Demons in Digital Gold, Part 7
If you have not already done so, please read the introduction to this series.
Today’s must-have killer app/smartphone/widget is tomorrow’s landfill.
— Sentence from previous post, tweeted by prominent environmentalist
You never change things by fighting the existing reality. To change something, build a new model that makes the existing model obsolete.
— Buckminster Fuller
This post picks up where the previous post left off. Wink wink nudge nudge, you might want to read the first half before continuing with this post.
Many people are attracted to Bitcoin (et al) for purposes of anonymity. Indeed, it is THE primary property that attracts many [ed: redacted] users. The Bitcoin.org website clearly highlights anonymity, though not quite how you might think …
Bitcoin is not anonymous
Bitcoin is often perceived as an anonymous payment network. But in reality, Bitcoin is probably the most transparent payment network in the world. At the same time, Bitcoin can provide acceptable levels of privacy when used correctly. Always remember that it is your responsibility to adopt good practices in order to protect your privacy.
That “stone tablet” foundation of an IMMUTABLE LEDGER? Not your friend if you are trying to maintain anonymity. The statement “acceptable levels of privacy when used correctly” is at best an understatement, at worst woefully misleading. Not only do YOU need to maintain flawless OpSec to remain anonymous, everyone you transact with needs to do the same, even if they don’t give it a shit about their own anonymity.
Let’s examine the requirements of “used correctly” for Bitcoin or Bitcoin Cash, and then discuss an alternative coins that is optimized for anonymity.
IMPORTANT: following my quaint suggestions might improve your anonymity, but you need far more thorough homework if you’re serious.
A fundamental precept of cryptography is “never leak information.” Even the most seemingly innocuous tidbit can provide an adversary with a tiny crack to exploit into a full-blown attack. The irony here is the immutable ledger that is the blockchain — recording each and every leak of information for eternity — will be your unmasking, unless all of your counterparties (and all of their counterparties, etcetera) maintain 100% flawless OpSec.
Bottom-line: for all but the most informed and assiduous people, Bitcoin and Bitcoin Cash (Ether, Litecoin, and most others) are pseudonymous. You’re using an alias. Not much protection, that.
Leveraging the Bitcoin codebase and adding some extremely contemporary cryptography called “zero knowledge proofs,” Zcash aims to fix anonymity.
Bitcoin and most cryptocurrencies expose your entire payment history to the public. Zcash is the first open, permissionless cryptocurrency that can fully protect the privacy of transactions using zero-knowledge cryptography.
— Zcash homepage
Confession: I was so taken with the zk-SNARK cryptography underpinning Zcash, I considered writing a book called The Zcash Tutorial. (No, don’t bother searching for it, I came to my senses.) I enjoyed everything I learned, and it goes without saying that I could make this a PAINFULLY long blog post extolling the power and beauty of the cryptography. There is summary in the Zcash FAQ. Here is a highlights to pique your curiosity:
Zero knowledge proofs allow you to prove knowledge of some facts about hidden information without revealing that information. The property of allowing both verifiability and privacy of data makes for a strong use case in all kinds of transactions, and we’re integrating this concept into a block chain for encrypting the sender address, the recipient address, and the amount.
At first blush, you might think “Oh, I get it. They’re encrypting the sending address, recipient address, and amount … and only the sender and recipient know the encryption key.” Strictly speaking, Zcash transactions DO encrypt the sending address, recipient address, and amount. Mind-twisting as it sounds, however, nothing ever decrypts that data.
The transaction includes a mathematical proof that VERIFIES — without REVEALING the data — that sender owns the coin at the sending address, and that coin is equal or grater than the amount specified. The recipient address is NEVER revealed: as in a conventional blockchain transaction, it is generated by the recipient and transmitted to the sender.
The description above illustrates “shielded transactions” using Z-addresses. Zcash includes “transparent transactions” using T-addresses, and those work exactly the same as a conventional blockchain transaction. (Transactions may use a mix of T-addresses and Z-addresses.)
Why would anyone use transparent transactions? Yeah, about that. Turns out that SERIOUS computation is required to construct the zk-SNARK used in a shielded transactions, tens of seconds or a few minutes depending on your compute horsepower. And while the Zcash folks openly share the requisite code, nobody has yet taken them up on the proposition of integrating shielded transactions.
As it stands, the only means for sending or receiving a shielded transaction is the Zcash wallet included in Zcash full node build. NOT ideal. Running any full node is a PITA, and generally an unsound idea for Normal People. More acutely — and you’ll want to sit down about now — NO EXCHANGE currently handles shielded transactions. The undeniably fantastic utility of shielded transactions, as described above, is limited to very technically savvy people all running full nodes.
The Zcash folks are making strides to reduce the computation required to construct zk-SNARKS and handle shielded transactions. Fingers crossed, they’ll make progress with exchanges and unaffiliated wallets alike. For the time being, shielded transactions are the domain of the very dedicated.
The bitcoin system has had the biggest target on its back for the better part of five years, painted by ne’er do wells pining for the combination of ginormous sums of money and the distinct possibility of getting away with a heist. The most gifted hackers worldwide have studied and probed from every angle, to no avail. A remarkable state of affairs from a cyber-security perspective.
And yet — yeah, you just KNEW this was coming — five years is not very long in terms of new and innovative technology. This post is NOT about “everyday” implementation (i.e. code) vulnerabilities. This post tackles the potential of “unkown unknown” PROTOCOL vulnerabilities. While the former can be dangerous, the latter can be dinosaur killers.
The Bitcoin blockchain has been stunningly secure. One day it won’t be. Simple as that. I’ve covered the reasoning in multiple posts earlier in this series, so I am not going to belabor the point. The honest truth about locks? All of them can be picked. Complexity being the enemy of security, well, let’s all count our blessings vis-à-vis cryptocurrency blockchains.
Question: what might a “more secure” cryptocurrency look like?
Answering that without a specific threat in mind is damn nigh impossible. More accurately, answering that question in a manner that would clearly demonstrate utility is damn nigh impossible. When something BREAKS with a major cryptocurrency, there will be unimaginable utility in an alternative solution that eliminates the vulnerability.
Improved security can manifest itself as utility along one or more of the OTHER properties already discussed, for example:
And there may be value in more contemporary (perhaps lattice-based) cryptography, in order to build some additional temporal runway against attacks unknown. While security as a property “by itself” seems fairly amorphous, cyber-security is a $150B+ business annually. With increasingly alarming frequency ($500B last week) we see that cryptocurrency participants are NOT taking fear/security seriously enough.
While improvements in each of the above properties would improve the overall user experience, that is not what I am driving at. I am talking about the Normal Person User Experience handling cryptocurrencies, which if you’re intellectually honest, just plain sucks.
Yeah, yeah, I’ve watched countless beginner-intro-how-to YouTube videos. I’ve personally guided countless Normal People through cryptocurrencies, and the universal takeaway from them is “Silicon Valley Early.” Sure, I can get just about anyone onto Coinbase — though I would never do that to anyone that I like — but just try to take a baby step outside their tiny little walled garden. It ain’t pretty.
If I knew how to improve dramatically the Normal Person User Experience, I would be off doing it RIGHT NOW. Let’s agree that there is great room for improvement on a great number of different pain points: buying, holding, sending, spending, taxation … the works.
Here’s a compare-and-contrast illustration for you: Apple Cash, the P2P companion to Apple Pay. Setup is little more than linking a debit card and takes a minute. Sending cash is done WITHIN iMessage with a tap of an icon and takes seconds. Moving received cash back to your bank is tappity done. (Venmo is arguable better, with the modest exception of requiring its own app.)
The objective is completely hiding the cryptocurrency mechanics, and that’s heretical to the vast majority of people and projects. There may be solutions that accomplish that lofty objective with existing cryptocurrencies, or it may take a disruptive solution built from the ground up optimized for the Normal Person User Experience.
Don’t invest in coins that are likely to become obsolete. ¡Sencillo! El fin.
OK, OK, it is not simple. Let’s rewind to the opening of Part 1. of this post.
At some point in the post-speculative-mania phase, fundamentals will matter and the price of a coin will be driven by underlying measures of its value.
When price is driven by fundamentals, whatever the metrics, a NEW coin with substantially superior metrics will appreciate in price. Should the new coin closely overlap the properties of an OLD coin, competitive forces will obsolete the old coin over time.
User-perceived value. Utility. Fundamentals. All sarcasm aside, these basic concepts at best LIGHTLY apply in today’s cryptocurrency markets. That leaves long-horizon investors in a lurch, as the guideposts they would like to see are absent from market pricing. The old “buy and hold” works far better for blue chips than it does for any rapidly evolving technology.
I can dive into an existing coin and analyze strengths and weaknesses. I can investigate a new coin and assess its competitive position. I cannot boil those exercises down to set of Graham-and-Dodd rules. It would be another book. Come to think of it, GRAHAM and DODD themselves needed an epic book — the seminal Security Analysis — to explain themselves.
Given the nascent state of cryptocurrencies as an asset class — coupled with the current reality of momentum following, fast money speculation — it will be years before we have a structured framework like Graham and Dodd.
“Well, shit,” the few of you still reading this manifesto curse, “You could have told us THAT in a single tweet.” (I’ll leave it to one of you long-attention-span readers to tweet the above excerpt with a link to this post.) Short of enlisting my consulting services, how might investors proceed?
First and foremost, recognize that with new technologies, the vast majority of early offerings fail. Not just products, entire companies go from “darling” to “dead” in a heartbeat. Why would today’s cryptocurrencies — early offspring of truly innovative blockchain technology — bypass a century-plus gauntlet and enjoy longevity? Few, if any, of them will.
Long-horizon cryptocurrency investors need rigorous portfolio construction. Diversification is critical, though given today’s “signal to noise” ratio, focus on larger (by circulating supply) and more stable (stop laughing) coins.
Careful position sizing is vital, especially in the current high-volatility environment. Complimenting a focus on larger and more stable coins, place small “high-risk/high-return” bets on the most promising emerging coins.
Cut your losses, let your winners run, and eat balanced meals. I get it: this is Peter Lynch Investing 101. I’ve talked with super-smart investors, far more accomplished and successful than me, who describe strategies for orders-of-magnitude returns that seemingly break every rule in THEIR OWN books.
In the introduction to this series , I commented that my motivation is to provoke BALANCED thinking.” So when I hear “unbalanced” reasoning from otherwise super-reasonable people, pardon my nudge.
Follow me @Pressed250 on Twitter
Copyright © 2018 Bruce Kleinman. All Rights Reserved.