What is a Merkle Tree? Hashing and How Blockchain ...
Bob The Magic Custodian
Summary: Everyone knows that when you give your assets to someone else, they always keep them safe. If this is true for individuals, it is certainly true for businesses. Custodians always tell the truth and manage funds properly. They won't have any interest in taking the assets as an exchange operator would. Auditors tell the truth and can't be misled. That's because organizations that are regulated are incapable of lying and don't make mistakes. First, some background. Here is a summary of how custodians make us more secure: Previously, we might give Alice our crypto assets to hold. There were risks:
Alice might take the assets and disappear.
Alice might spend the assets and pretend that she still has them (fractional model).
Alice might store the assets insecurely and they'll get stolen.
Alice might give the assets to someone else by mistake or by force.
Alice might lose access to the assets.
But "no worries", Alice has a custodian named Bob. Bob is dressed in a nice suit. He knows some politicians. And he drives a Porsche. "So you have nothing to worry about!". And look at all the benefits we get:
Alice can't take the assets and disappear (unless she asks Bob or never gives them to Bob).
Alice can't spend the assets and pretend that she still has them. (Unless she didn't give them to Bob or asks him for them.)
Alice can't store the assets insecurely so they get stolen. (After all - she doesn't have any control over the withdrawal process from any of Bob's systems, right?)
Alice can't give the assets to someone else by mistake or by force. (Bob will stop her, right Bob?)
Alice can't lose access to the funds. (She'll always be present, sane, and remember all secrets, right?)
See - all problems are solved! All we have to worry about now is:
Bob might take the assets and disappear.
Bob might spend the assets and pretend that he still has them (fractional model).
Bob might store the assets insecurely and they'll get stolen.
Bob might give the assets to someone else by mistake or by force.
Bob might lose access to the assets.
It's pretty simple. Before we had to trust Alice. Now we only have to trust Alice, Bob, and all the ways in which they communicate. Just think of how much more secure we are! "On top of that", Bob assures us, "we're using a special wallet structure". Bob shows Alice a diagram. "We've broken the balance up and store it in lots of smaller wallets. That way", he assures her, "a thief can't take it all at once". And he points to a historic case where a large sum was taken "because it was stored in a single wallet... how stupid". "Very early on, we used to have all the crypto in one wallet", he said, "and then one Christmas a hacker came and took it all. We call him the Grinch. Now we individually wrap each crypto and stick it under a binary search tree. The Grinch has never been back since." "As well", Bob continues, "even if someone were to get in, we've got insurance. It covers all thefts and even coercion, collusion, and misplaced keys - only subject to the policy terms and conditions." And with that, he pulls out a phone-book sized contract and slams it on the desk with a thud. "Yep", he continues, "we're paying top dollar for one of the best policies in the country!" "Can I read it?' Alice asks. "Sure," Bob says, "just as soon as our legal team is done with it. They're almost through the first chapter." He pauses, then continues. "And can you believe that sales guy Mike? He has the same year Porsche as me. I mean, what are the odds?" "Do you use multi-sig?", Alice asks. "Absolutely!" Bob replies. "All our engineers are fully trained in multi-sig. Whenever we want to set up a new wallet, we generate 2 separate keys in an air-gapped process and store them in this proprietary system here. Look, it even requires the biometric signature from one of our team members to initiate any withdrawal." He demonstrates by pressing his thumb into the display. "We use a third-party cloud validation API to match the thumbprint and authorize each withdrawal. The keys are also backed up daily to an off-site third-party." "Wow that's really impressive," Alice says, "but what if we need access for a withdrawal outside of office hours?" "Well that's no issue", Bob says, "just send us an email, call, or text message and we always have someone on staff to help out. Just another part of our strong commitment to all our customers!" "What about Proof of Reserve?", Alice asks. "Of course", Bob replies, "though rather than publish any blockchain addresses or signed transaction, for privacy we just do a SHA256 refactoring of the inverse hash modulus for each UTXO nonce and combine the smart contract coefficient consensus in our hyperledger lightning node. But it's really simple to use." He pushes a button and a large green checkmark appears on a screen. "See - the algorithm ran through and reserves are proven." "Wow", Alice says, "you really know your stuff! And that is easy to use! What about fiat balances?" "Yeah, we have an auditor too", Bob replies, "Been using him for a long time so we have quite a strong relationship going! We have special books we give him every year and he's very efficient! Checks the fiat, crypto, and everything all at once!" "We used to have a nice offline multi-sig setup we've been using without issue for the past 5 years, but I think we'll move all our funds over to your facility," Alice says. "Awesome", Bob replies, "Thanks so much! This is perfect timing too - my Porsche got a dent on it this morning. We have the paperwork right over here." "Great!", Alice replies. And with that, Alice gets out her pen and Bob gets the contract. "Don't worry", he says, "you can take your crypto-assets back anytime you like - just subject to our cancellation policy. Our annual management fees are also super low and we don't adjust them often". How many holes have to exist for your funds to get stolen? Just one. Why are we taking a powerful offline multi-sig setup, widely used globally in hundreds of different/lacking regulatory environments with 0 breaches to date, and circumventing it by a demonstrably weak third party layer? And paying a great expense to do so? If you go through the list of breaches in the past 2 years to highly credible organizations, you go through the list of major corporate frauds (only the ones we know about), you go through the list of all the times platforms have lost funds, you go through the list of times and ways that people have lost their crypto from identity theft, hot wallet exploits, extortion, etc... and then you go through this custodian with a fine-tooth comb and truly believe they have value to add far beyond what you could, sticking your funds in a wallet (or set of wallets) they control exclusively is the absolute worst possible way to take advantage of that security. The best way to add security for crypto-assets is to make a stronger multi-sig. With one custodian, what you are doing is giving them your cryptocurrency and hoping they're honest, competent, and flawlessly secure. It's no different than storing it on a really secure exchange. Maybe the insurance will cover you. Didn't work for Bitpay in 2015. Didn't work for Yapizon in 2017. Insurance has never paid a claim in the entire history of cryptocurrency. But maybe you'll get lucky. Maybe your exact scenario will buck the trend and be what they're willing to cover. After the large deductible and hopefully without a long and expensive court battle. And you want to advertise this increase in risk, the lapse of judgement, an accident waiting to happen, as though it's some kind of benefit to customers ("Free institutional-grade storage for your digital assets.")? And then some people are writing to the OSC that custodians should be mandatory for all funds on every exchange platform? That this somehow will make Canadians as a whole more secure or better protected compared with standard air-gapped multi-sig? On what planet? Most of the problems in Canada stemmed from one thing - a lack of transparency. If Canadians had known what a joke Quadriga was - it wouldn't have grown to lose $400m from hard-working Canadians from coast to coast to coast. And Gerald Cotten would be in jail, not wherever he is now (at best, rotting peacefully). EZ-BTC and mister Dave Smilie would have been a tiny little scam to his friends, not a multi-million dollar fraud. Einstein would have got their act together or been shut down BEFORE losing millions and millions more in people's funds generously donated to criminals. MapleChange wouldn't have even been a thing. And maybe we'd know a little more about CoinTradeNewNote - like how much was lost in there. Almost all of the major losses with cryptocurrency exchanges involve deception with unbacked funds. So it's great to see transparency reports from BitBuy and ShakePay where someone independently verified the backing. The only thing we don't have is:
ANY CERTAINTY BALANCES WEREN'T EXCLUDED. Quadriga's largest account was $70m. 80% of funds are in 20% of accounts (Pareto principle). All it takes is excluding a few really large accounts - and nobody's the wiser. A fractional platform can easily pass any audit this way.
ANY VISIBILITY WHATSOEVER INTO THE CUSTODIANS. BitBuy put out their report before moving all the funds to their custodian and ShakePay apparently can't even tell us who the custodian is. That's pretty important considering that basically all of the funds are now stored there.
ANY IDEA ABOUT THE OTHER EXCHANGES. In order for this to be effective, it has to be the norm. It needs to be "unusual" not to know. If obscurity is the norm, then it's super easy for people like Gerald Cotten and Dave Smilie to blend right in.
It's not complicated to validate cryptocurrency assets. They need to exist, they need to be spendable, and they need to cover the total balances. There are plenty of credible people and firms across the country that have the capacity to reasonably perform this validation. Having more frequent checks by different, independent, parties who publish transparent reports is far more valuable than an annual check by a single "more credible/official" party who does the exact same basic checks and may or may not publish anything. Here's an example set of requirements that could be mandated:
First report within 1 month of launching, another within 3 months, and further reports at minimum every 6 months thereafter.
No auditor can be repeated within a 12 month period.
All reports must be public, identifying the auditor and the full methodology used.
All auditors must be independent of the firm being audited with no conflict of interest.
Reports must include the percentage of each asset backed, and how it's backed.
The auditor publishes a hash list, which lists a hash of each customer's information and balances that were included. Hash is one-way encryption so privacy is fully preserved. Every customer can use this to have 100% confidence they were included.
If we want more extensive requirements on audits, these should scale upward based on the total assets at risk on the platform, and whether the platform has loaned their assets out.
There are ways to structure audits such that neither crypto assets nor customer information are ever put at risk, and both can still be properly validated and publicly verifiable. There are also ways to structure audits such that they are completely reasonable for small platforms and don't inhibit innovation in any way. By making the process as reasonable as possible, we can completely eliminate any reason/excuse that an honest platform would have for not being audited. That is arguable far more important than any incremental improvement we might get from mandating "the best of the best" accountants. Right now we have nothing mandated and tons of Canadians using offshore exchanges with no oversight whatsoever. Transparency does not prove crypto assets are safe. CoinTradeNewNote, Flexcoin ($600k), and Canadian Bitcoins ($100k) are examples where crypto-assets were breached from platforms in Canada. All of them were online wallets and used no multi-sig as far as any records show. This is consistent with what we see globally - air-gapped multi-sig wallets have an impeccable record, while other schemes tend to suffer breach after breach. We don't actually know how much CoinTrader lost because there was no visibility. Rather than publishing details of what happened, the co-founder of CoinTrader silently moved on to found another platform - the "most trusted way to buy and sell crypto" - a site that has no information whatsoever (that I could find) on the storage practices and a FAQ advising that “[t]rading cryptocurrency is completely safe” and that having your own wallet is “entirely up to you! You can certainly keep cryptocurrency, or fiat, or both, on the app.” Doesn't sound like much was learned here, which is really sad to see. It's not that complicated or unreasonable to set up a proper hardware wallet. Multi-sig can be learned in a single course. Something the equivalent complexity of a driver's license test could prevent all the cold storage exploits we've seen to date - even globally. Platform operators have a key advantage in detecting and preventing fraud - they know their customers far better than any custodian ever would. The best job that custodians can do is to find high integrity individuals and train them to form even better wallet signatories. Rather than mandating that all platforms expose themselves to arbitrary third party risks, regulations should center around ensuring that all signatories are background-checked, properly trained, and using proper procedures. We also need to make sure that signatories are empowered with rights and responsibilities to reject and report fraud. They need to know that they can safely challenge and delay a transaction - even if it turns out they made a mistake. We need to have an environment where mistakes are brought to the surface and dealt with. Not one where firms and people feel the need to hide what happened. In addition to a knowledge-based test, an auditor can privately interview each signatory to make sure they're not in coercive situations, and we should make sure they can freely and anonymously report any issues without threat of retaliation. A proper multi-sig has each signature held by a separate person and is governed by policies and mutual decisions instead of a hierarchy. It includes at least one redundant signature. For best results, 3of4, 3of5, 3of6, 4of5, 4of6, 4of7, 5of6, or 5of7. History has demonstrated over and over again the risk of hot wallets even to highly credible organizations. Nonetheless, many platforms have hot wallets for convenience. While such losses are generally compensated by platforms without issue (for example Poloniex, Bitstamp, Bitfinex, Gatecoin, Coincheck, Bithumb, Zaif, CoinBene, Binance, Bitrue, Bitpoint, Upbit, VinDAX, and now KuCoin), the public tends to focus more on cases that didn't end well. Regardless of what systems are employed, there is always some level of risk. For that reason, most members of the public would prefer to see third party insurance. Rather than trying to convince third party profit-seekers to provide comprehensive insurance and then relying on an expensive and slow legal system to enforce against whatever legal loopholes they manage to find each and every time something goes wrong, insurance could be run through multiple exchange operators and regulators, with the shared interest of having a reputable industry, keeping costs down, and taking care of Canadians. For example, a 4 of 7 multi-sig insurance fund held between 5 independent exchange operators and 2 regulatory bodies. All Canadian exchanges could pay premiums at a set rate based on their needed coverage, with a higher price paid for hot wallet coverage (anything not an air-gapped multi-sig cold wallet). Such a model would be much cheaper to manage, offer better coverage, and be much more reliable to payout when needed. The kind of coverage you could have under this model is unheard of. You could even create something like the CDIC to protect Canadians who get their trading accounts hacked if they can sufficiently prove the loss is legitimate. In cases of fraud, gross negligence, or insolvency, the fund can be used to pay affected users directly (utilizing the last transparent balance report in the worst case), something which private insurance would never touch. While it's recommended to have official policies for coverage, a model where members vote would fully cover edge cases. (Could be similar to the Supreme Court where justices vote based on case law.) Such a model could fully protect all Canadians across all platforms. You can have a fiat coverage governed by legal agreements, and crypto-asset coverage governed by both multi-sig and legal agreements. It could be practical, affordable, and inclusive. Now, we are at a crossroads. We can happily give up our freedom, our innovation, and our money. We can pay hefty expenses to auditors, lawyers, and regulators year after year (and make no mistake - this cost will grow to many millions or even billions as the industry grows - and it will be borne by all Canadians on every platform because platforms are not going to eat up these costs at a loss). We can make it nearly impossible for any new platform to enter the marketplace, forcing Canadians to use the same stagnant platforms year after year. We can centralize and consolidate the entire industry into 2 or 3 big players and have everyone else fail (possibly to heavy losses of users of those platforms). And when a flawed security model doesn't work and gets breached, we can make it even more complicated with even more people in suits making big money doing the job that blockchain was supposed to do in the first place. We can build a system which is so intertwined and dependent on big government, traditional finance, and central bankers that it's future depends entirely on that of the fiat system, of fractional banking, and of government bail-outs. If we choose this path, as history has shown us over and over again, we can not go back, save for revolution. Our children and grandchildren will still be paying the consequences of what we decided today. Or, we can find solutions that work. We can maintain an open and innovative environment while making the adjustments we need to make to fully protect Canadian investors and cryptocurrency users, giving easy and affordable access to cryptocurrency for all Canadians on the platform of their choice, and creating an environment in which entrepreneurs and problem solvers can bring those solutions forward easily. None of the above precludes innovation in any way, or adds any unreasonable cost - and these three policies would demonstrably eliminate or resolve all 109 historic cases as studied here - that's every single case researched so far going back to 2011. It includes every loss that was studied so far not just in Canada but globally as well. Unfortunately, finding answers is the least challenging part. Far more challenging is to get platform operators and regulators to agree on anything. My last post got no response whatsoever, and while the OSC has told me they're happy for industry feedback, I believe my opinion alone is fairly meaningless. This takes the whole community working together to solve. So please let me know your thoughts. Please take the time to upvote and share this with people. Please - let's get this solved and not leave it up to other people to do. Facts/background/sources (skip if you like):
The inspiration for the paragraph about splitting wallets was an actual quote from a Canadian company providing custodial services in response to the OSC consultation paper: "We believe that it will be in the in best interests of investors to prohibit pooled crypto assets or ‘floats’. Most Platforms pool assets, citing reasons of practicality and expense. The recent hack of the world’s largest Platform – Binance – demonstrates the vulnerability of participants’ assets when such concessions are made. In this instance, the Platform’s entire hot wallet of Bitcoins, worth over $40 million, was stolen, facilitated in part by the pooling of client crypto assets." "the maintenance of participants (and Platform) crypto assets across multiple wallets distributes the related risk and responsibility of security - reducing the amount of insurance coverage required and making insurance coverage more readily obtainable". For the record, their reply also said nothing whatsoever about multi-sig or offline storage.
In addition to the fact that the $40m hack represented only one "hot wallet" of Binance, and they actually had the vast majority of assets in other wallets (including mostly cold wallets), multiple real cases have clearly demonstrated that risk is still present with multiple wallets. Bitfinex, VinDAX, Bithumb, Altsbit, BitPoint, Cryptopia, and just recently KuCoin all had multiple wallets breached all at the same time, and may represent a significantly larger impact on customers than the Binance breach which was fully covered by Binance. To represent that simply having multiple separate wallets under the same security scheme is a comprehensive way to reduce risk is just not true.
Private insurance has historically never covered a single loss in the cryptocurrency space (at least, not one that I was able to find), and there are notable cases where massive losses were not covered by insurance. Bitpay in 2015 and Yapizon in 2017 both had insurance policies that didn't pay out during the breach, even after a lengthly court process. The same insurance that ShakePay is presently using (and announced to much fanfare) was describe by their CEO himself as covering “physical theft of the media where the private keys are held,” which is something that has never historically happened. As was said with regard to the same policy in 2018 - “I don’t find it surprising that Lloyd’s is in this space,” said Johnson, adding that to his mind the challenge for everybody is figuring out how to structure these policies so that they are actually protective. “You can create an insurance policy that protects no one – you know there are so many caveats to the policy that it’s not super protective.”
The most profitable policy for a private insurance company is one with the most expensive premiums that they never have to pay a claim on. They have no inherent incentive to take care of people who lost funds. It's "cheaper" to take the reputational hit and fight the claim in court. The more money at stake, the more the insurance provider is incentivized to avoid payout. They're not going to insure the assets unless they have reasonable certainty to make a profit by doing so, and they're not going to pay out a massive sum unless it's legally forced. Private insurance is always structured to be maximally profitable to the insurance provider.
The circumvention of multi-sig was a key factor in the massive Bitfinex hack of over $60m of bitcoin, which today still sits being slowly used and is worth over $3b. While Bitfinex used a qualified custodian Bitgo, which was and still is active and one of the industry leaders of custodians, and they set up 2 of 3 multi-sig wallets, the entire system was routed through Bitfinex, such that Bitfinex customers could initiate the withdrawals in a "hot" fashion. This feature was also a hit with the hacker. The multi-sig was fully circumvented.
Bitpay in 2015 was another example of a breach that stole 5,000 bitcoins. This happened not through the exploit of any system in Bitpay, but because the CEO of a company they worked with got their computer hacked and the hackers were able to request multiple bitcoin purchases, which Bitpay honoured because they came from the customer's computer legitimately. Impersonation is a very common tactic used by fraudsters, and methods get more extreme all the time.
A notable case in Canada was the Canadian Bitcoins exploit. Funds were stored on a server in a Rogers Data Center, and the attendee was successfully convinced to reboot the server "in safe mode" with a simple phone call, thus bypassing the extensive security and enabling the theft.
The very nature of custodians circumvents multi-sig. This is because custodians are not just having to secure the assets against some sort of physical breach but against any form of social engineering, modification of orders, fraudulent withdrawal attempts, etc... If the security practices of signatories in a multi-sig arrangement are such that the breach risk of one signatory is 1 in 100, the requirement of 3 independent signatures makes the risk of theft 1 in 1,000,000. Since hackers tend to exploit the weakest link, a comparable custodian has to make the entry and exit points of their platform 10,000 times more secure than one of those signatories to provide equivalent protection. And if the signatories beef up their security by only 10x, the risk is now 1 in 1,000,000,000. The custodian has to be 1,000,000 times more secure. The larger and more complex a system is, the more potential vulnerabilities exist in it, and the fewer people can understand how the system works when performing upgrades. Even if a system is completely secure today, one has to also consider how that system might evolve over time or work with different members.
By contrast, offline multi-signature solutions have an extremely solid record, and in the entire history of cryptocurrency exchange incidents which I've studied (listed here), there has only been one incident (796 exchange in 2015) involving an offline multi-signature wallet. It happened because the customer's bitcoin address was modified by hackers, and the amount that was stolen ($230k) was immediately covered by the exchange operators. Basically, the platform operators were tricked into sending a legitimate withdrawal request to the wrong address because hackers exploited their platform to change that address. Such an issue would not be prevented in any way by the use of a custodian, as that custodian has no oversight whatsoever to the exchange platform. It's practical for all exchange operators to test large withdrawal transactions as a general policy, regardless of what model is used, and general best practice is to diagnose and fix such an exploit as soon as it occurs.
False promises on the backing of funds played a huge role in the downfall of Quadriga, and it's been exposed over and over again (MyCoin, PlusToken, Bitsane, Bitmarket, EZBTC, IDAX). Even today, customers have extremely limited certainty on whether their funds in exchanges are actually being backed or how they're being backed. While this issue is not unique to cryptocurrency exchanges, the complexity of the technology and the lack of any regulation or standards makes problems more widespread, and there is no "central bank" to come to the rescue as in the 2008 financial crisis or during the great depression when "9,000 banks failed".
In addition to fraudulent operations, the industry is full of cases where operators have suffered breaches and not reported them. Most recently, Einstein was the largest case in Canada, where ongoing breaches and fraud were perpetrated against the platform for multiple years and nobody found out until the platform collapsed completely. While fraud and breaches suck to deal with, they suck even more when not dealt with. Lack of visibility played a role in the largest downfalls of Mt. Gox, Cryptsy, and Bitgrail. In some cases, platforms are alleged to have suffered a hack and keep operating without admitting it at all, such as CoinBene.
It surprises some to learn that a cryptographic solution has already existed since 2013, and gained widespread support in 2014 after Mt. Gox. Proof of Reserves is a full cryptographic proof that allows any customer using an exchange to have complete certainty that their crypto-assets are fully backed by the platform in real-time. This is accomplished by proving that assets exist on the blockchain, are spendable, and fully cover customer deposits. It does not prove safety of assets or backing of fiat assets.
If we didn't care about privacy at all, a platform could publish their wallet addresses, sign a partial transaction, and put the full list of customer information and balances out publicly. Customers can each check that they are on the list, that the balances are accurate, that the total adds up, and that it's backed and spendable on the blockchain. Platforms who exclude any customer take a risk because that customer can easily check and see they were excluded. So together with all customers checking, this forms a full proof of backing of all crypto assets.
However, obviously customers care about their private information being published. Therefore, a hash of the information can be provided instead. Hash is one-way encryption. The hash allows the customer to validate inclusion (by hashing their own known information), while anyone looking at the list of hashes cannot determine the private information of any other user. All other parts of the scheme remain fully intact. A model like this is in use on the exchange CoinFloor in the UK.
A Merkle tree can provide even greater privacy. Instead of a list of balances, the balances are arranged into a binary tree. A customer starts from their node, and works their way to the top of the tree. For example, they know they have 5 BTC, they plus 1 other customer hold 7 BTC, they plus 2-3 other customers hold 17 BTC, etc... until they reach the root where all the BTC are represented. Thus, there is no way to find the balances of other individual customers aside from one unidentified customer in this case.
Proposals such as this had the backing of leaders in the community including Nic Carter, Greg Maxwell, and Zak Wilcox. Substantial and significant effort started back in 2013, with massive popularity in 2014. But what became of that effort? Very little. Exchange operators continue to refuse to give visibility. Despite the fact this information can often be obtained through trivial blockchain analysis, no Canadian platform has ever provided any wallet addresses publicly. As described by the CEO of Newton "For us to implement some kind of realtime Proof of Reserves solution, which I'm not opposed to, it would have to ... Preserve our users' privacy, as well as our own. Some kind of zero-knowledge proof". Kraken describes here in more detail why they haven't implemented such a scheme. According to professor Eli Ben-Sasson, when he spoke with exchanges, none were interested in implementing Proof of Reserves.
And yet, Kraken's places their reasoning on a page called "Proof of Reserves". More recently, both BitBuy and ShakePay have released reports titled "Proof of Reserves and Security Audit". Both reports contain disclaimers against being audits. Both reports trust the customer list provided by the platform, leaving the open possibility that multiple large accounts could have been excluded from the process. Proof of Reserves is a blockchain validation where customers see the wallets on the blockchain. The report from Kraken is 5 years old, but they leave it described as though it was just done a few weeks ago. And look at what they expect customers to do for validation. When firms represent something being "Proof of Reserve" when it's not, this is like a farmer growing fruit with pesticides and selling it in a farmers market as organic produce - except that these are people's hard-earned life savings at risk here. Platforms are misrepresenting the level of visibility in place and deceiving the public by their misuse of this term. They haven't proven anything.
Fraud isn't a problem that is unique to cryptocurrency. Fraud happens all the time. Enron, WorldCom, Nortel, Bear Stearns, Wells Fargo, Moser Baer, Wirecard, Bre-X, and Nicola are just some of the cases where frauds became large enough to become a big deal (and there are so many countless others). These all happened on 100% reversible assets despite regulations being in place. In many of these cases, the problems happened due to the over-complexity of the financial instruments. For example, Enron had "complex financial statements [which] were confusing to shareholders and analysts", creating "off-balance-sheet vehicles, complex financing structures, and deals so bewildering that few people could understand them". In cryptocurrency, we are often combining complex financial products with complex technologies and verification processes. We are naïve if we think problems like this won't happen. It is awkward and uncomfortable for many people to admit that they don't know how something works. If we want "money of the people" to work, the solutions have to be simple enough that "the people" can understand them, not so confusing that financial professionals and technology experts struggle to use or understand them.
For those who question the extent to which an organization can fool their way into a security consultancy role, HB Gary should be a great example to look at. Prior to trying to out anonymous, HB Gary was being actively hired by multiple US government agencies and others in the private sector (with glowing testimonials). The published articles and hosted professional security conferences. One should also look at this list of data breaches from the past 2 years. Many of them are large corporations, government entities, and technology companies. These are the ones we know about. Undoubtedly, there are many more that we do not know about. If HB Gary hadn't been "outted" by anonymous, would we have known they were insecure? If the same breach had happened outside of the public spotlight, would it even have been reported? Or would HB Gary have just deleted the Twitter posts, brought their site back up, done a couple patches, and kept on operating as though nothing had happened?
In the case of Quadriga, the facts are clear. Despite past experience with platforms such as MapleChange in Canada and others around the world, no guidance or even the most basic of a framework was put in place by regulators. By not clarifying any sort of legal framework, regulators enabled a situation where a platform could be run by former criminal Mike Dhanini/Omar Patryn, and where funds could be held fully unchecked by one person. At the same time, the lack of regulation deterred legitimate entities from running competing platforms and Quadriga was granted a money services business license for multiple years of operation, which gave the firm the appearance of legitimacy. Regulators did little to protect Canadians despite Quadriga failing to file taxes from 2016 onward. The entire administrative team had resigned and this was public knowledge. Many people had suspicions of what was going on, including Ryan Mueller, who forwarded complaints to the authorities. These were ignored, giving Gerald Cotten the opportunity to escape without justice.
There are multiple issues with the SOC II model including the prohibitive cost (you have to find a third party accounting firm and the prices are not even listed publicly on any sites), the requirement of operating for a year (impossible for new platforms), and lack of any public visibility (SOC II are private reports that aren't shared outside the people in suits).
Securities frameworks are expensive. Sarbanes-Oxley is estimated to cost $5.1 million USD/yr for the average Fortune 500 company in the United States. Since "Fortune 500" represents the top 500 companies, that means well over $2.55 billion USD (~$3.4 billion CAD) is going to people in suits. Isn't the problem of trust and verification the exact problem that the blockchain is supposed to solve?
To use Quadriga as justification for why custodians or SOC II or other advanced schemes are needed for platforms is rather silly, when any framework or visibility at all, or even the most basic of storage policies, would have prevented the whole thing. It's just an embarrassment.
We are now seeing regulators take strong action. CoinSquare in Canada with multi-million dollar fines. BitMex from the US, criminal charges and arrests. OkEx, with full disregard of withdrawals and no communication. Who's next?
We have a unique window today where we can solve these problems, and not permanently destroy innovation with unreasonable expectations, but we need to act quickly. This is a unique historic time that will never come again.
08-13 21:45 - 'Building the Infrastructure for the Future Decentralized Financial Market, Coinbase Included HBTC.Com Debut DeFi Project - Nest Protocol' (self.Bitcoin) by /u/Nest_Fan removed from /r/Bitcoin within 24-34min
''' As the world’s leading regulatory compliant digital asset exchange, Coinbase sets one of the most stringent requirements for digital asset listing which includes technical evaluation of projects, legal and risk analysis, market supply and demand analysis, and crypto-economics. Coinbase holds a strong reputation in the digital asset industry, and thus the “Coinbase Standard” is considered as the industry benchmark for other digital asset projects, and the market has even seen the “Coinbase effect”. On July 25 2020, Coinbase quietly launched the pricing chart of a decentralized oracle project, NEST Protocol (NEST), into its portal. Although Coinbase has yet to announce the inclusion of the project in its evaluation list, it represents a keen interest in the DeFi sector, and particularly in the DeFi price oracle projects. NEST Protocol is the rising star in the decentralized price oracle sector Decentralized financial services offered by the current mainstream DeFi platforms such as MakerDAO, Compound, dYdX, etc. rely heavily on the market data provided by the oracle projects. Oracle projects act as reliable information sources to feed these price data to other DeFi Projects, connecting the price data from the centralized world to the DeFi space. As such, the price oracle is an integral part of the decentralized financial services infrastructure. Traditionally, the price oracle collects data from different platforms and feeds these data points to the DeFi space to create data reference points to enable them to function properly. However, many problems currently exist in the DeFi space, for example, blockchain network congestion, malicious attacks, wild market fluctuations, and other factors that may cause the data given by the price oracle to deviate from the true market data. These ultimately cause users to trade on wrong information in the DeFi space and increases such transaction costs. Decentralized finance requires a fast, secure, and reliable price oracle. The birth of the decentralized price oracle is the embodiment of the blockchain industry’s thinking, and the current market projects offering decentralized price oracle services which includes NEST Protocol, Chainlink, Band Protocol, Tellor, Witness, Oraclize, and many others. The innovation of NEST-Price is that every data point has been agreed upon by market validators, in line with the blockchain consensus mechanism. NEST-Price synchronizes the off-chain price in a highly decentralized manner, creating real and valid price data on-chain. This is the unique differentiator between NEST-Price and other price oracles. Compared with other price oracle projects, NEST also has other features and advantages, such as the proposed peer-to-peer quotation matching as well as its unique verifier verification structure, making NEST more resilient to malicious attacks, resulting in a more decentralized network, and it’s on-chain prices closer to the fair market price. All of this has resulted in the NEST Protocol becoming a rising star in the DeFi price oracle sector. HBTC.com selects high-quality projects to list and partnering with NEST to promote the development of DeFi ecosystem During the selection of quality assets, exchanges like [HBTC.com]1 and Coinbase adhere to the principle of a rigorous selection of assets from different projects to enable a proper range of digital assets. At the same time, in order to solve existing pain points in the digital asset industry, which currently lacks a market-making management solution, HBTC.com also has launched its own “coin listing crowdsourcing [liquidity initiative]2 “, redefining the exchange market making model. HBTC.com, through its coin listing strategy, effectively reduces the problem of low liquidity in the early stages of high-quality projects, ensuring the smoothness of the user experience, and achieves a win-win situation for traders, the community, and the respective trading platform. These initiatives, coupled with reliable user protection and a responsible attitude, have earned a positive reputation among users. Since its inception, the HBTC.com exchange has been committed to the discovery of both quality and promising digital asset projects. At a time when DeFi is growing rapidly, HBTC.com has a unique perspective for the decentralized price oracle sector and has prioritized NEST as a premium partner to debut the project alongside with its global branding upgrade. In addition, HBTC.com has [100% proof of reserves]3 for traders to validate the existence of assets via the Merkle tree, which brings transparency to the extreme. In May 2020, NEST token delivered a 883.29% of return, at its peak, after its global debut on HBTC.com. At present, HBTC Exchange addresses holding NEST token accounts in a total of 141 million, ranked first in the overall network. At the same time, the HBTC Exchange network exclusively releases NEST staking mining and data show that NEST 24-hour turnover has reached $20.4 million. Post-listing of the NEST token, HBTC.com has also listed DeFi projects such as DF, OKS, NEST, SWTH, JST, NVT, and other DeFi projects with market potential; some projects have achieved astonishing performance in the secondary market. HBTC.com’s path to DeFi: developing public chains to prepare for the future ecosystem breakout. In terms of the DeFi product and ecosystem infrastructure, HBTC has deployed HBTC Chain since launched in 2018, an infrastructure designed for decentralized finance and DeFi business with patented Bluehelix decentralized cross-chain clearing and custody technology. The HBTC Chain is the DeFi ecosystem infrastructure that the team has spent a significant amount of effort to build. It is based on decentralization and community consensus and integrates cryptography and blockchain technologies to support decentralized association-based governance capabilities at the technical level. Based on decentralized key management, combining various cryptography tools including ECDSA, commitment, zero-knowledge proof, and multi-party computation, It implements the distributed private key generation and signature for cross-chain assets among all validators. On top of that, this technology can realize light-weight and non-intrusive cross-chain asset custody. On the clearing layer, HBTC Chain employs BHPOS consensus and horizontal sharding mechanisms to achieve high-performing transaction clearing, and implementation of OpenDex protocol to help the development of the DeFi ecosystem. In addition, with the success experience of Bluehelix Cloud SaaS and white label solutions and the HBTC Brokerage system, HBTC’s public chain also innovatively supports CEX+DEX mixed matchmaking model and OpenDex protocol and proposes the three-tier node system which consists of standard node + consensus node + core node. This structure provides HBTC public chain certain advantages in terms of performance and cross-chain transactions. Users can easily establish a DEX with OpenDex protocol at nearly zero cost, and all DEX will share the liquidity and support customized user interface and trading parameters. The trading experience can be completely comparable to centralized spot exchanges. With the launch of its test network, it is now possible to develop various DeFi applications on the HBTC public chain, such as decentralized swap, so that private keys are not controlled by any party; no KYC, which can prevent personal information leakage; and asset security through the setting of invalidation, cancellation of transactions and other functions, cross-chain asset mappings, such as the ability to issue cross-chain cBTC or other chain tokens, fully decentralized asset mapping contracts, and 100% reserves. Conclusion In the past few months, the DeFi market has been extremely active, the price of DeFi tokens has been rising, and a new round of competition with the centralized exchanges has started. HBTC Chain relies on the powerful technology of Bluehelix and [HBTC.com]1 , giving all public chains the ability to interconnect, and put into both DeFi and SaaS levels. Undoubtedly, as one of the first exchanges to build the DeFi ecosystem, HBTC is leading the breakout in the current DeFi craze and has now become the first choice of users to engage with quality DeFi projects. From BITCOIN news([[link]6 ) ''' Building the Infrastructure for the Future Decentralized Financial Market, Coinbase Included HBTC.Com Debut DeFi Project - Nest Protocol Go1dfish undelete link unreddit undelete link Author: Nest_Fan 1: *btc*com/ 2: m*diu**com/hbt***ficia*/hbt*-launches-ba**liquidi*y***owd*unding-li*ti*g-plan-redefine-t*e*exch*nge-*i*tin**m*d*l***6*58f*f1d* 3: hbtc.ze**e*k*co*/hc/*n-us/a**icles/3***46287754-HBT*-10*-*ro***of*Reserve 4: hb*c.co*/ 5: n*ws.bitcoin.c*m*bu*ld*ng-t**-infr***ructur*-f*r-the*fut*re*decen**ali**d-*inanc*a*-market-coi**as*-*ncluded-h*t*-*o*-*ebut-de**-p*oject-n*st-**otocol* 6: n**s.bit*oin*com/building-th*-infrast*u*ture*for-t*e-fut****decen**a**zed**inancia*-m*rket-coinbase-**c*uded-*b*c-c***deb***defi-**oject-*est**r**ocol/]^^5 Unknown links are censored to prevent spreading illicit content.
arriving at consensus AND distributing coins via burning Bitcoin instead of electricity/equipment to create permissionless, unfakeable, green, and trust minimized basis over every aspect of sidechain control.
creating Bitcoin peg from altcoin chain to mainchain (the hard direction) by allocating small percentage of Bitcoin intended for burning to reimbursing withdrawals, effectively making it a childchain/sidechain (no oracles or federated multisigs)
This is not an altcoin thread. I'm not making anything. The design discussed options for existing altcoins and new ways to built on top of Bitcoin inheriting some of its security guarantees. 2 parts: First, the design allows any altcoins to switch to securing themselves via Bitcoin instead of their own PoW or PoS with significant benefits to both altcoins and Bitcoin (and environment lol). Second, I explain how to create Bitcoin-pegged assets to turn altcoins into a Bitcoin sidechain equivalent. Let me know if this is of interest or if it exists, feel free to use or do anything with this, hopefully I can help.
how to create continuous sunk costs, permissionless entry, high cost of attacks?
how to do it without needing to build up a new source of hardware capital or energy costs?
how to peg another chain's token value w/o incentivized collusion risk of federation or oracles?
how to make sidechain use fully optional for all Bitcoin parties?
how to allow programmable Bitcoins w/ unlimited permissionless expressiveness w/o forcing mainchain into additional risks?
Solution to first few points:
Continuous Proof of Bitcoin Burn (CPoBB) to distribute supply control and sidechain consensus control to independent parties
Distributes an altcoin for permissionless access and sidechain-only sybil protection.
In case of sidechain block-producer censorship, Bitcoin's independent data availability makes sidechain nodes trivially aware
PoW altcoin switching to CPoBB would trade:
cost of capital and energy -> cost of burnt bitcoin
finality of their PoW -> finality of Bitcoin's PoW
impact on environment -> 0 impact on environment
unforgeable costliness of work -> unforgeable costliness of burn
contract logic can include conditions dependent on real Bitcoins as it's Bitcoin-aware
PoS altcoin switching to CPoBB would trade:
permissioned by coin holders entry -> permissionless entry by anyone with access to Bitcoin
no incentive to give up control or sell coins -> incentive to sell coins to cover the cost of burnt bitcoin
incentivized guaranteed centralization of control over time by staking -> PoW guarantees with same 0 environmental impact
nothing at stake -> recovering sunk costs at stake
contract logic can include conditions dependent on real Bitcoins as it's Bitcoin-aware
We already have a permissionless, compact, public, high-cost-backed finality base layer to build on top - Bitcoin! It will handle sorting, data availability, finality, and has something of value to use instead of capital or energy that's outside the sidechain - the Bitcoin coins. The sunk costs of PoW can be simulated by burning Bitcoin, similar to concept known as Proof of Burn where Bitcoin are sent to unspendable address. Unlike ICO's, no contributors can take out the Bitcoins and get rewards for free. Unlike PoS, entry into supply lies outside the alt-chain and thus doesn't depend on permission of alt-chain stake-coin holders. It's hard to find a more bandwidth or state size protective blockchain to use other than Bitcoin as well so altcoins can be Bitcoin-aware at little marginal difficulty - 10 years of history fully validates in under a day.
What are typical issues with Proof of Burn?
limited burn time window prevents permissionless entry in the future. how many years did it take for most heavily mined projects to become known and well reviewed? many. thus entry into control of supply that's vital to control of chain cannot be dependent on the earliest stage of the project. (counterparty)
"land grabs" - by having limited supply without continuous emission or inflation we encourage holding vs spending.
These issues can be fixed by having Proof of Burn be permanently accessible and continuous: Continuous Proof of Bitcoin Burn CPoBB
This should be required for any design for it to stay permissionless. Optional is constant fixed emission rate for altcoins not trying to be money if goal is to maximize accessibility. Since it's not depending on brand new PoW for security, they don't have to depend on massive early rewards giving disproportionate fraction of supply at earliest stage either. If 10 coins are created every block, after n blocks, at rate of 10 coins per block, % emission per block is = (100/n)%, an always decreasing number. Sidechain coin doesn't need to be scarce money, and could maximize distribution of control by encouraging further distribution. If no burners exist in a block, altcoin block reward is simply added to next block reward making emission predictable. Sidechain block content should be committed in burn transaction via a root of the merkle tree of its transactions. Sidechain state will depend on Bitcoin for finality and block time between commitment broadcasts. However, the throughput can be of any size per block, unlimited number of such sidechains can exist with their own rules and validation costs are handled only by nodes that choose to be aware of a specific sidechain by running its consensus compatible software. Important design decision is how can protocol determine the "true" side-block and how to distribute incentives. Simplest solution is to always :
Agree on the valid sidechain block matching the merkle root commitment for the largest amount of Bitcoin burnt, earliest inclusion in the bitcoin block as the tie breaker
Distribute block reward during the next side-block proportional to current amounts burnt
Bitcoin fee market serves as deterrent for spam submissions of blocks to validate
sidechain block reward is set always at 10 altcoins per block Bitcoin block contains the following content embedded and part of its transactions: tx11: burns 0.01 BTC & OP_RETURN tx56: burns 0.05 BTC & OP_RETURN ... <...root of valid sidechain block version 1> ... tx78: burns 1 BTC & OP_RETURN ... <...root of valid sidechain block version 2> ... tx124: burns 0.2 BTC & OP_RETURN ... <...root of INVALID sidechain block version 3> ...
Validity is deterministic by rules in client side node software (e.g. signature validation) so all nodes can independently see version 3 is invalid and thus burner of tx124 gets no reward allocated. The largest valid burn is from tx78 so version 2 is used for the blockchain in sidechain. The total valid burn is 1.06 BTC, so 10 altcoins to be distributed in the next block are 0.094, 0.472, 9.434 to owners of first 3 transactions, respectively. Censorship attack would require continuous costs in Bitcoin on the attacker and can be waited out. Censorship would also be limited to on-sidechain specific transactions as emission distribution to others CPoB contributors wouldn't be affected as blocks without matching coin distributions on sidechain wouldn't be valid. Additionally, sidechains can allow a limited number of sidechain transactions to happen via embedding transaction data inside Bitcoin transactions (e.g. OP_RETURN) as a way to use Bitcoin for data availability layer in case sidechain transactions are being censored on their network. Since all sidechain nodes are Bitcoin aware, it would be trivial to include. Sidechain blocks cannot be reverted without reverting Bitcoin blocks or hard forking the protocol used to derive sidechain state. If protocol is forked, the value of sidechain coins on each fork of sidechain state becomes important but Proof of Burn natively guarantees trust minimized and permissionless distribution of the coins, something inferior methods like obscure early distributions, trusted pre-mines, and trusted ICO's cannot do. More bitcoins being burnt is parallel to more hash rate entering PoW, with each miner or burner getting smaller amount of altcoins on average making it unprofitable to burn or mine and forcing some to exit. At equilibrium costs of equipment and electricity approaches value gained from selling coins just as at equilibrium costs of burnt coins approaches value of altcoins rewarded. In both cases it incentivizes further distribution to markets to cover the costs making burners and miners dependent on users via markets. In both cases it's also possible to mine without permission and mine at a loss temporarily to gain some altcoins without permission if you want to. Altcoins benefit by inheriting many of bitcoin security guarantees, bitcoin parties have to do nothing if they don't want to, but will see their coins grow more scarce through burning. The contributions to the fee market will contribute to higher Bitcoin miner rewards even after block reward is gone.
What is the ideal goal of the sidechains? Ideally to have a token that has the bi-directionally pegged value to Bitcoin and tradeable ~1:1 for Bitcoin that gives Bitcoin users an option of a different rule set without compromising the base chain nor forcing base chain participants to do anything different. Issues with value pegs:
federation based pegs allow collusion to steal bitcoins stored in multi-party controlled accounts
even if multisig participants are switched or weighted in some trust minimized manner, there's always incentive to collude and steal more
smart contract pegs (plasma, rollups) on base chain would require bitcoin nodes and miners to validate sidechain transactions and has to provide block content for availability (e.g. call data in rollups), making them not optional.
bitcoin nodes shouldn't be sidechain aware so impossible to peg the value
Let's get rid of the idea of needing Bitcoin collateral to back pegged coins 1:1 as that's never secure, independent, or scalable at same security level. As drive-chain design suggested the peg doesn't have to be fast, can take months, just needs to exist so other methods can be used to speed it up like atomic swaps by volunteers taking on the risk for a fee. In continuous proof of burn we have another source of Bitcoins, the burnt Bitcoins. Sidechain protocols can require some minor percentage (e.g. 20%) of burner tx value coins via another output to go to reimburse those withdrawing side-Bitcoins to Bitcoin chain until they are filled. If withdrawal queue is empty that % is burnt instead. Selection of who receives reimbursement is deterministic per burner. Percentage must be kept small as it's assumed it's possible to get up to that much discount on altcoin emissions. Let's use a really simple example case where each burner pays 20% of burner tx amount to cover withdrawal in exact order requested with no attempts at other matching, capped at half amount requested per payout. Example:
withdrawal queue: request1: 0.2 sBTC request2: 1.0 sBTC request3: 0.5 sBTC same block burners: tx burns 0.8 BTC, 0.1 BTC is sent to request1, 0.1 BTC is sent to request2 tx burns 0.4 BTC, 0.1 BTC is sent to request1 tx burns 0.08 BTC, 0.02 BTC is sent to request 1 tx burns 1.2 BTC, 0.1 BTC is sent to request1, 0.2 BTC is sent to request2 withdrawal queue: request1: filled with 0.32 BTC instead of 0.2 sBTC, removed from queue request2: partially-filled with 0.3 BTC out of 1.0 sBTC, 0.7 BTC remaining for next queue request3: still 0.5 sBTC
Withdrawal requests can either take long time to get to filled due to cap per burn or get overfilled as seen in "request1" example, hard to predict. Overfilling is not a big deal since we're not dealing with a finite source. The risk a user that chooses to use the sidechain pegged coin takes on is based on the rate at which they can expect to get paid based on value of altcoin emission that generally matches Bitcoin burn rate. If sidechain loses interest and nobody is burning enough bitcoin, the funds might be lost so the scale of risk has to be measured. If Bitcoins burnt per day is 0.5 BTC total and you hope to deposit or withdraw 5000 BTC, it might take a long time or never happen to withdraw it. But for amounts comparable or under 0.5 BTC/day average burnt with 5 side-BTC on sidechain outstanding total the risks are more reasonable. Deposits onto the sidechain are far easier - by burning Bitcoin in a separate known unspendable deposit address for that sidechain and sidechain protocol issuing matching amount of side-Bitcoin. Withdrawn bitcoins are treated as burnt bitcoins for sake of dividing block rewards as long as they followed the deterministic rules for their burn to count as valid and percentage used for withdrawals is kept small to avoid approaching free altcoin emissions by paying for your own withdrawals and ensuring significant unforgeable losses. Ideally more matching is used so large withdrawals don't completely block everyone else and small withdrawals don't completely block large withdrawals. Better methods should deterministically randomize assigned withdrawals via previous Bitcoin block hash, prioritized by request time (earliest arrivals should get paid earlier), and amount of peg outstanding vs burn amount (smaller burns should prioritize smaller outstanding balances). Fee market on bitcoin discourages doing withdrawals of too small amounts and encourages batching by burners. The second method is less reliable but already known that uses over-collateralized loans that create a oracle-pegged token that can be pegged to the bitcoin value. It was already used by its inventors in 2014 on bitshares (e.g. bitCNY, bitUSD, bitBTC) and similarly by MakerDAO in 2018. The upside is a trust minimized distribution of CPoB coins can be used to distribute trust over selection of price feed oracles far better than pre-mined single trusted party based distributions used in MakerDAO (100% pre-mined) and to a bit lesser degree on bitshares (~50% mined, ~50% premined before dpos). The downside is 2 fold: first the supply of BTC pegged coin would depend on people opening an equivalent of a leveraged long position on the altcoin/BTC pair, which is hard to convince people to do as seen by very poor liquidity of bitBTC in the past. Second downside is oracles can still collude to mess with price feeds, and while their influence might be limited via capped price changes per unit time and might compromise their continuous revenue stream from fees, the leverage benefits might outweight the losses. The use of continous proof of burn to peg withdrawals is superior method as it is simply a minor byproduct of "mining" for altcoins and doesn't depend on traders positions. At the moment I'm not aware of any market-pegged coins on trust minimized platforms or implemented in trust minimized way (e.g. premined mkr on premined eth = 2 sets of trusted third parties each of which with full control over the design). _______________________________________
Brief issues with current altchains options:
PoW: New PoW altcoins suffer high risk of attacks. Additional PoW chains require high energy and capital costs to create permissionless entry and trust minimized miners that are forever dependent on markets to hold them accountable. Using same algorithm or equipment as another chain or merge-mining puts you at a disadvantage by allowing some miners to attack and still cover sunk costs on another chain. Using a different algorithm/equipment requires building up the value of sunk costs to protect against attacks with significant energy and capital costs. Drive-chains also require miners to allow it by having to be sidechain aware and thus incur additional costs on them and validating nodes if the sidechain rewards are of value and importance.
PoS: PoS is permissioned (requires permission from internal party to use network or contribute to consensus on permitted scale), allows perpetual control without accountability to others, and incentivizes centralization of control over time. Without continuous source of sunk costs there's no reason to give up control. By having consensus entirely dependent on internal state network, unlike PoW but like private databases, cannot guarantee independent permissionless entry and thus cannot claim trust minimization. Has no built in distribution methods so depends on safe start (snapshot of trust minimized distributions or PoW period) followed by losing that on switch to PoS or starting off dependent on a single trusted party such as case in all significant pre-mines and ICO's.
Proof of Capacity: PoC is just shifting costs further to capital over PoW to achieve same guarantees.
PoW/PoS: Still require additional PoW chain creation. Strong dependence on PoS can render PoW irrelevant and thus inherit the worst properties of both protocols.
Tokens inherit all trust dependencies of parent blockchain and thus depend on the above.
Embedded consensus (counterparty, veriblock?, omni): Lacks mechanism for distribution, requires all tx data to be inside scarce Bitcoin block space so high cost to users instead of compensated miners. If you want to build a very expressive scripting language, might very hard & expensive to fit into Bitcoin tx vs CPoBB external content of unlimited size in a committed hash. Same as CPoBB is Bitcoin-aware so can respond to Bitcoin being sent but without source of Bitcoins like burning no way to do any trust minimized Bitcoin-pegs it can control fully.
Few extra notes from my talks with people:
fees must be high to be included in next block (and helps pay and bribe bitcoin miners), RBF use is encouraged to cancel late transactions
what if not enough burners, just passive nodes? you can burn smallest amount of bitcoin yourself when you have a transaction you want to go through
using commit hashes on bitcoin to lock altcoin state isn't new (e.g. kmd) but usually those rely on some federation or permissioned proof of stake mechanism with no real costs. this is combination of both.
this is not exactly like counterparty's embedded consensus as block data and transactions are outside Bitcoin, but consensus is derived with help of embedded on Bitcoin data.
deterministic randomness (e.g. via that block's hash) could be used to assign winning sidechain block weighted by amount burned to allow occasional blocks formed by others curbing success rate of censorship by highest burner
wants to transition away from using proof of burn via tunable proofs and native proof of work (whitepaper)
a dominant premine (trust maximized) relative to emission that defeats the purpose of distributing control over incentives (figure 3 in tokenpaper suggests premine still ~30%-70% by year 2050)
variable emission rate "adaptive mint and burn" makes supply unpredictable (and possibly gameable)
additional rewards that aren't trust minimized like "app mining" and "user incentives" possibly gameable with premine
election of a leader includes their own PoW to be elected even at start (5% cap), why lol?
blockstack also suggested use of randomness that depends on that block so Bitcoin miners that already spent energy mining that block can't just re-do it to get picked at no cost
if can burn bitcoins directly via op_return tx would help to use 1 less output and be provably prunable for utxo set (not sure if that's relayed as standard)
Main questions to you:
why not? (other than blocktime)
can this be done without an altcoin? (Not sure and don't think so w/o compromising unforgeable costliness and thus trust minimization. At least it's not using an altcoin that's clearly centralized.)
how to make it less detectable by Bitcoin miners? ( BMM could use some techniques described here: https://twitter.com/SomsenRuben/status/1210040270328254464 ) ( Perhaps since sidechain nodes receive proposed blocks independently and can figure out their hash, the commit message ( sidechain id + block commit + miner address) can be hashed one more time before its placed on Bitcoin, making miners unaware until after Bitcoin block is found that this is that sidechain's burn. Sidechain block producers would have to delay sidechain block propagation until after Bitcoin block is propagated, 10 minutes blocktime helps here. Hiding the fact that Bitcoin is burnt until after the fact is another possibly important matter. )
Should reward be split between all valid blocks or just winner gets all? (Blockstacks approach does not reward blocks marked by different from leader chaintip. That seems dangerous since sidechain tx sorting would be difficult to match and could take significant time to be compensated for perfectly valid work and coins burned. It doesn't seem as necessary in burning since we're not expending costs based on only one previous block version, the costs are independent of block assembly. Tradeoff is between making it easier for independent "mining" of sidechain and making it easier to validate for full nodes on sidechain)
Bitcoin Cash Block Sizes Average Less Than 100 KB, Defeating The Point Of Its Creation
https://preview.redd.it/uf07qg21zd721.png?width=690&format=png&auto=webp&s=40673169d928f79d51ec297cfdbb5c19e215e1b0 https://cryptoiq.co/bitcoin-cash-block-sizes-average-less-than-100-kb-defeating-the-point-of-its-creation/ Bitcoin Cash (BCH) forked from the Bitcoin (BTC) blockchain in August 2017, amid a heated block size debate. At the time the Bitcoin network was undergoing congestion due to increased transaction frequency and transaction fees began to exceed $1, going as high as $3 in June 2017. The Bitcoin Cash community thought that increasing Bitcoin’s block size limit was the best method to increase scalability. Initially, when Bitcoin Cash was created, it had a block size limit of 8 MB, and this was later increased to 32 MB. But Bitcoin Cash (BCH) has a very low rate of adoption, and block sizes currently average less than 100 KB, making the block size increase above Bitcoin’s (BTC) 1 MB totally pointless, defeating the purpose of Bitcoin Cash (BCH). The block explorer shows how Bitcoin Cash (BCH) cannot even reach 1 MB block sizes, let alone 32 MB. Block sizes of less than 10 KB are common, and there is an occasional block less than 1 KB. Blocks in excess of 100 KB are rare, and there are no blocks today anywhere near 1 MB. Therefore, Bitcoin Cash (BCH) could have a block size of 1 MB and function perfectly. The long term block size chart shows that block sizes have averaged well below 100 KB throughout December 2018. There are a few instances in 2018 when Bitcoin Cash (BCH) exceeded 1 MB block sizes. In early September average block size briefly hit 1-3 MB, but this was from a “stress test” to prove transaction fees do not increase from increased transactions on the network. In November, Bitcoin Cash (BCH) split into Bitcoin Cash ABC (now named Bitcoin Cash) and Bitcoin SV. The war between these Bitcoin Cash forks caused spam attacks that increased block sizes to 1-2 MB on average. On Jan. 15 the average Bitcoin Cash (BCH) block size approached 5 mb, coinciding with the price of Bitcoin Cash (BCH) crashing from $2,700 to $1,500. This is perhaps the 1 case where Bitcoin Cash’s network legitimately had block sizes over 1 Mb, but it was due to people dumping their Bitcoin Cash (BCH) as fast as possible in a panic selling situation. In summary, since Bitcoin Cash (BCH) has relatively low network activity when compared to Bitcoin (BTC), it seems that there was no point in creating Bitcoin Cash (BCH), since its block sizes are almost always below 100 KB. Bitcoin (BTC) seems to have resolved its transaction fee problems with Segregated Witness (SegWit), which increases the block size to 1.2 MB on average. This is done by redefining the block size in terms of 1,000 units instead of 1,000 KB, and separating the witness data (signature data) from the Merkle Tree and counting each KB of the witness data as ¼ of a unit. Also, the Bitcoin Lightning Network is maturing and can handle as much transaction volume as Bitcoin needs without increasing on-chain transactions or block size. In November 2018, the Lightning Network rapidly grew in capacity due to increasing Bitcoin transaction volume and proved that it is a solution which can completely mitigate rises in Bitcoin transaction fees. The fact that Bitcoin (BTC) has become scalable to increased transaction frequency makes the creation of Bitcoin Cash (BCH) even more pointless.
Hello again. It's been a while. People have been emailing me about once a week or so for the last year to ask if I'm coming back to Bitcoin now that Bitcoin Cash exists. And a couple of weeks ago I was summoned on a thread called "Ask Mike Hearn Anything", but that was nothing to do with me and I was on holiday in Japan at the time. So I figured I should just answer all the different questions and answers in one place rather than keep doing it individually over email. Firstly, thanks for the kind words on this sub. I don't take part anymore but I still visit occasionally to see what people are talking about, and the people posting nice messages is a pleasant change from three years ago. Secondly, who am I? Some new Bitcoiners might not know. I am Satoshi. Just kidding. I'm not Satoshi. I was a Bitcoin developer for about five years, from 2010-2015. I was also one of the first Bitcoin users, sending my first coins in April 2009 (to SN), about 4 months after the genesis block. I worked on various things:
My main effort was an implementation of a Java library called bitcoinj. This was the engine used in the first p2p mobile wallet ("Bitcoin Wallet for Android"), and the first p2p desktop wallet that was faster to run than Bitcoin [Core] itself (MultiBit). These together were responsible for around 2.5 million user installs at a time when downloading the full block chain was becoming too slow for normal users to tolerate and the only alternative was a "bitbank" or cloud-hosted wallet. It was used in the first trustless gambling site (SatoshiDice), over 100 products and projects, and many academic research papers.
With Gavin Andresen and others I designed some upgrades to the Bitcoin protocol like Bloom filtering and BIP70.
With Matt Corrallo I implemented and demonstrated the first version of (micro)payment channels. I put together a demo of a file server that charged micropayments using a GUI called Payfile (mentioned in New Scientist here). I used to have a video of this but unfortunately it no longer seems to be on YouTube. Payment channels went on to be used in the design of the Lightning Network.
You can see a trend here - I was always interested in developing peer to peer decentralised applications that used Bitcoin. But what I'm best known for is my role in the block size debate/civil war, documented by Nathaniel Popper in the New York Times. I spent most of 2015 writing extensively about why various proposals from the small-block/Blockstream faction weren't going to work (e.g. on replace by fee, lightning network, what would occur if no hard fork happened, soft forks, scaling conferences etc). After Blockstream successfully took over Bitcoin Core and expelled anyone who opposed them, Gavin and I forked Bitcoin Core to create Bitcoin XT, the first alternative node implementation to gain any serious usage. The creation of XT led to the imposition of censorship across all Bitcoin discussion forums and news outlets, resulted in the creation of this sub, and Core supporters paid a botnet operator to force XT nodes offline with DDoS attacks. They also convinced the miners and wider community to do nothing for years, resulting in the eventual overload of the main network. I left the project at the start of 2016, documenting my reasons and what I expected to happen in my final essay on Bitcoin in which I said I considered it a failed experiment. Along with the article in the New York Times this pierced the censorship, made the wider world aware of what was going on, and thus my last gift to the community was a 20% drop in price (it soon recovered).
The last two years
Left Bitcoin ... but not decentralisation. After all that went down I started a new project called Corda. You can think of Corda as Bitcoin++, but modified for industrial use cases where a decentralised p2p database is more immediately useful than a new coin. Corda incorporates many ideas I had back when I was working on Bitcoin but couldn't implement due to lack of time, resources, because of ideological wars or because they were too technically radical for the community. So even though it's doesn't provide a new cryptocurrency out of the box, it might be interesting for the Bitcoin Cash community to study anyway. By resigning myself to Bitcoin's fate and joining R3 I could go back to the drawing board and design with a lot more freedom, creating something inspired by Bitcoin's protocol but incorporating all the experience we gained writing Bitcoin apps over the years. The most common question I'm asked is whether I'd come back and work on Bitcoin again. The obvious followup question is - come back and work on what? If you want to see some of the ideas I'd have been exploring if things had worked out differently, go read the Corda tech white paper. Here's a few of the things it might be worth asking about:
Corda's data model is a UTXO ledger, like Bitcoin. Outputs in Corda (called "states") can be arbitrary data structures instead of just coin amounts, so you don't need hacks like coloured coins anymore. You can track arbitrary fungible assets, but you can also model things like the state of a loan, deal, purchase order, crate of cargo etc.
Transactions are structured as Merkle trees.
Corda has a compound key format that can represent more flexible conditions than CHECKMULTISIG can.
Smart contracts are stateless predicates like in Bitcoin, but you can loop like in Ethereum. Unlike Bitcoin and Ethereum we do not invent our own VM or languages.
Transactions can have files attached to them. Smart contracts in Corda are stored in attachments and referenced by hash, so large programs aren't duplicated inside every transaction.
The P2P network is encrypted.
Back in 2014 I wrote that Bitcoin needed a store and forward network, to make app dev easier, and to improve privacy. Corda doesn't have a store and forward network - Corda is a store and forward network.
It has a "flow framework" that makes structured back-and-forth conversations very easy to program. This makes protocols like payment channelss a lot quicker and easier to implement, and would have made Lighthouse much more straightforward. A big part of my goal with Corda was to simplify the act of building complicated decentralised applications, based on those Bitcoin experiences. Lighthouse took about 8 months of full time work to build, but it's pretty spartan anyway. That's because Bitcoin offers almost nothing to developers who want to build P2P apps that go beyond simple payments. Corda does.
The flow framework lets you do hard things quickly. For example, we took part in a competition called Project Ubin, the goal of which was to develop something vaguely analogous in complexity to the Lightning Network or original Ripple (decentralised net-out of debts). But we had about six weeks and one developer. We successfully did that in the time allowed. Compare that to dev time for the Lightning Network.
Corda scales a lot better than Bitcoin, even though Bitcoin could have scaled to the levels needed for large payment networks with enough work and time. It has something similar to what Ethereum calls "sharding". This is possible partly because Corda doesn't use proof of work.
It has a mechanism for signalling the equivalent of hard forks.
It provides much better privacy. Whilst it supports techniques like address randomisation, it also doesn't use global broadcast and we are working on encrypting the entire ledger using Intel SGX, such that no human has access to the raw unencrypted data and such that it's transparent to application developers (i.e. no need to design custom zero knowledge proofs)
DISCLAIMER This Whitepaper is for Era Swap Network. Its purpose is solely to provide prospective community members with information about the Era Swap Ecosystem & Era Swap Network project. This paper is for information purposes only and does not constitute and is not intended to be an offer of securities or any other financial or investment instrument in any jurisdiction. The Developers disclaim any and all responsibility and liability to any person for any loss or damage whatsoever arising directly or indirectly from (1) reliance on any information contained in this paper, (2) any error, omission or inaccuracy in any such information, or (3) any action resulting therefrom Digital Assets are extremely high-risk, speculative products. You should be aware of the risks involved and fully consider before participating in Digital assets whether it’s appropriate for you. You should only participate if you are an experienced investor with sophisticated knowledge of financial markets and you fully understand the risks associated with digital assets. We strongly advise you to take independent professional advice before making any investment or participating in any way. You should check what rules and protections apply to your respective jurisdictions before investing or participating in any way. The Creators & community will not compensate you for any losses from trading, investment or participating in any way. You should read whitepaper carefully before participating and consider whether these products are right for you. TABLE OF CONTENT · Abstract · Introduction to Era Swap Network · Development Overview · Era Swap Utility Platform · Alpha-release Development Plan · Era Swap Network Version 1: Specification · Bunch Structure: 10 · Converting ES-ERC20 to ES-Na: · Conclusion: · Era Swap Ecosystem · Social Links Abstract The early smart contracts of Era Swap Ecosystem like TimeAlly, Newly Released Tokens, Assurance, BetDeEx of Era Swap Ecosystem, are deployed on Ethereum mainnet. These smart contracts are finance-oriented (DeFi), i.e. most of the transactions are about spending or earning of Era Swap tokens which made paying the gas fees in Ether somewhat intuitive to the user (withdrawal charges in bank, paying tax while purchasing burgers) but transactions that are not token oriented like adding a nominee or appointee voting also needs Ether to be charged. As more Era Swap Token Utility platform ideas kept appending to the Era Swap Main Whitepaper, more non-financial transaction situations arise like updating status, sending a message, resolving a dispute and so on. Paying extensively for such actions all day and waiting for the transaction to be included in a block and then waiting for enough block confirmations due to potential chain re-organizations is counter-intuitive to existing free solutions like Facebook, Gmail. This is the main barrier that is stopping Web 3.0 from coming to the mainstream. As alternatives to Ethereum, there are few other smart contract development platforms that propose their own separate blockchain that features for higher transaction throughput, but they compromise on decentralization for improving transaction speeds. Moreover, the ecosystem tools are most advancing in Ethereum than any other platform due to the massive developer community. With Era Swap Network, the team aims to achieve scalability, speed and low-cost transactions for Era Swap Ecosystem (which is currently not feasible on Ethereum mainnet), without compromising much on trustless asset security for Era Swap Community users. Introduction to Era Swap Network Era Swap Network (ESN) aims to solve the above-mentioned problems faced by Era Swap Ecosystem users by building a side-blockchain on top of Ethereum blockchain using the Plasma Framework. Era Swap Network leverages the Decentralisation and Security of Ethereum and the Scalability achieved in the side-chain, this solves the distributed blockchain trilema. In most of the other blockchains, blocks are a collection of transactions and all the transactions in one block are mined by a miner in one step. Era Swap Network will consist of Bunches of Blocks of Era Swap Ecosystem Transactions. Decentralization Layer 2 Scalable and Secure A miner mines all the blocks in a bunch consequently and will commit the bunch-root to the ESN Plasma Smart Contract on Ethereum mainnet. Development Overview Initially, we will start with a simple Proof-of-Authority (PoA) based consensus of EVM to start the development and testing of Era Swap Ecosystem Smart Contracts as quickly as possible on the test-net. We will call this as an alpha-release of ESN test-net and only internal developers will work with this for developing smart contracts for Era Swap Ecosystem. User’s funds in a Plasma implementation with a simple consensus like PoA are still secured as already committed bunch-roots cannot be reversed. Eventually, we want to arrive on a more control-decentralized consensus algorithm like Proof-of-Stake (PoS) probably, so that even if the chain operator shuts down their services, a single Era Swap Ecosystem user somewhere in the world can keep the ecosystem alive by running software on their system and similarly more people can join to decentralize the control further. In this PoS version, we will modify the Parity Ethereum client in such a way, that at least 50% of transaction fees collected will go to the Luck Pool of NRT Smart Contract on Ethereum mainnet and rest can be kept by miner of the blocks/bunch of blocks if they wish. After achieving such an implementation, we will release this as a beta version to the community for testing the software on their computers with Kovan ERC20 Era Swaps (Ethereum test-net). Era Swap Decentralised Ecosystem Following platforms are to be integrated:
Era Swap Token Contract (adapted ERC20 on Ethereum) The original asset will lie on Ethereum to avoid loss due to any kind of failure in ESN.
Plasma Manager Contract (on Ethereum) To store ESN bunch headers on Ethereum.
Reverse Plasma Manager Contract (on ESN) Bridge to convert ES to ES native and ES native to ES. User deposits ES on Mainnet Plasma, gives proof on ESN and gets ES native credited to their account in a decentralised way.
NRT Manager Contract (on Ethereum or on ESN) If it is possible to send ES from an ESN contract to luck pool of NRT Manager Contract on Ethereum, then it’s ok otherwise, NRT Manager will need to be deployed on ESN for ability to add ES to luck pool.
Era Swap Wallet (React Native App for managing ESs and ES natives) Secure wallet to store multiple private keys in it, mainly for managing ES and ES native, sending ES or ES native, also for quick and easy BuzCafe payments.
TimeAlly (on Ethereum or on ESN) On whichever chain NRT Manager is deployed, TimeAlly would be deployed on the same chain.
Assurance (on Ethereum or on ESN) On whichever chain NRT Manager is deployed, TimeAlly would be deployed on the same chain.
DaySwappers (on ESN) KYC manager for platform. For easily distributing rewards to tree referees.
TimeSwappers (on ESN) Freelance market place with decentralised dispute management.
SwappersWall (on ESN) Decentralised social networking with power tokens.
BuzCafe (on ESN) Listing of shops and finding shops easily and quick payment.
BetDeEx (on ESN) Decentralised Prediction proposals, prediction and results.
DateSwappers (on ESN) Meeting ensured using cryptography.
ComputeEx (on Ethereum / centralised way) Exchange assets.
Era Swap Academy (on ESN / centralised way) Learn. Loop. Leap. How to implement ES Academy is not clear. One idea is if content is constantly being modified, then subscription expired people will only have the hash of old content while new content hash is only available to people who have done Dayswapper KYC and paid for the course. Dayswapper KYC is required because this way people won’t share their private keys to someone else.
Value of Farmers (tbd) The exchange of farming commodities produced by farmers in VoF can be deposited to warehouses where the depositors will get ERC721 equivalent tokens for their commodities (based on unique tagging).
DeGameStation (on ESN) Decentralised Gaming Station. Games in which players take turns can be written in Smart Contract. Games like Chess, Poker, 3 Patti can be developed. Users can come to DeGameStation and join an open game or start a new game and wait for other players to join.
Alpha-release Development Plan
Deploying Parity Node customized according to Era Swap Whitepaper with PoA consensus.
Setting up Plasma Smart Contracts.
Creating a bridge for ERC20 Swap from Ethereum test-net to ESN alpha test-net.
Alpha Version Era Swap Network Version 1 : Specification The Version 1 release of ESN plans to fulfill the requirements for political decentralisation and transparency in dApps of Era Swap Ecosystem using Blockchain Technology. After acquiring sufficient number of users, a version 2 construction of ESN will be feasible to enable administrative decentralization, such that the Era Swap Ecosystem will be run and managed by the Era Swap Community and will no longer require the operator to support for it's functioning. Era Swap Network (ESN) Version 1 will be a separate EVM-compatible sidechain attached to Ethereum blockchain as it’s parent chain. ESN will achieve security through Plasma Framework along with Proof-of-Authority consensus for faster finality. The idea behind plasma framework is to avoid high transaction fees and high transaction confirmation times on Ethereum mainnet by instead doing all the ecosystem transactions off-chain and only post a small information to an Ethereum Smart Contract which would represent hash of plenty of ecosystem transactions. Also, to feature movement of Era Swap Tokens from Ethereum blockchain to ESN using cryptographic proof, reverse plasma of Ethereum on ESN will be implemented. Also, submitting hash of each ESN blocks to ESN Plasma Smart Contract on Ethereum would force ESN to have a block time equal to or more than Ethereum’s 15 second time as well as it would be very much costly for operator to post lot of hashes to an Ethereum Smart Contract. This is why, merkle root of hashes of bunch of blocks would instead be submitted to ESN Plasma Smart Contact on Ethereum. Actors involved in the ESN:
Block Producer Nodes Lesser the number of nodes, quicker is the block propagation between block producers which can help quick ecosystem transactions. We find that 7 block producers hosted on different could hosting companies and locations reduces the risk of single point of failure of Era Swap Ecosystem and facilitates 100% uptime of dApps. Block Producer Nodes will also be responsible to post the small information to the Blockchain.
Block Listener Nodes Rest of the nodes will be Block Listeners which will sync new blocks produced by the block producer nodes. Plenty of public block listener nodes would be setup in various regions around the world for shorter ping time to the users of Era Swap Ecosystem. Users would submit their Era Swap Ecosystem transactions to one of these public nodes, which would relay them to rest of the Era Swap Network eventually to the block producer nodes which would finalize a new block including the user transaction.
Bunch Committers This will be an instance in the block producers which will watch for new blocks confirmed on ESN and will calculate bunch merkle roots and will submit it to ESN Plasma Smart Contract. This instance will also post hash of new Ethereum blocks to ESN (after about 10 confirmations) for moving assets between both the blockchain.
Users These will be integrating with dApps which would be connected to some public ESN nodes or they can install a block listner node themselves. They can sign and send transactions to the node which they are connected to and then that node will relay their transactions to block producer nodes who would finalise a block including their transaction.
A Bunch Structure in Smart Contract will consist of the following: • Start Block Number: It is the number of first ESN block in the bunch. • Bunch Depth: It is Merkle Tree depth of blocks in the bunch. For e.g. If bunch depth is 3, there would be 8 blocks in the bunch and if bunch depth is 10, there would be 1024 blocks in the bunch. Bunch depth of Bunches on ESN Plasma Contract is designed to be variable. During the initial phases of ESN, it would be high, for e.g. 15, to avoid ether expenditure and would be decreased in due course of time. • Transactions Mega Root: This value is the merkle root of all the transaction roots in the bunch. This is used by Smart Contract to verify that a transaction was sent on the chain. • Receipts Mega Root: This value is the merkle root of all the receipt roots in the bunch. This is used to verify that the transaction execution was successful. • Timestamp: This value is the time when the bunch proposal was submitted to the smart contract. After submission, there is a challenge period before it is finalised.
Converting ES-ERC20 to ERC-NA and BACK
On Ethereum Blockchain, the first class cryptocurrency is ETH and rest other tokens managed by smart contracts are second class. On ESN, there is an advancement to have Era Swaps as the first class cryptocurrency. This cryptocurrency will feature better user experience and to differentiate it from the classic ERC20 Era Swaps, it will be called as Era Swap Natives (ES-Na). According to the Era Swap Whitepaper, maximum 9.1 Million ES will exist which will be slowly released in circulation every month. Era Swaps will exist as ES-ERC20 as well as in form of ES-Na. One of these can be exchanged for the other at 1:1 ratio. Following is how user will convert ES-ERC20 to ES-Na:
User will give allowance to a Deposit Smart Contract, and following that call deposit method to deposit tokens to the contract.
On transaction confirmation, user will paste the transaction hash on a portal which will generate a Proof of Deposit string for the user. This string is generated by fetching all the transactions in the Ethereum Block and generating a Transaction Patricia Merkle Proof to prove that user’s transaction was indeed included in the block and the Receipts Patricia Merkle Proof to confirm that the user’s transaction was successful.
Using the same portal, user will submit the generated proofs to a Smart Contract on ESN, which would release funds to user. Though, user will have to wait for the Etheruem block roots to be posted to ESN after waiting for confirmations which would take about 3 minutes. Once, it’s done user’s proofs will be accepted and will receive exact amount of ES- Na on ESN.
Following is how user will convert ES-Na to ES-ERC20:
ES-Na being first class cryptocurrency, user will simply send ES-Na to a contract.
User will paste the transaction hash on a portal which will generate a Proof of Deposit for the user. Again ES-Na being first class cryptocurrency, Transaction Patricia Merkle Proof is enough to prove that user’s transaction was indeed included in the block. Another thing which will be generated is the block inclusion proof in the bunch.
User will have to wait for the bunch confirmation to the Plasma Smart Contract and once it’s done, user can send the proof to the Plasma Smart Contract to receive ES-ERC20.
Since the blocks are produced and transactions are validated by few block producers, it exposes a possibility for fraud by controlling the block producer nodes. Because ESN is based on the Plasma Model, when failure of sidechain occurs or the chain halts, users can hard exit their funds directly from the Plasma Smart Contract on Ethereum by giving a Proof of Holdings.
HOld ES Tokens Swapping with New ES Tokens
The old ES Tokens will be valueless as those tokens will not be accepted in ESN because of NRT (New Released Tokens) and TimeAlly contracts on mainnet which is causing high gas to users, hence reducing interactions. Also, there was an event of theft of Era Swap Tokens and after consensus from majority of holders of Era Swap Tokens; it was decided to create a new contract to reverse the theft to secure the value of Era Swap Tokens of the community. Below is the strategy for swapping tokens: TimeAlly and TSGAP: Majority of Era Swap Community have participated in TimeAlly Smart Contract in which their tokens are locked for certain period of time until which they cannot move them. Such holders will automatically receive TimeAlly staking of specific durations from the operator during initialization of ESN. Liquid Tokens: Holders of Liquid Era Swap Tokens have to transfer the old tokens to a specified Ethereum wallet address managed by team. Following that, team will audit the token source of the holder (to eliminate exchange of stolen tokens) and send new tokens back to the wallet address.
Post-Genesis Tokens Return Program
Primary asset holding of Era Swap tokens will exist on Ethereum blockchain as an ERC20 compatible standard due to the highly decentralised nature of the blockchain. Similar to how users deposit tokens to an cryptocurrency exchange for trading and then withdraw the tokens back, users will deposit tokens to ESN Contract to enter Era Swap Ecosystem and they can withdraw it back from ESN Contract for exiting from ecosystem network. The design of the token system will be such that, it will be compatible with the future shift (modification or migration of ESN version 1) to ESN version 2, in which an entirely new blockchain setup might be required. To manage liquidity, following genesis structure will be followed:
1.17 billion (Circulating Supply)
Locked in Smart Contract
7.93 billion (pending NRT releases)
Though it looks like there are 9.1 * 2 = 18.2 Billion ES, but the cryptographic design secures that at any point in time at least a total of 9.1 billion ES (ES-ERC20 + ES-Na) will be locked. To unlock ES-Na on ESN, an equal amount of ES-ERC20 has to be locked on Ethereum and vice-versa. 9.1 billion ES-ERC20 will be issued by ERC20 smart contract on Ethereum Blockchain, out of which the entire circulating supply (including liquid and TimeAlly holdings) of old ES will be received to a team wallet. TimeAlly holdings of all users will be converted to ES-Na and distributed on ESN TimeAlly Smart Contract by team to the TimeAlly holders on their same wallet address. Liquid user holdings will be sent back to the users to the wallet address from which they send back old ES tokens (because some old ES are deposited on exchange wallet address). ES-Na will be issued in the genesis block to an ESN Manager Smart Contract address. It will manage all the deposits and withdrawals as well as NRT releases.
Following are identified risks to be taken care of during the development of ESN: Network Spamming: Attackers can purchase ES from the exchange and make a lot of transactions between two accounts. This is solved by involving gas fees. A setting of 200 nanoES minimum gas price will be set, which can be changed as per convenience. DDoS: Attackers can query public nodes for computationally heavy output data. This will overload the public node with requests and genuine requests might get delayed. Block producers RPC is private, so they will continue to produce blocks. To manage user’s denial of service, the provider in dApps needs to be designed in such a way such that many public nodes will be queried simple information (let’s say latest block number) and the one which response quickly to user will be selected. AWS is down: To minimize this issue due to cloud providers down, there will be enough nodes on multiple cloud providers to ensure at least one block producer is alive. User deposit double spending: User deposits ES on Ethereum, gets ES-Na on ESN. Then the issue happens that there are re-org on ETH mainnet and the user’s transaction is reversed. Since ETH is not a fixed chain and as per PoW 51% attack can change the blocks. As Ethereum is now enough mature and by statistics forked blocks are at most of height 2. So it is safe to consider 15 confirmations. Exit Game while smooth functioning: User starts a hard exit directly from Plasma Smart Contract on Ethereum, then spends his funds from the plasma chain too. To counter this, the exit game will be disabled, only when ESN halts, i.e. fails to submit block header within the time the exit game starts. This is because it is difficult to mark user’s funds as spent on ESN. Vulnerability in Ecosystem Smart Contracts: Using traditional methods to deploy smart contracts results in a situation where if a bug is found later, it is not possible to change the code. Using a proxy construction for every ecosystem smart contract solves this problem, and changing a proxy can be given to a small committee in which 66% of votes are required, this is to prevent a malicious change of code due to compromising of a single account or similar scenario. ChainID replay attacks: Using old and traditional ways to interact with dApps can cause loss to users, hence every dApp will be audited for the same.
Hi Bitcoiners! I’m back with the 32nd monthly Bitcoin news recap. For those unfamiliar, each day I pick out the most popularelevant/interesting stories in Bitcoin and save them. At the end of the month I release them in one batch, to give you an overview of what happened in bitcoin over the past month. You can see recaps of the previous months on Bitcoinsnippets.com A recap of Bitcoin in August 2019 Adoption
Hi Bitcoiners! I’m back with the 21st monthly Bitcoin news recap. For those unfamiliar, each day I pick out the most popularelevant/interesting stories in Bitcoin and save them. At the end of the month I release them in one batch, to give you a quick (but not necessarily the best) overview of what happened in bitcoin over the past month. You can see recaps of the previous months on Bitcoinsnippets.com A recap of Bitcoin in September 2018
There are so many things I want to say about LoMoCoin/LoMoStar that I'm not sure if I'll be able to cover everything in one post.. Well, unless you want to read 20 pages.. Let's just see where this article takes us and go from there.. In order to understand why LoMoCoin is undervalued you must understand the market it's targeting.. In fact this is a difficult post to write because there is so much to cover, but I will do my best.. 'Incentivized shopping' is a big deal in Asia.. In China, if you wanted a coupon for Burger King you simply open WeChat, follow burger king and within seconds you have access to coupons. This has been so ingrained in society that nearly every reputable business now has a WeChat account. On top of that, many businesses offer VIP cards or VIP memberships which gives you additional deals on your future visits.. When it comes to offline shopping, the creative battle to get people in the door is becoming ever more prevalent. To see how LoMoCoin plays in the big picture we'll start with explaining the LoMoCoin (LMC) Blockchain and then we will follow up with the primary application, LoMoStar (the star of the show). In the end I hope those who read this can understand the scale of this project and don't under-estimate what we're dealing with here. In my opinion this asset has been undervalued for far too long and I believe its presence will be well known in the future. About LoMoCoin (LMC)
"The built-in LoMoCoin (LMC) of LoMoStar is similar to Bitcoin, which is a cryptocurrency with real value based on our own blockchain technology. Compared with traditional cryptocurrencies, LMC inherits the advantages of the related currencies which includes that the total amount is limited and cannot be over-issued."
LoMoCoin is it's own blockchain and the consensus mechanism is Proof of Stake (PoS). Instead of a fixed interest rate like most currencies, LMC uses the coin age as a means to take part in the consensus process. The LMC blockchain supports cold staking. Functions such as a single private key address and multi-sig address are supported. It is also mentioned in the whitepaper that smart contracts will be integrated in the near future. Now I know this stuff may sound like technical mumbo jumbo to you, but its important to know and well get to the more exciting stuff soon here.. In the meantime let's look at the LMC Blockchain. The LMC Blockchain The LoMoCoin (LMC) blockchain can be divided into 5 levels from a technical point of view.. (See whitepaper for full details.)
Data layer - The cryptography, Merkle Tree, and distributed ledger technology.
Network layer - LMC uses a p2p protocal, which is also the basis of the decentralization of the LMC blockchain.
Consensus layer - Proof of Stake (PoS) to reduce energy consumption.
Incentive layer - Calculating interest depending on number of tokens staked.
Application layer - The main application of the LMC application layer is LoMoStar. A number of applications based on smart contracts, such as virtual games and micro-asset-backed securitization (mini ABS), will also be introduced and encouraged.
So think of it like LoMoCoin is the decentralized framework for the LoMoStar ecosystem.. (LoMoCoin was rebranded to LoMoStar in v2.0) So now that we have covered the technical details of LoMoCoin (LMC) let's take a look at the LoMoStar app.. What is LoMoStar? LoMoStar is the main primary application built on the LMC blockchain (available on Android and iOS). When your talking about LoMoStar it's more then just getting discounts at local shops and collecting crypto on a map.. LoMoStar is a vast social ecosystem that evolves around people-to-people, people-to-asset, and people-to-organization (and vice versa). The vision set forward by the CEO 'Xiong Lijian' has been overlooked by nearly every investor.. (I say nearly because there's only a handful of people who actually research with an optimistic outlook on blockchain technology long term..) So before I begin, I would like to applaud the CEO Xiong Lijian for taking on a massive project which I believe will turn many people's dreams into a reality. LoMoStar - Social Events Platform with Cryptocurrency
"LoMoStar will integrate ones geographical position with its virtual environment and will use cryptocurrencies as its social medium to introduce new forms of relationships with one another. Also, by allowing for global (group) interactions, LoMoStar will facilitate international social relationships. In addition, people can develop business relationships at LoMoStar to enhance the influence of individuals, increase brand awareness, and/or improve business development."
For example, in the LoMoStar app, I can geographically drop a red envelope that contains any cryptocurrency. Before I drop red envelopes I could include an image and a short message. Anyone who opens this red envelope will be rewarded with cryptocurrency and will automatically join my group. (You can quit a group after 48 hours). Red Envelopes
"Airdrops of red envelopes, which contain cryptocurrencies, can be organized at certain geographical locations that have a sufficient density of users, for instance cities or popular public locations. Additionally, automated trading between users and investment opportunities will become available and people can use LoMoStar to perform many social related activities, such as marketing activities, group-related activities, organizing events, participating in treasure hunts, digital investments, and more. All these features enable LoMoStar to become a unique social and economic platform. The establishment of these social relationships and global interactions can fulfill both individual, group and corporate interests and desires, forming a win-win or multi-win situation."
For example, let's say there is a sporting event like the Super Bowl where a large gathering of people will attend. A corporation could Airdrop red envelopes specifically to this geographical location for sports fans to pick up. Or let's say a local festival wants more attendance they can arrange an airdrop at the festivals location. You can pretty much target any area that contains a sufficient density of users.
Users can add personalized design elements to red envelopes to target the specific interests of the group.
Users can select any supported cryptocurrency to send/drop using red envelopes.
Users can grow their fan base and enhance their influence by continuously launching new and exciting red envelopes.
Offer special discounts and promotions that can only be found through red envelopes.
Airdrop red envelopes in a geographical location of high density.
Take part in a hidden treasure hunt looking for red envelopes.
Users will use their own ingenuity to create new forms of social entertainment. (As outlined below in the whitepaper)
A birthday party invitation can be airdropped to a doorstep.
A welcome gift could be left at the airport for an out-of-town visitor.
A breadcrumb trail of red envelopes can be left along the Great Wall of China for people to follow.
You can mark all your favorite restaurants geographically with a red envelope.
Whole networks of virtual relationships can be called into real-world action.
By specifying areas, people, functionality and other conditions, users can invest various new and interesting ways to develop social relationships with one another.
Peer-to-peer Cryptocurrency Trading
" LoMoStar supports using any cryptocurrency to conduct trading, whether it is for physical goods, services or digital assets. LoMoStars underlying technology will therefore enable peer-to-peer trading with one another."
The plan is to support any cryptocurrency to exchange for physical goods, services or digital assets. (LoMoStar hand selects and reviews each supported coin.) In addition LoMoStar allows messaging between users and groups with the ability to send/drop red envelopes. Digital assets based on Location-based System (LBS)
"Through LoMoStar, people can also invest in many real-world businesses on certain geographical locations, such as retail, real estate, attractions, and more. LoMoStar will allow users to utilize cryptocurrency for investing in retail, real estate, attractions and other various immovable properties in order to gain profits."
This is a very ambitious vision and I like it... The thought of being able to invest in real-world businesses and assets using crypto is music to my ears. Let's look into this a little more and highlight some things from the whitepaper..
"By connecting users to each other in the virtual world and then to assets in the real world, LoMoStar creates a novel setting where unpredictable social and economic relationships can spontaneously flourish within user-created scenarios. This will promote the use of cryptocurrencies in the real world and allow completely new ecological models and scenarios to emerge."
Here is an example noted from the white paper.
"Taking the vending machines as an example, which is one of the most common automatic trading devices, the holder can divide the income rights of a predetermined period and then launch the installation address of the device on the LoMoStar map. The (1) the product service description, (2) investment price of the income rights after division, (3) income distribution overview, and (4) other related information will then also be given. There are other types of devices that work similarly as a vending machine (e.g. self- service photo machine, self-service massage chair, and/or a doll machine) that can be used as a similar example. If LoMoStar users are interested, they can use cryptocurrency to invest and purchase the rights of these devices on the virtual map and thereby allow the possibility to generate an income from their (virtual) investments."
So now you can see, LoMoStar is not 'Just a game where you pick up cryptocurrency on a map'. LoMoStar aims to promote the use of cryptocurrency in the real world by acting as a bridge connecting the two worlds - ultimately revealing the true value of cryptocurrency. Functional Level of LoMoStar
Payment transaction function - Users can make use of various cryptocurrencies in order to invest in assets.
Red envelope function of cryptocurrency - One of the most important functions of the application. Red envelopes with cryptocurrencies creates a new social landscape to be explored.
LBS Geographic location components - A lot of LoMoStar is based on one's location. Scenarios such as regional red envelopes and location based advertising can be made available.
Cryptocurrency wallet - Because most interactions involve cryptocurrency, the use of a wallet is necessary.
Group function - Group holder can invite others to join their group. Users can then drop red envelopes and communicate in this group.
Cryptocurrency marketing - Businesses can make use of red envelopes with cryptocurrency inside of them as a new way to promote their brands and increase sales.
More functions in development.
"LoMoStar will also allow ICO's to integrate new blockchain projects. Only cryptocurrencies and projects with high investment value will be made available to our users."
Construction of the LoMoStar ecology.
Completed : The foundation has been laid by connecting the global cryptocurrency framework.
Expand the financing of blockchain enterprises with mainstream participation.
Integrate the boundary between the real world and the virtual world using the O2O marketing model. (Offline-to-Online marketing)
Expansion of Smart Contracts.
Integration with the Internet of Things. (IoT)
Integration of "Big Data".
"LoMoStar aims to integrate the physical world and the virtual world through the blockchain. The physical world lacks channels for democracy while the virtual blockchain world lacks social innovation. The goal is to bring these two worlds together."
The LoMoStar Team When we look at the team, it is truly an impressive force that delivers results. Building a new social ecosystem requires engineers in all fronts. From developing blockchain technology to F5 Lab to the LoMoStar app for android and ios. Let's also not forget xStar.io the Digital Assets Exchange aimed to strengthen the LoMoStar ecosystem. The team is building all the essential components needed to improve asset liquidity and long-term asset stability.. the bottom line here is.. the team is quite large and well organized. Last year in an interview with the LoMoStar CEO Xiong Lijian, he mentioned they had more than 30 people on the team.
"LoMoCoin’s core team has been working together since 2013 and has experienced the mining and trading of Bitcoin and Litecoin in the early days. We are also one of the first teams in China that begun R&D application and development of blockchain technology. At present, there are more than 30 people in our team and we have started to recruit talents all around the globe with the ability to settle in various countries and regions to jointly promote and help develop LoMoCoin."
Today they now have over 70 employees (so I hear) and are expecting to exceed 100 employees in the near future. Now since we are looking at the team, let's take a look at a few questions and answers from some interviews. (Interview links are posted in references.) Interview Q&A from Xiong Lijian (CEO) / Taoji Zou (Chief Marketing Officer) What kind of advantages will LMC have within the application in comparison to BTC/ETH/LTC, etc.? This is still unclear.
This can, for instance, be when ICO projects are promoted and only LMC holders will be able to participate. More than 10 projects have recently already discovered the value of LoMoStar and hope to promote and even accept LMC as an investment. We choose projects very selectively and they are still under review.
Can you tell us how XStar will help with the growth of LMC?
XStar is a trading platform that I and some other friends in the Chinese community have set up, not only to provide liquidity to LMC, but also because we are optimistic about the future of the blockchain industry. LoMoStar and XStar will be mutually reinforcing each other. Moreover, XStar is a trading platform that will provide a different and larger trading experience, which is not exactly the same as that of LoMoStar. This is what we have discovered in the Chinese market. Also, from a perspective of marketing theory, different needs of user groups can be mutually relocated. Therefore, LoMoStar and XStar may adopt different approaches and strategies when they are promoted in various countries. In any case, if LoMoStar first enters a country, it can help XStar; if XStar first enters a country, likewise, it can in turn help LoMoStar.
Do you think your marketing budget is enough to cover all your future plans (e.g. exchange costs, hiring foreign specialists etc.)?
Our company has a healthy financial position and we are fairly certain that it is enough to support our marketing efforts. We will also use our budget to participate in conferences and events all around the globe.
Are you going to integrate Augmented Reality (AR) features? And if so, does the current app functionality allow for it?
We have a well connected partner that we have a good relationship with, as their founder used to develop mining machines with our CEO. This enterprise is experienced in developing chips and advanced AR techniques. In the future, sooner or later, AR will be adopted in any location-based system (LBS) application. Inside our firm we are always talking about AR and we believe that when the AR techniques and implementation possibilities get improved we will certainly adopt it in LoMoStar.
How will you protect LoMoCoin (LMC) investors and increase the interest of using LMC inside of the app, since you have also added other currencies such as Ethereum and Bitcoin?
A key feature of a currency is security and liquidity, which will also affect LMC. We will add more digital currencies in the future. Global users and transaction volume will be increased this way. Additionally, when you run a club and have a lot of guests invited. There will be social demand for every guest. Nevertheless, you as the host will almost always get prioritized in the long-term by all of these guests.
Can you tell us about the F5 lab? How many full-time employees are there? Is it a subsidary of LoMoStar or is it an independent research lab? What are they working on now?
F5 Labs is a professional technology collaboration, and the technology we develop and share inside is more ‘professional’ and complex than that of the general programmer community. It will be focusing on B2B relationship initially.
How will you ensure exclusivity for LMC within the LoMoStar app? What will ensure the app will use LMC?
There is no doubt that many exclusive features will be implemented in the future within the app where you must use LoMoCoin to complete.
How will iBeacon/IoT be implemented? Will it be implemented onto the LMC chain?
We are very interested and involved in the development of the Internet of Things. Our CEO next week will also visit the Lenovo Group training session as they are looking for solutions that is combining blockchain technology and the Internet of Things. I think everyone may have heard of the Lenovo Group, they acquired IBM personal computer business in the past.
What is your future plan to attract more investments?
From the scope of my responsibility, I am more concerned about the ecological construction of LoMoStar. Overall when it comes to marketing, it is something that money can solve. Moreover, we have always kept in touch with prominent exchanges and we have made some progress here. We will inform you when we are able to confirm more.
Well I guess that turned out to be a long article! Remember you should always do your own research and come up with your own assessment before investing. There is a lot more information available in the links below. I am just giving you my personal insight on LoMoStar (LMC) and why I feel this is one of the largest and most undervalued blockchain projects in China. Remember, everything you invest in should be for the long-term and patience is key. Regards, BTC2018 Useful Links:
Using LoMoStar You can download LoMoStar for Android at the Google Play store and it's also available for iOS. After you register and login, you can begin opening red envelopes and collecting cryptocurrency. Members who complete the AML/KYC verification can send/drop red envelopes in the ecosystem. When you open a red envelope it will use 1 vitality point. (You will earn 1 vitality every 2 hours) Given there are a bunch of red envelopes to open (but not enough vitality) you can spend Diamonds to open the red envelope containing the largest reward. (Diamonds can be purchased from the shop) The geographical map at the time of writing is under maintenance. It's very easy to get the latest news using the LoMoStar app. Simply click on Messages > System Announcements to get the latest news about the LoMoStar ecosystem. Remember no matter what I post or what I say, you should always do your own research, come up with your own assessment and talk with your financial adviser before making any investment decisions.
Bitcoin, Blockchain & Cryptocurrency News. Advertisement; BTCm News; Contact us; Bitcoin % Ripple % Ethereum % Show details. Hide details. Market Cap. Volume (24h) Market Cap. Volume (24h) Market Cap. Volume (24h) Bitcoin. Bitcoin News; Bitcoin Price; Price Analysis; Bitcoin Widgets; Blockchain. What is a Blockchain? Blockchain News; Ethereum. Ethereum News; Ethereum Price ; Price Analysis ... On the Bitcoin blockchain, every block holds the total of the transactions of that block plus a block header. Miners distribute data to blocks through their mining activity subsequently hashed through the Merkle tree protocol. This generates the “Merkle root” that is captured within the block header. The Merkle Tree is a cryptographic invention that is essential for the health and efficient functioning of cryptocurrencies like Bitcoin. It arranges the data for transactions on the blockchain into well organized, verifiable units. It is one of the best and most effective means that the cryptocurrency community has for making sure that digital currencies continue to be legitimate and do not ... Although Bitcoin was the first blockchain to implement Merkle trees, many other blockchains implement similar Merkle tree structures or even more complex versions. Further, Merkle tree implementation is not only limited to blockchains and is applied to a variety of other systems. Cartoon: There’s a lot of Monies in Merkle Trees The post Cartoon: Lots of Monies in Merkle Trees appeared first on BitcoinNews.com . This entry was posted in Bitcoin News , BitcoinNews.com , Blockchain , cartoon , Cartoon Corner , Cryptocurrency , merkle , merkle tree , News on January 24, 2019 by adminbtc .
If you like this video and want to support me, go this page for my donation crypto addresses: https://www.youtube.com/c/mobilefish/about This is part 18 of t... Editing Monitors : https://amzn.to/2RfKWgL https://amzn.to/2Q665JW https://amzn.to/2OUP21a. Check out our website: http://www.telusko.com Follow Telusko on T... * Bitcoin is the Rothbard-Turing-Merkle machine https://twitter.com/ryanxcharles/status/885575076682313728 * Rothbard: The Mystery of Banking https://www.ama... Most people on earth have never even heard of Merkle roots. But bitcoin programmers deal with them every day. This is old school technology in terms of softw... Watch live: https://ivanontech.com/live