Massimo Franceschet on “Decentraland”

The subtitle makes clear that Franceschet is far from a faithful Nakamotoan!

“The Alleged Decentralization of Blockchain Applications”

(From [1], p.45)

Me-ow!

By now, all but the most fundamentalist Nakamotoans must realize that the term “decentralized” (a) means several things and (b) isn’t the magical cure-all some Nakamotoans suggest, and (c) most Web3.0 stuff isn’t really decentralized anyway.

Franceschet actually does understand the idea of “decentralization”, particularly in networked information and organizations.  And he’s not interested in parsing arguments about the variations of Nakamotoan blockchain protocols.  He’s interested in the kinds of things that “Web3.0” is building on top of blockchains. I.e., the things that people might try to use.

As I have pointed out for years, no normal human deals with blockchains directly.  They use applications and services that may use blockchain technology (often invisibly).

Franceschet considers two popular use cases for contemporary blockchain stuff:  DeFi and NFTs.

DeFi (“Decentralized Finance”)—so called—is mostly conventional finance implemented with one or another version of Nakamotoan blockchain technology.  Key services such as exchanges are, in fact, operated by for profit companies, and use a ton of completely normal, non-blockchain technology (standard internet, servers, and clients).   Users trust the company and the service in various ways, generally similar to the trust required to use conventional financial institutions (but without the benefit of most legal regulation).

There are some actual really-DeFi systems that use executable contracts (AKA “smart contracts”) to implement trading and other operations.  “In this case, users are forced to trust not a third party but the exchange developers and the smart contracts they wrote”  ([1], p. 47)

“Trust” has moved, but not been abolished.

So called Non Fungible Token technology has enabled an explosion of digital art markets.  This technology was originally hyped as a great equalizer, allowing artists to sell their work without  gatekeepers. 

Not surprisingly, normal humans, not to mention creative artists, seldom deal with blockchains per se.  The actual marketplaces and digital tools use the same non-blockchain technology as conventional digital services, and, by the way, are generally organized as for-profit companies.  

For that matter, the NFT deposited on a blockchain is actually just an sealed certificate of authenticity.  The actual artifact and associated metadata are generally managed in conventional (usually centralized) digital systems, or hybrid digital-“analog” systems.

In this case, “trust” has transferred from a corporation to… complex software and a corporation. 

In addition, Franceschet notes that the markets built with this supposedly equalizing technology are, in practice highly concentrated.  Very highly concentrated.  He calculates the equivalent of a GINI coefficient for one blockchain based art exchange to be over .80! NFT “wealth” is absurdly, insanely concentrated.

This is not what you hope to get from a “decentralized” technology.  (IMO, it is what you expect from most art markets, however.  Technology can’t really change the social psychology of “artistic value”.)

---

Franceschet notes that blockchain based exchanges and markets do have a decentralized core, and potentially can be used in a peer-to-peer, “trustless” fashion.  But people mostly don’t to that.

Basically, normal humans, (“even “nerds,”” he snarks) don’t have the energy to run all the infrastructure necessary to do it yourself, let alone to write code to access blockchains, and so on.  “Nerds” especially should be aware of the requirements and responsibilities of operating a network protocol and software stack.  The daily bug patches alone can be a full time job!

“[N]ot all individuals have the will, skill, and time to adapt to a truly interdisciplinary field such as blockchain.”

([1], p. 47)

A normal response to a large technical requirement is to delegate.  In this case, users delegate to (centralized) companies, servers, and software providers to get all the pieces they need.  This is a sensible strategy, but it absolutely requires trust.

And, as we have seen in recent years, trusting off-shore, unregulated, poorly run organizations has serious risks and downsides.

“A dose of delegation and centralization is therefore inevitable. This is not a bad thing, so long as we deeply understand that centralization entails delegation, while decentralization demands responsibility.”

([1], p. 47)

---

1. Massimo Franceschet, Decentraland: The Alleged Decentralization of Blockchain Applications. Communications of the ACM, 66 (6):45–47,  2023. https://doi.org/10.1145/3563942

Cryptocurrency Thursday

Kunze Külllmer on “Whence Ethereum’s Virtual Machine?”

Let’s take a break from the FTX catastrophe, and consider for a moment some of the actual innovation that has come from Nakamoto’s Happy Kingdom. 

Or, more accurately, from Benevolent First Citizen Buterin’s Happy Republic.

This month Federico Kunze Külllmer reports on the use of the Ethereum Virtual Machine (EVM), which is spreading beyond the Ethereum blockchain [1].

The EVM is, at base, a conventional virtual machine, which defines an abstract computer that operates on the contents of the Ethereum blockchain.  The abstract VM itself is similar to many such designs, including the Java VM.  However, instead of mapping to a simple linear memory and computational state, the EVM maps its state and memory to the contents of the Ethereum blockchain.  It’s kind of complicated, but the upshot is that you can write programs that can access anything on the blockchain as if it were laid out in a very large memory space.

Critically, the blockchain is, by definition, available to any computer in the world.  Any correct implementation of the EVM will get the same result on any computer.  This means that EVM code can be shared and reliably executed everywhere.  This is the basis of “smart contracts”, AKA executable contracts.

While the EVM works pretty much like most contemporary VMs, the mapping to the blockchain is innovative:  the EVM is a distributed VM.  Your EVM program runs nowhere and it runs everywhere.  The program is executed on any computer that wants to know the answer (or at least, wants to know enough to spend the resources to run teh program).

(As a historical note, I’ll point out that this is what Java and Java script wanted to accomplish.  But the cryptographically secured and consensus protocolled blockchain is vastly more secure and scalable that raw web protocols.  So, yeah, this is a real advance over our “first try” from before the turn of the century.)

(And as a theoretical note, the EVM is a “stack machine”, which is equivalent to a Turing Machine.  This means that it can compute anything and only what a Turing Machine can compute.  It also means that “smart contracts” are still computer programs, which means that they have bugs.  It doesn’t matter how much cryptography the blockchain uses, “smart contracts” are no more “secure” than any other software is.)

No normal human would monkey around with the EVM itself, which executes minute operations on an abstract stack machine.  This stuff will drive you crazy if you aren’t already crazy.  Instead, people use more convenient tools and languages to express their programs.  The higher level languages compile to long, obscure, sequences of EVM code.

The EVM was designed to enable executable contracts on the Ethereum blockchain, i.e., programs that manipulate things represented on the Ethereum blockchain.  However, the design is actually very general, and can work equally well on any similar blockchain.

Kunze Külllmer reports that there are a growing number of systems that use the EVM with other blockchains [1]. 

From an engineering point of view, this makes sense:  the EVM represents an immense investment in design.  The whole thing depends on a long, detailed, and, not to put too fine a point on it, abstruse formal specification.  Even more effort has gone into implementations and tools that make the specification real and trustworthy.  Redoing all this work would be costly and nearly pointless.  So, yeah, build on what is already proven and successful.

Alternative blockchains and versions of the EVM might be used for several reasons.  One is to provide specialized or extended features, or to improve performance.  Many systems want to optimize a small set of contracts that implement their services, and using your own EVM may pay off. in this case.

Countering this tendency to clone the EVM is the challenge of multiple blockchains.  Aside from maintenance issues (more EVMs means more bugs), writing contracts that work on multiple EVMs and blockchains is not trivial. 

Kunze Külllmer envisions interoperability and composability, which will be achieved by additional software.  (Not coincidently, his company makes such software.)  In this context, I think “interoperability” means contracts that work on multiple EVMs and blockchains, and “composability” means combining pieces of contracts from different EVMs / blockchains into a single contract.  This process often requires “bridging” blockchains, i.e., representing the same asset or object on multiple blockchains at the same time.

These are certainly the problems that need to be solved.  But I’m not as optimistic as KK is about how well they can be solved.  An interoperability library that unites 12 EVMs / blockchains is effectively a 13^th EVM / blockchain.  And there will always be a 14^th.

Worse, bridging multiple blockchains is hazardous. Very hazardous.  I generally do not recommend it.

I hate to break it to you, but even if you have 13 perfect, secure, bug free EVMs; if you combine two or more in a single program, the result is not guaranteed to be perfect or secure, and definitely not bug free.  Sorry.

---

The big picture here is that a blockchain is an elaborate and elegant solution to the big problem of interoperability and composability.  Cloning the EVM or using an alternative blockchain essentially runs off the end of the solution, reopening all the difficult challenges of interoperability, etc. 

So, no, this is not really “the next thing”. It’s a reversion to the earlier thing.

Still, the distributed VM is an interesting and elegant technology.  And it certainly is wise to reuse and extend the tried and tested EVM, rather than reinvent it.  But I’m sorry to tell you, this isn’t going to solve the thorny problems of interoperability and composability. If anything, it creates whole new classes of problems.

---

1. Federico Kunze Külllmer (2022) Where Is the Ethereum Virtual Machine Headed in 2023? (Hint: Beyond Ethereum). Coindesk,  https://www.coindesk.com/consensus-magazine/2022/12/12/ethereum-virtual-machine-evm-future/

Cryptocurrency Thursday

Even When It Works Perfectly, DeFi Is Broken

This week we learned of yet another disastrous crypto heist, in which the “Mango” exchange was wiped out with losses valued over $100M.

It’s actually cooler than most because, as Shaurya Malwa put it, “Mango wasn’t hacked, it worked exactly as intended” [1].

Mango is an Ethereum based exchange that basically does electronic trading using “smart contracts”.  As in any “DeFi” (“Decentralized Finance”), no humans are involved.  “The code is the law”, as they say.

What happened was that a trader equipped with sufficient funds, something over $10M, executed a combination of trades that bought up a large position in Mango tokens, and then drove up the thinly traded tokens.  In about a half hour the manipulations increased the value of their holding tenfold.  Then they cashed out, tapping all the assets of the exchange.  The shark actually still has millions worth on the exchange, but Mango is bust and closed down, so they can’t get anything for them.

Now that’s what I call a heist. 

This game was not only technically legal, it was completely within the rules of the system.

(This was an “exploit” in multiple senses of the word!)

It worked because (a) Mango was small enough that a single shark could amass enough to fiddle it and (b) no humans were involved, so noone could do anything or even knew what was happening.

“All in all, the rogue trader used over 10 million USDC to take out over $116 million from Mango, paying minimal fees for conducting the attack and doing everything within the parameters of how the platform was designed. Mango wasn’t hacked, it worked exactly as intended, and a savvy trader, albeit with nefarious intentions, managed to wring token liquidity out.”

(From [1])

As Malwa notes, this kind of manipulation “won’t work on two centralized exchanges” (i.e., with humans involved), because the prices everywhere would stay much closer to the same, eliminating most of the profit.

It isn’t clear whether the Mango bandit will get much out of this exploit, because the booty is still tied up on the blockchain, and will probably be blocked from moving out. 

Because, of course, the “decentralized” Mango runs on a not particularly decentralized platform.  (Apparently, the platform was already in the news for a not-at-all-Nakamotoan bail out of an outsized debt that threatens the stability of the whole platform.)

Sigh.

For the life of me, I can’t understand why any sane person would put money into this stuff.  DeFi is pretty much 100% rip off these days, and it’s not even illegal to rip you off. For unknown, anonymous accounts on the Internet to rip you off.

Double sigh.

---

1. Shaurya Malwa (2022) How Market Manipulation Led to a $100M Exploit on Solana DeFi Exchange Mango. Coindesk,  https://www.coindesk.com/markets/2022/10/12/how-market-manipulation-led-to-a-100m-exploit-on-solana-defi-exchange-mango/

Cryptocurrency Thursday

Distributing Data Via Blockchain – Is It Worth It?

Sometimes I have trouble believing the preposterous silliness of so many residents of Nakamoto’s Happy Kingdom. 

Some people seem to believe, “If it’s on a blockchain—any blockchain—it must be wonderful.”

This is certainly a frequent theme in sales pitches.

And this blockchain fetish serves to screen out all reasonable thought on the topic.

For instance, I saw a note about a company that plans to offer “Crypto Price Data” “on Chain”, i.e., on one or more blockchains [1]. 

I’m sorry, call me stupid, but I don’t even understand what this is offering.

As I can tell, this is announcing a mechanism that will post prices via one or more blockchains, not sure which ones.  Actually, they are using an existing system that delivers data on blockchains.  So, the actual announcement is that they will deliver their own data via something that already exists.

So, what’s the data?

That’s a good question.  It is described as “price data”, which must mean a snapshot of recent trading in various crypto and financial assets. 

Which assets?  Not stated.

What snapshots?  Not stated.

From who?  Via the company, but no info about how the data is amassed.

I don’t do financial apps, but even I know that the source of your price data kind of matters.  A lot.

Another thing that matters a lot is timing.  Getting yesterday’s price data today is pretty useless.  In fact, every second of lag decreases the value of “current” price data. 

Given typical lag times for blockchains, it would seem worth wondering just how “current” these prices might be.  Even more so since the intended use of these “on chain” data is for algorithmic trading using blockchain based contracts, which have their own significant issues with lag.

My point is that telling me that this data is distributed “on chain” doesn’t really tell me whether the data is valuable or not.  (And, I assume customers will pay for the data, one way or another.)

The other goofy thing is that if I want to build a business with this data, I really need to trust it, right?

Nakamotoans seem to believe that if it is “on chain” it is good data. (Remember: the first law of computation is GIGO. Look it up.)

But, of course, the real question is how the data is collected and what data is being provided.   Where is the data coming from?  Is this public data or private?  Is this just repackaging other sources I can already get?  How complete is it?  How accurate is it? Etc.

On the timing front, the real question is what is the lag?  Is the data timely enough to be useful?  Is the lag consistent?  How reliable is the stream? 

There are also complicated questions that may be important.  Like, who else gets this data?  Who gets it first?   If insiders and special customers get the data first, you may be front runned (or whatever the word is).

All these questions basically boil down to the need to trust the provider and the network.  Nakamotoans tend to trust anything “on chain” implicitly.  But this is a case where the blockchain offers little comfort.  The value of the data mostly depends on where it comes from, not how it gets to you.

What does blockchain technology bring to the party, if anything? 

Well, you could surely do this stuff with many different network technologies.  We’ve been doing this stuff for decades, we know how to do it.  And, the ultimate customer facing products would look pretty much the same with or without blockchain.

I’d say that blockchain may be cheaper and easier for the customer (i.e., app developer), depending on their experience and technical resources.  I expect that the bar to entry is pretty low.  There may also be other advantages to blockchain in some cases, such as the ability to cross borders.

These potential plusses need to be balanced against the actual value of the data.  It might be easy to build an app that looks like a financial service, but actually is useless because the data is junk or just arrives too late to matter.

And blockchain qua blockchain doesn’t tell you whether this data service is worthwhile or not.

---

1. Michael Bellusci (2022) Galaxy Digital Offers Crypto Price Data on Chain Via Chainlink. Coindesk,  https://www.coindesk.com/business/2022/09/27/galaxy-digital-partners-with-chainlink-to-offer-crypto-price-data-on-chain/

Cryptocurrency Thursday

NFTs Suck For DRM

Speaking of liability….Andres Guadamuz wants get real about Non-Fungible Tokens.

In the happy land of Emperor Nakamoto, 2021 was a big year for the NFTs, and celebrities and corporations are rolling out NFTs like there is no tomorrow. 

The technology uses cryptographic signatures to assure that only the holder of the key can access the certificate.  This prevents duplication or forgery, and, by transferring the key, enables trading.  Coupled with cryptocurrency on a blockchain, this makes for fast moving digital market places.

NFTs are basically digital trading cards, and you can use them to do anything you can do with a trading card.  (As the old joke goes, NFTs “ run the whole gamut from A to B.”)

But NFTs are being used for all sorts of things besides certificates of authenticity.  In particular, they are being used for digital rights management, i.e., to convey copyright or other intellectual property, e.g., rights to digital artworks or recorded music.

Enthusiasts tout this as cutting out the middleman, and a boon to artists, who can sell direct to customers.

Unfortunately for starving artists, as Guadamuz discusses, NFTs may be useful for some purposes , but they “are a uniquely bad tool for [DRM].”([1], p. 22)

To state the most obvious point, the NFT is not the thing itself, so buying and possessing the NFT has little to do with controlling the object.  I mean, duh!  The “certificate of authenticity” is not the super-desirable collectible sneaker itself. It’s just metadata.

The “uniquely bad” part stems from the fact that an NFT is a “bearer” instrument, which means that if you lose it, you lose the rights it represents.  If an NFT is stolen, then the IP it represents goes to whoever possesses the stolen key. This sucks.

As Guadamuz points out, conventional copyrights and other IP are conveyed by contracts, which remain valid even if the original artifact is lost or stolen because they are recognized by a legal system.  NFTs are created and conveyed through blockchain-based “smart contracts”, which generally do not have legal force unless other steps are taken as well.

“[T]here are thousands of people who may very well believe they own some art, video, or sports highlight, when in reality they just own a link to those digital items.”

([1], p. 22)

Worse, NFTs are generally traded via digital platforms which impose their own Terms and Conditions, potentially creating a chain of conditions that is opaque and beyond the control of the original creator.  In this case, a series of uncoordinated two party contracts creates an incoherent and complicated situation, open to conflict and probably unworkable.  At the very least, this is a good way for an artist’s intent to be lost.

In short, “NFTs are not good at managing rights to digital assets”  and they worse at managing rights to analog assets.

At least part of the issue is a fundamental incompatibility between the concept of universal IP rights and the concept of decentralized contracts.  Enforcing global rights requires more than simple bearer certificates, it requires a legal apparatus accepted by all parties.  Which is basically a trusted third party.

---

1. Andres Guadamuz, These are not the apes you are looking for. Communications of the ACM, 65 (9):20–22,  2022. https://doi.org/10.1145/3548761

Cryptocurrency Thursday

Whatever Happened to CryptoKitties?

Do your remember CryptoKitties?  Back in 2017, they were the future of everything, the first killer app for Ethereum, “smart contracts”, and proto-NFTs. 

As in “the app that threatens to kill Ethereum”.

I haven’t heard of CryptoKitties for quite a while.  Neither have you. They are gone [3].  What happened ?

Now, I always did like CryptoKitties.  As a long time aficionado of Artificial Life [2], I liked the artificial breeding game dynamic.  But I have little interest in collecting such things, and certainly won’t pay money for them.

At one point, CryptoKitties were the hottest thing, filling up the Ethereum blockchain, taking up a significant fraction of the transactions, and driving up the cost of “gas” for everybody.  And within weeks, the concept was cloned, so the network was flooded with numerous copycats and variations.

And then they were cold, and other stuff was hot.  If you bought CryptoKitties in hopes that they would increase in value, you lost that bet.  And for many people, that was the only point, so they lost interest real fast.

This summer, Matthew S. Smith discussed some of the lessons learned from this “cautionary tale” [3].

For starters, the cool game dynamic that allowed “breeding” was economic suicide for what were essentially collectables.  Allowing unrestricted expansion of the supply of CryptoKitties swamped the market.  I mean, duh!

And, of course, the idea was hardly difficult to replicate.  In fact, much of the code was open for anyone to borrow.  So a flood of copy cats further flooded the market. 

I don’t know how much demand there might be for digital collectibles, but I do know that it cannot be infinite.  As some point, there will be more CryptoKitties and clones than people will be able or desire to buy.

At the same time, the huge bursts in transactions flooded the network, slowing response for everyone and increasing “gas” fees.  This came close to putting Ethererum out of business, as it became difficult to do anything at all.

The high fees also put a brake on the economics of the game.  I mean, duh!  If selling cost more in fees than the nominal value of the token, that’s a problem!  And, by the way, if you have used Ethereum, you know that it often costs you fees to bid, even if you don’t win.  It’s brutal. This is not really a good way to use Ethereum.

As Smith points out, like many blockchain games before and since, CryptoKitties was too simple and not very fun.  The main point was speculation, and the dubious economics and savage competition precluded the hoped for a big payout.  Indeed, high fees mean that CryptoKitties are effectively worth less than zero.

CryptoKitties did teach people that using the main Ethereum blockchain for a game is not scalable or desirable.  This has led to the development of “side chain” technology, and the associated highly problematic “bridge” technology. 

And, of course, CryptoKitties was the precursor of what we now know as Non Fungible Tokens, NFTs, which are a booming and very problematic industry.

Sadly, the thing I liked best, the Artificial Life game dynamic, hasn’t really worked out.  I guess it was too faithful to biology, creating a classic Malthusian scenario.  Big boom, consuming all resources in reach, and then a big crash.

Of course, everyone who saw the Trouble with Tribbles already knows this story.

So, yeah, CryptoKitties were sort of Non Fungible Tribbles. Waht could possibly go wrong?

---

1. Xin-Jian Jiang and Xiao Fan Liu, CryptoKitties Transaction Network Analysis: The Rise and Fall of the First Blockchain Game Mania. Frontiers in Physics, 9   2021. https://www.frontiersin.org/articles/10.3389/fphy.2021.631665
2. Steven Levy, Artificial Life, New York, Vintage Books, 1992.
3. Matthew S. Smith, The Spectacular Collapse of CryptoKitties, the First Big Blockchain Game, in IEEE Spectrum – Computing, August 10, 2022. https://spectrum.ieee.org/cryptokitties

Cryptocurrency Thursday

More “Innovation” in Nakamotoland

Nakamoto’s Happy Kingdom is supposed to the the home of “disruption” and “innovation“.

I’ve commented before on the completely predictable security problems of crypto “bridges”, which have been subjected to massive thefts in the past year. 

This month saw yet another heist from yet another “bridge” [1].  This appears to be due to a goof, when–wait for it–“a recent update to one of Nomad’s smart contracts made it easy for users to spoof transactions” [1].  Like that’s never happened before. Sigh.

This week we learn that this oopsie was at least partially a “crowdheist”.  After the thieves lobbed a brick through the window, a bunch of bystanders rushed in and pilfered what was left [2].  This was a “brilliant” and “innovative” attack, accomplished by a simple process: “copy the attacker’s code, add their addresses and broadcast the changed code”.

---

Several thoughts occur to me.

First: why do people put money into these shoddy systems? Just how many times does this have to happen before people stop throwing money away?

Anyway.

Second, it is clear that these huge hacks are hardly feats of technical wizardry.  So-called “smart contracts” are, by definition, programs that are published for all to read.  Moderately clever people can find bugs and exploit them.  And, as this case shows, it doesn’t take a lot of technical savvy to hear that a heist is in progress and simple copy the nefarious code with your own address.

Very “innovative”.

(Actually, there is one “innovation” here: “smart contracts” are (a) unfixable by design and (b) executed without checking anything. “The code is the law” means that bugs are, by definition, features.

To a software engineer, this design is pure madness.

Anyway. )

Third, this incident suggests that the ethos of the crypto “community” may be fraying.  For many years, crypto users have been remarkably cooperative and supportive of each other.  The idea is, “we don’t trust banks or governments; we trust the code and the spirit of common good.”  So users work together to deal with bugs and thefts, and to prevent attacks and exploitation.

Unfortunately, the code was never really trustworthy, and now we see that some users will happily loot if the opportunity arises.

Tsk.

If you can’t trust “a bunch of guys on the Internet”, who can you trust? : – )

---

1. Sam Kessler and Brandy Betz (2022) Crypto Bridge Nomad Drained of Nearly $200M in Exploit.  https://www.coindesk.com/tech/2022/08/02/nomad-bridge-drained-of-nearly-200-million-in-exploit/
2. Shaurya Malwa (2022) Copycats’ Stole $88M During Nomad Exploit by Copying Attacker’s Code: Coinbase. Coindesk,  https://www.coindesk.com/tech/2022/08/11/copycats-stole-88m-during-nomad-exploit-by-copying-attackers-code-coinbase/

Cryptocurrency Thursday

Morris on the “Crypto Unwind” of 22

This is not a happy year in Nakamoto’s Happy Kingdom.  Bitcoin and everything else has crashed, defying theoretical expectations and in spite of relentless happy talk. 

Worse, crypto hasn’t so much “reinvented money” as it has replayed the not-very-brilliant history of money.  In fact, crypto has been gormlessly recreating all the worst features of private money and unregulated markets.

This month, David Z Morris gets a special prize for one of the best headlines, “Satoshi Wept”  [1].

This is not the way it was supposed to me.  In fact, as Morris puts it, crypto (re)created “the same kind of financial crisis it was designed to prevent.” 

Morris’s article is a great summary of the “Great Unwind” of 2022.  It’s a tale of stupidity and fraud, and, of course borrowing.  Lots and lots of debt.  Sigh. 

The supposed “innovative” technology invented nothing particular new here, except new ways of doing the same old stupid and fraudulent stuff.

Morris makes the good point that the big losses and frauds were actually not “DeFi” in the original sense.  They were pretty standard “centralized” investment schemes, dressed up in Nakamotoan costumes. 

“[D]epositors in Celsius actually sent their bitcoin to a guy on the internet, and that’s why they don’t have it now.”

(From [1])

The classic “DeFi” schemes which really have no humans in control were relatively unscathed by the disaster.  This is because the algorithms have no way to make unsecured loans, which has the salutary effect of preventing Ponzi schemes.  And being run as “smart contracts”, these policies are relatively transparent.  It’s hard for a bit of code on a blockchain to secretly do anything.

Now, I have criticized these “no human in the loop” DeFi systems in the past. (ndeed, “DeFi” won (?) the Crypto Tulip of the Year Award for 2020.  I stand by my continuing skepticism, not least because computer code is scarcely foolproof.

But, Morris does point out that the original, classic form of DeFi lending is extremely conservative, requiring substantial collateral for automatic loans.  

“[On truly decentralized platforms] loans are overcollateralized – that is, you have to post something like $2,000 worth of ETH to borrow $1,000 worth of something else, and you’ll get automatically liquidated if your collateral drops below or near your borrowing.”

(From [1])

Good point.

Of course, “smart contracts” can be designed many ways, so the technology isn’t a guarantee of sound policies.  And there will be bugs and loopholes, which can be exploited at the speed of the Internet.

So watch out.

But the most important point, and the reason why Satoshi is weeping, is that all this stuff has given a huge black eye to “cryptocurrency” in the minds of the public.  Where enthusiasts see innovation and financial liberation, most people now see fraud, stupidity, and Latin American dictators.

This is not what Nakamoto intended.

It’s a very bad year, indeed, for Emperor Nakamoto’s Kingdom.

---

1. David Z Morris (2022) Satoshi Wept: How Crypto Replayed the 2008 Financial Crisis. Coindesk,  https://www.coindesk.com/layer2/2022/07/12/satoshi-wept-how-crypto-replayed-the-2008-financial-crisis/

Cryptocurrency Thursday

New Record Crypto Hack

This spring saw a new record for cryptocurrency heists, a single pair of faked withdrawals valued at over $625M [3] .  (Characterized as a “GDP-sized figure”, though most GDPs are several orders of magnitude larger.)  As usual, the heist was over in seconds.

Let me be clear here:  I don’t really understand the technical details of the hacked system, so apologies in advance for inadvertent misstatements.

One of the interesting things for me is that this was yet another hack of a “bridge”, involving “wrapped Ethereum”.  I.e., the core cryptocurrency protocols were not breached, nor, apparently, were the centralized exchange services.  It was another layer of service implementing some kind of derivative product on top of the other services. 

The fact that it takes several sentences to explain what was hacked is a sign of what probably happened.  The system is too complicated, and too decentralized, to easily secure.

The hack itself sounds only semi clever.  Some kind of bug in an RPC service and stole private keys.  With the keys, they were able to just empty out some big accounts.  And it’s just that simple.

First:  RPC?  They are using RPCs??  Yikes!  Sensible people stopped using them twenty years ago because they are insecure, or at least hard to make secure. (They are also unnecessary.)

Anyway.

The other interesting thing is that however “clever” the heist was, the perp seems to have not the remotest clue how to get the loot out [4].  Or more specifically, they just put it in an Ethereum address, and tried to move it through some regular exchanges, including actual honest ones.  This isn’t going to work, because everyone can see what’s going on, and the transactions will be blocked.

And actually, it’s not all that easy to launder hundreds of millions of crypto.  You need to disappear it into the dark net, move it around, and get it out in unidentifiable chunks.  So, tip to you young hackers out there:  study up on money laundering before doing your big score.

(Luckily, helpful commentators on the Internet explained how to do it, and there are signs that the perp read the tutorial messages.)

One other interesting point.  These assets was stolen from the platform for a game, run by the game company.  The company has assured users that they will be made good [2].  This is obviously good business.  But it is heresy for fundamentalist Nakamotoans.  “The code is the law”.  The hackers got possession of the coins, so that’s that. 

Oh, and here’s a kicker.  How are victims to be reimbursed?  There is no government backstop, and no regulatory requirements for reserves.  So, the solution to a hacked crypto system is…to sell more shares to VCs [1]!  (Does anyone else see a perverse moral hazard here?)

But this is becoming the way of the world.  Centralized, “trust me”, services are building billion dollar businesses on top of the decentralized, “trustless” Nakamotoan protocols.  (Apparently using RPCs!)

Which makes ideological chatter about supposed “disruptive, decentralized, trustless” systems even harder to parse.  The systems the users actually use are indistinguishable from conventional services, so what exactly is the great innovation here?   Aside from the lack of regulation and vulnerability to flash heists, I mean.

---

1. Eliza Gkritsi (2022) Sky Mavis Raises $150M Round Led by Binance to Reimburse Ronin Attack Victims. Coindesk,  https://www.coindesk.com/business/2022/04/06/sky-mavis-raises-150m-round-led-by-binance-to-reimburse-ronin-attack-victims/
2. Kevin Reynolds and Camomile Shumba (2022) Binance Partially Resumes Deposits, Withdrawals on Ronin Network as Hack Recovery Continues. Coindesk,  https://www.coindesk.com/business/2022/04/02/binance-partially-resumes-deposits-withdrawals-on-ronin-network-as-hack-recovery-continues/
3. Andrew Thurman (2022) Axie Infinity’s Ronin Network Suffers $625M Exploit. Coindesk,  https://www.coindesk.com/tech/2022/03/29/axie-infinitys-ronin-network-suffers-625m-exploit/
4. Andrew Thurman (2022) So You’ve Stolen $600M. Now What? Coindesk,  https://www.coindesk.com/tech/2022/03/30/so-youve-stolen-600m-now-what/

Cryptocurrency Thursday

What is a cross-blockchain bridge?

And why would you want one?

Basically, cross-blockchain bridges are intended to make it easy to transfer tokens from one blockchain to another, e.g., to use Bitcoin to purchase something using Ethereum.  

Having had the fun of converting from one token to another last year, I understand that simply selling one and buying the other is painful.  So, yeah, I could see the value of an easy way to do it.

“Cross-blockchain bridges often work by taking an asset, such as ETH, and locking it in a contract to issue a parallel asset on the bridged chain.” 

(from [2])

This is a simple enough idea, though in Nakamotoland anything can be made complicated.  As far as I can tell, the basic implementation would use executable contracts to keep an account that can be denominated in several currencies, with options to execute trades in whichever you want.

(Another way to think of it is basically wrapping the “real” cryptocurrency in your own derived currency, with a promise to pay out whichever “real” cryptocurrency you want.  Sort of like selling BobNotes that I promise you can redeem for either Dollars or Euros.)

So, what could possibly go wrong?

This winter we read about troubles at Wormhole, which is (or at least was) a major cross-blockchain bridge service [2].  While Bitcoin, Ethereum, and Wormhole’s Solana) blockchains remain secure, apparently the Wormhole service was hacked to the tune of hundreds of millions.  Oops!

Worse, this heist essentially cleaned out the vault of the crypto that was backing all the contracts out there.  Which means that users could lose everything, because their wrappers have nothing in them.

As far as I can tell, the security breach was either an impersonation (i.e., a bog standard hack of a user) or a bug in a contract (i.e., a bog standard programming error), or both.  Which illustrates the fundamental challenge for these too clever by half bridges:  they are at least as vulnerable as any other network service.

This is a good illustration of the computer security principle that the system is only as secure as its weakest link.  It doesn’t matter how bulletproof Bitcoin or Ethereum may be, a weakness in the bridge can bring down the whole thing, including all your Bitcoin and Ethereum. And in Nakamotoland, it only takes seconds to clean out the bank.

This particular incident also surfaced the Nakamotoan bete noir, “trust”.  In response to the lost crypto, the company was moving to infuse cash to make sure that all the contracts were properly backed.  This is normal behavior for a financial service, at least one that wants to be trusted. 

But this perfectly reasonable behaior is heretical for some hardline Nakamotoans, who dislike the concept that when you do business with Wormhole you are trusting them to keep their promises.  (Hard line Nakamotoans were also unhappy at the supposed “moral hazard” akin to “fiat bailouts” [1], though I don’t completely grok what the hazard is in this case.)

Clearly, simple minded cross chain bridges are probably not going to work.  I’m pretty sure that there are other ways to skin this particular cat, though they will be more complicated and take a lot more time and effort to deploy.

I should probably start a “new word of the month” collection.  “Governance Attack” and now “Cross-chain bridge”.

---

1. David Z Morris (2022) A Bridge Too Far: Does the Wormhole Hack Mean the Multi-Blockchain Dream Is Dead? Coundesk,  https://www.coindesk.com/layer2/2022/02/04/a-bridge-too-far-does-the-wormhole-hack-mean-the-multi-blockchain-dream-is-dead/
2. Andrew Thurman (2022) Blockchain Bridge Wormhole Suffers Possible Exploit Worth Over $326M. Coindesk,  https://www.coindesk.com/tech/2022/02/02/blockchain-bridge-wormhole-suffers-possible-exploit-worth-over-250m/

Cryptocurrency Thursday