WebAuthn+ ~ Unhackable Authentication
| This first wave of Blockchain/Distributed Ledger applications will most certainly fail... The current system architectures suffer from complexity and convolution. |
 |
| Lek ؋ $ ƒ $ ₼ $ $ Br BZ$ $ $b KM P лв R$ $ ៛ $ $ $ ¥ $ ₡ kn ₱ Kč kr RD$ $ £ $ € £ $ ¢ £ Q £ $ L $ Ft kr ₹ Rp ﷼ £ ₪ J$ ¥ £ лв ₩ ₩ лв ₭ £ $ ден RM ₨ $ ₮ MT $ ₨ ƒ $ C$ ₦ kr ﷼ ₨ B/. Gs S/. ₱ zł ﷼ lei ₽ £ ﷼ Дин. ₨ $ $ S R ₨ kr CHF $ £ NT$ ฿ TT$ ₺ $ ₴ £ $ $U лв Bs ₫ ﷼ Z$ | Trust Nexus WebAuthn+ ~ Unhackable Authentication |
|
||||||||
|
||||||||||
| >>> page 1 - page 2 - page 3 - |
 |
||||||||||
| The Internet of Value | ||||||||||
| Imagine that for every business process and every financial transaction it was possible to touch a button on your mobile device that would generate a hashcode that represents all the elements of the process/agreement and then that hashcode would be cryptographically signed by your private key. | ||||||||||
| The elements, hashcode and signature would all become part of a private cryptographically secure distributed ledger (no blockchain) that would provide an inviolable record that could be further extended in a similar process. This will be how the Internet of Value will work. | ||||||||||
|
||||||||||
| "There's a real risk that we'll experience the beginning of a 'blockchain winter,' as the continued absence of miracles and revolutionary developments leads decision makers to throw out the proverbial baby with the bath water and stop distributed-ledger-technology-related investments completely." ~ Martha Bennett, Principal Analyst ~ Forrester Research [ref] | ||||||||||
| AXIOS recently announced: "Corporate America's blockchain and bitcoin fever is over! Why it matters: The hype was just that. The odds of a company turning blockchain 'headlines into reality' are slim..." [ref] | ||||||||||
| Forbes recently asked: Is this the End of Blockchain?
"A recent study into 43 initiatives reported that despite a great number of promises and convincing arguments, none of the projects have been able to show that they have been able to use blockchain technology to achieve their objectives." [ref] | ||||||||||
|
||||||||||
| This first wave of Blockchain/Distributed Ledger applications will most certainly fail... | ||||||||||
The current system architectures suffer from complexity and convolution.
Three architectural changes will bring simplicity and elegance:
|
||||||||||
| There will be a new beginning. Eventually, Distributed Ledgers (not crypto-currencies or blockchains with distributed databases), as a cryptographically secure shared source of truth that can be processed by intelligent systems, will provide great benefits to all businesses, from startups to multi-national corporations to impoverished villagers in the third world. | ||||||||||
| The Internet of Value[ref] will become a reality. Some have estimated that the resulting economic efficiencies (by reducing time, costs and risk) will be measured in trillions of dollars.[ref] | ||||||||||
|
||||||||||
| Distributed Ledgers ~ Bitcoin is Not the Answer | ||||||||||
| There is presently an intense fog of hype regarding blockchains and distributed ledgers, primarily due to the interest in Bitcoin and other crypto-currencies. The promise of Bitcoin is that users can verify the integrity of transactions in a distributed ledger where the participants are anonymous, do not trust each other and there is no central authority to arbitrate disputes. | ||||||||||
| The key problem Bitcoin is attempting to solve is the "double-spend" problem. If Sarah's account on the Bitcoin ledger shows she has 40 Bitcoins, how do you make sure (without a central authority) that she does not use the same Bitcoins to make two 40 Bitcoin purchases? Bitcoin's proof of work consensus solves this problem; it truly is an elegant solution. | ||||||||||
| "Satoshi Nakamoto is the name used by the unknown person or persons who designed Bitcoin and created its original reference implementation, Bitcoin Core." [ref] The original paper, Bitcoin: A Peer-to-Peer Electronic Cash System, was published in 2008 and is just eight pages long. | ||||||||||
| While the proponents of Bitcoin have created an effective solution to resolve the "double-spend" problem, for pragmatic reasons it seems unlikely that Bitcoin will ever gain widespread acceptance. The time it takes to verify a financial transaction in the Bitcoin ecosystem is already greater than one hour (six blocks) [ref]; this is unacceptable in a modern financial system. Also, there are very real costs in the proof of work process to verify Bitcoin's distributed ledger, "gigawatts of computing power". | ||||||||||
| A recent article by Noelle Acheson pointed out, "The high cost is leading to centralization of Bitcoin block processing. Remember how I said 'hundreds of computers all around the world'? Well, they're not really. Most of them are in China, where electricity is cheap. A kilowatt/hour in China costs $0.11, vs $0.18 in the US and $0.21 in the UK. In Spain, where I live, the variable rate for heavy users reaches almost $0.17/KwH. There are not a lot of miners in Spain (we had headlines just last week of Bitcoin miners getting arrested for, among other things, stealing electricity from the neighbors to run their fast computers). Over 70% of Bitcoin computing power (evocatively called 'hashing power') is in China."[ref] | ||||||||||
| The proof of work process works, "...as long as a majority of CPU power is controlled by nodes that are not cooperating to attack the network."[ref] If anyone or any group can control more than 51% of a proof of work blockchain network, the network can be compromised. | ||||||||||
| Along with costs, time delays and the very real possibility of a conspiracy to commit fraud, there are other major problems with the Bitcoin architecture: While anonymity may be a plus for social anarchists who wish to evade any type of government control, it is not a plus for most business transactions. Sellers and buyers need to know and trust each other or at least have recourse to the legal system in case something goes wrong. | ||||||||||
| As Nikolai Hampton asserted in a scathing article in Computer World, "It's unlikely that any private blockchain will try to protect records using gigawatts of computing power - it's time consuming and expensive. Within a private blockchain there is also no 'race'; there's no incentive to use more power or discover blocks faster than competitors. This means that many in-house blockchain solutions will be nothing more than cumbersome databases."[ref] | ||||||||||
| When asked about the potential for blockchain technology, Harper Reed, the Director of Software Development for PayPal, dismissed it stating: "Whenever people say why don't we use the blockchain to do this, I think why don't we just use a database?"[ref] | ||||||||||
| Ultimately, bitcoin depends on the Greater Fool Theory;
anyone who "invests" in bitcoin is hoping that someone dumber then themselves will buy their "investment" in the future.
If you would like to watch an incredibly accurate crtique of bitcoin that is both harsh and humorous, see Bill Maher's commentary, |
||||||||||
|
||||||||||
| It May be Possible to Crash the Bitcoin Network | ||||||||||
| Many people who are familiar with Bitcoin fail to understand that when "double spending" occurs there is no "correct" path for the blockchain; one path will eventually become valid because more blocks will be added to that path demonstrating a consensus. One of the two double-spend transactions will end up on an invalid path and will not be part of the accepted ledger. It is all based on perception (who saw what first), probability and time (for the proof of work to be worked through). This is why Bitcoin transactions take more than an hour to validate. | ||||||||||
|
||||||||||
| Most Bitcoin players do not attempt to double-spend because they are aware that one of their double-spend transactions will be discovered and invalidated. A valid attack on the Bitcoin network might be for thousands (or more) of nodes to double-spend (or multi-spend) thousands (or more) of micro-transactions. The multiplicity of paths would dramatically increase the time and resources it would take to establish the valid path, effectively crashing the network. | ||||||||||
| The average number of daily Bitcoin transactions is around 300,000.[ref] How many unique combinations of distinct ledgers could be generated by a thousand nodes making a continuous series of staggered micro-transactions to all the other nodes in the attack group (over spending their ledger with each micro-transaction)? What would it cost to mount such an attack (maybe just a few thousand dollars)? By staying within the nodes of your attack group you would not deplete your resources and you could continue the attack ad infinitum. The Bitcoin architecture insures your transactions are anonymous. | ||||||||||
| If you had $100,000 (or more) to spend and could send multi-spend transactions to hundreds of thousands of nodes each hour, how long would it take to crash the Bitcoin network? The test of this hypothesis, by mounting a "Micro-Transaction Multi-Spend Attack" against the Bitcoin network, would probably be against federal law in the U.S. (Where are the Elbonians when you need them to test a good theory?) | ||||||||||
| With the advent of Bitcoin Futures it is only a matter of time before malicious players attempt to crash the Bitcoin network. | ||||||||||
|
||||||||||
| Proof of Work Consensus versus Voting Consensus | ||||||||||
| Given the major limitations of the Bitcoin blockchain architecture for business transactions, those who are trying to secure startup funding based on the blockchain hype have twisted the blockchain concept to suit their purposes. There are now dozens of alternate blockchain proposals, most relying on some form of voting consensus among the participants rather than a proof of work consensus. The proponents of voting consensus are essentially saying, "Hey! We have a blockchain and we have a consensus mechanism AND we generate a hash code after the vote. Give us some money!" | ||||||||||
| Like Bitcoin's proof of work consensus, the voting consensus architecture utilizes a hash code calculation. A Secure Hash Algorithm inputs a text string of any length and outputs a number of a fixed length. The number is usually represented in HEX (there are 16 HEX digits: 0 - 9 and A - F). There are five ideal properties for a Secure Hash Algorithm [ref]: | ||||||||||
|
||||||||||
| As an example: | ||||||||||
|
||||||||||
| While the second input differs from the first only by a period at the end of the string, the output is vastly different; in cryptography this is known as the "Avalanche Effect". | ||||||||||
| In the Bitcoin proof of work consensus, when new transactions are added to the distributed ledger a hash value of the ledger is calculated. Then the proof of work is performed by adding a numerical value to the ledger that will cause a recalculated hash value to have a determined numbers of leading zeros. From the example above: | ||||||||||
|
||||||||||
| If we append "139547552" to original input the recalculated hash has eight leading zeros. The proof of work to determine this value took just a few minutes on a good workstation. Imagine recalculating the hash of a very long distributed ledger to create a hash value with twenty leading zeros. The computing power to determine that proof of work would be significant. | ||||||||||
| In the Bitcoin ecosystem, once you have succeeded in performing the proof of work for the state of the ledger that you believe is legitimate, you announce your results to all the other "Bitcoin miners". Everyone who agrees with your state of the ledger can check your value and then proceed in processing the next block of transactions (there is no reason to continue on the current block when someone else has already posted a proven solution). | ||||||||||
| Before everyone begins processing the next block of transactions, they will add your value and hash to the distributed ledger, effectively chaining the result to all the other results and making the ledger immutable. You are also awarded a few Bitcoins (which could be thousands of dollars depending on the spot price) for being the first to perform the proof of work. | ||||||||||
| The greater the number of people who agree with your state of the ledger and accept your proof of work, the faster that path of the blockchain will grow and other paths will die out. Proof of work provides consensus by probability. The greater the number of people who agree with your state of the ledger and accept your proof of work, the higher the probability that future proofs along the accepted path will be accomplished more quickly than other paths. | ||||||||||
| In the voting consensus process, there is no proof of work, there is just a simple hash code calculation after the vote. | ||||||||||
|
||||||||||
| A Religious War | ||||||||||
| All the blockchain platforms that are being promoted as business platforms have a set of parliamentary rules for the voting process when validating blocks within the blockchain. | ||||||||||
| For blockchain processes that depend on voting consensus rather than proof of work consensus, the members of the blockchain cannot be anonymous, they must be invited to your private blockchain party (if you do not know your voters you cannot trust their votes). When adding a block to the block chain, a simple (or perhaps truly Byzantine [ref]) vote is taken on the state of the ledger (perhaps the vote is restricted to "validating members" of the blockchain group to enhance the aura of legitimacy). If the vote passes, the hash value is easily calculated and then chained to the distributed ledger. | ||||||||||
| The rules for the voting consensus are established and enforced by a central authority which also arbitrates any disputes. In a proof of work consensus the rules are enforced by probability and everyone can be anonymous (this is the key insight of the Nakamoto paper). The fact that private blockchains are not anonymous and require a central authority is an apostasy to blockchain purists. There is an ongoing religious war in the techno-blogs regarding the true nature of a blockchain. | ||||||||||
| The pragmatists will assert that there must be some process to establish trust among the participants in a blockchain and there must be a central authority that can step in when things go wrong. The purists will reply that any attempt to use the blockchain calculations to establish trust among participants will always be a convoluted exercise attempted by those who have not read Satoshi Nakamoto's original paper, Bitcoin: A Peer-to-Peer Electronic Cash System.[ref] | ||||||||||
| The original proposal for the Bitcoin architecture was NEVER about establishing trust among participants or "verifying identities to prevent fraud". In fact, just the opposite; Nakamoto clearly stated, "What is needed is an electronic payment system based on cryptographic proof instead of trust, allowing any two willing parties to transact directly with each other without the need for a trusted third party [bank]... We have proposed a system for electronic transactions without relying on trust."[ref] | ||||||||||
| In section, "10. Privacy", Nakamoto proposes a "New Privacy Model" where the identities of participants in a transaction are kept anonymous, "by keeping public keys anonymous." In systems based on the Bitcoin architecture your identity is not a factor and there is no trust among participants. | ||||||||||
| The other aspect of Satoshi Nakamoto's original paper that most people are unaware of is that transactions are "completely non-reversible". Once the longest blockchain is established, the state of the ledger becomes immutable, the "miners" move on and there is no turning back. | ||||||||||
| So.... If all you are concerned with is trusting a process that prevents double-spending and you do not need to trust the people you are dealing with and you do not want any recourse if something goes wrong, a blockchain architecture similar to Bitcoin's proof of work consensus may be perfect for you. | ||||||||||
| So.... If all you are concerned with is cashing in on the blockchain hype and you realize the proof of work consensus is unsuited for business applications and you are able to create a Byzantine facade for a voting consensus that generates a hash code after the vote, perhaps you can raise some venture capital. However, if your system is not anonymous, if it is not immutable and it has a central authority that can arbitrarily change the rules or reset the state of the ledger, is it really a blockchain? | ||||||||||
|
||||||||||
| A Perfect Example of Blockchain Hype and Failure | ||||||||||
| A perfect example of blockchain hype and failure involved one of the leading edge blockchain companies and the world's greatest proponent of "Smart Contracts", Ethereum. In April of 2016 a group of Ethereum users created a "Digitally Autonomous Organization" to fund Ethereum projects. By the end of the 28-day funding period the DAO had raised over $100 million making it the largest crowd funding project in history. With increasing value of the Ether crypto-currency the value of the fund soon exceeded $150 million. | ||||||||||
| Then someone or some group utilized flaws in the code to illicitly drain $50 million from the fund. "The DAO hacker was probably able to run a transaction that automatically repeated itself over and over again before the system checked the balance... That would allow anyone to pull far more money out of the fund than they put in. The programming language that Ethereum developers use to write smart contracts, Solidity, makes it really easy to make this sort of mistake, says Emin Gun Sirer, a Cornell University computer scientist who co-authored a paper earlier this year pointing out a number of potential pitfalls in the DAO's design."[ref] | ||||||||||
| The response from Ethereum was to fork the entire blockchain, essentially turning back the clock to the time before the illicit activities and pretending nothing bad happened. | ||||||||||
| The Ethereum DAO debacle was widely reported as a "hack"; that is incorrect. A "hack" is defined as gaining unauthorized access to a system. The illicit activities of the "DAO hacker" were completely authorized by the code of the Ethereum "Smart Contract". And of course, everything was secured with a blockchain process. | ||||||||||
|
||||||||||
| Why "Smart Contracts" May Not Be | ||||||||||
| "The first thing we do, let's kill all the lawyers." - William Shakespeare, Henry VI | ||||||||||
| For those who are hyping blockchains and distributed ledgers, "smart contracts" are all the rage. | ||||||||||
| Contracts in the real world can be complicated; most often they are deliberately designed to be complicated to obfuscate true intent and limit the possibility of damages. | ||||||||||
| The promise of "Smart Contracts" is that they will be simple and clear, written in computer code that expresses a purity of logic unforeseen in human history. Because the logic is pure, "Smart contracts help you exchange money, property, shares, or anything of value in a transparent, conflict-free way, while avoiding the services of a middleman [lawyer]."[ref] | ||||||||||
| Also, "Smart Contracts" avoid the possibility of human failure or deliberate malice because the contracts are run autonomously on the network: "You're the one making the agreement; there's no need to rely on a broker, lawyer or other intermediaries to confirm. Incidentally, this also knocks out the danger of manipulation by a third party, since execution is managed automatically by the network, rather than by one or more, possibly biased, individuals who may err."[ref] | ||||||||||
| Even though a "Smart Contract" is executed "automatically by the network", that execution may still depend on human inputs and be subject to manipulation. For example, in the near future you may be able to lease a new "Smart Car" through a "Digitally Autonomous Organization". In theory, there will be no need to trust the "Digitally Autonomous Organization" because trust is embodied in the processes of the blockchain and both you and the lease company will digitally sign a "Smart Contract". | ||||||||||
| No doubt the "Smart Contract" will have an "electronic repo" clause:
if (debtor fails to make monthly payment) { auto drive the smart-car to a location defined by the creditor; } |
||||||||||
| Once the lease company has the car, they will no doubt make an offer to reestablish the contract for a "small fee"; they will promise that if the fee is paid they will not ruin your credit report which will prevent you (algorithmically) from establishing new "Smart Contracts". | ||||||||||
| Like any auto financing agreement the "Smart Contract" will be complex and most consumers will not read the computer code defining the contract. Most people are good and they assume that others will also act with good will or at the very least if something goes wrong there will be a process to fix it. However, with a "Smart Contract" you may wake up one morning with unexpected charges to your account and have no recourse to fix the problem. | ||||||||||
| For example, buried deep within the code of your "Smart Contract" for leasing your "Smart Car"
there will be some type of diagnostics clause:
if (diagnosticsTest == failure) { if (diagnosticParameters > normalWearTear) { debit debtor account for standard charges; } } |
||||||||||
| In this one clause alone there are three parameters subject to human interpretation and manipulation: The diagnostic test will depend on the "Smart Car's" firm wear which can be updated at anytime. The firm wear update could even be based on the diagnostic parameters (if too many cars are getting close to a diagnostic failure certain cars may have their diagnostic parameters changed to ease repair scheduling). The parameters for "normal wear and tear" and "standard charges" are also subject to human interpretation and manipulation. | ||||||||||
| The greatest weakness of "Smart Contracts" is that when things go wrong there may be no recourse to fix things, especially if one of the key features of blockchains, anonymity, is in force. If you are dealing with a "Digitally Autonomous Organization" you will have no recourse except for what is specified in the computer code of the contract. | ||||||||||
| As Matt Levine brilliantly stated in a recent Bloomberg article: "It is very much how 'smart contract' utopians want future institutions to operate, or how they think they want those institutions to operate. 'Immutable, unstoppable, and irrefutable'; free of human bias and stupidity and intervention; a utopia of coldly logical code. Human expectations are irrelevant, except to the extent that they are correctly translated into code."[ref] | ||||||||||
| "You'd better be sure that the contract says (and does) what you think it says (and does). The contract is the thing itself, and the only thing that counts; explanations and expectations might be helpful but carry no weight. It is a world of bright lines and sharp edges; you can see why it would appeal to libertarians and techno-utopians, but it might be a bit unforgiving for a wider range of investors."[ref] | ||||||||||
| Contract law has developed over hundreds of years. We have a legal system to protect rights and to deliver compensation when those rights are violated. Relinquishing an established system of justice to lines of computer code seems fool hardy. | ||||||||||
|
||||||||||
| Complexity and Convolution | ||||||||||
| Even with all the problems of blockchains and smart contracts, many financial institutions are moving ahead with proofs of concepts and prototypes, most notably with systems from R3, Ripple, Ethereum and Hyperledger. All of these system architectures suffer from complexity and convolution. | ||||||||||
| Examine the complexity of R3 Corda by watching the 21:47 video on Transactions, the 14:51 video on Consensus and the 10:00 video on Notary Services. | ||||||||||
| Examine the complexity of Ripple's Interledger Protocol (ILP) by reading their fifteen page Solution Overview, and their twenty page Technical Overview. | ||||||||||
| Examine the complexity of Hyperledger Fabric by reading the Architecture doc; especially see the "Consensus Process Flow" on page 5 and the "Transaction Flow" on page 8. | ||||||||||
| This first wave of Distributed Ledger applications will most certainly fail; however, Distributed Ledger technology, as a cryptographically secure shared source of truth for the transfer of value, will eventually succeed. In fact, it will transform all aspects of fiance. It will be possible to transfer anything of value (from financial instruments to creative works) through cryptographically secure distributed ledgers. The Internet of Value will be realized. | ||||||||||
| Go to page 2 for more. | ||||||||||
|
||||||||||
|
||||||||||
|
|
||||||||||