2016-06-27

A retrospective on one hundred posts

Last week marked a 100th post I have posted on this blog since about 2.5 years I've been blogging somewhat regularly. Today I would like to take a look back and do a bit of a retrospective on some things posted and an overall state of the blog.

General thoughts


Like most people, I get a lot of ideas on various subjects all of the time. Some are so-so, while others merit more contemplation. This is one of the reasons why I started writing this blog - to be able to formulate my thoughts, put them down somewhere and to be able to reference them later as needed - during online conversations, or when writing out other ideas.

It has really been a useful tool for me over the years - before I started writing the blog I would discuss some interesting ideas I had either without writing them down, or in random places over the Internet where I couldn't easily find them afterwards. This would usually mean I couldn't go into that much depth and the thoughts were more ephemeral.

A few months ago I was looking for some post on my blog and I stumbled upon the post about volatile currencies I have completely forgotten about at that point. It's perhaps not the most relevant or best written post out there, but it still contains an interesting idea nugget that might be a useful reference in the future. If I relied only on my memory, it would be gone.

With that in mind, lets look at some popular or interesting posts I have written over the years that you might've missed.

Top ten


Here are the ten most popular posts from this blog, based on the number of views:

  1. On the subject of altcoins - do altcoins have any merit to exist?
  2. On /r/Bitcoin moderation - three years in review - /r/Bitcoin moderation
  3. Deniable proof of Satoshi - talking about Craig Wright's claim to being Satoshi and how future claims should be handled
  4. Liquid - when sidechains say "fuck it" - pondering the Liquid network
  5. Bitcoin historical rallies, halvenings and bubbles - talking about my experience with past bubbles
  6. Why fast maturing altcoins are doomed to fail, or why $30 dollars a day is not enough to secure Quarkcoin - discussing Quarkcoin and its reward schedule
  7. A killer feature for wallets and exchanges - an idea about how exchanges could help grow the value of Bitcoin
  8. How to kill a currency - how could one go about destroying a cryptocurrency
  9. Crypto 2.0 systems - comparing various Crypto 2.0 systems
  10. Mining versus Consensus algorithms in Crypto 2.0 systems - the consensus algorithm and its impacts on a cryptocurrency

Generally, not a bad cross-section of the blog - talking about Crypto 2.0s a number of times, criticising some projects that have some objectionable features, talking about some ideas I still wait to be implemented, etc. Some information is starting to get a bit outdated (I would've expanded the good list to include projects like Ethereum), but overall I can't complain.

Other good posts


The above posts got the most views. However, there are some other posts that I'm proud of. Maybe they got unlucky when they got posted, or the ideas presented are rather niche, but they might be still worth checking out:


Conclusions


Thank you everyone for sticking with me for the one hundred posts. If you find your mind similarly teeming with ideas, my advise to you would be to put them to writing. You may never know when your past self will surprise you with interesting thoughts that would otherwise flee.

2016-06-20

Perfection or bust - the rise and fall of The DAO

Full disclosure - I own some ether and I have put some of it into The DAO presale. I don't think it coloured my view of the situation, but I feel it's better to be open about such things.

The DAO has made a lot of waves recently. First - last month when it became the largest crowdfunding project in history, at one point surpassing Star Citizen's 116M USD (although it might be partially due to ETH exchange rate fluctuations). Second time - earlier this week when the DAO was hacked. So lets start from the beginning and have a look at the rise and fall of The DAO.

DAOs, in general


DAO, or Decentralised Autonomous Organisations have been a fairly nebulous concept in the crypto space for awhile. They basically are computer programs that run as an organisation, using its code as law. They can hold digital assets and money that can be spend on various projects, services and other digital assets.

Some have proposed to use DAOs to create a rudimentary self-sustaining decentralised organisations. Such programs would actually use their resources to hire people to improve them. I've heard this concept described first during the 2013's Money2020 Ripple conference, and I would consider BitShares to be one of the first self-sustaining DAOs.

Of course, with the current level of cryptocurrency technology, the DAOs are very limited in scope. They can't be as sophisticated as modern AI running on supercomputers, and since code isn't lawfully binding - the various DAOs have to rely on humans to interface with the outside world.

In theory, DAOs could create a lot new jobs. As @aantonop put it though:

TheDAO will create many jobs. First for people like me who have to explain what the hell it is.

The DAO


The DAO (holding a very generic "temporary name", which it probably won't escape from), created by Christoph Jentzsch, the founder of Slock.it, was set out to be one of such self-sustaining DAOs. It was set up to be a quasi-venture-capitalist-fund. As with many token crowdsales, it was skirting the borders of the law - allowing anyone to invest, not doing any KYC, promising "benefits to the DAO Token Holders", without outright selling securities.

The project had support from a number of high-profile members of the Ethereum Foundation

The DAO started operations by selling its tokens for ETH. The promise was that later the ETH would be used to fund various projects and try to extract value from those projects to the DAO itself. The DAO also had a mechanism to upgrade itself to newer versions of the code. The entire process of both spending money and code upgrade would be governed by the token holders voting. Every vote would be proportional to the amount of tokens held.

By the end of the crowdsale, The DAO has raised 8.26M ETH, more than 10% of the total coin supply.

In theory, The DAO could've been a very strong player in the crypto space. Even if it would spend 10% of its funds just funding early stages companies, it could give out 100k USD to 100 different companies and probably have great ROI by the end.

However, there was a bug in the code...

The exploit


Around 2016-06-17, news broke that The DAO's balance was being drained. Quickly there was a call to all exchanges to stop trading the tokens and Ethers while the situation is being resolved.

As it turns out, The DAO had a small bug in it (discussion, technical overview). They managed to make a recursive call to a function and use that exploit to start draining The DAO of its ETH. Before the attack stopped, 3.6M ETH was extracted, worth about 50M USD give or take 20M due to wild price fluctuations.

The attack stopped around the time Vitalik released a blog post about how Ethereum will be handling the exploit. In the end it was decided that Ethereum will not roll back, instead creating a soft fork preventing the drained ETHs from being spent. The coins would also apparently be reimbursed and everyone that put their money into The DAO would be getting it back.

The following day, we actually got a statement from "The Attacker" about the issue, claiming that the draining of ETH was legal and in accordance to The DAO's rules ("code is law", therefore any execution of the code is always as intended). The Attacker also threatens legal action against any attempt to freeze the drained ETH. If such a case ever made it into a court, it would probably be the most important precedent for the future of decentralised organisations as a whole. Only time will tell where the story goes.

Other criticism


If The DAO has not been taken down by this exploit, it is entirely possible we might've seen a lot of other problems crop up in the future. Here are just some of the possible issues and other ideas that would need to be considered.

Setting a precedent for Ethereum. The way Ethereum handles this exploit may affect how similar future problems would have to be addressed. If they go through with the blacklisting, they might be required by law or asked by the community to do the same in the future for a lot of other things. This can open up a big can of worms. However, if they don't, then they might scare off any other similar projects from using the platform, along with some of their users. Damned if you do, damned if you don't.

Voter apathy. If The DAO would have a large amount of users sitting idly on their tokens rather than voting with their money, the software might have problems reaching the needed quorum to do anything. Apparently in Bitshares, only about 10% of stakeholders participate in voting. Perhaps switching to a Delegated Voting model might help alleviate the issue.

Unexplored legal area. The DAO seems to have aimed to exist in an unexplored legal area. It operates like a security or a venture fund without doing the due diligence. It technically cannot be sued, but people that put money into it might face legal repercussions. All in all, it probably would give any lawyer and government official a headache to try framing it in the existing rule of law.

Lack of KYC. While a lot of people in the crypto community want the government and regulations as far from their projects as possible, some oversight might deter attackers. If every investor in The DAO would be vetted by KYC first, and if only vetted individuals could hold the tokens, anyone attacking The DAO would have to be prepared to get sued and criminally charged for their actions. Right now the best we've got is to try tracing the ETHs they owned back to an exchange and possibly investigate some Ethreum / DAO short calls someone might have set up before the attack (similarly to the idea of "terrorist insider trading").

Rushed deployment. After The DAO has been released, there have been some concerns from people that the code should've been tested and vetted more to iron out any bugs. A code that holds so much money is a gold-filled pinata for any and every hacker that might try to break it 24/7. Some attack vectors have been published before the attack (description and mitigation). Since the contract is vulnerable right after it's released, rushing a release is not wise.

Any bug needs to be fixed immediately. With a smart contract running on a decentralised network, it is vulnerable to exploits all the time. Any new bug that is found needs to be fixed right away, especially if it is described publicly. With more centralised software, you can at least shut everything down until the bug is fixed, but such luxury would be harder to implement in a DAO.

One mistake and your money is gone. While this one applies to most cryptocurrencies, it also bears mentioning - any bug in the code that breaks the smart contract that holds actual money (in this case, ETH) can cost you everything. If you deploy such a piece of code and send money to it, it is gone and you won't be able to get it back.

There are no rollbacks with real coins. While any contract that issues and deals only in its own tokens can be rolled back to any point in time with a patched contract, the matter is not as simple when we're dealing with actual coins (in this case, ETH). As the native coins exist outside of the contract's controls, using such contracts to manage the coins is more dangerous than just dealing in tokens.

Putting all eggs in one basket. A contract holding over 100M USD is a disaster waiting to happen. At the very least some of that money should've been put in some deep cold storage until it is needed. Enter into some legally binding contract with 50 people if you need to to provide some multisig and keep the funds safe. It's like putting all of your coins into a hot wallet - you shouldn't do that.

Paradox of presales. Even if The DAO would function correctly, it might be a hard value proposition, similar to most other ITOs (Initial Token Offering). Unless you are an actual security / fund and building projects that funnel their earnings into the organisation, the projects that benefit The DAO holders rather than Ethereum as a whole might be inferior to the general use case. There is a lot that the Ethereum platform and anything on it could benefit from, but tying them into one smart contract might defeat the purpose. Since many DAOs want to avoid being labelled as a security, we might just get some weird projects in the end.

Relation to other projects


A few people have started comparing this bug to a few other things in the cryptocurrency space. Perhaps it is important to have a look at them and figure out how similar they are.

In the early days of Bitcoin, in mid-2010, someone found a way to create 184'467'440'737.09551616 BTC (almost 10k times more coins than would ever exist) out of thin air in a so called "Value overflow incident". The bug was fixed and the network was rolled back. The bug is similar - use an unexpected way the code works to get access to more tokens than one should be able to. However, this situation is different as it breaks the core functionality of the entire network, rather than a sub-part of it that is not governed by the protocol. Rolling back the network to before the bug was introduced is entirely justified - it is something that shouldn't have happened. With The DAO, the situation is a bit different - the core network functioned as intended, it is the final product that was at fault.

Another incident similar to this was the fall of MtGox allegedly caused by Transaction Malleability, and the attack on JustCoin with Ripple's Partial Payment Flag. In both cases, the software creators did not anticipate an obscure network behaviour that lead to their downfall. In neither cases did the network got rolled back - it functioned as intended, and to my knowledge neither of those companies got bailed out for the bugs in their code. This would probably be the closest analogy.

The decision to bail the contract out and refund the drained ETH might be either seen as the Ethereum Foundation trying to mitigate the damage to the network's reputation, or it might be due to many of the Foundation members lending their credibility to the project itself. One way or the other, I doubt we would see many similar DAOs in the future with such lineup of big name supporters to mitigate any similar damage in the future.

What is also worth noting is that because of Bitcoin's success, a lot of the cryptocurrency projects may "suffer" from an accelerated growth. There have been many incidents in the earlier days of Bitcoin of people losing their money and it wasn't that big of a deal - the coins were worth only so much. However, with networks such as Ethereum being worth a billion dollars less than a year after release, you have similar high profile bugs, but the coins themselves are worth a lot more a lot quicker. Perhaps we should try stalling the gold rush until a project has been vetted by early adopters hammering out all of the kinks and best practices? It's probably not going to happen unfortunately...

Lastly, if the Tau developers want to brag about how their platform is / will be much better than Ethereum since such bugs can't happen there, it is your time to prove yourself - deliver us your implementation of The DAO in a language of your choice so we can pick it apart and see if it breaks.

Conclusions


The DAO has been an interesting ride. It allowed the ETH to double in value and crash back down. A project of this scope if executed correctly would certainly be a game changer for any cryptocurrency network. Unfortunately, as many have made this joke before, it seems The DAO was DOA (dead on arrival). With DAOs, it's perfection or bust.

Spells of Genesis card for The DAO, reading
"Holding so much energy, the Colossus is able to withstand all threats"...

How Bitcoiners see the situation

2016-06-13

Bitcoin historical rallies, halvenings and bubbles

As of the time of writing, we are less than 4'000 blocks / one month away from Bitcoin's second halvening (the 4-year block reward halving period). We are also in the middle of a price rally, rising from about 400 USD/BTC and currently going through the 650 USD/BTC price. This seems like a good a time as any to talk about some of my past experiences with Bitcoin rallies, bubbles, and the last halvening.



The First Bitcoin Bubble - mid-2011


I joined the Bitcoin community during the rally for the First Bitcoin Bubble (or at least the first one everyone heard about). It is the little, insignificant blip on the chart above, but at the time it was the wild, uncharted territory. The price reached a staggering 30 USD/BTC (and as far as I remember, 40 USD/BTC equivalent on Bitomat). A lot of people, myself included, were getting into the Bitcoin mining fever, projecting to make astonishing amounts of money with their computers and GPUs. However, the bubble burst, MtGox got hacked and the future of Bitcoin was uncertain. Nothing like this has ever happened before, so we didn't know if the currency could recover from such a bubble, or was it all over. By November, bitcoins were trading for about 2.25 USD/BTC.

The 2012 Halvening


As it turns out, Bitcoin didn't die. The next year started a bit anaemic, at around 5 USD/BTC. The mining difficulty has died down after the mining fever and it looked like the price of $5 was a solid bottom where the miners would be earning about as much as they put in. The first halvening was a looming event, but we wouldn't see it until the end of that year. Early in the year I thought to myself that since $5 is a rather solid price for the miners to make a bit of money, after the halvening we should see the price be at least $10. Turns out I was right - after the event, which was rather uneventful, we did see the price in the teens. Good enough reason to go out and have a small Bitcoin party everyone seemed to have been organising for the occasion.

The Cyprus Bubble - early 2013


The early 2013 started strong - Bitcoin was growing rapidly from 25 USD/BTC to the high of over 250 USD/BTC. Some of it was driven by the starting ASIC hardware race, but I think the biggest event that contributed to the price was the Cyprus financial crisis and the bank deposit seizures / bail-ins. The bubble burst when MtGox halted its trading due to not being able to handle the market volumes. The price went down to under 60 USD/BTC as people were desperate to get rid of their BTC by any means necessary.

The China Bubble - late 2013


2013 saw not one, but two big bubbles. After Bitcoin was declared dead once more in October after Silk Road was shut down (after all, allegedly only drug traffickers use bitcoin!), Bitcoin started to show it can stand on its own and shed all of the bad press.

Around the same time Bitcoin was also heavily featured in the Money 2020 event with companies like Coinbase, BitPay and Blockchain representing (funny enough, this is what I saw at my hotel :) ).

However, despite those events being a definite boost to Bitcoin's price, it seems that the majority of the rally was done by people in China. Everyone seemed ecstatic about the price rally, posting pictures of moon landing after we reached 1000 USD/BTC, putting forward motions to switch from BTC to mBTC as a default denomination, etc. It was fun all around.



The rally ended similarly after Bitcoin was allegedly banned from Chinese banks. The price declined with some fluctuations, reaching a bottom of about 220 USD/BTC in February of 2014.

The fall of MtGox


MtGox was a mixed bag in Bitcoin's history. early on, it was the biggest exchange, they were even generous enough to bail out Bitomat after it lost its private keys. Heck, they even published an ad for Bitcoin in G8 Conference Magazine:

MtGox Bitcoin ad

However, after a few hacks and general incompetency, MtGox became a joke. Due to problems withdrawing fiat for awhile, the price on MtGox was consistently 10-15% higher than other exchanges (as everyone needed BTC to cash out). When Bitcoin withdrawals were shut down, someone set up a market for trading real BTC for MtGox BTC, since the site still allowed internal coin transfers. The price was going down below the market as the withdrawals stopped but the trading continued. Eventually, the exchange was shut down in early 2014 when Bitcoin was at its lowest since the last year's bubble.

The current situation


Currently, we seem to be in a middle of a next rally in preparation for the halvening. We started the year above 400 USD/BTC, and if the last halvening is to be believed, we should end it at at least 800 USD/BTC. However, it feels like a lot of people are rooting for a new all-time high. Well, only time will tell - Bitcoin is a honey badger, it does whatever it wants.

Useful links