Category Archives: Ethereum

Blockchain for Local Identity?

As soon as I declare that blockchain technology is unsuited for two use cases, Identity and local currency , Wolfie Zhao reports in Coindesk that the Swiss city of Zug is going to have a local ID service using a blockchain.

Oops. These use cases are still open, or at least not as dead as I said.

Of course, there is a difference between a local currency and a local ID service. The former needs to interact with conventional financial systems, the latter needs to interact with conventional ID systems. The press release indicates that digital IDs are not well developed in Switzerland, though I’m sure that digital banking works great.

Similarly, there is a difference between a global ID system, with secure digital passports for everyone including refugees and repressed populations, and a digital ID issued by a city. For that matter, the city is Swiss, which means it already has a well developed national ID system to build on.

So this isn’t quite the use cases I considered earlier.

What it is, is an intersection of them, a simpler problem and a well organized local government. Perhaps this is a favorable “corner” of the use cases, where blockchain will work well.


So far as I can tell, the rationale for this system is that Switzerland has a personal ID system (which I’m sure is quite rigorous and efficient), but digital versions of the IDs have not been successful. Blockchain technology is a way to securely associate a cryptokey with a particular ID. The blockchain is intended to make it possible for digital apps to quickly and cheaply confirm IDs.

Sure. This can work.

We’ll see how well it works. Is there enough need for this sort of crypto ID, and does it work well enough to be useful?   I don’t know, we’ll find out.


I note that blockchain is being used for a tiny part of the problem. As the press release makes clear, citizens must go to a city office to prove their identity and then are issues a digital key. This process is the hard part, and blockchain does nothing to support this service.

We want a single electronic identity – a kind of digital passport – for all possible applications. And we do not want this digital ID to be centralized at the city, but on the blockchain.” (Dolfi Müller, quoted in [2])

It is ironic to see the proponents of this system talk about how this is a “decentralized” solution. What they mean by that is that the part of the process where digital IDs are looked up is “decentralized”, particularly compared to previous systems that have attempted to implement the service with a database.

Essentially, the city doesn’t want to run a database with a secure public interface. Fair enough.

To a certain extent, they are also boasting about the local city’s initiative, too, though IDs issued by one city may have limited use elsewhere. Ethereum runs everywhere, but Zug IDs may not be trusted anywhere outside Zug.

I suspect, though, that Zug is issuing IDs based on Swiss national credentials. In that case, IDs issued in Zug are great throughout Switzerland. These are, of course, centralized IDs in that case.

Looking up IDs is a decentralized problem, but issuing IDs demands trust, and a web of trust between authorities. If every city in Switzerland issues its own crypto IDs, even using the same Federal ID, it will be chaos.


Finally, I have to say, “Ethereum? Really?”

I’m rather surprised that anyone would try to build a trusted system using the catastrophically messed up Ethereum technology. But they probably use Microsoft Windows, too. Massively clever cryptography running on wobbly, hackable software infrastructure.

Anyway, we’ll see how this works out.


  1. Stadtverwaltung Zug. Blockchain-Identität für alle Einwohner. 2017, http://www.stadtzug.ch/de/ueberzug/ueberzugrubrik/aktuelles/aktuellesinformationen/?action=showinfo&info_id=383355.
  2. Wolfie Zhao, Swiss City Announces Plan to Verify IDs Using Ethereum Coindesk.July 7 2017, http://www.coindesk.com/swiss-city-verify-id-ethereum/

 

Cryptocurrency Thursday

Coindesk’s Crypto “Consensus 2017”: Lot’s Of Talk, Not Much Consensus

Last month saw Coindesk’s “Consensus 2017”, one of, if not the biggest Cryptocurrency and blockchain conferences. Everyone who is anyone was there (well—not me). It’s all too much, I can’t even work through the Coindesk reports, let alone all the presentations, panels, and demos. (Coindesk’s summary recap is here.)

There was a lot of excitement, although I haven’t seen much new technology or actual businesses. The promised land is still just over the horizon, as it has been for several years.

Even the generally enthusiastic Coindesk recognized some of the excess, with headlines like . “Consensus 2017: Even Academics Can’t Keep Pace With Blockchain Change”. A report on the separate Ethereum-centric Ethereal Summit has the memorable headline, “’Spiritual Experience’: Hot, Wild Ethereum Summit is Sign of the Times” <<link>> Castor comments,

If there were a sign that blockchain may be overhyped, or that the industry is in the midst of a massive bubble, the Ethereal Summit may well have been it.

Quite.

The most significant news from the Consensus meeting itself was a somewhat opaque diplomatic communiqué from the Digital Currency Group, announcing a Bitcoin Scaling Agreement.

This is the latest step in the two plus year-long process that is attempting to deal with the perfectly routine engineering issue of adjusting a data structure to keep up with traffic. This issue has demonstrated the dysfunction of the so-called “consensus” governance of Bitcoin, and has nearly broken Bitcoin into multiple competing currencies.

So, “agreement” would be welcome.

Unfortunately, this grand announcement in fact announced that the same steps agreed to February 2016, which were never executed. This group has endorsed a plan that has been languishing for more than a year. (And there is no implementation in sight.)

As Coindesk reports, the underlying technical, business and political issues remain. The technical issue is pretty straightforward, but there are many people and companies using the protocol and network, and their interests conflict.

The decentralized decision-making process has been unable to find sufficient common ground to date, and has exposed deep divides in the “community”. The standard “consensus” process in such a case is for dissident factions to “fork” and do their own thing. That would mean two or more incompatible versions of Bitcoin, multiple protocols and virtual networks. This kind of fork works (sort of) for software, but isn’t a great model for what is supposed to be a universal shared resource.

So, things are not only “hot and wild”, but also on fire and adrift. (And QC will cause it all to fall down with a big thud within a couple of years.)

“It’s doomed, I tell you. Doomed!” 🙂


  1. Amy Castor,  Spiritual Experience’: Hot, Wild Ethereum Summit is Sign of the Times Coindesk.May 20 2017, http://www.coindesk.com/spiritual-experience-hot-wild-ethereum-summit-sign-times/
  2. Digital Currency Group. Bitcoin Scaling Agreement at Consensus 2017. 2017, https://medium.com/@DCGco/bitcoin-scaling-agreement-at-consensus-2017-133521fe9a77.
  3. Pete Rizzo and Alyssa Hertig Bitcoin’s New Scaling ‘Agreement’: The Reaction Coindesk.May 24 2017, http://www.coindesk.com/bitcoins-new-scaling-agreement-reaction/

 

Cryptocurrency Thursday

A Bad Idea Implemented with A Bad Idea

Let’s be clear. I find gambling to be boring and stupid myself, and I don’t admire gambling businesses that are built the weaknesses of people. Casino and other on-site gambling is a bad idea, but at least it gets people out in the world a little bit. Online gambling is a really, really bad idea, enabling people to feed their worst inclinations in the privacy of their own home.

You won’t b surprised that I’m not a big fan of the new initiative by an opaque company called Better Gaming, who are building an Ethereum Slot Machine: a slot machine that uses Ethereum smart contracts.

The innovation here is that this game is running entirely in a smart contract. No servers are required to operate the game, unlike existing online casinos.

Running “entirely in a smart contract” isn’t quite accurate: there is no server, but much of the logic runs on your local device.  However the logic of the gambling machine is implemented with smart contracts, which is the main point.

Readers of this blog know that I have a low opinion of “smart” contracts, Ethereum or otherwise. So, I’m especially excited to see this poorly designed technology used to implement the inherently bad idea of a slot machine. Not.

Obviously, the game itself isn’t innovative. They have gone to great trouble to replicated the behavior of these ubiquitous one-armed bandits. The “innovation” is to eliminate the server, in a fully decentralised and provably fair.” system.

For once, this Distributed App (Dapp) is actually solving a real problem: trusting your online gambling provider not to cheat is, well, a gamble. Gamblers can’t win, but they want to lose honestly.

The game’s logic has to be wholly processed within the smart contracts so that anyone who wants to can see that the game is playing by the rules and can’t cheat

Of course, they are also “solving” another problem, how to run an unregulated gaming operation, “off shore” from everywhere. Cryptocurrency is, if nothing else, a perfect digital “poker chip”, easy to move around, and not tracked by annoying tax agencies or vice squads. This slot machine isn’t taxed or regulated, and all the money goes…who know where it goes?

To give them their due, there are a couple of legitimate technical innovations in this product (at least according to their write up).

First of all, they made the user app asynchronous from the blockthain. It’s extremely important to give instant gratification to the lab rat gamer, and the blockchain has too much latency to always respond instantly. So they worked out protocols to mask the delay, presumably with caching on your local device. This is a significant achievement, and certainly caught Corin Faife’s attention in Coindesk. If this is successful, it may be a model to emulated by every Dapp.

A second technical feature is the random number generation (RNG). As Donald Knuth pointed out all those years ago, “Random numbers should not be generated with a method chosen at random.” [2] This group uses the blockchain with its pseudorandom hash in its random umber generation. I’m not sure what their method is, exactly, but this is a rather clever idea because the hashes are already very solid pseudorandom numbers.

 

Overall, this is yet another example of how bad ideas sometimes inspire brilliant software. This sounds like it will be a very solid implementation of a bad idea (a digital slot machines), and it will make excellent use of a bad idea (Distributed apps using Ethereum contracts), with some creative technical wrinkles. Sigh.

One sign that this is technology whose time has come: the Better Gaming  folks are already making legally licensed online games, and presumably making money.  Yet they believe it is worth building with this new tech, even though they are well aware that the powers-that-be will not easily approve it.  They should get credit for a gutsy technical gamble, and it shows just how promising this technology is.

it’s so new that we don’t expect regulators to fully grasp nor appreciate the implications overnight and there will need to be lots of discussion and negotiation before existing gaming jurisdictions license such activity.”


  1. Corin Faife, Watch This Ethereum Slot Machine Make Payouts in Real Time. Coindesk.April 21 2017, http://www.coindesk.com/watch-ethereum-slot-machine-video/
  2. Donald Knuth, The Art of Computer Programming: Vol. 2: Seminumerical algorithms (3 ed.). Boston, Addison-Wesley, 1997.
  3. Jez San, 1st Demonstration of real-time casino games built with Ethereum Smart Contracts, in Medium. 2017. https://medium.com/@aerobatic/1st-demonstration-of-real-time-casino-games-built-with-ethereum-smart-contracts-165ba72be02e

 

Cryptcurrency Thursday

More Bogosity From Matchpool

I looked at Matchpool earlier. Actually, it is fair to say that I scowled at this project, raising a number of questions and objections. My view is that they don’t understand what they are doing, and are offering a non-solution to a misstated problem.

I concluded

It is early days, so no one is really using this cunning app yet. We’ll have to see, but I’m not expecting it to work very well.

Evidently, this logically shaky project has had a rocky execution as a company as well.

Corin Faife describes “The ICO ‘Scandal’ That Wasn’t”, walking through a couple of news items that he explains aren’t as “scandalous” as some have said.

Much of the fuss seems to be the departure of one of the founders. On the way out the door, he complained about a less-than-completely-transparent transfer of funds, over $1 million worth, out of the ICO account.

Faife tells us that this was actually a transfer from Ethereum into Bitcoin, as a “currency hedge” against the volatility of Ethereum. This isn’t an implausible story, though one wonders whether this kind of volatility it is a great sign for a business that is built on Ethereum.

A second issue is that the transfer itself required three signatures (keys), which is intended to prevent simple theft. It turns out that the remaining founder has two keys (!), partly subverting this security mechanism. He found one other person, and they just did it.

Perhaps multisignature wallets are not quite the silver bullet that some think they are. Anyway, this seems at least a bit “scandalous” to me, that large amounts of cash are sloshing around with little effective accountability.

Faife comments that, if not actually scandalous, the departure of a founder from a brand new company is certainly a bad sign. He reports that the company claims that he left because he submitted code that was rejected and had to be rewritten. (His code was “fired”, so the code quit?)

The story doesn’t explain what kinds of “errors” were flagged, though it is said to be “smart contract code”, which is the stuff that brought down The DAO, and which is notoriously iffy  even when done well.

If this story is true, then it is kind of scandalous that such a poor coder was allowed anywhere near the code base in the first place. It also suggests that this founder probably doesn’t know as much as he believes he does about smart contracts.

Overall, I have to wonder if these people actually have any idea at all what they are doing. These are silly, rookie errors that suggest they really don’t deserve the confidence of investors or users. On top of their fundamental misunderstanding of the real world problems they aim to “fix”, they don’t seem to be able to run a software development project.

The article includes an unintentionally revealing “endorsement”, by project advisor Joe Shapira of Jdate,

I think that Matchpool will be a very beneficial venture for its founders and the investors in its currency.” (quote from Shapira)

Whoa! A dating service that is very beneficial to the founders and investors, but has nothing to say to the actual users? Is that really the right idea?  I don’t think so.

To the extent that this project is focused on investors and not on customers, it is absolutely guaranteed to fail. Assuming it even gets to release. At the rate they are going, I wouldn’t bet on it.


  1. Corin Faife, Matchpool: The ICO ‘Scandal’ That Wasn’t. Coindesk.April 15 2017, http://www.coindesk.com/the-matchpool-ico-scandal-is-all-smoke-and-no-fire/

 

Cryptocurrency Thursday

Bitcoins Not so smart contracts

Garrett Keirns reports in Coindesk on a new paper about “Smart Contract-Based Bribes”, which “threaten” Bitcoin Mining Pools.

My first thought was, “duh!” Any kind of bribes in the blockchain expose miners to possible liability. It hasn’t happened yet, but it’s only a matter of time before someone, somewhere hauls a Bitcoin miner into court, charging them with abetting criminal activity by processing the records of illicit transactions.

But this isn’t what Kairns is talking about. He refers to a paper by Yaron Velntner, Jason Teutsch, and Loi Luu [2].  What the researchers are actually talking about something more nefarious, and actually quite amusing.

Their idea is basically to offer a corrupt payment to miners, enticing them to “work slower”, reducing the yield of the whole pool. Presumably, this benefits other miners who will beat out the hobbled pool.

The authors do a lot of careful work to show how to make it work, and I don’t completely understand the details. But clearly executable contracts are ideally suited for this and many other kinds of automated skimming. The paper notes a number of other examples.

This particular scam is one of the oldest tricks in the book (bribe the bank clerk to “lose” the records for a time), utilizing the 21st century technology and the peculiar “trustless” nature of cryptocurrencies. In the physical world, this kind of shenanigan is defeated by, well, trust.

The amusing part is that the  clever bit is the amount of work they do to make this dead simple scam work as a decentralized program, i.e., where no one actually knows or trusts any of the others involved. It is fascinating to watch this fetish for technology in action, working out proofs and algorithms that have little value except to prove that the fantasy world of “trustless” systems can simulate yet another kind of transaction. In this case, yet another undesirable kind of transaction.

(As an aside, I note that the report is published in something called the Cryptology ePrint Archive, an unrefereed repository patterned after arXiv and other preprint services.  A bit of a cargo cult, no?)

It would be so much simpler to just bribe or threaten the miner into colluding, and I’m sure that happens all the time. But it is fascinating to watch this fetish for technology in action.


  1. Garrett Keirns, Could Smart Contract-Based Bribes Threaten Bitcoin Mining Pools. Coindesk.2017, http://www.coindesk.com/smart-contract-bribes-bitcoin-mining-pools/
  2. Yaron Velner, Jason Teutsch, and Loi Luu, Smart Contracts Make Bitcoin Mining Pools Vulnerable. Report 2017/230, Cryptology ePrint Archive, 2017. http://eprint.iacr.org/2017/230

 

Cryptocurrency Thursday