[Note: This is a follow-up commentary after the original Forkonomy paper (now on Hacker Noon) was written and self-published on pllel.com in summer 2018 with last revision 10th August. Figures come from #forkonomy tweets, original manuscript and presentation slides from ETC Summit Forkonomy talk in September 2018.]
Whereas the difference in price and hashrate between BTC and BCH in August 2018 was approximately 10–15:1, the BSV/BAB split and resultant negative sum implications have lengthened this out to 30–40:1 at time of writing in late January 2019. What was then a marginally vulnerable network to 51% attacks is now at serious risk. Regardless of the amount of SHA-256 hash available on distributed marketplaces such as Nicehash and Amazon EC3, it is feasible that a single entity could amass 3% of BTC’s hashrate and perform a solo attack, especially given the amount of shelved / unsold ASIC inventory available at this time.
Fun story: I wrote an even bleaker forecast for BCH’s future in an earlier draft but pared it back after receiving comments that it may be going too far. Ha! Still, some summer ’18 predictions regarding the increasingly uncomfortable situation that the BCH family find themselves in — between chain security and miner bribes — have not yet come to pass (see below tweet) other than checkpointing on BAB. Both networks are exhibiting ever increasing centralisation of network infrastructure, hashrate and human leadership so expect further mandatory “upgrades”. A lot of them, sometimes at very short notice.
As for Bitcoin, the bear market has had an impact on BTC hashrate, ending a parabolic trend that extended much further than the price. Though the price of BTC today is around half of that in the summer (~$7000 versus ~$3500), network hashrates then and now are both in the 30–40 EH/s range. The security model of Bitcoin’s PoW remains largely untested in the ASIC era, with the only obvious network weaknesses being external entities’ political, technical and regulatory actions, miner / foundry oligopolies, cryptographic vulnerabilities and consensus-breaking code errors in implementations such as CVE-2018–17144. Still some time to go before miner subsidy attenuation becomes a pressing concern with respect to fee market development, with everything depending on BTC price to provide the necessary incentives.
The question remains open as to how L2 appendages such as sidechains and off-chain payment channels will affect this by offering alternative transaction pathways which minimise writing to the blockchain and consequentially demand for block space. Side note on the recent launch of Grin — a network based on the novel MimbleWhimble blockchain construction —with a constant, indefinite coin issuance rate (60/min) which may better mitigate against a lack of a transaction fee market in Bitcoin’s subsidy halving regime, by exhibiting a smoothed and steeper initial decline in effective inflation rate.
It’s been an eventful few months in the land of Ethereum-based networks. The expected Ethash FPGAs and ASICs have not been spotted in the wild by any great number but their effects may be being felt already. It will be interesting to see if nonce fingerprints will eventually be evident as has been the case for BTC and XMR.
There have been 51% attacks and deep chain reorgs on minority Ethash chains MUSIC, ELLA and PIRL, with exchange double-spending the typical approach for attackers to ROI. PIRL has taken an approach to mitigate these hazards with client-based solutions which would penalise offline nodes for attempting to rejoin the network and broadcast a rapid series of blocks (PIRLguard). UBQ instead changed its hashing algorithm to avoid Nicehash / ASIC susceptibility.
Although a big theme of this work has been looking at the vulnerabilities of minority PoW chains to attack and defensive strategies — and also that this work was presented at the ETC Summit in autumn 2018 — it was a surprise to see Ethereum Classic itself fall prey to these attacks as well. Read the below articles by Phyrooo and Pyskell to put the temporarily disruptive nature of a majority attack into context. However, in these early innings of cryptocurrency, exploits against exchanges provide a strong disincentive for listing minority PoW networks unless precautions are taken with confirmations required for transactions to be considered final. Seeing altcoin exchanges like Cryptopia listing small PoW networks getting constantly exploited (and suspending operations recently) is a universal warning sign, especially for projects with little value proposition other than speculation and trading.
It remains to be seen what path ETC will take in order to mitigate attacks, the usual gamut of options are being discussed by stakeholders in a rational way — I was present for the post-mortem call and reiterated my opinion that changing mining algorithm in a knee-jerk response is probably sub-optimal to penalising attackers withholding blocks. It appears that the continued delays of ETH’s attempted transition to a sharded, proof-of-stake network — thereby bequeathing the Ethash majority to ETC or another as-yet-unborn timeline — has exacerbated the issue alongside the protracted bear market and abundance of marshallable hashrate.
There is also discussion of ETH adopting an “ASIC-resistant” algorithm (ProgPoW) while waiting upon Casper and prior to the recent failed Constantinople network upgrade a pro-ProgPoW activist fork faction appeared with the ostensible goal of rejecting the EIP-1234 reduction in mining reward from 3 to 2 ETH per block in addition. It seems inevitable that either (or both) ETH-ASIC and ETH-ProgPoW factions would attempt a fork should the network not move in their favour. Additionally, due to the 11th hour cancellation of the Constantinople upgrade, the so-called “difficulty bomb” has now activated on ETH, having been repeatedly delayed by previous hard forks.
In terms of social layer network politics, both ETH and ETC have had issues of differing types. ETH’s diverse stakeholders are pulling in different directions regarding key technological design choices such as state rent and allegations of insider asymmetry / opacity at crucial meetings. ETC may be suffering from a “tragedy of the commons” scenario as hitherto leading core development company ETCDEV shut its doors due to a funding crunch, with accompanied suspicions of power struggles for prized network resources such as the Github repositories and experienced core developers.
Ratios of hashrate and price between ETH and ETC are approximately 20–30:1, similar to BTC/BAB-BSV ratios discussed above but ETC has an additional light at the end of the tunnel — or is it a “friendly ghost” who will remove incentives for miners to stay on ETH? Data from www.blockchair.com and www.coincap.io.
Just going to leave the below few tweets documenting my ETC Summit talk here. We’ll have to wait and see what happens with ETH regarding PoW to observe the effects downstream in the Ethash ecosystem.
The disconnect between market cap and miner incentives for ledger forks such as BCH/BSV/BAB, BTG and BTCP has been discussed widely in recent months (here for example) but it wasn’t as blindingly obvious last summer. Indeed I received some stern criticism from a reviewer on my claim that market caps for minority ledger forks were heavily inflated in comparison to codebase forks. The below tweet sparked the realisation that all was not well in the land of BTCP.
By combining the UTXO sets of ZCL and BTC, BTCP aimed to leverage the Bitcoin name whilst heavily incentivising ZCL holders and buyers. It worked too, in the final “junk rally” of 2018 ZCL pumped 100x in USD terms before beginning a protracted and decline in price of >99%. ZCL is still bumbling along as a semi-zombified chain, with other spin-off ledger forks and fork-merges attempted. The client software got rather out of date and broken, making it hard to run a node over winter, and indeed to find peers and sync the chain.
With only half a million coins remaining unsupplied from the 21M cap, BTCP finds itself effectively a halving ahead of Bitcoin. With a low token fiat price, miners are not sufficiently incentivised to defend the chain and since there is an abundance of Equihash resource available launching thermodynamic attacks would be trivial. Indeed the hourly cost estimates in the paper had to be continually revised downwards, from >$600/hr initially, to <$50/hr now. As the supply schedule of ZCL, BTCP and BTC are directly comparable (4x factor in block time and subsidy to convert) we can think of BTCP as a time machine taking us forwards to the most pessimistic possible future of any Bitcoin-like network with a halving subsidy and fixed supply limit. This is the timeline in BTTF2 where Biff makes it bigtime.
As expected, attacks were inevitable. ZCL has <5% of the ZEC hashrate and BTCP a further order of magnitude less. With Equihash ASICs on the scene they are sitting ducks. Both tokens are in the $1–1.50 price range, with a ZCL pre-fork ATH around $200. Data from coincap.io and www.coinmetrics.io.
BTCP forkcast: REKT with a high likelihood of upgrades .What’s next for this white dwarf chain? Pretty much every mitigation you can think of has been discussed — Horizen’s chain selection rule update seems to be working for them.
Something else interesting and related! The wizards at CoinMetrics who I had badgered to run BTCP and ZCL nodes last summer, recently uncovered a grand heist with ~2 million coins secretly added to BTCP’s shielded pool at the time of inserting the BTC UTXOs into the ledger. Indeed I had a great deal of problems getting the BTCP client to play nicely, as the few thousand blocks around the time of the operation were enormous and often crashed my workstation when parsing data for analysis. BTCP is the worst of all possible worlds.
Assets atop forked networks
There was a brief note in the paper on security risks of “top heavy” networks, where for example Ethereum can allow for a greater “value” of issued non-native tokens than the base protocol token. Read the great article below by Joe Looney to get a fuller understanding of the various hazards subsumed within this. Let’s think about how non-native assets could be used as bargaining chips by forkers. Offering to honour assets on a ledger fork network may skew hodler’s incentives in ways that are hard to predict.
#forkgov: Fork-resistance and governance
In the original paper Tezos and Decred were discussed as networks addressing network governance by inhibiting forks in different ways. Taking a high-level perspective, let’s address the most general question: are these two notions meaningfully compatible? If we think of any natural process in the Universe — from the celestial to the tribal — as accretions and communities grow in size and complexity, scalability challenges increase markedly. Minimising accidental chain splits during protocol upgrades is a worthy goal. However, denying a mechanism to allow factions a graceful and orderly exit has upsides in preserving the moat of network effect but at the cost of internal dissonance, which may grow over time. Sound familiar?
One can look at ledger forks in a few different ways as good, bad or neutral:
[Good] A/B/…/Z testing of different technical, economic or philosophical approaches aka “Let the market decide, fork freedom baby!”
[Neutral] An inevitability of entropy and/or finite social scalability as these networks grow and mature it is not realistic to keep all stakeholders sufficiently aligned for optimal network health.
As such, protocol-layer fork resistance and effective public fora with voting mechanisms can certainly be helpful tools, but there is a question as to whether democracy (the tyranny of the majority) should be exercised in all cases. If there was a “block size” style civil war in Tezos or Decred with no acceptable compromise in sight, would the status quo still be the best situation in all cases?
My perspective is that fork-resistance will largely redistribute the manifestations of discontent rather than provide a lasting cure to ills, and the native network governance mechanisms may be gamed by either incumbents or ousters. More time is needed to see how decision-making regarding technical evolution unfolds in both networks. Decred seems to be sitting pretty with a fairly attack-resilient hybrid PoW/PoS system, but there are some “exclusionary forces” in the network leading to the escalating DCR-denominated costs of staking tickets necessary to receive PoS rewards and participate in proposal voting, denying access to the mechanism to smaller holders.
Demand for tickets and staking rewards naturally increases with ongoing issuance, as the widening pool of coin holders wanting to mitigate dilution also does. As the ticket price is dynamic and demand-responsive, it creates upwards pressure which would make tickets inaccessible for a growing proportion of coin holders. At time of writing, “ticket splitting” allowing smaller holders to engage in PoS is available from some stake pools and self-organised collectives but the process is not yet automated in reference clients. On the other hand, the ongoing bear market has seen the USD ticket price fall from ~$8–10k USD at January and May 2018 peaks to ~$2k USD today in late January 2019 so those entering Decred with capital from outside the cryptocurrency domain would likely be undeterred. Data from dcrdata.org and coincap.io.
Further, as per Parallel Industries’ TokenSpace taxonomy research, staking rewards resemble dividends and token-based governance privileges resemble shareholder rights which make Decred appear a little closer to the traditional definition of a capital asset than pure PoW systems. This may or may not be an issue depending how regulation unfolds. Tezos has those potential issues plus the regulatory risk from the token sale. Decred’s airdrop may not have distributed the coin as fairly as possible but will undoubtedly attract a lower compliance burden than a token sale or premine.
“Activist Forks” & “Unfounder Forks”
Taking this a step further, these dissonant groups may conduct a guerilla campaign inside a network to focus attention on their cause. Last summer, a few anti-KYC factions of Tezos had appeared on social media outlets prior to network launch, however since the launch things have quietened down somewhat. One faction which still apparently intends to create a fork of Tezos changed tact and became a delegated staker within the network whilst continuing to voice dissent —perhaps this “fork activism” can be interpreted as a response to the “fork-resistance” of Tezos.
So, what else could a fork activist do? Take a look around at the ongoing ICO bonfire of the vanities which is largely due to poorly thought out sales of high-friction futility tokens infringing on / attempting to circumvent various regulations around the world. The prospect of removing the token issuers and the tokens themselves once treasuries are liquidated (by themselves, or by lawmakers) and development ceases is quite attractive indeed — will we see a wave of “unfounder forks?”
Conclusions & Future Directions
As with astronomy, there are no conclusions in forkonomy. Only endless observations as entropy drives time along. More work needs to be done analysing blockchain data harvested from nodes, especially on ZCL and BTCP. The quest for candidate network heuristics and tools continues. Studies of Decred’s Politeia proposal & voting system now that it’s operational would be interesting too.
Thanks to Richard Red for details and resources regarding Decred’s PoS and ticketing mechanism.
If you found this article interesting please do 👏 and share it where you can. Remember, you can clap up to 50 times — it really makes a big difference for visibility and warm fuzzy feelings. Y’all welcome to come hang out at www.pllel.com and on Twitter.
Create your free account to unlock your custom reading experience.