Code, Law, and the Nature of Consensus
/On cryptonetworks, is code law, or is it all social consensus? The answer is yes. Let's explore why.
Read MoreOn cryptonetworks, is code law, or is it all social consensus? The answer is yes. Let's explore why.
Read MoreBen and Anthony have a chat about what it means for a node to be a "full node," especially the differences between fast sync nodes and fully validating nodes in Ethereum.
Read MoreThis week, I was joined on a livestream by Andrew Bull, ESQ., to discuss the SEC settlement with the founder of EtherDelta. Andrew is the CEO and Founder of Bull Blockchain Law, Philadelphia’s first crypto centric law firm. We attacked this question from both a technical and regulatory perspective, and I learned a lot.
Here were my top take-aways from the discussion:
The SEC exists for consumer protection and views each case from the perspective of the end user, not the developer or entrepreneur.
How you describe and promote something you create— whether it’s a token, an exchange, or something similar— will have a big impact on how it’s classified and regulated by the SEC.
A developer who created the interface for interacting with a decentralized protocol, even if they didn’t create or own the protocol itself, can still be culpable if they promote that interface to consumers. For example, someone that created and hosted a website for interacting with the EtherDelta smart contracts might still be charged with running an unregistered exchange.
The SEC and other regulatory bodies make themselves available! If you’re building something and there’s regulatory uncertainty, you can get in contact with them.
While code is classified as speech, there are limits even to our First Amendment rights, and these have not yet been tested in the judiciary with regards to decentralized systems. A developer shouldn’t assume that they’re not culpable for code they write, publish, and promote just because they didn’t deploy it or host it themselves.
The conversation is packed with other insights— I highly recommend giving it a full listen. For more from Andrew, follow him on Twitter @andrewbull1988.
It’s been more than a week since the initial disclosure of CVE-2018-17144. In that time, more details have been filled in, including the fact that the bug could not only crash clients, it could also create inflation— and that the bug was discovered and responsibly reported by a developer working on the “Unlimited” Bitcoin Cash client.
There has also been much discussion in the crypto world about the nature of this bug and what lessons we should takeaway from it. This article will detail my biggest takeaways, looking at it primarily from a technical perspective.
At the beginning of August, it was revealed that Bitcoin Core developer Corey Fields had discovered and disclosed a chain split but in Bitcoin Cash. In his write up detailing that incident, Corey had this to say:
Working through this bug, which certainly had the potential for catastrophe, has reaffirmed my belief that the threat of software bugs is severely underestimated in the cryptocurrency world. I’m presenting a detailed report of this incident… as a wake-up call to companies who have not adequately prepared for this type of scenario.
This seems especially prescient in light of this latest vulnerability, and I fear many people are still failing to account for the risk. I’ve seen many folks on Twitter say things like “bugs can always be fixed” or “whats the big deal— it wasn’t even exploited.” We should make no mistake: Bitcoin dodged a bullet.
A couple of months ago, Naval Ravikant set off an uproar amongst Bitcoiners for saying that incentives for Bitcoin developers are out of whack. Rather than discussing a very good point, most seized on the use of the economic term “free-rider” to imply, incorrectly, that Naval was criticizing all Bitcoin “hodlers”.
When some in the community did get around to addressing Naval’s actual point, most insisted that Bitcoin did not have a developer problem, that the contributions of passionate experts are sufficient, and that no conversation around how to fund additional eyes on the code was needed. I tweeted about this earlier in the week.
1/ A couple months ago @naval caused a shitstorm by suggesting developer incentives in Bitcoin might be a bit out of whack. (Side note: how was this only 2 months ago-- feels like 2 years!)https://t.co/T75Hrm9LQL
— Ben DiFrancesco (@BenDiFrancesco) September 25, 2018
The commit that introduced this vulnerability was made by a single developer and merged after a cursory review by only one other. This, despite the fact the change was to a critical section of the code dealing with transaction validation. It subsequently remained in the code for a eighteen months before being discovered by someone working for a different project.
For a project with a $100 Billion market cap, which aims to make itself a store of value for people’s wealth, and on which many of us are resting our hopes for a more decentralized monetary future, this is simply unacceptable. I’m not saying I have the answers for how to solve this problem, but we damn well better acknowledge there is a problem, here!
Bitcoin Core is far and away the most widely used client software on the Bitcoin network, with over 95% of all nodes running it. Other networks have much more diverse topologies, such as Ethereum, which has multiple widely used clients built in different languages and by different teams.
There is a downside to heterogeneous networks, most critically that a consensus difference between two or more clients could lead to a chain split. This vulnerability lends credence to those who argue the benefits to multiple clients is worth this risk.
Heterogeneity arguably saved the Ethereum blockchain back during the 2016 DoS wars ( https://t.co/3p9oQXpUcI ); what stopped geth did not stop parity and vice versa, so the network was online all the way through.
— Vitalik Non-giver of Ether (@VitalikButerin) September 23, 2018
Had the bug been exploited, virtually all clients on the Bitcoin network would have been affected. Only those still running very outdated versions of the software would have been safe. A heterogeneous network would be more robust to these sorts of vulnerabilities, and arguably might result in their discovery sooner as well.
There’s no real new information here, just a dramatic demonstration of the reality. When this bug was discovered, the Bitcoin Core developers reached out to the operators of a handful of mining pools. Once some were patched, it was “safe” to reveal the full nature of the bug, despite the fact that 85% full nodes (like my own!) had not yet been patched.
Running a full node is still a good idea for one’s own security— you don’t have to trust anyone to carry out transactions. And it does impute some measure of greater decentralization to have more full nodes in operation. At the end of the day, though, those in control of the hash rate have an outsized control on consensus, and at the moment, that means just a handful of pool operators.
Something that should create some cognitive dissonance for those of us who care about decentralization: the fact the hash rate is relatively centralized actually made patching this issue easier.
What are the odds that someone inside a government agency, be it the NSA, or an equivalent agency in China or Russia, knew about this vulnerability before it was discovered and patched? I’d say they’re relatively high. If I headed up one of those agencies, I would certainly have a team reviewing the code of Bitcoin and other major cryptocurrencies, looking for exactly these types of weaknesses.
Why? Because that would be my job! Bitcoin, and other networks, have become too important on the international stage not to warrant attention from such agencies. And make no mistake, while these agencies are bureaucratic, they still employ and provide resources to brilliant people who, working in small teams, can accomplish incredible feats.
If, or more likely, when a major nationstate decides to become hostile to crypto, things could get…messy
Glen Weyl is a researcher at Microsoft and the co-author of “Radical Markets: Uprooting Capitalism and Democracy for a Just Society” (Link). He also recently co-authored a paper with Vitalik Buterin and Zoë Hitzig. Earlier this week the Philly Blockchain Tech meetup, which I help co-organize, was lucky enough to have him as a guest!
In this post, I’ll share some thoughts on Glen’s proposals. In particular I want to touch on what I like about them (“The Good”), where I’m more skeptical (“The Bad”), and why I think they mesh well with the ethos of the emerging crypto culture (“The Blockchain”). If you’re not familiar with Glen or his ideas, check out the recording of his talk at Philly Blockchain.
To put it simply, Glen and his co-author are thinking big. These are not run of the mill calls for narrow reforms or slight tweaks to our existing systems. The proposals laid out in “Radical Markets” are, well, radical.
If nothing else, then, the book is valuable because it demands you imagine a world that is profoundly different from the status quo. It is “mind expanding” in that it forces you to reconsider your baseline assumptions, many of which you won’t realize you’re making until they’re illuminated.
The book is also refreshingly non-partisan, existing outside the bounds of the tired right-left battle lines drawn in our increasingly unbearable political sphere. No doubt, someone out there will try to force the ideas into one camp or the other, but an honest reader recognizes they are orthogonal to the trite, tribal arguments that have become typical.
As one example, how many authors have you read recognize the moral imperative for allowing broader migration, while also acknowledging the benefits of migration generally accrue to the wealthy and to the migrants— at the expense of the working class in the host nation?
Rather than descend into name calling or moralizing on this divisive issue, Glen and his co-author suggest an alternative system, wherein all members of society might benefit from migration. The citizen-sponsorship program for which they advocate struck me as perhaps the most workable of the book’s proposals.
That said, I also appreciated that Glen and his co-author “swung for the fences” rather than limit the book’s ideas to those which seem politically feasible.
This leads to the simplest— but also least interesting— criticism of the ideas in “Radical Markets”, namely that they’re impractical. I say this criticism is uninteresting not because it’s wrong, but instead because it’s right, and Glen and his co-author know it. They acknowledge the ideas need to be tried in small scale experiments, and that much advocacy would be required before any broader adoption.
A slightly more interesting criticism of these ideas is that they’re too optimistic about the extent to which “mechanism design” can be employed to create or shape markets. While Glen and his co-author are in no way proposing a centrally planned system, there is still a whiff of the central planner’s hubris in the idea that more efficient markets can be designed, and better outcomes can be engineered.
As a Software Engineer, I’ve learned this the hard way. When rearchitecting even a simple system, one is often surprised by the second order effects of seemingly small changes. What’s true for software is even more so for society— there may be unseen reasons for so-called inefficiencies, and we may be surprised by the repercussions of trying to “design” them away.
One final piece of criticism I have is directed specifically at the idea of using Harberger taxes for personal property.
I asked Glen at the Philly Blockchain event if we might be missing a moral component to purely private property. Might there be some inalienable right— whatever exactly that means— to own outright the fruits of one’s labor? Is it morally wrong to, say, force an elderly widow to sell her house of 50 years— even if you’re compensating her fairly for it?
Glen’s answer to this question was that companies might spring up to provide services to handle such cases. For example, a company might cover taxes on a high valuation in exchange for inheritance rights to the property, thus decreasing the likelihood a widow would be forced to sell if she didn’t want to. This answer is reasonable, but perhaps misses the deeper point.
What excites me most about the ideas in “Radical Markets” is their possible application to decentralized crypto-networks. Unlike our existing economic and political structures, we’re building the world of the blockchain from the ground up. It’s a great opportunity to question assumptions and experiment with new ways of doing things.
While I may be skeptical of applying Harberger taxes to property, for example, they could be a great fit for “ownership” of digital namespaces.
As we build new kinds of decentralized organizations coordinated by blockchain based interaction, Quadratic Voting may prove a useful mechanism for governance.
Blockchain enabled products could recognize “data labor” and compensate users for it— the Brave Browser and the Basic Attention Token may be a harbinger of this.
The possibilities are endless and exciting. Furthermore, such experimentation in the context of crypto-networks could help prove these ideas out, making them more viable for application in more traditional settings.
Even more fundamentally, I think the core premise of “Radical Markets” fits well with the spirit of the blockchain community. Glen and his co-author are clearly concerned about the increasing concentration of power found in the modern world. The impulse to find ways to diffuse that power aligns well with the ethos of decentralization which underpins crypto. I’m excited to see where these ideas might go.
This past summer, I was a guest on the QuantLayer podcast talking about software development and the broader crypto ecosystem. I really enjoyed the discussion and hope you will too!
Something I noticed when I went back and reviewed the transcript: Two of the things we opined about at the time have been partially addressed in only 2 months.
The lack of recurring subscriptions for decentralized services is now being developed under EIP-1337.
I complained about MetaMask’s UX, which has since gotten a major overall that makes it much better (though still far from ready for mainstream adoption).
Amazing to see how fast things move. Where will be in two years, let alone two more months? Buckle up!
Yesterday, I had the pleasure of attending Coinvention, a blockchain conference in my hometown of Philadelphia. I was honored to moderate a panel and to share the day with a host of interesting speakers and attendees. Congrats to the organizers for putting on a successful event!
Something that continually struck me about the conference was the wide range of backgrounds and perspectives found amongst both the speakers and the attendees. There were technical talks on ownable assets in video games, a panel of legal experts led by Kevin Werbach, a "crypto comic" who told something approximating jokes, and everything in between.
The hallway track was equally diverse. On the one hand, I spent 30 minutes with an excited team who wanted to show me their DApp. They'd just published it to the Ropsten test network, and we dove into the technical details of their smart contracts. I also saw a guy wearing a light-up Bitcoin hat with a Dash tattoo on his forearm, and at the vendor booths, I passed on the opportunity to try a "Bitcoin Energy Drink" called Liquid Assets.
Why is it the crypto space seems to attract such a variety of characters?
At the after party, I sipped a beer and posed this question to the group of folks I happened to be chatting with. "Well," said one of the other attendees, "It's 1993 and this is an 'internet' conference."
Right.
If this technology is going to be half as important as some of us think it is, the whole idea of a "blockchain" or "crypto" conference may seem silly in a 5-10 years. We should expect it to attract a wide variety of people, because it has the potential to impact every crevice of the economy.
Still, there's much work to be done until then. In the meantime, it was nice to share the day with the quixotic cast of fellow enthusiasts and early adopters. Onward!
Today, the Ethereum Core Dev team held a meeting to discuss lowering the block reward given to Ethereum miners. The primary motivations for this seem to be:
To their credit, the team invited a number of miners of varying sizes and scales to give their input on the various proposals on the table. One such person was Xin Xu, who represented a large, China-based mining operation. He made this point [1:20:07]:
I want to point out...it’s more of a network security level. I posted a link before in the chat about crypto51.app, which is a website that helps you to calculate how much it costs to actually, do a, do a 51% attack to the network. For Ethereum, it’s not that much. However, why is there no one attacking the Ethereum network?
I think from my perspective, or our study as a whole team, is there isn’t any hashrate you can use in the market to attack the Ethereum network…. So, like there are a lot of people [saying] on the internet, “What if we cut the issuance? How much hashrate will go out?” However, at least to me, it’s not like if you’re going to cut [the block reward from] 3 to 2, only 1/3rd of the hashrate will go out, or maybe we’ll cut the Ethereum network’s security to 2/3rd.
It’s more like now we have 100 soldiers, and that’s all the soldiers we have in the world. But if we cut 40 of them out, then it’s not about if the enemy or the bad people have enough soldiers to attack us. Because before they had 0. Now they have 40.
They have the chance, once they have the capital, they always have the choice to hire those soldiers, or those hash rate, to attack, then. So my major point is, the Ethereum network has been secure or safe to now. It’s not because attacking Ethereum costs too much, it’s simply because now all the hashrates are on the Ethereum network, and no one has extra hashrate to attack it. So even if you have enough money, it’s not going to happen.
The issue he brings up is rather interesting. Essentially, he's arguing that attacking the Ethereum network is difficult today primarily because the world is hardware constrained. There literally aren't enough GPUs for you to buy, or hire, to achieve the hash rate needed to attack.
Thus, when considering the security effect of forcing some percentage of miners off the network, one can't simply look at the hash rate reduction. One also has to consider that a bunch of GPUs suddenly become available for attack that weren't before.
I'd take this a step further and point out that new GPUs will continue to be manufactured. If these are no longer profitable for mining, they won't be bought up for mining, and will become less expensive and more widely available. This makes it significantly easier and cheaper for a would-be attacker to acquire the hardware that would actually be needed to attack the network.
In short, Xin Xu is making the case that considering security to be equivalent to the hash rate is naive. The network hash rate must be put in context of the global supply of GPUs and other mining hardware, and that supply is itself effected by the issuance rate.
To my surprise, no one engaged Xin Xu on his point. In fact, the very next person to speak was Carl L., who had this to say [1:22:14]:
The point I wanted to make was that, going forward, I think we can sort of concern ourselves with the current hashrate and the current miners and their running efficiency. In order to….you know, do we need additional hashrate? Like are we talking about wanting to continue to grow the hashrate? Is that desirable?
In my mind, that’s absolutely not desirable. And in that case, looking at the kind of equipment cost, we want to be discouraging that equipment, that investment in new equipment. And one way to do that is to, you know, to lower the block reward, and that you know, worsens the economic argument for that investment.
In case it wasn't crystal-clear that discouraging investment in mining was an explicit goal, Tim Coulter had this to say [1:25:28].
If people are continuing to invest in mining, then I completely agree that we should de-incentivize that.
As I've said before, I'm rooting for the Ethereum Foundation to achieve it's goal and bring a secure, truly decentralized PoS network into the world, even though I remain skeptical.
While we wait for PoS to materialize, it seems prudent to tread carefully with regards to network security. I was disappointed today that no one engaged Xin Xu on this discussion of the second-order effects a reward reduction might have on hardware availability, and thus network security.
This post will outline an issue with the aspiration to move the Ethereum network to full Proof-of-Stake. Vlad Zamfir currently leads one team researching that effort, which is known as Casper "Correct By Construction", or CBC. Previously, a hybrid PoS system called Casper FFG had been planned-- this issue does not apply to such a system. To the extent new plans for a "beacon chain" involve a full PoS system, this issue might apply to said chain. (The technical details of that effort are still unclear to me, so I hesitate to make any pronouncements).
It's worth noting at the outset that it's entirely possible the point laid out in this post has indeed been made before and discussed, perhaps on the boards of ethresear.ch, for example. If it has, then I'll be happy to have someone point me toward that discussion. I've been unable to find it.
Simply stated, the "free hard fork" problem is the "nothing at stake" problem moved up to the level of pre-planned, possibly-contentious hard forks.
Casper CBC aims to solve the nothing at stake issue by slashing validator deposits for bad behavior. To greatly simplify a complex, work-in-progress protocol, the network will take funds from validators who vote on multiple chains. The goal is-- at a minimum-- to recreate the incentive structure of Proof-of-Work.
For the sake of this discussion, let's assume the CBC, or some other research effort, is successful in developing an algorithm that is secure, decentralized, and replicates the incentive structure of PoW within the network.
The issue is, tautologically, the network can only punish you for activity on the network. In a pre-planned hard fork, node software can be programmed to begin validating multiple chains that are invisible to each other at a given block height. The network parameters can simply be changed.
This is important. It means to execute a possibly contentious hard-fork, you don't have to convince miners to dedicate scarce resources (hardware & electricity) to your fork instead of the consensus chain. You need-only to convince validators to run software that will validate your chain in-addition to the consensus chain.
And why shouldn't they? There is no marginal cost to do so. Even if the fork ends up worth a small fraction of the main chain, this is "found money" to the validators.
Stated another way, when a PoW chain hard forks, it is (nearly) guaranteed that one chain will be significantly less secure than the other. In a post-PoS world, you can hard fork and end up with two chains which are equally as secure as the original.
Have we fully considered what that might mean for the ecosystem? Might we be headed down a path that results in a proliferation of Ethereum forks?
In the next section, I'll enumerate some objections to this point and respond to them.
Validators won't bother to install and run specific software for hard forks
They probably won't bother to run any old software that purports to create a fork, true. But if a moderately prominent developer or company in the ecosystem decided to hard fork, my guess is a very sizable percentage would. Again, why not? This is found money for very minimal effort.
A parallel can be seen in Dogecoin, which is merge mined with Litecoin. Litecoin miners happily run software that mines both, because they can do so for free. I doubt many care about Dogecoin. But why not take free money?
No one in the ecosystem with any credibility will attempt a contentious hard fork
This is incredibly naive and obviously wrong. In fact, not only is it inevitable that multiple hard forks will eventually be attempted due to pure community disagreement, the ability to hard fork for free also brings up some interesting legal and moral questions.
One example: in a world where it's shown hard forks can be executed with shallow consensus, might Parity have a fiduciary duty to create and champion a hard fork that unlocks customer funds lost in their multi-sig wallet fiasco? Many customers had significant amounts of money lost. If executing a fork can result in even a small percentage of that value being returned, ought they not try to do it?
Validators won't support contentious hard forks because it would hurt the ecosystem, devaluing their investment
This is a silly argument which is clearly false from a game-theoretic perspective. If it were true, Proof-of-Stake would already work in a fully decentralized way, and we wouldn't need efforts like CBC in the first place.
Validators will only run the software the Ethereum Foundation approves
If this is true, then the detractors who claim Ethereum is centralized because of the Foundation's outsized influence are right. We might as well shut the thing down and just let the Ethereum Foundation run some servers for us. It will certainly scale better.
We can find a way to punish validators who vote on other networks
There are a few things that you might mean by this, so let's take them one at a time:
1. A centralized oracle controlled by [some group] will report dishonest validators
Seriously? Just get out!
2. A decentralized oracle, something like an Augur market, will report dishonest validators
Well, I guess this is theoretically possible, but boy, we're adding whole new layers of complexity to the game theory involved-- let alone the technical challenges.
3. We'll use [magic cryptography] to punish validators when they vote on other networks
The idea here would be some form of cryptographic mechanism which would force the validator to reveal some information on the non-consensus chain that could be used by a self interested party on the main-chain to claim a chunk of the validator's stake.
I'm not aware of any mechanism that could accomplish this, but I admit to being far enough out of my league on advanced cryptography to know it's definitely impossible. zkSnarks still feels like magic to me, so maybe it can be done.
OK let's assume you're right. Who cares? Is having lots of forks actually a problem?
This is a good question. I don't know, and the truth is nobody does. It'd be an experiment in game theory at a grand scale, thats for sure.
My instinct tells me that if you make it much easier for a community to fracture, then it will probably fracture. A lot.
Protestantism might be an odd-but-interesting historical analog. Because it made it theologically painless to create a new church, a single splinter off the Roman Catholic Church has subsequently self-divided into 30,000+ unique denominations.
Do we care if that happens? What happens to Ethereum(s) in that case, in a world where Bitcoin and other cryptonetworks also exist?
So...what? I'm not sure. Am I missing something obvious that makes this a non-issue? Maybe! Has this issue been discussed and resolved by folks smarter than me already? Possibly!
Do we just proceed full steam with PoS, recognizing this limitation but hoping it turns out not to matter too much? Well, maybe...but that sure makes me nervous.
I don't have a profound conclusion here. Basically...¯\_(ツ)_/¯
The goal of this guide is set up a Bitcoin Node that is useful for tinkering with as a developer. If you complete this guide successfully, you'll have a node that is in sync with the network, contains the full history of the Bitcoin blockchain, and is fully validating all transactions.
You'll also be able to communicate with your node via simple JSON-RPC calls. This means you can interact with the Bitcoin Network at large without relying on any trusted third party. As a simple example of what can be done with this, we'll run an open source block-explorer, providing you with a trustless interface to view activity on the network.
Because this guide is for developers, it assumes you're comfortable doing developery things, such as running Linux, using bash, and executing Python scripts. We will not utilize the Bitcoin QT GUI to set up our wallet-- in fact none of the steps in this guide will assume a GUI at all.
Where more in-depth usage of some other tech is an out of scope pre-requisite, I'll provide links to useful guides as appropriate for those portions. If you're looking to run a full node as a standard user, check out the guide on bitcoin.org.
There are a few hardware and software requirements, as enumerated below:
I run my node with fast residential broadband on a 6 year old desktop PC. It has an Athlon FX processor, 4 GB of RAM, and slow 250 GB spinning disk. It runs like champ! The Bitcoin Core team's focus on making it possible for anyone to run a node truly has paid off.
The Bitcoin network follows a protocol for communication and consensus. While several clients for this protocol exist, the "canonical" and most widely used version is referred to as Bitcoin Core.
To install Bitcoin Core on Ubuntu, you have a few choices:
apt
from the Bitcoin Personal Package Archive (PPA)Each method has its tradeoffs. In this guide, we'll opt for using apt
and the PPA, because it's the simplest and easiest way, and makes upgrading to new versions of the software easy as well. One downside is it requires trusting the software that comes from the PPA which could, for example, be compromised by an attacker. Please evaluate these tradeoffs yourself and choose the method thats best for you.
If you're just using your node for development and tinkering and want to proceed with option #3, simply run the following commands and follow the associated prompts:
sudo apt-add-repository ppa:bitcoin/bitcoin
sudo apt-get update
sudo apt-get install bitcoind
When these commands are complete successfully, run bitcoind -version
. You should see some output showing the version of the bitcoind software you're using.
You've now got the latest software needed to run a node, but you're missing 10+ years of the network's history. Remember, this is a full node! That means it stores and validates the full history of the blockchain, starting from the very first block mined by Satoshi himself. That history will need to be downloaded.
Unfortunately, this process takes a while and requires about 150 GB of disk space as of today. On my reasonably fast residential internet, I was able to download the full blockchain in about 4 days. Your mileage may vary based on your connection and geography.
Run the following command:
bitcoind -daemon -txindex=1
This runs the bitcoind
process in the background with transaction indexing on. You may also want to start this process automatically on every reboot as well. You can do this by running: crontab -e
and adding the following line:
@reboot bitcoind -daemon
Note that we didn't add the txindex
option to the crontab. Later in this guide we'll put this option in a config file instead, which is a better way to set options for your node.
When the node software starts for the first time, it creates ~/.bitcoin/
. Let's navigate there now and poke around:
cd ~/.bitcoin/
ls
You'll notice a number of files and directories have been created. We'll examine just a few of these now. First, run tail -f debug.log
. You'll notice a series of log messages that look something like this:
2018-08-10 17:22:15 UpdateTip: new best=00000000000000000011b735b8fde14db39704c446dd2b1ae4b8db198c255e0d
height=536128 version=0x20000000 log2_work=89.424049 tx=333938835
date='2018-08-10 17:22:26' progress=1.000000 cache=71.6MiB(529075txo)
(When the node first begins syncing, these may be flying by pretty fast. Hit Ctrl-C to quit tailing the file and examine the messages).
These messages represent blocks being downloaded from the network. The one shown here represents the latest block mined at the time I'm writing this tutorial, but you'll be well behind this. You'll note each message shows a number of parameters, including the hash of the block (best=X
), the block height (height=X
), and a timestamp of when this block was mined (date=X
).
To monitor the progress of the initial download, you can tail this file and look at the historical date you've caught up to. Note that, since most blocks early in the network's history were mostly empty, early blocks will download fast. As you get further along, download times will increase. My node spent a majority of the time downloading blocks from 2017 onwards.
You can also interact with the blockchain using the bitcoin-cli
command line interface. For example, you can run bitcoin-cli stop
to safely shutdown your node, or run bitcoin-cli -getinfo
to get a summary of your node's status:
{
"version": 160000,
"protocolversion": 70015,
"walletversion": 159900,
"balance": 0.00000000,
"blocks": 536128,
"timeoffset": 0,
"connections": 33,
"proxy": "",
"difficulty": 5949437371609.53,
"testnet": false,
"keypoololdest": 1531965982,
"keypoolsize": 1000,
"paytxfee": 0.00000000,
"relayfee": 0.00001000,
"warnings": ""
}
One more small piece of fun. The block data that your node is downloading is stored in binary files in the ~/.bitcoin/blocks/
directory. You won't normally interact with this data directly, but try running this quick command:
head -c 210 ~/.bitcoin/blocks/blk00000.dat && echo '\n'`.
You'll see something like this:
��;���z{�z�,>gv�a���Q2:���K^J)�_I���+|����M��E
The Times 03/Jan/2009 Chancellor on brink of second bailout for banks��
Do you recognize that sentence? If you do, it might send chills down your spine to see it on your machine! If you don't, go Google it and learn why it should.
As mentioned, initial block download is going to take at least a few days. During this phase, the daemon may use a lot of resources. Mine pegged my processor at a consistent 20-30%, utilized over 2 gigs of RAM, and generally made my admittedly old machine slow. Once you're caught up, running the node software has a negligible effect on performance with even a modest machine.
If you've made it this far, bookmark the page and come back in a few days when your node is in sync!
Welcome back! It's time to configure your node to act as a JSON-RPC server, so we can run and write code in our favorite language to interact with it.
Navigate back to the bitcoin directory and create a flat-text file called bitcoin.conf
.
cd ~/.bitcoin/
touch bitcoin.conf
Henceforth, this file will be read when bitcoind
starts and will be used to configure options for your node. There are a number of options you can set, and each of these can also be set at command line as well. To get a sense of the options available to you, run:
bitcoind --help
Open up the bitcoin.conf
file in your favorite text editor and add the following lines:
## Configuration for the Bitcoin Core Daemon
# Accept command line and JSON-RPC commands
server=1
This is a good start, but not sufficient to enable RPC interaction with our node. To do so, we also have to create authentication credentials for the user who will log in.
It used to possible to specify a username and password in flat text in the config file, but this method is clearly insecure and has been deprecated. Instead, we have to provide the username along with the hash value of the password-- in conjunction with a salt used during hashing.
To generate this, use the following commands to download the canonical Python script provided by the Bitcoin Core team and run it with your own username and password.
wget https://raw.githubusercontent.com/bitcoin/bitcoin/master/share/rpcauth/rpcauth.py
python3 rpcauth.py myusername mysecretpassword
Be sure to replace the username and password values with something sane! The script should produce a result like this:
String to be appended to bitcoin.conf:
rpcauth=myusername:d2a45f8bd56a2014461e2f70f6783b56$636211cdbf3f943a887df72d9944be13ae61c03ef43c6d06dd5044debd4fcbd7
Your password:
mysecretpassword
As instructed, add this line to your bitcoin.conf
file, which should now look something like this:
## Configuration for the Bitcoin Core Daemon
# Accept command line and JSON-RPC commands
server=1
# Index all transactions
txindex=1
# Auth Credentials For JSON-RPC server
rpcauth=myusername:d2a45f8bd56a2014461e2f70f6783b56$636211cdbf3f943a887df72d9944be13ae61c03ef43c6d06dd5044debd4fcbd7
Next, restart your node to make sure the configuration changes take effect:
bitcoin-cli stop
bitcoind -daemon
At this point, you're ready to make JSON-RPC requests to your node, as long as they're coming from the node itself. To test this out, try running the following command (note: you may have to install curl
first via apt
).
curl --user myusername --data-binary '{"jsonrpc": "1.0", "id":"curltest", "method": "getinfo", "params": [] }' -H 'content-type: text/plain;' http://127.0.0.1:8332
Be sure to replace myusername
with username you actually created. You'll be prompted for the associated password, and if all worked properly, you should see something like the following:
{
"result": {
"chain": "main",
"blocks": 536148,
"headers": 536148,
"bestblockhash": "00000000000000000028fab7a6b5035e2745fe06ef58d817bb32f35924198f97",
"difficulty": 5949437371609.53,
"mediantime": 1533926692,
"verificationprogress": 0.9999864596463776,
"initialblockdownload": false,
"chainwork": "000000000000000000000000000000000000000002af5dee686cd058c3ec064d",
"size_on_disk": 203955272825,
"pruned": false,
"softforks": ["..."],
"bip9_softforks": { "..." : "" },
"warnings": ""
},
"error": null,
"id": "curltest"
}
If this works, you're ready to start using your full node for building/running an app that interacts with it. To learn more about the full set of API calls available, and various libraries that exist that wrap the API, checkout this reference on bitcoin.org.
By default, your node is configured to only accept JSON-RPC requests from localhost
, i.e. the machine where it runs. This is fine if you'll be developing on the same box the node is on, and you can skip this section.
If you're developing from a different machine, like a Windows or macOS computer, you'll have to use the rpcallowip
option to whitelist IP addresses which are allowed to make calls, and also ensure port 8332 is reachable. (Note that a VM, though running on the same hardware, does in fact have a unique IP).
My local development machine runs macOS, so I can use the ifconfig
to determine my local ip, then whitelist it by adding something like rpcallowip=192.168.0.101
to my config file. Note that you can include this option more than once to whitelist multiple IP addresses.
The specifics of finding your development machine's IP and making port 8332 available on your node are dependent on your platform and network. These are left as an exercise to the reader. Here's an example of what your final bitcoin.conf
might look like.
#### Configuration for the Bitcoin Core Daemon
# Keep my daily upload bandwith around 1 GB
maxuploadtarget=1024 # Note that if your node isn't exposed to the internet on
# Port 8333, you're not feeding data to other nodes and this
# setting won't matter.
# While not required, if you'd like to support the network
# by servering data, make sure your router is configured to
# forward port 8333 to the machine with your.
# Accept command line and JSON-RPC commands
server=1
# Index all transactions
txindex=1
# Auth Credentials For JSON-RPC
rpcauth=myusername:d2a45f8bd56a2014461e2f70f6783b56$636211cdbf3f943a887df72d9944be13ae61c03ef43c6d06dd5044debd4fcbd7
# Whitelist only my Mac's local IP for JSON-RPC calls
rpcallowip=192.168.0.101
With your full node up and running, synced to the network, and configured for use as JSON-RPC server, it's time to run your own local blockchain explorer! We'll use the open source btc-rpc-explorer, created by Dan Janosik.
This explorer is great because it doesn't use a database-- it just needs access to your node, which it interacts with via the RPC interface we just configured.
btc-rpc-explorer
is written in JavaScript using Node.js, so you'll need to have the latest stable version of node and npm installed. If you don't already have these, checkout the instructions for your development platform of choice.
Once Node and npm are ready to go, clone the repo from GitHub and build it with the following commands (which assume a Unix dev environment):
git clone https://github.com/janoside/btc-rpc-explorer.git
cd btc-rpc-explorer
npm install
npm run
Next, open the app/credentials.js
file in your text editor of choice and update the username and password to the values you used during the RPC configuration.
If you're dev box is not the same as your node, you'll also have to update the host
parameter to the IP address of your node. This will likely be a local area network IP, unless your node is hosted outside your LAN. (Note also that your router may assign either you development box or your node a new IP in the future. Look into configuring static local IPs based on MAC addresses in your router's config panel to solve this issue).
With the credentials updated, you're ready to run the explorer. Execute the following command, then visit http://127.0.0.1:3002/ in your browser of choice.
npm start
If all has gone well, you should see something like this:
Congratulations, you now have your very own Bitcoin full node, and a locally sourced, organic block explorer to go with it 🎉. Happy hacking!
Each of us has a unique personality and history that influences the way we perceive the world-- our own set of lenses through which we view reality. It turns out, those lenses can result in dramatically different conceptions of the same phenomenon.
In the crypto world, amongst those who believe this technology to be lasting and important, there seem to be two dominant viewpoints. In this post, we'll elucidate these two lenses, explore what each perspective gets right and wrong, and seek to unify the two if possible.
Many people view blockchain networks as giant, decentralized, global computers. Henceforth, we'll call people who tend toward this perspective "Computerians". (It's a dumb name, but I really don't want to type "people who have this perspective" over and over, so let's go with it).
Computerians tend to be developers and software people. They recognize blockchains as a new place to run their code and store their data. Compared to traditional computers, blockchain computers are wildly inefficient, expensive, and hard to program safely.
Despite this, Computerians are excited to write software for these global computers, and believe this software will change the world. Thats because they recognize a host of new capabilities these computers bestow on software, namely:
To put it succinctly, Computerians believe software is eating the world-- blockchain computers enable them to write new kinds of software and thus devour parts of the world previously thought indigestible.
In contrast to the Computerians, there are a group of people who view blockchain as primarily a monetary innovation. For these folks, "blockchain" is an implementation detail. We'll call them the "Fiscalites."
Fiscalites are more likely to have a background in economics, finance, or political science. They understand that, historically, things that become money-- like shells or precious metals-- have had certain properties, such as:
Looking at cryptocurrencies, Fiscalites recognize them as a revolutionary new form of sound money. Fiscalites tend to be skeptical of fiat money, that is, money issued and controlled by a government. They view centrally controlled, inflationary monetary policy as dubious.
Concisely, Fiscalites see cryptocurrencies as an ascendant new form of global money and the antidote to the questionable modern experiment of fiat currency.
Unsurprisingly, viewing the world through these different lenses leads to different conclusions regarding various matters. Let's examine how each side perceives:
It should be self evident that to a Fiscalite, cryptocurrency is the whole ball game. The underlying blockchain technology is an afterthought. It's the sound money it enables that matters.
A Computerian views cryptocurrencies as a fundamental component of blockchain computers, but not as their singular end. A network's currency underpins the incentive structure that allows it to function in a decentralized manner, and it enables powerful use cases in the form of programmable money. While Computerians recognize the importance of these functions, the currency doesn't conclusively define the utility of the network.
Fiscalites tend to be Bitcoiners. Since Fiscalites are focused on sound money, they see the network effects of Bitcoin as unstoppable. The more people who store their wealth in Bitcoin, the more its value increases, and the more likely others are to use it to store their wealth.
To a Fiscalite, unless a large number of people are willing to store their wealth in a given coin or token, it's useless. Most believe only one asset can accrue such broad social trust. An open minded Fiscalite might be interested in altcoins that improve on the money-ness of cryptocurrencies, such Zcash and Monero, but thats about as far as it goes.
As engineering minded folks, Computerians are more open to new projects which experiment, add features, and explore the blockchain tradeoff-space. As such, many of them are excited about Ethereum, but not exclusively so. They're multicoiners.
Computerians can envision a world where multiple blockchain networks see mainstream adoption, and where technologies like decentralized exchanges and atomic swaps allow users and software to transact seamlessly between them. Many Computerians even envision a world where a multitude of tokens and assets are implemented in code on top of these networks, each providing some narrow utility or incentive structure.
Fiscalites don't want to change the network. Period. If the network can be changed, then theoretically it could be censored, broken, or have its monetary policy altered. This would damage its social credibility as money. For Fiscalites, intractable governance deadlock is a feature, not a bug, and suggesting a change to the network for scaling purposes is like proposing we alter the atomic composition of gold to make it easier to carry around.
Fiscalites want to scale the network on the second layer-- i.e. by leaving the base protocol untouched, but building on top of it, even if that comes with some tradeoffs. A historical analog would be government issued gold notes. They made using "gold" easier, albeit with some tradeoff towards trust. This was acceptable as long as there was an easy way to opt out of that trust by exchanging notes for physical gold.
Computerians see scaling as an engineering problem, and one that must be urgently solved. If blockchain networks are all about creating new kinds of software, then we need lots of people to be able to use that software. These networks need to scale. As such, Computerians don't take an either-or view of scaling when it comes to layer 1 vs. layer 2. Why not both?
Naturally, this means lots of changes to the network. "Fine, let's get to 'em," says the Computerian. Even changing the monetary policy is not off the table in service of making the global computer work better.
As we've seen, Computerians and Fiscalites seem to disagree on quite a lot, despite both being bullish about the overall importance of crypto. The truth is, the two views are complimentary, and each is necessary to keep the other in check.
We are the proverbial blind men, each feeling a different part of the elephant while arguing over its nature. We ought to be triangulating our viewpoints.
My background lends me to a more Computerian disposition. I've come to realize there is much we should learn from our Fiscalite friends.
Computerians ought to take more seriously the history of money, and tread more carefully with regards to network changes as a result. The Ethereum DAO hardfork makes a good example of where this can go awry.
To an engineer, the hardfork felt like fixing a bug-- correcting a piece of software that had not behaved according to its design. In reality, the hardfork was a breach of social trust that damaged the credibility of the Ethereum's decentralized nature. For ETH to be money, this is unnaccetpable. Hopefully, history will view it as a one time event that is forgivable due to the network's nascency.
The Ethereum community also tends to have an unbridled optimism and confidence around fixing problems through engineering. This can be energizing, but it can also border on dangerous naiveté. The push towards Proof-of-Stake, for example, strikes me as more risky than the community admits.
Finally, while Computerians may always remain multicoiners at heart, they should probably recognize that at some point, consolidation to a small handful of networks is not only inevitable, it's desirable. We almost certainly don't need a token for every decentralized app under the sun.
For their part, I think Fiscalites could stand to learn a few things from Computerians as well.
For one, Fiscalites are painfully narrow-minded when it comes to anything other than sound money. In fact, this narrow-mindedness can turn to actual hostility towards those who suggest other use cases for decentralized networks. This is foolhardy, as these other use cases do not preclude cryptocurrency being used as sound money in any way.
Smart contracts are the most obvious example. Fiscalites downplay their importance or outright write them off, as Jimmy Song does in the piece linked below. But an army of tinkerers and builders are flocking to these platforms to see what they can create with the new capabilities they've been granted. Underestimate them at your own risk, but perhaps do a bit of research on the history of personal computers, open source, or the web before you do.
I just published “The Truth about Smart Contracts” https://t.co/L3FbuRnwid
— Jimmy Song (송재준) (@jimmysong) June 11, 2018
Finally, Fiscalites ought to at least consider the idea that multiple crypto-networks can coexist. Perhaps they'll be proven right in the long run and Bitcoin will dominate. Even if so, pretending to know right now, with certainty, that Bitcoin is the only coin that can possibly prosper is beyond presumptuous, it's preposterous. The world is simply too complex.
If these two vantage points are to be reconciled, we must find common ground. The essential point of contact between the two ways of thinking is decentralization. Both sides deeply value the potential for crypto-networks to disintermediate entrenched central powers.
Fiscalites are focused on state-backed central banks who tinker with the economy through top down monetary policy. Computerians are concerned by the giant internet aggregators who increasingly control the web, wielding broad power to promote or censor what is seen. Both are rightly uneasy about deepening concentrations of power in the modern world. Both recognize the immense promise and importance of dispersing it.
This vision of a bottom-up, decentralized world, enabled by crypto-networks, is one worth fighting for. Hopefully, those who share it can be persuaded-- despite their distinct perspectives-- to work together to see it realized.
Note: Build Blockchain Tech may not hold rights to the images used in this post. In such cases, images are reproduced here under the doctrine of fair use.
Augur, the decentralized prediction market built on Ethereum, has been running for two weeks. Since then, the money at stake in the system has grown to $1.5 M, making it one of the highest profile DApp launches to date. In many ways, it is demonstrating the potential decentralized platforms hold. That potential, it turns out, is both good and bad.
Already, so-called "assassination markets" have begun to crop up on Augur. By allowing betting on whether a public figure will die in a given time period, an incentive to murder is created. Hopefully we can agree we don't want that. What's less clear is what we can do about it. Augur is decentralized. Its creators recently disabled their escape hatch, i.e. their kill switch. Even if they had shut it down, someone would surely have launch a version that can't be turned off. So what now?
Happy two weeks! 🎉 Ownership of the escape hatch has been transferred to the 0x000..0001 address.
— Augur (@AugurProject) July 24, 2018
There are a lot of arguments against crypto-- doubts about scaling, misunderstandings around energy use, uninformed claims that it's value-less because it's "not real." These arguments are weak and fall apart under scrutiny.
The situation with Augur cuts to the heart of the one thought that truly makes me doubt my enthusiasm about this technology: what if we're wrong about the benefits of decentralization itself? What if centralized authority is actually critical for civil society, and we're in the process of destroying it?
I've written before how much the crypto community could learn from the lessons of the internet itself. This case is no different.
It's hard to remember now in 2018, but there was a time when many had a near-utopian view of the internet's impact on the world. By connecting all of humanity with a decentralized network, we would end our divisions and enrich each other's lives. Once we could talk with each other across the globe, we would recognize our shared humanity and erase our cultural differences. The end state would be a unified humankind. So the story went.
The reality, which we've only really started to grasp in the last few years, has been close to the opposite. When we can read and watch whatever we want, we choose the content that confirms our biases. When we can talk to whomever we want, we find exactly the community of people we most agree with. Rather than uniting us, the democratization of content and communication has balkanized us. We've opted into our own filter bubbles, and once there, radicalized ourselves in a flurry of self-indulgent groupthink.
The result is the degradation of our politics, the polarization of virtually all discourse, and the rise of ideas that were, even very recently, far on the fringe. Scott Alexander put it succinctly in a recent piece on his blog:
If you spend decades inventing a powerful decentralized network to allow unpopular voices to be heard, sometimes you end up with unpopular voices being heard
If it's true that the decentralizing force of the internet has pushed public discourse to the brink of collapse, then what havoc might yet be wrought by crypto? We're inventing powerful, un-censorable, decentralized networks to allow anyone to transact with anyone anonymously. Should we act surprised when unsavory transactions occur? Murder markets, and a hundred other nauseating trades, may be here to stay. Can society function if they are?
This is the fear that keeps me up at night-- that make me question my involvement in this crazy space. This is the steelman to my optimism around crypto. Yet here I am, still learning and building. Why? Because the alternative is unacceptable.
If centralized authority is required for civilization to function, it implies that people cannot be trusted with their own free will. It means that there must always exist some superior elite-- granted the unilateral power of censorship and violence-- tasked with putting guard rails around the otherwise-destructive tendencies of the unwashed masses.
Given that people with power have committed the worst atrocities in history, this seems unlikely. If we must rely on some supermen to protect us from ourselves, then perhaps we are truly doomed. I don't believe we are, and net everything, I believe both the internet and crypto will be good for the world.
Still, we should not charge forward with blinders on, pretending there are no downsides to the technology we're creating. Without a doubt, it will be used nefariously by some. It already is. More than that, it has the potential to disrupt much of the status quo. In the process, it will create as great a tumult for society as the internet itself has-- or worse. As technologists on the bleeding edge of this new world, we should be wary of these risks. Let us wield our privileged position responsibly.
Note: Build Blockchain Tech does not hold copyrights to the images used in this post. They are reproduced here under the doctrine of fair use.
Alex Hillman is the co-founder of IndyHall-- one of the earliest, longest running, and most respected coworking communities in the world. He's also an entrepreneur, developer, speaker, prolific writer, podcast host, and all around expert in building community. Despite having his reservations around blockchain and cryptocurrencies, Alex is a self-described fan of decentralization.
Which begs the question: do we need a blockchain to be decentralized? What does decentralization really mean anyway- and why is it important? In this webinar, Alex and I discussed exactly these questions. This was a great conversation-- Alex brought up some key questions and I enjoyed our discourse on these issues.
For more from Alex, follow him on Twitter @alexhillman and visit dangerouslyawesome.com.
What is a Bitcoin Maximalist? Some insist the term is derogatory, akin to a slur. Others seem to own the term proudly. Whatever your opinion on the term itself, there is no doubt that within the blockchain/cryptocurreny world, there is a group of people who:
These are reasonable positions to hold. I am quite sympathetic to both of them. In my probabilistic view of the future of crypto, a non-negligible weight is assigned to the possibility that Bitcoin will become the dominant network by an order of magnitude or more.
There are, however, two corresponding traps that I see Bitcoin Maximalists fall into:
Both of these stem from what can only be described as narrow-mindedness.
A great example of the first trap can be seen in Jimmy Song's blog post, "The Truth about Smart Contracts". In it, Song takes aim at Ethereum and argues:
"smart contracts are simply too easy to screw up, too difficult to secure, too hard to make trustless and have too many external dependencies to work for most things."
As a developer, it's hard for me to believe another technologist would downplay the incredible disruptive potential of smart contracts. Software is eating the world, and smart contracts allow us to do things with software that were previously unimaginable.
Are there issues to work through and best-practices yet to be developed? Sure. It's fair to point these issues out and Jimmy does a good job of covering some of them in his piece.
But we're talking about trust-minimized code manipulating immutable, auditable data— code that can create, manage, and move a multitude of scarce digital assets. To dismiss the far reaching implications of that outright— simply because the ecosystem is still in an embryonic state— is preposterous.
Jimmy is smart enough to know better, but his narrow-minded focus on cryptocurrency as sound money makes other use cases seem like a threat. If smart contracts will detract from sound money, then for maximalists, smart contracts must be bad. But the two are not in opposition. In fact, they're quite complimentary. Which would you rather have: sound money, or programmable sound money?
This same negative attitude is on display for other obviously disruptive use cases as well, such as tokenized securities.
Tokenized securities (if they even work) are an optimization, not a revolution.
— Kevin Pham (@_Kevin_Pham) June 9, 2018
It's improving something that already exists
Bitcoin is a revolution, it enables things that could never exist before.
Like holding millions of dollars in the palm of your hand. pic.twitter.com/YtWYCwWCYU
Many maximalists, like Kevin Pham, dismiss tokenized securities as a purely sustaining technology. They're not. The ability to spin up tokenized equity and encode the ownership/distribution rules around that equity on a blockchain will likely be huge. It could change the way companies are formed and how capital is raised. It could enable a new wave of global entrepreneurship.
The point here is not to downplay the importance of sound money. Rather, it's to recognize that we don't have to choose between sound money and other disruptive use cases. These things can coexist and compliment each other. But if Bitcoin proponents continue to ignore or attack these other applications, we may see them flourish on other networks instead. Which brings us to the second trap.
Bitcoin may very well end up the single, dominant public blockchain, but this is not guaranteed. That should be obvious, yet some maximalists react defensively to what should be uncontroversial observations, like this one from Naval:
It’s possible that both censorship-resistant sound money and permissionlessly-programmable computing platforms are going to be huge.
— Naval (@naval) July 1, 2018
The best we can do is to view the future probabilistically, and even then it is unwise to assign too great a probability to any one outcome. There are simply too many variables and non-linearities to make a pronouncement; the future is fractal and these systems are too chaotic to submit to naive models.
We may end up with multiple valuable chains. Another chain might overtake Bitcoin. Chains may segment regionally or ideologically or based on functionality. Any number of outcomes are possible. It is wise to take all these possibilities seriously, to invest to capture upside from any of them, and to build and advocate for the vision of the world you'd like to see.
Bitcoin Maximalism, whatever exactly it is, is not necessarily a bad thing. That Bitcoin has a rabid, committed fanbase is, in some ways, a very good sign for its future. Should said maximalists invest their energy in building the future in which they believe, their prophecies may be self fulfilling. It has the potential to be a very productive force.
The danger, though, lies in a narrow minded maximalism— one that needlessly ignores powerful applications of blockchain technology and dismisses other projects embracing those possibilities. If too many maximalists fall for these traps, their devotion may preclude the very outcome for which they yearn.
I had the pleasure of introducing my friend and fellow software engineer John Feras to smart contract development on the Ethereum network using Solidity. John is a senior engineer at Comcast with decades of experience; he was writing compilers when JavaScript was a twinkle in Brendan Eich's eyes! John is curious about blockchain tech, but before this session had no experience with smart contract coding.
This session should be helpful introduction for developer's of all experience levels. Thanks to John for agreeing to let me post the recording!
On Thursday, June 14th, 2018, I had the pleasure of speaking at Philly CocoaHeads. I gave my fellow iOS developers an introduction to blockchain, Solidity, and decentralized tech. While targeted at mobile devs, the talk should be useful to any developer who is curious about blockchain!
Here's a thought experiment: imagine Apple buying Brave, the privacy-focused browser company that uses a cryptocurrency to compensate content creators.
Apple could integrate the Basic Attention Token (BAT) into Safari and give every user with an iCloud subscription a few tokens a month to be distributed to the sites they browse. The iPhone's secure element could store your wallet's private key such that not even Apple could access your tokens.
Apple could market the tech as ushering in a new age of sustainable journalism and content creation, one aligned with user privacy and with democratic values. The move would also be a blow to some of their biggest competitors. As a nice cherry on top, the acquisition itself would likely cost nothing; the value of BAT tokens held by Brave would skyrocket with the deal's announcement.
This isn't a prediction, it's just a thought experiment. The point is that the story at least sounds plausible. You could imagine it happening, even while acknowledging it's very unlikely it will.
Now imagine Google buying Brave. Would they integrate it into Chrome? Of course not! Doing so would kill their ridiculously lucrative ad network. Would they let you control your keys? Of course not! To Google, all computing belongs in the cloud (i.e. on their servers) and a Google account should mediate your identity on the web. Google is completely misaligned with Brave's ethos.
Of all the major tech companies, Apple seems to take user privacy the most seriously. This was on display at their World Wide Developer's Conference last week. They announced, for example, that Safari will get numerous features aimed at thwarting efforts to track you across the web.
Apple markets these changes as great for users, without compromising their business, and weakens their competitors at the same time. Apple, after all, just wants to sell you more devices. Personal data, while the lifeblood of companies like Google and Facebook, isn't particularly valuable to them. Several years back, Ben Thompson coined the term "Strategy Credit" to describe the situation.
It would be overly cynical, though, to say Apple only adds these features because of financial incentives. I believe Apple, and Tim Cook, truly do value users' privacy. It was Apple, after all, that went toe-to-toe with the FBI rather than backdoor a terroist's phone. Just today, it was announced that Apple would close another security hole used by law enforcement to crack iPhones.
That Apple's values surrounding privacy also square with Apple's business model should be seen as a powerful alignment, one that could drive real change in the industry given the company's incredible leverage.
This, then, is the most compelling reason to believe Apple could be the first major tech company to embrace blockchain technology: they are best aligned with the vision of a decentralized future it promises.
Google and Facebook, on the other hand, are completely misaligned. The very premise of each business is to provide centralized services. A decentralized future, one that gave even minimal control back to users, could weaken or destroy them.
It's not at all surprising that Apple has yet to wade into the Wild West that is crypto. They rarely adopt bleeding edge technology. Still, Apple's values, incentives, and tech stack align well with a decentralized future. Historically, they have a knack for knowing when an emerging tech is on the cusp of adoptability. If and when Apple makes a move to embrace blockchain technology, pay attention!
On Monday, Microsoft announced that it had acquired code-collaboration site GitHub. Initial reactions have been mixed. More than a few have pointed out that Microsoft has embraced open source as of late, seemingly sincerely. Many of us, though, can't help but feel uneasy seeing the Redmond behemoth, whose then-CEO once literally called Linux cancer, now in control of the hub of all open source software.
What happened here, anyway? Given that git is an open source protocol for decentralized version control, how did we end up re-centralized around a Bay Area startup- one which, in retrospect, was almost certainly destined to end up inside one of the tech giants? Let's examine this more closely. There is an important lesson for the cryptocurrency/blockchain community to learn.
Wow I think the rumors about $MSFT and #GitHub are true! Can you spot the subtle UI changes? pic.twitter.com/hv7H2TcdVs
— Ben DiFrancesco (@BenDiFrancesco) June 4, 2018
Git was created by Linus Torvalds to help manage the development for the Linux kernel. Existing version control systems relied on a centralized, client-server style architecture. Your repository lived on a server, controlled by an admin, while you, the lowly developer, merely ran a client to interact with it. Git flipped this on it's head, as Linus himself explained:
...having a local copy of the repository and distributed merging was a big deal. The big thing about distributed source control is that it makes one of the main issues with SCM’s go away – the politics around “who can make changes.” ... you can avoid that by just giving everybody their own source repository.
In stark contrast to existing systems, git made branching, merging, and forking painless. Anyone could grab a copy of a repo from anyone else, create a branch, commit modifications to the code, and provide those changes to anyone else for easy merger. Previously, the centralized repo had been the choke point of a given project. That choke point was gone.
With this new set of powers, we saw a Cambrian explosion of open source that coincided with git's adoption. But with so many developers now able to hack on so many projects, new problems also arose. Discoverability, collaboration, communication, bug tracking- all of these became challenges. That's where GitHub stepped in, providing elegant, centralized solutions around all of these new problems.
The introduction of a distributed, decentralized, peer-to-peer protocol for source control removed one set of choke points. But it also created a new set of problems, and we ended up re-centralized around a single tool- one that literally has hub in the name, in case you missed exactly what was happening.
This turn of events shouldn't surprise us that much. In fact, we've already seen it, and on a much grander scale. This is almost exactly the story of the Internet.
Where previously, the dissemination of content was controlled by a small number of entities who managed distribution (publishers, broadcasters, etc..), the internet introduced a distributed, decentralized, peer-to-peer protocol that removed those choke points. And it also created new problems. With virtually infinite content to consume and people you can communicate with, how do you find what and who you're looking for? Enter Google and Facebook, the centralized colossi that solved these problems, and in doing so became the new choke points.
Twice now, (and there are many more examples), we find the introduction of a decentralized protocol demolishing old choke points but also creating a new set of problems, and thus leading users to re-centralize around the companies that solved those new problems. Could there be any application of this idea to the world of cryptocurrencies? 🤔
Many of us believe we're in the early days of introducing decentralized protocols for money, identity, ownership, and possibly many other things. In so doing, we'll remove a whole host of existing choke points. But what are the new problems that will arise if we do? And could the solutions to these problems lead to re-centralization: a new set of choke points? There are already some early, obvious examples of problems that are being solved in centralized ways: on/off ramps to fiat, interfacing with regulatory bodies, production of mining hardware, and key custody are just a few examples. Many other less obvious issues are likely to arise over time.
A large part of the crypto/blockchain community is excited about the potential for these technologies to diffuse power from central authorities. Me too! But I can't help but wonder if, in our glee to see things decentralized, we're missing a valuable lesson from history. Much of the focus now is on the disintermediation of middlemen sitting at existing choke points. Perhaps we should be much more attentive to, and concerned about, the rise of the new ones.
If you enjoyed this article, please consider signing up for my newsletter by clicking here. I occasionally send links and thoughts on whats happening in crypto with a heavy bias toward technical topics.
In the wake of three high profile mining-related attacks on notable alt-coins, one can't help but wonder: is the window for bootstrapping a new proof-of-work cryptocurrency closed? If not, it must be getting close. (For reference, see attacks on: Verge, Bitcoin Gold, Monacoin).
The default failure mode for any new cryptocurrency in 2018 is the sound of silence. For a coin to be attacked, first someone has to care enough to try. It's likely no one will. For the sake of this discussion, we'll assume we're talking about a coin that's getting some traction: it's listed on some exchanges and has some notable trade volume.
Launching a new PoW cryptocurrency there are, broadly speaking, two choices when it comes to choosing a hashing algorithm:
There are lots of variations on these two themes. Verge, for example, got cute and allowed miners to use any one of five different algorithms to produce blocks- a "feature" exploited by its attacker. For the most part, though, a project will fall into one of these two buckets. Let's examine the issues with each.
The problem with choosing an existing hashing algorithm, one used by an established cryptocurrency, is obvious: your fledgling chain is immediately susceptible to a 51% attack from existing miners. Those miners likely have warehouses full of ASICs churning out hashes 24/7. Even a handful of those machines, if diverted toward your chain, could destroy your network. And, as Charlie Lee pointed out recently, there is no real incentive that prevents them from doing this.
Bitcoin Gold got 51% attacked. Miners have no issue with attacking BTG because if it dies, they could easily switch to mine another coin that also uses Equihash POW. This is not the case for Bitcoin/Litecoin where they are the dominant coin for their respective mining algorithms. https://t.co/ThOzSFz5tQ
— Charlie Lee [LTC⚡] (@SatoshiLite) May 24, 2018
Many miners will have no bones about extracting a quick profit while demolishing your chain, then pointing their hash power back to an established coin. So, using an existing algorithm seems to be off the table. But what about....
Creating a new hashing algorithm seems like an attractive alternative to being crushed by existing miners, but this path, too, is fraught with peril. For one, introducing a new hashing algorithm is nontrivial from a technical perspective and introduces a security risk for your network.
More importantly, any coin that gains real traction in the market will immediately trigger a race to develop and manufacture ASICs- a feat only a small handful of companies currently excel at. As the recent development of ASICs for Equishash and CryptoNight demonstrate, no algorithm is truly ASIC resistant.
Thus, it's only a matter of time before a new algorithm is being mined by stealth ASICs and your network is controlled by, at best, a few companies. (More likely, by just one company- and I do mean one in particular). You might be tempted to think said companies would sell the ASICs and distribute the hash power and all would be well, but as David Vorick recently pointed out in his must-read summary of The State of Crypto Mining, this is not the case:
At the end of the day, cryptocurrency miner manufacturers are selling money printing machines. A well-funded profit maximizing entity is only going to sell a money printing machine for more money than they expect they could get it to print themselves.
The best case, then, for a budding PoW coin is to find its hash rate controlled by stealth ASIC miners run by 1-3 entities, with only their goodwill preventing a 51% attack at any moment. Not exactly the decentralized future we were all hoping for.
I'm honestly not sure we'll see a single new PoW coin launch and gain large scale traction again. Ever. If we do, then certainly that project's team will have to spend a disproportionate amount of time threading the bootstrapping needle to avoid the pitfalls described above.
As for existing coins, I'd go so far as to say that virtually all PoW alt-coins in the long tail are protected merely by obscurity¹. Existing large scale miners and/or ASIC manufactures could trivially attack them. They simply can't be bothered.
A handful of other coins, like Monero and Zcash, have signed up to play an eternal cat and mouse hardfork game with ASIC manufactures. This strikes me as ill-advised, but we'll see where it goes.
Finally there is a top tier of PoW coins that have clearly achieved escape velocity and are relatively safe from a 51% attack. Bitcoin, Litecoin, and Ethereum are the most obvious examples. These chains benefitted from the opportunity to bootstrap in (relative) obscurity and are now (relatively) protected by (relatively) distributed hash power and (relatively) commoditized ASICs. (Did I mention this is all relatively speaking?)
For those of us that care about decentralization and censorship resistance, this conclusion is alarming. To date, PoW is the only effective consensus algorithm that hasn't compromised on those two values. It seems our hopes for a decentralized future rest on the success of at least one of these small handful of projects- or on efforts to develop truly decentralized alternatives to proof-of-work.
¹ There's actually another class of coins I intentionally disregarded in this post: those that merge mine with much larger coins. Bootstrapping a merge-mined coin is basically as challenging as any other PoW mechanism, but there are a handful of coins that have crossed the chasm. Dogecoin, the primogenitor of meme-coins, is (hilariously) the best example of such a chain. Perhaps Doge deserves its market cap after all!
To kick off the Build Blockchain Tech initiative, I hosted a webinar discussing why developers and entrepreneurs should care about this stuff in the first place! If you missed it, you can catch the video on YouTube :)
Go beyond the hype and separate the signal from the noise. Subscribe to receive a weekly dose of blockchain reality, with a heavy bias toward the technical.