What we gain in flexibility by losing proof of work
When it comes to using blockchains for inter-enterprise coordination, there’s an elephant-sized problem in the room. In my view, nobody’s talking about this issue enough, whether due to denial or the need to keep the hype going. The problem, in a nutshell, is confidentiality.
To recap what I’ve explained previously, a blockchain allows a database to be shared between entities who do not fully trust each other, without requiring a central administrator. Instead, a blockchain-based database is based on a set of “nodes” which are owned by the participating entities. Nodes send transactions to each other in a peer-to-peer fashion, with each node independently verifying each transaction. Groups of transactions are then confirmed in “blocks” created by special nodes called “miners”. These blocks link to form a “blockchain” which acts as a unified transaction log, ensuring that all nodes reach consensus on the database’s state.
At this point, blockchains are a proven technology, both in public cryptocurrencies like bitcoin and their private equivalents. But they still suffer from a fundamental problem. Putting aside advanced cryptography (for now), blockchains reveal the content of every transaction to every participant. Why? Because in order to verify a transaction, every node has to see that transaction. This makes blockchains fundamentally different from centralized databases, in which transactions are only visible to their creators and the database administrator.
So if you’re considering a blockchain for a project, you should bear this simple principle in mind:
Blockchains are for shared databases in which everyone sees what everyone else is doing.
To be clear, seeing what someone is doing doesn’t necessarily mean that you know who is doing it. Blockchains represent identity using meaningless alphanumeric “addresses”, and most participants need not know to whom these belong. Nevertheless, a lot can be learned by analyzing the behavior of an address, and especially from how it transacts with other addresses. In formal terms, this means that blockchains provide pseudonymity rather than anonymity, because identities persist over time. In the case of bitcoin, several companies are already selling services which mine the “transaction graph” to reveal information about the owners of bitcoin addresses.
The bottom line is that blockchains are best suited for shared databases which are write-controlled but read-uncontrolled. Or, to put it more poetically, blockchains are transparency machines.
The economics of mining
Blockchains began with bitcoin – a digital, decentralized and censorship-proof form of money. One of bitcoin’s key design goals was allowing anybody to “mine” a block which confirms transactions, to prevent governments or banks controlling who can pay whom. In theory, open mining sounds democratic, but on its own it leads to dictatorship by stealth. Why? Because on the Internet it’s possible for one entity to use many different identities, a problem known as the Sybil attack. This means that someone could seize control of block mining, deciding unilaterally which transactions get confirmed, without anyone else even knowing it happened.
Bitcoin cleverly resolves this problem through proof of work. Bitcoin mining may be open, but it is also extremely difficult. In order to create a block, a miner must win a global race to solve a pointless and tricky computational problem, which consumes a lot of electricity (and therefore money). These days mining is performed by specially optimized hardware, but this doesn’t make it any cheaper, because the network regularly adjusts the problem’s difficulty to maintain a steady rate of 1 block every 10 minutes. This makes it hard for any single actor to seize control of the chain and, so far at least, the scheme has worked.
In exchange for the hard work and expense, the winning miner receives a reward, currently 25 newly-minted bitcoins per block (to halve during 2016). Miners also receive a little extra from the fees attached to transactions, although for now these play a minor role. And here are some shocking numbers: During 2015, bitcoin miners raked in $375 million in rewards and fees, in exchange for confirming 45 million transactions. That comes out to over $8 per transaction, even ignoring the fact that many of these weren’t genuine transfers of funds.
Who on earth is paying for all this? The answer is: bitcoin investors. For the most part, miners exchange their new bitcoins for regular currencies like dollars and yuan, because they need this money to pay for mining hardware and electricity. And what will happen if the investors stop coming? Well, the bitcoin price will crash, as miners are forced to dump their bitcoins at a significant loss. Indeed, looking at bitcoin’s price history, there have been several periods during which the price drifted gradually and undramatically downwards, because of the constant supply of bitcoins to be sold.
In the meantime, as the first and most prominent blockchain, bitcoin continues to attract an impressive level of incoming investment. Clearly there’s room for just a handful of such high-profile public blockchains, because the economics of open mining leads inevitably to consolidation. Any new blockchain secured by a low quantity of mining power will not be attractive to end users, because of its inherent insecurity. This will keep its currency value low, which will prevent it attracting additional miners. In other words, the virtuous circle underlying bitcoin’s explosive growth will be hard to repeat. In my view, the only likely exceptions will be newcomers such as Ethereum and Dash which offer a step change in terms of functionality. (I’m ignoring so-called merged mining as well as ideas like proof of stake, because they have not yet been proven to work at scale.)
As luck would have it, private blockchains avoid all of this trouble. Instead of open mining, private chains rely on a whitelist of permitted miners, with all blocks signed digitally by their miner of origin. This is combined with some form of distributed consensus scheme which prevents a small group of these miners from monopolizing the process. If you like, it’s democracy for the privileged, rather than democracy for all. Since private blockchains have no need for proof of work to enforce diversity, they also don’t have to incentivize miners with a financial reward. Instead, a private blockchain costs no more to run than a regular replicated database. The reward is simply the immediate and sufficient benefit of being able to make use of the chain.
With the economics of open mining out of the way, a universe of possibilities opens up. One organization can participate in thousands of blockchains, just like it accesses thousands of (internal or external) databases today. And globally there can be millions (or billions) of blockchains, all serving different purposes and sets of users. But if the world will be filled by so many blockchains, it’s safe to assume that each of them is going to be small.
From monolithic to small blockchains
What do I specifically mean by a “small blockchain”? I mean a blockchain whose scope is restricted to a narrow and specific purpose. This is the polar opposite of catch-all public blockchains like bitcoin and Ethereum, or even the permissioned global bank blockchain that some think is in the offing. It is, in fact, rather more like a regular database, but with a different model of sharing and trust.
Of course, there are many ways in which a blockchain’s scope can be restricted, so I’ll focus here on three simple examples: (a) per-order blockchains, (b) bilateral blockchains, and (c) notarization by hash.
Let’s imagine a blockchain designed to manage the lifecycle of a single container of branded goods, manufactured in China and sold in the US. There can be a bewildering number of parties involved in this process, such as a retailer, agent, distributor, importer, shipping company, manufacturer, licensor and designer, as well as multiple subcontractors, shipping ports, banks, customs agencies and tax authorities. A large amount of information has to flow back and forth between these parties, leading to bureaucratic delays, errors and expenses. In theory, all this could be streamlined using a centralized database, but the question is: who will run it? Considering the gap in geography, culture and legal systems, it may not be easy to find someone that all the parties can trust.
Now, much has already been said about how blockchains can simplify coordination in supply chains. A blockchain can be used to record important documentation, digitally signed as appropriate, as well as enable the transfer of digital equivalents of key assets such as a bill of lading or letter of credit. However, putting all of this data on a monolithic blockchain can leak confidential information. For example, if two competing manufacturers use the same shipping company and bank, they could learn a lot about each other’s activities from transactions which involve those counterparties but are not their own.
One solution is to keep all the information relating to a single order in a blockchain which is dedicated just to that order. In this case, the confidentiality problem is much diminished. For example, two competing manufacturers will never participate in the same chain. At the beginning of the process, a new private blockchain can be set up, and connected to by all the participants. This blockchain makes the state of the order visible to all users in real time. And once it is safely delivered and paid for, the order’s blockchain can be decommissioned and archived away, only to be reopened in case of a dispute.
One issue with per-order blockchains is identity management. When using a blockchain for inter-enterprise coordination, each participant needs to know the real-world identity behind many of the other addresses used on the chain. Obtaining this mapping securely is a potentially inconvenient process, involving either direct exchange of information (by fax?) or a trusted administrator who provides it. But the good news is that there’s no need for this process to take place every time a new blockchain is set up. Instead, participants can have the same address on all the chains that they use. Alternatively, a separate long-running blockchain could be used purely for identity management, allowing each entity to securely distribute its address for each new chain.
Now let’s consider a blockchain which is used for the rapid settlement of exchanges of financial assets, such as government-backed currencies. This chain would involve at least three types of participants: (a) the trading parties which are performing the transactions, (b) the custodial bank which holds the currencies and issues on-chain tokens to represent them, (c) regulators and/or auditors who receive a read-only view of the activity taking place.
This is a perfectly natural application of blockchains, and already supported in full by off-the-shelf platforms such as MultiChain (our own). But again, the problem of confidentiality rears it head. If the trading parties are locked in intense competition, they can watch each other in order to infer:
- How much of each currency is held by each trader.
- Which currencies they actively trade in, with what frequency and quantity.
- Who else they trade with on the blockchain, and at what prices.
Even if we assume that the parties are not told who is using which address (or multiple addresses), it won’t take them long to work it out. Fierce competitors in a marketplace tend to know a lot about each other, and this prior knowledge can be correlated with patterns of blockchain transactions in order to learn more. For many financial use cases, the risk of this leakage is simply a deal-killer, because the efficiency gained is outweighed by the confidentiality lost.
Nonetheless blockchains can still provide some assistance in this scenario – namely, to record the flow of transactions and messages across each bilateral communications channel between trader and custodian. By combining signed transactions with signed commitments, the blockchain provides realtime reconciliation across this channel, ensuring there is no way in which the parties can differ over what was done and when. In addition, regulators and/or auditors could be granted read-only access to many or all of these pairwise blockchains, giving them a comprehensive view of the activity in a particular marketplace, without needing to explicitly request data from its participants.
Notarization by hash
As I hope is now clear, blockchains can be used to digitally sign, store and timestamp any important data, including text, documents, images and database entries. So long as the blockchain’s miners do not collude maliciously, the chain becomes an irreversible and incontrovertible audit trail for all of the information within. For example, all of the emails sent between the members of a group could be recorded on a blockchain, with each message signed by both the sender and receiver.
But once again we come up against the problem of confidentiality. In many cases, the two parties to a correspondence will not want its content to be visible to anyone else. Their sole purpose in using the blockchain is to prevent future disputes, so that they cannot disagree over what was said, by whom and when.
In this case the solution is simple. Instead of storing the full text of the messages within the blockchain, a “hash” (or digital fingerprint) of their content is embedded instead. A hash is based on a one-way function, which means a function whose output is easy to compute for a given input, but which is practically impossible to reverse. By collaboratively embedding and signing the hash of a message’s content in a blockchain, the parties are able to “lock down” that content in an auditable way, without revealing it to the other participants.
In parallel to embedding this hash, both correspondents store the full message content on their own systems. If a dispute arises in future, either party can reveal this content to an independent party, who can calculate its hash and confirm that this matches the hash on the chain. If so, there is no denying the correspondence that took place. Indeed, this same principle is already applied by many services to notarize documents on the public bitcoin blockchain. Doing so on private blockchains gives greater scalability, lower transaction costs, and hides the entire process from the outside world.
Zero knowledge proofs
So there we have it – three examples of how blockchains can be used, given the limitations posed by radical transparency. But before I finish, it’s important to mention some emerging cryptographic techniques. Sporting names like homomorphic encryption and zero-knowledge proofs, these promise to untie the gordian confidentiality knot. In the context of a blockchain, they offer a seemingly impossible separation of visibility and verification. A partially encrypted transaction can be embedded in a blockchain, along with a proof of its validity, without revealing the transaction’s contents. Every participant can then verify the proof, while still only seeing the transaction in encrypted form. And the unencrypted version is revealed on a need-to-know basis, presumably only to the transaction’s recipient.
Although there has been some real progress in this space, these technologies are yet to mature. It’s still not computationally feasible to generate and verify a proof regarding the validity of a blockchain transaction while keeping its contents fully private. Nonetheless let’s assume that, at some point in the future, this technical problem is solved. I still think we might have a psychological one. You see, in the current way of doing things, a CIO knows that her employer’s confidential data is protected by physical and organizational barriers. Data can only escape if someone is grossly negligent or deliberately commits a crime. But when it comes to advanced cryptography, the picture is rather different, with the CIO relying on advanced mathematics and the soundness of random number generators.
So even when the technology problem is solved, I think it could still take a long time to overcome the emotional barrier. In the meantime, where does this leave us? With the stark assumption that every participant in a blockchain sees everything else that is going on. While this assumption might restrict the sphere of feasible applications, it will also prevent time being wasted on projects that will never be moved to production. And as others have said before me, 2016 is the year to transition from thinking and talking about blockchains, into building some real applications.
Please post any comments on LinkedIn.
SEC responsible for $15 billion in damages to XRP holders: Ripple
Weeks after the United States’ Securities and Exchange Commission filed an amended complaint in its lawsuit against Ripple Labs, the latter has now filed an official response, with the same asserting that the SEC is picking virtual currency winners and losers by exempting Bitcoin and Ether from the scrutiny of similar regulations.
According to Ripple, XRP was designed to be a “better Bitcoin” and more secure because control over the XRPL is more distributed.
Today Ripple filed our answer to the SEC’s amended complaint. Notably w/ full transparency to the SEC: XRP was listed on 200+ exchanges, billions of $ in XRP were bought/sold monthly, many market makers had daily XRP txns, & 3rd party products (not developed by Ripple) used XRP.
— Stuart Alderoty (@s_alderoty) March 5, 2021
Ripple’s response also pointed out that the mere filing of the SEC’s complaint has caused immense harm to XRP holders, cutting the value of their holdings substantially and contributing to numerous exchanges, market makers, and other market participants ceasing trading activities involving XRP. The blockchain firm argued that in bringing a case that alleges an unregistered securities offering of just over $1.3 billion from several years ago, the SEC has already caused more than approximately $15 billion in damages to those it “purports to protect.”
The 100-page document also went on to accuse the SEC of mischaracterizing several items on the record, including the claim that Ripple’s sales of XRP constituted a “significant part” of the XRP. According to Ripple, these sales constituted less than 0.4% of the total XRP transaction volume in nearly all periods.
To conclude, Ripple equivocally denied all charges in the SEC’s amended complaint, calling the allegations “overarching.”
“We’re looking forward to learning more about the SEC’s meetings with major XRP market participants who asked for guidance but were never told that XRP transactions would be subject to federal securities laws,” Stuart Alderoty, Ripple’s General Counsel, added on Twitter.
The timing of the said development is interesting, especially since it came just a day after Ripple execs Brad Garlinghouse and Chris Larsen filed motions to dismiss the amended complaint.
Sign Up For Our Newsletter
How to Protect Yourself from the Cryptojacking Threat
Though fairly common in today’s age, for many, Cryptojacking might still be a brand-new term. What is Cryptojacking? Is this a threat for all computer and internet users? How can we prevent falling victim to Cryptojacking? And many more such questions are common. Some of the most common concerns have been addressed below.
What happens in Cryptojacking?
Cryptojacking is the latest, most innovative, shape of cybercrime. These jackers will use your computer to mine cryptocurrencies maliciously. This can happen on both personal and business laptops, computers, and mobile devices. Cybercriminals hack into any of these devices to install software that uses the computer/laptop/smartphone’s resources and power to mine cryptocurrencies or steal wallets of unsuspecting victims. This is a grave threat as it is hard to detect and easy to deploy and run in the background. The main idea is using another computer and device’s resources to do crypto mining work for them and whatever earnings or steals they make from the hijacked computers, they siphon it into their own digital wallets.
There are three main methods cryptojackers can opt for to maliciously mine for cryptocurrencies. Let’s skim through them so you know how to better protect yourself against them.
This happens when the hacker uses IT infrastructure to mine and attack directly within the web browser. They create a crypto mining script that is embedded into different websites. These scripts can be embedded into out-of-date WordPress plugins or ads where they run automatically while the code gets downloaded into the user’s computer.
File-based cryptojacking starts from downloading malware that runs an executable file. A Cryptomining script is spread through this file all around the IT infrastructure. The most common way to do so is to spread malicious emails with links or attachments that look fairly legitimate for the user to click on them. If they click, the code is executed and downloads the crypto mining script to work in the background on the user’s computer without their knowledge.
Cloud Cryptojacking is used when a hacker searches for API keys through an organization’s code and files to gain access to their cloud services. They then gather unlimited CPU resources for crypto mining and this resultantly increases account costs quite significantly. Hackers illicitly mine for currencies using this method as it helps them accelerate at a much faster rate.
How to detect Cryptojacking?
The crypto mining scripts generated by hackers can be very tricky to detect and locate, which is why you need a highly vigilant IT team at work 24/7 for your organization’s operation. Here are some common signs that will tell you something’s wrong before it’s too late and practices that can help you detect cryptojacking, look out for these!
Just like any other intensive task, Cryptojacking involves resource processing that can heat your computing device quickly. Overheating will shorten the lifespan of your device and damage it immensely. Moreover, overheating means the fans in your devices will run longer than they should to keep the system cool and running.
One of the major signs of cryptojacking is a decrease in the performance of your laptop, PC, mobile device, or tablet. If you observe an unexplained decrease in processing speed, immediately call an IT technician and get it checked. If you’re running an organization, educate all your employees about their cybersecurity and about signs and symptoms they need to report.
Regular Website Checks
Regularly monitor your website and all its web pages to make sure there are no changes to the files and webpages on the web server. This is a great way to prevent a Cryptojacking attack.
Monitor CPU Usage
Analyze your CPU usage regularly by using a task manager or activity monitor. An unjustified increase in the CPU usage means there’s something fishy going on. Especially for a website that has little to no media content that could drive traffic.
Protection against Cryptojacking?
Following are some recommendations from security experts on the prevention of Cryptojacking.
Maintain good security hygiene
Establish solid security hygiene to lower the risk of Cryptojacking as all such attackers are opportunists and always on the hunt for wear, vulnerable venue. Hackers run numerous exploits on websites and get through whenever there is a patch.
Keep your web filtering tools up to date and make sure your users are blocked from accessing a webpage that you identified delivering Cryptojacking scripts.
Anti-crypto mining browser extensions
To coin the cash and deploy the Cryptojacking script, crypto-miner hooks into web browsers. You can use browser extensions to block such crypto miners. Browser extensions such as No Coin, minerBlock, and Anti Miner can be used.
Blockchain Association meeting with key Biden staff about regulations
U.S.-based crypto advocacy group, the Blockchain Association, is lobbying key figures in the Biden administration to advocate for more favorable regulations.
The Association’s executive director, Kristin Smith, told Fox Business the group has already met with or is in the process of scheduling meetings with high-ranking Whitehouse officials including Treasury Secretary Janet Yellen, Deputy Secretary nominee and former BlackRock executive Wally Adeyemo, along with representatives of the Treasury Department.
Citing reported comments from Yellen about how the primary utility of cryptocurrency is “illicit financing,” Smith said the association’s key aim was to assist the Treasury chief to “understand the value of crypto networks:”
Our number one priority is helping Yellen understand crypto goes beyond the financing of criminal enterprises.”
Yellen has been criticized by the crypto sector for describing Bitcoin as “an extremely inefficient way of conduction transactions,” and speculating that BTC is not “widely used as a transaction mechanism.”
Despite her apparent hostility toward Bitcoin, Yellen has expressed openness to centralized DLT, with the secretary stating a digital dollar could offer “faster, safe, and cheaper payments” than existing fiat currency last month.
Adam Traidman, CEO of crypto wallet BRD, indicated representatives of the crypto sector are “trying to work as high up the Treasury food chain as we can,” adding:
“We’re not opposed to regulation and compliance, but we need time to spur innovation and grease the skids for adoption of crypto first.”
Traidman emphasized concerns regarding regulations for wallets and crypto-to-crypto transactions, stating: “One of our main goals is to carve out crypto to crypto transactions from most regulations. If crypto transfers have to meet wire transfer rules, that will harm the industry.”
Some in the crypto community have also expressed concern regarding Joe Biden’s nominee for chairman of the Securities and Exchange Commission, Gary Gensler — who has previously described Ethereum’s 2014 ICO as an unregistered securities offering.
Earlier this week, Gensler told the Senate Banking Committee the SEC will work to ensure the crypto markets “are free of fraud and manipulation,” accusing off-shore exchanges of having been “rife with fraud.”
The Blockchain Association’s members include crypto heavyweights Circle, Binance.US, Grayscale, and Kraken.
Trade with the Official CFD Partners of AC Milan
The Easiest Way to Way To Trade Crypto.
Google Finance adds dedicated ‘crypto’ tab featuring Bitcoin, Ether, Litecoin
Why Mark Cuban is looking forward to Ethereum’s use cases
Amplifying Her Voice
NBA Top Shot leads NFT explosion with $230M in sales
Litecoin, Monero, Dash Price Analysis: 28 February
How KuCoin Shares (KCS) Can Create a Stream of Passive Income
Libra Coin – A New Digital Currency Developed by FACEBOOK
Blockchain in Sports Betting
Korean Government To Levy Taxes On Bitcoin Capital Gains Starting 2022
Polkadot, Cosmos, Algorand Price Analysis: 28 February
Top 5 cryptocurrencies to watch this week: BTC, BNB, DOT, XEM, MIOTA
The Sony PlayStation 5 Game Console Mining Ethereum with almost 100 MH/s is Not True!
Will Netflix soon buy bitcoin?
DEX aggregator 1inch integrates Bitquery’s API-powered crypto trading data
DeFi token CRV spikes after reports PayPal acquired unrelated custody firm Curv
Bitcoin Halving: Definitive Guide (In Just 5 Minutes)
Rewardiqa platform takes DeFi to the next level
How did Bitcoin lending become so popular?
3 key Ethereum price metrics show pro traders are aiming for $2K ETH
OLB Group enables crypto payments for thousands of US merchants
Blockchain1 week ago
Gemini collaborates with The Giving Block and others, adds donations option
Blockchain4 days ago
Google Finance adds dedicated ‘crypto’ tab featuring Bitcoin, Ether, Litecoin
Blockchain3 days ago
Why Mark Cuban is looking forward to Ethereum’s use cases
Blockchain2 days ago
Amplifying Her Voice
Blockchain1 week ago
NextGen Blockchain Platforms Self-Organize to Win Government Contracts
Blockchain1 week ago
Optimized Ethereum Mining Settings for Nvidia RTX 3060 Ti, RTX 3070, RTX 3080 and RTX 3090 GPUs
Blockchain5 days ago
Inverse Finance seizes tokens, ships code: Launches stablecoin lending protocol
Blockchain1 week ago
Bitcoin falls to $45K in sequel to 20% BTC price crash