Demons in Digital Gold, Part 7 article from February 1960: well past is useful life, though illustrative of the debate If you have not already done so, please read to this series. the introduction Today’s must-have killer app/smartphone/widget is tomorrow’s landfill. — Sentence from previous post, tweeted by prominent environmentalist You never change things by fighting the existing reality. To change something, build a new model that makes the existing model obsolete. — Buckminster Fuller This post picks up where the previous post left off. Wink wink nudge nudge, you might want to before continuing with this post. read the first half Anonymity Many people are attracted to (et al) for purposes of anonymity. Indeed, it is THE primary property that attracts many users. The website clearly highlights anonymity, though not quite how you might think … Bitcoin [ed: redacted] Bitcoin.org Bitcoin is not anonymous Bitcoin is often perceived as an anonymous payment network. But in reality, Bitcoin is probably the most transparent payment network in the world. At the same time, Bitcoin can provide acceptable levels of privacy when used correctly. Always remember that it is your responsibility to adopt good practices in order to protect your privacy. The statement “acceptable levels of privacy when used correctly” is at best an understatement, at worst woefully misleading. Not only do YOU need to maintain flawless OpSec to remain anonymous, everyone you transact with needs to do the same, even if they don’t give it a shit about their own anonymity. That “stone tablet” foundation of an IMMUTABLE LEDGER? Not your friend if you are trying to maintain anonymity. Let’s examine the requirements of “used correctly” for Bitcoin or Bitcoin Cash, and then discuss an alternative coins that is optimized for anonymity. IMPORTANT: following my quaint suggestions might improve your anonymity, but you need far more thorough homework if you’re serious. “Say what?!?!” Even if you finagled your way through the KYC process with a fake identity, you leave ALL KINDS of breadcrumbs on a cryptocurrency exchange. Forget exchanges, you'll need to procure coins elsewhere. And forget other people too, as they’ve left their OWN trails of breadcrumbs. Never transfer coins to/from an exchange. Your IP address so traceable that it might as well be your IRL address. Most VPNs keep logs that connect both ends of the tunnel, spitting in the face of the ‘P’ in the acronym VPN. A few VPNs swear up and down that they do not keep any logs, and some of those accept Bitcoin. Always transact through Tor or a carefully selected VPN. Many wallets FORCE you to use a single address every time you receive Bitcoin, which is poor security even if you are NOT hell-bent on anonymity. Reusing addresses leave breadcrumbs. Always generate a new address for every receive transaction. Search “ forensics” for an eye-opening look at why this requirement is so critical. Cliff notes: your always flawless OpSec can be cracked by analyzing the transaction history of your less-than-always-flawless counterparties. Enforce all of these rules on every counterparty. blockchain Even the most seemingly innocuous tidbit can provide an adversary with a tiny crack to exploit into a full-blown attack. The irony here is the immutable ledger that is the blockchain — recording each and every leak of information for eternity — will be your unmasking, unless all of your counterparties (and all of their counterparties, etcetera) maintain 100% flawless OpSec. A fundamental precept of cryptography is “never leak information.” You’re using an alias. Not much protection, that. Bottom-line: for all but the most informed and assiduous people, Bitcoin and Bitcoin Cash (Ether, Litecoin, and most others) are pseudonymous. **ZCash cometh**Leveraging the Bitcoin codebase and adding some extremely contemporary cryptography called “zero knowledge proofs,” Zcash aims to fix anonymity. Bitcoin and most cryptocurrencies expose your entire payment history to the public. Zcash is the first open, permissionless cryptocurrency that can fully protect the privacy of transactions using zero-knowledge cryptography. — Zcash homepage Confession: I was so taken with the zk-SNARK cryptography underpinning Zcash, I considered writing a book called . I enjoyed everything I learned, and it goes without saying that I could make this a PAINFULLY long blog post extolling the power and beauty of the cryptography. There is summary in the . Here is a highlights to pique your curiosity: The Zcash Tutorial (No, don’t bother searching for it, I came to my senses.) Zcash FAQ Zero knowledge proofs allow you to prove knowledge of some facts about hidden information . The property of allowing both verifiability and privacy of data makes for a strong use case in all kinds of transactions, and we’re integrating this concept into a block chain for encrypting the sender address, the recipient address, and the amount. without revealing that information At first blush, you might think “Oh, I get it. They’re encrypting the sending address, recipient address, and amount … and only the sender and recipient know the encryption key.” Strictly speaking, Zcash transactions DO encrypt the sending address, recipient address, and amount. Mind-twisting as it sounds, however, nothing ever decrypts that data. The recipient address is NEVER revealed: as in a conventional blockchain transaction, it is generated by the recipient and transmitted to the sender. The transaction includes a mathematical proof that VERIFIES — without REVEALING the data — that sender owns the coin at the sending address, and that coin is equal or grater than the amount specified. The description above illustrates “shielded transactions” using Z-addresses. Zcash includes “transparent transactions” using T-addresses, and those work exactly the same as a conventional blockchain transaction. (Transactions may use a mix of T-addresses and Z-addresses.) Why would anyone use transparent transactions? Yeah, about that. Turns out that SERIOUS computation is required to construct the zk-SNARK used in a shielded transactions, tens of seconds or a few minutes depending on your compute horsepower. And while the Zcash folks openly share the requisite code, nobody has yet taken them up on the proposition of integrating shielded transactions. As it stands, the only means for sending or receiving a shielded transaction is the Zcash wallet included in Zcash full node build. NOT ideal. Running any full node is a PITA, and generally an unsound idea for Normal People. The undeniably fantastic utility of shielded transactions, as described above, is limited to very technically savvy people all running full nodes. More acutely — and you’ll want to sit down about now — NO EXCHANGE currently handles shielded transactions. The Zcash folks are making strides to reduce the computation required to construct zk-SNARKS and handle shielded transactions. Fingers crossed, they’ll make progress with exchanges and unaffiliated wallets alike. For the time being, shielded transactions are the domain of the very dedicated. Security The bitcoin system has had the biggest target on its back for the better part of five years, painted by ne’er do wells pining for the combination of ginormous sums of money and the distinct possibility of getting away with a heist. A remarkable state of affairs from a cyber-security perspective. The most gifted hackers worldwide have studied and probed from every angle, to no avail. — Store of value / Vulnerabilities in store This post is NOT about “everyday” implementation (i.e. code) vulnerabilities. This post tackles the potential of “unkown unknown” PROTOCOL vulnerabilities. And yet — yeah, you just KNEW this was coming — five years is not very long in terms of new and innovative technology. While the former can be dangerous, the latter can be dinosaur killers. — Ibid Simple as that. I’ve covered the reasoning in multiple posts earlier in this series, so I am not going to belabor the point. All of them can be picked. Complexity being the enemy of security, well, let’s all count our blessings vis-à-vis cryptocurrency blockchains. The Bitcoin blockchain has been stunningly secure. One day it won’t be. The honest truth about locks? Question: what might a “more secure” cryptocurrency look like? Answering that without a specific threat in mind is damn nigh impossible. More accurately, answering that question in a manner that would clearly demonstrate utility is damn nigh impossible. When something BREAKS with a major cryptocurrency, there will be unimaginable utility in an alternative solution that eliminates the vulnerability. Improved security can manifest itself as utility along one or more of the OTHER properties already discussed, for example: Mitigate double-spend risk in a manner that dramatically reduces . transaction confirmation time Mitigate 51% attack risk in a manner that slashes , by reducing the burning (pun intended) issue of power consumption. transaction cost Increase in a manner that stands a chance of working for Normal People. anonymity And there may be value in more contemporary (perhaps lattice-based) cryptography, in order to build some additional temporal runway against attacks unknown. While security as a property “by itself” seems fairly amorphous, cyber-security is a $150B+ business annually. With increasingly alarming frequency ) we see that cryptocurrency participants are NOT taking fear/security seriously enough. ( $500B last week User Experience While improvements in each of the above properties would improve the overall user experience, that is not what I am driving at. I am talking about the Normal Person User Experience handling cryptocurrencies, which if you’re intellectually honest, just plain sucks. Yeah, yeah, I’ve watched countless beginner-intro-how-to YouTube videos. I’ve personally guided countless Normal People through cryptocurrencies, and the universal takeaway from them is “Silicon Valley Early.” Sure, I can get just about anyone onto Coinbase — though I would never do that to anyone that I like — but just try to take a baby step outside their tiny little walled garden. It ain’t pretty. If I knew how to improve dramatically the Normal Person User Experience, I would be off doing it RIGHT NOW. Let’s agree that there is great room for improvement on a great number of different pain points: buying, holding, sending, spending, taxation … the works. Here’s a compare-and-contrast illustration for you: Apple Cash, the P2P companion to Apple Pay. Setup is little more than linking a debit card and takes a minute. Sending cash is done WITHIN iMessage with a tap of an icon and takes seconds. Moving received cash back to your bank is tappity done. (Venmo is arguable better, with the modest exception of requiring its own app.) There may be solutions that accomplish that lofty objective with existing cryptocurrencies, or it may take a disruptive solution built from the ground up optimized for the Normal Person User Experience. The objective is completely hiding the cryptocurrency mechanics, and that’s heretical to the vast majority of people and projects. Coin obsolescence and cryptocurrency investment Don’t invest in coins that are likely to become obsolete. ¡Sencillo! El fin. OK, OK, it is not simple. Let’s rewind to the opening of Part 1. of this post. At some point in the post-speculative-mania phase, fundamentals will matter and the price of a coin will be driven by underlying measures of its value. When price is driven by fundamentals, whatever the metrics, a NEW coin with substantially superior metrics will appreciate in price. Should the new coin closely overlap the properties of an OLD coin, competitive forces will obsolete the old coin over time. All sarcasm aside, these basic concepts at best LIGHTLY apply in today’s cryptocurrency markets. That leaves long-horizon investors in a lurch, as the guideposts they would like to see are absent from market pricing. User-perceived value. Utility. Fundamentals. The old “buy and hold” works far better for blue chips than it does for any rapidly evolving technology. I can dive into an existing coin and analyze strengths and weaknesses. I can investigate a new coin and assess its competitive position. It would be another book. Come to think of it, GRAHAM and DODD themselves needed an epic book — the seminal — to explain themselves. I cannot boil those exercises down to set of Graham-and-Dodd rules. Security Analysis Given the nascent state of cryptocurrencies as an asset class — coupled with the current reality of momentum following, fast money speculation — it will be years before we have a structured framework like Graham and Dodd. “Well, shit,” the few of you still reading this manifesto curse, “You could have told us THAT in a single tweet.” (I’ll leave it to one of you long-attention-span readers to tweet the above excerpt with a link to this post.) Short of enlisting my consulting services, how might investors proceed? First and foremost, recognize that with new technologies, the vast majority of early offerings fail. Not just products, entire companies go from “darling” to “dead” in a heartbeat. Why would today’s cryptocurrencies — early offspring of truly innovative blockchain technology — bypass a century-plus gauntlet and enjoy longevity? Few, if any, of them will. Long-horizon cryptocurrency investors need rigorous portfolio construction. , though given today’s “signal to noise” ratio, focus on larger (by circulating supply) and more stable (stop laughing) coins. Diversification is critical , especially in the current high-volatility environment. Complimenting a focus on larger and more stable coins, place small “high-risk/high-return” bets on the most promising emerging coins. Careful position sizing is vital Cut your losses, let your winners run, and eat balanced meals. I get it: this is Peter Lynch Investing 101. I’ve talked with super-smart investors, far more accomplished and successful than me, who describe strategies for orders-of-magnitude returns that seemingly break every rule in THEIR OWN books. In the introduction to this series , I commented that my motivation is to provoke BALANCED thinking.” So when I hear “unbalanced” reasoning from otherwise super-reasonable people, pardon my nudge. Next in the series … Xenon-135: anticipating knock-on effects Follow me @ Pressed250 on Twitter Copyright © 2018 Bruce Kleinman. All Rights Reserved.