One of the things that I do in my work is to find the failure points. That doesn’t shut off easy for me, and so in the case of Bitcoin and the cryptoverse, there are certain things that top my list of concerns that I believe are not generally understood by the masses.
In full disclosure, I don’t consider myself a crypto expert, but rather, a mere mortal with a long background in software development that stumbled upon Bitcoin on my journey in researching monetary history for both liberty and speculative purposes.
Scalability & Performance
Currently Bitcoin and crypto in general doesn’t scale on the blockchain directly, and by that I mean that it is not ready for an entire world to jump into it’s boat and do what monetary and speculative enthusiasts want. In fact, had the price of crypto currencies continued to ascend from early 2018, it would have log jammed eventually.
Most do not understand that the majority of the crypto transactions were nothing more than “trading noise” and that noise was OFF CHAIN; that is they were “exchanging” coins between traders on the same private platform (Coinbase, Kraken, Binance, etc.). The scalability that we need to get to is ON CHAIN, and not for trading purposes, but for trading AND monetary transaction purposes, and by ON CHAIN I simply mean on the public infrastructure, which may include side chains. There is still some work to do but top folks are getting it done.
It’s easy to confuse scalability with performance. There are side chains being built to improve this performance with tricks to mitigate latency with parallelism and other techniques. I don’t pretend to know the low-level specifics here, but this R & D is being done across the spectrum in free market fashion. Side chaining has it’s issues too. For instance, the issues that divided the Bitcoin into two camps demonstrate that outside influences can overtake a project, which many would argue are contrary to the spirit of Bitcoin. So Bitcoin Cash was born, and although an oversimplification, simply changing the block size wasn’t going to make it magically scale either. I am not advocating for or against off chain processing and settlement, but I see little choice but to pursue these avenues.
Most think of “consensus” as a good thing — and on the surface it is. But it has failure points. Strictly speaking about the social aspect, and not from a systems aspect (which also has a poison attack vector), all consensus based collective systems are vulnerable. Just ask anyone in the Intelligence community. Consensus can be blue-pilled, shaken and splintered with chaos, shaped and herded with propaganda, or bought just like any thing else — just throw enough money at it with a well-thought out plan.
For instance, with enough coin being held of certain coins (nodes), one can effectively buy a seat at the board and dictate the direction of the coin, even an about face from it’s original prime directive (above the surface), or change it’s architecture (below the surface) to make it more vulnerable to attack. Another example of consensus corruption happens on wikipedia where a wildly bias and political consensus can craft untruths and propaganda on pages of their platform to suit the agenda and views of a single political viewpoint. To survive, an opposing consensus must act as a sort of “gang” or be powerless against the leading consensus. Another example is how evil-doers have been able to dilute the effectiveness of the Bayes spam algorithm using the same principle, while not related to the crypto context, it is still poisoning “consensus” in the form of dilution of document or corpus classification (killing it with chaos).
Perhaps the best example is from the early liberty-minded Bitcoin adopters who feel the republic of the United States of America, or even the empire of Rome — as a political system — is powerless against the holder of limitless currency, hence the reason Bitcoin was formed (purportedly). Meanwhile, back at the ranch …
A system design, whether based upon people, or bits on the ether, should not be vulnerable to consensus attack. I don’t see anything that can prevent such an attack.
Trust-less != Dont-trust
I chuckle at the promise of “trustless” because it is completely mis-interpreted or mis-applied. Yes, the blockchain itself may proclaim such an attribute, there are countless things that surround the blockchain to promote and service it that are anything but trustless, not in the literal, not in the figurative. Exchanges are the worst in my opinion. Those that have read Bitcoin & “The Position of Fuck You” know that I am no fan of banks, but I will take what we have now with banks over an explosion of exchanges. For more details exposing exchange failure points, read Managing a Crypto Portfolio – With Safe(r) Crypto Best Practices where I discuss several.
Exchanges aren’t the only ones. Wallet venders have failure points too, although this is probably the closest we will ever get to “point-to-point” peer-based banking. Don’t get me wrong, I prefer the notion of soft wallets when they are treated like real wallets — we don’t put our life savings in them. This mitigates the risk some. But we are not able to leverage common safeguards on mobile devices like we do on our desktops:
- download the source code
- validate the signature
- build the source code
While not ideal, it’s an option we can take on our desktops to mitigate against theft. Only card-carrying paid-up mobile developers can ideally do this on their phones, so that’s no option either. One might argue that the risk of theft is no different than with other mobile wallets that use PayPal or ACH; the difference is there are methods to recover stolen funds, but there is no chance of recovery in the cryptoverse. Banking wallets such as those being worked on by TenX might be different, however, in that there may be room for charge-back since it is over a Visa type platform. I defer to Dr. Julian Hosp for further comment on that.
To me, trustless is a statement that screams:
I do not trust you
Don’t depend upon my trust for your thing to function
This is that very thing that can take note from the responsible firearms community. That is, this community exaggerates safety etiquette for obvious reasons, even at the risk of appearing comical when it appears self-evident that the firearm isn’t loaded. We need a movement that treats trustless exactly the same way. I haven’t found anything that does this yet, and the exchanges demonstrate the exact opposite of this principle in many ways.
The Bitcoin white-paper on its face is based on the idea of “cash” (and not a store of wealth). A cash payment per-se is a real-time event. Did I mention real-time? No crypto currency transaction can meet this expectation ON CHAIN. So it fails on Bitcoin’s original goal. There are others being worked on that hope to solve this but that remains to be seen at scale, and at scrutiny. I consider an OFF CHAIN solution to be only a partial success (whether for the sake of performance or for atomic swaps) because they are not anonymous, like cash. This is where coins like Monero come in, but it still doesn’t deliver on this expectation.
Store of Wealth
At one point I had most of my life’s savings on a series of hard wallets. For anyone wondering, this is some really scary sh!t because you think it’s in your hand, but it isn’t, they are just digits scattered across the
earth ether that can be stolen from you in more ways than you can imagine. For securing your digital wealth, there’s the wild wild west, and there’s the Glacier Protocol — which amounts to:
- risky, incomplete, and false sense of security, or:
- locked up tight but not for mere mortals, and no:
something in between
I ended up establishing my own protocol, also not for mere mortals, but it’s what I do (and it’s my life’s savings). When holding large amounts of crypto I had to go through great lengths to secure it, most of which few would ever do, and even some of the sharpest “experts” on crypto currencies haven’t a notion about. As previously mentioned, read Managing a Crypto Portfolio – With Safe(r) Crypto Best Practices for a deep dive on securing your digital wealth in crypto. For instance, knowing when and how to work off-network, staging secure dedicated devices to access your wallets, encrypted disk drives, metal plates to store your private keys, and how/why to purchase at least 3 hard wallets. If leaving the country, one might even study up on methods to improve memory for seed words, wallet addresses, and private keys (good luck with that). [And don’t forget that Zuckerberg is working on that mind-reading tech to steal your private keys, and I am sure they will license it to the U.S. Customs Service =]
What could go wrong!?
Anonymity vs. Privacy
There is nothing anonymous on the blockchain. Many think it is, but it isn’t, and as the years go by, the closer inquiring minds will be able to tie addresses to people, places and things. It will start sparse, and slowly fill in the gaps. Like those who humiliated themselves at the dawn of social media for all to see, including their unborn children, so too will their spending habits be seen by the Time Machine.
This is where coins like Monero, Dash, ZCash, PIVX, and many others come in. However, don’t confuse privacy from anonymity, as they are two different things. The term “privacy” in the cryptoverse (at present) should be likened to “pretty good privacy”, which may not be good enough by many who truly value their privacy. In the tech world, pretty good is, until one magical day it isn’t.
Sheeple: we have nothing to hide if we aren’t doing anything wrong
People: feel free to sacrifice your privacy without sacrificing ours
[an-uh-nim-i-tee] noun, plural an·o·nym·i·ties.
My definition of an anonymity coin is one that cannot compromise one’s privacy on either end of a transaction regardless of whether or not the sender or receiver meant to. It doesn’t require VPN or Tor to mask it’s location. It uses the strongest level of encryption available while degrading gracefully by taking advantage of vulnerability discovery and encryption improvements. Transactions of new or old cannot be compromised in the future by a consensus-like attack from actors acquiring enough nodes. It does not have an “option” or “default” “mechanism or switch”. There isn’t an “opt-in”, and there isn’t an “opt-out”.
Q: Which coins meet this criteria?
A: None. It is nothing more than PGP until it has proven to your satisfaction that it is truly anonymous.
Bridges are needed to go back and forth between the banking world, and the cryptoverse. This means temporary storage in fiat currency derivatives are needed. Things like Tether coin and the new Gemini Dollar coin pretend to be fiat currency. Gemini’s offering is new. I do not trust Tether, however. My use of it was always with distrust and short lived. I have information and believe that many used it like
whales bats in a cave only to come out under cover of darkness to strike while we s lheep. Essentially used as a parking lot between trades to avoid having to go back to fiat (comfy in a Ledger), with the few points being paid as the cost of business.
Let those words sink in a moment — a coin that is pinned to the dollar, that is valued less than the dollar. Could it be because it has been debased? Ironically, it’s a massively debased coin, that is pinned to a massively debased Dollar.
Bridges will be a necessary evil until things get priced in crypto (Satoshi’s).
I mention this mainly because many consider this to be a serious challenger to Bitcoin and its derivatives. This product, owned by Swirds, attempts to solve the performance scalability concerns. However, it’s a closed system, from it’s inception. Even mere mortal investors couldn’t take part because it was closed to accredited-only investors. So this product is anything but open.
Consider this: the tech world just went through the last 20 years of shifting it’s mindset to an open source world. Bitcoin and it’s haram have all submit to open source as one of its core values, and as such it has been open to code review, and generally patent free. Hashgraph hasn’t gone through that process and is the intellectual property of Swirlds. Also, it’s Gossip algorithm needs to be vetted in the same way that cryptography algorithms were before being adopted by the National Institute of Standards and Technology (NIST). Could it have a use? Perhaps, but I don’t see the world adopting anything that isn’t free from ownership claims, intellectual or otherwise. This is just my opinion of course. Their approach, however, is quite impressive.
Nothing is free, not even Bitcoin, although I have heard many talks about how “free” it is. I used to be in the credit card industry and there I learned about “interchange” which is what pays for the electronic transaction backbone that we enjoy today. It is, and should continue to be no different in the cryptoverse, accept there are too many variables that can affect the transaction cost as we have witnessed this past year. It was the cost of Bitcoin transactions skyrocketing that gave Bitcoin Cash a leg to stand on, and is why many accumulated as much Bitcoin as they could before the 2017 Bitcoin Cash fork.
I can recall paying huge nominal dollars per transaction. Computing the cost for these transactions are too bothersome for us mere mortals to do. While I don’t fear the nominal monetary costs, I do fear the lack of transparency and the absence of a fixed, simple and predictable monetary nature to the cost; this area is way over complicated, and is laughable to the end-user.
It’s not there yet, but I have faith that it will be. For this reason I invested significantly to support various wallet makers such as Pillar, TenX, Bitquence/Ethos, etc. These wallets are being released in production presently, which will drastically improve the user experience and drive adoption. This too is why Bitcoin wasn’t ready for the masses; users would not go through what I went through these past years. Fortunately, we already have mobile applications for “out of the system” payment processing, and users will demand the same ease of use from crypto wallets too.
I mention usability mainly because it screams from the mountain tops as a customer demand, and with this comes the potential for breach. There just isn’t enough scrutiny for the trust-less mindset, even on the inner tracts. Developers are not trained to think this way — I liken it to how MD’s are given just a few hours of training on nutrition and health in their training — it’s backwards.
While technically a usability issue, it stands on its own. There are so many nuances, knobs and levers that make the cryptoverse so overly complex. I specifically went out of my way to not tell my mother about crypto because there were just too many complexities to try to explain that she wouldn’t grasp, and this is a woman that profit from the 1970’s Pyramid Game, so she’s gets everything else. In the usability sense (as opposed to the speculative) one simple example is that a feature of one coin may not be present in another, or just be different.
For instance, one thing still needed is to originate transactions off-network so as not to access the private key on-network (where evil shadow dwellers can run away with your coin). This method creates a signed transaction off network using the private key, while allowing you to to submit the transaction on-network, without the private key. This is an overly complicated thing to do, and varies between wallets and coins, and not present on many others.
Complexity kills adoption.
Why do off-network originated transactions? Why not just use your hard wallet?
I am in favor of hard wallets, but I respect their limitations the same as I do soft wallet limitations as mentioned earlier. When bringing wealth out of cold storage, I know hard wallets still have software components to them and have many of the same vulnerabilities. For instance, Trezor and Ledger Nano’s DNS service are probably one of the most prized attacks — think of it as the King Tut mask on display. If their DNS is compromised, there goes large amounts of crypto, never to be seen again. Think it’s far fetched? It happens all the time, and EtherDelta is only one example of this effective attack.
Remember the notion of the firearms community that exaggerates safety? I can’t think of a better example of what should be considered a trustless system than the DNS service of an organization with
access control of your wealth. Every single web site that wants to take your money has a silly McAfee badge that certifies their site as “secure”. Where’s that for DNS? In fact, no site of any kind even mentions or demonstrates the steps they have gone to secure their DNS. This is something that has a long way’s to go in terms of awareness and it’s going to take something big-er for it to get to the next level (I’m not just talking about 2FA authentication either).
Initially Mined Coins
The fabled 1,000,000 initially mined coin is a risk factor. I don’t know about that magic number, but there is significant likelihood to be one or more vary large holder of Bitcoin. The holder of enormous wealth could do great harm to the world. One could also flood massive coin to tank it’s value. I pray any such holder use it to restore balance.
By the way, I am still big on Bitcoin, and only those who get this far will take that away from this read. The concerns I speak to herein may be categorized as fear, uncertainty and doubt (FUD).
Their FUD is my risk analysis.
About the Author
I am a long time software developer/architect and student of the economy and monetary history who stumbled upon Bitcoin in 2014 and mocked it at first. I was so moved by what I discovered, that I left the comfort of my long time j-o-b because I sensed what was about to happen. I was a fly on the wall, no one could hear me.