to mix legal prose with a smart contract. This would either require a new profession of some lawyer-programmer, some sort of legalese language interpreter / compiler, or the smart contract will be just a farce that could be overturned so easily it might not even need to exist.

Corda's presentation seems to indicate the legal prose takes precedent over the code. This might mean that there would need to either be some backdoor for third parties to overwrite or amend the contract, or the parties involved would have to work around the code to achieve settlement in the end. All in all, this can lead to a lot of mess in the code down the line. Some might prefer the approach of "code is law", but then we have the story of the DAO as a cautionary tale.

Moreover, the contracts dealing with international law and regulations would be even more complicated. This could lead to fewer transactions taking place between various jurisdictions to avoid the legal hassle.

Beyond that, Corda seems to rely on a few known key actors common to the Crypto 2.0 space. Lack of native currency means the system will need gateways to issue assets. Some design documents mention Smart Oracles, etc.

Distributed Ledger Technologies


Based on the example of Corda and Open Transactions, we can try drawing some conclusions of what the Distributed Ledger Technologies might be as a general term.

  • The technology seems to be focused more on transactions and less on grouping them into blocks.
  • With the absence of blocks, we necessarily have to do away with any form of distributed, native currency - there is no way for that currency to be objectively generated. The system instead uses IOUs for currencies and assets.
  • The system relies on a number of key nodes / entities to operate - auditors, validators, legal authorities, banks, etc. This means the system would be at best "decentralised"
  • Cryptography is still used to authorise various transactions and move the money around.

Conclusions



Distributed Ledger Technologies seem to sound more impressive than they are in reality. Some have proposed to use this term to refer to things like Corda as well as the existing Blockchain Technologies, but it seems to be mostly an unnecessary buzzword. The existing DLTs are not really distributed, but decentralised. The word "ledger" correlates more closely to a block of transactions than what we have in Open Transactions (where you can discard old transactions as they are not needed once they are confirmed spent). So perhaps a more accurate term would be "decentralised set of transactions"? DSoTs? DSoTTs if you want to include "technology" at the end as well...

2017-01-02

Ideas for Reddit moderation improvements

Awhile back the /r/Bitcoin community got upset over Coinbase CEO talking with Reddit CEO about /r/Bitcoin's moderation and the possibility of removing the moderators of the subreddit. It has been a few months and luckily not much has come of it. However, this got me thinking about how we could improve the moderation of the subreddit, or at least what different approaches could be taken.

None of the points mentioned are meant to be an attack on anyone - thy are merely ideas worth considering in probably many communities, not just ours.

This can be viewed as a continuation from the "On /r/Bitcoin moderation - three years in review" blog post.

Head moderator responsibilities


Everyone has different approaches to moderation. Personally, I find myself starting with a lot of enthusiasm early on and later petering out over time as more people join the team and are able to take on the responsibilities. Being the second moderator on /r/Bitcoin for a long awhile and facing the community backlash at our top moderator gave me an opportunity to think about how I would run things. While this might not be an ideal solution for everyone, here is the approach I might take - focus on being the moderator of moderators and an arbitrator between them, rather than dictating the direction of the subreddit.

My personal approach is that everyone makes mistakes - moderators are no different and I'm no different. The best approach to take is to fill the moderator positions with people that aim to support the community and see it grow. Most importantly, however, those people should be open to discussing and challenging views held by themselves and other moderators as needed. One person might make a mistake, but if five people agree on something, it is less likely to be a mistake. If someone disagrees, it is important that they express their reasoning and let their peers come to a conclusion whether something needs to change or not. Many of the /r/Bitcoin moderators, both past and present luckily are able and do voice their opinions even if it's not in line with the current rules.

Being the top moderator on Reddit gives one the power to control everything in the given community, but in my opinion that power should be used very rarely. Ideally, the top moderator of the subreddit would perhaps only step in if the other moderators are acting against the community and need to be removed. This could mitigate the use of moderation to push one's agenda - if the top moderator doesn't actively moderate, they can't change much to suit their agenda. Other moderators know that if they usurp the community, they will be removed. Thus some balance of power could be reached for the betterment of the community, provided the top moderator could be trusted.

Anonymous discussions


At times the moderators might need to discuss some matter anonymously. Perhaps it would be an issue of removing a certain mod or other controversial topic. Unfortunately, Reddit doesn't leave many options for anonymizing one's conversations while still being certain you're talking with the same group of people. However, here is a simple solution to this problem:

Every moderator would create a random account. They would message someone saying they are a mod, but not reveal their original identity. That person would gather the list of all accounts that messaged them and present the list to the moderation group. Everyone would then acknowledge that the account they created is indeed on that list (without disclosing which account it is). If everyone acknowledges their account being present and the numbers match, you have a list of anonymous account that can be used to discuss anything without worrying about negative repercussions to your other account.

Mod removals


Having the anonymous discussions, it becomes much easier to discuss the removal of fellow moderators in an objective manner. You might want to call someone out on some actions they have taken or their general behaviour and see how other mods feel about the situation without becoming "that guy".

One of the responsibilities for the head mod would be to make sure the proper mods are removed (in case say, they are the second most senior mod that nobody else can remove). But perhaps the biggest mark of greatness for the top mod would be recognising if the community and other mods would not want them to continue at their position and step down like a true Roman Dictator, having put the power in the hands of the next worthy person chosen by the community and the moderators.

Community oversight


Another topic I've heard mentioned a few times comes in the form of insight into moderation logs. While those could probably be disclosed fully, they rarely tell the whole story - a good deal of moderation happens over modmail, which sometimes needs to remain private. It might be good practice to perhaps appoint a few representatives of the community to oversee the moderation process without being full moderators themselves. They would have insight into modmail and moderation logs, but shouldn't be acting as a full moderator. This could reassure some people that the mods aren't conspiring against someone or some company in particular, and it would also provide a good pool of candidates to pick from in case the moderation pool needs to be expanded.

Talking with the community


Communication with the community is important. Whether it's announcing policy changes or just having a general talk once a month, it might be useful to reach out to the community and hear what they have to say. This could boost the community's confidence in the moderators, help address some issues early on and hopefully make the relationships between mods and redditors better than what it sometimes becomes.

Conclusions


Those are some of my thoughts on how moderation in Reddit as a whole could be improved, or at least how I would try to improve it given the chance.

2016-11-07

OneCoin round 2 - it's all about the "family" and merchants

The saga of OneCoin continues. We've talked about the issues they might be running into with using big numbers for their currency, how market cap or coin supply is essentially meaningless, and now let's analyse the actual OneLife Mastermind Bangkok Event.

What was the event about?


Looking at the three hour long video of the event, there is a lot to cover. All of it strikes an uncanny resemblance to a Multilevel Marketing event:


We have a lot of pomp, a lot of hype, bragging, talking about how everyone is forming a giant "family" and asking them to start buying and peddling the newest product - merchant applications. There is a lot of small pieces of information here and there on how they envision their system working, and a lot of it raises red flags.

The event certainly packed a lot of showmanship - live musical performances, important sounding speakers and so on. I've been to a few cryptocurrency conferences already, and they are completely different - you hear a lot about the technology, new developments, etc., and there is a lot less cult of personality.

Merchant program


One of the more important but overlooked parts of the event was the news about OneCoin's new merchant program. There are two new packages being sold - one for $1000 that comes with one whitelabel application, and a $5500 one that comes with seven applications. OneCoin expects its members to purchase those applications and sign up merchants, giving them those applications. Their goal is to reach one million merchants in the coming years. With the merchant adoption, the coin is supposed to gain liquidity and value.

Why should the merchants join? To gain access to OneCoin's "family" and the network, and they incur no cost for the first year. The coin should be "very stable" and merchants "should prefer it to PayPal, Visa, Mastercard".

So yes, the merchant program is as they say "free", and by free, they mean it costs $1000 to the person that signs up the merchant. So the marketing and on-boarding the merchants falls on the coin users that also get to pay for the privilege. But at least you will finally have some place to spend your OneCoins, right?

Well, not quite. The merchants will be able to specify how many OneCoins they will be accepting. They can choose to accept, say, 20% of the payment in OneCoin and 80% from the user's Credit Card (conveniently connected to the account already). This implies that OneCoin doesn't even do the most basic thing that every Bitcoin payment processor does - sell the coins for the merchant and pay them in fiat.

So let's compare that to say, BitPay, one of Bitcoin's oldest payment processors. It allows you to sign up for free, it's free to use for some small volume transactions, or it costs the merchant 1% otherwise. You can accept Bitcoin for 100% of the purchase and you get all of your money in whatever form you want - BTC, wire, etc. For OneCoin, you need to have someone else pay $1000 for the application, sign you up, then you specify how much OneCoins you will be accepting for every transaction, then you have to figure out how to cash those out (without a real exchange yet), and you might be charged something after a year of using it.

So yeah, it doesn't look good - more like a barely serviceable product that you want your current members to buy and convince people to use to make their coin accepted somewhere and thus gain value. It's a good MLM strategy, but terrible usability strategy.

Other things


We've already covered the coin doubling event, so there isn't much more to cover in that regard. It's silly, watching people get excited for a 100% increase in coin supply without an increase in coin's value. So instead, here is a list of various pieces of information that were stated thorough the event:

  • There have been 14 million accounts created, with 2.5M active distributors
  • The price of the coin was 50 eurocents, now it is 9 euros, and they aim to get to 25 euros
  • OneCoin is launching some social media website called OneSaito, which will feature Groupon-like discounts. So it's like 2010
  • "To make sure we continue to produce coins, we need tokens, and tokens come from product packages"
  • They want to achieve critical mass in a year's time
  • "We will eventually move to the next stage when what we're doing will become self-evident" - do they mean people will catch on to the MLM structure?
  • "We don't want to create idiots"
  • "Any one of you could've launched Pokemon Go"
  • Whoever maxes out their 35k Euro contribution on the day of the event will have the opportunity to max out another 35k Euro contribution the following day
  • "So guys in Sofia, if you don't switch it on, we'll come for you and kill you, yeah? Always good to motivate the office too..."
  • OneCoin will be going into the remittance business (so they're joining the Bitcoin hype from a few years ago that has already been explored by 19+ companies?)
  • OneCoin will be going public in Q2 2018
  • OneLife has created 350 millionaires in its history. There were 450 diamonds in the event
  • OneCoin is a special network, because it acts "like a family"

Conclusions


OneCoin is quite obviously a MLM pyramid scheme. Quite brilliant actually - instead of peddling products people have to start storing in their garages and try to sell to other people, they are selling a "crypto" currency and telling everyone to buy as much as they can to raise it's value. They have virtually no production costs, therefore every dollar spend is essentially profit. Instead of investing that money into development of some actual products, like exchanges, payment processors, etc., they just get people to buy into the scheme more and more, to promote the coin further to drive the sales.

The most symbolic part of the event came in around 2:35. The speakers talk about celebrating OneCoin's second birthday with a cake, "the largest cake ever" - OneCoinCake. 2x2 meters in diameter. Unfortunately, since there were 11500 people in the audience during the event, "not everyone will get to taste the cake". This is perhaps a good analogy to how OneCoin works - everyone pays for the cake, you make a large cake, and the elites will stuff themselves while everyone else will only get to admire the cake from afar...

Related links:

2016-10-11

Big numbers don't mean big money

Last week we discussed problems with using really big numbers in cryptocurrencies. This week I'd like to talk about misconceptions surrounding cryptocurrencies with big coin supply as well as inflation in cryptocurrencies.

Coin supply is a joke


Both this and the previous article were inspired by the OneLife Mastermind event, during which the people on stage were gushing about how many coins their system will have and can mine.

"The new blockchain will mine 50'000 coins per minute. [...] I think we are mining about 2'000'000'000 coins now."

In their previous event, they've stated

"Biggest coin out there is Ripplecoin [sic], with 100 billion coins[sic]", and OneCoin will increase its number of coins to 120 Billion to be bigger than Ripple.  

Focusing on the amount of coins you are mining or the coin supply is a joke. It's like praising Zimbabwe for producing 100T dollar notes, or the post WW1 Germany for having so much money you can build toy houses with them.

Market cap is deceptive


A lot of people rely on the market cap to determine which coin is the most valuable and worthwhile. Just have a look at CoinMarketCap. At the moment we have Bitcoin leading the market cap of about $10B, followed by Ripple at $1.2B.

Right at position number 2, we have an issue calculating the market cap - Ripple's available supply is listed at 35B XRP, although its total supply is shy of 100B XRP. If we calculated the market cap blindly, we should take the total supply and multiply it by the current price (0.0035 USD/XRP), which would net us $3.6B, rather than $1.2B.

The market cap is a poor metric for a coin with a highly-centralised supply. As Peter Todd jokingly put it - just mine a large amount of coins, sell a few of them at a high price and you've got a huge market cap.

It would be really hard to create some metric that can measure how valuable a cryptocurrency network is - market cap can be inflated, volume can be faked or hidden, you can't ever know how much of the coin supply is held by a handful of people with a million addresses, etc.

Inflation is not growth


In the past I've seen some deceptive advertising for a proof of stake coin that claimed it was a savings currency. They justified it by essentially saying - "buy our coin, then you can stake it and earn X% per year with it". While on surface it might appear so - if I start with 100 coins and at the end of the year I get 110 coins, then I'm 10 coins richer, right?

That works only on paper. If the market cap for the cryptocurrency remained unchanged and everyone got their 10% more coins, then you're right where you started - you own the exact same percentage of the economy as you used to. The inflation ate your earnings.

In economics, there is an important distinction between nominal and real interest rates. If I take a loan at 5% (nominal) interest rate, but the inflation is at 3%, then I effectively only pay a 2% (real) interest rate on the loan. Each year the principal of my loan has lower and lower purchasing power even if the number remains steady. The same is true for proof of stake inflationary coins - you're not earning anything with them, unless the pace of your earnings is faster than the overall inflation of the network.

A coin will only net you revenue if its equivalent of "real GDP" increases:


If you're not ahead, you're losing money


In an inflationary currency, if your supply of coins is growing slower than the average coin supply, you are essentially losing money. Earning 5% interest in a currency with 10% inflation means you are losing 5% on your investment in an ideal economy. In a real-life scenario, the markets would most likely be swayed a lot more by the speculation on the coin and whatever hype it can muster.

This point usually has low impact on most coins, but it seems to be exemplified with OneCoin's splits and tokens, assuming we would treat the coin as a real cryptocurrency and not a scam. In OneCoin, you can buy different packages that each come with a different amount of tokens and splits. If you buy the cheapest package for 110 EURO you get 1000 tokens and one split, but if you decide to spend 27'500 EURO, you get 300'000 tokens and three splits. This means that not only do you get about 20% discount on tokens when buying them in bulk, buy you can also split them more times (which I'm guessing would give you more mining tokens or something, I'm not sure). Because of this, if you're buying anything shy of the top-tier package, you're already falling behind. I guess that's why you can find a lot of "strategies" for buying the tokens everywhere...

Same goes for the doubling event, wherein everyone's coins got doubled (since 100% inflation equates to 100% growth or something...). If you missed that event, your purchases are only worth 50% of what they would've been before that event in proportion to the entire market. You can't ever catch up.

If you're late, you're paying the early adopters


Unless we're talking about cryptocurrencies with a flexible supply denominated in fiat, anyone adopting late is essentially paying the early adopters. In some cases, that's pretty justifiable - when Bitcoin was still fresh and nobody knew if it had staying power, you needed a lot of people to devote their time and energy into developing the infrastructure everyone relies on today.

However, if you look at something like OneCoin that relies heavily on hype and even pays you in a pyramid-like structure for referrals, you have to be really weary when buying into it.

This is why a lot of people in the crypto world despise premining and fast maturing coins - a few people hold a lot of coins and they get to reap the bulk of the money from anyone buying into the network. When the jig is up, they can cash out and it's the late adopters that get to hold the bags.

If OneCoin was an honest coin, I can see some people getting rich if and when the coin starts getting publicly traded and people can start dumping their coins. As it is now, it is likely that everyone with the coins will be holding the bags while the people behind the coin will be the one with the money.

Conclusions


Coin supply does not matter, market caps can be deceiving, nominal growth does not matter - only real growth, don't buy into scams.

2016-10-03

Problems with big numbers in crypto - how Bitcoin dodged a bullet

Recently, the infamous OneCoin made news once more in the Bitcoin circles after their OneLife mastermind stream. One of the more interesting things mentioned was the previously announced blockchain reset, coin doubling and increase in coin generation speed. This is supposed to mean that OneCoin is getting more valuable, but once again, that's not how blockchain works - big numbers don't mean big money. But let's start from the beginning.

Bitcoin coin cap


As everyone knows by now, Bitcoin has a coin cap of around 21'000'000 coins. Each coin can be broken down into 100'000'000 satoshis, and that number can be further sub-divided in the future should the need arise. So for practical needs, Bitcoin has a final supply, and a nigh-infinite divisibility, as opposed to fiat currencies that are often nigh-infinite in supply, but finitely divisible.

The hidden genius of Bitcoin is very subtle when it comes to its coin cap and its precision that a lot of coin developers often miss entirely.

Sure, Bitcoin might not have a mathematically beautiful block reward (say, a power of 2 that halves every four years so that we can get a beautifully round number in the end), but it's still easy for programmers to work with. In financial computer science, precision is everything. A balance of $3.50 would not be represented in a database as a floating point number - those are imprecise. It would be an integer number, like 350 cents, or 35'000 hundredth of a cent if you need to get more precise. This makes sure that you can add, subtract and multiply those numbers all day long and you will always be right down to a penny.

Same goes for Bitcoin. Every transaction specifies exactly how many satoshis to transfer and to whom. The number is encoded in a 64 bit unsigned integer, meaning it can precisely express numbers between 0 and 2^64 (18'446'744'073'709'551'615). Even if you take all of the bitcoins that will ever exist and subdivide them into satoshis, you will get a number smaller than 2^51, meaning no matter how many coins you move back and forth, you will never lose precision or overflow the system. Moreover, the numbers can also be represented precisely with double-precision floating points (which has a precision of 2^52 for a fraction).

Other coins and their supply


Other coins have often toyed with different block reward schedules and thus different amount of coins.

Ripple is perhaps the most popular coin with a high coin supply, capping off at 100B XRP even. Their coins subdivide into 6 decimal places rather than 8 - this gives them an upper bound of under 2^57 units (if they instead went for 8 decimal places, they would be under 2^64 and wouldn't fit into signed integers). So they are fine in that regard, but they start to run into a problem when trying to express the units as floating points - they are only precise up to 2^52, or about 15 significant digits.

Same story with Dogecoin - currently sitting at 106B units with 8 decimal place precision, which is enough to start breaking the JSON API developers use. Bytecoin, sitting at 181B coins barely fits into 64 bit integers and FedoraCoin, the coin with the highest listed coin supply on CoinMarketCap breaks that limit with 438B coin supply, needing at least 66 bits to be fully represented.

OneCoin


So where does OneCoin sit in all of this? Lets assume they are like Bitcoin with 8 decimal places (and not just some made-up numbers in a spreadsheet...). They currently boast having 2B coins and mining 2.19B coins per month, giving us less than 2^58 - too big for doubles, but still manageable for ints. In about 85 months of mining, their coin supply will reach 185B and cross over 2^64. That is a long after they plan on "going public with their coin" in Q2 2018, whatever that would mean.

Conclusions


When designing a cryptocurrency, there are many hidden pitfals one has to keep in mind and try to avoid. One might be tempted to create a currency with large numbers to give off an illusion of value where there is none. However, for practical reasons, you want to keep the numbers in your system within a reasonable range so the developers working with your coin won't have to deal with numbers too big to represent.

OneCoin might still be in the clear, at least as clear as Dogecoin is, but one more "blockchain restart" coupled with increased mining speed and they will be soon crossing the computer science boundary, at least assuming the system is legitimate to begin with.

Next up - why big numbers don't mean big money...

2016-09-29

DECENT - a torrent blockchain presale

Recently, I was contacted by a fellow Bitcoiner and informed about some possible shady goings-on on the DECENT platform. Reportedly, the platform has raised 5352BTC (3.2M USD equivalent) in its token presale, but the product appears to be on some shaky grounds. Lets have a look at what we can find out about the platform, the presale and have a look at whether there is something shady going on...

The Whitepaper


Any self-respecting blockchain project styles itself after Bitcoin and releases a whitepaper early on. Decent is no exception (#liberateyourself on every page...).

The paper starts with criticising Bitcoin for BOTH its low transaction throughput, and its large blocksize. Wouldn't it be nice if one could have a higher transaction throughput with a lower data footprint? Unless you start pruning old data, it won't happen. But that's apparently "some childhood diseases" Bitcoin has.

"Unfortunately, in spite of more than 6 years of its existence [Bitcoin] did not reach a position it could have attained mainly due to the imperfections in its architecture and design."

In comes Decent. Saving freedom of speech, solving the issue of authors having to figure out how to monetise their content, drive traffic to their sites, deal with Amazon's pay cut, etc. You can use it to publish "any text, picture, video or music content" (and even software) and "no third parties can control or influence the content".

The platform is characterised by being:
  • Independent - owned by the users and "will never be affiliated with any economic, media, or political party"
  • Borderless
  • Stable - not dependent on any single server
  • Fair - everyone starts at the same level and build up their reputation
  • Profitable - users can buy content directly from the authors and there is no cut taken by Decent
  • Spam Free - content publishing is expensive for spammers
  • Secure & Anonymous - authors can publish the content anonymously
  • Recommendations-enabled - readers that purchased the content can embed their feedback into the blockchain


While describing how the protocol works, we also learn that the application will be using the bittorent protocol with a distributed tracker to distribute its content. The torrent is downloaded by the "publishers" that charge a fee for storage and bandwidth. For encrypted content, the decryption keys are also distributed to the publishers.

Upon hearing what kind of content the platform will support, the cynic in me instantly reached two conclusions - a lot of the content, especially the movies and music, will be pirated like on current torrent websites, and a lot of the software content will contain malware. I somehow doubt I will be proven wrong...

So all in all, it looks like the system will use a blockchain to keep track of who paid for what content, while the actual content will be distributed over torrents. All in all, it looks like a poor man's version of MaidSafe or Storj, also somewhat similar to the Alexandria project. While those platforms focused on creating their own storage solutions paired with the blockchain, Decent appears to just mash Bitcoin and torrent technologies and produce something that's less than a sum of its parts.

A somewhat more usable solution would just focus on augmenting the torrent architecture without burdening it with a proprietary blockchain. You could use Factom or Ethereum to publish the magnet links, have some proof-of-payment solution to request the torrent data for paid content, or even just rely on donations from people that consume your content. Building one's own blockchain just to manage new tokens proves once again, a solution looking for a problem.


The token presale


Like a lot of projects in the crypto space, Decent is raising money through a token presale. To buy the tokens, you need to register an account on Decent's portal and pay bitcoins into a provided address. The tokens are distributed into the account and will later be available for withdrawal on the network proper. At the moment there doesn't appear to be an option of transferring the balance between accounts, so one is unlikely to be able to trade or sell the tokens before the network goes live.

Since it looks like Decent is handling all of the balances and not acting as a client-side wallet provider like Blockchain.info (that is, Decent probably handles all of the balances themselves), this can get really hairy for them from the regulators' perspective. Were they located in the USA, I would stay away from the service after what happened to Ripple Labs. Since the service does not seem to gather KYC information, it might be in a legal grey zone. Not being able to send the tokens around might actually be a benefit for the company - the token appears as a less of a security this way.

At any rate, the gathered bitcoins end up in 2-of-3 escrow with Coinbase. The three people responsible for handling the funds are:

  • Matej Michalko, the founder and director of Decent. Also, a co-founder of five different Bitcoin conferences (I suppose that is a new, fancy term for "organizer" nowadays), and a co-founder of two other crypto-related companies
  • Tibor Tarabek, reported to be the "Founder of Microsoft Slovakia", although his LinkedIn profile lists him only as a General Manager in years 1995-2000 (and also a "General Manager" of some "bitcoin, s.r.o." company between years 1992-1994, 16 years before Bitcoin was released!)
  • Vasylchenko Alexander, former director of Mycelium in years 2012-2014


It is a bit strange that the founder of Decent is a co-signer of the escrow if you want to show that you can deliver on the project's promises. Find a few reputable Bitcoin people and use them for the entire escrow to show the release of funds is unbiased. Currently, all you need is one of the two extra people to co-conspire and you have full access to the 3.2M USD. While I might not know the reputation of mr Tarabek in the Slovakian Bitcoin space, his apparent lack of involvement with Bitcoin-related projects doesn't speak well to his ability to objectively judge a project like this.

Lastly, storing token presale funds in Coinbase, a company known for helping US authorities shut down torrent-related websites, doesn't bode well for the security of the funds. No KYC, token presales and US don't mix well...

All in all, I'm very dubious about how well the presale is handled. While it's not completely shady, I would not be surprised if the tokens get released before the project is finished or worse. To anyone that has purchased the tokens so far - hope for the best, prepare for the worst.

The Team


All in all, what makes or breaks a project is often the team. Let's look at who the Decent team is compromised of...

The Founders consist of:

  • Matej Boda, who seems to be rather fresh out of university without much prior experience
  • Matej Michalko, the aforementioned co-founder of a lot of crypto-related projects. He appears to be business-focused
  • Wayman Kwan, a venture capitalist
So mostly business-focused founders. Let's look at the developers in the team:


  • Josef Sevcik, with background in Business Administration, Informatics and telecommunication
  • Bohdan Skriabin, a cryptographer still studying at a university
  • Lubos Novotný, an UX / designer
  • Stanislav Cherviakov, "a tech expert with a mathematical background" with experience in fintech, etc.
  • Vladimir Dubinin, a mathematician with a computer science degree
  • Anatoly Ressin, a programmer

And a lot of other advisers, ambassadors, etc. All in all, the development team is a bit mixed, having a few people that appear to have a lot of relevant experience, and some that are just starting out. The company also appears to be looking for a senior developer and a junior developer, both with a negotiable compensation payable in "other".

It looks like there are about 13 people making up the company proper. That can give the company a pretty high burn rate before any technical prototypes have been developed, but the costs may be rather low if the majority of the team is located in Slovakia.

Codebase


So far, Decent doesn't appear to be publicly owning up to any publicly available repositories on their website. However, the bitcoiner that prompted me to investigate the company pointed me in a direction of a github repository posted by Josef Sevcik, one of the developers on the Decent Team. It looks like a possible prototype of the Decent platform. The codebase appears to be based on Peershares with a small amount of changes (a few file diffs: 1, 2, 3).

Basing the codebase on proof-of-stakes based currency informs a lot of new things about the project that haven't really been mentioned on the project's website - the initial allocation of tokens (how much is being kept by the company and developers) can be really important when it comes to earning block rewards for example.

Conclusions


All in all, the Decent looks like an underwhelming solution looking for a problem. It is very unlikely the platform will solve all of the problems it sets out to fix - nobody will want to switch over to a new platform, use a new currency to get a glorified paywall. Focus on presaling the tokens doesn't seem to be improving the solution, as is often the case. Raising 3.2M USD before anyone has seen a prototype of the platform is similarly ludicrous. The tokens have little to no value during the presale - you can't trade them for speculation, you will only be able to use them once the platform launches, and there doesn't appear to be any special use for the tokens in the final system other than paying for things. I somehow doubt the platform will have 3.2M USD worth of content on it for years to come, so pre-purchasing a token now to be able to pay a movie for a few dollars or a blog article for a few cents a year down the line sounds like an awful proposition.

The escrow holing the coins doesn't appear to be following the industry's standards. It is not completely shady, but it could inspire more confidence.

The team behind the project looks fine - no "blockchain rockstar" stands out, but it seems to have everything needed. It is good that the company advertises its contact information, including physical addresses.

From the rumours I heard from a few fellow bitcoiners closer to the project, the company seems to be aggressively pushing for its presale with just a forked open source repo to back it up.

So in conclusion, the project doesn't look like it can live up to its own hype. The approach is rather naive, even if it can be fully realised. I see no reason to back it financially, and for anyone that has - I would like to know why? The token can't be traded, sold, speculated on until the project launches, which makes it a rather risky proposition.

The Bitcoin Bullshit List

Your Crypto Idea Will Not Work

Your post advocates a new:
(x) Altcoin
(x) Wallet
(x) Distributed data storage

Your idea will not work.  Here is why it won't work.

(x) Your target audience is too small to support the project
(x) There is already a product on the market that does exactly what you’re doing, but ( ) faster / (x) cheaper / (x) better / (x) is more established / ( ) ______________
(x) Your project will not be compliant with the current (x) KYC / ( ) AML / ( ) gambling / (x) DMCA regulations
(x) Your solution is worse than general-purpose computing hardware / software
(x) Your presale tokens have no economic value

Specifically, your plan fails to account for:
(x) The existing regulations
(x) Public reluctance to accept weird new forms of money
(x) The known security exploits of the existing Internet services
(x) The human factor
(x) The problem of distinguishing between a human and a bot

and the following philosophical objections may also apply:
(x) Nobody likes DRM
(x) Ideas similar to yours are easy to come up with, yet none have ever been shown practical
(x) Feel-good measures do nothing to solve the problem
(x) I don’t trust YOU with the money

Furthermore, this is what I think about you:
(x) Sorry dude, but I don't think it would work.


Bitcoin Bullshit Tier


You are advertising a new Bitcoin / crypto related project. Based on the information provided, you have reached the Bullshit Tier of 3 for the following reasons:

Bitcoin Bullshit Tier 1 - marketing babble, technology misunderstanding
(x) “Blockchain”
(x) “As good as / better than Bitcoin”

Bitcoin Bullshit Tier 2 - willful misinformation, bait and switch
(x) Claiming your project can accomplish something hard without a clear explanation of how to do so

Bitcoin Bullshit Tier 3 - Many red flags
(x) Token IPO