Wednesday, February 16, 2022

Talk For Bace Cybersecurity Institute

I was invited to present to the Bace Cybersecurity Institute. My talk was slightly condensed and updated from my talk to Stanford's EE380 course, which was an updated version of my talk to the TTI/Vanguard Conference last December. The latest text with links to the sources and much additional material is below the fold.

[Slide 1: Title]
I remember Becky well from the Asilomar Microcomputer Workshop, so I'm grateful to Mark Cummings for his invitation. You don't need to take notes; when I stop talking the text of my talk with links to the sources and much additional material will be at I'm aiming to talk for 30 minutes, please hold questions. Before I start talking about cryptocurrencies, I should stress that I hold no long or short positions in cryptocurrencies, their derivatives or related companies; I am long Nvidia. Unlike most people discussing them, I am not "talking my book".

Cryptocurrencies' roots lie deep in the libertarian culture of Silicon Valley and the cypherpunks. Libertarianism's attraction is based on ignoring externalities, and cryptocurrencies are no exception.

[Slide 2: Externalities]
Bitcoin is notorious for consuming as much electricity as the Netherlands, but there are around 10,000 other cryptocurrencies, most using similar infrastructure and thus also in aggregate consuming unsustainable amounts of electricity. Bitcoin alone generates as much e-waste as the Netherlands, cryptocurrencies suffer an epidemic of pump-and-dump schemes and wash trading, they enable a $5.2B/year ransomware industry, they have disrupted supply chains for GPUs, hard disks, SSDs and other chips, they have made it impossible for web services to offer free tiers, and they are responsible for a massive crime wave including fraud, theft, tax evasion, funding of rogue states such as North Korea, drug smuggling, and even as documented by Jameson Lopp's list of physical attacks, armed robbery, kidnapping, torture and murder.

[Slide 3: Alecus]
Alecus, El Diario de Hoy
The attempt to force El Salvador's population to use cryptocurrency is a fiasco. They offer no significant social benefit beyond speculation; Igor Makarov and Antoinette Schoar write:
90% of transaction volume on the Bitcoin blockchain is not tied to economically meaningful activities but is the byproduct of the Bitcoin protocol design as well as the preference of many participants for anonymity. ...
exchanges play a central role in the Bitcoin system. They explain 75% of real Bitcoin volume
Our results do not support the idea that the high valuation of cryptocurrencies is based on the demand from illegal transactions. Instead, they suggest that the majority of Bitcoin transactions is linked to speculation.
[Slide 4: "Transaction" Rate]
Bitcoin is only processing around 27K "economically meaningful" transactions/day. And 75% of those are transactions between exchanges, so only 2.5% of the "transactions" are real blockchain-based transfers involving individuals. That's less than 5 per minute.

Nakamoto's motivation for Bitcoin was distrust of institutions, especially central banks. When it launched in the early stage of the Global Financial Crisis, this had resonance. The key to a system that involves less trust is decentralization.

[Slide 5: Resilience]
Why do suspension bridges have stranded cables not solid rods? The major reason is that solid rods would fail suddenly and catastrophically, whereas stranded cables fail slowly and make alarming noises while they do. We build software systems out of solid rods; they fail abruptly and completely. Changing this, making systems that are resilient, ductile like copper not brittle like glass, is an extraordinarily difficult problem in software engineering.

I got interested in it when, burnt out after three startups all of which IPO-ed, I started work at the Stanford Library on the problem of keeping digital information safe for the long term. This work won my co-authors and I a "Best Paper" award at the prestigious 2003 Symposium on Operating System Principles for a decentralized consensus system using Proof-of-Work. When, five years later, Satoshi Nakamoto published the Bitcoin protocol, a cryptocurrency based on a decentralized consensus mechanism using Proof-of-Work, I was naturally interested in how it turned out.

Decentralization is a necessary but insufficient requirement for system resilience. Centralized systems have a single locus of control. Subvert it, and the system is at your mercy. It only took six years for Bitcoin to fail Nakamto's goal of decentralization, with one mining pool controlling more than half the mining power. In the seven years since no more than five pools have always controlled a majority of the mining power.

[Slide 6: Economies of Scale]
In 2014 I wrote Economies of Scale in Peer-to-Peer Networks, explaining the economic cause of this failure. Briefly, this is an example of the phenomenon described by W. Brian Arthur in 1994's Increasing returns and path dependence in the economy. Information technologies have strong economies of scale, so the larger the miner the lower their costs, and thus the greater their profit, and thus the greater their market share.

"Blockchain" is unfortunately a term used to describe two completely different technologies, which have in common only that they both use a Merkle Tree data structure. Permissioned blockchains have a central authority controlling which network nodes can add blocks to the chain, and are thus not decentralized, whereas permissionless blockchains such as Bitcoin's do not; this difference is fundamental:
  • Permissioned blockchains can use well-established and relatively efficient techniques such as Byzantine Fault Tolerance, and thus don't have significant carbon footprints. These techniques ensure that each node in the network has performed the same computation on the same data to arrive at the same state for the next block in the chain. This is a consensus mechanism.
  • In principle each node in a permissionless blockchain's network can perform a different computation on different data to arrive at a different state for the next block in the chain. Which of these blocks ends up in the chain is determined by a randomized, biased election mechanism. For example, in Proof-of-Work blockchains such as Bitcoin's a node wins election by being the first to solve a puzzle. The length of time it takes to solve the puzzle is random, but the probability of being first is biased, it is proportional to the compute power the node uses. Initially, because of network latencies, nodes may disagree as to the next block in the chain, but eventually it will become clear which block gained the most acceptance among the nodes. This is why a Bitcoin transaction should not be regarded as final until it is six blocks from the head.
[Slide 7: Blockchain Patent Filed 1990]
Discussing "blockchains" and their externalities without specifying permissionless or permissioned is meaningless, they are completely different technologies. One is 30 years old, the other is 13 years old.

Because there is no central authority controlling who can participate, decentralized consensus systems must defend against Sybil attacks, in which the attacker creates a majority of seemingly independent participants which are secretly under his control. The defense is to ensure that the reward for a successful Sybil attack is less than the cost of mounting it. Thus participation in a permissionless blockchain must be expensive, meaning miners must be reimbursed for their costly efforts. There is no central authority capable of collecting funds from users and distributing them to the miners in proportion to these efforts. Thus miners' reimbursement must be generated organically by the blockchain itself; a permissionless blockchain needs a cryptocurrency to be secure.

Because miners' opex and capex costs cannot be paid in the blockchain's cryptocurrency, exchanges are required to enable the rewards for mining to be converted into fiat currency to pay these costs. Someone needs to be on the other side of these sell orders. The only reason to be on the buy side of these orders is the belief that "number go up". Thus the exchanges need to attract speculators in order to perform their function.

Thus a permissionless blockchain requires a cryptocurrency to function, and this cryptocurrency requires speculation to function.

Why are economies of scale a fundamental problem for decentralized systems? Participation must be expensive, and so will be subject to economies of scale. They will drive the system to centralize. So the expenditure in attempting to ensure that the system is decentralized is a futile waste.

Most cryptocurrencies impose these costs, as our earlier system did, using Proof-of-Work. It was a brilliant idea when Cynthia Dwork and Moni Naor originated it in 1992, being both simple and effective. But when it is required to make participation expensive enough for a trillion-dollar cryptocurrency it has an unsustainable carbon footprint.

[Slide 8: Bitcoin Energy Consumption]
The leading source for estimating Bitcoin's electricity consumption is the Cambridge Bitcoin Energy Consumption Index, whose current central estimate is 125TWh/year.

Adjusting Christian Stoll et al's 2018 estimate of Bitcoin's carbon footprint to the current CBECI estimate gives a range of about 53 to 134 MtCO2/yr for Bitcoin's opex emissions, or between Portugal and Myanmar. Unfortunately, this is likely to be a considerable underestimate. Bitcoin's growing e-waste problem by Alex de Vries and Christian Stoll concludes that:
Bitcoin's annual e-waste generation adds up to 30.7 metric kilotons as of May 2021. This level is comparable to the small IT equipment waste produced by a country such as the Netherlands.
That's an average of one whole MacBook Air of e-waste per "economically meaningful" transaction.

[Slide 9: Facebook & Google Carbon Footprints]
The reason for this extraordinary waste is that the profitability of mining depends on the energy consumed per hash, and the rapid development of mining ASICs means that they rapidly become uncompetitive. de Vries and Stoll estimate that the average service life is less than 16 months. This mountain of e-waste contains embedded carbon emissions from its manufacture, transport and disposal. These graphs show that for Facebook and Google data centers, capex emissions are at least as great as the opex emissions[1].

Cryptocurrencies assume that society is committed to this waste of energy and hardware forever. Their response is frantic greenwashing, such as claiming that because Bitcoin mining allows an obsolete, uncompetitive coal-burning plant near St. Louis to continue burning coal it is somehow good for the environment[2].

But, they argue, mining can use renewable energy. First, at present it doesn't. For example, Luxxfolio implemented their commitment to 100% renewable energy by buying 15 megawatts of coal-fired power from the Navajo Nation!.

Second, even if it were true that cryptocurrencies ran on renewable power, the idea that it is OK for speculation to waste vast amounts of renewable power assumes that doing so doesn't compete with more socially valuable uses for renewables, or indeed for power in general.

[Slide 10: Energy Return on Investment]
Delannoy et al Fig 2
Right now the world is short of power; one major reason that China banned cryptocurrency mining was that they needed their limited supplies of power to keep factories running and homes warm. Shortage of energy isn't a short-term problem. This graph is from Peak oil and the low-carbon energy transition: A net-energy perspective by Louis Delannoy et al showing that as the easiest deposits are exploited first, the Energy Return On Investment, measuring the fraction of the total energy extracted delivered to consumers, decreases.

[Slide 11: Oil Energy Gross vs. Net]
Delannoy et al Fig 1
Delannoy et al's Figure 1 shows the gross and net oil energy history and projects it to 2050. The gross energy, and thus the carbon emission, peaks around 2035, but because the energy used in extraction (the top yellow band) increases rapidly, the net energy peaks in about 5 years.

[Slide 12: CO2 Emission Trajectories]
This is a problem for two reasons. If society is to survive:
  • Carbon emissions need to start decreasing now, not in a decade and a half.
  • Renewables need to be deployed very rapidly.
Deploying renewables consumes energy, which is paid back during their initial operation. Thus the current transition to renewable power consumes energy, reducing that available for other uses[3]. The world cannot afford to waste a Netherlands' worth of energy on speculation that could instead be deploying renewables.

If cryptocurrency speculation is to continue, it needs to vastly reduce its carbon footprint by eliminating Proof-of-Work. The two major candidates are Proof-of-Space-and-Time and Proof-of-Stake.

Proof-of-Space-and-Time attempts to make participation expensive by wasting storage instead of computation. The highest-profile such effort is Bram Cohen's Chia, funded by Andreesen Horowitz, the "Softbank of crypto". Chia's "space farmers" create and store "plots" consisting of large amounts of otherwise useless data.

[Slide 13: Chia]
The software was ingenious, but the design suffered from naiveté about storage media and markets. When it launched in May, gullible farmers rushed to buy hard disks and SSDs. By July, the capital tied up in farming hardware was around six times the market cap of the Chia coin. Chia's CEO described the result:
"we've kind of destroyed the short-term supply chain"
Disk vendors were forced to explain that Chia farming voided the media's warranty. Just as with GPUs, the used market was flooded with burnt-out storage. Chia's coin initially traded at $1934 before dropping more than 90% — last I looked it was $79. I expect A16Z made money, but everyone else had to deal with the costs. Chia doesn't use much electricity, more to do with failure than with the technology, but does have a major e-waste problem.

[Slide 14: Proof of Stake Sucks]
Bram Cohen's opinion
The costs that Proof-of-Stake imposes to make participation expensive are the risk of loss and the foregone liquidity of the "stake", an escrowed amount of the cryptocurrency itself. This has two philosophical problems:
  • It isn't just that the Gini coefficients of cryptocurrencies are extremely high[4], but that Proof-of-Stake makes this a self-reinforcing problem. Because the rewards for mining new blocks, and the fees for including transactions in blocks, flow to the HODL-ers in proportion to their HODL-ings, whatever Gini coefficient the systems starts out with will always increase. Proof-of-Stake isn't effective at decentralization.
  • Cryptocurrency whales are believers in "number go up". The eventual progress of their coin "to the moon!" means that the temporary costs of staking are irrelevant.
There are also a host of severe technical problems. The accomplished Ethereum team have been making a praiseworthy effort to overcome them for more than 7 years and are still more than a year away from being able to migrate off Proof-of-Work.

[Slide 15:Centralization Risk]
Yulin Cheng wrote:
According to the list of accounts powered up on March. 2, the three exchanges collectively put in over 42 million STEEM Power (SP).

With an overwhelming amount of stake, the Steemit team was then able to unilaterally implement hard fork 22.5 to regain their stake and vote out all top 20 community witnesses – server operators responsible for block production – using account @dev365 as a proxy. In the current list of Steem witnesses, Steemit and TRON’s own witnesses took up the first 20 slots.
Vitalik Buterin pointed out that lack of decentralization was a security risk in 2017, and this was amply borne out last year when Justin Sun conspired with three exchanges, staking their customers coins to take over the Steem Proof-of-Stake blockchain. Pushing back against the economic forces centralizing these systems is extremely difficult.

[Slide 16: Top 2 ETH Pools = 53.9%]
The advantage of permissionless over permissioned blockchains is claimed to be decentralization. How has that worked out in practice?

As has been true for the last seven years, no more than five mining pools control the majority of the Bitcoin mining power and last November two pools controlled the majority of Ethereum mining. Makarov and Schoar write:
Six out of the largest mining pools are registered in China and have strong ties to Bitmain Techonologies, which is the largest producer of Bitcoin mining hardware,
[Slide 17: Centralized Mining]
Makarov and Schoar write:
Bitcoin mining capacity is highly concentrated and has been for the last five years. The top 10% of miners control 90% and just 0.1% (about 50 miners) control close to 50% of mining capacity. Furthermore, this concentration of mining capacity is counter cyclical and varies with the Bitcoin price. It decreases following sharp increases in the Bitcoin price and increases in periods when the price drops ... the risk of a 51% attack increases in times when the Bitcoin price drops precipitously or following the halving events.
It isn't just the mining pools that are centralized. The top 10% of miners control 90% and just 0.1% (about 50 miners) control close to 50% of mining capacity. As Adem Efe Gencer et al pointed out:
a Byzantine quorum system of size 20 could achieve better decentralization than proof-of-work mining at a much lower resource cost.
Thus the only reason for the massive carbon footprint of Proof-of-Work and the complexity and risk of the alternatives is to maintain the illusion of decentralization. Alas, it is unlikely that any alternative defense against Sybil attacks will be widely enough adopted to mitigate Proof-of-Work's carbon emissions.

[Slide 18: Immutability]
Immutability is one of the two things that make the cryptocurrency crime wave so effective. These systems are brittle, make a single momentary mistake and your assets are irretrievable.

Immutability sounds like a great idea when everything is going to plan, but in the real world mistakes are inevitable. Lets take a few recent examples — the $23M fee Bitfinex paid for a $100K transaction, or the $19M oopsie at Indexed Finance, or the $31M oopsie at MonoX, or the $90M oopsie at Compound and the subsequent $67M oopsie, all of which left the perpetrators pleading with the benficiaries to return the loot. And in Compound's case threatening its customers with the ultimate crypto punishment, reporting them to the IRS. $12B in DeFi thefts so far, or about 5% of all the funds[7].

[Slide 19: Trammell Hudson]
Vulnerabilities are equally inevitable, as we see with the $38M, $19M and $130M hacks of Cream Finance last year, the $115M hack of BadgerDAO, the $196M hack of BitMart, the recent $323M hack of Wormhole, and of course the $600M hack of Poly Network.

Because Ethereum and similar cryptocurrencies are programming environments, their attack surface is much larger than Bitcoin's. Now that DeFi and NFT protocols are implemented as "smart contracts" in these environments, the attack surface has expanded much further. One example is the rash of hacks involving hijacks of the Discord servers of the communities surrounding them to lure victims into autheticating their wallets to malign "smart contracts". Another is the flood of "rug-pulls" buried in the "smart contracts" implementing NFTs.

[Slide 20: Jacob Silverman]
Yet another is described in Dan Goodin's How $323M in crypto was stolen from a blockchain bridge called Wormhole. Because there are many competing blockchains, bridges exist to provide liquidity between them. Last month Vitalik Buterin provided a detailed explanation of why they are a fundamental security problem. A "smart contract" called a guardian locks up coins on one blockchain and unlocks the same number on another, but in this case the guardian failed to properly validate signatures.
[Slide 21: Wormhole Vulnerability]
Three days later a bug in another bridge was exploited for $4.3M.

The centralization of Ethereum's mining pools and exchanges enabled Poly Network to persuade them to blacklist the addresses involved. This made it very difficult for the miscreant to escape with the loot, much of which was returned. But it also vividly demonstrated that in most blockchains it is the mining pools that decide which transactions make it into a block, and are thus executed. The small number of dominant mining pools can effectively prevent addresses from transacting, and can prioritize transactions from favored addresses. They can also allow transactions to avoid the public mempool, which turned out to be useful when a small group of white hats discovered a vulnerability in a smart contract holding $9.6M.

The key point of Escaping the Dark Forest, Samczsun's account of their night's work, is that, after the group spotted the vulnerability and built a transaction to rescue the funds, they could not put the rescue transaction in the public mempool because it would have been front-run by a bot. They had to find a miner who would put the transaction in a block without it appearing in the mempool. In other words, their transaction needed a dark pool. And they had to trust the cooperative miner not to front-run it.

[Slide 22: Ether Mining Pools 11/02/20]
Ether miners 11/2/20
Ethereum is, fortunately, very far from decentralized, being centralized around a small number of large pools. Thus, the group needed a trusted pool not an individual miner. At the time, the three largest pools mined more than half the blocks between them, so only three calls would have been needed to have a very good chance that the transaction would appear in one of the next few blocks.

Most activity in "trustless" cryptocurrencies actually uses trusted third parties, exchanges, that are layered above the blockchain itself. These use conventional Web-based identities and provide another layer of centralization. Binance, the dominant exchange, does two out of three derivative transactions and half of all spot transactions. Exchanges are routinely compromised; in most cases immutability means the pilfered funds are not recovered.

But, more fundamentally, the entire cryptocurrency ecosystem depends upon a trusted third party, Tether, which acts as a central bank issuing the "stablecoins" that cryptocurrencies are priced against and traded in[8]. This is despite the fact that Tether is known to be untrustworthy, having consistently lied about its reserves.

[Slide 23: Anonymity]
Makarov and Schoar write[9]:
First, non-KYC entities serve as a gateway for money laundering and other gray activities.
Second, even if KYC entities were restricted to deal exclusively with other KYC entities, preventing inflows of tainted funds would still be nearly impossible, unless one was willing to put severe restrictions on who can transact with whom
Finally, notice that while transacting in cash and storing cash involve substantial costs and operational risks, transacting in cryptocurrencies and storing them are essentially costless (apart from fluctuation in value).
The other main enabler of the cryptocurrency crime spree is the prospect of transactions that aren't merely immutable but are also anonymous. Anonymity for small transactions is important, but for large transactions it provides the infrastructure for major crime. In the physical world cash is anonymous, but it has the valuable property that the cost and difficulty of transacting increase strongly with size. KYC/AML and other regulations leverage this. Cryptocurrencies lack this property. The ease with which cryptocurrency can be transferred between institutions that do, and do not, observe the KYC/AML regulations means that absent robust action by the US, the KYC/AML regime is doomed.

[Slide 24: The Coming Ransomware Storm]
Stephen Diehl writes in The Oncoming Ransomware Storm:
Go to your local bank branch and try to wire transfer $200,000 to an anonymous stranger in Russia and see how that works out. Modern ransomware could not exist without Bitcoin, it has poured gasoline on a fire we may not be able to put out.

When you create a loophole channel (however flawed) for parties to engage in illicit financing of anonymous entities beyond the control of law enforcement, it turns out a lot of shady businesses models that are otherwise prevented move from being impractical and risky to perversely incentivized. Ransomware is now very lucrative to the point where there is a whole secondary market of vendors selling Ransomware as a Service picks and shovels to the criminals.
The most serious crime enabled by anonymity is ransomware, which is regularly crippling essential infrastructure such as oil pipelines and hospital systems, to say nothing of the losses to business large and small. This business is estimated to gross $5.2B/year and is growing rapidly, aided by a network of specialist service providers. This is just the ransom payments, the actual externalities include the much larger costs of recovering from the attacks.

There are cryptocurrencies that provide almost complete anonymity using sophisticated cryptography[10]. For example Monero:
Observers cannot decipher addresses trading monero, transaction amounts, address balances, or transaction histories.
Bitcoin and similar cryptocurrencies are pseudonymous not anonymous. Anyone can create and use an essentially unlimited number of pseudonyms (addresses), but transactions and balances using them are public. A newly minted pseudonym cannot be deanonymized, but as it becomes enmeshed in the public web of transactions maintaining anonymity takes more operational security than most users can manage, as we see in the Statement of Facts justifying the recent arrest of a couple for laundering the proceeds of the 2016 Bitfinex hack.

Users are aware of the risk that their transactions can be traced, so many engage in wash transactions between addresses they control, and use mixers and tumblers to mingle their coins with those of other miscreants. Because it is almost impossible to actually buy legal goods with Bitcoin, at some point a HODL-er needs to use an exchange to obtain fiat currency[11]. This risks having their identity connected into the web of transactions on the blockchain. Makarov and Schoar conclude:
90% of transaction volume on the Bitcoin blockchain is not tied to economically meaningful activities but is the byproduct of the Bitcoin protocol design as well as the preference of many participants for anonymity.
In other words, 90% of Bitcoin's carbon footprint is used in a partially successful attempt to compensate for its deficient anonymity.

[Slide 25: Conclusions]
Although the techniques used to implement decentralization are effective in theory, at scale emergent economic effects render them ineffective. Despite this, decentralization is fundamental to the cryptocurrency ideology, making mitigation of its externalities effectively impossible. Because there are existing alternatives that provide greatly increased anonymity, attempts to mitigate the externalities of pseudonoymous cryptocurrencies are likely to be self-defeating. As the ransomware industry shows, users will migrate to these alternatives, reducing the effectiveness of chain analysis. We can conclude that:
  1. Permissioned blockchains do not need a cryptocurrency to defend against Sybil attacks, and thus do not have significant externalities.
  2. Permissionless blockchains require a cryptocurrency, and thus necessarily impose all the externalities I have described except the carbon footprint.
  3. If successful, permissionless blockchains using Proof-of-Work, or any other way to waste a real resource as a Sybil defense, have unacceptable carbon footprints.
  4. Whatever Sybil defense they use, economics forces successful permissionless blockchains to centralize; there is no justification for wasting resources in a doomed attempt at decentralization.
Don't get me wrong. I am not a fan of centralization. I started building a decentralized, permissionless system almost a quarter-century ago. It would be wonderful if we could figure out how to build a Web that would resist centralization. But all the technical and financial cleverness that's been poured into cryptocurrencies hasn't succeeded in doing that. Why? It is because It Isn't About The Technology.

I'm a big believer in Bill Joy's Law of Startups, "success is inversely proportional to the amount of money you have". Right now, there is way too much money. If a system is to be decentralized, it has to have a low barrier to entry. If it has a low barrier to entry, competition will ensure it has low margins. Low margin businesses don't attract venture capital. VCs are pouring money into cryptocurrency and "web3" companies. This money is not going to build systems with low barriers to entry and thus low margins. Thus the systems that will result from this flood of money will not be decentralized, no matter what the sales pitch says.

Despite all the cleverness and hype, the technology just isn't that good. It is both extraordinarily inefficient, and extraordinarily insecure. Nicholas Weaver points out that the "Ethereum computer" is 1/5000 as powerful as a Raspbery Pi. and that for the cost of 1 second of its use you can buy nearly 60 Raspberry Pis. Moxie Marlinspike points out that an NFT is a link to a file of metadata that links to the image it purports to represent, so neither is guaranteed to exist or be valid. You have only to glance at Molly White's Web3 is going just great timeline wonder why anyone thinks this "wretched hive of scum and villainy" should be the future of the Web.

End Notes

  1. Ethereum mining adds another 23.7TWh/yr (16.5 to 32 range) for about 6.9MtCO2/yr, according to Kyle McDonald.

    Doubling the carbon footprint to account for embedded emissions would put Bitcoin between Zimbabwe and Thailand. It would put Ethereum between Uruguay and Yemen, but it is likely that this would be an over-estimate, since GPUs are likely to have a somewhat longer economic life.

    Note the hockey-stick on these graphs. I wrote:
    In 2017 Facebook and Google changed their capex footprint disclosure practice, resulting in an increase of 7x for Google and 12x for Facebook. It is safe to assume that neither would have done this had they believed the new practice greatly over-estimated the footprint.
    If Google and Facebook are correctly measuring their capex emissions, and if they are representative of miners' capex emssions, cryptocurrencies' carbon footprints are vastly more than double that from their opex emssions alone.
  2. And lobbying. See, for example, the way the climate aspects of "Build Back Better" were crippled to facilitate the plant that is the sole customer of the company that pays Joe Manchin $500K/year transitioning to burning Manchin's waste coal to mine cryptocurrency.
  3. Sweden's regulators make this point in an open letter to the EU:
    Sweden needs the renewable energy targeted by crypto-asset producers for the climate transition of our essential services, and increased use by miners threatens our ability to meet the Paris Agreement. Energy-intensive mining of crypto-assets should therefore be prohibited. This is the conclusion of the director generals of both the Swedish Financial Supervisory Authority and the Swedish Environmental Protection Agency.
    And the Norwegians agree.
  4. Makarov and Schoar write:
    We show that the balances held at intermediaries have been steadily increasing since 2014. By the end of 2020 it is equal to 5.5 million bitcoins, roughly one-third of Bitcoin in circulation. In contrast, individual investors collectively control 8.5 million bitcoins by the end of 2020. The individual holdings are still highly concentrated: the top 1000 investors control about 3 million BTC and the top 10,000 investors own around 5 million bitcoins.
  5. Five years after Ethereum Classic became the remainder of the vulnerable currency, the result was:
    from the beginning of March to the beginning of May, the value of Ethereum Classic had shot up by over 1,000 percent. It jumped from about $12 a token to over $130.
  6. David Gerard provides a comprehensive overview of the latest "regulatory clarity" on cryptocurrencies from the international and US government agencies:
    • The Financial Action Task Force issued Updated Guidance for a Risk-Based Approach for Virtual Assets and Virtual Asset Service Providers. Gerard writes
      The October 2021 revision is to clarify definitions, give guidance on stablecoins, note the issues of peer-to-peer transactions, and clarify the travel rule, which requires VASPs to collect and pass on information about their customers.

      VASPs include crypto exchanges, crypto transfer services, crypto custody and financial services around crypto asset issuance (e.g., ICOs). VASPs must do full Know-Your-Customer (KYC), just like any other financial institution.
      As regard peer-to-peer transactions, Gerard writes:
      Jurisdictions should assess the local risks from peer-to-peer transactions, and possibly adopt optional provisions, such as restricting direct deposit of cryptos with VASPs (paragraphs 105 and 106) — Germany and Switzerland have already considered such rules.
    • The US Office of Foreign Assets Control's Sanctions Compliance Guidance for the Virtual Currency Industry explains that:
      Members of the virtual currency industry are responsible for ensuring that they do not engage, directly or indirectly, in transactions prohibited by OFAC sanctions, such as dealings with blocked persons or property, or engaging in prohibited trade- or investment-related transactions.
      In particular, US miners are required to blacklist wallets suspected of being owned by sanctioned entities. Gerard writes:
      Sanctions are strict liability — you can be held liable even if you didn’t know you were dealing with a sanctioned entity. Penalties can be severe, but OFAC recommends voluntary self-disclosure in case of errors, and this can mitigate penalties. You will be expected to correct the root cause of the violations.
    • The US Financial Crimes Enforcement Network issued Advisory on Ransomware and the Use of the Financial System to Facilitate Ransom Payments. Gerard writes:
      Insurers and and “digital forensic and incident response” companies have been getting more directly involved in ransomware payments — even paying out the ransoms. FinCEN expects such companies to: (a) register as money transmitters; (b) stop doing this.

      A lot of ransomware gangs are sanctioned groups or individuals. Payments to them are sanctions violations.
      The Federal Reserve, the FDIC and the OCC have joined the party with a Joint Statement on Crypto-Asset Policy Sprint Initiative and Next Steps. They:
      plan to provide greater clarity on whether certain activities related to crypto-assets conducted by banking organisations are legally permissible, and expectations for safety and soundness, consumer protection, and compliance with existing laws and regulations
  7. In Really stupid “smart contract” bug let hackers steal $31 million in digital coin, Dan Goodin reports that:
    blockchain-analysis company Elliptic said so-called DeFi protocols have lost $12 billion to date due to theft and fraud. Losses in the first roughly 10 months of this year reached $10.5 billion, up from $1.5 billion in 2020.
    That is ~5% of the $237B locked up in DeFi.
  8. But the only significant social benefit of cryptocurrencies is rampant speculation, mostly in an enormous Bitcoin futures market using up to 125x leverage, based on a Bitcoin-Tether market about one-tenth the size, based on a Bitcoin-USD market about one-tenth the size again. The Bitcoin-Tether market is highly concentrated, easily manipulated and rife with pump-and-dump schemes.

    A New Wolf in Town? Pump-and-Dump Manipulation in Cryptocurrency Markets by Anirudh Dhawan and Tālis J. Putniņš finds:
    Combining hand-collected data with audited data from a pump-and-dump aggregator, we identify as many as 355 cases of pump-and-dump manipulation within a period of six months on two cryptocurrency exchanges. Up to 23 million individuals are involved in these manipulations. We estimate that the 355 pumps in our sample are associated with approximately $350 million of trading on the manipulation days, and that manipulators extract profits of approximately $6 million from other participants. In all, 197 distinct cryptocurrencies or “coins” are manipulated, which implies that approximately 15% of all coins in our sample of exchanges are targeted by manipulators at least once in the six-month period. There are, on average, two pumps per day. This rate of manipulation is considerably higher than pump-and-dump manipulation in stock markets in recent decades.
    See also this post on the strange fact that:
    The futures curve for Bitcoin has been permanently upward sloping in Contango pretty much since inception, back in 2017 meaning that the price of the future asset is higher than the spot price of the asset for pretty much 4 years
    The implication that this arbitrage opportunity persistently exists and is not hammered by investors until it closes, is that there is some form of market dislocation or systemic credit risk that cannot be properly quantified or hedged.
    And on Celsius' offer of 17% interest on BTC loans, which clearly indicates a high degree of risk. Note that:
    Yaron Shalem, the chief financial officer of cryptocurrency lending platform Celsius, was one of the seven people arrested in Tel Aviv this month in connection with Israeli crypto mogul Moshe Hogeg
  9. Transaction fees make Makarov and Schoar's claim that "transacting in cryptocurrencies and storing them are essentially costless" false. The demand for transactions is variable, but the supply is fixed. Pending transactions bid their fees in a blind auction for inclusion in a block. The result is that when no-one wants to transact fees are low and when everyone does they spike enormously.

    BTC transaction fees
    The graph shows that as the Bitcoin "price" spiked to $63K in April the frenzy drove the average fee per transaction over $60. User's lack of understanding of transaction fees is illustrated by Jordan Pearson and Jason Koebler's ‘Buy the Constitution’ Aftermath: Everyone Very Mad, Confused, Losing Lots of Money, Fighting, Crying, Etc.:
    The community of crypto investors who tried and failed to buy a copy of the U.S. Constitution last week has descended into chaos as people are realizing today that roughly half of the donors will have the majority of their investment wiped out by cryptocurrency fees.
    Apparently, fees averaged $50/transaction, and the $40M raised paid about $1M in fees. That is 2.5%, very similar to the "extortionate" fees charged by credit card companies that cryptocurrency enthusiasts routinely decry.

    Vitalik Buterin has a proposal that attempts to paper over the fundamental problem of fixed supply and variable demand, as Ruholamin Haqshanas reports in Vitalik Buterin Proposes New EIP to Tackle Ethereum’s Sky-High Gas Fees:
    Vitalik Buterin has put forward a new Ethereum Improvement Proposal (EIP) that aims to tackle the network's gas fee problems by adding a limit on the total transaction calldata, which would, in turn, should reduce transaction gas cost.

    Since Ethereum can only process 15 transactions per second, gas fees tend to spike at times of network congestion. On November 9, the average transaction network fee reached USD 62 per transaction. As of now, Ethereum transactions cost around USD 44,
  10. With the Taproot soft fork, explained in WHY YOU SHOULD CARE ABOUT TAPROOT, THE NEXT MAJOR BITCOIN UPGRADE, Bitcoin is making transactions slightly more difficult to trace, but still not offering the anonymity of Monero:
    The Taproot upgrade improves this logic by introducing Merklelized Abstract Syntax Trees (MAST), a structure that ultimately allows Bitcoin to achieve the goal of only revealing the contract's specific spending condition that was used.

    There are two main possibilities for complex Taproot spending: a consensual, mutually-agreed condition; or a fallback, specific condition. For instance, if a multisignature address owned by multiple people wants to spend some funds programmatically, they could set up one spending condition in which all of them agree to spend the funds or fallback states in case they can't reach a consensus.

    If the condition everyone agrees on is used, Taproot allows it to be turned into a single signature. Therefore, the Bitcoin network wouldn't even know there was a contract being used in the first place, significantly increasing the privacy of all of the owners of the multisignature address.

    However, if a mutual consensus isn't reached and one party spends the funds using any of the fallback methods, Taproot only reveals that specific method. As the introduction of P2SH increased the receiver's privacy by making all outputs look identical — just a hash — Taproot will increase the sender's privacy by restricting the amount of information broadcast to the network.

    Even if you don't use complex wallet functionality like multisignature or Lightning, improving their privacy also improves yours, as it makes chain surveillance more difficult and increases the broader Bitcoin network anonymity set.
  11. Whales can't get the face value of their HODL-ings. Last Friday the price crashed 20% in minutes. David Gerard writes:
    Someone sold 1,500 BTC, and that triggered a cascade of sales of burnt margin-traders’ collateral of another 4,000 BTC. The Tether peg broke too.
    That is 0.03% of the stock of BTC. Gerard writes:
    The real story is that the whales — “large institutional trading firms,” ... want (or need) to realise the face value of their bitcoins, and they can’t, because there just aren’t enough actual dollars in the market. This is the same reason miners are keeping a “stockpile” of unsaleable bitcoins, as I’ve noted previously.

    So the whales are going to Goldman Sachs to ask for a loan backed by their unsaleable bitcoins, even though the collateral can’t possibly cover for the value of the loan even if Bitcoin doesn’t crash.
    HODL-ers wishing to cash out face significant problems, as recounted by Harry Brennan in Harry Brennan's ‘I made $4m profit on crypto, but the bank won’t let me spend it’:
    Digital currency traders sitting on huge gains have been turned away by banks, with financial institutions fearing they may be unwittingly taking money from law breakers who use digital currencies to hide wealth illegally.
    Clive Gawthorpe of accountant UHY Hacker Young said traders face long waits of up to 24 months to access their own money, with tax an increasing concern for banks. “Every time they trade in and out of a coin they trigger a taxable event, some dating back years – and we are talking about thousands of transactions without proper record keeping,” he said
  12. Here is a list of institutions that a real-world user of cryptocurrencies as they actually exist cannot avoid trusting:
    • The owners and operators of the dominant mining pools not to collude.
    • The operators of the exchanges not to manipulate the markets or to commit fraud.
    • The core developers of the blockchain software not to write bugs.
    • The developers of your wallet software not to write bugs.
    • The developers of the exchanges not to write bugs.
    And, if your cryptocurrency has Ethereum-like "smart contracts":
    • The developers of your "smart contracts" not to write bugs.
    • The owners of the smart contracts to keep their secret key secret.
    Every one of these has examples where trust was misplaced.
  13. In the medium term, Bitcoin and many other cryptocurrencies face two technological threats that might disrupt them and thus provide partial mitigation:
    • Quantum computing. Quantum attacks on Bitcoin, and how to protect against them by Divesh Aggarwal et al describes two threats they pose in principle:
      • They can out-perform existing ASICs at Proof-of-Work, but it is likely to be many years before this threat is real.
      • They can use Shor's algorithm to break the encryption used for cryptocurrency wallets, allowing massive theft. Aggarwal et al track the likely date for this, currently projecting between 2029 and 2044. When it happens there will be an estimated 4.6 million Bitcoins up for grabs.
    • The halvening. At regular intervals Bitcoin's mining rewards are halved, with the goal that the currency eventually become fee-only. Alas, Raphael Auer shows that a fee-only system is insecure.


David. said...

Matthew J. Schwarz's 9 Ransomware Trends: More Leaks, Higher Ransom Payments suggests that the FinCen report exaggerates the size of the ransomware industry.

David. said...

ZhiyuanH Sun reports that Monero community concerned as leading mining pool nears 51% of ecosystem's total hash rate:

"On Tuesday, privacy coin Monero (XMR) mining pool MineXMR's hash rate surpassed over 1.4 GH/s, accounting for 44% of the hash rate of the XMR network. MineXMR has about 13,000 miners and charges a 1% pool fee. According to a screenshot from last August, the pool only contributed to 34% of the hash rate of the XMR network.

The rapid rise in the network's hash rate has spooked some XMR enthusiasts"

David. said...

Regulatory clarity looms in Justice Department Announces First Director of National Cryptocurrency Enforcement Team:

"The Justice Department today announced the selection and appointment of Eun Young Choi to serve as the first Director of the National Cryptocurrency Enforcement Team (NCET).

Ms. Choi is a seasoned prosecutor with nearly a decade of experience within the department, and most recently served as Senior Counsel to the Deputy Attorney General. She will assume her duties full-time effective today."

David. said...

Oliver Milman reports on another obsolete coal-fired power plant "rescued" by Bitcoin mining in Bitcoin miners revived a dying coal plant – then CO2 emissions soared:

"The Hardin generating station, a 115-megawatt coal plant located a dozen miles from the historic site of the famous battle of Little Big Horn in southern Montana, was slated for closure in 2018 due to a lack of customers only to somehow limp on, operating on just 46 days in 2020. “We were just waiting for this thing to die,” said Anne Hedges, co-director of the Montana Environmental Information Center. “They were struggling and looking to close. It was on the brink. And then this cryptocurrency company came along.”

In a deal struck in late 2020, Marathon, a bitcoin “mining” company, became the sole recipient of the power station’s electricity. It established an elongated data center on 20 acres of land beside the facility that is packed with more than 30,000 Antminer S19 units, a specialized computer that mines for bitcoin."

The article features some industry-standard gaslighting from Marathon's CEO:

"Thiel likens bitcoin mining to the transactions processed in data centers by companies such as Amazon and Google and claimed that the industry is moving quickly towards renewable energy – Marathon plans to phase out its use of coal next year – after finding its options were limited when miners had to quickly shift away from China."

David. said...

Hamza Fareed Malik writes The rise of crypto on Wall Street could end up triggering another financial crisis, global watchdog warns:

"The Financial Stability Board said "ongoing vigilance" of institutional investors such as big banks and hedge funds is needed as they deepen their involvement in the $1.9 trillion crypto market.

"If the current trajectory of growth in scale and interconnectedness of crypto-assets to these institutions were to continue, this could have implications for global financial stability," the FSB said in a report published Wednesday.

Morgan Stanley last March became the first of the six biggest US banks to reveal plans to offer its wealth management clients access to bitcoin funds. It said at the time its clients had demanded exposure to the leading cryptocurrency."

David. said...

PZ Myers writes When you’ve lost the crypto bros, you’re being rejected by the bottom of the barrel, describing the reaction on r/Bitcoin to the news that the Bitcoin2022 conference will feature Jordan Peterson. There is a reason my talk links to this must-read thread by Dave Troy.

David. said...

Celebrities and others who have been shilling cryptocurrencies and NFTs should have their lawyers check this decision by the 11th Circuit. The winning Silver Miller law firm explains in this thread. TL;DR people who, online, solicited investment into the Bitconnect Ponzi can be held accountable. The court wrote:

"Technology has opened new avenues for both investment and solicitation. A new means of solicitation is not any less of a solicitation."

David. said...

In Elon Musk is right. Web3 is BS., Maciej Baron writes:

"To put it mildly, I am not Elon’s biggest fan. He’s an ignorant, narcissistic, reckless, self-indulgent buffoon who treats his employees like crap, and who just happens to be amazing at marketing himself, which helped him become a billionaire, despite running unprofitable companies.

Musk however, recently tweeted something that I wholeheartedly agree with: “Web3 sounds like bs”."

He goes on to make the same point that I started making more than four years ago in It Isn't About The Technology. He writes:

"The Web3 thinking is based on the naive technocratic assumption that technology and “smart ideas” can solve most of our societal problems. Its naivety also expands to the belief that free-market capitalism is the solution to the encroachment of monopolies, and not the system that is in fact actively creating and enlarging them.

There isn’t a technology that will solve this, and this isn’t happening because of a lack of a certain technology. We already have tools to create a decentralised web, and blockchains aren’t even the right technology to begin with."

His proposed solution is utopian:

"If we truly want to confront the power held by the big social media companies, we need to go in the opposite direction to what the Web3 cult is trying to take: look at the profit motive within the industry, look at adequate regulation. I’d go as far as saying that the only way to solve the problem with large social media companies is to remove business and profit from the whole equation."

For mine, see What Does The Decentralized Web Need? from three and a half years ago.

David. said...

Off-topic, but I can't resist noting that according to Bloomberg Nvidia is now #8 on their list of the most valuable companies in the world, just ahead of TSMC.

David. said...

I start this talk by pointing out the libertarian roots of cryptocurrencies. The connection between Austrian economics and cryptocurrency ideology is made clear in Dave Troy's must-read thread. But it is also clear in the roster of public figures shilling them. In the US we have Ted Cruz, Tucker Carlson, Jordan Peterson and many others. Jemima Kelly's What’s the story, blockchain Tory? shows the same right-wing grift infects the UK:

"the Tory crypto train has kept on chugging merrily along. There was the spectacular flop of Tory Baroness Mone’s crypto project, EQUI; there was then-chancellor Philip “Spreadsheet” Hammond promoting blockchain as an easy solution for the Irish Border problem; more recently there was chair of the UK foreign affairs committee Tom Tugendhat preaching the virtues of crypto by deploying unforgettable syntax such as “when the queen’s head leaves the coin and goes on to the blockchain”. And before any of them, of course, there was David Cameron — a man known for his impeccable taste in all things financial."

David. said...

Prof. Carol Alexander details the events of 26 July 2021 in Binance Spoofy Bots Cause Mass Liquidations. TL;DR is that 300M USDT was used to create a massive short squeeze resulting in, on her approximations, between 1300M and 8700M UDST profit.

David. said...

The entire Bace Cybersecurity Institute webinar, of which my talk was the first part, is now available on YouTube.

David. said...

Danny Palmer reports that Ransomware victims are paying up. But then the gangs are coming back for more:

"Of those [58%] who paid the ransom, just over half – 54% – regained access to data and systems after the first payment. But another third of ransomware victims ended up paying an additional ransom demand before they received the decryption key, while a further 10% also received additional ransom demands but refused the additional payment, walking away without their data.

In 4% of cases, organisations paid a ransom or ransoms but still couldn't retrieve their data, either because of a faulty decryption key, or because the cyber criminals simply took the money and ran."

David. said...

The Case Against Crypto by Marttin O'Leary, the Creative Technologist of Watershed, Bristol's "Cultural cinema, talent development and creative technology" center, is succinct and accurate. He concludes:

"The underlying technology of cryptocurrency is based on a world without trust. Its most ardent proponents want to demolish institutions and abolish regulation, reducing the world to a numbers game which they believe they can win. If the wildest fantasies of cryptocurrency enthusiasts were to come true, if all the environmental and technical objections were to fall away, the result would be financial capitalism with all the brakes taken off.

The promotion of cryptocurrencies is at best irresponsible, an advertisement for an unregulated casino. At worst it is an environmental disaster, a predatory pyramid scheme, and a commitment to an ideology of greed and distrust. I believe the only ethical response is to reject it in all its forms."

David. said...

Molly White adds to the "mistakes are inevitable" theme with NFT collector accidentally sells their rock for close to $0 instead of over $1 million:

"The owner of EtherRock #44 tried to list their NFT for sale for 444 ETH (almost $1.2 million), but erroneously listed it for 444 WEI—the fractional unit of ETH typically used for paying transaction fees. A bot programmed to look for listings like this one, where a pricey NFT is listed for far below its average or floor price, quickly snapped up the NFT before the buyer could remove the listing."

David. said...

David Gerard reports that "money is down for maintenance, please try later":

"The Eastern Caribbean Central Bank’s DCash CBDC went out of service on 14 January — because a cryptographic certificate expired in the instance of Hyperledger it runs on. After replacing the Hyperledger installation with a later version, service finally resumed on 9 March."

David. said...

To describe the ideological roots of cryptocurrencies I linked to Dave Troy's must-read tweetstorm and Finn Brunton's Digitial Cash. But I should have also linked to a much earlier analysis — David Golumbia's 2015 article Bitcoin as Politics: Distributed Right-Wing Extremism. He cites two ideas motivating Bitcoin:

"the desire to bypass the ... credit card and PayPal “blockade” of WikiLeaks, on the one hand ... and the desire to bypass central and/or commercial banks for either the creation of money (as many of the more rabid advocates insist) or the provision of financial services ... on the other. The former ideas emerge from a libertarian, anti-state politics familiar from much of the WikiLeaks story. The latter ideas emerge from the profoundly ideological and overtly conspiratorial anti-Central Bank rhetoric propagated by the extremist Right in the US, and which despite its overt “anti-bank” rhetoric, on most thoughtful analysis, serves rather than resists the interests of banks and big finance"

David. said...

“It’s a mess”: How crypto mining went from boom to bust in Kazakhstan by Naubet Bisenov and Meaghan Tobin shows that mining cryptocurrency using interruptible power works only as long as the interruptions are short:

"When Rest of World visited in early February, Aibolat Balgozhin, the company’s chief power engineer, was helpless. “We have not been able to operate properly since October 13, when the first power cuts hit us,” he told Rest of World. “And we are kept in the dark as to when we would be able to work at full capacity or what solutions the power grid operator, KEGOC, is going to come up with.”

In September 2021, when China banned all cryptocurrency-related activity, it reshaped an industry for which it had provided a haven. Miners scrambled into crypto-friendly Kazakhstan, propelling the country into world’s second-biggest Bitcoin production base, by one estimate.

But six months later, the industry is already being pushed out. Facing civil unrest and blackouts on the electricity grid, the government has throttled the power supply of the miners it once welcomed."

David. said...

David Gerard takes issue with part of my talk, and I agree with the point he makes:

"David says that what we now know as “permissioned blockchains” are thirty years old — and he should know, ’cos he worked on a pile of this stuff himself.

But I think that’s not the right way to look at the term. Sharing Merkle-tree ledgers is thirty years old — but the word “blockchain” is a marketing pitch. “Blockchain” promises to let companies into the magical world of Bitcoin, where you can get results for free — and it inherited those promises from Bitcoin.

The term “permissioned blockchain” is claimed by Monax in 2014, back when Preston Byrne was still COO. To be clear, Monax had a real product, which became Hyperledger Burrow — and it didn’t make nigh-magical promises. And Byrne is very clear on blockchain’s non-magical nature. [LetKnowNews, 2018; Project Syndicate, 2018]

But enterprise use of the word “blockchain” follows from the cryptocurrency world. And you can tell this because it’s promoted as enterprise magic by the same people who promote Bitcoin as financial magic, it’s promoted this way in the same venues, and the promises are literally the Bitcoin promises with the buzzword changed."

David. said...

Mark Frauenfelder reports on another instance of immutability in action in Gentleman accidentally sells NFT of a rock for $0.0012, it later sells for $641,866:

" I just erroneously listed @etherrock #44 for 444 wei instead of 444 eth��‍♂️

Bot sniped it in the same block and trying to flip for 234 eth

In one click my entire net worth of ~$1 million dollars, gone

Is there any hope?


Can snipers show mercy?"

David. said...

Another community struggling with a cryptocurrency externality in Kevin Williams' An Appalachian town was told a bitcoin mine would bring an economic boom. It got noise pollution and an eyesore.:

"Supporters of the crypto plant promised an expanded tax base and job creation. What residents say they got was the constant din from massive computers and equally massive cooling fans.
But while supporters tout economic benefits such as an expanded tax base and job creation, residents in areas that initially welcomed crypto mining are now experiencing buyer’s remorse.

Kent Harris, a Washington County commissioner, looks back on his vote authorizing the Limestone crypto mining operation and shakes his head.

“It looks like a German POW camp,” Harris said of the bitcoin mine, which is surrounded by barriers, cameras and fencing topped with razor wire.

“I have never regretted a vote like this one. I sure wish I could take it back,” he said."

David. said...

Molly White provides an example of how "flash loans" can facilitate crime:

'Some owners of Bored Ape and related NFTs had put their NFTs into an NFTX vault, which is a setup where someone takes a subset of their NFTs and creates a token that is based on them. The token can then be staked to generate yield, or can be sold, and if someone owns enough of the tokens, they can redeem them for the NFTs. A clever operator found a vault containing five Bored Ape NFTs, which had unclaimed $APE associated with them since they were locked up in the vault. They used a flash loan to purchase a large amount of the vault's token, redeem the five BAYC NFTs, claim the airdropped tokens, return the BAYC NFTs, sell back the tokens, and repay the loan, all in one transaction that cost them nothing but netted them 60,564 $APE, which they then swapped for 399 ETH ($1.1 million)."

David. said...

Today Molly White has another flash-loan based theft:

"A hacker was able to use a flash loan attack to exploit an issue with OneRing Finance. By manipulating the price of tokens in the project's liquidity pool, the hacker was able to draw out 1.45 million USDC ... The hacker complicated things somewhat for OneRing by covering their tracks. They used a "self-destruct" mechanism—typically used by developers to destroy smart contracts that are found to have a bug—to destroy the contract they used to carry out the attack, making it more difficult for OneRing to determine which parts of their codebase were vulnerable and led to the attack."

Wait ... "immutable" vs. "self-destruct" ... does not compute.

David. said...

Molly White has yet another flash-loan based theft:

"The security firm PeckShield reported that the Pye ecosystem had been targeted with a flash loan attack, which drained around $2.6 million from the protocol."

David. said...

Gilad Edelman points out that The Future of Digital Cash Is Not on the Blockchain:

"A bill introduced in Congress on Monday seeks to re-create the virtues of cash, privacy and all, in digital form. The ECASH Act would direct the US government to experiment with issuing digital dollars that are stored on hardware, not in bank accounts, and can be used without an internet connection. The idea of new, surveillance-proof currency will surely face skepticism within government. But with paper money on a slow path to extinction, the case for a real digital alternative will only grow stronger."

David. said...

We have a new world record DeFi hack! Andrew Thurman reports that Axie Infinity’s Ronin Network Suffers $625M Exploit:

"An attacker “used hacked private keys in order to forge fake withdrawals” from the Ronin bridge across two transactions, as seen on Etherscan.

While the Ronin sidechain has nine validators requiring five signatures for withdrawals and is meant to protect against these types of attacks, the blog post notes that “the attacker found a backdoor through our gas-free RPC node, which they abused to get the signature for the Axie DAO validator.”

The blog post pegged the losses at 173,600 ether and 25.5 million in USDC, currently worth in excess of $625 million."

David. said...

It is often claimed that the Lightning Network willl off-load the Bitcoin blockchain so much that 7 transactions a second will be enough for the system to scale. Arcane Research's hype-fest report on The State of Lightning says (page 25):

"Per our Lightning Network transaction estimates, we find that the Lightning Network processed 663,000 transactions into and from commonly used wallets in September 2021."

Bitcoin averaged 1.7K transactions/block for the ~4,320 blocks in September 2021, or ~7.344M transactions, which is 11 times as many as the Lightning Network did. Not really a big help in scaling.

Tip of the hat to David Gerard.

David. said...

Kyle Orland explains the Ronin hack in How did a hacker steal over $600 million from a crypto gaming blockchain?.

David. said...

Big Stock Sales Are Supposed to Be Secret. The Numbers Indicate They Aren’t by Liz Hoffman , Corrie Driebusch and Tom McGinty shows that abuse of trust in dark pools is rampant on Wall St.:

"For years, something strange kept happening on Wall Street. Before a big shareholder could carry out plans to sell a slug of stock, the price dropped. It was as if other investors knew what was coming.
These transactions, known as block trades, are supposed to be a secret between the selling shareholders and the investment banks they hire to execute the trades. But a Wall Street Journal analysis of nearly 400 such trades over three years indicates that information about the sales routinely leaks out ahead of time—a potentially illegal practice that costs those sellers millions of dollars and benefits banks and their hedge-fund clients.

The Journal’s analysis, covering 393 block trades between 2018 and 2021, found that 58% of the time, the share price declined in the trading session immediately beforehand, controlling for the performance of peer companies."

David. said...

Ed Zitron hits the nail on the head in The Infinite Exploitation Of Cryptocurrency:

"Cryptocurrency is a threat to people’s livelihoods, an ugly, unfair casino built to extract resources from the bottom and deliver them to the top. Every little anecdote of an artist making money on NFTs is overshadowed by the many people that you can find in basically any cryptocurrency project’s Telegram that are terrified that the investment that they made thinking they’d “found the next Bitcoin” is potentially a dead end. Libertarianism does not exist to create balance - it exists to create discord that can then be exploited, and cryptocurrency is powerful, wretched proof.

I may seem alarmist, but it’s time to stop humoring this industry and regulate it into dust. Whatever theoretical benefits may exist with regards to decentralization are irrelevant to the tangible harm that cryptocurrency is causing, and I can’t even tell you what these theoretical benefits may be.

What I can tell you is the damage it does. What I can tell you is that people are losing what little they have at one of the worst times in history for wealth disparity, all while enriching people that are lying through their teeth about sharing their resources."

David. said...

In EU lawmakers set to tighten up on crypto transfers, Huw Jones and Tom Wilson report that:

"European Union lawmakers were set on Thursday to back tougher safeguards for transfers of bitcoin and other cryptocurrencies, in the latest sign that regulators are tightening up on the freewheeling sector.

Two committees in the European Parliament have thrashed out cross-party compromises to be voted on.
Under the proposal first put forward last year by the EU's executive European Commission, crypto firms such as exchanges would have to obtain, hold, and submit information on those involved in transfers.
The Commission had proposed applying the rule to transfers worth 1,000 euros ($1,116) or more, but under the cross-party agreement this 'de minimis' rule has been scrapped - meaning all transfers would be in scope."

David. said...

Dirty Bubble Media's Anatomy of a (fake) Market starts:

"Over the last few months, Dirty Bubble Media has documented the various questionable and potentially fraudulent aspects of the crypto lending firm Celsius Network. We’ve previously shown that their CEO has a tenuous relationship with the truth, that their business model is (at best) a hyper-risky Rube Goldberg debt machine, and that their proprietary token $CEL shows many hallmarks of market manipulation."

They conclude:

"that at least 59% of CEL/WETH volume on Uniswap from 3/21-3/26/22 was wash trading. Nearly half of the total volume came from a single “market maker,” with an additional 12% generated by other obvious wash-trading wallets.

Based on our previous observations of CEL trading on FTX, it would be reasonable to include these transfers under the category of wash trades. Further, the trades between Uniswap and the 1inch DEX exchange may also represent “market faking” activity. In total, this means that conservatively 75% or more of the CEL/WETH volume on Uniswap represents fake demand for CEL token. This would be in line with previous studies showing that ~70% of crypto trading is likely wash trading."

David. said...

Crypto Miners in Texas Need ‘Approval to Energize’ in New Grid Hurdle by Naureen S Malik reveals that even Texas has limits:

"Texas has started requiring new large-scale cryptocurrency miners to seek permission to connect to the state’s power grid in anticipation of a flood of requests expected to drive up electricity demand.

The Electric Reliability Council of Texas Inc., is requiring utilities to submit studies on the impact of miners and other large users tapping the grid before they can get “approval to energize,” according to a March 25 notice from the state’s main grid operator. Ercot members voted Wednesday to form a task force to hash out details of an interim plan that’s ultimately meant to protect the grid from being overwhelmed."

David. said...

Simon Sharwood writes in Web3 'contains the seeds of a dystopian nightmare' says analyst firm:

"Analyst firm Forrester Research has had a look at Web3 – the buzzword describing blockchain-powered decentralized metaverse-y stuff – and decided there's not a lot to like.

The firm this week issued a pair of documents assessing Web3.

The first, titled "Web3 And Web 3.0 Are Synonymous Today – But This Wasn't Always True", points out that the term "Web 3.0" was first used in the mid-2000s, when it was used interchangeably with Sir Tim Berners-Lee's vision of a "semantic web". The term re-emerged in 2014 when Ethereum cofounder Gavin Wood suggested the Ethereum blockchain become the foundation for a decentralized web.
Forrester's second document, titled "Web3 Promises A Better Online Future But Contains The Seeds Of A Dystopian Nightmare", defines nine key tenets of Web3, then smacks them all down.

Here's a summary of what the firm says are Web3's visions, and realities:

* Decentralization Impossible to achieve, as shown by current crypto projects centering around certain (usually large) actors;
* Trust in code, not companies: the belief that a community’s smart contracts encode and enforce its rules We should all trust unknown developers why, exactly?
* Always using open and transparent code Doesn't stop monopolies forming, and relies on a small pool of people capable of assessing code;
* Crypto-economic principles designed so that systems benefit all participants Favour the wealthy and grow monopolies;
* Users own and control the data and content they create Concept of 'ownership' is vague and most users are not willing or able to make constant decisions about their data;
* Users manage their own identity and credentials Not many will bother, partly because it is hard;
* Users control the apps and networks they use Forrester can't see that happening beyond a few tech-savvy types, and reminds readers that lots of online communities have soured or become fractious. If those community problems emerge as disputes among those who run apps and networks people have trusted to do stuff like manage their finances, we get the dystopian scenario in the document's title;
* Decentralized autonomous organizations, entities that exist as a collection of smart contracts Have no legal basis and work on a utopian assumption that all possibilities can be coded;
* Decentralized finance (DeFi) Nice idea, shame it lacks consumer protection, while risk management requires the code inspection that few can perform.

The document also warns that Web3 is currently "dominated by speculators in cryptocurrencies and other digital assets like NFTs; it's an unregulated environment in which the actions of scammers and fraudsters derail the best of intentions."

David. said...

The attack surface of Web3 is immense. Molly White reports that User loses £55,000 (~$72,000) to Trezor phishing email:

"A Bitcoin holder using a Trezor hardware wallet fell victim to a phishing scam after attackers stole email lists from a third-party vendor use by Trezor."

Mailchimp: Crook stole cryptocurrency clients' mailing-list subscriber info by Jessica Lyons Hardcastle provides the details:

"Mailchimp has confirmed a miscreant gained access to one of its internal tools and used it to steal data belonging to 100-plus high-value customers.

The clients were all in cryptocurrency and finance-related industries, according to Mailchimp. "Our findings show that this was a targeted incident," the mailing-list giant's CISO Siobhan Smyth said in a statement to The Register on Monday.

Rumors of the intrusion surfaced on Twitter over the weekend: on Sunday, hardware cryptocurrency wallet maker Trezor, whose website is, warned someone was sending out emails from noreply[at]trezor[dot]us containing a link to malware designed to harvest wallet owners' information."

David. said...

Molly White's post The Axie Infinity hack, what happened, and why people keep talking about bridges is a good overview. She concludes:

"If Sky Mavis doesn’t recover the funds, they’re in a tough spot. The various tokens that operate on the Ronin network are now majorly unbacked. They could go the Wormhole route, and come up with $625 million to restore backing.6 I would say this seems unlikely, but I would’ve said Wormhole coming up with $320 million was unlikely too, and I was shown to be wrong on that one. The company lists some pretty big names among its investors—they raised $152 million in Series B funding in October 2021 from firms including Andreessen Horowitz, Accel, and Paradigm, valuing the company around $3 billion."

One has to wonder about the values of VCs investing in a company whose business is sharecropping desperate Filipinos:

"By November 2021, only the skilled players were making above even minimum wage—and only barely—despite the continuing narrative that Axie was changing lives in the Philippines by allowing people to play video games for a living."

David. said...

Olga Kharif states the obvious in The Hottest NFT Marketplace is Mostly Users Selling to Themselves:

"A closer look at the LooksRare platform that has quickly become the leading NFT marketplace by trading volume shows that most of the activity is actually users selling tokens to themselves to help earn rewards in the form of more coins.
About $18 billion of the trading volume on the platform, or about 95% of the total activity, can be attributed to what’s often referred to as wash sales, according to data compiled by NFT tracker CryptoSlam. The transactions are seen as one of the many gray areas in crypto when it comes to regulation. In this case, the sales are done to win new tokens rather than to pump up nonfungible token prices to lure unsuspecting buyers. The marketplace benefits from the fees generated by each transaction.
At the same time, LooksRare has effectively helped to mask the cooling of demand in the NFT market. Total sales on OpenSea have declined every month since January, according to data from Dune Analytics. The site’s sales volume is down 67% in the last 30 days, according to data from DappRadar. The number of traders has decreased 23%."

David. said...

Lois Parshley reports on another town suffering from cryptocurrency mining in How Bitcoin mining devastated this New York town:

"At the time, Plattsburgh had some of the least expensive power anywhere in the United States, thanks to cheap hydroelectricity from the Niagara Power Authority.

It didn’t take long for a subsidiary of the popular mining firm Coinmint to lease a Family Dollar store in Plattsburgh. The city’s building inspector, Joe McMahon, remembers that the man who signed the lease, Prieur Leary, wanted everything done quickly. “Overnight, he wanted power on,” McMahon says. “We were all uneasy about it but didn’t know the harm.”

Coinmint filled the building with servers, running them 24 hours a day. When the miners wanted to expand into a nearby shopping center, Bill Treacy, the manager of the Plattsburgh municipal lighting department, told them that they would have to invest $140,000 in new infrastructure. He was surprised when they weren’t discouraged. Soon, the company was regularly drawing over 10 megawatts, enough power for about 4,000 homes.
In January 2018, there was a cold snap. People turned up their heat and plugged in space heaters. The city quickly exceeded its quota of hydropower, forcing it to buy power elsewhere at much higher rates. McMahon says his Plattsburgh home’s energy bill jumped by $30 to $40 a month. “People felt there was a problem but didn’t know what to attribute it to,” he says.
From 2016 to 2018, crypto mining in upstate New York increased annual electric bills by about $165 million for small businesses and $79 million for individuals, a recent paper found."

David. said...

Eshe Nelson and Adam Satariano report on yet another externality of cryptocurrencies in The Next Hurdle in Europe’s Energy Transition: Being More Enticing Than NFTs. The subhead says it all:

"Financing the next generation of green energy technologies means larger investments and getting venture capitalists to turn their attention away from “fast money.”


"Tony Fadell, who spent most of his career trying to turn emerging technologies into mainstream products as an executive at Apple and founder of Nest, said that even as the world faced the risks of climate change, money was flooding into less urgent developments in cryptocurrency, the so-called metaverse and the digital art collections sold as NFTs. Last year, venture capitalists invested $11.9 billion in renewable energy globally, compared with $30.1 billion in cryptocurrency and blockchain, according to PitchBook.

Of the $106 billion invested by venture capitalists in European start-ups last year, just 4 percent went into energy investments, according to PitchBook."

David. said...

K.E.D Coan observes Betteridge's Law in Can semiconductor makers meet surging demands sustainably?. The subhead sums it up:

"It will likely take more than pledges to make the chip industry sustainable"

David. said...

Michael D. McDonald reports that Bitcoin-Bond Sale Flop Deepens Debt Market Rout in El Salvador:

"For five months now, El Salvador President Nayib Bukele has been trying to hawk a Bitcoin-backed bond to international investors. This, he’s insisted, is a better option than turning to multilateral lenders in Washington for more conventional financing.

It’s not working. Bukele, a devout believer in crypto currencies, has yet to receive a single penny of the $1 billion he’s seeking, and this -- along with stalled talks with the International Monetary Fund -- is deepening concern among creditors that the country will fail to pay back an $800 million bond at the start of next year."

And David Gerard reports that The Central African Republic adopted Bitcoin last week:

"Nobody seems to have any idea where the new cryptocurrency law came from, with no prior warning. It’s cribbed from El Salvador’s Bitcoin Law. But we have no idea who pushed this through, to what end.

The Central African Republic is incredibly corrupt, and its people are desperately poor despite the country’s mineral wealth. The CAR ranks 188 out of 189 countries in the UN’s Human Development Index. El Salvador is a gleaming jewel of functionality by comparison.

The cryptocurrency law was rushed through, and some legislators are taking the law to the constitutional court. “This law is a way of getting out of the CFA franc through a means that guts the common currency,” former prime minister Martin Ziguélé told AFP."

David. said...

Lots of detail on the fiasco in El Salvador in Are Cryptocurrencies Currencies? Bitcoin as Legal Tender in El Salvador by Fernando E. Alvarez, David Argente and Diana Van Patten:

"We conduct a representative national face-to-face survey to obtain information on bitcoin’s usage and effects. Leveraging this data, we document how, despite the government’s “big push” and a large fraction of people downloading Chivo Wallet, usage of bitcoin for everyday transactions is low and is concentrated among the banked, educated, young, and male population."

David. said...

Today in cryptocurrency externalities, Rob Beschizza reports that College to close after severe ransomware attack:

"Lincoln College, among few rural historically Black colleges, survived two World Wars and the Great Depression. But a ransomware attack, two years of the Covid pandemic, and a bunch of other stuff have finally put an end to it."

David. said...

Today's cryptocurrency externality is ‘Crypto muggings’: thieves in London target digital investors by taking phones> by Rob Davies:

"Thieves are targeting digital currency investors on the street in a wave of “crypto muggings”, police have warned, with victims reporting that thousands of pounds have been stolen after their mobile phones were seized.

Anonymised crime reports provided to the Guardian by City of London police, as part of a freedom of information request, reveal criminals are combining physical muscle with digital knowhow to part people from their cryptocurrency.

One victim reported they had been trying to order an Uber near London’s Liverpool Street station when muggers forced them to hand over their phone. While the gang eventually gave the phone back, the victim later realised that £5,000-worth of ethereum digital currency was missing from their account with the crypto investing platform Coinbase."

David. said...

More evidence that Google thinks properly accounting for data centers' carbon footprint isn't something they want in Sarah Perez' Google cancels half the projects at its internal R&D group Area 120. Among the victims were (my emphasis):

"three climate-related projects. These latter projects had focused on EV car-charging maps with routing, carbon accounting for IT and carbon measurement of forests."

David. said...

Economic estimation of Bitcoin mining’s climate damages demonstrates closer resemblance to digital crude than digital gold by Benjamin A. Jones, Andrew L. Goodkind & Robert P. Berrens from the University of New Mexico concludes:

"that for 2016–2021: (i) per coin climate damages from BTC were increasing, rather than decreasing with industry maturation; (ii) during certain time periods, BTC climate damages exceed the price of each coin created; (iii) on average, each $1 in BTC market value created was responsible for $0.35 in global climate damages, which as a share of market value is in the range between beef production and crude oil burned as gasoline, and an order-of-magnitude higher than wind and solar power."

David. said...

Hannah Brown reports that Bitcoin mining is drowning out the sound of Niagara Falls - here’s how:

"Attracted by the cheap hydroelectric power available in Niagara Falls, digital mining company Blockfusion took up residence at a former coal factory there in 2019, followed by US Bitcoin in 2020, which operates from a former sodium plant.
"I get four hours of sleep, maybe, because of that constant noise," says Elizabeth Lundy, a resident of Niagara Falls who lives about two blocks from the US Bitcoin plant.

"I can hear the noise even through the storm windows."

From Elizabeth’s front porch the noise can be heard loud and clear. And it only gets louder as you get closer to the plant on Buffalo Avenue.

Another local, who lives more than 1.5km from the plant, compares the sound to a 747 jet. Once, he could hear the sound of Niagara Falls - over 3km away - from his back garden, but now it’s just the whirring sound of the Bitcoin plant."

David. said...

Tim Bray was inspired by the failure of the Australian Securities Exchange's 7-year blockchain project to write AWS and Blockchain, a fascinating account of how AWS figured out that there was no there there in blockchain technology, but were happy to take money from people who thought there was. It is a must-read post.

David. said...

Byron Kaye's Australian stock exchange's blockchain failure burns market trust shows the downside of getting caught up in the blockchain hype:

"More than a dozen brokers, other market participants and people directly involved in the blockchain project told Reuters the failure had shaken trust in the Australian exchange operator. Some expressed dismay over the time and costs they contributed to the doomed endeavour and ASX's repeat assurances that all was well with the upgrade, which had faced five delays since an initially scheduled 2020 launch.

The experience also raised questions of a mismatch between the promises and reality of the technology that underpins cryptocurrencies. Use of a distributed ledger in Australia's critical financial infrastructure would have been one of the most significant applications of blockchain-based systems in a mainstream corporate setting."