Category Archives: Ethereum

FOAM: Decentralized Localization Using Ethereum

FOAM is a technology that seeks to use blockchain and Ethereum contracts to create mapping and location based services.  The project wants to address a complex of perceived problems: GPS is spoofable, maps are owned by big actors, and location services aren’t private.  In addition, they think that “people lie about their location,” (Ryan John King, the co-founder and CEO of FOAM, quoted in Coindesk [3])  The solution deploys blockchain technology and Nakamotoan philosophy [2].

Looking at their materials, it is clear that FOAM is mainly focused on replicating Internet location-based services, not on navigation or engineering or geoscience.  The geospatial model is a two-dimensional map of the surface of the Earth.

The location service depends on many local low-power radio beacons instead of satellites. They imagine an ad hoc mesh of locally operated beacons, which are recognized and validated via Nakamotoan style consensus rather than a central authority (such as a government space agency). These beacons are used to trangulate positions.  Good behavior and trustworthiness of the beacons is supposedly assured by cryptocurrency tokens, in the form of incentives, notably buy in and security deposits.

They imagine this to be used to construct datasets of “Points of Interest”, which are “where are the stores, cafes, restaurants and malls, where a fleet of vehicles in a ride sharing program like Uber should be anticipating if demand is shifting or surging, or which traffic bottlenecks drivers should avoid on an app such as Waze.”  These are stored and validated through a decentralized protocol. “[G]ranting control over the registries of POI to locally-based markets and community forces, allowing the information provided to be validated by those who contribute to the relevant locality.

These datasets are to be created through bottom up efforts, presumably incentivized by desire to operate local services. “FOAM hopes that the Cartographers and users will contribute the necessary individual work, resources, and effort themselves to contribute to the ongoing community-driven growth and supplement this important cartography project.

Interestingly, the crypto token-based incentive system relies on negative incentives, namely buy ins and “security deposits” that can be forfeited by consensus. I’m not sure I’ve seen another Nakamotoan project with this sort of punishment based (dis-)incentive.  (I’ll note that psychologists generally find that the threat of punishment does not engender trust.)

Obviously, this entire concept will depend on the development of the localization network and the datasets of “Points of Interest”.  As far as I can see, realizing this is based on “hope” that people will contribute. I’d call this “faith-based engineering”

We can pause to reflect the irony of this “trustless” system that appears to be entirely based on “hope” and the threat of punishment.

As far as the actual technology, it is, of course, far short of a “map of the world”.  The local beacons are fine for a dense urban setting, but there is little hope of coverage in open space, and no chance that it will be useful at sea, up in the air, inside significant structures, or underground. Sure, there are ways to deploy beacons indoors and other places, but it isn’t easy, and doesn’t fit the general use cases (Points of Interest).

Ad hoc networks aren’t immune to jamming or interference, either, and are essentially defenseless against determined opposition.  In classic fashion, the protocol “routes around” interference, discarding misbehaving nodes and corrupted data. Unfortunately, this means that the response to a determined and sustained attack is to shut down.

The incentive system is somewhat unique, though the notion of a “security deposit” is widely used. How well will it work?   (How well do security deposits work?)  It’s hard to say, and there doesn’t seem to be much analysis of potential attacks.  The notion that the loss of security deposits and other incentives will guarantee honest and reliable operation remains a theoretical “hope”, with no evidence backing it.

The system depends on a “proof of location”, but it isn’t clear just how this will work in a small, patchy network. In particular, assumptions about the security of the protocol may not be true for small, local groups of nodes—precisely the critical use case for FOAM.

Finally, I’ll note that the system is built on Ethereum, which has had numerous problems. To the degree that FOAM uses Ethereum contracts, we can look forward to oopsies, as well as side effects from whatever emergency forks become necessary.

Even if there are no serious bugs, Ethereum is hardly designed for real time responses, or for datasets at the scale of “the whole world”.  Just what requirements will FOAM put on the blockchain, consensus, and Ethereum virtual machine?  I don’t know, and I haven’t seen any analysis of the question.

This is far from an academic question.  Many location services are extremely sensitive to time, especially to lag.  Reporting “current position” must be really, really instantaneous.  Lags of minutes or even seconds can render position information useless.

Can a blockchain based system actually deliver such performance?

Overall, FOAM really is “a dream”, as Alyssa Hertig says.  A dream that probably will never be realized.

  1. Foamspace Corp, FOAM Whitepaper. Foamspace Corp, 2018.
  2. FoamSpcae Corp, The Consensus Driven Map of the World, in FOAM Space. 2017.
  3. Alyssa Hertig (2018) FOAM and the Dream to Map the World on Ethereum. Coindesk,


Cryptocurrency Thursday

Ethereum Governance Thrashing

Winner of the 2017 CryptoTulip of the Year Award, the Ethereum community is working hard to repeat this year.

I give this community credit.  They are one of the most open and open-hearted cryptocommunities out there. As they tackle the deep problems encountered by every Nakamotoan cryptocurrency, they are honestly and openly trying to find good solutions.

Which makes it especially painful to watch them struggle and strain so hard.

Ethereum is still struggling to figure out what to do about last fall’s oopsie  which has frozen $100M worth of Ether due to a minor coding error.  The obvious and normal solution is to override the technical error, and return the funds to the owners in some simple fashion.  But Nakamotoan blockchains cannot do this, except by rewriting history.  Ethereum already went through that with an earlier oopsie, which caused the creation of an alternative version of Ethereum.  That was an ad hoc decision by a few insiders, and most people agree that there should be a better way to do it.

This question has generated heated discussions of decision making.  A proposal for a standard way to allow proposals for rewriting history was hotly contested.  An official way to violate the core sanctity of the ledger is bound to be controversial, and led to consideration of how contested decisions can and should be made.

Other communities have fallen apart over such issues, but Ethereum has retained remarkable solidarity even in the face of deep divisions [2].

But, just like other crypto communities (and many Internet communities), they seem bound to recapitulate the history of human government, step by step.  (This kind of ignorance is one of the consequences of eschewing conventional education, IMO.)

So, “Ethereum Is Throwing Out the Crypto Governance Playbook” [3] reports Rachel Rose O’Leary.  This turns out to be a proposal governance by “non-political” technocrats.  If the problem is that “technical debates have been obscured by politics”, then the solution is to let “the developers” decide what the code is and does.

This concept was called the “Fellowship of Ethereum Magicians” and Rachel Rose O’Leary tagged it a “Magic Solution?” [5].. ‘?”, indeed.  This concept is said to be modelled after the Internet Engineering Task Force (IETF), which has stewarded the basic technical specifications of the Internet.   (The IETF has also stewarded hundreds of proposals that were never adopted or implemented.)

Apparently, the person quoted has never participated in actual Internet standards development, since it is characterized as operating “without any kind of corporate funding or any other sponsorship body that could in some way influence the activity of the collective.”  Really?  Do you know anything at all about the development of the DARPAnet NSFNet Internet?

Another proposed “innovation” is an “Experimental Voting” scheme [4]. This turns out to be a variant of “one dollar-one vote” (basically, with a deflator to dilute the top end of the distribution).  At bottom, people will buy a stake in a decision. In principle, this will make the decision fair and representative of the stake holders, if not of the world in general.

To review.  Ethereum currently has a classical Nakamotoan governance, inspired by the open source software model. Majority rules, minority walks.  Consensus via apartheid. And In the case of Ethereum, there is a visible and influential founder who wields enormous implicit power [1].

Tossing out this Nakamotoan playbook, the “innovations” include a dictatorship by experts (Plato’s Republic). Technicians above politics will run the show, they’ll let us all know what has been decided.  The second “innovation” is market-based voting, essentially shareholder “democracy”. People with money will buy votes to make their wishes come true. (That’s never been tried before!)

Wow!  Such amazing originality.

There is a third “innovation”, and that is a (potentially giant) town hall meeting [6]. In fact, Wolfie Zhao reports that “Ethereum Summit Attendees Commit to Governance Plan” [6].  This plan includes teleconferences, creation of “open-source tools to collect key signals and metrics,” and an open Summit (i.e., a town hall meeting). The idea is to develop a more visibly democratic process.

Oh, and meetings, bloody meetings.

I’m not really sure what “key signals and metrics means”, but I’m very sure that different people will have different opinions on what should be measured, and how to interpret the measures. (Pesky politics again!)

And I am 100% sure that an unstructured meeting will not produce any clear results. In fact, it could easily devolve into factions and *gasp* politics.

The key theme here (aside from my own use of Coindesk’s irreplaceable reporting) is a trust in technology and a distrust of humans.  This philosopy is fundamental to the Nakamotoan project.  Somehow, technical solutions will save us from the fallibility and selfishness of humans.

No points for guessing my own view on that.

But, again, I am impressed at how well Ethereum is handing this struggle (however misguided and hopeless it may be). These is genuine respect and decency most of the time (and when things have fray, it is for very good reason).

This is truly a ray of hope: with enough good will and good leadership, pretty much any technical system can be made to work.  So maybe Ethereum can make it after all.  But if it does, it will be because of trust, not trustlessness, and people, not technology.

I should acknowledge the consistent and useful reporting from Coindesk on these issues.  Rachel Rose O’Leary and  Wolfie Zhao obviously have the Ethereum Desk at Coindesk, and they have done a thorough and even handed job.  Thanks, much.

  1. Rachel Rose O’Leary (2018) Ethereum Governance ‘Not That Bad’ Says Buterin Amid Fund Debate. Coindesk,
  2. Rachel Rose O’Leary (2018) Ethereum Infighting Spurs Blockchain Split Concerns. Coindesk,
  3. Rachel Rose O’Leary (2018) Ethereum Is Throwing Out the Crypto Governance Playbook. Coindesk,
  4. Rachel Rose O’Leary (2018) Experimental Voting Effort Aims to Break Ethereum Governance Gridlock. Coindesk,
  5. Rachel Rose O’Leary (2018) Magic Solution? ‘Fellowship’ of Coders Embark on Ethereum Quest. Coindesk,
  6. Wolfie Zhao (2018) Ethereum Summit Attendees Commit to Governance Plan. Coindesk,


Cryptocurrency Thursday

Yet Another “Blockchain for Provenance” System

In the short decade since the Nakamoto paper [5] cryptocurrency enthusiasts have put forward a variety of use cases for blockchains and cryptocurrencies.  It is notable that most of the exciting use cases aren’t actually in the canonical paper itself, and most of them have yet to prove out in the real world. (And the most successful use cases are the ones not put forward as good examples–extortion, dark commerce, money laundering, etc.)

One of the perennial favorite use cases is Provenance:  tracing goods from source to consumer.  For companies, this is “logistics” or “supply chain”, for ordinary consumer this is about quality control.  This the same problem that scientists (and anyone) faces with data quality—where did this data come from, and what has been done to it?  In the latter form, this is called “provenance” and we were struggling with solutions a long time ago (before Nakamoto, Ante Bitcoin) [3].

This month yet another company touted this use case at the Ethereal Summit in NYC [1] .  The presentation by Viant traced a Tuna from Fiji all the way to the conference sushi plates.  Tagged with RFID, records of the sales and transportation of the fish are on the Ethereum blockchain, so everyone can check that the fish they are eating is “moral”. (How it can be “moral” to harvest increasingly rare wild animals and fly them half way around the world beats me.)

This is the yuppie version of Provenance (making sure that my luxury goods are authentic and “moral”), but the technology is the same as any supply chain.

Looking at Viant’s web site, they seem to have a reasonable grasp on the problem.  They have a logical model of provenance that includes “four pivotal aspects of an asset: Who, What, When, and Where”.  The model includes “Actors” and actions, and “Roles” that define permissions.  IMO, this is the right stuff (See [3]) .

They also have RFIDs to tag and geo track, and apps to implement operations (e.g., sales to distributors).  These are certainly the right technology, and they are lucky to have ubiquitous mobile devices and “the cloud” to implement these concepts we pioneered in the late twentieth [4].

So what does blockchain technology bring to the table?

First of all, it is used as a shared database, essentially a bulletin board.  The cryptocraphically signed and immutable records provide an unfudgeable trace of the object’s life.  And the blockchain is available to anyone, so ordinary consumers can get the authenticated traces of the object. (More likely, any third party can create apps that deliver the information to consumers – no normal person monkeys around with the blockchain itself.)

The second feature is the use of Ethereum “smart contracts” to process the transactions. This technology lets the company post standard scripts for, say, transfer of an asset. The script is available anywhere, and executes the same way for everyone.

These features are, of course, available from conventional databases and file systems as well.  But the Ethereum blockchain is available to everyone, and is maintained by the Ethereum network rather than dedicated servers.  This is the third advantage of the blockchain—deployment (no need for server farms), availability (no server access required) and maybe cost (TBD).

It is interesting to point out one feature of Nakamotoan blockchains that is not really used here:  trustlessness.  While the system boasts that it is decentralized and therefore “trustless”, this is misleading.

Provenance is literally all about trust. The point of tracing the object is to assure that it is what it is supposed to be, and that requires knowing who did what, etc.  Furthermore, it needs to establish a trusted trace, with each actor and action attested by a trusted source.

Using a blockchain, or, indeed, any digital system, is not sufficient to achieve this.  The company will tell you this.  The RFID can be removed or destroyed.  Actors can make mistakes or be suborned.  On the blockchain, false records look the same as correct records (and can never be removed).  Trust involve real world protocols, including authentication of identities.

In this area, the blockchain may actually be a liability. The “trustless” data cannot be trusted.  Part of what the company is doing with the “smart contracts” is overlaying a network of trusted records on the trustless blockchain.

There are other potential draw backs of using a blockchain in this use case.

Let’s talk about privacy.  Think about it. It’s not clear just how “moral” it is for anyone in the world to know where every bit of sushi came from and ended up.  Individual fishing captains don’t necessarily want any kid on the Internet snooping on their business, not to mention rival captains and possible criminal gangs.  And the caterer doesn’t necessarily want random people, competitors, or criminals tracking their business. And so on.

Second, there is no way to correct mistakes. Even if the software is always correct (which is unlikely), people make mistakes and are dishonest. If bad information gets onto the blockchain, it can’t be removed or corrected.

So, imagine that a bad actor somehow gets a bunch of bad fish entered as OK fish.  The blockchain shows that this is “moral tuna”, even though it isn’t.  Even if we find out about the fraud, the blockchain could still have the evil records forever.

One last point.  Viant is one of I don’t know how many companies trying to implement this kind of Provenance.  With all these variations out there, it will be extremely important to have interoperability standards, so you can combine tracking from a number of sources.  (See the W3C PROV working group.)

Using standards would seem to be both obvious and compatible with the philosophy of decentralization.  After all, if the only way to do tracking is to use Viant’s proprietary data model and software, then a key advantage of the decentralized blockchain is out the window.

Overall, Viant and others are doing the right thing.  It remains to be see whether using a blockchain will be a net win or not.  And all of them should implement the standards we started developing back at the turn of the century.

  1. Alyssa Hertig (2018) Moral Food: A Fish’s Trek From ‘Bait to Plate’ on the Ethereum Blockchain. Coindesk,
  2. Robert E. McGrath, Semantic Infrastructure for a Ubiquitous Computing Environment, in Computer Science. 2005, University of Illinois, Urbana-Champaign: Urbana.
  3. Robert E. McGrath and Joe Futrelle, Reasoning about Provenance with OWL and SWRL, in AAAI 2008 Spring Symposium “AI Meets Business Rules and Process Management”. 2008: Palo Alto.
  4. Robert E. McGrath, Anand Ranganathan, Roy H. Campbell, and M. Dennis Mickunas. Incorporating “Semantic Discovery” into Ubiquitous Computing Environments. In Ubisys 2003, 2003.
  5. Satoshi Nakamoto, Bitcoin: A Peer-to-Peer Electronic Cash System. 2009.


Cryptocurrency Thursday

Ethereum Contracts Are Buggy!

CryptoTulip of the Year for 2017, Ethereum is still thrashing around.  It seems like there is another great idea for totally remaking the system every week or so.  Indeed, sometimes there are so many ideas flying around it is hard to see how it can all stick together in a single system.

Nevertheless, confidence and enthusiasm remain high, even though they still haven’t figured out how to deal with last year’s big “oopsie” that left millions of dollars worth of Ethereum unreachable.

Personally, I don’t really think that a gang of unelected philosopher kings is really going to solve the problem.  (Plato advocated this back in the day, but it has never worked as advertised.  “Wise dictators” are usually just dictators.)


Meanwhile, out in the real world….

Several exchanges reportedly have “paused” Ethererum contracts in response to reports of bugs. In fact, they basically stopped support for the problematic ERC-20 protocol completely.

Wow!  Crypto exchanges acting almost like real, grown up businesses!  What a concept!

Of course, I have to wonder, “why now?”

The particular bugs in question are just the latest of a long line of such bugs. So why were they allowing ERC-20 in the first place?

All snarking aside, this development actually raises some very important points.

First of all, the bugs in question aren’t necessarily a flaw in the protocol, they are mainly just bad programs.  There will always be bad programs.  There is no such thing as a bug free programming language, and there can never be one.  If using Ethereum contracts depends on all contracts being correct, then it will never work, it can never work. Never.

Second, despite the decentralized protocol, and the fact that “no one” is in charge, in the real world the end-to-end system does have people in charge, and can respond to problems. In this case, the operators of the exchanges have intervened to protect their customers and their business.

Unfortunately for some users, the response is a draconian ban on the whole ERC-20 protocol. In this case, I don’t see much alternative.  It’s impossible to really tell if some ERC-20 contract is a problem or not.

Third, note that just because the blockchain is decentralized and immutable doesn’t mean that everyone has to agree on what to do with it.  The ERC-20 protocol and code is still there, indeed, it will be there until the heat death of the universe. But a lot of people can’t use it because their exchange does not honor the protocol.  Ironically, the “decentralization” that assures there is no one who can “censor” the blockchain, also assures that there is no one who can “censor the censors” of the blockchain.

This kind of behavior could be problematic in the long run. If part of the network accepts some contracts and not others, then how can anyone really use the system.  This is sort of a really soft ‘fork’ that effectively splits the network Even though there is a single technical system, it is used differently by different sub networks.

Ethereum is certainly pushing hard to repeat the CryptoTulip of the Year in 2018!

  1. Nikhilesh De (2018) Crypto Exchanges Pause Services Over Contract Bugs. Coindesk,
  2. Rachel Rose O’Leary (2018) Ethereum Infighting Spurs Blockchain Split Concerns. Coindesk,
  3. Rachel Rose O’Leary (2018) Ethereum Is Throwing Out the Crypto Governance Playbook. Coindesk,
  4. Rachel Rose O’Leary (2018) Ethereum’s Dialogue Divide Is Slowing Answers to Its Toughest Questions. Coindesk,


Cryptocurrency Thursday

Ethereum in Space!

Cryptocurrencies have attracted far thinking people, including utopians ideas of “disrupting” money.

But the farthest thinking must involve getting off the planet or even out of the solar system altogether.

NASA is tasked with thinking about and developing concepts for space exploration, and they are certainly aware of the need for decentralized protocols.  NASA missions, by definition, go far beyond Earthbound infrastructure, not to mention beyond the possibility of direct human control.  (Even human spacefarers can only control things within a tiny sphere.)

Many research teams are investigating autonomous systems, which can operate without direct programming from Earth.  This year, Professor Jin Wei Kocsis  of the U. of Akron is looking at Ethereum “smart contracts” as a model for part of the system [2].

[T]his project intends to develop a resilient networking and computing paradigm (RNCP) that consists of two essential parts: (1) a secure and decentralized computing infrastructure and (2) a data-driven cognitive networking management architecture.

Ethereum is a decentralized more-or-less secure infrastructure, with both storage and computation.    Ethereum-style executable contracts are decentralized and Turing complete.  One could imagine Ethereum nodes on a constellation of loosely cooperating spacecraft, and one can imagine Ethereum contracts executing in such a network.


As Samburaj Das remarks, “Details remain slim” [1].

But we can speculate.


The overall goal is “autonomous” spacefaring, i.e., pushing as much sensing and decision-making to the spacecraft.

I hope to develop technology that can recognize environmental threats and avoid them, as well as complete a number of tasks automatically,”  Professor Jin Wei Kocsis quoted in [1]

Reading between the lines of the abstract, it seems likely that the system is expected to incorporate data from many sources, e.g., from planetside radar and swarms of spacecraft.  In such a scenario, the spacecraft needs to get data from many sources and automatically combine and filter it to keep a current assessment of hazards and possible responses.  It is also possible that the assessments (i.e., the computations) might be shared, so the whole system can learn and refine awareness of the whole area.

The scenario I describe is often solved using some form of shared memory, e.g., as a scratchpad or chalkboard shared among many nodes.  Clearly, a blockchain can function as such a shared memory, with the advantage of being completely distributed and robust regardless of nodes dropping out or communication problems.  Ethereum executable contracts offer the additional advantage of distributed computation, which can filter and analyze data on the blockchain.

This is surely the essence of how Ethereum will be used, presumably integrated as storage for their control algorithms.

There are other features of Ethereum that may or may not be important or even relevant for this project

It is possible that the cryptographic signatures may be useful as well.  Data on the blockchain is signed and can’t be fiddled with.  Cryptographic signatures mean enable the network to potentially detect and ignore intruders, errors, and false signals.

Speculating further, it is possible that the Nakamotoan distributed consensus mechanisms may be useful in the event that not all nodes are known or trusted.  The blockchain is a ledger designed to be trustworthy without relying on specific nodes to be correct or honest.  Out in space for years with no supervision, being able to trust the data even if you can’t trust the network nodes is probably valuable.

In summary, there is certainly a case for a distributed memory, and something like Ethereum is a useful testbed for these ideas.

On the other hand, I’m not sure if the currency aspects of Ethereum will be particularly useful, or if so, how.

I wonder if the incentives for miners make sense for this use case.  Would autonomous spacecraft want to operate as miners, or would they rely on other nodes (e.g., motherships and dirtside servers)?  It seems unlikely that the energy budget of a spacecraft can afford the costs of mining.

In the case of Ethereum, there is also the question of “gas” to run contracts.  This is extremely important for the correct operation of executable contracts (among other things, it assures that a contract will not run forever).  How are autonomous spacecraft going to be provisioned with Ether to buy gas?  Surely it isn’t reasonable to upload Ethereum coins from Earth.

Perhaps they going to buy and sell data or other services with their peers?  Maybe.  But this seems kind of out of scope, and potentially a huge resource hog for a very constrained system.  (It would be bad to be churning away doing some kind of micro transactions, and not have enough CPU time to actually do the navigation, no?)

(Combining these two possibilities:  maybe the spacecraft will charge for downloads.  “You want the data I collected?  That will be 100 ETH, please.”)

I imagine that these questions are some of the things the research will investigate.

Let me be clear. I know that Ethereum is just a testbed, not proposed to actually use on a mission.

It isn’t likely (or even possible) for Ethereum to be used in real spacecraft.

But Ethereum can help identify the features for a distributed storage and computation system that could be used.

I’ll add that distributed algorithms and storage are scarcely new to NASA.  NASA has been exploring these architectures for a long, long time [4,5].  Nevertheless, it is very interesting to see how these contemporary systems might be applied to specific missions.

  1. Samburaj Das, NASA Researches Ethereum Blockchain Tech for Deep Space Exploration, in Ethereum News. 2018.
  2. Loura Hall, RNCP: A Resilient Networking and Computing Paradigm for NASA Space Exploration, in NASA -Early Career Faculty Awards. 2017.
  3. Alex Knisely, Researcher and NASA work to help spacecraft avoid floating debris, in University of Akron – News. 2018.
  4. J. Russell Carpenter, Decentralized control of satellite formations. International Journal of Robust and Nonlinear Control, 12:141-161, 2002.
  5. Wei Ren and A Randal Beard, eds. Distributed Consensus in Multi-vehicle Cooperative Control: Theory and Applications. Springer Publishing Company, Incorporated: London, 2010.


Space Saturday

Yet More Academic Warnings About Blockchains

One of the most important features of Nakamotoan blockchains is that they are “decentralized”[3] .  Blockchains and consensus protocols are grievously inefficient, but the price is considered worth paying in order to eliminate the potential for a few privileged actors to control the network.

Nakamoto-style blockchains are theoretically decentralized. This means that the system is capable of, and intended to be, run by a non-hierarchical group of peers.  But real networks are never perfectly decentralized in practice. There are also many possible dimensions of “decentralization”.

One important, if not preeminent dimension is decision making: just how are decisions actually made, and by whom?

Researchers from University College London report this spring that in fact the decision making is concerned Bitcoin and Ethereum are highly centralized [1].  This finding confirms the intuition of anyone who has dealt with these communities.  Regardless of philosophical intentions, there are a relative handful of people and organizations that have out-sized influence on these cryptocurrencies.

The study examined the public discussion and code repositories, where the design and implementation of the software infrastructure is recorded. This infrastructure embodies many technical decisions that affect the behavior of the system, the outcomes of users, the security and trustworthiness of the information, and even how decisions are made.

The decision-making process is modelled after the Internet and open source software. Ideas are formulated as public proposals, which are posted for global discussion. Implementations are published in open repositories, and also subject to evaluation and discussion.  The principle is that anyone on the Internet can propose features or changes, and that implementations will have widespread understanding and support by the time they are deployed.

The study examines the number of individuals who contribute to comments and code for different cryptocurrencies, as well as comparison to other open source code projects.

The results are pretty simple.

While “anyone on the Internet” is theoretically able to contribute, only a relatively small number of people actually write the code. And most files have only a handful of authors.  (Programmers will not be surprised at this: coding is hard work, and collaborative coding is even harder.)

Similarly, the open-to-anyone comment process is, in practice, dominated by a handful of individuals, who are de facto “experts”. This distribution parallels the pattern of actual coding, though whether “coders are experts” or “experts are coders” or there are two separate populations is not clear.

This study confirms what we have seen in practice: cryptocurrency communities are complicated, with many individuals, organizations, and interest blocs that exercise outsized influence. Their comparison to other code projects indicates that these are a natural pattern for “distributed” software projects.  The paper also include references to other studies that show just how “centralized” cryptocurrencies are.

The study did not, and could not, compare to non-decentralized projects, such as proprietary or sponsored systems.  My own experience is that such projects have similar patterns of concentration in decision making (a relative few highly influential designers and coders), though this case there is also a formal proprietor with decision-making authority which may override the contributors.

In other words, the pattern seen in this study is perfectly normal for software development.  The major difference is that there is no one “in charge”, so the de facto mavens rule.

It is important to note that, as the researchers discuss, there is a large ecosystem beyond the core software examined here.  These other projects, including exchanges, wallets, and services are organized in a variety of ways, some “decentralized”, and some very centralized (and opaque).  This means that the overall, end-to-end system is “patchy” and likely includes many islands of code, created and managed by different people.  It isn’t really reasonable to describe a cryptocurrency as purely “decentralized”.

This and many other studies show that the broad and often poorly defined notion that cryptocurrencies are “decentralized” is not realized in the actual, real-world implementation. Clearly, the Nakamotoan dream of a truly decentralized system has yet to be realized in practice.

This conclusion is important because this “decentralization” property underlies other important claims for the ultimate fairness and usefulness of the system.  For many people, the point of paying the high technical cost for decentralization is to achieve a system that is not, and cannot be, controlled by a powerful few.  If this goal is not really being accomplished, then the case for Nakamotoan blockchains is much weaker.

  1. Sarah Azouvi, Mary Maller, and Sarah Meiklejohn, Egalitarian Society or Benevolent Dictatorship: The State of Cryptocurrency Governance. 2018.
  2. Alyssa Hertig (2018) Major Blockchains Are Pretty Much Still Centralized, Research Finds. Coindesk,
  3. Satoshi Nakamoto, Bitcoin: A Peer-to-Peer Electronic Cash System. 2009.


Cryptocurrency Thursday


Cryptocurrencies: Yet More Warnings From The Academy

I have noted that the cryptocurrency community has a troubling history of ignoring academic research, even when it ­raises troubling warnings.  In a previous post, I noted that Professor Malkhi warns that the new Ethereum protocol is not secure—and the developers shrug.  And so on.

Now that cryptocurrencies are finally on the academic radar (I’ve been trying to get researchers interested for several years), these incidents are coming fast and often.

IOTA Flaming Out?

 IOTA is an interesting technology that seeks to really implement microtransactions, which they imagine will be useful for the Internet of Things (which they call the “Internet of Ownership”).

As I noted earlier, they whipped up their own hash function, which is a Really Bad Idea ™.   Considering that even half-clever rubes out here in Illinois (me) were aware of this issue as early as last August, it’s quite worrying that they were still using it in December, and then strongly resisted a report of a discovered flaw.  In fact, they accused the academic researchers of fraud and threatened legal action—for daring to report the problem to them.

Not even a shrug, but instead a ferocious counter attack intended to suppress the bad news.


IOTA is a peculiar bird.  They say they want to tackle the challenge of microtransactions which Nakamotoan blockchains really do not handle well.  And they tell the world they are a blockchain / cryptocurrency technology.

But they have no blocks and no chains.  And they have their own weird protocol and until recently, their own home-brew hash function. Notably, the system actually relies on centralized services to work.

They also say they are “open source”, though parts of the system are proprietary.  (Given the experience with the hash function they did publish, I can see that they don’t want people critiquing their code too closely.)

Hmm.  A centralized system with closed source?  That doesn’t seem very blockchain-y to me.

And they are tackling the IOT, which has grievous, deep, and wide security challenges.  Wow!

So what do they have?

They seem to have some technology that is tackling microtransactions (though we can’t really tell what they are doing), and a whole lot of PR.  They seem to be amply stocked with ego, as well.  That part is very Nakamotoan.

Is this something that you would trust?  Probably not.

Ethereum Contracts Have Problems

Ethereum’s “smart contracts” have always been a faith-based technology.  Faith that software can be trusted more than humans.  Faith that people can write error free code. Faith that people on the internet are generally honest.

Since the DAO disaster and ensuing oopsies, you’d think people would lose faith.  But that never happens, and Ethereum was awarded the CryptoTulip of the Year for outstanding achievements in Cognitive Dissonance.

There have been fixes and proposals for improved logic for “smart contracts”, though academic researchers have been trying to climb that particular mountain since Turing’s day.  In the real world, error free programs are so rare as to be unknown.  For that matter, despite millennia of effort, conventional contracts are still imperfect, and always contain escape clauses to deal with disputes and unforeseen developments.  Spoiler alert: “smart contracts” aren’t any smarter than any other contract.

This month researchers from National University of Singapore report a study of Ethereum contracts visible on the blockchain [1]. In general, it is very difficult to analyze the logic of Ehtereum smart contracts because they are complex (running custom languages in the Ethereum Virtual Machine), open-ended (i.e., a contract can call other contracts and services), and execute on any node of the Ethereum  network (i.e., in completely unpredictable environments).

“Contracts are relatively difficult to test, especially since their runtimes allow them to interact with other smart contracts and external off-chain services; they can be in- voked repeatedly by transactions from a large number of users” ([1], p.1)

Instead of logical analysis of each contract, the research studied traces of the contract execution, looking for aberrant behavior that likely reflects a bug.  They examine three patterns that they characterized as greedy, prodigal, and suicidal.

  • ‘Greedy’ contracts lock funds indefinitely.
  • ‘Prodigal’ contracts leak funds to other parties.
  • ‘Suicidal’ contracts are susceptible to being killed by any user.

The comprehensive study scanned over 900,000 (!) Ethereum contracts, executing the logic repeatedly and flagging potential problems.  They found problems in 34,000 (!) some contracts (over 2,000 distinct contracts—there are many replicates in the pool).  Close checking a sample of some 3,000 flagged contracts, they found 89% were confirmed as true bugs.

By my calculation, that’s close to 1 in 3 existing Ethereum contracts that have potentially catastrophic problems.

This is a really cool study.  The researchers likened this to randomly pushing buttons to see what happens, and they heroically pushed all the buttons many, many times.  (Sort of like the current administration’s approach to running the US government.)

It is interesting to note that on the supposedly “transparent” blockchain, less than 1% of the executable contracts had source code available. The study had to analyze execute the bytecodes—which is way harder than analyzing source code.  (But studying the actual bytecodes also revealed bugs in the language and virtual machine that would not be apparent from the source code alone.)

The opacity of these contracts highlights the fact that when you use an Ethereum contract, odds are you are “trusting” the code and other (unknown) people, because you can’t necessarily check the contract. In this supposedly “trustless” system, “faith” replaces “trust”.

Anyway, the result that these contracts contain many serious bugs is scarcely news to anyone who knows anything about programming. In fact, the fact that so many contracts didn’t have problems is really surprising.  Actually, this simply means that there are surely many more bugs that this study wasn’t scanning for.

It will be interesting to see how the Ether heads respond to this report.  My guess is they will shrug.

It is clear that the race for the 2018 CryptoTulip of the Year is wide, wide open.  So much bogosity, so little time to find it all.  But there are more and more competent researchers and actual grown ups investigating the vast acreage of CryptoTulips.

  1. Ivica Nikolic, Aashish Kolluri, Ilya Sergey, Prateek Saxena, and Aquinas Hobor, Finding The Greedy, Prodigal, and Suicidal Contracts at Scale. xariv, 2018.
  2. Mike Orcutt, Ethereum’s smart contracts are full of holes, in MIT Technology Review. 2018.
  3. Morgen Peck, Cryptographers Urge People to Abandon IOTA After Leaked Emails, in IEEE Spectrum – Tech Talk. 2018.



Cryptocurrency Thursday

(Note: This post was edited March 17 to clean up multiple spelling and typos.)