Ember Financial: Open Assets for the Enterprise

Ember Financial

I am pleased to announce the availability of the Ember Financial platform for Enterprise applications on the Bitcoin blockchain. Recent announcements by Nasdaq and others are setting the stage for a renaissance in tokenized applications on the Blockchain, and we are leading the charge with the first fully managed middle-ware and embedded platform for building next generation settlement, smart property and asset applications on the world’s most secure digital ledger.

Ember is a powerful color coin platform fully compliant with the Open Assets specification, with many advanced features designed to help companies quickly deploy and manage their blockchain secured assets and transactions. Built from the ground up with fault tolerance, reliability, and scale in mind, it can dramatically shorten time to market for financial and other demanding applications.

Building infrastructure on the Bitcoin network is still difficult, and companies have significant challenges in adopting and integrating distributed ledger technology. Multiple types of wallets with associated trade offs, inline risk management, cryptographic key distribution and signing, sophisticated transaction building facilities, and requirements for reliability and transparency. We can distill this process into a unified financial services gateway that expands your capabilities dramatically, and lets you take advantage of the Bitcoin networks exciting innovations. Simply the fastest way to get from zero to one for your domain specific applications.

At the core of the platform is Erricson’s Open Telecom Platform, the same framework powering some of the most demanding applications on the Internet including WhatsApp, Facebook’s chat infrastructure, and numerous telecom solutions. When downtime is simply not an option, and reliability is key to the success of your product a bullet-proof foundation is extraordinarily important. This infrastructure is exposed via a number of APIs, Guis, and remote management tools. Some of the advanced features include:

Feature set

We have tackled the most challenging Bitcoin design problems and created a unified application stack that allows companies to extend and manage their products and services directly on the blockchain. For more information about our capabilities, or to discuss your design challenges and ideas send us an email at info@emberfinancial.com. I am going to be following up this posting with a series of examples and use cases, as well as updates on our rapidly expanding capabilities.


Bitcoin in 2015

Its a new year, and I’ve definitely been remiss in updating my blog. That wasn’t one of my New Year’s resolutions but perhaps it should have been. 2015 is shaping up to be an excellent year for Bitcoin, with major funding flowing into the space and advancements being made on most fronts.

Major banks, trading firms, and other money institutions are finally taking notice. Bitcoin might be the first widely available currency of financial inclusion. The web was an on-ramp to the greater Internet and global connectivity, maybe Bitcoin is going to serve a similar purpose with respect to banking over the next ten years. Suddenly we have a mechanism to deliver value to consumers directly, regardless of locale. That means traditional banking services, such as storage, interest, loans and payments can be accomplished without the geographic, economic, and political boundaries that the banking industry has grown up around. These artificial constraints are breaking down as the friction for these services rapidly approaches zero.

We are already seeing remittances companies starting in almost every major market. From Mexico to the Philippines, the UK, Australia, Southeast Asia, Europe and Africa. Diverse companies are integrating with existing financial networks and cash delivery options, MPesa phone networks, general SMS, Email, Twitter, you name it. Bitcoin is the fastest, cheapest and most secure way to transfer money, and in the not too distant future will be the cheapest, fastest and most secure way to transfer anything of value. A click away from cash delivery directly to your mobile device or a custodial service, at prices that are simply unbeatable.

Western Union isn’t going down without a fight, and have managed to hold on to their share of the remittance market despite the fact that they aren’t terribly competitive. Unfortunately for them I don’t see a future where they are destroyed by a single definable competitor, rather its death by a million cuts as disconnected businesses all over the world eat away at their core business proposition. Consumers no longer have to be satisfied with local money options when a world of possibilities is available at the click of a button.

To some this might seem far fetched, it seems like a distant possibility that money and money services will be so fluid and so accessible that people in the farthest corners of the world will have access to the sophisticated infrastructure we enjoy in the west. If you are in the camp, think back to the distant past of 1993. In that good year there were approximately 130 websites. Just seven years later there were 17,087,182 websites. Now in 2015 there are over 968,882,453 websites. By 2016 we are projected to have over 2 billion smart phone users. That is 2 billion people walking around with devices in their pockets capable of transferring money directly to any of the other 2 billion smart phone users on the planet. Do you still think Western Union has a business model?

The Internet has uprooted industry after industry, largely through connectivity. Businesses that rely on these artificial boundaries are destined to be destroyed or radically changed. Banking is fortified at the heart of our society, it is responsible for money creation, and fuels the engines of capitalism, yet up until now has been sheltered from those same forces. Protected by geography, cemented by regulation. It’s time to adapt or die. Bitcoin is coming, and digital currency is here to stay. Interesting times ahead.


Sidechains

Sidechains have been getting a lot of press recently within the Bitcoin community, backed by a fresh round of 21 million in investment, and with a team including some of the Bitcoin core developers they are in a position to push through changes and adapt Bitcoin to different purposes. For those unfamiliar the premise is very simple. Sidechains is a cryptographic mechanism by which Bitcoin can be locked in the main chain, and redeemed for a deterministic amount of an alt coin. This alt coin has its own blockchain, its own rules, and its own code. It runs completely independently from Bitcoin, but at any time it should be possible to redeem this coin and transfer the value back into the main Bitcoin blockchain.

Blockstream has been touting this as a major innovation, something worthy of investment, and a game changer for Blockchain technology. I’m not convinced yet. Like many good ideas its worth trying to separate fact from fiction, and take a hard look at what Sidechains really do from a technical and monetary perspective.

The first thing to keep in mind is that a side-chain is an alt coin. It is an alt coin that is subject to the same rules as any other alt coin. It is not secured by the Bitcoin proof-of-work by default. It is not immune to bugs. It may not even be extensively tested. It is in almost every way equivalent to any fork of Bitcoin we have ever seen. However, its value is derived from Bitcoin because Bitcoin can be transferred into it at a deterministic rate in order to prop up the chain. The main argument for this, is that it shields people from transactional risk. I would argue that it does the opposite, and hides risk by preventing the free market from discovering its true value.

From an operational standpoint the benefits are clear. If you were running multiple block-chains, and they were all secured via merged mining so that they had identical proof-of-work security, then you could increase the scale by the number of simultaneously running block-chains. The thing is this is true for any alt coin. If you start an alt coin, and it is secured via merge mining, then you can specialize it and increase the transactional throughput of digital currency networks by having multiple simultaneous running chains for different purposes (this is how the system works now).

I think from a scale perspective the thing that is interesting is not running multiple alt-coins, but just scaling Bitcoin itself out horizontally with multiple block-chains that can share data. This lets you increase the scale and size of the Bitcoin network, alt coins be damned. It could also be a way of simply migrating the entire Bitcoin network to a new one, or a different code base. For people who are worried about centralization concerns and regulatory control there is something to think about here. In our effort to scale Bitcoin we may be creating mechanisms to assert regulatory control. What if Bank transactions can only happen on a Bank run side chain? What if transactions for government services can only occur on a government run Sidechains with identity controls? It seems to me to be a slippery slope, once a mechanism exists to migrate coins away from Bitcoin to alternative chains, won’t we see a fragmentation of the ecosystem as companies silo specific functionality?

So the argument seems to be primarily an economics one. We aren’t gaining very much technically from this shift, that we don’t already have with existing alt coins, but are getting “risk-free” value transfer. Of course, that isn’t really true, the risk is being hidden because of lack of information sharing. Despite the negative publicity that traders get the market serves many purposes, including being able to price the value of a commodity or service based on the underlying fundamentals. When you deterministically 2-way-peg an asset you are making a statement. These two things are equivalent. 1 side coin is worth 1 Bitcoin, and 1 Bitcoin is worth 1 side coin. Of course, if a side chain is an alt coin that may not be true. If it isn’t secured by the same proof of work, and the network isn’t as large, and the code hasn’t been vetted I would say that the peg rate doesn’t make much sense. It may be that 1 Bitcoin should be worth a 1000 side coins because that network isn’t as good. Similarly if a major bug shows up in the side chain, shouldn’t its value decrease? If you have new information that the coin isn’t good, then when you buy into it you are paying more than its worth. When you sell it you are getting more than you should.

I think very little effort has been spent on the economics side of this equation. Side chains don’t make good economic sense, if they limit price discovery. The thing is when you deterministically peg something you are making a statement about value that may not be true. A side coin is not Bitcoin by definition, how can you make a value statement in code? There are people who say that Side-coins will trade on alternative markets also, but this is not the case. If I can always buy at a fixed rate, and sell at a fixed rate, I’ll only ever go to the market if I can get a better rate. Market dynamics tell me that I should never be able to get a better rate though because there is the certainty that I can buy and sell at a fixed price indefinitely. Put it another way, if I can buy a side-coin for 1 bitcoin, why would I ever buy it for 2? If I can sell a side coin for 1 bitcoin, why would I ever sell it for less?

It also plays around with incentive structures. Bitcoin itself has taken root because people believe it offers something different then what is out there, and that its network, and technical underpinnings have real value. They have put their money into Bitcoin, some simply to store it, but many with the hope that it will increase in value. A side chain never decreases in value, nor does it appreciate. You are taking a risk in that the coin may fail or have other issues, but there is no upside. Why put your money in an alternative coin and absorb that risk if there is no long term incentive? Similarly as a technologist, why should I spend the considerable effort necessary to create a side chain when there is no long term monetary incentive in the form of ownership to continue developing it? It forces us to find monetization channels outside of the currency proper, which I would argue is not an efficient means of work appropriation.

People also point out that Alt coins are frequently scams (which is true), but I would hazard that their value fairly accurately determines their risk profile. Their is a reason when a coin is trading at fractions of a penny. If the side coin chain stops working (51% attack) or some other transactional bug, Bitcoin may not be redeemable. This is not a risk-free way of trying anything, but many frame it that way.

Like any new technology the rule book is still being written. Its possible that a combination of technologies and methodologies might provide an accurate market-driven structure that preserves incentive structures within digital currency. Side chains is not a panacea to all problems Bitcoin, and there is considerable cause for concern that it may provide a mechanism to subvert Bitcoin proper. Remember Microsoft’s old adage, embrace, extend, and extinguish. Sometimes people with the best intentions make critical mistakes, for even the very wise cannot see all ends. Sidechains may provide a migration path that ultimately inadvertently undermines Bitcoin.


It’s all about trust.

It all comes down to trust. The modern world’s financial system is built on a foundation of trust, and supported by the framework of law. I remember very clearly the first time I saw a trader execute an over the counter transaction, thats when two traders at different institutions agree on a trade over the phone or in this case instant messenger. With all of the computers we have I assumed that process was done through some kind of shared system, that immediately resolved the transaction and settled the obligations of both parties. It doesn’t work anything like this. Each trader marks their side of the transaction in their firm’s ledger, and then at some point in the future a settlement process occurs. So if I sell you a million barrels of oil, you take my word for it, enter it into your system and go on with your day. This system is entirely based on trust, and the penalty for voiding an agreement is never being able to work in trading again.

When a bank sends another bank money via Swift (the international payments clearing mechanism) they deduct the amount from their local books, enter the amount into swifts system, and the foreign bank adds that amount into their system. Both parties are trusting Swift to clear and settle that transaction. If the transaction goes south for some reason and cannot be resolved properly the system falls back on legal remedies. Trust permeates every aspect of our digital lives. We trust the government to back the US Dollar, that is a trust obligation to the people holding currency and investing in US bonds. We trust the bank to be able to deliver us currency even though they only hold a small portion of your money in the bank (a 5% fractional reserve rate is standard). We trust counter-parties to deliver goods and services, we trust payment companies to settle transactions, we trust brokerage companies to hold and manage stock certificates. Even the simplest payments are built on a network of trusted parties, and a web of legal and other agreements that connects them.

Trust has overhead. You can’t simply trust someone else can you? A bank can’t just take the word of another bank it doesn’t know anything about. In order to solve this we build banking associations, and government oversight committees, and employ legions of regulators, and auditors. We need accountants to compute both sides of the ledger, and lawyers to fall back on when things go south. We need tax accessors to make sure the government gets its cut, and don’t forget the police when you don’t honor your obligations. A framework of trust requires an elaborate system of checks and balances, every step in that process adds to the cost of doing business, and ultimately is passed along to consumers in the form of service fees and more expensive products.

Bitcoin solves the problem of trust. It does this in three ways. First, it enables the transfer of information between two parties in an irreversible way without either party having a pre-existing relationship. When you get paid, you get paid. Second, it allows anyone to audit transactions both in real time and historically, this provides a fact-in-time ledger, which allows us to know with certainty when events have occurred. Third, tokens representing money or other information can not be fabricated, counterfeited or otherwise copied, you can’t just magic up some Bitcoins out of thin air.

So potentially we have a new technology that is capable of replacing vast amounts of our financial infrastructure. The key is that unlike our existing system, if you can facilitate trust-less transactions you can do them programatically. This lets us push the legal, regulatory, accounting, and other rules that run our society into computer code. The same wave of automation that changed us into a post-industrial society, can now be leveraged to push us into a a new information age.


Meet the new middlemen

Microsoft now accepts Bitcoin. It’s all over the news. This is how this will play out. After six months or so Microsoft or another large tech company will acquire Bitpay for some insane amount of money, and then use their position in the market to push Bitcoin in every major retail channel and service they have. Of course Bitpay doesn’t actually do anything that your software couldn’t do automatically for you (and will), the dirty secret is that all Bitcoin payment processors are just order routers to exchanges in disguise with a payout back-end via ACH or some other established local payment method. The topology of Bitcoin payments is much more akin to trading infrastructure and financial services than it is to existing payment rails, and is in many ways less complicated than the legacy systems currently churning through payments.

It seems that whenever new technology comes along we have an arms race of companies trying to establish themselves as the defacto players. Bitcoin is no different in that in every country we are starting to see remittance and payments companies that pop up and perform one of two functions. They take your money and convert it into Bitcoin, or they take your Bitcoin and convert it into cash. They do this through local exchanges or by matching buyers with sellers within their own systems. Maybe they also let you link with some local payout options, or connect to an ATM machine or other point of sale device, but ultimately they are performing the same basic functions. It reminds me of the old WHO lyric, meet the new boss same as the old boss.

I’ve stated before how Bitcoin is the new Forex, but it has one property that really differentiates itself, and I think ultimately invalidates the model of most companies trying to establish themselves as the new middlemen. It is programmable money. That is a phrase that is thrown around a lot, it’s hard to pin down, what does it mean anyway? To me it means the ability to write programs that control the spending and flow of money, functionality that up until now has been largely provided by middlemen and embodied in third parties. Ten years ago you needed someone to “process” your transactions. To validate that it happened, record it in a database, and inform all of the parties through settlement what actually occurred. This still happens to a large extant across industries. The reason you needed these middlemen is that they created a proxy for trust, a framework where people could purchase services from providers without having to have any real relationship with them. So long as we mutually agreed to trust the credit card company, or the payment processor the exchange was facilitated. Bitcoin doesn’t require trust, and when it does each party can agree to trust different people. I may trust Exchange X to trade out my Bitcoin for dollars, and you trust Exchange Y. We don’t have to mutually agree on anything in order to facilitate payment.

Similarly since the flow of Bitcoin is software controlled, why do we need middlemen to handle the transaction? Why can’t the software embedded into your website facilitate the trade-out to cash itself? Lets look at the Bitpay model. They build a plugin for your e-commerce site that interfaces with their payment back-end. When they see a Bitcoin payment they notify you and the purchaser of a successful transaction, sell the Bitcoin on an exchange, and transfer the money to the merchant. They wrap that up with insurance and a big float so they don’t have to sell immediately and you have a money transfer business. The thing is, none of that functionality needs to be centralized. Alternatively your website could simply wait for the Bitcoin payment, trade it out on an exchange you trust, and initiate a payment via a method supported by the exchange to your bank account. Pretty easy, and something you can imagine being baked right into open source software.

Why can’t someones wallet directly do that? This quickly leads us down a rabbit hole where every consumer has the ability to directly deposit their money into investment vehicles they trust without middlemen. I don’t need to pay someone else to do cash settlement if the code running my website can do it automatically. I don’t need a special relationship with a select few companies if anyone can give me Bitcoin for cash. What we see is a proliferation of models that are replicating how payments have worked for the last twenty years when we are on the cusp of a payments topology that is completely different.

Decentralized computing and programmable money are here. Its time to embrace the new capabilities we have instead of shoehorning them into the existing models. The same way open source has completely taken over computing we can expect that same system to take over payments, and financial services. What we need is interoperable open systems (like open transactions) and the Bitcoin network to link our software systems together. Exchange and third party processors need to start speaking a unified API so that we can blow the possibilities wide open.


Bitcoin is the new Forex

Everything old is new again. Remember Forex? Hotspot? Lava? When unregulated third party exchanges started popping up they changed the dynamic of foreign exchange trading dramatically. While arguably still heavily influenced by the banks (don’t get me started on last look liquidity for those familiar), the available liquidity and access to those markets was simplified. Now the average consumer can trade Forex in minutes, and despite the risk, many do. This has created a vibrant and diverse market, with multiple exchanges, and consumer platforms vying for dominance.

The thing is, almost every single Bitcoin company is a trading company in disguise, they all have similar pipelines and they all perform variants on the same function. You can call it payment processing if you want, but the process looks more like a trade execution system then anything approaching traditional payments. Let’s run through the major players:

  1. Bitpay and every other payment processor on the planet, Takes your Bitcoins sends them to an exchange and gives the merchant dollars. They are on the sell side in order to meet the cash obligations to merchants.

  2. Coinbase, Circle, BitReserve, et al. Takes your money and gives you Bitcoins. So they transfer money from your account, put it on an exchange, and credit you Bitcoins. They also perform the reverse function on settlement so they are buy and sell side. This means they can make a two sided market based on customer order flow.

  3. Robocoin, BitAccess, etc. Takes your cash or Bitcoin at an ATM, trades it out on an exchange, and gives you the equivalent. Two sided trading liquidity, although I imagine they are more heavily buy side.

  4. Alphapoint, shapeshift.io and others. Does order execution and platform services. That is called an order routing engine. That means they take an order, and fulfill it at one of many exchanges based on best-price or some other metric.

  5. Coinsetter, BTC China, Kraken, Cryptsy, Bitstamp, Bitfinex, the list goes on and on. They have matching engines and run two sides markets taking order flow from the above companies and consumers and matching buyers and sellers. This is the exact same model that all of the early 2000s era Forex companies had.

Are we noticing any commonalities here? The only thing amazing about this list is how the existing well established, funded Forex platforms haven’t jumped on the bandwagon. There is nothing interesting from a technology perspective here, thousands have done it before. It would take them seconds to add unregulated third party Forex to digital currency swaps but they haven’t. There is an acquisition argument there, that existing platforms will just consume the new ones that have an understanding of handling digital currency payments.

Further, we have to ask ourselves exactly what function many of these companies perform. Order routing has complexities but isn’t exactly rocket science. Why can’t my digital wallet simply trade out on an exchange of my choosing if I want cash? Why am I paying the spread on these transactions when I can directly go to the market myself? Digital currency allows us to do frictionless transfer, so couldn’t an exchange accept a payment on my behalf and notify me when I had cash waiting? Obviously this is a simplification of the problem, but it seems we have a lot of middlemen inserted into a process that ultimately doesn’t need them.

In the end every Bitcoin company breaks down into just a few steps, and we are going to see modular open platforms that independently perform those steps. This is going to generate a tremendous amount of unstructured dumb liquidity. If you remember the explosion in growth of third party Forex, its time to make a stand in Bitcoin and digital currency. It’s happening here right now.


Lightweight tokenization

If you haven’t already seen it, I recommend checking out this video about the future of Bitcoin’s technology. It really lays out what I’ve been saying for a while, that we need to look at the underlying capabilities and start thinking about it as a new method for trusted exchange.

Digital currency is moving fast. Very very fast. It seems a day doesn’t go by where something new doesn’t crop up. The Bitcoin 2.0 space is particularly hot, with various organizations vying to lay the groundwork for future applications. While the world is still stuck on the notion of Bitcoin as a digital currency (if they understand it at all), technologists are embracing a more expansive vision. We are rapidly approaching a world where machines talk to other machines, but until now have lacked a viable mechanism for machines to pay other machines in real time for their resources, access, and capabilities. This machine-to-machine interaction is heavily predicated on their being facilities to do lightweight tokenization.

Let’s construct a contrived example. Let’s say we have invented a new type of camera, designed to be worn at all times that constantly stores video (yes, I am aware that devices like this exist). Over the course of years that is a lot of storage. The traditional model for building something like this would have the camera connect to a service that you the builder controls. It would send you video, which you would store. You would pay for that storage after the fact, and bill the consumer to continue hosting access to it. This means that you are not only a hardware maker, but are also in the storage business for video. Your devices will only work while you are providing them with storage, and hosting the infrastructure necessary to keep the cameras running.

Now lets make this an automated system. The consumer enters their purchase details and instead of directly buying storage with you their actual device is credited storage tokens that it controls. Storage tokens are redeemable for storage at any place that accepts them at a dynamic rate of Megabyte per second. Locations that accept storage tokens don’t have to know anything about the consumer, they don’t have to have any relationship whatsoever. They just have to accept storage tokens, provide the user with storage, and let them put stuff there. This means that the price of storage will fluctuate dynamically over time based on supply and demand. The video device itself negotiates with locations for storage, and pays them directly. When it starts running out of cash it tells the consumer who can top it up anywhere.

Now lets fast forward. Our video device company has discontinued the product, and moved on to bigger and better things. We got out of the storage business but because the tokens are untrusted existing providers can continue to honor those contracts, they have market value because people can exchange cash for tokens and vice versa on open markets. We have machines which rely on and can pay other machines for services rendered.

If you start thinking about what that means in the long term we get the complete decentralization of resources. Standard industry tokens start representing all aspects of compute power, labor and physical goods. Ram, Storage, Compute at the base, followed by more sophisticated high level services like image analysis, post production processing, rendering pipelines, messaging, Database/Querying etc. Devices no longer rely on the resources of one company, but on the available federated resources of the network. That is a total paradigm shift in the making, and Bitcoin is making it possible.

We want to be able to build highly scalable systems that respond to market demand, but are currently mired in a sea of incompatible APIs and standards. Our resources are heavily fragmented and silo-ed. In large part because there has never been a way for someone to negotiate the use of a specific resource without establishing a relationship with the provider, all that is about to change for the better.


Erlang needs an open cloud platform

Erlang is awesome. Really. Syntax aside the language has a lot going for it, like most good products it is highly opinionated. Pure process oriented message passing semantics with per-process mailboxes and garbage collection is a very clean approach. These fundamentals make it an excellent choice for distributed and concurrent programming, and barring Java with Akka there are few options for language-based distributed operation.

The importance of this is very much up for debate, given that the message-queue has become a ubiquitous proxy for language support. Discrete components written in multiple languages hooked up to some agnostic bus makes for a simple model for distributed computation and insulates programmers from many of the complexities of “real” distributed programming. Light-weight libraries like 0mq / and google protocol buffers have blurred the lines between the traditional message queue and full inter-process RPC. Despite these advantages some major software messaging platforms have been written in Erlang, including WhatsApp, and portions of major software infrastructure like Github. I’ve also heard that it has a role at Heroku, and frankly it makes sense.

Erlang has three absolutely killer features that make it a serious contender for any environment trying to have massive uptime. First, is the OTP platform itself. The official language is called Erlang/OTP for a reason, and thats because the Open Telecom Platform bakes in a lot of critical software components necessary to build resilient software. Not using OTP and building distributed code is like reinventing the wheel all over again. The second is hot code reload. You can upgrade code on a per module basis as the system is running, largely due to the enforced immutable state, but also a lot of back end plumbing. Doing live upgrades while a system is running is an extremely tricky business, but if uptime is absolutely critical it is a very powerful capability to have baked in to the core libraries. Finally, Erlang has a built in database. Mnesia is an acid-compliant distributed data store, capable of multi-node replication, sharding, and a host of other features that interface seamlessly with the language itself. Being able to store data in an active-active state across your application nodes, Mnesia makes it possible.

I do have one major gripe, and that is the real subject of this post. The open Telecom platform is fantastic for what it is, clearly probably the best framework out there for developing a 2 or 3 node high availability application. Takeover capabilities, distributed in memory operation, and hot code reload make for a potent mix when trying to design something capable of throughput and uptime. The problem is that it really falls short when we talk about large distributed applications. Once you want to run your code on ten nodes, or fifty, or a hundred the paradigms that OTP introduces kind of fall apart. The built in tools don’t handle network partitions very well if at all, they don’t have dynamo style consistent hashing, paxos support, or multi-cast and distributed messaging constructs between processes, nor can you expect to find built in service discovery (beyond PG2/Gproc). If you want these things (Ulf Wiger’s excellent Gproc library aside) you end up rolling your own. As any experienced programmer knows, rolling your own anything is difficult, and ultimately prone to error. When you are building a new application you generally want battle tested components, but in Erlang your options are limited.

Basho has done an excellent job with Riak, Riak Core is a really nice dynamo-style library, but its just one component in the toolbox. It is also low on examples, and although there are some interesting presentations on using it for service oriented architecture there is little in the way of open source code demonstrating that usage. I can understand why, certainly after building a nice distributed framework around Riak core many companies would simply keep it internal as part of their competitive arsenal. I think what Erlang needs is an Open Cloud Platform. A set of rock solid components that leverage Erlang’s robust distributed features, builds on OTP as a foundation, but really extends it’s capabilities for building applications that are highly distributed. Instead of having to cobble together a bunch of third party libraries, a single uniform set of interfaces around service discovery, messaging, and partition recovery would go a long way to keeping Erlang competitive in the long term.

Despite it’s success in certain industries Erlang will probably remain a niche language. Certainly some of it’s best features are being emulated in the JVM, and co-opted by languages like Scala, but it seems so clear with a serious effort on the tooling side it could cement itself as a viable alternative for a wide range of applications.


What celebrity hacking should teach us

Jennifer Lawrence, Kate Upton, and numerous other celebrities have been exposed in a series of racy photographs and videos many of which they took themselves. People with extraordinary talents and prurient interests subsequently stole them from cloud services (iCloud). The obvious lesson here is don’t take pictures you don’t want mom to see. Followed closely by “use a secure password” not some english word, or your dog’s name. Unfortunately, while the subject might be giggle-worthy to some, there is a lot of information sitting online that is far more important.

The reality is that cloud security is a misnomer, there is nothing safe about it. This was long touted as the reason why corporations and consumers would avoid these services, but the cost and convenience advantages were too big to ignore. Let’s face it, it sure is nice that pictures from your iPhone and digital camera automatically sync with your home Mac, Ipad, and Apple TV. It is a slick feature with tangible consumer benefits, ultimately designed to make your life easier. Unfortunately in many instances this ease-of-use results in a loss of privacy.

We have gotten very good at creating a share-driven society, where information is publically accessible, and easy to get access to. The largest services on the Internet are entirely geared to getting the word out or disseminating pictures and video. The problem is that we don’t want to share everything, there are things we want to keep private, but this data is seamlessly mixed with everything else. We don’t have the strict separation required to protect us from rogue selfies, let alone personal and corporate identity theft.

Lots of tasty donuts with holes in the middle

Cloud security is a lot like the donuts above. Each donut represents a different organization. Every time you use a cloud service you are traversing multiple service providers, each with their own security practices and limitations. In the donut analogy a lot of money is spent on the exterior surface, perimeter security, but very little is spent in the interior. The problem with this model is that the interior of these organizations is rather porous, multiple parties have access to the data and systems of each company in the chain. This greatly increases the attack surface, and makes it much more difficult to isolate and protect consumer data.

Cloud data services are often constructed in a similiar fashion. Take data. Throw data on drive. Put permissions in database. Add password. Done. This is a recipe for data-leakage and compromise. It is the easy way to build software, that pays homage to good security practices while ignoring most of the hard work. Consumers and businesses don’t have the expertise to determine if their service providers are doing the right thing except when things go wrong. This should be a wake up call for Apple. No matter how they shift the blame away from their systems, in the end they are partially responsible for this type of data leakage because of poor security practices. In this event the end result was mild public embarrasment, but what is the cost to a company if their data gets leaked? What about compromising photos of their executives? Data can be extremely damaging, costly, and outright dangerous in the wrong hands.

So how do we solve this problem? Designing services from the ground up helps you create a sound methodology for data security. Clearly with the investment already put into existing cloud deployments we can’t simply replace them. Apple can take a page from it’s own playbook here and institute device-centric encryption. They already use a variant of this for their iMessage product. Granted the scale of data is not comparable, but we have a mechanism for boxing up data its called symetric encryption. The pervasive and less sexy cousin of public key cryptography, simply encrypting the data perhaps with the biometric thumb print in the new IOS would prevent a wide range of data abuse.

Ultimately you want to provide a seamless experience to the user while also protecting them from internal and external threats. Device and user-driven encryption can do this without compromising usability. In this instance the iCloud attackers may have gained password level access to icloud, but without these secondary biometric markers would have been unable to decrypt the incriminating selfies.

I would be remiss if I didn’t at least mention my own encrypted transfer service which is integrated directly into Gmail and Google Apps via a Chrome plugin. You can check that out here. Ultimately we need to demand better accountability for private data from the firms we have annointed as our digital shephards, and they have the expertise and the technology to provide a better, safer experience online.


Altcoins: NXT in 1 minute

NXT is not a Bitcoin source-code derivative, so doesn’t directly deserve the altcoin moniker. That being said it definitely is a brother-in-arms, adopting many of the core concepts while trying a different approach. It is a complete reimplementation of blockchain technology in Java, with a feature set heavily geared towards tokenization and distributed exchange. In many ways it is clearly geared as a spiritual successor to Bitcoin, addressing many of the core infrastructure concerns while adding a strong complement of crypto currency 2.0 features. A lot of this new functionality is built on the core of the project, rather than being bolted on to the existing technical stack. Total market capitalization is $28,860,616 at the time of this writing, number 5 according to coinmarketcap. It is important to note that those statistics are based on extrapolation of total available supply, which may not be an accurate gauge of real total monetary value or market penetration.

So what makes NXT special? Its considered a dark horse candidate in part because the technical stack is so different from Bitcoin core, major bugs in the latter that would surely tank the value of Bitcoin should not affect NXT. In this hypothetical scenario a major issue in Bitcoin and the thousands altcoin derivatives it is based on would destroy the credibility of it’s ecosystem, and NXT would be there to pick up the pieces and reap the rewards. This is a valid argument. I don’t personally believe that Bitcoin suffers from fundamental flaws in its design that would lead to total collapse, but if one were hedging a position in crypto currencies certainly NXT deserves mention.

From a technical standpoint we have 1 minute block times for fast confirmation, block retargetting to prevent changes in the network from adversely affecting the confirmation times, and a large fixed tokenized supply distributed via proof-of-stake. The proof-of-stake algorithm deserves its own post, it tries to address the tendency for mined networks to centralize and to keep the network fair and secure. It hasn’t undergone quite the rigorous upbringing of Bitcoin’s proof-of-work mining, but time will tell as the NXT network expands. The few projects I have seen built on the NXT network are an impressive demonstration of its capabilities.

If you are trading in altcoins I would consider NXT a hedge position against the market leaders. For those who are familiar with Taleb’s black swan, a major unforeseen event in the Bitcoin network should considerably bolster the value of NXT and other alternative blockchain-based networks.


The Flash Crash: An Insider’s Guide

The Flash Crash occurred at roughly 2:45 PM on May 6th, 2010. The New York Stock Exchange plunged hundreds of points, and within minutes had recovered most of its value. This was and is continually referenced by people who believe that HFT is in some way damaging the markets-at-large, that without algorithms and computers the value would never have dropped so quickly, and that it represents all that is wrong in modern trading. I have a different perspective. I spent about eight years in the HFT industry, and am intimately familiar with all of the nitty-gritty details of modern exchange technology, market making algorithms, low latency topologies, and system level design and architecture. That makes me somewhat of an insider, and not unbiased. I was sitting feet away from a trading desk when the flash crash occurred, I’m writing this to set the record straight.

Before I do, lets put some ground rules in place. There are some simple concepts that need to be understood in order to talk about modern trading systems. I’m going to run through them briefly so that the astute reader has the necessary context. I’ll try not to be too technical, and I’m going to gloss over some of the long-winded details, brevity is after all the soul of wit.

  • First, the value of a stock (and anything really) is determined by what someone is willing to pay for it at any given time in any given market. There is no intrinsic worth. Right now Google (GOOG) is trading at $597.11 on NASDAQ, because someone was willing to purchase a share for $597.11. This seems simple enough, but is crucial to understanding what happened on May 6th. `
  • Second, most modern markets are built around a two sided order book. An order book lists prices and quantities that people are willing to sell at, and prices and quantities that people are willing to buy at. At any given time there may be a significant number of orders that are below or above the current price in the market. In other words right now there are 100 shares available at $597.11, 200 shares at $599, etc etc. The order book has depth, which is not immediately obvious.

  • Third, nobody is forced to buy or sell anything at a price they didn’t agree to (with some esoteric and irrelevant exceptions). Bids that are placed into the market, regardless of their duration are risking capital in order to participate. I have no obligation to buy from you at any price, and certainly can’t be forced to sell to you at a price I didn’t agree on.

  • Fourth, market makers are generally firms that are willing to buy and sell at a given price, and are willing to provide liquidity to any given market on a consistent basis. Many of these firms get reductions in fees based on volume to incentivize trading.

  • Finally, liquidity is the availability of a given instrument. A highly liquid market means that there are active buyers and seller, and depth-of-book that can cover large orders. Price discovery is the process by which the best price is found.

With that out of the way, lets dive into some of the structural components of modern trading.

There isn’t a single market. Shares of any given equity may trade on many different markets, NYSE, NASDAQ, Bats, NSX, Arca, Alternext, etc. The system is distributed, such that it is possible to execute orders across multiple markets simultaneously. Arbitrage is the process of making the difference between two separate markets. For example, if two different exchanges list the same equity at different prices one could make money by buying in the first and selling in the second, thereby capturing the spread (difference in pricing).

The reason that prices are often identical across markets is because of arbitrage pressure causing price convergence. The speed at which this convergence occurs is a race between participants looking to make the spread. Many High Frequency Trading companies play this game all day long between markets all over the world. It is a simple idea, that is technically difficult to execute on and highly competitive.

Markets often are connected together and in certain circumstances can route orders off market in order to satisfy them. However participants have an incentive to connect to multiple markets in order to increase available liquidity, match large orders across markets, and get best-price execution. In other words the more data you can ingest and the faster you can do it the better pricing you can theoretically get. When you place an order on a commercial service they generally show you the best price available anywhere based on the information they have.

The flow of information across markets is extraordinarily fast. Geographic distances at the speed of light in fiber or microwave propagation are usually in the milliseconds. Modern platforms can match and execute orders internally in the microseconds (and in certain cases in the nanoseconds!). The faster this process happens, the quicker we have price convergence across geographic areas. A human being might not be able to decide in a microsecond whether he wants to buy something, but he can tell a computer that he wanted the lowest available price. Modern trading offloads intent into computers because fluctuations in time and the complexity of a distributed exchange system makes entirely human trading completely obsolete in many markets with public price discovery.

Alright, that was a lot to digest. The implications of algorithmic trading are pretty widespread, and there is an argument to be made on both sides as to whether or not it is necessary. It is important to note that major exchanges make their money by charging transactional fees per trade, and that the majority of the volume in any given market is being driven by algorithmic trading systems. So on the one hand we have public exchanges that must follow the rules and regulations, but are benefitting from the way the system is currently constructed because massive volume directly affects their bottom lines. I believe that market competition is a good thing, and that arbitrary rules and regulations have a detrimental affect on the industry. In the 1980s you could spend a significant amount of money in brokerage fees, as well as get pretty terrible pricing on top of that because of lack of transparent price discovery. It is an unpopular opinion amongst those that think that HFT is robbing them silently in the night, but I believe that $4.95 trades on E-Trade are directly possible because of how computers have changed the trading landscape, increased competition and ultimately passed massive savings on to consumers. I could write an entire article about how HFT is actually helping the average person and is completely misunderstood, but on to the Flash Crash!

Now that we have some of the necessary background, let’s talk about that May day. In the official SEC-CFTC report, the Chicago Mercantile Exchange (CME) is fingered as the place the trouble started. Allegedly large future trades triggered instability in the underlying. Futures are derivative contracts that allow speculation on the future price of an underlying asset. The E-Mini tracks the S&P 500 Index price in the future. It can be constructed from a basket of stocks representing the S&P 500, or various collections of other contracts. A simple HFT strategy would be to trade that basket against the future value, back and forth all day long. So conceivably a very large trade on the E-Mini could cause various firms to rush to the equities markets to cover their positions. Given the size of the trading involved, I think it is highly unlikely that this happened, or at least that the affect was widespread enough to cause a systemic failure in the system. The CME’s counter-argument is compelling in this regard, but is too technical to discuss here.

Regardless of how it started, sell pressure increased on the NYSE as firms started unwinding positions which began to drive the price down. This is a normal occurrence, but what happened next is anything but normal. NYSE hiccuped. The increased amount of volume started queuing in their systems resulting in large delays in execution. In other words the time from placing an order until it executed started to spiral upwards quickly as their systems failed under the load. Now, if you remember from above the tolerances of many of these HFT systems is tight. Most firms began cancelling their orders from the market, or physically disconnecting to take advantage of market-supplied cancel-on-disconnect functionality because they assumed there was a systems fault in progress and didn’t want to get caught with orders that would execute in a market they couldn’t trade in. Liquidity was routed to other providers that were known to be good, and NYSE was dropped by HFT firms providing liquidity because it was clear they weren’t functioning properly.

When all of the orders in a market disappear the book starts to become spectacularly thin. This means that people sitting around way off the market, with test orders or just generally hanging out could end up having a trade go through at an outrageous price. This is exactly what happened, people with market orders (taking the best available price in the market) were suddenly buying and selling way off market because all of the sophisticated trading firms had taken their liquidity elsewhere while NYSE was getting their act together. This resulted in a 600 point drop as multiple stocks thinned out.

Tellingly, minutes later when NYSE restored normal operation the pricing rapidly normalized as trading firms that were locked out of the market reentered once they had determined that systems were functioning normally. In other words, the combined logic of the various HFT firms resulted in routing around systemic failure, and immediately reinforcing the market once it had been restored. This is exactly the functionality one wants to see in a resilient distributed market.

Let’s change the situation. There is no way for an HFT firm to determine what was going on at NYSE instantly. It could have been the firm’s fault, a faulty computer, a broken cable, a sliced fiber. The exchange itself could have exploded due to a nuclear attack, an earthquake, a tidal wave or another act of God. Yet, despite being incommunicado trading continued normally at other exchanges, and full service was restored within minutes at the NYSE. That is called good engineering.

When things go wrong, everybody looks for a scape goat. HFT was a good one. Banks are uncomfortable with firms eating their tasty margins (look at the recent IEX as an example of this). NYSE doesn’t want to admit fault of any kind, and HFT firms are hard pressed to explain what they do, or how it positively affects other participants in the market. It’s easy to point fingers. Nanex made some incredibly flawed claims based on data that cannot possibly support their conclusions, most of it aggregated tick-data which doesn’t reveal individual firm intent, but anti-HFT advocates jumped at the chance of having concrete proof that their worse fears were realized. The reality is always a bit more nuanced.

This may not have convinced you, it is only one persons account, but at the very least you should consider the possibility that it is correct, and that any preconceived notions you have about the affects HFT has on the market may not be. These are complex and dynamic systems, and they can interact in unexpected ways, but in this case they did the right thing.


Altcoins: Litecoin in 1 minute

The grandaddy of the alternative currency movement, Litecoin has the second largest market capitalization at $113 million dollars. Originally forked from the Bitcoin code base and created by Charlie Lee in October of 2011, Litecoin was an experiment that tinkered with some of the network’s fundamental parameters. The confirmation time was reduced to 2.5 minutes, the maximum number of coins was increased, and most fundamentally the mining algorithm was changed to Scrypt.

Scrypt is a memory-hard algorithm, it is constrained more by total available memory than by the processor speed. Bitcoin in contrast uses SHA-256, which is limited largely by processing throughput, is easily parallelized, and was quickly commoditized by inexpensive ASICs that dramatically increased the hashing power of the network. The mining algorithm is an essential ingredient in how most blockchain-based decentralized networks work. By tinkering with the formula Litecoin created the first ASIC resistant blockchain. In other words, the price to produce dedicated equipment for minting Litecoin was prohibitively expensive in the early days which prevented the network from being taken over by people doing dedicated Bitcoin mining. If that made sense you are probably already part of the crypto-currency faithful, but in short this change allowed the network to develop organically without being subverted too quickly by existing crypto currency miners.

The end result is that Litecoin saw fairly spectacular growth in its own right, check out the chart at Coinmarketcap. A simple but important change was made to the core platform that helped spawn an additional, parallel and relatively secure trust network. While not quite as large or fortified as Bitcoin, it does represent a viable alternative despite the shared code base. There has been continued development since that time, but there has also been divergence. The Bitcoin and Litecoin code looks fairly different at this point, driven by differing levels of effort and design decisions made by their respective core contributors.

Litecoin can definitely be classified as a legitimate attempt to push forward digital currency research, and made enough changes for it to be interesting in its own right. Its long term potential remains very questionable though. There are a lot of Scrypt derivative coins at this point, but we are already starting to see very sophisticated Scrypt ASICS enter the market capable of significant increases in hashing power. This will probably damage other newer entrants into the market, because they will not be able to secure their network until they hit critical mass. Good news for Litecoin because it has already established a dominant position. If the value is ultimately in the network and the community supporting it, then Litecoin has a good future, but competitors that link directly into Bitcoin might undermine its main value proposition and are lurking on the horizon.

I’m holding my Litecoin position, but not acquiring. I consider it a hedge against certain classes of problems with the Bitcoin network, but ultimately believe that barring some major issue Bitcoin will continue to be the dominant player.


Altcoin explosion

What are Altcoins? Why do they matter, and should we pay attention? Should I invest in them? Are they damaging the credibility of digital currency? According to Coinmarketcap there are 454 alternative digital currencies with non-negligible market capitalization. It is probably safe to say that there are thousands in total, some abandoned, some fledgling, and 95% or more of them are completely and utterly useless. All together they have a combined value of over 329 Million USD. A lot of money to be sure, but to put that in perspective the Bitcoin market cap is 20 times the size of all of the others combined. Why is that?

Altcoins are largely copies of the Bitcoin code where the initial parameters have been modified to create another Blockchain. In other words a Bitcoin duplicate or doppelganger, a fresh coat of marketing paint, and a fancy name, but fundamentally identical in function. However, just because something functions the same, doesn’t mean that they are equal. The real value in Bitcoin and largely what accounts for the massive discrepancy in capitalization is in the security of the network. Hundreds of millions of dollars has poured into creating a large, distributed, and fortified network that at its heart it capable of transferring data securely between untrusted parties pseudo-anonymously. This fundamental utility is unmatched by most of the alternative coins. It is this security that dramatically amplifies the total value of the network. Any alternative coin that claims to be as secure as Bitcoin would need to have massive buy-in from the miners and individuals that make up the Bitcoin network.

If the network can’t be matched, what is the point? The real value of Altcoins is in trying out new innovative ideas, exploring the boundaries of what is possible with digital currency, and validating different approaches. Digital currency and trust networks are an entirely new way of facilitating payments online, and like any new technology there is a lot of work to be done to build robust next generation networks. Being able to quickly copy the Bitcoin code and try new ideas is fundamental to advancing the state of the art. Unfortunately most Alt coins are created solely to profit off of unsophisticated investors, who lack the technical competence or independent third party resources to validate the claims being made. Many who sat on the side lines as Bitcoin made a meteoric ascent are wondering if they missed the boat, and whether investing in some of these alternative currencies might make sense.

The Altcoin has become a penny stock on steroids, except without any of the safety nets meant to shield consumers from outright fraud. A subject I’ve written about in the past with respect to zetacoin Completely unregulated digital assets, backed by very questionable assertions, and a lot of marketing spin. Very few of them have any intrinsic value, or have made substantial contributions to digital currency research. This shouldn’t be construed as investment advice, but investors should realize that Altcoins are extremely speculative assets, are easily manipulated by the creators or third parties, and the vast majority have absolutely no value whatsoever. One shouldn’t invest monies that they can’t afford to lose in technologies they don’t understand.

One of the questionable claims that many Altcoins make is about confirmation times. This has got to be the most misleading metric that keeps on being thrown around. Bitcoin is infamous for their choice of 10 minute confirmation times. That means on average it takes 10 minutes for a transaction to be validated by the network, and up to an hour for a transaction to be indelibly inked in the global ledger. These are simple parameters of the network, that can be changed in just a few lines of code. For arguments sake lets say I do that, and release my new coin SuperFastBest coin. SuperFastBest coin has confirmation times of 1 second, by my calculations it is 600 times faster than Bitcoin and thus must be worth at least 600 times more. If it was this simple to increase the speed of Bitcoin why didn’t Satoshi make confirmation times 1 second? For a project of such immense complexity it seems rather short sighted to make transactions so slow.

The answer is that decreasing confirmation times increases the number of orphaned blocks. In other words the network does not have time to reach uniform consensus and so alternate chains begin forming in different parts of the world. The end result is substantially decreased integrity and security. SuperFastBest coin might be validated in only a second, but it will take hundreds of seconds for the network to converge to the point where I can trust that the transaction actually happened. Dogecoin, and others with shorter confirmation times require more processing power and memory utilization and ultimately are not much faster or better than Bitcoin is already. Coins that market themselves based on transaction times should be distrusted, either the developers are incompetent, or are purposely misleading you.

In short, when people make extraorindary statements about their new crypto currency, be ready to ask for proof. Get feedback from people in the community who have the technical expertise to validate those claims, and be extraordinarily wary of any altcoin that can’t back up its claims with reasoned argument. Bubbles in the market are largely based on hype without fact, and that only serves to detract from the legitimate work going on in the Bitcoin space. I’m going to devote some more time on this blog talking specifically about leaders in market capitalization, and what makes them interesting or scammy. If you have a particular favorite you would like me to look into send me a tweet!


Bitcoin and the Internet

I remember the Internet in 1991. I had a Panix account, a venerable and awesome Internet Service Provider in the New York City area. I would fire up my 1200 baud modem and connect to an incredible world dominated by Telnet, Gopher, Wais, and Usenet. I stumbled upon LambaMoo and was blown away that a community of people were actively speaking and engaging with each other over this nascent Internet. It was fascinating, weird, felt a little bit dangerous and seedy, like a secret society. The technology was interesting, with tremendous potential, but had yet to be commercially exploited, and frankly nobody outside academia or the military really understood it.

Then the modern web was born. October 13, 1994 was the day Netscape was released, and it completely changed the way people used the Internet. Sure, the web had been developed several years before, and early web browsers existed already like NCSA Mosaic, but Netscape changed the game. Suddenly, it wasn’t difficult to use the Internet. A few clicks and you were on line. A few more clicks and you were spiraling down a never ending series of pages loosely strung together all over the net. There was an addictive quality to the experience despite the fact that by modern standards it looked absolutely terrible. Browsing those early pages now is an adventure in frustration, but by the standards of the day it was transcendent.

That was a pivotal moment in the story of the Internet. A weird government science project-turned commercial. A strange and forbidding world became accessible. Almost three billion people use the network now. It is deeply ingrained in the working and personal lives of individuals the world over. It is almost hard to imagine not having the Internet. It is a surrogate teacher, a way of staying instantly connected to everyone and everything that is important in our every day lives. It has uprooted and completely supplanted entire industries, and made obsolete ways of doing business that were deeply entrenched. It has changed humanity in ways that we are still trying to understand, and the pace of that change is accelerating dramatically.

Then there was Bitcoin. For the first time in human history two people can exchange value over distance, without knowing each other, and without trusting either party or intermediaries. For the first time I can pass information to someone else over an insecure network and expect them to get it. I can facilitate transactions that cannot be subverted or duplicated. I can refer to a ledger that cannot be altered, that records that this transaction took place, and I can leverage computers to programatically create and manage these transactions. Bitcoin is difficult. It is hard to understand. It is hard to use. It is confusing to normal people. It is confusing to abnormal people. These same people were confused in 1994 when Netscape came out, because they lacked vision, they lacked imagination.

Bitcoin hasn’t had its Netscape moment. It took almost twenty five years for the Internet to have its time to shine, and Bitcoin is only five years old. What a five years it has been. A technology has literally been dropped into society that could fundamentally reshape the way business is done. Think of Bitcoin as like an IP address for people. A way of transferring value and receiving money from every single person on the planet, directly. The traditional banking sector can’t even begin to provide services to billions of people who live on just dollars a day because of the friction involved in moving money across and between countries. Now the friction is gone.

But its more than that. In fact, describing Bitcoin as a way of transferring money is kind of like saying the Internet is a way to send E-Mail. It completely misses the point, it lacks imagination. Bitcoin has a market capitalization of almost seven billion dollars at the time of this writing, but more importantly represents hundreds of millions of dollars in commercial investment meant to sustain the network. Quietly a new network has been forming, a network that adds Trust to the Internet. Bitcoin is an all-access pass to trusted communications and all of the services that entails. Why stop at transferring value? Why can’t we move contracts between people or organizations? Why can’t we have intelligent agents that manage our day to day finances? How can we codify the rules of industry to decrease cost, to automate the tedium of life, to make things more convenient, faster, better.

So we have not only a frictionless mechanism for delivering value, but the machinery to build much greater things. The point is that we haven’t even begun to see the types of technology we can build on this network, and that the applications we do have are more akin to Telnet than the WWW. In the early nineties it was difficult to envision what the Internet would become. It required both prescience and arrogance to believe that it would penetrate the fabric of society as deeply as it has. At the risk of being both, trust networks built on digital currency are going to change our world just as fundamentally. We are going to bake them into the protocols that underly modern commerce. We are going to integrate them into human labor and automated agents. We are going to build something that has never existed before and will benefit us all in ways that we cannot possibly begin to imagine.


The rise of private currencies

Minting currency is hard. All of that smelting, printing, special ink, security thread, optical illusions and micro print. Yet, after all of that work, hundreds of millions of fake bills find their way into international commerce, diminishing the value of the dollar and defrauding merchants worldwide. The temptation and reward is simply too great, and in many cases nation-state actors are engaging in a form of economic warfare. This is a technological arms race on a vast scale, between criminal syndicates, rogue countries, and nations protecting their capital controls.

You can’t counterfeit Bitcoin. A fact that people speak of rarely, but a foundational component of the system, and absolutely essential to its continuing success. The same strong cryptography that allows for effortless transfer of value gives Bitcoin an enviable level of digital protection. A virtual asset that cannot be duplicated, altered, copied or printed.

Even better, the same properties can be extended to protect all sorts of digital assets printed into the blockchain. A verifiable fort knox of digital goods, and tokens that represent everything from cars to property, derivatives and stocks. The ability to publish these items onto the distributed ledger and the software and systems to manage it is critically important to the next wave of contract and digital currency innovation.

The idea of private currency has been advocated for years, most prominently by economist Friedrich Hayek, who won the Nobel prize in 1974 for his work on the theory of money. His work on the subject implies that local communities can drive spending and reach shared goals by minting locally used currency and using it exclusively for trade as an adjusted unit of barter. That competing Fiat instruments would of their own accord reach an equilibrium in the free market and would be a natural alternative to state control.

These same concepts map nicely onto decentralized communities. The forums and private groups that characterize such large portions of the net are perfect places to adopt this new variation of the movement. With the underlying technology freely accessible and decentralized. Within Bitcoin we are already starting to see this type of fragmentation with well over a thousand alternative currencies blossoming out of nothing. Of course, the vast majority of those currencies have little utility. They neither provide a secure network, nor are backed by any company or means of production. They exist for the most part as purely speculative instruments, designed to take the money of the unsuspecting and greedy who would invest. Penny stocks on steroids.

Now the game has changed. With little work a group can generate incorruptible, and impossible to counterfeit tokens on top of the Bitcoin network and use them for trade, in exchange for perks, or simply as a matter of reputation. These can be instantly disseminated to participants, and provides a powerful and additional mechanism for user engagement, as well as unlocking easy trust-less barter in distributed communities.

We are just scratching the surface of the types of applications possible. Real smart contracts and distributed verifiable tokens are the operational and technical bedrock of a myriad of new financial services and products. If Bitcoin is to financial inter-operation what TCP/IP was to the Internet we can expect a truly stunning wave of innovation ahead.


Smart contracts, oracles and agents, oh my!

Ripple recently announced its vision for a smart contract infrastructure called Codius. You can check put their white paper here, although it is long on verbiage and short on details. The idea is simple though, and much more in line with a reasonably attainable vision of a smart contract infrastructure that leverages our existing investments in systems, tools and architecture.

This is in sharp contrast to Ethereum, a design I find puzzling in that it tries to solve decentralized computation in the blockchain model. I applaud their ambition, but naivete and optimism go a long way, execution is what matters here. Op codes exist in Bitcoin but many have been disabled due to security concerns and complexity, and it doesn’t begin to strive for Ethereums Turing complete operation. I could write an entire post on Ethereum, frankly I’ve been putting it off while we wait for an initial prototype, but given the amount of money that has been raised it might be time for a more critical assessment.

The idea of leveraging the blockchain for trusted communication while hanging sandboxed autonomous agents off of it is much cleaner. I’ve spoken of using proof of existence in distributed voting as a mechanism to hash source code into the blockchain and independently be able to verify all execution. Combining this approach with a sandboxed execution environment and a strict set of data acquisition APIs would provide a powerful framework for smart contract execution and validation.

We already use distributed code to run Bitcoin, codified by a set of rules that all clients agree on to form a consensus network. If we follow this to the logical conclusion why can’t ad-hoc nodes run modules and have shared multi-signature access to resources on the network? Wouldn’t that provide a framework on which to build a robust smart contract infrastructure?

I think Codius is on the right conceptual track, and I’m definitely looking forward to seeing how the community evolves. Autonomous agents with access to the blockchain will usher in a new wave of functionality. Think about the implications of being able to assign an agent to your wallet that can act on your behalf and is hosted externally in a trusted execution environment and driven by the same consensus mechanism as the network itself. Further by creating a language agnostic implementation within that constrained environment we can leverage the vast expertise in regular software development, and not worry about the complexities of long running DACs. I can see a model where companies pay for execution and maintenance of hosted smart contracts, certainly the overhead of outsourcing and compliance internally would make this an attractive option.

The only question in my mind is why it has taken so long, it’s time to usher in an entirely new wave of contract innovation. It seems we are tantalizingly close to having not only decentralized autonomous software, but external hosted agents, oracles and contract infrastructure.


New York’s Bit License, or a guide to losing out on a billion dollar industry.

I’m from New York. I was born and raised in Manhattan, and spent over thirty years there. I want New York to succeed, and I want to see it expand available opportunities for its millions of residents. Almost 50% of people in the greater NYC area are below the poverty line. We have some of the greatest income inequality in the world, and a vast burdened system of entitlements barely keeping the peace.

You see, New York has a problem. Government. Sprawling Byzantine regulation is choking the city, as stifling as any pollution, gumming up industry and robbing the city of innovation. If you manage to navigate this artificial maze, you are further squashed by crippling taxes.

Like the legendary Sisyphus, tasked with rolling a boulder up a hill that can never be summited, new business is forced to wage an uphill battle. In a state that desperately needs more jobs, entrepreneurial activity brings wealth. We can’t have that.

The “Bit License” is a proposed law strictly regulating virtual currency companies, and is almost guaranteed to rob New York of billions of dollars in aggregate development. Spearheaded by bureaucrats, dreamt up by committee, and stinking of protectionism it’s fetid rotten core will deny New Yorkers the economic development they desperately need, while simultaneously reducing taxable revenue for the state and city.

Requirements such as having a full time CISO (chief information security officer) will simply increase the cost of doing business, and will make the city an unattractive place for fledgling technology companies. Similar bonding for held virtual currency and strict identity requirements beyond federal requisites will further stifle innovation. When did the empire state become the nanny state?

This is doubly a shame given that NY has so many unique attributes, and with even the tiniest degree of foresight could make significant inroads in digital currency. A solid educated workforce in the payments and financial industry. Direct access to the world’s most liquid capital markets. Close proximity to leading banks and financiers. A small but growing venture capital scene, and a smart tech community in the same vein as the late nineties silicon alley.

New York is often ranked with London as a if not the financial capital of the world. A fact that has made it complacent, lazy and greedy. New aggressive economies like Singapore and Hong Kong are poised to take that crown if we unduly burden ourselves with unnecessary and poorly thought out regulation. I’m not opposed to regulation per se, but I think the knee jerk reaction to these new technologies will only cement NY as an also ran in what promises to be a disruptive race. What if Netscape had been outlawed in the nineties? How much wealth has the Internet brought the United States?

I have an idea, how about we distill this down to a single line, “New York welcomes all digital currency businesses, and will provide tax incentives to get them to start here and help lift our citizenry from crippling and unnecessary poverty.” Oh, who am I kidding? Let’s ban soda while we’re at it.


SenderDefender 4 Gmail beta

Awesome SenderDefender logo

It’s a bird, it’s a plane, no, it’s SenderDefender for Gmail! Hi Everyone, I’m proud to announce the SenderDefender for Gmail beta! Time to unlock file transfer super powers. :) It has been a long time coming, but I’ve rewritten a substantial amount of the underlying technology and distilled it into a Chrome plugin. That means very large file transfer, ephemeral messaging with delete-on-receipt, and end-to-end user encryption. One-click and drag-and-drop support for up to 100 Gigabytes PER FILE, encryption designed to protect your data from a host of threats, and automatic expiry of sensitive information to prevent hacking and fraud in the event your email account is compromised.

Other features included drag-and-drop directory zipping and transfer, which not only reduces bandwidth and transfer time but makes it super easy to send folders directly from Gmail. The best part is that you can send files anywhere, recipients do not need Gmail, and can still receive documents quickly and securely in their web browsers. Structurally that is a major difference between SenderDefender and many of the file transfer options available, no sign-ups, no logins, no advertising, just secure hassle-free data delivery.

The application also supports a variable and adjustable threading system so that you can optimize transfer time depending on the amount of bandwidth, memory, and processing resources you have. You can modify those settings by clicking the SenderDefender drop down button. Working resources also automatically scale down to reduce power consumption and extend battery life on laptops.

You can find the secret chrome store beta link HERE, that will allow you to install directly. Please feel free to spread it around, or send it to friends, family, and people you think will use it. Every subscription tier includes a generous free trial period, please try it out and let me know what you think, any suggestions or bug reports should be sent to support@coinlock.com. Just click the SD icon in the compose window to get started, or drag a larger file or directory right into the compose frame. It really is that easy, compression, encryption, and transfer wrapped into an extremely tight package. People without the plugin get an easy to follow link, and plugin users get a really seamless download experience. You can continue using gmail or other web sites while your files downloads in the background. If you love it write me an awesome review :)

Finally, I recently wrote about Amazon’s Zocalo and file transfer services in general. SenderDefender significantly raises the bar on how that happens and protects user data from certain classes of attacks that most commercial services don’t even address. Many claim to support encryption in their products, but it comes down to whether they ultimately have access to your data. Nobody at SenderDefender can read your data, not the service provider, not the network carrier, no one. This isn’t true for Zocalo, Dropbox, Box, CitrixSharefile, and a host of other competing services. If your data matters or you have big transfer needs, use SenderDefender and help support the development of software and systems that retain your data privacy.
` I’ve got a host of really cool features planned in future versions, if you have any ideas just drop me an email and lets talk about it. Follow me on this blog or @brantonbits on twitter to keep up with development or let me know what you think!


Amazon’s new storage offering

Amazon has announced its new storage service Zocalo aimed right at the enterprise market. This is notable because Amazon has served as the backbone of the file storage industry for the last five years. Simple APIs coupled with massive storage capabilities and extremely competitive pricing resulted in Amazon becoming a central pillar in the design of many cloud based and hybrid storage systems. This is a subject close to my heart because I’ve spent significant amounts of time mucking around in their ecosystem and have my own storage product built on top of it called SenderDefender. When I first saw the article the first thought I had was, “great, more competition” but in reality what we have is more of the same.

Companies that leverage systems like Dropbox, Box, or now Zocalo are making a mistake. They are ceding complete control of their data to a third party, and in exchange for inexpensive and accessible storage are opening themselves up to a host of insider threats. A few months ago I gave a talk on insider threats in a military setting, and there is a common misconception that the term only applies to the employees within an organization. The reality is that it applies to the employees within every organization that you interface with. When you leverage services like Amazon’s Zocalo offering you are dramatically increasing the attack surface of your company.

The attack surface is a nebulous security phrase, but it boils down to the idea that the more systems, components, and people who have access to your internal data the less secure you ultimately are. Now, in addition to worrying about the disgruntled former employee, you need to worry about Amazon’s disgruntled employees, and Dropbox’s, etc. There is an amplification effect at play that results in a greater chance for corporate espionage and data theft. These are very real issues, that target American corporations and individuals in the form of identity theft and fraud every single day. People are all too willing to exchange convenience and cost for security. The weakest link is always the person with the most access, and the most to gain from a security breach.

Now as a small business owner or individual you may think this doesn’t apply to you, that you aren’t a target, that nobody is interested. The reality is quite different. Your data is commingled with thousands of other companies on shared servers. Someone could be targeting SSN or credit card numbers, maybe they are just grabbing all word documents, or files that include actionable intelligence. They can do mass collection and sweeping where your data is just collateral damage. Numerous companies have already been compromised because of the lacks data security policies of most cloud service providers. I haven’t even started talking about Google Drive and Microsoft one drive, both of which have a similarly atrocious security policy. They have a vested interest in being able to read your data, the advertising business model depends on it.

The thing is, there is a real solution to this problem. Cryptography. Strong user-controlled cryptography, that denies third party organizations any access to the underlying data. SenderDefender is built on those principles, that nothing short of mathematical security can keep people out of your private data. As we consolidate onto cloud services this is becoming increasingly important. Why would you trust Amazon or Dropbox or Google with your private legal documents, personal information, medical history? Yet people do, every single day, because they have masterfully blurred the lines. There is a perception that your data is private, when in fact it is completely open, accessible, search-able, and indexed. We need to support next generation services that provide convenience and ease of use, while also taking a real stance on these issues.

I’ve said it before but its time for a corporate version of megaupload, a completely opaque, well integrated and seamless encryption experience for every day users that keep their data out of the prying eyes of government, malicious hackers, and profiteers. We are tantalizingly close to being able to realize that experience, but consumers need to be educated to the risks involved when they use online storage services, and the potential monetary benefits of keeping full control of their information.


Bitcoin performance engineering

7 transactions per second. That is the current limit of the Bitcoin protocol and network. As a point of comparison the Mastercard network processes roughly 1200 transactions per second at peak, at 120 milliseconds a transaction, and that pales in comparison to a high frequency trading system which might process tens of thousands of transactions per second with turn-around times in the single digit microseconds. Clearly there is a technology gap between the best centralized processing systems and our decentralized wunderkind Bitcoin. To be fair the playing field isn’t level. A centralized system has massive advantage in terms of inter-node connectivity, and is able to leverage advanced high speed interconnects, directly accessible remote memory, and extremely fast host IPC (inter process communication). Bitcoin must deal with low bandwidth links, untrustworthy actors, intermittent connectivity and a host of other difficult scalability challenges.

Bitcoin’s limitations are several fold. First we have a tiny block size vs the capabilities of modern networks, currently 1 Megabyte. There are only so many transactions that can fit into a single 1 megabyte chunk of data. This puts a hard cap on the amount we can process in a ten minute window. As the popularity of the protocol grows and second generation systems are built on top of it we will begin to feel the pain. There are two relatively simple ways to address this. First, lets fit more transactions into existing blocks. I’ve done some analysis of the blockchains 45 million + transactions at the time of this writing. The vast majority of them are standardized P2pkh scripts which have a standardized format, written here in Erlang bitsyntax.

<<?OP_DUP:8, ?OP_HASH160:8, 16#14:8, Pubkey:160/bitstring, ?OP_EQUALVERIFY:8, ?OP_CHECKSIG:8>>

Seems to me that for standard transaction types we could just have a placeholder that knocks off 4 bytes per transaction. The pubkey can actually be uncompressed or compressed, which means its possible to insert 512 bit pubkeys into standard transactions. Let’s get rid of that also, and stick with only compressed keys. Finally a single public key could be used multiple times across the blockchain, or even within a single block, perhaps we need to have a lookup table functionality or OP_Codes which let us reference elements of other transactions.

Taking it one step farther, maybe it is possible to adapt an existing protocol like Fix/Fast but specifically built for Blockchain use. A presence map per transaction might allow us to codify entire sets of transactions without explicitly including the scripts. That protocol had similar design constraints in that minimal amounts of bandwidth are consumed to decrease transmission latency at the expense of decoding and encoding complexity. The goal of this complexity is simply to cram more transactions into a single block without necessarily increasing the block size.

The second problem is that miners are incentivized to push smaller blocks. The block reward far outweighs the transactional awards, and there is a computational advantage to publishing a block that gets accepted by the majority of the network faster. This is because the propagation delay of larger blocks could potentially result in an orphan. Orphaned blocks are worth approximately nothing, and anything that can be done to reduce the orphan rate will positively affect mining revenue. This problem only becomes more pernicious as the block size grows and the transaction count increases. I think we need to change the conditions of the race such that within a time threshold an alternate winner can steal the mining reward if it has more higher value transactions included in the block. Granted this might cause block-stuffing in order to ensure maximum rewards, but it would even the playing field in some respects. It makes sense to both reap more mining fees and have a better chance at the block reward.

We can increase the block size substantially so that more transactions can be shoved into each block, assuming we can discencentivize pushing smaller blocks. This might have the affect of increasing centralization as slower less well connected nodes get pushed off the network or unable to keep up with the transactional volume.


50 Cents gets Bitcoin

Rapper 50 cent is now taking Bitcoin for his new album Animal Ambition. This is obviously less about Bitcoin and more about being a very savvy marketer. He understands the value of being in front of the curve, shaping public perception, and the PR boost that Bitcoin generates among certain affluent circles. This led pundits all over the Internet to proclaim that he was on the verge of changing his nom-de-guerre to 0.0007759 BTC, or 77 millibits. The problem is that if he did denominate his name in Bitcoin he would be changing it every day. 77 millibits today, 85 tomorrow, 24 two weeks from now. The joke underlies a major problem with the entire Bitcoin ecosystem, and one that companies in the space are all-too-willing to ignore.

The reality is that Bitcoin is too volatile. It is all over the place, rising to spectacular heights and then crashing back down again. Numerous companies have come out of the woodwork to address this problem, most focusing on the Merchants. It is relatively trivial to trade out BTC at the point-of-purchase and fix the value to USD, taking very short term volatility risk. This is essentially the model that Bitpay operates under, as well as a number of payment vendors. These serves all address Merchant concerns about accepting Bitcoin, but what about the consumer? The reality is that putting money into Bitcoin is a scary process, some people want to benefit from the capabilities of digital currency without making speculative investments with their money.

If I want to buy a cup of coffee, but have to wait a while to get my BTC delivered to my wallet then I’m taking all of the volatility risk of the currency. That risk gets priced into everything I buy. It’s like rolling the dice when you go to the store, am I getting a welcome discount or a very expensive latte? That is the hidden cost and risk associated with the network, it is something the Bitcoin-faithful ignore in favor of pushing merchant and consumer adoption, but it is a major problem. Let’s imagine for a second that you take $20 out of the ATM, and expect that you will be able to buy a cup of coffee at $2 a day for the next 10. 5 Days in the cost of the coffee is now $4. Instead of 10 days worth of Coffee you now get 7. That isn’t an acceptable situation for most consumers. To put it even further into perspective, Bitcoin has been compared to various highly volatile unpredictable assets, what if you wanted to buy something from a Merchant using crude oil futures. Does that make any sense?

There are ways to address volatility. Derivative contracts on Bitcoin, options and futures will allow for tighter spreads. Ultimately that should eliminate some of the volatility concerns, but what about demand. Ripple got one thing right, which is that you have to separate the underlying from the transfer of monies. Whenever you try to price something in a scarce resource there are going to be fluctuations in price, and adding insurance instruments in order to hedge that volatility will spread the risk around. Can Bitcoin be competitive if 1-2% is pegged on to every transaction in order to constrain risk? This is a problem that gets worse as popularity increases and supply dwindles. Global remittances flow in 2012 was $514 Billion dollars. How can we possibly hope to tackle that market along with all of the others we could potentially disrupt when the unit of account has a market cap of six billion? Do we expect every Bitcoin to change hands every day?

Now on the surface I am just playing devil’s advocate. The reality is that the community is extraordinarily resilient, and I’ve got a few tricks up my sleeves also ;). The sheer scale of the current Bitcoin network is mind boggling, a lot of compute power is being used to secure the network (Ghash.io 51% not withstanding, I’ll cover that later). We have a long way to go but we are on the cusp of being able to solve the biggest problems in the space, and besides we can look to 50 cent for a little inspiration, get (bitcoin) rich or die tryin’.


Bitcoin ATMs are a terrible idea

This is one of those blog posts where the title pretty much sums it up. Bitcoin ATMs have been around for a long time, I remember seeing a suitcase version functioning at Defcon in 2013, and I’m pretty sure commercial versions were already operating prior to that. A recent y-combinator startup is joining the fray, and I have to wonder why. The concept is very simple, send Bitcoin to an address provided by the machine and it spits out cash, insert cash and it sends Bitcoin to your phone or printed onto a hard wallet.

There is a major structural difference between these and Bank ATMs, in that the former is in no way linked to any account accept BTC under your control, and the latter ties directly into the banking infrastructure which centrally debits and credits your account from a database. In other words the ATM is a machine that connects to an opaque network and lets you take out fiat. The Bitcoin ATM lets you trade out your digital currency which you are already carrying around for cash. If I inserted gold into the ATM and it gave me cash would we call it a teller machine? Why don’t we see gold trading machines where you insert metal and get out dollars? Probably because it is a terrible idea, you already are carrying something of value, why swap it out for something of alternate value in physical form when there are myriad other ways to spend it?

Now I’m sure some of you will say I am missing the point, you want to be able to put cash in and get Bitcoins. I get it. Of course there isn’t any structural reason why you couldn’t transfer direct into BTC from your bank account, or attach a credit card to a Bitcoin backed account, or a million other smarter peer-to-peer mechanisms to accomplish the same thing. All of which can be done without the need to install expensive physical infrastructure all over the place.

The ATM idea seems to have some kind of growing mind-share, and I think the reason that bothers me is that it is old school thinking. Its forcing a transformative new technology into an existing box (literally). Trying to make it work and behave in a way that completely ignores its radical potential. You should be able to hand anyone a dollar and get a Bitcoin. You should be able to receive it as change. You should be able to link it to a bank account or debit card, and in the not too distant future you will be able to. Where does that leave the ATM machine? We can now do perfect digital delivery of value, but instead of focusing on that capability lets come up with a convoluted way to allow people to insert paper and get digital currency.

Finally, from a technology perspective the ATM is mind numbingly boring and rapidly commoditized. A machine can probably be built in thirty days or less by someone with experience, which means that we are going to see tons of people competing in that space beyond the 3+ companies already there very shortly. This isn’t meant as an attack on any particular product, but if you find yourself thinking about how cool it would be to have a Bitcoin ATM you need to take a step back. Bitcoin is much bigger and more interesting than that. Let’s put our collective resources to developing the next wave of technology, not retrofitting a completely irrelevant and antiquated system.


First they ignore you

How far we have come. When I started Coinlock in mid 2013 hardly any infrastructure existed for building Bitcoin based businesses. The few places making significant revenue were strung along the shadowy underbelly of the Internet, eking out a living on the fringe. Now we are on the verge of a Wall street ETF, vetted derivative exchanges, and Bitcoin backed credit cards. Some technology is just too disruptive to ignore, the implications too profound, the repercussions unavoidable. I felt that way about the Internet in 1993, at the time using the network was an exercise in the obscure. The pre-web Internet was complicated, hairy, a maze of technologies competing in some primordial soup. I spent my days on gopher and Wais with the occasional foray into the uncensored and venerable Usenet.

Bitcoin is still in these early days. The technology is difficult to understand, the protocol and software relatively immature, and the support services non-existent. Bitcoin hasn’t had it’s Netscape moment. The point in time when consumers can walk right into the eco-system and immediately see the benefits. Multiple companies are pushing forward, letting you buy Bitcoin for Cash, helping merchants accept it, etc. All of these are essential services, but ultimately I think the community has to think bigger to unlock the potential of the network. We have an open payments framework that conceivably allows direct person-to-person payments, like IP addressing for people’s bank accounts.

Let’s take the IP addressing analogy a bit further. That is the base of the pyramid, it facilitates the transaction, it is the distributed ledger. What functional components can be built on top of it? Are we going to see the creation of a distributed banking initiative? Peer-to-peer credit unions? When will I be able to package a crowd sourced loan and deliver it to a credit worthy individual? Maybe credit-rating itself can be systematized based on transactions. Can the same components be used in large-scale trust relationships between diverse groups of people? This is the foundational idea behind distributed autonomous corporations and data oracles that feed external information into the distributed ledger.

The possibilities are truly staggering. Very few people understood the potential of that early Internet. It was a haven for the weird and reclusive, the technologists and nerds, and now is intricately woven into our modern experience. If financial incentive and labor can be bound into the same network, where will that take us? The power structures prevalent in the world are hierarchical in nature, what happens when activism and finance are seamlessly and anonymously linked? The purpose of this posting wasn’t to ask a thousand questions, but to explore what seem to me to be a sea of possibilities.

The existing payment infrastructure is ripe for disruption. An international money transfer can costs upwards of 5% of the total transaction cost. $50 per $1000 sent. What if I tld you I could do the same thing for 5 cents? There is simply no way to compete with that kind of paradigm shift. Companies like Western Union are saddled with massive infrastructure, and simply have no way to deal with the flood of competing services that are going to start popping up like weeds powered by a robust and completely parallel network which for all intents and purposes is faster, and offers better security.

Entrenched interests will put up a fight. They will lobby instead of compete, they will put up barriers to entry and artificial road blocks, but the Internet has a way of routing around damage. First they ignored us, but in the end we will win. Some truly disruptive tech is just around the corner.


Parsing the Blockchain with Erlang

I decided to take some time giving Erlang another hard look, and do some Bitcoin blockchain parsing in the process. Originally developed by Ericsson for use in their telephony products, Erlang is a functional programming language that is fundamentally built around concurrency. Designed for building large distributed and fault tolerant systems, and capable of taking advantage of multi-core architecture. I’ve spent most of my career in imperative and object-oriented languages, with only brief dalliances in the functional realm including a college level lisp assignment that went wrong quickly. Writing concurrent software is hard, anything that makes it easier definitely deserves a look.

Parsing the blockchain seemed like a good project, hairy enough to offer some challenge, but with enough leeway to let me dive into the unique strengths of Erlang, explore its I/O subsystem and wrap my head around the deeper structure. You can check out my code on Github. I’ve done some high level parsing, I’ve left the script and hex output, and real csv output as an exercise for the reader, send me patches. In many ways the language is structured more like an operating system than the more mainstream alternatives. Code modules run in isolates processes and communicate via explicit message passing with mailbox queues and selective receive. Similar to Unix style mailbox or piped communication where the receive side is a structured expression. This is a simple and powerful model for communication, the Unix way, I like it already.

If you want to try out the code, just clone the repository. Check out the README for more detailed install instructions, copy a block file or ten from ~/.bitcoin/blocks/dat?????.dat into the same directory and run make all; make shell.

make shell will drop you into an Erlang shell with the necessary modules loaded:

make shell
/usr/bin/rebar skip_deps=true compile
==> blockparser (compile)
==> blockparser (eunit)
Compiled src/blockparser_sup.erl
Compiled src/blockparser.erl
Compiled src/blockparser_worker.erl
  There were no tests to run.
Erlang/OTP 17 [erts-6.0] [source] [64-bit] [smp:4:4] [async-threads:10] [hipe] [kernel-poll:false]

Eshell V6.0  (abort with ^G)
1> application:start(poolboy).
ok
2> application:start(blockparser).
ok
3> blockparser:parse("blk00000.dat").

This will built a raw but parses blockchain text file at blk00000.dat.csv in the current working directory. For fun lets check out the process control tree and other runtime information:

4> observer:start().

System Overview Application view Process table

Application components are structured into modules with explicit interfaces, and all of these processes have limited mutable state. This has interesting ramifications with respect to performance and limiting potential side effects. Reproducibility given a set of inputs is an important concept, and in stark contrast to languages with mutable state where you can inadvertently generate different outputs to a defined set of inputs. The code is a little more complicated than it has to be because I decided to write the entire thing within the constraints of the Open Telecom Framework.

OTP is a major component of Erlang and provides a generic set of behaviours that model general functionality. The gen_server framework facilitates bi-direction process communication, the gen_fsm framework is all about building finite-state-machines, etc. Ultimately, these processes are grouped together into a supervision tree hierarchy. I am a huge fan of supervision trees. The DJB Daemon-tools framework is my go-to for building fault-tolerant processes under Linux, and these concepts are alive and well in Erlang. This allows portions of the system to be restarted on failure, and provide fault-isolation. The typical object-oriented program will fail if there is an error in a sub-module that isn’t caught. In OTP there is a way to model and recover from even serious faults in a distributed architecture.

Somehow I got this far without mentioning pattern matching, the idea that the right and left side of an equation are matched, and that variables are single-assignment. It sounds terrible, but in practice is rather elegant and easy to deal with. The built-in bit syntax is an example of the power of expression matching when applied to binary streams, an excerpt from blockparser_worker.erl:

extract(<< >>) -> ok;
extract(<<?MAGICBYTE:32/little, 
    HeaderLength:32/little,
    VersionNumber:32/little, 
    PreviousHash:256/bitstring, 
    MerkleRoot:256/bitstring, 
    TimeStamp:32/little, 
    TargetDifficulty:32/little, 
    Nonce:32/little,
    BinRest/binary>>) ->
   [TXCount, Tbin] = getVarInt(BinRest),
   [Tdata, _Rest] = getTransactions(TXCount, Tbin),
   {ok, {?MAGICBYTE, HeaderLength,
    VersionNumber, PreviousHash,
    MerkleRoot, TimeStamp,
    TargetDifficulty, Nonce,
    TXCount, Tdata}, _Rest};
extract(<<R:8, _Bin/binary>>) when R > 0 ->
    io:format("Problem: ~w~n", [binary:bin_to_list(_Bin, {0, 10})]),
    {scan, _Bin};
extract(Data) -> {scan, Data}.

The binary being read from the the on-disk block file matches a complex expression leading with a 32bit little endian encoded MagicByte as a start token. If the pattern doesn’t match a tuple {scan, Data} is returned which causes the parent function to bit-shift forward and try to match again. A very expressive piece of code that would be difficult to match in many languages. This focus on writing binary protocols. I’m also a fan of my implementation of variable-length integers:

getVarInt(<< TXCount:8, BinRest/binary >>) when TXCount < 253 -> [TXCount, BinRest];
getVarInt(<< 253:8, TXCount:16/little, BinRest/binary >>) -> [TXCount, BinRest];
getVarInt(<< 254:8, TXCount:32/little, BinRest/binary >>) -> [TXCount, BinRest];
getVarInt(<< 255:8, TXCount:64/little, BinRest/binary >>) -> [TXCount, BinRest];
getVarInt(_) -> error.

A series of functions with guard expressions and multiple returns, but also very concise. I probably should be returning a tuple, but that is a philosophical flame-war for another day. These are the functional roots of Erlang layered with a heavy dose of pragmatism. I think that is the design feature that sticks out more than anything else, Erlang was designed primarily to solve real world problems in a specific space, and those decisions have permeated the base libraries, frameworks, and general structure.

The astute reader will note that I am using poolboy to create a worker pool that handles long running parsing requests. This may seem right, but is actually wrong. I was under the impression that poolboy was both a worker pool and a work queue, it is decidedly the former. That means in order to leverage it properly I would be roped in to building a proper queuing solution. The right way to do this would be to create a dispatch process that loads the work queue, and then have a series of processes that read from the queue as appropriate. Erlang makes that type of interaction very easy. As it stands the code is fairly efficient, I spawn a process for each core and give each a sequential list of files to work through. The I/O in that situation was fairly fast. Earlier I had experimented with sending block updates to a logging process, but that queued a tremendous number of messages in the receive queue and ultimately resulted in poor write performance.

The long and short of it is that Erlang’s concurrency and bit syntax made short work of what would otherwise have been a fairly hairy experience. It has an uncanny structure to Unix itself, and is remarkably natural if you have a strong familiarity with those process and IPC mechanisms. Definitely give it a shot, after a few hours of utter frustration you will be glad you did.


Digital Suffrage

I’ve just released a specification for a digital voting system built on top of the Bitcoin blockchain, and specifically an addition to the Open Assets Platform for multiple asset classes on Bitcoin. For consistencies sake let’s refer to it as Proof-Of-Vote. You can read the full white paper here. The idea uses a variant of Manuel Araoz’ beautiful proof-of-existence and the Open Assets Platform by Flavien Charlon to sustain a system capable of supporting a wide variety of voting methodologies including liquid democracy.

Voting on the blockchain isn’t a new idea. Even Satoshi’s original paper described Bitcoin as a fact-in-time ledger, and that intrinsic property is the most critical component in creating fair systems capable of being audited by all parties involved while preserving aspects of anonymity and integrity. Richard Branson recently wrote an article about the future of voting on the Internet, speculating that in the long term it makes a lot of sense. He is absolutely correct, but for the first time ever the technology necessary to make this vision a widespread reality is at hand. There are numerous technical challenges in creating voting infrastructure, but it is remarkable how many of them can be addressed by the power of the Blockchain and secured by the massive hashing power running that network.

The key is to think of ballots as units of digital currency, distributed to an electorate that can then spend that “money” on a particular candidate, or delegate that money to intermediaries in the case of liquid democracy. Voters are secured by private keys, or BIP38 protected wallets. In addition to minting a private currency for the purpose of the vote, we can further secure the whole process by encoding the parameters of the vote in the blockchain as proof-of-existence. That proof can include the source code necessary to validate the rules of the vote, and to enforce client-side restrictions. Ultimately since every vote is anonymous but public we can determine whether they are following the rules as documented by the proof-of-existence or not. This lets multiple parties validate the result, and prevents tampering and other types of voter fraud.

I also address some concerns about anonymity. These addresses are not linked with a user’s normal Bitcoin wallet, they exist entirely separately. There is enough flexibility in the system to provide the same level of anonymity that we currently enjoy in US voting, and if a third party agency dispensed authentication tokens (cookies) they could be embedded in the vote to provide an even higher level of security and accountability without necessarily reducing anonymity.

Compare and contrast this system with the current situation in the United States, which is for the most part completely opaque. Blackbox voting has been fighting for election transparency, and against machines that do not provide a paper trail. If we don’t have schematics on how a vote is conducted, where the data is stored, or when the vote is initiated how can we possibly expect to have fair elections? When a single command could swap a person’s vote, how can we be sure we know how our votes are recorded? A system based on the blockchain could easily provide proof-of-vote, and an individual could verify their own vote against the public ledger. Combine this with the distributed nature of the vote, and we have a system that could radically alter the way democratic processes work. I am a strong proponent of validated democracy through code.

With that in mind possible room for improvement is the addition of a specification that rigorously codifies the rules of voting as a series of backtracking and account management operations on the blockchain. Such that for every inbound transaction to a candidate we can trace the previous transaction, check totals, and determine that the coin originated where we think it did. Some of these actions are intrinsic in the Open Assets specification, but making sure all of the vote constraints are satisfied will allow us to do accurate tallying and discount cases of voter fraud or manipulation by any of the parties involved.

There are numerous ways to improve this specification, and I am open to suggestions. I’ve started Digital Suffrage as a community site. At this point it hosts little more than the white paper and a sign-up so that I can e-mail people interested in working or discussing the specifics of these systems. I’ve started doing some initial development, if you are a developer with a keen interest let me know. Let’s work together to make truly liquid democratic systems possible for the first time in history.


It’s the network stupid.

Everyone has a different opinion about what makes digital currency important. For some the ability to transfer value between individuals irreversibly and effortlessly is the main feature. Others see profound implications in programmable money, agent-driven transactions, delegated trust, and the ability for software services and systems to integrate seamlessly on a single payment network that binds them together. Underneath all of this functionality is the blockchain, a trust-less distributed ledger that enables new types of applications and services many of which are currently pure speculation.

When people talk about the utility value of Bitcoin they are often referring to the untapped potential of decentralized ledger applications. What they mention less frequently is the network itself. The idea that tens of millions of dollars of hardware is quietly humming along, consuming electricity, and calculating hashes in order to drive the blockchain forward. The fact is that there is an infrastructure deployed world-wide that acts as an engine, and provides substantial benefits for applications running on top of it. It takes literally seconds to fork the code underlying Bitcoin, and doing so would provide any alternate coin with the same technical prowess and capabilities. However, any coin minted this way would be completely separate from the Bitcoin network, and would not benefit from the hashing power which is critically important in protecting the integrity of transactions.

In that light the Bitcoin itself is less of a currency, and more of an access token. Like metered power or water these tokens provide connectivity to the network itself, ink for the ledger. They can be used to transport far more than the coin they represent in the form of assets and alternative protocols. Many of the Bitcoin 2.0 projects are structured on this very idea, the underlying Bitcoin is almost immaterial to the content of the transaction. Baked into the meta-data itself or in the limited opcodes of the Bitcoin protocol is room for exchanges, betting, swaps, contracts, assets, secret messages or any number of uses. This layering of more sophisticated application data turns the Bitcoin network into a transport layer, and makes the Bitcoin itself part of the cost of doing business.

In many ways that makes a lot of sense. We have spent years transitioning monolithic self-hosted infrastructure into the “cloud”. Loosely coupled, API driven components that were meant to be decentralized and scaleable. What has actually happened is that the vast resources necessary to support and develop cloud services has resulted in massive centralization in the hands of a few corporations. What if we had a way of paying the network itself for a universal set of financial APIs and trust-less primitives on which complicated distributed software could be written? Now we can.

The promise of blockchain technology and the network that supports it extends far beyond this initial implementation. Paying or being paid by anyone on the planet is a serious technical achievement, but it is just the tip of the iceberg. A programmable network of trust that allows data to be transferred between parties in a public and irrefutable way is an essential building block for the next wave of network applications. This gives us the tools to link widely-spread resources like compute, storage, and memory while simultaneously having a distributed way of paying for those resources. I’m going to call it Cloud 2.0, it’s all about the network, and you heard it here first.


The power of the QRCode

This blog post is devoted to the lowly Quick Response code, or QRCode for short. Essentially a 2-dimensional bar code that has exploded in popularity in recent years because it can encode substantially more data than the barcode of yesteryear and can be scanned with most cell phone cameras in a variety of conditions. It also has loss protection in that the image can be degraded, partially destroyed or otherwise altered and information can still be read, making it the hardy choice for physical placement.

The QRCode was originally invented for high speed scanning of automotive equipment, but over the years its versatility has lent itself to a wide range of consumer applications. Adding a scan-able URL to a print advertisement is an easy way to get commuters to visit your website or install a mobile application.

The type of interactions you could historically have with a QRCode were limited. You could trigger events on scanning, but there was no way to do inline authorization, identity, or payment. Bitcoin has changed all of that. Now by encoding a unique address into a QRCode you can accept irreversible payment in any physical location, and you can use that payment to spawn actions in the real world, authenticate users, or provide instant access to merchandise. This ability to have an open and inline payment mechanism is potentially transformative.

Last week Tampa Bay Wave hosted a funding drive for local area charities. As part of that drive they had a Ustreamed event speaking with various board members and activists about their experiences around non-profit activities in the region. Noticeably lacking was a sign with a QRCode on it. A simple sign would have allowed them to take digital currency donations over UStream. A college student recently racked up over $24,000 USD in online donations after showcasing a QRCode on a sign during an ESPN telecasted event. Direct transmission of value over the TV, without any intermediaries, extraordinarily low fees and a high degree of anonymity. The same technique could just as easily be adapted to Youtube or any streaming video service for soliciting donations or voting on choices for future episodes.

In addition to almost nonexistent fees, the human labor costs are substantially lower also. As the technology proliferates will we need banks of telephone operators accepting calls in order to enter credit card information and other manual processing tasks? When are we going to start seeing PBS or another channel heavily invested in funding drives utilize this technology to provide another instant revenue stream? It seems that anything that reduces the cost to acquire funding is just money in the bank, is that enough to spur adoption?

What about the rise of in-game payments? If I want to unlock that hidden door, or purchase an item upgrade, why not integrate it into the fabric of the game itself? Bypass the network to provide additional in-game content by allowing players to scan QRCodes generated by the game. This would let content publishers offer direct consumer payment without using big content networks or paying middlemen, an appealing proposition for some.

That only begins to scratch the surface of what is possible. Payment can trigger events in the real world also, like dispensing that can of coke, turning on the valve for the beer tap, and initiating point-of-sale transactions. This bridging of out-of-band transactions with the real world can inexpensively add payment to a wide variety of activities without the overhead of point-of-sale architecture. My CoinCollectr project was based on the premise that if you can build an extremely low-cost point-of-sale (POS) you can do an end-run around the expensive entrenched infrastructure we have today. If there is interest in those technologies maybe someone can convince me to Kickstart it. That same technology can be applied to a dizzying array of use cases in developed and developing economies.

Finally, not only can you trigger an action but potentially you can convey information about who you are with that action. This has applications in physical and virtual access control, micro-payments for unlocking online services and providing 2-factor out-of-band authorization for banking and other services. Thats a lot of power for a 2D barcode. Don’t underestimate the numerous ways you can integrate this technology, or the transformative nature of being able to respond to payments in a programmable and real-time way.


Airdrops and national currencies

Let’s talk crypto currency air drops and the national coin movement. Quite a few alt coins have popped up in the last six months that purport to represent a geographic region and are using some kind of air dropped distribution. Auroracoin, Spaincoin, and Mazacoin (centered around the Lakota native-american tribe) just to name a few. Simply put, this means that the coin is mined and distributed to a specific population. That group does not need to be involved in the currency in any way, and is given a preferential allotment which is supposed to bootstrap adoption. This is an interesting conceptual mix of ideas, it preserves digital scarcity while gifting a specific population with a digital means of exchange. There is also something nice about having a pre-baked community, a rallying point around nationality or self-identity, which seems like a more natural boundary than an adorable dog or other internet meme. In some areas where traditional payments are difficult, and injecting money into a crypto is difficult this makes a lot of sense to me. I can imagine fostering digital exchange of value in places without much traditional infrastructure.

The nagging doubt in my mind is whether or not something with excellent utility but zero cost of production can have real value. Without mining cost, labor, or capital injection what exactly are we distributing? AuroraCoin made waves claiming to be the first national currency air dropped to the entire Icelandic population. Unlike many countries Iceland apparently has an excellent mechanism of tracking its citizenry, and a mechanism for people to both establish legal identity and claim their share of the AuroraCoin. When talking about crypto value I like to substitute some ordinary object as a placeholder, I think that helps navigate the question of value. Instead of distributing a digital currency, let’s distribute special rocks to all Icelanders. Now every Icelander has five special rocks which they can trade or give to other people. Do those rocks have value? They have the same utility value of any other special rock, are scarce, but potentially cost very little to create. As someone who isn’t Icelandic, why would I trade for this free rock the Icelander’s have that I do not? Certainly I could just create my own rocks and gift them to every American and we would be in the same situation?

Value is a very tricky question. It is a soft subject. Ultimately if someone is willing to pay for something it has value. The market capitalization of AuroraCoin is over 1 million USD right now, having undergone some significant fluctuations. The total available share is not clear, I imagine most Icelanders have not claimed their allotment yet. Shouldn’t the price deflate as distribution occurs? It seems that the value right now is based on a lot of artificial scarcity more than anything else. I think that summarizes the problem I have with national currencies in general, I’m not convinced that the distribution model conveys value. There is a marked difference between a community working together to create something, as was the case with Dogecoin, pooling resources and compute power, and ultimately electricity cost and a de-facto elite membership being gifted monies.

There is a lack of transparency in the operation of the coin that is a common problem in alt currencies. It seems that most of the alternative coins don’t have public figureheads. I’ve said it before, but identity is a key component of trust. All of my products have my name on them. If they perform poorly that reflects badly on me, so there is a real tangible loss to me if something I launch turns out to be a scam. For most alt coins their failure has absolutely no repercussions on the people involved. All upside, no downside. Any investor looking at an alternative currency should have a very good idea of who is behind it, and be able to independently assess their credentials and motivations. Alternative coins are already a fertile ground for pump and dump scams, and creating specific coins geared at a target population but without any general buy-in or identity seems like an idea ripe for abuse. What is stopping the creators of AuroraCoin from distributing the pre-mine amongst themselves if there is adoption outside of Iceland? There are no capital controls, rules, or regulations that prevent the spread or misuse of crypto currency.

For any pre-mined crypto currency is seems that for it to have value something of value must be traded for it, preferably another scarce resource. If a tree had to be planted for every coin minted then there is tangible human labor involved. Labor and the usage of limited resources is a foundational component of real value. For once I would like to see a national crypto currency that trades some of the countries real natural resources in exchange for the creation of the currency distributed to its citizenry.


Is Coinbase legal?

Let me preface this post by saying and I am not a lawyer, nor should you construe this document as legal counsel of any kind. I am however a huge fan of Coinbase. They were an early mover in the digital currency space, have received significant venture capital funding and clearly are making a concerted effort to push Bitcoin into the mainstream. My interactions with them have been consistently professional and the service they have provided has been virtually seamless. They are one of the only companies doing bidirectional USD to BTC conversion, allowing consumers to attach their bank account in order to buy and sell Bitcoin via transfer.

Although their monetization strategy isn’t discussed at great length publicly, one would imagine that in addition to a 1% flat fee they profit from bidirectional order flow with their customers. If their platform is reasonably sophisticated they would be matching buy and sell orders internally before going to an external market, reaping more savings. This off-chain trading allows for significantly higher transaction rates than block-chain based technology. This is a walled-garden approach, bringing the inter-customer infrastructure in house to facilitate micro payments, faster transactions and other usability features.

The service is great, but is it legal under current regulation? Coinbase is an online wallet, which allows external parties to send Bitcoin inbound to be auto-settled to USD. An analogy would be a bank that puts a bucket out front with your name on it. In the middle of the night someone drops a few bricks of gold in that bucket. The bank takes the gold, sells it for dollars and sticks that money in your bank account, no questions asked. They certainly know one side of that transaction, you as a customer have provided them with enough information to verify your identity. Is that enough? There is no way to determine whether you are initiating the Bitcoin transfer inbound, or if a third party is sending you money. There is certainly no way to determine the validity of that third party in the current system.

To my mind that seems like a slight of hand. Anti money laundering and know-your-customer regulation is fairly strict about identity and banking relationships. The argument could be made that you are buying and selling an asset that you own, but without being able to prove ownership it seems like a two party transaction where only one party is positively identified. Regulation is creeping into physical cash deposits with Chase requiring ID, and there are rules about receiving inbound wires from known criminal elements. Iran and other embargoed countries cannot simply send money into the US without it being noted, well unless they use Coinbase.

I hear people clamoring about risk management engines and threat analysis, but Bitcoin is programmatic money. A hundred proxies could just as easily receive money as a single person. The bank secrecy act of 1970 sets the bank reporting requirements at $10,000 USD. A $10,000 USD transfer could be trickle accumulated and settled out trivially. There exist simply hundreds of ways to obfuscate the public ledger. What is the functional difference between a large shared wallet, a purpose-built mixing service, and an exchange? Has anyone conclusively been able to prove identity tracking across the blockchain in all but the most trivial cases? It seems that in most instances a user’s identity is compromised by inadvertently tainting their transactions with a known or published address.

What about money services businesses? The MSB situation in the United States is obviously absurd, requiring in many instances per-state licensing. I don’t have the exact numbers but I believe at least 28 states have differing laws on the subject. Coinbase is no doubt pursuing these licenses if they don’t already have them, a good use for the war chest. So if Coinbase isn’t outright in violation of the law, it certainly is skirting around a very sensitive issue. Electronic transfer has been carefully regulated for decades, but new technology has done a total end-run around the current system.

The current banking system and the US government has constructed an extraordinarily expensive and convoluted infrastructure in order to control capital inflow and outflow. It operates like a financial Maginot line, a series of barricades and obstacles meant to prevent uncontrolled and un-monitored flow built on 20th century know-how. It is both an extraordinary testament of engineering and completely and utterly useless in the face of new technology and the promise of trust-less digital cash and peer to peer transfer.

Ultimately, maybe it doesn’t matter whether Coinbase is in perfect compliance with the regulation, when clearly the rules are outdated and ineffective. You can’t put this genie back into the bottle, and trying to make new technology completely conform is perhaps missing the point. It seems more likely that multiple ecosystems will begin to develop, some of which are in perfect compliance, and others that are outside the general rule of law. So is Coinbase legal? A definite maybe.


Bitcoin 2.0: Side Chains

I’ve decided to start my Bitcoin 2.0 series with side chains. The story definitely doesn’t start here, but proponents are making it sound like it ends here. There are a lot of competing technologies fighting for mind share trying to build next generation blockchains. As incredible as Bitcoin is, there are still limitations, and the argument is that a side-chain that allows for transfer of value between Bitcoin and other blockchain implementations is a valuable and needed innovation. Austin Hill and Adam Back are working on a blockchain company that is trying to shake things up with a new paradigm. They should be commended on a very interesting idea, a cryptographic 2-way peg that allows back and forth transfer. The question in my mind is, do we really need this? What does this offer beyond alt-coin implementations, and are those features fundamentally important?

The idea of an interoperable side-chain is that value can be transferred back and forth with another blockchain in a trust-less fashion. You don’t need an intermediate exchange to do multi-crypto transfer. You don’t need to rely on unfair mining, or pump-and-dump style trading. This is the “can’t do evil” idea, that cryptographic trust is all you should need. This is predicated on the concept that the digital scarcity of Bitcoin is a good thing, and that it should be preserved across blockchains. Separating utility value from the unit of account is a neat idea, but it doesn’t change the fact that the utility value of Bitcoin or a side-chain can be immediately duplicated in an alt. So instead of experimenting with new ideas in siloed environments and allowing the market to determine the value of the blockchain in question, the liquidity and ultimate value of the chain is entirely determined by BTC transfer.

Shouldn’t the value of a particular coin float against the values of the others? Shouldn’t I be able to experiment with new ideas in the space without hitching them to the Bitcoin bandwagon? It seems that most of the major benefits of side-chains are actually provided by merged mining, the same system that has driven Namecoin. The thing is that exchangification is extremely powerful, very efficient, allows high speed off-chain trading, and has other efficiencies with respect to capital that make it very appealing. The fact that some entities in the space have violated the community trust doesn’t mean that exchanges are a terrible idea that need to be thrown out. In fact there are many trading paradigms that would probably be very difficult to replicate outside of an exchange ecosystem.

What about digital scarcity? Limited supply drives value. So we are taking the limited supply of Bitcoin and allocating it across blockchains, and thus increasing the value of Bitcoin. The thing is there are alot of alt-chain concepts that revolve around inflationary policy, and there is quite a bit of evidence that Bitcoin’s efficacy as a currency decreases as the value increases. The hoarding mentality coupled with deflationary tendencies is pushing the value up, but the utility remains unchanged. Side chains seem to be poised to increase that overall utility, while also increasing the value. Do we want to pay more for utility that can be provided for less? Look at XRP in the ripple ecosystem, massive amounts of available units, because those units are being used in the transactional system. They are meant to protect the network, not drive the cost of doing business up as the supply dwindles. If a company wants to issue a stock, why should the value of that issuance be tied to BTC? If I issue stock on a side chain with transferred BTC and then transfer that BTC back what happens to the stock?

Let’s do a thought experiment. I’m going to create a side chain called CheaperBTC. You can transfer BTC into it from the main chain, and I’ll guarantee that the transfer fees are a fraction of the BTC blockchain on that network. Since this is a merged-mined alt-chain there is no incentive not to run the network as fees are accumulated across networks. What is to stop massive capital flight from the main blockchain in the search for market efficiency? Would this have a destabilizing affect? Interoperability can have pitfalls and unintended consequences, with a network of the value and size of Bitcoin is there strong incentive to adopt this idea? If BTC irrevocable travels between experimental side chains, what percentage of BTC will be lost in that transfer if the side chain infrastructure collapses or has fundamental bugs that Bitcoin doesn’t have? It seems likely that the deflationary spiral of BTC will become steeper in that scenario. Every change incurs risk, and there would need to be some kind of protections against abusive side chains.

Enough of devil’s advocate. This is a new idea, and it is bound to have some teething issues. The fundamental concept is interesting, and there are certainly use cases that would benefit from cross-chain asset transfer. It remains to be seen whether the benefits outweigh the risks. I believe that most of the value in side-chains already exist in a combination of alt-chains, the free market, and merged mining. Anything that expands the ecosystem is probably a good thing, but side-chains are built on many assumptions about the value of digital scarcity and the fixed monetary policies that exist in Bitcoin. Let’s work towards integrating it but judge the technology on its merits when it delivers tangible value.


Heartbleed: OpenSSL vulnerabilities

What a week! I was just on Tampa’s ABC news affiliate discussing the recent Heartbleed vulnerability. Probably my favorite name for a software-flaw in recent memory. You can check that out here. I have to commend them for distilling my commentary into something useful for consumers, but there were definitely some important details lost in translation. This post is geared at addressing some of the more technical points, and to provide remediation strategies for enterprises caught off guard.

Heartbleed is a serious attack, because it affects one of the most critical structural components of modern computing. Secure sockets layer (SSL) is a foundational technology, built on top of TCP/IP and meant to protect sensitive transactions of all sorts. SSL and the cryptography it is based on is baked into a tremendous amount of software. The OpenSSL implementation is a cross-platform open source version of that technology, and those libraries are baked into Linux, BSD, and other distributions. Linux is the most widely deployed operating system on the planet. It sits on personal computers, tablets, laptops, smart phones, servers, and an extraordinary amount of proprietary networking equipment. So the global attack surface of this vulnerability is potentially huge. The scope includes not only core services running on those platforms, but major software packages linked against broken OpenSSL libraries.

We tend to think of OpenSSL in the context of the consumer web, because that is what most people interface with every day in the form of the familiar HTTPS url. That means OpenSSL is linked into major web software like Apache, Nginx, etc. However, the problem is larger because it encompasses the back end infrastructure that companies rely on in their internal networks, as well as the VPN hardware that is suppose to allow secure access to private networks, and the load balancers and proxies that front much commercial infrastructure. This weakens the security posture of many enterprises. That means that software like OpenLdap for directory and authentication services is probably vulnerable. Kerberized services using SSL for transport are probably vulnerable. OpenVPN (a major open source SSL VPN, and arguable one of my favorite pieces of software) is most certainly vulnerable in many configurations. Stunnel-wrapped sockets, secure ftp variants, the list goes on and on. The elements that are supposed to provide strong border security. If you think about the larger picture, that is a lot of code.

As many of you know I am a huge fan of Bitcoin and digital currency in general. We have already seen the release of re-linked binaries for Bitcoin but we can expect that it will take some time for that to be distributed. I don’t think that Bitcoind is very susceptible to actionable information leakage, but I haven’t done a security audit of it either. I would love someone more knowledgeable than I to comment on that.

That is the scope of the problem. So how does Heartbleed work? It lets potential attackers sniff active memory of affected machines in 64kb increments. This potentially can reveal private keys used in transactions, form submission data, or any arbitrarily encoded data. Repeating the attack over a long period of time bleeds out the target. The collected data can than be analyzed for actionable information, such as user names and passwords. Since OpenSSL strives for cross-platform support this means many Unix variants, distros, and more proprietary embedded devices may inadvertently leak information. The OpenBSD developer Ted Unangst has a good write up of some of the technical specifics here and here. There is much debate in the community over whether this is an honest mistake or something more insidious. With the rise of NSA surveillance and clear indications that other software has been tampered with it is certainly a possibility worth exploring. There is also a technical debate over whether custom memory allocation is a desirable feature in security software. I’m not sure where I stand on that except that speed of execution and performance enhancements should be a very distant concern compared with core security.

Let’s talk remediation. Some of you know that I work on a variety of security products myself, SenderDefender is my email attachment security project. It integrates ephemeral messaging with client side encryption to securely transport sensitive information between individuals or companies. Architecturally it is not exploitable by heart bleed in an actionable way, that is there is no way to reveal or modify anything about customer data using this bug. I doubt there are many security services that could say the same, dropbox-et-al could very easily have exposed customer credentials. So how do you address customer impact and remediation. You should have an upgrade plan, security fixes for OpenSSL have been released on all major platforms. Use your distributions update mechanism to make sure you have the latest version. Keep an eye out for the commercial vendors, Juniper, Cisco are lagging on some of their product lines but embedded border security devices can be affected. Look for statically compiled software you are running that may include the outdated libraries, the binary release of Bitcoind is a good example, but tons of commercial and open source software is released in binary form. Finally, once perimeter security has been reestablished, make sure to take a hard look at backed components like OpenLDAP to make sure they are unaffected. Now comes the heart ache, time to reissue SSL certificates for your public and internal sites that could have been compromised, and after that has been done let your customers know that they can change their passwords.

Users are basically at the mercy of the software vendors. Don’t rush to change passwords and update information, this is an eavesdropping attack on the server. Until they are patched, and now that the bug and exploit is widely circulated changing your password is not advisable. Do update your local software, smart phone, tablets, etc.

Major software flaws have long term affects. The Internet is a big place after all, and even though many responsible vendors and service providers are going to be updating their software there will be corners of the Internet and back office systems that remain unpatched and vulnerable for years to come. This particular vulnerability is going in the black-hat toolkit for the long term.


Altcoin: Pump and Dump scams

I don’t like scammers. I think people in the community who are serious about the larger success of digital currency have to help new users navigate a complicated landscape. They should be shepherding them from the thieves, directing them away from the houses of ill repute, and generally giving them good advice. When Mt. Gox blew up I didn’t lose a single Bitcoin. It was clear to me from the beginning that they weren’t a legitimate organization, that they lacked the technical sophistication necessary to run an exchange of their size. They had extremely dubious beginning as a mechanism to exchange magic the gathering cards, hardly the type of provenance one wants to see in a billion dollar entity at the fore front of the Bitcoin community.

If your local bank had previous been a cattle feed store it might raise some eyebrows. However, Bitcoin is so new, and the digital currency ecosystem so undeveloped that very few people said anything at all. In fact, the head of Mt. Gox Mark Karpeles helped found the Bitcoin foundation, and established himself as a trusted entity in the minds of legions of people who frankly didn’t know better. When people asked me personally whether they should invest in Mt. Gox, store their Bitcoin there, or engage in any business whatsoever the answer was always no. I wasn’t particularly loud about that view point though, as much as I don’t like scammers, I also don’t want to throw people under the bus who are legitimately trying to build a better community for everyone.

There has been a lot of movement in the Altcoin space. This is the class of currencies that are essentially forked from the Bitcoin source and share many structural commonalities but often differ in specific implementation details. Alt coin infrastructure makes sense. Bitcoin is a massive large-scale distributed system, and as such is hard to change. The Alt coins let us experiment with other architectures in new and interesting ways. The problem is that it is so easy to start an Alt-coin that we have over two hundred at the time of this writing, many of which have little in the way of new features or innovation. They are for all intents and purposes the penny stocks of digital currency, pushed, and pumped to the unsuspecting masses while their creators sit on the profits.

I have a problem with people advocating digital currency who simultaneously try to pawn off garbage to unsuspecting people. They take Bitcoin which is potentially revolutionary and debase it by introducing people into the underbelly from the get-go. I won’t name names, but my twitter feed is essentially full of shills trying to make a quick buck at other peoples expense. Shame on you guys. You can’t advocate for Bitcoin and the transformative changes it enables while also pumping some ridiculous alt-coin. So without further ado I am going to do a tear-down of a pump and dump scam in digital currency and what it looks like. I’m sure my target will be controversial, but Zetacoin is in my sights. It has all of the earmarks of a concerted plan to increase the price-per-coin while leaving people who don’t know better holding the bag.

This strategy is extremely effective, it relies almost exclusively on hype and misdirection, and is extremely low on fact. This Wikipedia article is a good starting point to understand the dynamics for any micro-cap stock. This type of scam is illegal in the US, and many other jurisdictions, but because Crypto Currencies are for the most part unregulated people are preying on unsophisticated investors. The general flow is as follows.

1 – Buy a bunch of some random non descript alt-coin or start your own. For an existing currency like Zetacoin you probably want to slowly buy into it so as not to disrupt the price. If you buy too much too fast people are going to notice that there is manipulation at play. A good example of this is the number one Zetacoin address by value ZGfz94PBE2D3yhgSSooqMbtSiLNLozYsbv which at this time is worth approximately 1.5 million USD. Here is the link to the very first transaction for that address. Notice how the owner systematically accrues 50,000 ZET every 4 minutes. That is until yesterday at 6:26 PM where the owner starts offloading and reaping the profits, $456,000 of other peoples money at the time of this writing.

2 – Get suckers into the game. Start building a hype machine via your blog, pull people in on Twitter who can push your penny-stock. Just check the #Zetacoin hashtag for an unending stream of non-fact on twitter Some choice selections:

“When people eventually start to dig into what the #Zetacoin community has done they are not going to believe it.”

“#ZBAD’s motto of #BuyHoldBuild is starting to make sense to everyone else. True value of a coin is in application not speculation #zetacoin”

“I’m all about community that’s why i believe in #blackcoin and now #zetacoin”

“#zetacoin is a screaming buy even without knowing anything concrete.Hype/rumours to 2k,the breaking news will easily bring it to 20k #HUGE”

3 – Offer no concrete facts. The thing that is nice about talking about community is that you don’t have to back it up with anything. You don’t have to say where or how Zetacoin is different from anyone else. You don’t have to point to real world examples of use. In fact, you can pretty much manufacture a community of users overnight. Let’s take a look at the Zetacoin “community”.

Zeta-coin.org has a News section with 2 bullet points since 2013. Not seeming very active to me.

Twitter 6445 followers. That seems pretty sizable. The thing is you can buy a few hundred twitter followers for a few bucks, so difficult to tell if that is real community or not. There seem to be only a few very active in the PUMP. Zetacoin themselves say that over 500k has been traded in 24 hours! The vast majority being sold as the PUMPER takes the profit.

Github Has almost no changes since it was forked from Bitcoin. For a developer community working on something game changing this is also a red flag.

Forum. The Zeta-coin forum has less than 100 total posts on it.

OK, what about Reddit Ah. A very little going on, but 157 active readers!…

4 – Be anonymous. Beware when people don’t put their real name on a project, it says a lot about it when the creators are basically unknown. Remember, you have to avoid legal liability later. If there isn’t a name associated with the coin, someone who has something to lose if it goes belly up, buyer beware.

5 – Promise something big in the future. The main proponents talk a big game, that is all part of the hype machine. Examples:

“His project was a complete and utter GAME CHANGER.”

“Within 4 days Zetacoin was the hottest crypto in the community. Within 5 days the twitter feed was running red hot with Zetacoin talk.”

“Most of you have figured out that there is something big, and that there is a third party involved.”

“We have an opportunity to walk the talk that the community keeps mouthing.”

This is called bullshit. Unadulterated, useless drivel. Just look at the charts. Read the block chain. At the end of the day there is no news that should result in a 700% increase overnight. If you are investing in Zetacoin you just made somebody else Rich. Shame on you guys, you know who you are. People need to be aware that what is old is new again, the pump-and-dump penny stock scam is alive and well in Crypto currency!


C++ Freelancers

I’m looking for a skilled C++ developer interested in diving into some truly revolutionary alt-coin projects. You’ve seen the Bitcoin code-base. Lots of juicy C++ and Boost for networking and data-structures. There have been a lot of interesting alt-coins produced, including some that may have legs in the long term, however we haven’t seen second generation architecture built on a new block chain. All of the experimentation is happening on top of Bitcoin’s existing infrastructure, hacked as meta data into eighty byte fields and transaction ordering rules that try to enforce structure where there was none before. There are certain core features that I think a next generation block chain has to offer as part of its core design, and I want to help make that happen.

Ideally I would like to find someone interested in partnering or being paid on a freelance basis to work on targeted modifications to the Bitcoin code base. I have a number of ideas designed to provide a myriad of next-generation services, and I’m looking for the right people to carry them forward. In the spirit of open source this work will be offered pre-packaged and in source form to the larger community. Drop me an email at support@coinlock.com if you are interested, include a resume and the url of your linkedin profile.


The Bitcoin 2.0 landscape

I’m not sure that we have really resolved all of the issues around Bitcoin 1.0, and already a host of alternative platforms are being built alongside or on top of the core Bitcoin technology to address perceived faults and limitations. Bitcoin is a large, active, and in-use transactional system. Not an easy thing to alter in place without significant planning. However, a lot of thought went in to how the blockchain was constructed, and how Bitcoin transactions happen. Clearly a simpler system could have been developed, but this one has a great deal of flexibility and just enough leeway that some innovative tech can be built without forking an entirely new blockchain.

There are a lot of Bitcoin 2.0 implementations in various stages of development. Fundamentally they are all trying to make digital currency better. They are trying to add contracts, smart contracts, IOUs, decentralized autonomous corporations, and other software constructs that vastly expand the reach of programmable money systems. Clearly once you have a distributed ledger of verifiable and audit-able fact that you can use to transfer value, why stop there? I can imagine a future where a property deed, a future, an option, or an insurance product traverses the same network that the currency does. This makes sense at a lot of levels, especially from a security and reliability standpoint. It would be nice to be able to use the same ledger to audit multiple asset classes, and to reliably report on all of an individual’s transactions across their entire financial life.

With that in mind I am going to cover most of the major Bitcoin 2.0 competitors vying for mind-share. Many of them are trying to solve overlapping problems in the space, and some are further along than others. It isn’t an apple to apples comparison by any stretch of the imagination, but should give readers a little more insight into how they utilize fundamental Bitcoin technologies. Everyone is saying it, but it is all about the blockchain stupid. The Bitcoin companies out there right now are barely exploring the immense capabilities that a universal ledger can give us. I’ll start the discussion off with Colored Coins and Chroma wallet in my next blog post. Probably the earliest working example of a 2.0 implementation, that does add some very tangible benefits to the existing Blockchain.

This technology truly is revolutionary. This core concept of distributed trust mated with independant verification and auditability is the type of foundation necessary across many industries. What has started in Fintech elegently blends with so many other ideas. A day doesn’t go by when I think of a new potential use for the blockchain, feels like the early internet all over again!


Distributed autonomous corporations are terrifying

The distributed autonomous corporation (DAC) scares me. The fundamental idea of federating services across to miners responsible for running the blockchain and larger network is very interesting, but the implications appear to me to be more dystopian than utopian. Maybe it is just latent pessimism, but for every good example I can think of, I can think of some truly terrifying ones. For those unfamiliar with the characteristics of a DAC, I’ve cribbed this verbatim from the Coinwiki page on the subject and added commentary regarding each attribute.

  • They are corporations, they are free and independent persons (but don’t have legal personality).

Railings about the evils of corporate entities aside, the corporation has been frequently compared to a pathological individual. It has no moral standing except for the pursuit of profit. This isn’t really a commentary about whether that sole purpose is a good or bad thing, except to say in the physical world there is a framework of laws and people that can ultimately be punished when a corporate entity behaves poorly. Since people are responsible for the operation, society has legal, moral, and physical levers available to alter behavior.

  • They are autonomous once up to speed, they no longer need (or heed) their creators.

Once the code hits the network, it can function independently of human authority. It responds to stimuli, unhampered by any semblance of moral code except that imbued by its creator.

  • They are distributed there are no central points of control or failure that can be attacked.

Once developed and dispersed, the entity cannot be removed from the network. There are many questions about how bad behavior can be squelched in this system. If anything I would imagine it would be encouraged as the DAC itself could pay miners/users to keep itself running regardless of externalities.

  • They are transparent and their books and business rules are audit-able by all.

This I generally think is a fantastic feature. Public auditing of transactions, and the ability for software to introspect what is happening at a fundamental level could be a boon for legal compliance. However, most of that benefit is really a function of pro-grammatic money.

  • They are confidential and customer information is securely (and incorruptible) protected.

So the entity can be paid for its work without revealing who is paying it, or in any way prying into their motivations.

  • They are trustworthy, because no interaction with them depends on trust.

Trustworthy in this sense means that they do what they do. You can audit what they do. It doesn’t mean what they do is particularly nice.

  • They are fiduciaries, acting solely in their customers’ and shareholders’ interests.

This is a bit of a stretch. Companies don’t act entirely in their customers’ and shareholders’ interests. I think because of the transparent nature of the entity it would be difficult to fund something that actively subverted the interests of it’s shareholders, but not impossible. An entity will pursue profit, or survivability in some context.

  • They are self-regulating – they robotic-ally obey their own rules.

Self-regulating means that they do what they say they are going to do, and you can audit those rules, inputs, and actions. It may be obvious to point out, but this has nothing to do with real world ‘regulation’

  • They are incorruptible and no one can exercise seductive or coercive influence over them.

Their programming cannot be changed, but they could be thoroughly corrupt to begin with.

  • They are sovereign over their digital resources (but don’t have legal capacity).[2]

Moneys in their control are used to exercise the purpose for which they are created.

What could possibly go wrong. Their are numerous people in the community that look at this list, think about all of the corruption of the physical world, and yearn for a perfect merger of form and function. Something that binds human labor to a constant, irrevocable, self sustaining and incorruptible force. A guardian if you will, enshrined in code that optimizes, protects, and provides necessary services to all. Without further ado, a list of very bad things, in no particular order that DACs can make a reality.

  • Real-time Assassination (or binary options for evil)

Let’s mix a binary option with a data feed that injects data to the DAC on whether an individual is alive or dead. You pay into the address representing the person you want killed. Potential assassins can place a bet with the DAC that the person will die within the next second, minute, hour, or day. Accumulated bets go the pay-out. If the option expires true on consensus that the feed event occurred and the target destroyed, the money pool is paid out to people who took the timed bets. Anonymous financial incentive to murder, completely outside the rule of law.

  • Identity Theft Collective

How much is an identity worth? Let the DAC decide. Pay the collective to obtain fraudulent identities, and incentivize human labor to do the dirty work. The more data delivered, the better the pay-out.

  • Hackers For Hire

Have a target you want to hack? Let the DAC federate that work for you. Incentivize it to find skilled human labor to do the job, put in parameters for successful completion, and let it run.

  • RansomBot

Why not a viral DAC? Let’s mix the Cryptolocker virus with a DAC responsible for distributing the keys. It incentivizes humans to subvert machines for a cut of the profit relative to the number of machines they have compromised. It ransoms the hard drive contents back to individuals and uses the profit to fund itself forever and ever.

  • Coup Machine

What about pesky governments? A variant on the real-time assassination market incentivizes all sorts of real life physical interaction. Like the change of major government bodies, or the subversion and stalling of regulatory processes.

All right. Clearly there are good uses also. I am definitely playig devil’s advocate. You could imagine incentivizing charity in an equitable fashion that dramatically reduces waste as an example. The Internet itself has been an instrument for all sorts of terrible things, and yet the net good that it has generated has been incalculable. I think the most important difference is that the Internet does not bind human labor with financial incentive in the same way a DAC potentially could. This leads to a very dangerous synergy, where real life actions can be aligned, or constrained by code that is not responsive to social law. Food for thought. Let me know what you think in the comments, and if there are some overarching examples of social good that you think a DAC could create I would love to hear it.


IRS says Bitcoin is Property

Just in time for tax season!

A lot of people in the crypto community seemed to express various degrees of shock and agitation regarding the IRS’ new ruling that Bitcoin and other digital currencies would be taxed as property. Is this surprising? In almost every way Bitcoin behaves like gold, more than it behaves like a fiat currency. This is one of the reasons that I think it ultimately will be regulated as a digital commodity, and fall under the perview of existing exchanges and regulatory bodies set up to control the commodities markets. The ruling also disregards transactions under $600, and certain other circumstances. So that cup of coffee or Xbox One you wanted to get doesn’t become a burden to account for at the end of the year.

So what does this mean? Well, every time you spend some Bitcoin it might be a taxable event. That might be a pain in the butt, until you realize that every event on the Bitcoin network is catalogued in the Blockchain. It will be trivial to leverage that technology to do very sophisticated accounting of an entities spend/receive. I expect to see basic accounting and auditing software that utilized the Blockchain shortly. It is an idea whose time has come. At the most basic level I have done this for Coinlock, tracking transactions in, noting USD spot rate at point of entry, and noting cost when converted into USD.

The very wealthy have numerous tax tools available to them, many of which are based on the idea of sheltering, trading, and swapping property. Bitcoin-as-property could open up a world of tax planning driven by software that has never been accessible to the average person. This gets even more interesting as physical assets, tangible commodities, and redeemable contracts get issued on top of Bitcoin. Software can easily account and modify for digital currency events, but lets take it a step further. Why not have software agents automatically and continually optimize property ownership? Why not build accounting software that operates in real time to create an optimized tax profile, denying, modifying, purchasing and redeeming property as necessary to do so? That is the power and promise of programmatic money systems, where open-source and independently audited code can operate on your behalf to initiate, prevent, and auto tax-plan financial transactions.

I can see that happening in two different models. The autonomous corporation as championed by Ethereum and Bitcoin 2.0 Blockchain companies (MasterCoin, Colored Coins, and Counterparty) to name a few. Imagine an accountant-as-a-service distributed on a network of miners. Paid directly in crypto to dig through your financial history, automatically shuttling property into trusts and shelters. It seems far fetched, but a simpler model running a software agent as a service or locally on the Blockchain could perform similar work on your behalf. Ultimately programmatic money should reduce human labor, should improve the quality of life of billions of people, and create the construction of some truly revolutionary financial services.

The fact of the matter is that Bitcoin as property is great. Let’s hope that rule sticks. The amount of insight we can give software when all monetary transactions are parse-able is staggering. and combined with this ruling and some smart software could save us all a lot of money. Turbo tax shouldn’t be a once a year software, it should be constantly running, looking for opportunities to save, a silent private for-hire tax assassin.


SenderDefender technical breakdown

Hi guys,

There has been a lot of interest in exactly how SenderDefender works, what exactly it is trying to accomplish and how the site is structured. I’m going to try to break that down without going into exhaustive technical detail as to the implementation and deployment.

SenderDefender is trying to:

  1. Keep sensitive information out of email.
  2. Prevent third parties from stealing your data.
  3. Be very easy to use.

These seem like simple goals, but the reality is that creating any security product that meets all three of them is harder than you would imagine. I tried to combine several ideas to provide a complete solution for point-to-point file transfer. SenderDefender is an encrypted ephemeral transfer service. It differs from competitors in that the security of the data comes first, and at no point should I, anyone in my employ, or any of the service providers I use have access to your plain-text data.

A normal cloud storage service is structured very simply. Take a file. Throw meta data into a database. Put the file on a hard drive somewhere. Locally encrypt it to prevent flagrant physical stealing, store the keys in the data base or some other intermediate storage. Almost all services work this way. The reason this is a terrible security model is that you are essentially giving up full access to your data to the service in question. At any point a member of staff can read that data, and since they control the keys, they can unencrypt it without your knowledge. They can give it away, secretly sell it, or just divulge it. There is real financial incentive for corporate espionage and personal identity theft. Almost every single provider out there works like this.

SenderDefender doesn’t work this way. The code base is divided into two distinct pieces. The front end is an HTML5 application that uses the browsers native random number support and other advanced features to provide full multi-part upload/download and encryption services. We use standard AES-256 libraries to encrypt the file in the browser, using random keys and seeds generated with a combination of the built-in crypto support and DJB’s Salsa20 as a stream cipher on the generated entropy. The HTML5 code is served from an entirely different infrastructure from the backend, essentially checkpointed read-only into an S3 bucket that is federated by a CloudFlare CDN. Since this is a stand-alone application, it could just as easily be checksummed and delivered as a download-able in order to thwart even sophisticated attacks on the CDN network. We utilize SSL to deliver the code to the browser, and have minimized requests to prevent injection points. The non-free version even forgoes analytics and other third party JavaScript and fonts to minimize any chance of browser injection.

The backend is a separately secured and federated API service. It doesn’t know anything about your data. Every single file upload is randomly assigned credentials for the duration of the upload, is named a randomized UUID and is committed into a large single shared-mailbox style storage vault. The uploaded data is encrypted locally before it hits the network, and the upload itself goes through a third-party conduit that never touches the API or serving infrastructure.

Finally, the key,seed, and other meta data are encoded into the URL after the fragment identifier for the link. This means that when a SenderDefender link is followed the keys never get transmitted onto the network, they are read locally by the browser once the code is deployed. When you use an email service or other channel you are sending the keys to decrypt the data outside of any channel I control or have access to. After a file has been downloaded the backend explicitly deletes it from the shared mailbox, or if the file is unclaimed for 24 hours it is automatically expired. In an ideal situation the links themselves would be sent via an SSL tunnel or other ephemeral conduit to minimize the chance of compromise. Most email compromises happen weeks, months or years after the initial data has been sent. That is a lot of damaging stuff, sitting around waiting to be discovered.

Every effort has been made to isolate and separately vet the components. Remember the idea here is to limit the amount of time sensitive data is on the network, prevent third party access, and make it easy to use. I think SenderDefender does all three admirably.


Dogecoin and Litecoin support in Coinlock

Wow! Coinlock now supports Dogecoin and Litecoin. That means it is easier than ever to sell content and make some digital currency. You can quickly and easily add any content, specify a receiving address in any of those currencies and get paid. This support was a long time coming, there are technical differences in how each coin is handled that took substantially longer to sort through than I expected. The end result is a better platform for everyone.

I know that there are a lot of awesome artists, musicians, and writers using alt coins. Give it a try, and let me know what you think.


Warren Buffet doesn’t get it.

Well. That was a disappointing CNBC interview. Unfortunately when Warren Buffet speaks people listen, and that is bad news for Bitcoin and other digital currencies. A fast money order is perhaps the most dismissive explanation possible for such a revolutionary technology. I guess you could consider it comparable if you could programmatically send an anonymous money order to anyone on the planet in seconds with no possibility of interception. Scratch that, it’s not the same thing.

This helps to illustrate the divide between technologists and financiers in the digital currency space. We need more entrepreneurs who can bridge that gap, who understand the financial and technological ramifications of everyone on the planet being able to pay anybody else. There are billions of unbanked and under served people, and now a glimmer of hope that we can connect them instantly and securely to the world economy.

Friction and rigidity in the remittances and international money transfer markets make it both impractical and not cost effective to provide banking services of any kind to someone who is living on a dollar a day. Now, we have the tools that can potentially lift billions of under-served people out of poverty in the form of direct micro-finance, deposits, interest, and monetary security. There is an old expression, don’t throw the baby out with the bath water. It is one thing to discredit Bitcoin specifically as a method of wealth transfer, and entirely another to dismiss the transformative technologies it is based on. Don’t conflate the two.


Bitcoin point of sale

Why is Bitcoin so disruptive? Instant point of sale.

So let’s just be clear. A device less than a hundred dollars, capable of triggering a notification on payment almost instantly on any digital currency network. 8 cent transaction fees (soon to be 1 cent or less), no chargebacks, instant payment and settlement to USD using existing Bitcoin infrastructure. Highly secure, no possibility of physical hacking or compromise, and access to all of the analytics for purchasing on the backend.

You literally don’t have to know anything about Bitcoin, Doge, Lite, or any other coin and you can accept payment at your business. This is at the forefront of a wave of devices that trigger physical effects based on digital micropayments and other transactions.


Coinlock Screencast

Hi everybody,

I have people ask me how to use Coinlock and so decided to put together a very quick tutorial on selling something fast. I keep saying that this is the fastest way to sell digital content ever created, that might be hyperbole, but… take a look at the video and let me know what you think.

Just to recap the steps involved:

  1. Specify the price of the file or files you wish to sell. The price is pegged to a particular currency, since Bitcoin is volatile and fluctuates in price I wanted to make sure that people could sell their goods at a consistent value. If you put in $10 USD the price is converted at the point of purchase into $10 USD worth of Bitcoin.

  2. Put in a receiving address. This is the bitcoin address that will get paid when the file is purchased. If you use a new address for each file it is easy to look at your wallet and see which files are most frequently purchased. You can of course just as easily use a single address if that is easier.

  3. Finally, select some content to upload. This can literally be any kind of digital file. A zip archive, a movie, a PDF, a text file. It doesn’t matter. The moment you select the content it will start uploading on the transfers tab.

Go check the transfers tab to see all of your uploads and completed links. You can then copy the links and put them right in your blog, or anywhere a normal html link can be used!

That is all there is to it.


What is Bitcoin?

The question on every bodies mind right now. Is it a digital currency? Is it the basis for an entirely new financial system?, or is it something else entirely? Regardless of your stance on this, it is going to be big. The technologies that underly Bitcoin are not to be ignored, and the community is talented, vibrant, and motivated to change things in a big way. I’ve included my ramblings on this below (sorry for any shaky cam).

Bitcoin could be the foundation of an entirely new class of financial services, the gateway protocol for millions of the world’s poorest inhabitants to gain access to desperately needed banking, and the glue that intelligently connects our devices to the monetary system. I’m going to cover aspects of this in various future posts, if there is anything that you would like me to address specifically let me know.


Coinlock 1.5 Released!

Six months in the making, Coinlock 1.5 has launched! I’m very proud to announce this release, it represents a big step forward in providing a ubiquitous method by which any content can be sold instantly. Coinlock is trying to completely democratize content selling. I built the service so that anyone, anywhere, regardless of their nationality or access to traditional resources could monetize their digital creations. You don’t need a bank account, you don’t need any complicated infrastructure, and you don’t need to know how to program. I’ve included a brief launch video below, but more importantly go try it out at Coinlock and let me know what you think!

Technically the site has numerous improvements, including full integration of my multi-threaded encrypted client SenderDefender. I’ve also completely redone the front end in Angular, vastly expanded client side support, and generally made the entire experience substantially smoother and safer for all involved.

This is a big step forward for us, but there is more to come! Some major features are in the pipeline that will make it even easier to sell content online. If you like what you see help me get the word out!


Welcome to BrantonBits

Hi guys,

Here is my quick video intro to BrantonBits. The footage is a little shaky-cam, that’s what I call real passion. In the future I’ll do my best to not tap the table with my hands. ;–)

This blog is really an exploration of all things Bitcoin. I launched Coinlock over six months ago. That experience has taught me a significant amount about building applications and services in the Bitcoin ecosystem. I’ve also had the opportunity to meet an extraordinarily diverse group of people who have come together to make Bitcoin a reality. These programmers, miners, technologists, and visionaries form the backbone of what is shaping up to be a real revolution in payment and financial systems.

The financial sector and Bitcoin need to come together in a big way, and I plan to use this blog as a forum for my ideas in the space. The infrastructure and supporting ecosystem are very immature, but I expect it to expand dramatically, and more quickly than people expect. This type of technology is extraordinarily disruptive, and is not so easily put back into the box.

Engage me in discussion. I would love to hear from you all, especially in regards to building out next generation services.