Reaching Everyone, Pt III: Why Bitcoin Matters — Privacy, Freedom and Authority

ICYMI on In The Mesh, read the next parts there first.

This article is the third in a four-part series by Matt ฿ (@MattoshiN) and Wassim Alsindi (@parallelind) on the use of Bitcoin and the technology stack built atop it to assist those living under oppressive regimes or in conflict zones, and those seeking to flee them. Read the first and second instalments.

By Kevin Durkin for In The Mesh

Bitcoin is, above all, agnostic. It serves anything, and anyone, with no regard for who users are or what their intents might be, provided they play by the rules — rules, not rulers. What one may see in the network, protocol and currency is a context-dependent Rorschach test: one person’s rat poison is another’s meal ticket. While legacy financial institutions are fuelling a wave of social media deplatformings through the ever-expanding Operation Chokepoint, Bitcoin rises to prominence as a tool for the marginalised, ostracised, oppressed and forgotten. It enables any human to develop a parallel means to transact and store wealth and, as time goes on, the ways and means of using Bitcoin grow in variety and quality. There is no doubt that volatility in BTC-fiat crossrates make external measures of cryptocurrency value vary wildly, and obviously downside risk is not helpful especially when you are putting your life on the line. On the other hand, when national currencies undergo hyperinflationary events Bitcoin can be one of few accessible havens of relative stability. As of today, stablecoins are not the answer.

Freedom means everyone can use it, regardless of your opinion on their motivations, political leanings or priorities. Guerrilla and outsider organisations of all flavours and persuasions will be early adopters of decentralised technologies, and there’s nothing that can be done about that. The precautionary principle doesn’t work in permissionless environs and there is no ‘off switch’ — a feature, not a bug.

Bitcoin heralds a new age of ‘extreme ownership’ — or at least, provides the option for individuals to truly exercise sovereignty over their wealth. When used correctly, it is both unseizable and uncensorable. In the digital age, few things are more important than ensuring that wealth can be stored and transmitted without custodians or other third parties keeping personally identifiable information, blacklisting recipients or otherwise denying/reversing transactions. While physical cash offers individuals a degree of anonymity in their day-to-day exchanges, the push towards digital payments threatens this privacy by creating digital footprints that could be exploited for the purposes of surveillance.

How an individual ‘experiences’ Bitcoin is entirely up to them. On one end of the spectrum are those who have no need for true possession — consider speculators that rely on custodial exchanges or wallets. On the other are power users seeking granular control for maximising their privacy and financial self-sovereignty — functions like coin control, UTXO mixing or operating a fully validating node. Evidently, the further towards this end of the spectrum they tend, the more the value proposition of Bitcoin becomes apparent.

The appeal of Bitcoin today is undoubtedly rooted in the ease of its trust-minimised, rapid and global transfer, paired with the change-resistance and (algorithmically enforced) scarcity that precious metals have historically exhibited. Where faith in centrally-issued fiat currencies requires that participants entrust governments with maintaining monetary legitimacy and purchasing power, faith in a cryptocurrency network’s continued healthy function merely requires that participants act in their own self-interest — consensus is driven by active nodes. Indeed, you’ll have a hard time garnering support for an upgrade that would endanger the wealth of others such as inflating the money supply or sacrificing security for convenience. However, no system is infallible, and it’s foolhardy to overlook some potentially dangerous attack vectors executable in various manners. Everything from eclipse attacks — which geographically or otherwise target individual or grouped subsets of nodes so as to obscure and alter their view of the canonical blockchain — to state-sponsored 51% attacks and mass deanonymisation efforts which could vastly undermine the security and credibility of the network.

Fungibility and privacy are linked concepts — an asset’s fungibility preserves the privacy of the individual holding it. Assets such as gold and fiat cash are considered highly fungible, as it’s near impossible to distinguish between units of the same type. Conversely, something like a rare painting would be non-fungible, on account of its uniqueness. Functionally — for the most part — Bitcoin appears to be fungible: the vast majority of merchants will indiscriminately accept payments regardless of the provenance of coins.

Upon closer examination however, the situation is less rosy. As the protocol relies on a public ledger to keep track of the movement of funds, this provides a rich source of information for the intrepid data miner looking to perform analyses and potentially deanonymise users. “Blockchain analytics” companies (and their governmental clientele) have been known to track the propagation of UTXOs through the network that have passed through a given address or that have interacted with ‘blacklisted’ entities.

[Source: https://twitter.com/tillneu/status/1095996386238218242/photo/1; re-design by Kevin Durkin for In The Mesh]

There’s an entire class of coins which offer varying degrees of privacy within their protocols and address a niche that Bitcoin inherently lacks. In life-and-death situations, linking a BTC transaction or an address to a real world identity can have grave consequences in locations where authorities are hostile. On the other hand, if Bitcoin was as private as Monero or Zcash, then its monetary soundness would be dependent on cryptographic assumptions holding true. An example of such a situation is the recently disclosed vulnerability in Zcash which arose from cryptographic errors which — although complex to exploit — would have allowed an adversary to surreptitiously inflate the supply in the secret “shielded pool”.

Despite the transparent nature of Bitcoin’s ledger, it can be used privately. Whilst the protocol doesn’t incorporate strong guarantees itself at present, this is set to change with the implementation of improvements such as Confidential Transactions, MAST, Taproot and Schnorr signatures. Externally coordinated obfuscation techniques are in use today, most commonly CoinJoin implementations such as JoinMarket and ZeroLink. These allow users to pool and jointly transact multiple inputs so that a degree of plausible deniability is assured, as observers cannot map outputs to specific inputs.

Recent development of more sophisticated CoinJoin transaction types such as Pay-to-Endpoint (also known as PayJoin/Stowaway) and Ricochet, have proven the shortcomings of chain analytics capabilities as they are understood today. One cautionary note is that although we have many separate techniques for improving Bitcoin transaction privacy, interactions between these elements are not necessarily widely understood. As a result, there are non-zero probabilities of critical information leakage or failure of certain processes and users should not assume that all tools have been tested thoroughly in combination. For example sending mixed UTXOs from a CoinJoin wallet into a Lightning node may lead to deanonymisation given that Lightning node IDs are public.

Since the Bitcoin protocol has displayed such admirable resilience and uptime in the past 10 years, authorities at the local, regional, national or global scales can only try to apply pressure to the “soft” interfaces between the network and the wider world such as exchanges, merchants, miners, hardware and software vendors. Inconsistent laws arising from governments’ knee-jerk reactions towards Bitcoin are an ongoing reality.

Ensuring regulators are in possession of independent tools and information sources will minimise misunderstandings leading to arbitrary bans, restrictions, licenses, fines, jail or seizure. Even upstream infrastructure such as ISPs, domain registrars and payment intermediaries are coming under increasing pressure. One aspect of particular concern is the conflation of Bitcoin with tokens, ICOs or other blockchain projects raising funds via regulatory arbitrage. China now apparently requires the registration of cryptocurrency nodes with authorities. Where persons or businesses operating cryptocurrency enterprises are kept under close watch by corrupt officials, they are at risk of extortion or kidnap.

Another front on which there is work to be done is on the fungibility of bitcoin UTXOs themselves. As mentioned above, there is a growing industrial niche providing analytical services to governments and businesses submitting to state compliance procedures. Though they may oversell their capabilities to clients, it is known that exchanges supply information to them. One attempt to deanonymise identifiers on a network such as Bitcoin has involved attempting to use metadata such as browser fingerprinting, language preferences, node and web client IP addresses for location and to link these to particular addresses or UTXOs. Even a small part of the user graph being deanonymised has wider potential implications, due to the public nature of the ledger as discussed above. Know-Your-Customer and Anti-Money Laundering laws (KYC/AML) collectively constitute the greatest privacy risk to individuals using Bitcoin today.

Dusting is also a potential chain analysis technique which takes advantage of poor coin selection in wallets by sending tainted UTXOs to target addresses and tracking their propagation. This vector primarily targets merchants (exchanges and other economic nodes) as individual users can easily circumvent such attacks by marking dust UXTOs as unspendable. The mechanism of transaction itself is also important to recognise in light of the recent OFAC sanction of addresses linked to Iranian nationals. How is any entity going to stop people interacting with sanctioned addresses in a push system?

For the most part, many of the existing issues will become less of an issue over time as the Bitcoin network and the ecosystems built around it mature. The reduction of hashpower aggregation in certain regions such as the West of China makes it increasingly difficult for a malicious (private or state-sanctioned) actor to commandeer dangerous amounts, more skin in the game from cryptocurrency businesses contributing to a state’s GDP and tax coffers makes the budgetary penalty for nations greater should they consider outright bans on cryptocurrencies or adversarial mining and advances in cryptography hardens Bitcoin’s privacy preserving potential.

In the final part of this series the myriad tools, techniques and strategies to transact using Bitcoin in contexts where personal privacy and freedom are under threat will be explored.

Thanks to Yuval Kogman, Alex Gladstein, Richard Myers, Elaine Ou and Adam Gibson for helpful feedback.


Wassim Alsindi directs research at independent laboratory Parallel Industries, analysing cryptocurrency networks from data-driven and human perspectives. Find him at www.pllel.com and @parallelind on Twitter.

Matt B is a writer and content strategist in the cryptocurrency space with a particular interest in Bitcoin and privacy technology. He can be reached at itsmattbit.ch and @MattoshiN on Twitter.

Images by Kevin Durkin for In The Mesh

Ethereum Classic: The Ungoverned Blockchain?

How does anything get done if there are no leaders? Why hasn’t ETC died by being abandoned by the Ethereum Foundation after TheDAO hard fork? The ecosystem of participants and stakeholders working in and around the ETC network is examined in outline below.


So, where and how does ETC “governance” happen?

Making changes to Ethereum Classic consensus rules is “ungoverned” in a similar way to Bitcoin and Ethereum with little appetite for large numbers of consensus-breaking upgrades. Currently it is an ad hoc process where ECIP proposals are raised on Github, discussed in public/semi-public fora and should they be widely supported without contention locked-in to the nominally canonical “Classic-Geth” client with the other clients (Parity Labs’ eponymous software and IOHK’s Mantis) merging in response. In the case of a contentious proposed upgrade some arbitrary signalling criteria could potentially be set (i.e. % of miners upgrade/signal, on-chain carbon vote as used by ETH to justify DAO hard fork) though this has not occurred in ETC since the events which led to the creation of the network.

Source: https://medium.com/@TokenHash/the-star-improvement-proposal-standard-for-ethereum-classics-ecip-process-df20453de8e6
On-chain “Carbon Vote” for TheDAO fork on Ethereum. Source: https://elaineou.com/2016/07/18/stick-a-fork-in-ethereum/

As with other networks based on the original Ethereum design, some parameters such as adjustments to the gas limit per block — restricting the amount of EVM computation in a similar way to block size / weight in Bitcoin-derived networks — can be enacted in small increments on a per block basis via miner signalling. There is currently some discussion to motivate a decrease in the gas limit per block in order to avoid the chain growth rate issues which make running ETH full nodes a challenge in terms of burdensome resouce requirements. The likely aggregation of ETC hashrate among a small number of big mining farms, cooperatives and pools presents issues with reliance on miner signalling, as recently evidenced in Bitcoin when the merge-mined EVM Rootstock sidechains went live with 80% of network hashrate signalling. The naive downstream adoption of “default” Ethereum settings such as ETH’s 8 million gas limit per block is also a potential issue for ETC’s ungovernance to navigate.

ETC Gas Limit versus Block Height. Source: http://etcsummit.pllel.com

Two hard fork network upgrades have taken place in the ETC network — ECIP-1010 to remove the “difficulty bomb” and ECIP-1017 to institute a supply cap with asymptotic supply curve.

The decision-making process could be better organised, more transparent and clearly defined and refinements to the ECIP process are currently being discussed. At present most informal community discussion takes place on ETC’s Discord server, with ECIPs themselves posted on the nominated Github account (ethereumclassic) following a power struggle and takeover of the previous canonical Github account (ethereumproject), ostensibly related to the situation with ETCLabs discussed below. ETCLabs appear to be preparing to implement their own proposed parallel “ECLIP” improvement proposal scheme though this may be a mis-communication rather than a “consensus hostage situation” — situation is unclear at time of writing. Below are a few links to recent discussions and proposals relating to how Ethereum Classic reaches decisions relating to network upgrades and changes.

Ethereum Classic (ETC): Putting Together the New Decentralized ECIP Process

Ethereum Classic Improvement Proposals

ethereumclassic/ECIPs

Some stakeholders in ETC want to see closer collaboration with ETH, some are ambivalent and others are opposed. The recent announcement of Bob Summerwill as ETC Cooperative Executive Director is noteworthy as he was instrumental in founding the Enterprise ETH Alliance, was involved in the Ethereum Foundation, was a senior figure at Consensys. There are some existing collaborative projects between ETH and ETC, including Akomba Labs’ “Peace Bridge” to allow cross-chain transactions, Kotti unified PoA testnet and some recent discussions regarding ETC considering the adoption of aspects of the Ethereum 2.0 roadmap.

The last few months have seen a change in the composition of the ecosystem around Ethereum Classic, as a the previously pre-eminent privately funded core development team “ETCdev” collapsed due to lack of funds with another entity “ETCLabs” forming a new developer team “ETCLabs Core” with significant overlap of personnel. Some community members have described the sequence of events as a corporate takeover attempt, others do not seem so worried.

“The ETC community is still small and, in this bear market, lacks funding from volunteer investors or other sources to initiate new core maintenance and development projects or pay new core developers quickly. This is because there are no leaders, foundations, pre-mines, treasuries, protocol taxation or any other financing gimmicks that so much contaminate other centralized projects.”


ETC History and Network Characteristics

The Ethereum blockchain launched on 30th July 2015. When the Ethereum Foundation conducted a hard fork as part of TheDAO’s exploit recovery (“irregular state transition”) on July 20th 2016, they kept the name and ticker symbol Ethereum / ETH. The canonical chain branch in which TheDAO exploiter kept their spoils survived against most observers expectations and attracted community, developer, exchange and mining support. The unforked chain came to be known as Ethereum Classic (ETC).

Ethereum Classic (ETC) is pure Proof of Work utilising the Ethash (Dagger Hashimoto) algorithm. It is the second largest network using this algorithm, marshalling approximately 15–25x times less hashrate than Ethereum (ETH). Due to its situation as a minority PoW network without 51% attack mitigations at the protocol or node levels it has been deemed to be vulnerable to thermodynamic attacks and this has been observed recently. Mining is permissionless so the identities and extent of participation of block producers are not necessarily known. Some network and blockchain analysis of the ETC mining ecosystem is being undertaken currently. There is a high degree of suspicion that covert FPGA and/or ASIC mining was employed leading to the recent majority attacks. Most of the hashrate employed in the recent attacks is suspected to be of exogenous origin to the existing Ethash ecosystem and marketplaces such as Nicehash.

Ethereum’s whitepaper was first circulated in late 2013 and there was a “token crowdfunding” (= ICO) in 2014. Approx 72 million of the 105 million supply issued were distributed in the ICO. Mining providing block and uncle rewards has distributed the remainder. Work is ongoing currently to compare the movement of balances either side of the ETC/ETH fork. Inflation was set to “5M20”, reducing mining rewards by 20% every 5 million blocks which corresponds to approximately 5% annual supply increase. The same hard fork in 2017 (ECIP-1017) also installed a fixed supply cap.

Ethereum “became” Ethereum Classic because the Ethereum Foundation asserted intellectual property rights over the “Ethereum” name despite branching away from the canonical chain. This is still a point of contention and some prefer the name “ETC” as a subset of stakeholders look for alternative nomenclature to “Classic”.


How are Development and Ecosystem Activities Funded in ETC?

What is the reference node implementation?
This is also a bone of contention in ETC. When ETCdev ceased operation, the hitherto canonical client Classic-Geth written in Golang stopped being reliably maintained. ETCLabs Core maintains Multi-Geth but not all stakeholders in the ETC ecosystem are currently comfortable using their software given their ostensible desire to have an independent ECLIP improvement proposal pathway which appears more hard-fork than soft-fork oriented.

Are there any other full node implementations?
Parity Labs maintains their Parity client written in Rust.

IOHK maintains their Mantis client written in Scala.

How is client development funded?
Development is funded by private organisations — ETCLabs, Parity and IOHK fund client development following the demise of ETCdev. ETC Cooperative (partly funded by DCG/Grayscale and DFG) also support protocol development.

There has been resistance to adopt an on-chain treasury as proposed by IOHK, some stakeholders see this as inherently centralising but given the collapse of ETCdev due to funding shortfalls and absence of alternative funding models / “build it and they will come” the status quo is at risk of prolonging a continuing tragic commons scenario. There are some grants and funding opportunities via ETCLabs but at present are focused on business/startup incubation.

Most funds are controlled by companies but ETC Cooperative is now a 501(c)(3) non profit based in the USA. There is also a small community fund controlled by a multi-signature wallet but there are no current plans to disburse this.

What other software does the entity(ies) which funds the reference node produce?
Hard to answer conclusively since there is a lack of agreement over what the reference implementation currently is.

Parity — Rust ETH client, Polkadot/Substrate, Bitcoin client, Zcash client.

ETCdev — defunct, Emerald application development framework and tools, Orbita sidechains.

ETC Cooperative — developer tooling and infrastructure e.g. recent Google BigQuery integration.

IOHK — a lot of software for Cardano, ZenCash, ETC.

ETCLabs — ?

What else do the entities which develop or fund the reference node do? (not software)

Parity — Web3 Foundation

ETCLabs — VC/Startup incubator

ETC Coop — General PR, community and ecosystem development, conference organisation, enterprise & developer relations

IOHK — PR, summits, art projects (Symphony of Blockchains), academic collaborations, VC partnership and research fellowships with dLab / SoSV / Emurgo….

DCG/Grayscale/CoinDesk — PR, financial instruments e.g. ETC Trust, OTC trading…


How is work other than development (e.g. marketing) funded?
It in unclear how funding and support for non-development activities is apportioned.

DCG/Grayscale and DFG fund ETC Cooperative

DFG funds ETC Labs


Related projects — Are there any significant projects which are related? For example, is this a fork of another project? Have other projects forked this one?
Ethereum (ETH) was a ledger fork of this project, Callisto (CLO) was a ledger fork of this project. There may have been more minor codebase or ledger forks.


Significant Entities and Ecosystem Stakeholders

ETCLabs is a for-profit company with VC/Startup and core development activities funded by DFG, DCG, IOHK and Foxconn.

ETC Cooperative is a 501(c)(3) non profit based in the USA funded by DCG and DFG.

ETCdev (defunct)

IOHK (Input Output Hong Kong) is the company led by Charles Hoskinson who previously worked on BitShares, Ethereum and now Cardano.

DCG (Digital Currency Group) is Barry Silbert’s concern which contains in its orbit Grayscale Investments, CoinDesk, Genesis OTC Trading amongst other organisations.

DFG (Digital Finance Group) is Chinese diversified group concerned with investments in the blockchain and cryptocurrency industry, OTC Trading, Venture Funds.


Wassim Alsindi directs research at independent laboratory Parallel Industries, analysing cryptocurrency networks from data-driven and human perspectives. Find him at www.pllel.com and @parallelind on Twitter.

Reaching Everyone: Are stablecoins the answer to Bitcoin’s volatility?

It depends on the question. For those most in need of value preservation and freedom of transaction, the risks likely far outweigh the benefits.

This is a brief aside from our “Reaching Everyone” article series on In The Mesh, by Matt ฿ (@MattoshiN) and Wassim Alsindi (@parallelind) on the use of Bitcoin and the technology stack built atop it to assist those living under oppressive regimes or in conflict zones, and those seeking to flee them.

There is no doubt that volatility in BTC-fiat crossrates make external measures of cryptocurrency value vary wildly, and obviously downside risk is not helpful especially with those in straightened circumstances, or even with their lives on the line. On the other hand things like this might happen:

https://www.thesun.co.uk/news/7804100/isis-war-chest-bitcoin-crash-investment-millions-cryptocurrency/

Could so-called “stablecoins” be the answer to the volatility dilemma? Well, stable with respect to what, and how to maintain price consistency? Broadly, there are three current models:

1) Central issuing authority. Confidence in value is faith-based with censorship risk — such as JPM’s upcoming offering. Additional risks with undercollaterisation.

2) Asset-backed with trusted custodian. Price maintenance depends on faith in the underlying assets and transparency of auditing. Examples include Tether or gold-backed products.

3) Algorithmic mechanisms seem like worthy but very much unproven experiments. Until tested at scale and over significant periods of time, these are no place for people on the margins to place their wealth. DAI and Basis (RIP) are examples of this approach. Additional risks arise from regulatory burden, if the stability process is deemed to be security-like and centralised oracles reporting external prices. Front-running may be an additional issue with DAI as MKR (MakerDAO’s parent token) holders would be diluted in the event of a peg failure, with more sophisticated holders jumping ship at first signs of trouble. This may resemble the Cantillon Effect playing out backwards?

There is considerable base protocol and smart contract risk for platform-issued tokens such as stablecoins, especially as the current predominant stablecoin token “hosting” platform Ethereum prepares to undergo transition to ETH1.X and ETH2.0 with some combination of ProgPoW, hybrid PoW/PoS, PoS, the bewilderingly diverse Plasma family of state channels, new virtual machines, sharding and/or state rent. Contrast this with Bitcoin’s conservative development philosophy and aversion to rapid changes in network function largely pushing innovation into “second layers” such as Lightning Network and sidechains.

Using a Stablecoin today largely redistributes risk from price volatility to technological, regulatory and/or custodial uncertainty, not necessarily a wise trade for someone with few other options compared to physical cash. Privacy is also an issued with almost all these systems, which either require some element of AML/KYC or use networks with inherently poor privacy. Historically, no stablecoin has ever defended its peg over a period of years. Stablecoins are still an experiment, no place to deal with matters of life or death. As the crowded retinue of competing fiat-pegged products grows ever larger, more concepts from traditional finance such as demurrage, censorability, discounts on par or interest are being proposed or experimented with.

Even major currencies such as the British Pound have failed to maintain agreed trading ranges against well resourced adversaries, what chance a smart contract or non-native blockchain token with limited resources has to balance price, supply and demand through the various phases of cryptocurrency’s wild market cycles remains to be seen.

The BitShares USD stablecoin BitUSD has among the longest history of any attempt. Source https://coinmarketcap.com/currencies/bitusd/

For people outside the most developed nations, or those whose human rights are under risk stablecoins do not deliver the goods, at least in the present day.

Wassim Alsindi directs research at independent laboratory Parallel Industries, analysing cryptocurrency networks from data-driven and human perspectives. Find him at www.pllel.com and @parallelind on Twitter.

Matt B is a writer and content strategist in the cryptocurrency space with a particular interest in Bitcoin and privacy technology. He can be reached at itsmattbit.ch and @MattoshiN on Twitter.