Tuesday, March 28, 2023

Two Great Reads

This post is to flag two great posts by authors always worth reading, both related to the sad state of the venture capital industry upon which I have pontificated several times:
Each will reward your time. Below the fold I comment on both of them.

Thursday, March 16, 2023

More Cryptocurrency Gaslighting

Ignacio de Gregorio is a "crypto expert" with 8.5K followers on Medium and he's worried. In The one word that can kill Crypto is back he discusses the New York Attorney General's suit agains KuCoin and, once again, demonstrates how gaslighting is central to the arguments supporting cryptocurrencies. Below the fold I point out the flaws in his argument.

Thursday, March 9, 2023

C720 Linux Update

The three Acer C720 Chromebooks I wrote about in:
are all still running Linux just fine despite the one I'm typing on being more than 8 years old. Below the fold I have some good news and some no-so-good news.

I was becoming a little concerned by the fact that the 5.0-series kernel I was stuck with was getting long in the tooth. So as an experiment I wiped C720 #3 and:
  • Installed Mint 21.1 from scratch with LVM and full-disk encryption.
  • Installed Mint 21.1 from scratch without full-disk encryption and with encrypted home directory, and updated to the current 5.15.0-67 kernel.
Below the fold, my notes on these experiments.

Tuesday, March 7, 2023

On Trusting Trustlessness

Nearly five years ago some bad guys used "administrative backdoors" in a "smart contract" to steal $23.5M from Bancor. In response I wrote DINO and IINO pointing out a fundamental problem with "smart contracts" built on blockchains. The technology was sold as "trustless":
A major misconception about blockchains is that they provide a basis of trust. A better perspective is that blockchains eliminate the need for trust.
But the "smart contracts" could either be:
  • immutable, implying that you are trusting the developers to write perfect code, which frequently turns out to be a mistake,
  • or upgradable, implying that you are trusting those with the keys to the contract, which frequently turns out to be a mistake.
The "smart contract" either is or is not mutable after deployment, there is no third possibility. Both cases require trust.

Now, in response to some good guys using an "unknown vulnerability" in a smart contract to recover $140M in coins looted in the Wormhole exploit, Molly White wrote The Oasis "counter-hack" and the centralization of defi on the same topic. Below the fold, I comment on her much better, much more detailed discussion of the implications of "smart contracts" that can be upgraded arbitrarily changed by their owners.

Tuesday, February 28, 2023

The Center For Gaslighting About Blockchains

On March 10th 2022, as Bitcoin recorded a 43% loss from its peak the previous November, and 8 weeks before Terra/Luna crashed, driving the loss to 76%, Princeton launched the Center for the Decentralization of Power Through Blockchain Technology.

A year later I am laughing as I read Francesca Maglione’s Princeton Says Crypto Chaos Helps Justify Its Blockchain Center describing their desperate attempts to spin this as a good move. Below the fold I pour scorn on this outbreak of "blockchain is the answer, now what was the question?".

Tuesday, February 14, 2023

Sybil Defense

Calling a system "decentralized" because its architecture looks decentralized causes two serious problems:
  • It ignores the fact that decentralization isn't binary, it is a spectrum. Systems claiming decentralization can be characterized by their "Nakamoto coefficient":
    The number of entities sufficient to disrupt a blockchain is relatively low: four for Bitcoin, two for Ethereum, and less than a dozen for most PoS networks.
    This number varies through time, but for both is almost always between two and five, which is not very "decentralized". Given that the "entities" in question are known to coordinate their behavior off-chain, this number doesn't tell you anything useful about the system.
  • What calling a system "decentralized" even though it actually isn't does usefully do is to inhibit regulation. It creates the false impression that responsibility for the state and actions of the system is so diffuse that regulators lack a viable traget.
Because a system's Nakamoto coefficient is variable, somewhat difficult to measure and likely to be an over-estimate, the claim that a system is "decentralized" is always subjective.

There is a much more useful, completely objective criterion. Participation in a system either is, or is not subject to permission from some authority, and this can be confirmed by the experiment of trying to participate without asking permission.

Permissionless systems can claim some advantages, but they suffer from some serious disadvantages. Chief among them is the need to defend against "Sybil attacks". Below the fold I discuss Sybil attacks, the defense against them, and the implications for the systems that adopt this defense.

Tuesday, February 7, 2023

Economic Incentives

Economic incentives are the glue holding the cryptosphere together. The security of Proof-of-Work blockchains depends upon the cost in hardware and power of an attack being more than the attack could gain. The security of Proof-of-Stake blockchains depends upon an attack reducing the value of the stake. There are economic incentives for market manipulation, pump-and-dump schemes, rug pulls, front-running and many other market behaviors. These are all very effective, but in this post I look at what appears to be a glaring exception to their effectiveness.

Permissionless systems are less efficient, slower, and vastly more expensive to set up and operate than permissioned systems performing exactly the same task. One would think that the permissioned systems would out-compete them, but in the cryptosphere they don't. Below the fold I attempt to answer the following obvious questions:
  • Why are permissionless systems more expensive?
  • How large is the investment in avoiding the need for permission?
  • Where does the return on this investment come from?
  • How large is the return on this investment?
The answers to these questions show that Prof. Angela Walch is correct when she writes:
the common meaning of ‘decentralized’ as applied to blockchain systems functions as a veil that covers over and prevents many from seeing the actions of key actors within the system.