Category Archives: “Smart contracts”

Litcoin – Local P2P Power Market

One of the perennial use cases for blockchain is P2P electricity markets—direct purchase of power from the producer.  This is often intended to support local community generation, usually from roof top or other small PV arrays. Blockchain transactions fit nicely into a market that manages automated meters and routing.

Community solar generation and purchase itself is a very tempting idea for many reasons. It is a way to build up local clean energy resources and jobs and offer consumers a cost-effective option to purchase green energy.  It also helps people who can’t generate their own power (e.g., because they rent an apartment) invest in local sources. And some people may be able to and want to generate far more power than they consume, which they can sell this to neighbors.

This scheme can work at the scale of root tops up to fairly large fields of generators.  In fact, there aren’t really any technical barriers.  The key problems to solve are financial and legal.

Delivering power from one house to another requires infrastructure, and building new infrastructure would be expensive and insane.  There already is infrastructure, but it highly regulated and not open to just anyone.  The default business model is to sell and buy power via the utility, who charges a lot for access.

The use case for blockchain here is to bypass the utility financially, allowing anyone to purchase electricity from anyone (i.e., “peer-to-peer”).  As is always the case, it is perfectly possible to build a P2P system with conventional technology.  But this kind of simple asset purchase is just the kind of thing that blockchains can do pretty well, at least conceptually.

So this is a compelling case for blockchain and surely a real world need.  Why is it taking so long for blockchain (or any) P2P power markets to come true?

Alyssa Hertig reports on the experience of an emerging system in Germany, called Litcoin [1]. Litcoin is built on Ethereum and uses “Smart Contracts” to implement an exchange for direct consumer purchases of power.  They have 700 users across Germany.

“Once a user finds the energy they want to buy, they make a payment in euros to Lition. Behind the scenes, an ethereum smart contract detects this payment and automatically sends the customer their energy.”

Does this concept need a blockchain?  Not really.  We have similar markets where I live.  But it probably is pretty cheap to implement this with Ethereum, and the cryptographic signatures and protocols make the system pretty secure (assuming that the customer and producer facing code is secure, which it probably isn’t).

Litcoin makes some interesting claims. It makes a carefully qualified claim to be the first “P2P energy trading solution that is fully licensed and commercially live in a mass market (Germany)”.  This has to be qualified because there are many other similar projects in other places in various stages of development (this, this, this…).  Litcoin does seem to be in the biggest market I’ve seen, although 700 users in Germany is scarcely a success story.

They make other intriguing claims, including, “Private data is stored on private sidechains. Quantum-computer safe.”  I’m not totally sure what that means exactly. I assume that their side chain uses what they hope is quantum-safe cryptography. (The main Ethereum blockchain of course, is definitely not quantum safe.)

While a P2P power exchange is very Nakamotoan in spirit, LItcoin has a number of non-Nakamotoan features.  The aforementioned “side-chains” are a bag on the side of the main blockchain, effectively a pretty conventional distributed data store with a blockchain layer.  For that matter, the exchange is operated by a “centralized” organization.  Note that they also take and make payment in Euros, one of the fiat-iest of fiat currencies.

The reason for the centralized organization illustrates the heart of the problem.  Litcoin has got as far as it has by working within the legal structures of the German power grid.  When they say they are “licensed”, that means that they are an officially recognized legal entity, entitled to buy and sell power across the grid.  This policy structure is the key to Litcoins very existence, and has nothing to do with blockchain, and everything to do with politics in Germany.

Hertig reports that the Ethererum blockchain is actually unsatisfactory for this use.  I suspect that it was easy to boot up a working system, but they have found that it is slow. They also do not need a public blockchain, which is 99+% not their business, i.e., the blocks have everyone in the world’s transactions, so it is mostly spam from the point of view of the electricity market.  And being oriented to clean energy, the LItcoin people are reported to be uncomfortable with the ghastly wastefulness of Nakamotoan “mining”—and rightly so.

Consequently, the company is allied with SAP (the epitome of a “centralized” organization, if there ever was one!) to create a “private” blockchain.  In this, they join many serious businesses seeking the benefits of low overhead transactions without the waste and latency of a public blockchain.

It is highly probably that the resulting system will not use Ethereum or any generic blockchain.  For one thing, a public blockchain is way, way overkill for the needs of the system.  The Ethereum version would let me purchase power from German producers or sell to them, even though there is no way for me to actually transfer the electricity to and from the German power grid (and it would probably not be legal to do so).  So why pay the overhead of a global system, when it can only be used locally?

It seems very likely that this won’t be implemented with Ethereum, though the ultimate system might have many features similar to Ethereum.  For example, they might implement a private blockchain with executable contracts similar to (but more efficient than) Ethereum.  (But then again, conventional databases have had executable scripts forever.)

Will Litcoin succeed?  They might, though its not clear that blockchain will ultimately be critical to success. Success will depend on the availability of producers and the acceptance of consumers. Those will depend on many factors such as the costs of electricity from other sources, public policies, and how the design of the user experience.  (Most people are not interested in spending more than a minute of two on their electricity bills—so using Litcoin has to be really, really simple.)

Not A CryptoTulip!

I’ll note that Litcoin is not really a strong candidate for the CryptoTulip of the Year.  This is a real use case, and they are serious about solving it. Above all, they are interested in solving the problem, and willing to abandon blockchain technology where it isn’t helping the solution.

They aren’t irrationally exuberant, they are rationally critical.  So Litcoin gets praise, but can not win the CryptoTulip Award.

  1. Alyssa Hertig, Ethereum Energy Project Now Powers 700 Households in 10 Cities, in Coindesk. 2018.


Blockchain Thursday

Yet Another Innovation: “Reversible” ICOs

One of this year’s leading contenders for the CryptoTulip of the Year is “ICO” technology.  This post-Nakamotoan technology continues to develop, even in the face of disaster after disaster, not to mention global failure of unprecedented magnitude.

Of course, and “Initial Coin Offering” was originally modelled after an “Initial Public Offering” of stock—except without the pesky regulations.  At base, it amounts to “send me money, and I’ll send you a token”.  Ideally, the token will be worth something in the future, though it is not always clear just what the token could be used for.  And roughly 50% of the time, the tokens are never worth anything.

Surprisingly enough, this opaque and immutable blockchain technology has led to serious problems for the punters. In the very possible event that the ICO takes the money and runs, there is no way to complain, let alone get your money back. (The code is the law.)  And even honest ICOs have had disastrous bugs that cause massive losses of funds, with no way to  fix things.

One of the biggest problems with ICOs has been their fundamental design. A key pillar of Nakamotoan trustless trust is that the blockchain is immutable.  Noone can change history and steal your stuff. “Smart contracts” extend this principle to immutable executable code, which is both unchangeable (and therefore, unfixable) and makes immutable actions (and therefore, accidents cannot be repaired).

In several splashy cases, these codes had bugs in them that resulted in disastrous losses.  (Indeed, Ethereum was awarded CryptoTulip of the Year for 2017, largely on the basis of these impressive failures.) These bugs and the illegitimate results could not be fixed, at least not without rewriting history in a radially anti-Nakamotoan way.  (Again, see the 2017 CyptoTulip Award.)

Responding to these entirely forseeable challenges, the “godfather” of ICOs is now proposing a new variant:  Reversible ICOs [1]. (He apparently does not see the irony in the acronym RICO, more familiar in the wider world as the US Racketeer Influenced and Corrupt Organizations Act, used to bring down mobsters.)

Fabian Vogelsteller, early developer and said “godfather” of ICOs, has proposed a new executable contract that lets investors return their tokens for a refund at any time.  This is not exactly a breathtaking innovation in the real world, but it is revolutionary for cryptocurrencies.

Actually, it is not so much revolutionary as reactionary.  One of the key goals of Bitcoin was to eliminate the cost and inconvenience (to vendors) of cancelled payments. For that matter, these refunds are essentially rewriting history, which kind of defeats the purpose of using a blockchain in the first place.

As far as I can tell, these “reversibles” make the IPO more of a credit instrument.  The “purchaser” is making an unsecured, no interest loan that might be convertible to something else in the future.  No points awarded for inventing “debt“.

Furthermore, in order to make this work, the ICO issuer will have to maintain reserves of fiat cash or other assets, to be able to redeem cash outs.  This is a good thing, if not at all Nakamotoan.

ICOs will also be subject to “bank runs”, if everybody decides to exit at once.  Say, in the event that  a catastrophic bug in the software destroys confidence in the enterprise.  In the real world, enterprises generally maintain adequate reserves only when forced to by regulation.  So it isn’t clear how prudent unregulated RICOs will actually be.

So these RICOs are essentially recreating many of the features of  conventional, “centralized”, finance, atop the inefficient, unregulated, and bug ridden “decentralized” blockchain infrastructure.

Clearly, with the RICO proposal, ICO technology has reached a new level of irrationality.  It is certainly a leading candidate for the CryptoTulip of the Year in 2018.

  1. Rachel Rose O’Leary (2018) The Godfather of Ethereum ICOs Wants to Let Investors Take Their Money Back. Coindesk,


Cryptocurrency Thursday CryptoTulip Candidate

This fall we see a new candidate for CryptoTulip of the Year:  EOS.IO from the annoyingly named

This is an interesting system, though rather hard to evaluate.  Sounds Tulip-y to me.

It’s big idea is to do dapps better than Ethereum.  That means higher performance and lower cost.  We’ll see.

The key “innovation” is “delegated” consensus that makes the ‘decentralized’ system is much more efficient by centralizing the consensus step [1].

blocks are produced in rounds of 126 (6 blocks each, times 21 producers). At the start of each round 21 unique block producers are chosen by preference of votes cast by token holders. The selected producers are scheduled in an order agreed upon by 15 or more producers.

This should be faster than Ethereum, assuming that it actually works as intended. I’m not sure how secure and fair this system is (voting is scarcely guaranteed to be either).

Another innovation is a charging scheme for the virtual machine that runs the dapps.  The dapp has to buy three resources, storage/bandwidth, cpu, and ram.  This mechanism manages the use of the computational resources of the nodes of the network, and maybe incentivizes participants to run node.  I think.  The whitepaper describes this as a “sender pays” model, contrasting to Ethereum which the user (receiver?) pays.

EOS features an explicit “constitution” that is supposed to apply to all nodes.  This is a human readable document that ‘splains the intent of the code and also “obligations among the users which cannot be entirely enforced by code”.  In an interesting bit of techno-theater, “Every transaction broadcast on the network must incorporate the hash of the constitution as part of the signature and thereby explicitly binds the signer to the contract.”  Right.

“All users are required to indicate acceptance of the new constitution as a condition of future transactions being processed.”

This is all pretty creative, and has attracted interest from developers who are dissatisfied with the performance of Ethereum and the cost of “gas”.  However, David Floyd  reports that all is not perfect in EOS land [2].

“That’s because, whereas ethereum dapps can be costly for the ones using them, EOS dapps can be costly for the teams deploying them.”

Worse, these resources are susceptible to price fluctuations and, it seems, price manipulation.  It may cost a lot to deploy a dapp, compared to Ethereum which accrues costs when run.  So the supposed cost savings are not automatic or simple.

So lets reckon the overall Tulipiness of this

The performance hit of “naïve Nakamotoan” consensus—security by massive redundancy—is replaced with a rotating sample of 21 of the nodes.  This may boil down to security by reputation, with the biggest players having the most influence on the sampling.  Or you might call it “continuously changing centralization”.  The single point of failure changes unpredictably with each decision round.

Execution of the dapps is “pay as you go”, but pay in advance.  Where Ethereum has a single resource (“gas”), EOS has three.   These differences certainly move around choke points on the execution of dapps, though the long term merits of the approach aren’t apparent.  You could also say that Ethereum’s single pain point (gas) is replaced with three different potential pain points.

EOS tackles some of the governance issues that have plagued Ethereum and others with an explicit “constitution”, plus rules that attempt to enforce it.  This would seem to be a “centralized” rule book with subjective interpretations of the code, and therefore a potential single point of failure.  (I.e., if the constitution is suborned, the whole system is compromised.)

I’ll note that none of this has been published in any kind of peer review study that I know of.  In particular, I see no evidence that the protocol has been analyzed by independent parties.  I’ll also note that the resource management scheme does not seem to have been simulated or studied.  (As a veteran of many resource control concepts inside operating systems, I assure you that intuition is not a good guide to how well they will actually work.)

For that matter, the boasts of performance and cost are noticeably undocumented.  How hard would it be to publish even some rough benchmarks of, say, throughput and latency?  If you are supposed to be better than Ethereum, shouldn’t there be at least case studies to prove it?

So, what we have here is a really complicated Tulip, which sets much stock in being “better” than Ethereum. is certainly different than Ethereum, but who knows if it is “better”, and in what cases?

Certainly, should be in the runnig for CryptoTulip of the Year for 2018.


  1., EOS.IO Technical White Paper v2. 2018.
  2. David Floyd (2018) RAM It All: Rising Costs Are Turning EOS Into a Crypto Coder’s Nightmare. Coindesk,


Cryptocurrency Thursday

Ethereum Facing A Gresham’s Law

Ethereum continues its strong play to retain the Crypto Tulip of The Year award.

This summer sees the rise of legal sports betting everywhere in the US (thanks, SCOTUS!), and cryptocurrencies are just the thing for this new gold rush.

Ethereum offers even more:  dapps using Ethereum contracts are just perfect for betting schemes, legal or otherwise.  And the difference between an honest game of chance and a scam is a very, very thin line.

Even Coindesk, generally enthusiastic about crypto technology, reports concerns.  While Brady Dale reports on “Non-Believable Tokens” (Cryptokitties was only the beginning), Christine Kim is even clearer:  “Ethereum has a gambling problem.”

Dale recounts “The 7 Strangest Crypto Collectibles”, which are clogging up the Ethereum network and blockchain.  As in the case of CryptoKitties, each of these ‘harmless’ pastimes is sucking CPU and bandwidth from the Ethereum network, potentially crowding out “real” work.  At the very least, the commons is being exploited for socially dubious purposes.

“CryptoKitties has been seen as a harbinger of things to come for blockchain believers, one that opens up new possibilities in the world of video games, real estate and precious metals, among other things.”

If it were all harmless trading cards, that would be bad enough.  These CryptoKitty knock offs seem quaint and charming compared to the flood of gambling dapps. Ethereum smart contracts are perfect for betting games, though they are so opaque that it is difficult to know exactly what the game may be.  Some of them are surely Ponzi schemes or worse.

“Ethereum has a gambling problem.

“Since July, products resembling Ponzi schemes, a fraudulent form of investment promising high returns for little cost, have topped the charts among decentralized applications (dapps) running on the world’s second-largest blockchain, outpacing even the popular CryptoKitties.”

These dubious activities are, as Kim says, “Unstoppable scams”. But the entire Nakamotoan enterprise is founded on the desire for unstoppable transactions, so this is a feature, not a bug, of Ethereum.

It is becoming clear that the Nakamotoan erm ”trustless” really means “you’re on your own”—which isn’t good for business.  True-blue Nakamotoans see “trustlessness” as an important feature.  But it’s clear that people want to trust dapps, even though they really shouldn’t.  When these scams inevitably blow up, people will feel cheated, and Ethereum and “legitimate” apps will be smeared with the bad reputation.

If you can’t tell scams from legit, how can you use the system at all?

To put it in terms that Nakamotoans might understand, there is a form of Gresham’s Law here. Bad dapps are driving out good.  And, hint, hint, “let the buyer beware” has never been a formula for fixing this problem.

Even the honest but silly collectables are enacting a tragedy of the commons.  These enterprises are built on the principle that the blockchain is “free” for everyone to use. Why spend money on infrastructure when the Ethereum network will do the work for you?  Sit back and collect the profits, let “the internet” pay the bills.

If that doesn’t sound sustainable, that’s because it isn’t sustainable.

I’ll add a history lesson.

In the early days of computing, most universities provided time shared computer services as a “commons” like the library. (Generally, this was on “the computer”, singular. :-))  Everyone had access for minimal cost, with minimal supervision.

But soon enough, games and other pass times became popular and started sucking down resources, crowding out “real” research and class work. And people created dating programs and other enterprises that used the commons for private profit.

In every case, the shared system had to be rationed, and certain uses banished to the middle of the night or banned altogether.  This is the inevitable trajectory of a shared computing system, or, indeed, almost any commons.

Nakamotoan “decentralized” systems are designed to be open commons, just like time shared centralized systems.  I would predict that they are subject to the same trajectory as any other common: they will be over used and flooded by exploitative users which crowd out other uses.

However, Nakamotoan systems have no authority and no technical capability to actually ration access*, so they will have to run to destruction.

There will be an end, there always must be an end. It will not be pretty.

* Technically, the system is supposed to be rationed via fees and the supposed incentive structures in the protocol. These mechanisms do not and cannot work.  If you don’t believe me, stay tuned.  You’ll see.

  1. Brady Dale (2018) Non-Believable Tokens: The 7 Strangest Crypto Collectibles. Coindesk,
  2. Christine Kim (2018) Unstoppable Scams? Ethereum’s Gambling Problem Is Only Getting Worse. Coindesk,


Cryptocurrency Thursday

Confusing ‘Blockchain’ Projects

“Blockchain technology” is becoming a term with a variety of meanings, some of which have little to do with blocks or chains.

This month Microsoft released a variation on the theme, “proof of authority”.  This concept is a consensus protocol that works on a “permissioned” network, i.e., all the parties have to be registered and therefore are “trusted” to some degree.  Because the parties are vetted, there is no need for the grievous waste of mining.

These features are definitely not Nakamotoan, but they allow the construction of robust decentralized applications similar to the idea of basic blockchains—at a fraction of the computing cost, in principle.

Things are further confused by the fact that this system is deployed on Microsoft’s Azure cloud [1]—the antithesis of the Nakamotoan open, peer-to-peer network.  For example, there is something they call an identity leasing system” (definitely a “centralized” concept), and the usual cloud services that assure high availability, so that, for instance, “[i]n the case of a VM or regional outage, new nodes can quickly spin up and resume the previous nodes’ identities.”   I’m not sure that that means, but it ain’t exactly the classic Nakamotoan open peer-to-peer internet.

Diagram from Microsoft documentation: a network of admins who run the network.  This is surely a non-Nakamotoan architecture.

On the other hand, this system is implemented on top of Ethereum, in the form of “smart contracts” (in fact, adapted from Parity).  So, in between the non-Nakamotoan cloud and the non-Nakamotoan consensus protocol, lies the very Nakamotoan Ethereum network and its school-of-Nakamoto executable contracts.

So, should this be considered a ‘blockchain’ system, or not?  I dunno.

As an engineer, I wonder what the advantage of using Ethereum is.  Obviously, in a permissioned network, it is possible to deploy whatever virtual machine you want. In fact, the system is implemented in VMs on Azure.  So what is the benefit of using Ethereum qua Ethereum?  I dunno.

Is it mainly for fault tolerance?  Microsoft documentation suggests that this might be true:

[I]n private/consortium networks the underlying Ether has no value. An alternative protocol, proof-of-authority, is more suitable for permissioned networks where all consensus participants are known and reputable. Without the need for mining, Proof-of-authority is more efficient while still retaining Byzantine fault tolerance.”

Along those lines, I also wonder what the performance of this wonky hybrid stack really is. The point of the ‘proof of authority’ protocol is efficiency, and using the cloud provides resiliency and robustness and maybe a kind of “trustlessness”.

So, is the overhead of Ethereums’ protocol worthwhile?  How do these layers interact anyway?  Is the “trustless” network relevant, given the “trusted” layer below and above it?

Interesting times.  Baffling. But interesting.

  1. codyborn and Pat Altimore, Ethereum proof-of-authority consortium, in Microsoft Azure – Blockchain Workbench. 2018.
  2. Wolfie Zhao (2018) Microsoft Rolls Out ‘Proof-of-Authority’ Ethereum Consensus on Azure. Coindesk,


Cryptocurrency Thursday

Blockchain Voting is not Democratic

On-chain voting fundamentally degrades to plutocracy” [1]

Well, duh!

That’s the whole idea of cryptocurrency, isn’t it?

This summer, a group of researchers at Cornell look at “on chain” voting and find many fundamental flaws [1].  Aside from the “one dollar, one vote” fundamentals, voting via “smart contracts” is vulnerable to, wait for it, vote buying.  *Gasp*  Who saw that coming?

Look, voting is all about trust.  Any voting beyond a group of people you know personally involves protocols for assuring trust in the votes. So why would a “trustless” blockchain be a good way to accomplish that?

It’s not exactly that simple, of course.  If you can establish adequate protocols to create trust where you need it, then a blockchain might be a useful tool for reliably broadcasting and archiving the results and other important data.  But a blockchain per se doesn’t make a voting scheme “fair” or “free” or anything else without good protocols on top.

And a blockchain is only a useful tool to the degree that it can be “trusted” to not screw up the intentions of the protocols.

The point of the article is that the very design of blockchains is inherently susceptible to several kinds of mischief and cheating.  Worse, the cheating would be invisible and, in that unique blockchain-way, irreversible.

Electronic voting has been studied for decades, and the research shows that it is extremely difficult to get right.  Academic research also shows that they require trusted third parties.  Blockchain voting schemes generally ignore this research, and, in any case, permissionless blockchains cannot implement coercion-free voting.

“The blockchain space today, with predictable results, continues its tradition of ignoring decades of study and instead opts to implement the most naive possible form of voting: directly counting coin-weighted votes in a plutocratic fashion, stored in plain text on-chain.”

(Predictably, the Coindesk report cites a number of such dismissive comments about this report itself [2].)

One of the obvious attacks is vote buying.  This is particularly easy if the voters are weakly authenticated as in many blockchain polls.  The speed and flexibility of blockchains also means that vote buying (perhaps in the form of splitting the payout from the result) are easy to do, and potentially hard to document.

“Vote buying marketplaces can be run efficiently and effectively using the same powerful tool for administering elections: smart contracts.”

It is also interesting to see that trusted hardware is an excellent tool for manipulating blockchain voting.  This is ironic, but actually makes sense.  The purpose of trusted hardware is to constrain and coerce the user to use only certain software and certain behaviors.  A system that say, enforces digital rights, can also enforce an illicit vote buying scheme.  The trusted hardware makes it easier to collude.

The paper describes the design of “hidden” DAOs which autonomously suborn voters, collecting and paying for votes.  This a “dark” DAO, in that the participants and operations can be hidden from everyone.  Thus, these attacks both manipulate the election and serve to deligitimize the process, due to the influence of unknown and undetectable attackers.

The paper discusses a fascinating attack, using blockchains to attack voting, including the consensus process itself (mining), in other blockchains.  This basically amounts to bigger fish-eating littler ones.  It’s actually a pretty important point:

“in a world with only one smart contract system, Ethereum, internal incentives may lead to stable equilibria. With two players, and the underdog incentivized to launch a bribery attack to destroy their competitors, such equilibria can be disrupted, changed, and destroyed.”

In general, the researchres find that blockchain voting degenerates to plutocracy—one dollar one vote.  Specifically, “all on-chain voting schemes where users can generate their own keys outside of a trusted environment inherently degrade to plutocracy”. This is scarcely surprising, since the creators and implementers of blockchains generally subscribe to this aspect of “libertarian” politics, and thus do not see any problem with excluding practically all of the world from decision making, nor with letting founders, scammers, and criminals have vast voting power.

The paper summarizes the core findings in six points:

  1. Permissionless e-voting *requires* trusted hardware.
  2. The space of voting and coordination mechanisms is massive and extremely poorly understood.
  3. The same class of vote buying attacks works for any identity system.
  4. On-chain voting fundamentally degrades to plutocracy.
  5. Hard fork-based governance provides users the only exit from such plutocracy.
  6. Multiple blockchains interacting can break the incentive compatibility of all chains.

And, as noted, they call attention to the important question of the (real) world of multiple blockchains.

“A critical and surprisingly underexplored open area of research is modelling the macroeconomics of competition between blockchains, gaining insight into how exactly such internal equilibria can fail.”

I’ll point out that at the very foundation, voting requires trust:  trust in the process and trust in the results.  Conventional voting systems expend great efforts authenticating voters, assuring fair access to the process (e.g., setting questions), and validating the results.  Proper voting authorities work hard to create trust in the process.  Critically, voting authorities take responsibility for the process.  Responsibility is really important for creating a trusted system, don’t you think?

Blockchains are “trustless”, which means that they not only don’t help with the central problem of voting, but are actually the wrong technology.  To hold trustworthy votes with blockchain, the process will generally replicate many features of non-blockchain systems (authentication of voters, certification of results), but the blockchain isn’t useful for these processes.  And, by the way, the trust in the whole system depends on the whole, end-to-end, process, of which blockchain is a tiny part.

These problems matter quite a bit because the governance of these blockchains is based on these forms of voting.  As we have seen, Nakamotoan consensus doesn’t necessarily work very well when big money is on the line.  This paper suggests that these failures may be partly due to the flawed, non-democratic nature of blockchain voting.  And the paper suggests that the very core consensus process is vulnerable to deliberate manipulation.  Yoiks.

These problems also matter because many people look to blockchains as a mechanism for creating a fairer, more democratic economy and society  (e.g., here, here, here, here, to mention only a few). Sometimes this sentiment is driven by a deep distrust of conventional authorities, often well earned.  But even so, replacing a corrupt political process with a technical system that is susceptible to corrupt manipulation is not actually a solution.

A blockchain is a trustless system.  Noone should trust trustless elections.

It’s just that simple.

  1. Philip Daian, Tyler Kell, Ian Miers, and Ari Juels, On-Chain Vote Buying and the Rise of Dark DAOs, in Hacking Distributed Blog. 2018.
  2. Rachel Rose O’Leary (2018) The ‘Dark DAO’ Threat: Vote Vulnerability Could Undermine Crypto Elections. Coindesk,


Cryptocurrency Thursday

Cryptotulip of the Year: The ICO?

This year may be remembered as the year of the ICO (Initial Coin Offer).  These unregistered securities are marginally legal, but like any method for getting people to send you free money, they are spectacularly popular.

This sociotechnical phenomena involves minting your own tokens, which are sold and traded via cryptocurrency technology.  These days they are often created via “smart contracts” on top of Ethereum or some other blockchain.

What do they do?  Basically, they are shares in some speculative enterprise (no matter how they are dressed up).  The seller gets your cash, and you get a claim on some future something.  Some are also like to coupons, which can be used for discounts on a future something. (Currently, dressing them as tokens is believed to immunize them from regulation as securities–we shall see what regulators ultimately decide.)

Theoretically, the tokens you buy have value and, being essentially cryptocurrency, can be electronically traded.  To the degree that the enterprise is valuable, these tokens will accrue value.  How’s that working out?

Hugo Benedetti and Leonard  Kostovetsky actually use the “T” word in their analysis, finding absurd amounts of cash raised (billions of dollars), and a lot of bubbly froth in the form of jumps in prices immediately after launch [1]. On the other hand, more than half of the ICOs are effectively dead by 4 months after launch.  All the action is the big splashy sale.

In a sign of the times, not only the success but the very existence of the ICO is measured through twitter chatter—unregulated puffery if there ever was.

As the BBC puts it, “Can crypto-currencies last longer than a vase of tulips?” [2]

Another recent report argues that something like 78% of ICO are “scams”—i.e., never intending to do anything other than collect money and fold.  They found that only 15% actually existed after the ICO!  [3][4]  That is, most of the “ICOs” were just announcements, never even completed!  (In these cases, people “invest” in them before launch, but they generally will never be able to cash out until the actual launch.)

On the basis of the above classification, as a percentage of the total number of ICOs, we found that approximately 78 [percent] of ICO’s were Identified Scams, ~4 [percent] Failed, ~3 [percent] had Gone Dead, and ~15 [percent] went on to trade on an exchange,” the report states.” (from [3])

A quick bit of math tells us that 1/8 * ½, or 1 out of 16 ICOs are actually around 4 months after the nominal launch date. The ICOs that survive pay off with maybe 250% returns, but overall, counting the scams, it’s something like 15% return your investment on average—though it’s actually a crapshoot that you lose everything more than half the time.

This is a remarkable collection of statistics, which makes speculation in Tulip bulbs seem like a boring game for old maids.

Basically, cryptocurrency technology, especially “smart contracts”, are the perfect medium for digital Tulipmania.  You can make as many Tulips as you want, sell them off in seconds and disappear without a trace.  Buyers and sellers are almost anonymous, and most communication is via Twitter and other unregulated channels.  The entire enterprise is effectively “off shore” from any legal jurisdicaiton. Furthermore, it takes almost no technical skill to run your own Tulip game, because you can simply copy previous Tulips by reusing “smart contracts”.

“Smart contracts” are the perfect medium for twenty first century Tulipmania.

Clearly, “The ICO” must be a strong candidate for the CryptoTulip of the Year this year!

  1. Hugo Benedetti and Leonard Kostovetsky, Digital Tulips? Returns to Investors in Initial Coin Offerings. SSRN, 2018.
  2. Rory Cellan-Jones, The crypto-currencies that die before they have bloomed, in BBC News – Technology. 2018.
  3. Sherwin Dowlat, Cryptoasset Market Coverage Initiation: Network Creation. SatisGroup, 2018.
  4. Christine Kim (2018) Report: More Than Three-Quarters of ICOs in 2017 Were Scams. Condesk,


Cryptocurrency Thursday