2015-10-14

Liquid - when sidechains say "fuck it"

We had big news in the Bitcoin world - Blockstream, the company that has been working on sidechains for awhile has announced they will be launching their first sidechain called Liquid. The announcement is all over CoinDesk, BitcoinMagazine, IHB and others. Unfortunately, when you look closer, what is being proposed is not really fulfilling the promise of sidechains...

What is Liquid?


Liquid is a settlement system for Bitcoin exchanges. It allows one to "[reduce] the time in which bitcoin-denominated funds can be transferred between accounts at these institutions" [1] and "allowing partner exchanges to move funds between order books without the need to transfer funds on the bitcoin blockchain" [1] for "an undisclosed monthly subscription fee" [1]. This will be accomplished by "[finding] partner exchanges transferring funds to a shared multi-signature wallet address, with a Byzantine round robin consensus protocol used to process transactions"[1]. The network will be run by known exchanges, essentially boiling down to a permissioned blockchain. The block signers will be running on proprietary hardware to prevent "tampering with the block signers when they are up and running [, further minimizing trust].".

What are sidechains?


Even more so than "blockchain", "sidechain" is a bit of a nebulous term. Blockstream, who are pretty much the main developers in this space have defined the term in their whitepaper as

"A sidechain is a blockchain that validates data from other blockchains"

This opens it up to interpretation as to what is and isn't a blockchain. Is Bitcoin a sidechain since it contains Factom blockchain data? Is Counterparty a sidechain since you can trade BTC on it? Is Ripple a sidechain since we have services like BitStamp and SnapSwap being Bitcoin gateways onto the system?

I personally expand the term to "a blockchain with a distributed two-way pegged currency from other blockchains" (a quick refresher on centralized, decentralized and distributed definitions). Generally, it should be a system that is not rely on a handful of centralized gateway / bridges to move value back and forth between the networks, but a more protocol-level way of achieving deposits and withdrawals.

Having a one-way peg is dead easy - we've done proof-of-burn years back. Two-way peg, unfortunately, requires a soft fork in the Bitcoin protocol, or an entirely new system to be built from grounds-up.

Liquid is not innovative


Looking at what has been said about Liquid - it's not an innovative technology. It can be boiled down to:
  • Funds are deposited in a multisig address controlled by multiple exchanges [2]
  • Transfers between the exchanges happen when multiple exchanges sign off on the transaction in a mechanism similar to green addresses [2]
  • Transfers require no confirmations because the network won't sign a double-spend against itself

The technology is nothing new - we've had multisig since 2012, and even frigging MtGox used a green address in 2011.

I'm also not yet sure whether Liquid provides some cryptographic receipts for deposits. If they don't - the network isn't entirely gox-proof. You may have proof-of-liquidity (balance in the multisig address), but you'd be lacking proof-of-liabilities - exchange clients or counterparties being able to prove who is owed how much in case the servers blow up due to incompetent PHP programming. Having a pile of bitcoins and a mob of people is not enough to know who is owed how much.

If Liquid has proof-of-liabilities or some other form of cryptographic receipts, that is great! It means they can be compared to Open TransactionsVoting Pools idea from 2014.

Now, to be fair - you don't need to be innovative to be useful, just be honest about it. What Liquid is, I wouldn't classify as a sidechain, but it can still bring a lot of value to their customers. That being said...

Liquid is not enough


Do I believe being able to speed up BTC transfers between exchanges is a useful thing? Yes. However, do you know what is the biggest pain point in Bitcoin exchanges and arbitrage? The fiat part. I'll be able to save an hour or two on my Bitcoin deposits to lock in a trade at a good exchange on another continent, but then I'll have to wait a few days for my fiat to move around so I can arbitrage in the other direction, great. Well, maybe pairing this with something like Tether would be good enough...

Other points


A few last points that don't fit anywhere before I wrap up:
  • Proprietary hardware requirement - if someone told me that to run some system that takes care of my coins I would have to use their proprietary hardware, that's where the conversation would end. I understand, you want the system to be hardened against attacks, but that's exactly why you need heterogeneous network - if everyone has the same hardware and software, you can take down the entire network with the same exploit. Not to mention, proprietary hardware doesn't fit well with "trust but verify" model of Bitcoin.
  • Obfuscated balances and trade data - cool feature, as long as it doesn't interfere with proof-of-liabilities

Conclusions


Liquid looks like a very interesting project, but it's not the sidechains we are looking for. I guess it's a fair compromise between not being able to do anything because one needs a soft fork to implement the full vision and launching a whole altcoin just to have sidechains properly implemented. I guess you can only wait so long for things to improve before you say "fuck it" and create something between where we're now and where you're aiming to be in the future.


[1] - http://www.coindesk.com/blockstream-commercial-sidechain-bitcoin-exchanges/
[2] - https://www.reddit.com/r/Bitcoin/comments/3ok8ga/blockstream_announces_liquid_bitcoins_first/cvydu7r

EDIT:


I heard rumours about the proprietary hardware used for Liquid being secured by thermite that would destroy the hardware if it was tampered with. Reportedly, the hardware would have to be picked up in person as well. While I can't find a reference for those statements, if they were true it would make the situation even weirder (perhaps making it quite problematic for companies to get a hold of those outside of the country they would be produced in - try bringing such highly flammable package onto a plane...).

Related discussions:



4 comments:

  1. Very Cool! Always cutting to the quick, eh?

    ReplyDelete
    Replies
    1. There is no point in dancing around the issue. Good ideas and projects will get stronger by withstanding criticism, bad ones will crumble fast ;).

      Delete
  2. Liquid, from a technology perspective is essential elements alpha (technically our next update to it); which has been available as free and open source software for months; there is no great mystery to the underlying technology and youanalyze it, and use it yourself.

    > Transfers between the exchanges happen when multiple exchanges sign off on the transaction in a mechanism similar to green addresses

    It's not that similar to green address; it's more similar to voting pools-- which were something that I suggested to fellowtraveler on IRC in ~2011, but which no one (until us) actually went and implemented and put into operation, AFAIK.

    We extensively considered using a green address like approach but it has severe flaws. The obvious construction has exchanges passing around unconfirmed coins with a 'trusted' countersigner. But a strongly trusted countersigner is mostly fallacy (or if not, just have them hold the coins...); though that countersigner could be replaced with a federation of the coin owners themselves. But even with that approach the idea has broken security: Malleability makes long unconfirmed chains unstable in practice, and even with all the power of BIP62 fixes, the inherent malleability of re-signing means that parties in the chain can abort the chain. Even ignoring the security problems, this process also creates incredible blockchain bloat unless you also implement transaction cut-through (see my BCT post) which is complex and further delays settlement... and can't offer things like anti-frontrunning value privacy.


    We've been working on a very deep malleability improvement called segregated witness that we now think we can bring to Bitcoin that would make the greenaddress multihop settlement approach more secure; but I believe the other advantages of Liquid will still leave it more attractive.



    ReplyDelete