Responsible Disclosure Policies

Recently, Uber was completely pwned, apparently by an 18-year-old. Simon Sharwood's Uber reels from 'security incident' in which cloud systems seemingly hijacked provides some initial details:

Judging from screenshots leaked onto Twitter, though, an intruder has compromised Uber's AWS cloud account and its resources at the administrative level; gained admin control over the corporate Slack workspace as well as its Google G Suite account that has over 1PB of storage in use; has control over Uber's VMware vSphere deployment and virtual machines; access to internal finance data, such as corporate expenses; and more.

And in particular:

Even the US giant's HackerOne bug bounty account was seemingly compromised, and we note is now closed.

According to the malware librarians at VX Underground, the intruder was using the hijacked H1 account to post updates on bounty submissions to brag about the degree of their pwnage, claiming they have all kinds of superuser access within the ride-hailing app biz.

It also means the intruder has access to, and is said to have downloaded, Uber's security vulnerability reports.

Thus one of the results of the incident is the "irresponsible disclosure" of the set of vulnerabilities Uber knows about and, presumably, would eventually have fixed. "Responsible disclousure" policies have made significant improvements to overall cybersecurity in recent years but developing and deploying fixes takes time. For responsible disclosure to be effective the vulnerabilities must be kept secret while this happens.

Stewart Baker points out in Rethinking Responsible Disclosure for Cryptocurrency Security that these policies are hard to apply to cryptocurrency systems. Below the fold I discuss the details.

Cryptocurrency-enabled Crime

Source

Robin Wigglesworth's An anatomy of crypto-enabled cyber crime points to An Anatomy of Crypto-Enabled Cybercrimes by Lin William Cong, Campbell R. Harvey, Daniel Rabetti and Zong-Yu Wu. They write in their abstract that:

Assembling a diverse set of public, proprietary, and hand-collected data including dark web conversations in Russian, we conduct the first detailed anatomy of crypto-enabled cybercrimes and highlight relevant economic issues. Our analyses reveal that a few organized ransomware gangs dominate the space and have evolved into sophisticated firm-like operations with physical offices, franchising, and affiliation programs. Their techniques also have become more aggressive over time, entailing multiple layers of extortion and reputation management. Blanket restrictions on cryptocurrency usage may prove ineffective in tackling crypto-enabled cybercrime and hinder innovations. But blockchain transparency and digital footprints enable effective forensics for tracking, monitoring, and shutting down dominant cybercriminal organizations.

Wigglesworth comments:

Perhaps. But while it is true that blockchain transparency might enable arduous but effective analysis of crypto-enabled cyber crime, reading this report it’s hard not to think that the transparency remedy is theoretical, but the costs are real.

I have argued that the more "arduous but effective analysis" results in "tracking, monitoring, and shutting down" cybercriminals, the more they will use techniques such as privacy coins (Monero, Zcash) and mixers (Tornado Cash). Indeed, back in January Alexander Culafi reported that Ransomware actors increasingly demand payment in Monero:

In one example of this, DarkSide, the gang behind last year's Colonial Pipeline attack, accepted both Monero and Bitcoin but charged more for the latter because of traceability reasons. REvil, which gained prominence for last year's supply-chain attack against Kaseya, switched to accepting only Monero in 2021.

Below the fold I discuss both Cong et al's paper, and Erin Plante's $30 Million Seized: How the Cryptocurrency Community Is Making It Difficult for North Korean Hackers To Profit, an account of Chainalysis' "arduous but effective" efforts to recover some of the loot from the Axie Infinity theft.

White House Statement On Cryptocurrency Regulation

The White House issued a statement entitled Following the President’s Executive Order, New Reports Outline Recommendations to Protect Consumers, Investors, Businesses, Financial Stability, National Security, and the Environment describing the state of the policy development process to which I contributed twice:

The nine reports submitted to the President to date, consistent with the EO’s deadlines, reflect the input and expertise of diverse stakeholders across government, industry, academia, and civil society. Together, they articulate a clear framework for responsible digital asset development and pave the way for further action at home and abroad. The reports call on agencies to promote innovation by kickstarting private-sector research and development and helping cutting-edge U.S. firms find footholds in global markets. At the same time, they call for measures to mitigate the downside risks, like increased enforcement of existing laws and the creation of commonsense efficiency standards for cryptocurrency mining. Recognizing the potential benefits and risks of a U.S. Central Bank Digital Currency (CBDC), the reports encourage the Federal Reserve to continue its ongoing CBDC research, experimentation, and evaluation and call for the creation of a Treasury-led interagency working group to support the Federal Reserve’s efforts.

Below the fold I describe some of the details of this "framework", which unfortunately continues to use the misleading "digital asset" framing.

Miners' Extractable Value

According to the official Ethereum website "Maximal Extractable Value" (MEV) is a feature not a bug. MEV is a consequence of the fact that it is the miners, or rather in almost all cases the mining pools, that decide which transactions, from the public mempool of pending transactions, or from a dark pool, or from the mining pool itself, will be included in the block that they mine, and in what order. The order is especially important in Turing-complete blockchains such as Ethereum; allowing miners to front-run, back-run or sandwich transactions from elsewhere. The profit from doing so is MEV. MEV is being renamed from Miners Extractable Value to Maximal Extractable Value since it turns out that miners are not the only actors who can extract it.

Ethereum mining 11/07/21

In Ethereum, the MEV profit is enhanced because mining is dominated by a very small number of large pools; last November two pools shared a majority of the mining power. Thus there is a high probability that these pools will mine the next block and thus reap the MEV. Note that activities such as front-running are illegal in conventional finance, although high-frequency traders arguably use these techniques.

I wrote about these issues in Ethereum Has Issues, discussing Philip Daian et al's Flash Boys 2.0: Frontrunning in Decentralized Exchanges, Miner Extractable Value, and Consensus Instability and Julien Piet et al's Extracting Godl [sic] from the Salt Mines: Ethereum Miners Extracting Value, but this just scratched the surface. Below the fold I review ten more contributions.

Impossibilities

I'm starting to see a series of papers each showing that some assertion about the cryptocurrency ecosystem that crypto-bros make can't be true. I wrote about the first one I noticed in Ethereum Has Issues, but I have since seen several more. Below the fold I briefly review them, I'll update this post if I see more to maintain a chronological list of these research results.

Investment Frauds

It appears that Preston Byrne, inspired by @DontPanicBurns, coined the term "Nakamoto Scheme" in 2017's The Problem with Calling Bitcoin a “Ponzi Scheme”:

The Nakamoto Scheme is an automated hybrid of a Ponzi scheme and a pyramid scheme which has, from the perspective of operating a criminal enterprise, the strengths of both and (currently) the weaknesses of neither.

The Nakamoto Scheme draws strength from the same things which make pyramids and Ponzis so compelling, in that it promises insane investment returns, can be accessed by the man on the street with almost no effort at all, and recruits individual participants as new, self-interested evangelists of the scheme.

Byrne made no suggestion that the fraudulent aspects were intentional, and in riffing on Byrne's post David Gerard amplified the point:

The problem with calling Bitcoin a “Ponzi scheme” or “pyramid scheme” is that a Ponzi conventionally has a mastermind at the top, making the money.

Bitcoin doesn’t have that. (And Bitcoiners are very big on this as a reason not to call it a “Ponzi”!) Satoshi Nakamoto appears to have been completely sincere in setting up Bitcoin.

Even given Nakamoto’s extensively documented political aims for Bitcoin — an anarcho-capitalist reimplementation of the gold standard, with banker conspiracies along for the ride — he was disconcerted at just how rabid the fans got about the possibility of profit. He even asked them to hold off on video card mining because it would spoil things for getting everyone involved.

Now, in THE STRANGE CASE OF NAKAMOTO'S BITCOIN - PART 1, Sal Bayat repeats Byrne's analysis in much greater detail but does suggest that Nakamoto intended the fraud. Below the fold I critique Bayat's post

Forking Ethereum

The problems caused by making vulnerable software immutable were revealed by the first major "smart contract". The Decentralized Autonomous Organization (The DAO) was released on 30th April 2016, but on 27th May 2016 Dino Mark, Vlad Zamfir, and Emin Gün Sirer posted A Call for a Temporary Moratorium on The DAO, pointing out some of its vulnerabilities; it was ignored. Three weeks later, when The DAO contained about 10% of all the Ether in circulation, these vulnerabilities were exploited:

allowing the removal of more than 3m ethers.

Subsequent exploitations allowed for more funds to be removed, which ultimately triggered a ‘white hat’ effort by token-holders to secure the remaining funds. That, in turn, triggered reprisals from others seeking to exploit the same flaw.

An effort to blacklist certain addresses tied to The DAO attackers was also stymied mid-rollout after researchers identified a security vulnerability, thus forcing the hard fork option.

The "hard fork" split the Ethereum blockchain into two. On the fork that became today's Ethereum the coins in The DAO ended up in a new "smart contract" from whence they could be recovered by the investors. On the fork that became today's Ethereum Classic, the coins stayed in the various attackers' wallets and were renamed ETC. When ETC started trading on 27^th July 2016 it opened at $0.60; ETH was trading at $12.97. Since then, ETH peaked at $4.8K and ETC peaked at $137, so it is clear which fork the market preferred.

Back in February Laura Shin published Austrian Programmer And Ex Crypto CEO Likely Stole $11 Billion Of Ether claiming to identify the perpetrator. The headline overhypes the story. The 3.6M ETH stolen from The DAO wasn't worth $11B at the time of the theft, more like $43M. After the hard fork, the 3.6M ETC was worth under $3M; back in February it was worth about $100M.

Now, as the Ethereum team attempts to finalize their long-delayed goal of switching from Proof-of-Work to Proof-of-Stake, another hard fork looms. Below the fold, I look into why this time things are much more complex.

Optical Media Durability Update

Four years ago I posted Optical Media Durability and discovered:

Surprisingly, I'm getting good data from CD-Rs more than 14 years old, and from DVD-Rs nearly 12 years old. Your mileage may vary.

Three years ago I repeated the mind-numbing process of feeding 45 disks through the reader and verifying their checksums. Two years ago I did it again, and then again a year ago.

It is time again for this annual chore, and yet again this year every single MD5 was successfully verified. Below the fold, the details.

The Exchange You Can Trust

One of the many ironies about "decentralized, trustless" cryptocurrencies is that they are neither decentralized nor trustless. Since in practice you can neither buy nor sell real goods using them, you need to trust an exchange to convert fiat to cryptocurrency and vice versa. Exchanges range from those you definitely shouldn't trust, such as Binance, through somewhat less sketchy ones such as Kraken (now being investigated for sanctions busting) to Coinbase, which presents itself as a properly regulated, US based exchange that is totally trustworthy.

But recently cracks have been appearing in their façade of respectability, big enough that even the New York Times has noticed. The Humbling of Coinbase by David Yaffe-Bellany and Mike Isaac summarizes the situation:

Coinbase rose to prominence as one of the first major crypto companies, a gateway to the chaotic world of digital assets for amateur investors. But as it has grown from plucky start-up to publicly traded company, its status as an industry leader has been threatened by a series of missteps and a steep decline in the crypto market over the last six months.

Below the fold I probe into some of these cracks.

Helium

A major reason that cryptocurrencies have become such a problem is that mainstream journalists normally just regurgitate the hype they are fed by people Talking Their Book. Kevin Roose is a New York Times "technology columnist" who is infatuated with cryptocurrencies. Last March he wrote The Latecomer's Guide to Crypto, which was so bad that Molly White assembled a group of experts to perform a devastating fact-check. Roose responded by justifying "talking his book" in a since-deleted tweet:

Crypto is pretty experiential compared to traditional finance, and it's going to get harder for journalists to report on this stuff if they're prohibited from touching it at all (especially as more activity moves into token-gated Discords, DAOs with ownership requirements, etc.)

He conveniently ignores that conflict of interest policies prevent journalists owning cryptocurrencies, not experiencing them using the paper's money.

A month earlier Roose had published another masterpiece of credulity entitled Maybe There’s a Use for Crypto After All whose subhead was:

Helium, a wireless network powered by cryptocurrency, hints at the practical promise of decentralized services.

Below the fold I compare reality with Roose's naive boosterism.

Another Infinite Money Pump

Datafinnovation's 3AC, DCG & Amazing Coincidences is a long and complex investigation of one of the key elements of the recent "crypto collapse". Fortunately. at FT Alphaville Bryce Elder uses an analogy that helps explain the basic idea. Below the fold I try to explain Elder's explanation of Datafinnovation's investigation.

Regulating "Digital Assets"

I was asked to make a brief contribution to discussion of the President's Executive Order on Ensuring Responsible Development of Digital Assets, concentrating on the technological risks they involve over and above those of conventional financial assets. Below the fold is my contribution with links to the sources.

The Internet Archive's "Long Tail" Program

In 2018 I helped the Internet Archive get a two-year Mellon Foundation grant aimed at preserving the "long tail" of academic literature from small publishers, which is often at great risk of loss. In 2020 I wrote The Scholarly Record At The Internet Archive explaining the basic idea:

The project takes two opposite but synergistic approaches:

• Top-Down: Using the bibliographic metadata from sources like CrossRef to ask whether that article is in the Wayback Machine and, if it isn't trying to get it from the live Web. Then, if a copy exists, adding the metadata to an index.
• Bottom-up: Asking whether each of the PDFs in the Wayback Machine is an academic article, and if so extracting the bibliographic metadata and adding it to an index.

Below the fold I report on subsequent developments in this project.

Mining News

Source

In May I wrote Generally Accepted Accounting Principles, based on Paul Butler's The problem with bitcoin miners. Butler pointed out that mining company financials were based on depreciating their hardware in a straight line over five years, where in reality "The average time to become unprofitable sums up to less than 1.29 years". I summarized the problem:

In simple terms, this excess depreciation means that the company's real cost for creating income is much higher than they report, and thus their real profit as a continuing business is much less than they report, because they are not putting aside the money they will need to replace obsolete hardware.

This was written a couple of weeks after the Terra/Luna crash started on May 7^th, triggering the current "crypto winter", too early to see the effect on miners. Now, as the contagion spreads and successive cryptocurrency companies file for bankruptcy, we are starting to see the knock-on effects. Below the fold, a collection of news about mining.

Calls For Cryptocurrency Regulation

On 8^th July 2022 Lael Brainard, Vice-Chair of the Federal Reserve governors gave a speech entitled Crypto-Assets and Decentralized Finance through a Financial Stability Lens in which she writes:

Distinguishing Responsible Innovation from Regulatory Evasion
New technology often holds the promise of increasing competition in the financial system, reducing transaction costs and settlement times, and channeling investment to productive new uses. But early on, new products and platforms are often fraught with risks, including fraud and manipulation, and it is important and sometimes difficult to distinguish between hype and value. If past innovation cycles are any guide, in order for distributed ledgers, smart contracts, programmability, and digital assets to fulfill their potential to bring competition, efficiency, and speed, it will be essential to address the basic risks that beset all forms of finance. These risks include runs, fire sales, deleveraging, interconnectedness, and contagion, along with fraud, manipulation, and evasion. In addition, it is important to be on the lookout for the possibility of new forms of risks, since many of the technological innovations underpinning the crypto ecosystem are relatively novel.

The G20's Financial Stability Board followed with FSB Statement on International Regulation and Supervision of Crypto-asset Activities making a similar pitch for regulation. As did the European Central Bank with Decentralised finance – a new unregulated non-bank system?. Paul Krugman asks the right question in Crypto Is Crashing. Where Were the Regulators?:

Traditional banking is regulated for a reason; crypto, in bypassing these regulations, [Lael Brainard] said, has created an environment subject to bank runs, not to mention “theft, hacks and ransom attacks” — plus “money laundering and financing of terrorism.”

Other than that, it’s all good.

The thing is, most of Brainard’s litany has been obvious for some time to independent observers. So why are we only now hearing serious calls for regulation?

Below the fold I argue that these calls are both very late, and are couched in self-defeating language.

Pump-and-Dump Schemes

On June 29^th the SEC rejected the application from Grayscale Bitcoin Trust to launch a Bitcoin ETF. Among the justifications the SEC provided for their decision were (page 22, my re-formatting):

The Commission has identified in previous orders possible sources of fraud and manipulation in the spot bitcoin market, including:

1. “wash” trading;
2. persons with a dominant position in bitcoin manipulating bitcoin pricing;
3. hacking of the bitcoin network and trading platforms;
4. malicious control of the bitcoin network;
5. trading based on material, non-public information (for example, plans of market participants to significantly increase or decrease their holdings in bitcoin, new sources of demand for bitcoin, or the decision of a bitcoin-based investment vehicle on how to respond to a “fork” in the bitcoin blockchain, which would create two different, non-interchangeable types of bitcoin) or based on the dissemination of false and misleading information;
6. manipulative activity involving purported “stablecoins,” including Tether (USDT);
7. fraud and manipulation at bitcoin trading platforms

Bitcoin and the wider cryptocurrency markets have a long history of "persons with a dominant position in bitcoin manipulating bitcoin pricing" and "manipulative activity involving purported “stablecoins,” including Tether (USDT)". Among the techniques involved are "pump-and-dump" schemes. Below the fold I review the literature on these schemes, and follow up with a critique.

Economic Model Revived

Five years ago, at the urging of the Internet Archive, I implemented a simple interactive version of the Economic Model of Long-Term Storage in Python. It estimated the endowment needed to store a Terabyte for 100 years based on a set of parameters that people could vary. It ran on a Raspberry Pi at the end of our Sonic DSL home Internet connection. The endowment is the capital which, together with the interest it earns, is enough to cover the costs incurred stoing the data for the century.

Alas, the Pi became a casualty when, early in the pandemic, we upgraded to the wonderful Sonic gigabit fiber (Best ISP Evah!), needed to support multiple grandkids each in a different virtual school.

Fortunately, Sawood Alam at the Internet Archive has forked the code, re-implemented it in Javascript, improved the user interface, and deployed it at Github. This new version is once again available here. I'm very grateful to Sawood and the team at the Internet Archive, both for pushing me to do the initial implementation, and now for bringing it back from the dead.

Below the fold I have a couple of caveats.

It's Still Not About The Technology

I, like many others, signed the Letter in Support of Responsible Fintech Policy, saying:

We strongly disagree with the narrative—peddled by those with a financial stake in the crypto-asset industry—that these technologies represent a positive financial innovation and are in any way suited to solving the financial problems facing ordinary Americans.

In response, famed cryptographer Matthew Green, who I'm told HODLs ZCash and is involved in a blockchain startup, posted In defense of crypto(currency), basically arguing against regulating cryptocurrencies because, although their current state is rife with crime and is cooking the planet, better technology is possible.

Bruce Schneier responded with On the Dangers of Cryptocurrencies and the Uselessness of Blockchain. Below the fold, I argue that both of them have missed the most important point.

Are Blockchains Decentralized?

Bitcoin pools 9/1/18

In April 2014, more than 8 years ago, I posted this comment:

Gradually, the economies of scale you need to make money mining Bitcoin are concentrating mining power in fewer and fewer hands. I believe this centralizing tendency is a fundamental problem for all incentive-compatible P2P networks. ... After all, the decentralized, distributed nature of Bitcoin was supposed to be its most attractive feature.

That October I expanded the comment into Economies of Scale in Peer-to-Peer Networks, in which I wrote:

The simplistic version of the problem is this:

• The income to a participant in a P2P network of this kind should be linear in their contribution of resources to the network.
• The costs a participant incurs by contributing resources to the network will be less than linear in their resource contribution, because of the economies of scale.
• Thus the proportional profit margin a participant obtains will increase with increasing resource contribution.
• Thus the effects described in Brian Arthur's Increasing Returns and Path Dependence in the Economy will apply, and the network will be dominated by a few, perhaps just one, large participant.

Ethereum miners 11/07/21

Ever since I have been pointing out that the claim that permissionless blockchain networks are decentralized is gaslighting, and thus the benefits that decentralization is supposed to deliver are not in practice obtained. Real-world permissionless blockchains such as Bitcoin's and Ethereum's have remained centralized all this time.

Now, a DARPA-sponsored report entitled Are Blockchains Decentralized? by a large team from the Trail of Bits security company conforms to Betteridge's Law. They examine this and many other centralizing forces affecting a wide range of blockchain implementations and conclude that the answer to their question is "No". Below the fold I comment on each of their findings (in italic), then discuss Professor Angela Walch's analysis of the problems of using "decentralized" in a legal context.

Pseudonymity And Cooperation

Ever since I explained the reasons why in 2014's Economies of Scale in Peer-to-Peer Networks, I have been pointing out that Bitcoin isn't decentralized, it is centralized around five or fewer large mining pools. Ethereum is even more centralized; last November two pools controlled the majority of Ethereum mining. On 13^th June 2014 GHash controlled 51% of the Bitcoin mining power. The miners understood that this looked bad, so they split into a few large pools. But there is nothing to stop these pools coordinating their activities. As Vitalik Buterin wrote:

can we really say that the uncoordinated choice model is realistic when 90% of the Bitcoin network’s mining power is well-coordinated enough to show up together at the same conference?

and Makarov and Schoar wrote:

Six out of the largest mining pools are registered in China and have strong ties to Bitmain Techonologies, which is the largest producer of Bitcoin mining hardware

Source

Although as I write it is still true that 5 pools control the majority of Bitcoin mining (and 3 pools control the majority of Ethereum mining), over the last 18 months there has been a significant change in the traceability of Bitcoin mining pools. The graph shows that the proportion of pools actively obfuscating their identities has increased, so that "unknown" has been close to and occasionally above 50% of the Bitcoin mining power. It was bad enough that "trustless" meant trusting 4-5 pools, mostly in cahoots with Bitmain. But now "trustless" means trusting a group of miners who are actively hiding their identities and, for all you know, could be one large confederation. Alternatively, they could fear attacks from other miners!

Earlier this month How ‘Trustless’ Is Bitcoin, Really? by Siobhan Roberts drew attention to Cooperation among an anonymous group protected Bitcoin during failures of decentralization by Alyssa Blackburn et al that pushed Bitcoin's centralization problem back to its earliest days. Below the fold I discuss the details.

Microeconomics Of Cryptocurrencies

The Microeconomics Of Cryptocurrencies by Hanna Halaburda, Guillaume Haeringer, Joshua S. Gans and Neil Gandal is an extremely valuable survey of the relevant research literature. Their abstract reads:

Since its launch in 2009 much has been written about Bitcoin, cryptocurrencies and blockchains. While the discussions initially took place mostly on blogs and other popular media, we now are witnessing the emergence of a growing body of rigorous academic research on these topics. By the nature of the phenomenon analyzed, this research spans many academic disciplines including macroeconomics, law and economics and computer science. This survey focuses on the microeconomics of cryptocurrencies themselves. What drives their supply, demand, trading price and competition amongst them. This literature has been emerging over the past decade and the purpose of this paper is to summarize its main findings so as to establish a base upon which future research can be conducted.

Below the fold, a few comments.

Where Did The Number 3 Come From?

The Keepers Registry, which tracks the preservation of academic journals by various "keepers" (preservation agencies), currently says:

20,127 titles are being ‘kept safe’ by 3 or more Keepers

The registry backs this up with this page, showing the number of journals being preserved by N keepers.

Source

The NDSA Levels of Digital Preservation: An Explanation and Uses from 2013 is still in wide use as a guide to preserving digital content. It uses specifies the number of independent copies as 2 for "Level 1" and 3 for "Levels 2-4".

Alicia Wise of CLOCKSS asked "where did the number 3 come from?" Below the fold I discuss the backstory.

Backblaze On Hard Disk Reliability

It has been a long time since I blogged about the invaluable hard drive reliability data that Backblaze has been publishing quarterly since 2015, so I checked their blog and found Andy Klein's Star Wars themed Backblaze Drive Stats for Q1 2022, as well as his fascinating How Long Do Disk Drives Last?. Below the fold I comment on both.

You Can't Have One Without The Other

I made the point of this post in my EE380 talk, and several times before that. But it was easy to miss, being buried half-way through a long argument. I'm rewriting it here to make it easy to link to specifically.

I can paraphrase an important part of the epidemic of Blockchain Gaslighting as "cryptocurrencies have all sorts of problems but blockchains are a fantastic new technology with all sorts of uses that are nothing to do with financial speculation". Below the fold I show why this is false.

Generally Accepted Accounting Principles

One thing that has been true since the first GPU hit the market is that a better one is close behind. The same has been true since the first mining ASIC hit the market. I first wrote about this in 2018's ASICs and Mining Centralization. Recently, Alex de Vries and Christian Stoll estimated that:

The average time to become unprofitable sums up to less than 1.29 years.

This of course causes Bitcoin's massive e-waste problem. But David Gerard links to a fascinating blog post entitled The problem with bitcoin miners in which Paul Butler describes a more immediate problem it causes. The explanation is below the fold.

Cryptocurrency Catch-22

A major criticism of Bitcoin is that its blockchain processes only around 230K transactions/day, of which only about 10% are "economically meaningful. That is less than 5 "economically meaningful" transactions between individuals' wallets per minute. 90% are wash trades, and 7.5% transactions between exchanges.

Source

As I described in Fixed Supply, Variable Demand, when the limited supply of Bitcoin and Ethereum transactions meets spikes in demand, the result is huge spikes in fees. This has made cryptocurrency boosters such as Vitalik Buterin unhappy:

Buterin didn’t predict the rise of NFTs, and has watched the phenomenon with a mixture of interest and anxiety. ... their volume has overwhelmed the network, leading to a steep rise in congestion fees, in which, for instance, bidders trying to secure a rare NFT pay hundreds of dollars extra to make sure their transactions are expedited.

The solution is obvious, greatly increase the rate at which the system can process transactions. Ethereum 2 is proposed to implement sharding, allowing parallelism. Avalanche claims 3400 transactions/sec with 1.35sec finality. Problem solved! Not so fast. Follow me below the fold.

More Metastablecoins

My most recent post was on the metastability of "algorithmic stablecoins", as amply demonstrated by the UST/LUNA pair on May 8^th. This post is about the other kind of stablecoin, ones like Tether that claim to be backed by reserves at least as valuable as their "market cap". For different reasons, these also turn out to be metastable. Below the fold, I explain.

Metastablecoins

Source

Ever since the Global Financial Crisis (GFC) in late 2008, central banks have kept real interest rates close to, and for much of the time below, zero. Around the beginning of this year it started to become obvious that the end of the era of "free money" was approaching, and that interest rates were going to go up. That real interest rates haven't yet risen much above zero is because of the rampant monopolization of the US economy; companies with market power have seized on the supply chain crisis and the Russian invasion of Ukraine to raise prices and thus the inflation rate.

Source

Given this flood of "free money" since the GFC, investors bid up the price of assets such as the technology stocks in the NASDAQ index. In The tech sector teardown is more catharsis than crisis by John Thornhill writes:

There is certainly a strong argument that the extraordinary boom in tech stocks over the past decade was largely fueled by the unprecedented low-interest-rate policies in response to the global financial crisis of 2008. With capital becoming a commodity, it made sense for opportunistic companies such as Uber to grab as much cash as VC firms would give them to “blitzscale” their way to market domination.

This madcap expansion was accelerated by funding provided by a new class of non-traditional, or tourist, investors, including Masayoshi Son’s SoftBank and “crossover” hedge funds such as Tiger Global.

Below the fold, I look at how this is now all unwinding.

Storage Update: Part 3

This is part 3 of my storage update; see Part 1, on DNA storage, and Part 2, on SSD reliability. This is Part 3, on the 2022 Library of Congress "Designing Storage Architectures" meeting. The agenda with links to the presentations is here. Below the fold I have comments on some of them.

A "Blockchain Certificate of Deposit"

Front

Thanks to cryptocurrencies being decentralized they can eliminate the middleman, which leads to the fabulous offer from middleman Hex.com to revolutionize my finances that arrived unsolicited in my US mailbox last Wednesday.

How could I refuse to not just "earn up to 38% APY" but also receive "significant price appreciation" from the "fastest-appreciating digital asset in history"? It is a "blockchain Certificate of Deposit" and I know that Certificates of Deposit are issued by banks and are:

Back

a safer and more conservative investment than stocks and bonds, offering lower opportunity for growth, but with a non-volatile, guaranteed rate of return.

Middleman Hex.com says:

This common investment tool is used by hundreds of millions of people worldwide with a market value in the trillions.

HEX uses blockchain technology to offer the same concept without the middleman.

The top national guaranteed rate for a 5-year bank CD is currently 3.15%, so clearly eliminating the bank middleman who seems to be taking a 35% cut means a blockchain CD guaranteed by middleman Hex.com is a winner with no additional risk!

Below the fold I look this gift horse in the mouth.

Probabilistic Fault Tolerance

In our 2003 SOSP "Best Paper" Preserving Peer Replicas By Rate-Limited Sampled Voting (also here, expanded version here) we introduced a number of concepts. The most important was consensus based on sampling the electorate at random, in contrast to the traditional Byzantine Fault Tolerance (BFT), which at every step solicits votes from the entire electorate. The advantages of this mechanism are so significant that, a decade and a half later, it was re-discovered and improved upon in the context of a blockchain protocol. Below the fold I explain our original consensus system, and describe how the basic idea has been adopted and enhanced.

Fixed Supply, Variable Demand

BTC transaction fees

As I've been writing for a long time, because there is an auction for inclusion in the fixed supply of transactions, when no-one wants to transact they are cheap, but when everyone wants to transact they get very expensive. Vitalik Buterin is unhappy about this:

Buterin didn’t predict the rise of NFTs, and has watched the phenomenon with a mixture of interest and anxiety. ... their volume has overwhelmed the network, leading to a steep rise in congestion fees, in which, for instance, bidders trying to secure a rare NFT pay hundreds of dollars extra to make sure their transactions are expedited.

Last Saturday evening I looked at Molly White's invaluable timeline Web3 is going just great and saw that the top two entries summed up this problem to a tee. Below the fold, I explain

Grayscale Bitcoin Trust

Amy Castor's Welcome to Grayscale’s Hotel California is a fascinating account of one of the Alice-in-Wonderland market ecosystems that grew from cryptocurrencies:

Grayscale wants to convert its Grayscale Bitcoin Trust (GBTC) into a bitcoin ETF after flooding the market with shares. GBTC is trading 25% below its net asset value, and investors are rightfully pissed off. Grayscale wants them to be upset with the SEC, but the regulator isn’t really to blame. If anything, the SEC should have warned the public about GBTC years ago.

Below the fold, I provide some commentary:

Meta: Fifteen Years Of Pontification

Fifteen years ago today I posted Mass-market scholarly communication to start this blog. Five years ago today I posted A decade of blogging, and a couple of months later noticed it had exceeded one million page views. Now, the blog has accumulated:

• 812 posts, including my personal all-time favorite, 2014's Economies of Scale in Peer-to-Peer Networks.
• 4038 published comments.
• Over 3.4M page views, of which 367K (~11%) were of last February's short-notice EE380 Talk. Apart from that anomaly, it is an average of about 35K/month.
  

A Downside Of Privacy

Monero claims that:

Observers cannot decipher addresses trading monero, transaction amounts, address balances, or transaction histories.

This is all very well for individuals transacting with each other in the Monero ecosystem, but unless they are cryptojacking (mining using malware), miners need to pay bills for power and hardware in fiat currency. And miscreants using Monero to launder the loot need to convert Monero to fiat in order to buy the Lamborghini. So the Monero ecosystem needs exchanges, and thereby hangs a tale I pursue below the fold.

Ethereum Has Issues

I first wrote about the problem of bots front-running transactions a year and a half ago in The Order Flow, citing Dan Robinson and Georgios Konstantopoulos' Ethereum is a Dark Forest from August 2020 and samczsun's Escaping the Dark Forest. But I should have paid more attention. It turns out that front-running is the tip of an iceberg of fundamental problems that Ethereum and similar systems suffer. In replicating the functions of Wall Street they have replicated, and in some ways enhanced, its pathologies, Below the fold I survey these and related issues.

Cryptocurrency Weekend

It appears that this last weekend was "cryptocurrency weekend" for the mainstream media. The Washington Post and Bloomberg each had three big articles on the topic. Below the fold I comment on them.

Dangerous Complacency

The topic of web archiving has been absent from this blog for a while, but recently Sawood Alam alerted me to Cliff Lynch's post from January entitled The Dangerous Complacency of “Web Archiving” Rhetoric. Lynch's thesis is that using the term "web archiving" obscures the fact that we can only collect and preserve a fraction of "the Web". The topic is one I've written about many times, at least since my Spring 2009 CNUI Plenary, so below the fold I return to it.

Vitalik Buterin vs. Reality

Time's cover story by Andrew R. Chow, The Man Behind Ethereum Is Worried About Crypto's Future, is supplemented by his I Spent 80 Minutes Inside Vitalik Buterin's Brain. Here's What I Learned. What I learned from these two pieces of hagiography was that Buterin is having a lot of difficulty dealing with the failure of Ethereum to live up to the goals he had for it. Below the fold I provide specifics.

Storage Update: Part 2

This is part 2 of my latest update on storage technology. Part 1, covering developments in DNA as a storage medium is here. This part was sparked by a paper at Usenix's File And Storage Technologies conference from Bianca Schroeder's group at U. Toronto and NetApp on the performanmce of SSDs at scale. It followed on from their 2020 FAST "Best Paper" that I discussed in Enterprise SSD Reliability, and it prompted me to review the literature of this area. The result is below the fold.

Storage Update: Part 1

It is past time for an update on storage technology. There is so much to write that I need to break it into multiple parts. Below the fold, I start with two papers reporting developments that could increase the performance of DNA data storage significantly.

Shadow Banking 2.0

Source

Prof. Hilary Allen of American University Washington College of Law has a very important 27-page essay entitled DeFi: Shadow Banking 2.0?. In it, she details a whole other set of externalities that, being beyond my limited understanding of banking and finance, I didn't discuss in my EE380 Talk. Prof. Allen summarizes her work:

TL;DR: DeFi is neither decentralized, nor very good finance, so regulators should have no qualms about clamping down on it to protect the stability of our financial system and broader economy.

Her arguments are supported by a less detailed, slightly earlier paper, DeFi risks and the decentralisation illusion by Sirio Aramonte, Wenqian Huang and Andreas Schrimpf of the Bank for International Settlements. Below the fold I comment on both of them.

It Was 40 Years Ago Today

Sun Microsystems was founded 24^th February 1982, and died 27^th January 2010. I spent 1982 on sabbatical in Amsterdam waiting for the Sun/1 we had ordered to show up. IIRC I visited their initial offices on Walsh Ave. in Santa Clara in early 1983, and joined the company in September 1985. I owe Sun, and the people who worked there, a debt of gratitude I could never repay.

In those early days Sun was an extraordinarily interesting company to work for, and throughout its 28-year history it spawned an incredible number of other startups. One of them was Nvidia, which is currently the 8^th most valuable company in the world, but there are far too many others to list.

In It Isn't About The Technology I wrote:

In the late 80s I foresaw a bleak future for Sun Microsystems. Its profits were based on two key pieces of intellectual property, the SPARC architecture and the Solaris operating system. In each case they had a competitor (Intel and Microsoft) whose strategy was to make owning that kind of IP too expensive for Sun to compete. I came up with a strategy for Sun to undergo a radical transformation into something analogous to a combination of Canonical and an App Store. I spent years promoting and prototyping this idea within Sun.

One of the reasons I have great respect for Scott McNealy is that he gave me, an engineer talking about business, a very fair hearing before rejecting the idea, saying "Its too risky to do with a Fortune 100 company". Another way of saying this is "too big to pivot to a new, more “sustainable” business model".

In the terms that Wall St. imposes on public companies, Scott was right and I was wrong. In the 8 years or so from my talk to the dot-com crash SUNW made the stockholders an incredible amount of money. But then the money stopped, in some ways for the reasons I had spotted. Being right too soon is as bad as being wrong.

Talking Their Book

My EE380 talk gained about a quarter-million page views, thanks to @markrussinovich, a shout-out from Prof. Dave Farber, and an enthusiastic review from Cory Doctorow.

Unusually for my blog, the majority of the comments weren't spam, and almost all passed moderation. Here are some hints that will help your comment survive moderation:

• Long blocks of text without paragraph breaks are completely unreadable.
• Long screeds, even with paragraph breaks, will cause readers to stop reading. This isn't fair to the comments that come after yours. Try to make your point in no more than three short paragraphs.
• It helps if you display technical knowledge. One way to do that is to show that you understand how links are made in HTML. Pasting the URL in as text shows you're ether clue impaired, or too lazy to help the reader.
• Just making a link without motivating people to click on it is rude. Quote a snippet, or at least explain why it should be clicked.

Compared to most authors posting criticism of cryptocurrencies I was very lucky. The reason I started the talk by pointing out that I wasn't "talking my book" is that the discourse around cryptocurrencies has become corrupted by HODL-ers "talking their book", and that their response to critics is often toxic.

Below the fold, I look at this problem.

Inadequate OpSec

The February 8^th arrest of Ilya Lichtenstein and Heather Morgan, accused of laundering the proceeds of the August 2016 theft of nearly 120K BTC from the BitFinex exchange, has been all over the media since, fuelled largely by her double life as a Forbes writer and rapper, and her cringe-worthy social media presence. Inside the Bitcoin Laundering Case That Confounded the Internet by Ali Watkins and Benjamin Weiser for the New York Times is an example.

The technical aspects of how law enforcement identified them and seized much of the loot have gained less coverage. Below the fold I look into this aspect of the case, using what information is public.

Talk For Bace Cybersecurity Institute

I was invited to present to the Bace Cybersecurity Institute. My talk was slightly condensed and updated from my talk to Stanford's EE380 course, which was an updated version of my talk to the TTI/Vanguard Conference last December. The latest text with links to the sources and much additional material is below the fold.

EE380 Talk

I was asked at short notice to fill in for a speaker in Stanford's EE380 course who had to cancel. Below the fold is a hastily updated version of a talk from last December.

Update 28^th February: the video of this talk is here.

USA Number 1!

Early last September, before the Omicron surge, I posted Excess Deaths. It was based on The Economist's excess death model. Back then, the model's estimate for the US was about 250 per 100K. I wrote:

Excess deaths in the US and the UK are far from the worst, but my point is that countries at a similar level of development have done far better, and so have much less well-resourced countries. Had the US done as well as the model's estimate for China (38 vs. 250) about 702,000 more Americans would be alive today.

Below the fold, I look at how Omicron has changed the picture.

List And Dump Schemes

Source

In Alternatives To Proof-of-Work I wrote:

The Chia "price" chart suggests that it might have been a "list-and-dump" scheme, in which A16Z and the other VCs incentivized the miners to mine and the exchanges to list the new cryptocurrency so that the VCs could dump their HODL-ings on the muppets seduced by the hype and escape with a profit.

Now, in "You Don't Own Web3": A Coinbase Curse and How VCs Sell Crypto to Retail, Fais Khan takes the idea of "list and dump" and runs with it:

If coins, especially VC-backed coins, consistently underperformed Bitcoin/Ethereum after listing on Coinbase, that says to me that insiders were waiting for a big, dollar-based exchange to list so they could sell - VCs taking profits at the expense of retail. Those insiders include venture capital firms like a16z and, incredibly, Coinbase’s own venture arm, which has a number of investments listed on Coinbase. Other exchanges like Kraken, FTX, and Gemini are also all active in venture, and have listed their own investments.

Below the fold I comment on Khan's excellent analysis.

Izabella Kaminska

Alphaville's farewell tribute to Izabella Kaminska, their editor since 2017, is So long Izzy, we’ll miss you. They write:

Readers will agree that there is no one quite like Izzy in financial media. Her knack for spotting trends and troubles long before the rest of us, and her ability to combine on-point, esoteric references — from the power structures of classical Rome to Soviet-era state planning and Tom Cruise movies — with a deep knowledge of finance has long made her work a must-read when it comes to everything from payments to crypto to the gig economy.

It is mostly a list of her "greatest hits", and especially about cryptocurrencies they are the cream of an outstanding crop:

• Here she is explaining Bitcoin almost nine years ago.
• Here is her appropriately skeptical take on Craig Wright from six years ago.
• Her two year old take on Real-Time Gross Settlement has a sting in the tail for cryptocurrencies.

They still stand up remarkably well. Here's hoping we haven't heard the last from her.

Elon Musk, Threat or Menace Part 2

Last April I wrote Elon Musk: Threat or Menace? flagging three of his externalities; the carbon footprint of his infatuation with cryptocurrencies, the environmental impact and cost of his infatuation with colonizing Mars, and the threat his infatuation with camera-only autonomy for Teslas posed to innocent bystanders. Last August I followed up with Autonowashing, detailing the incredible "depths of irresponsibility involved in Tesla's marketing".

Josh Wolfe of Lux Capital is a very successful and innovative venture capitalist. Maxwell Strachan interviewed him for The ‘To the Moon’ Crash Is Coming. I think Wolfe captures the essence of the problem:

I think a lot of people took the Elon playbook and basically said, If I just promised the moon, I can get too big to fail, I can just keep raising money as I raise expectations. And if I raise expectations, fundamentals don't matter. The only thing that matters is expectations. And if I can keep leading people—or in some cases misleading them—then it'll keep working if I don't get caught. And if I do get caught, in the case of Theranos or in the case of Nikola [Editor’s note: the electric-truck maker that paid a $125 million after the SEC charged the company’s founder with misleading investors over social media], maybe you pay a fine or you have your day in court, and maybe Theranos founder Elizabeth Holmes is found guilty or maybe the zeitgeist of the day surprises and she's not. But so far, there has been really no great penalty for people whose relationship with the truth is less than ideal.

Musk doesn't care about the truth of his statements, or the impact of his companies' policies, because his wealth insulates him from consequences. If regulators or victims come after him he can tie them up in courts until their resources are exhausted or his fan-bois can make them irrelevant. Since Autonowashing I've been collecting illustrations of this attitude, and the time has come to lay out a sample of them below the fold.

Progress On Storage Class Memory

Storage Class Memory (SCM) is fast enough to be used as RAM, but persistent through power loss like flash. The idea of returning to the days of core storage, when main memory was in effect a storage layer, is attractive in theory. There have been many proposed SCM technologies, such as restive RAM, magnetoresistive RAM and phase-change memory. Intel and Micron got Optane resistive RAM into production, but it wasn't a great success. It wasn't as fast as RAM, but it was a lot more expensive than flash. The main barrier to adoption was that exploiting its properties required major system software changes.

Now, Mark Tyson's UltraRAM Breakthrough Brings New Memory and Storage Tech to Silicon reports on a promising SCM development published by Peter Hodgson and a team from Lancaster University in ULTRARAM: A Low-Energy, High-Endurance, Compound-Semiconductor Memory on Silicon. Below the fold, I comment briefly.

Mainstream Media Catching On

Two of the externalities of cryptocurrencies I discussed in my Talk at TTI/Vanguard Conference were the way decentralization and immutability work together to enable crime, and their environmental impact. How well are mainstream media doing at covering these problems? The picture is mixed, as the two examples below the fold show.

Another Layer Of Centralization

Moxie Marlinspike tried building "web3" apps and reports on the experience in his must-read My first impressions of web3. The whole post is very perceptive, but the most interesting part reveals yet another way the allegedly decentralized world of cryptocurrencies is centralized.

Below the fold, I explain the details of yet another failure of decentralization.

Counterpoint on Venture Capital

My personal experience working with VCs was very positive, but it was (a) a long time ago and (b) they were top-flight firms (Sutter Hill and Sequoia). I've been very skeptical of the current state of the VC industry in Venture Capital Isn't Working and Venture Capital Isn't Working: Addendum. Steven J. Dubner's Is Venture Capital the Secret Sauce of the American Economy? presents a far more optimistic view, as does The Economist's The bright new age of venture capital. On my side of the argument are Fred Wilson's Seed Rounds At $100mm Post Money and the Wall St. Journal's The $900 Billion Cash Pile Inflating Startup Valuations.

Below the fold, some discussion of these opposing views.

Blockchain Gaslighting

In Web3/Crypto: Why Bother? Albert Wenger draws an analogy between the PC and "web3" as platforms for innovation:

The late Clayton Christensen characterized this type of innovation as being worse at everything except for one dimension, but where that dimension really winds up mattering a lot (and then over time everything else gets better also as the innovation is widely adopted).

The canonical example here is the personal computer (PC). The first PCs were worse computers than every existing machine. They had less memory, less storage, slower CPUs, less software, couldn’t multitask, etc. But they were better at one dimension: they were cheap. And for those people who didn’t have a computer at all that mattered a great deal.
...
A blockchain is a worse database. It is slower, requires way more storage and compute, doesn’t have customer support, etc. And yet it has one dimension along which it is radically different. No single entity or small group of entities controls it – something people try to convey, albeit poorly, by saying it is “decentralized.”

Below the fold I explain why this is typical blockchain gaslighting.