Saturday, October 14, 2017

The politics of the Blockchain

In the industrialized world, as modern democracies, we have come to appreciate the need for a minimum amount of basic government, providing for national defense, law and order.
Many people also recognize the limits of government, as government should not take over functions that people and associations can do by themselves.
For example, the libertarian author Frederic Bastiat wrote in “The Law”:
The law is the organization of the natural right to lawful defense. It is the substitution of a common force for individual forces. And this common force is to do only what the individual forces have a natural and lawful right to do: to protect persons, liberties and properties; to maintain the right of each, and to cause justice to reign over us all.”
Most democratic nations however, have leaned towards increasing involuntary taxation to fund more centralized economic and social programs.
The history of almost every nation in the world shows that the tendency towards higher centralization has lead to despotic governments and nasty consequences.
More government centralization and more programs for the common good draw more human resources from those enterprises that generate economic activity.
More people become dependent on government, either directly employed, or working on government contracts, or working on non-competitive government projects, or not working
at all. This reduces the nation’s GDP. As a consequence, government revenues are reduced and the government’s ability to maintain social programs is curtailed.
People who understand basic economic laws, conclude that in a democracy we can chose options ranging between the following extremes:
  1. a limited government, with limited social programs, in a thriving economy, and
  2. a large government, without enough revenue for social programs, in a stagnating economy.
The trend, in industrialized democracies, has been towards large governments borrowing from future generations and overtaxing productive young people, promising them future benefits and pensions paid with future fiat money.

In addition, governments control the creation of new currency, generated to counteract currency demand. This depreciates future fiat money.
Finally, governments control the distribution of new currency through central banks, since they do not have a method for distributing shares of new currency directly to their citizens.
The reaction to this trend, especially by some young entrepreneurs, has been to escape to cyberspace by espousing innovative technologies that allow them to participate in the profits derived from currency demand, and possibly hide some of their economic activity from government. This course of action though raises a number of ethical questions.
Permissioned or not?
The new distributed ledger technology, or blockchain-based crypto-networks, are classifiable in many ways. A previously published technical classification is available at:
On the one side, those financial institutions that have always promoted “know your customer” policies are researching and developing permissioned crypto-networks, where trusted intermediaries are responsible for the verification and distribution of blocks for the blockchain.
These institutions are joined by large corporations that have traditionally sold proprietary software and services.
On the other side, there are many crypto-networks and projects under development that are unpermissioned. These do not rely on trusted authorities to verify end-to-end transactions, but rely on cryptographic functions. Their network security is proved by opening their source code to public scrutiny. A more dangerous approach, perhaps, but tested on the line of fire.
Among these unpermissioned crypto-networks are Bitcoin, Ethereum, and many of Bitcoin’s modified clones.
Privacy, anonymity and fungibility
The concern for privacy, especially in light of the many recent leaks and attacks to corporations, institutions and government, has grown exponentially in public perception.
Most people are aware of the danger of publicizing their ID or any personal information whatsoever.
Unpermissioned crypto-networks are specifically providing anonymity, while providing the ability for peer-to-peer movement of money and contract execution.
However, anonymity does not hide transaction records. In most current crypto-networks, transactions can openly be scrutinized and traced. This can be considered as a positive feature, if some sort of investigation needs to be done, for example after an attacker may have hacked a contract or stolen money.
Other researchers and developers see this openness as a vulnerability and are actively working towards untraceable crypto-networks. They would like crypto-network transactions not to provide any clue with regard to the user (e.g.: Identification, location, address) or its transaction (e.g.: transaction identification, transaction amount).
They would like crypto-networks not only to provide user privacy (e.g.: Identification, location, address), but also to provide no clue with regard to its transactions (e.g.: transaction identification, transaction amount).
Some Bitcoin researchers are working to provide fungible currency. That is, in their opinion, it does not matter where the currency comes from, it should be treated equally.
More recently, zero-knowledge techniques have been proposed. These are aimed at completely hiding any indication of financial transaction addresses and amounts. So far they have been implemented by the ZCASH and ZenCash, and planned for roll-out by Ethereum.
Are we going too far, simply because we can?
Can we strike a balance between anonymity and traceable transactions?
I can foresee two potential issues with making crypto-network transactions absolutely untraceable. The first is an ethical problem, the second is a more technical issue.
Possible Ethical Problem
Because technology often precedes the law, we need to ethically self-evaluate any new technology. In particular, crypto-networks should not encourage money laundering or any other criminal activity, and should help law enforcement, as much as practically possible, to prosecute individual cases of illegal activity.
There is a difference between giving the government a portal for bypassing the security of an iPhone (recent Apple case) and allowing everyone, including the police, to inspect a public blockchain, so that criminal behavior can be forensically analyzed.
As a society, by majority opinion, we have agreed to pool our resources for policing, both in our everyday life and in corporate environments. We have agreed to prosecute those people that bypass the laws of free market to make fast money, whether by stealing property, insider trading, distributing dangerous narcotics, Ponzi schemes, human trafficking, forced labor, etc.
In a similar way, mature crypto-networks should conform to the will of the majority in criminal matters as expressed by the laws of most civilized nations.
In a typical scenario, if an attacker stole currency, should anyone do something about it, or should the thieves allowed to enjoy the fruits of their illegal action? Recently some people criticized the Ethereum Foundation decision to hard fork the network to avoid the damage incurred when a contract involving a large sum of money was hacked. However the majority of people agreed with their decision.
Now the lead Ethereum developers are planning to change its encryption mechanism to use a zero knowledge security protocol for handling transactions. With current encryption techniques it is already difficult to identify an attacker who has been able to steal currency. With zero-knowledge encryption techniques, law enforcement will be even more difficult. This does not seem to be a development consistent with Ethereum’s recent decision to strongly react to currency theft.
All unpermissioned crypto-networks provide privacy for individuals. However, within this class, we see some networks planning to make their transactions untraceable while others may continue to maintain their transactions visible to third parties. Visibility of transactions allows law enforcement forensic scrutiny and is a deterrent to criminal activities.
Why would a network specifically hide financial transaction destination address and amounts? Is this not an indication that the network may tolerate money laundering and illegal activities?
Once the law catches up with technology, what do you think the majority of people and governments will decide?
Although the law cannot stop a blockchain, it can make life difficult for its users when they want to exchange their digital currency.
A More Technical Issue
In a previous article on user addressability in crypto-networks (“Where are the Gapps in Bitcoin and Ethereum?”) we have shown how new generation crypto-networks will provide some form of user, device or node addressability for selecting specific peers for distributed functions.
This can be done while maintaining privacy and without requiring user identification. However, addresses will need to be unique and readable by anyone.
So, if addresses need to be known for Contract applications (Dapps) and for general distributed applications (Gapps), why would a crypto-network hide the addresses of financial transactions?
One argument is that a competitor could acquire information by analyzing recurring transactions, for example between an investment firm and a target corporation. Such information could reveal the plans of the investment firm before public market indicators can be obtained.
This is not a privacy argument, but a fair competition argument. Is there an advantage in limiting competition?
Assuming the answer is yes, in some cases, can these institutions not protect themselves already by using a new address for every transaction? Or using methods (such as TOR) to hide their transactions’ provenance?
Furthermore, if an institution chooses to use a zero-knowledge network, it may create suspicion in the eyes of the law. This is one of the reasons why financial institutions stay away from public unpermissioned networks. It seems to me that zero knowledge technology goes even further away from addressing their requirements for public trust.
With zero-knowledge technology a person may unintentionally engage in a transaction with a criminal, or scammer, or accept laundered money. He may not be able to avoid the consequences of his unintentional action, such as lawyers’ fees and court appearances.
Zero-knowledge technology is an interesting research development. However, its practical implementations appear to cater to individuals who may want to evade the law more than facilitating free exchange and business interaction.
Unpermissioned crypto-networks have made decisive progress in removing possible interference from intermediaries and in maintaining users’ privacy.

New-generation crypto-networks will need to advance in other areas that need to be improved, such as providing addressability for general distributed applications, efficiency in data replication, network scalability, network governance and stable currency values.

Friday, October 13, 2017

Where are the Gapps in Bitcoin and Ethereum?

Addressability of devices and users may be the next area of research and development for unpermissioned crypto-networks.
New generation crypto-networks will support several types of distributed applications, in addition to financial transactions and distributed smart-contract applications (such as Ethereum Dapps).
For example:
  • Blockchain-registered unique devices may want to interact with IoT objects.
  • Virtual private blockchain networks may need to be supported.
  • Many types of general distributed applications (Gapps) will need to share information among a selected group of peers.
All of the above applications will need primitive functionality for user and/or device addressability in an environment without a centralized directory infrastructure.
All of these applications will need to establish a more permanent session between peers than a one-time transaction. Also, they will involve the participants, but not necessarily the rest of the world.
Some researchers have proposed ways of safely exchanging encryption keys over Bitcoin, for the purpose of confirmation or other post-transaction communication. However, a more general solution is needed to solve the problem of addressability in an unpermissioned crypto-network environment.
Building the Stack.
Each new technology is aimed at making applications development and the user experience simpler. Once accepted as a standard, it becomes part of the base for further developments.
The internet has largely solved the problem of communication for its applications.
Current crypto-networks have solved, in a certain measure, the problems of security and
data replication.
Addressability can be resolved through crypto-network intrinsic functionality, in the same way as communication, security, and data replication have been solved.
Specifics and Examples
Current crypto-networks claiming to support distributed applications, such as Ethereum, do not solve the addressability problem for their nodes or users. In Ethereum, for example, that’s not where the action happens: Contracts embody the Ethereum virtual machine executing Ethereum Dapps.
Ethereum solves addressability for its contracts on the blockchain by retrieving them
by content.
Any user that is interested in a contract and is given the contract’s address (a hash of the contract’s code) can look at it or execute one of its functions. Every time a function is executed, it happens on-the-blockchain, thus these functions need to be executed on all nodes. The resulting blockchain changes also need to be reflected on all nodes.
The blockchain is the computing machine of Ethereum. i.e.: Ethereum computes with the blockchain; more specifically, with a blockchain contract. In essence, Ethereum supports smart contracts that are distributed, but they are not general purpose distributed applications. They are a limited type of distributed applications: Those that need to record events for anyone and posterity to see: memorable events. We will call these applications Contract Dapps.
Example 1: let’s suppose we have an Ethereum Contract Dapp for reserving seats at an event, such as a ball game. The application must solve the possible conflict of multiple people reserving a seat, and prevent overbooking. It must also confirm that the person showing up at the event is the person that booked the seat.

All of the above transactions are recorded on the blockchain, for a fee, and are recorded on all nodes in the world, forever. And for each one of the thousands of people at the event. What’s the use? How many of these actions people take every day? The same people, that day, may have entered a secured area at work, may book a seat at a restaurant, retrieve their car from a parking garage, or book a show for the evening. Why should the whole world see, record and verify all these events?
The requirement to use a blockchain contract for every distributed function is a serious limitation of current crypto-networks.
New generation crypto-networks will instead support general distributed applications, or Gapps. Gapps must be able to run on any device, with the help of the blockchain only for those relevant changes (memorable events) that may need to be recorded forever and/or for anyone to verify.
Most of the actions people do, and computers do for people, are not memorable events.
Going back to our example, we need a Gapp that fulfills the same requirements (i.e.: must be available to anyone, must resolve possible conflicts and must be usable to prove who is the person who booked the seat), but it can do it off-the-blockchain, reading blockchain information for addressability only, and involving only the interested parties.
Here is how our reservation example can work in new generation crypto-networks (See the Gorbyte’s Distributed Operating Environment and BRUD architecture):
You have purchased a unique BRUD device, registered on the blockchain. This is an example of an action done with the help of the blockchain: the device is registered once, and you will be able to use your device for hundreds of applications and thousands of instances in most cases without the need of recording anything on the blockchain.
Your BRUD device can be uniquely identified by anyone with access to the blockchain, including other devices.
When you book your seat for an event (for example using a web page interface), an event management application (EMA) records your device address off-the-blockchain and reserves your seat. When you show up at the event, your device address is recognized, by another BRUD device associated to the EMA, and you are ushered to your seat.
No memorable event has happened. You just went to a ball game. Nobody needs to verify who you are or your ID. The only verification is a look-up of your unique device address on the blockchain.
People around the world do not need to know about your event booking and attendance.
Example 2: A group of two or more people want to privately communicate.
Do we want them to use a smart contract and advertise their event to the world and for years to come? Or do we want their devices to verify each other, just through a look-up on the blockchain, so that they can carry out an exchange of information through a secure session involving only the participants?
On the other hand, in addition to financial transactions and contracts, we can also think of many examples of distributed applications that will need to record memorable events and critical data on the blockchain. However, such recordings will be limited, not only by fees, but by design.
Example 3: an application which may require unique user addressability, is a Gapp for voting at political elections, since people may want to verify the uniqueness of each vote, by each voter, in disputed cases.
New generation crypto-networks will provide some form of user, device or node addressability for selecting specific nodes, for peer-to-peer distributed functions. This can be achieved without compromising user privacy and without requiring user identification. However, user, node or device addresses will need to be unique and readable by anyone.
Network addressability will allow Gapps to use the crypto-network as they sees fit.
For example, a payment Gapp (providing the functionality of basic financial transactions) may require the transaction to be recorded on the blockchain, but may not require a follow-up customer survey to be saved on the blockchain.