Tuesday, November 17, 2015

You are the Bank


Back in the 1930 depression, people found out the hard way, that they could not trust banks, they woke up one morning and their money was simple "not there".. People who experienced this "reality" started to store notes under their bed, as they trusted that cash would be there in the morning.
This was the era when banks needed physical storage, bank vaults to protect peoples "money",  roll forward to 2015, money is now just a bag of bits inside a computer, the need for physical "vaults" has disappeared.

Due to the lack of investment and antiquated computing and payment systems, the typical smartphone has more combined computing power, and can be made more secure than any payment network today.

This raises the Question perhaps in a digital world "You are a bank"..
Back in 2012, I bogged about The Goldsmith Who Became a Banker , which essentially outlines how banks came about, and perhaps also why they are no longer relevant.

Banking Today?
Consider your basic bank account, checking, savings, passbook, etc. Banks go through massive contortions to create an illusion that your money is yours, that its safe and sound in a bank with your name on  it, in your own virtual safe deposit box. But that is simply not the reality of modern banking. What you perceive as “your money” is little more than an electronic journal on the banks accounting ledgers.
Fractional reserve banking means that the $100 you deposit is lent out only $10 of your $100 is kept in reserve. Under normal circumstances, with thousands of depositors and millions of dollars, the banks have no trouble giving customers who ask for their money back the full amount at any time. But it is not as if your money is sitting in an account waiting for you — you merely have a claim on those monies, and that claim is insured, and backed by taxpayers (theoretically).

You are, in fact, a counter-party to your bank.

Digital Wallets
First the traditional leather wallet is a storage mechanism for consumers’ cash, credit, debit and loyalty cards.

Next the mobile network operators sought to take the digital wallet concept offline by storing payment credentials within the mobile device the SIM card, and transmitting the credential to payment terminals via a near field communications radio.

Today Digital Wallets which incorporated the mobile wallet solution directly into a secure portion of the operating system, and simultaneously incorporated a secure memory chip, an NFC radio, and a fingerprint reader. 

This is a hardware/operating system combination designed to facilitate transactions everywhere the device goes. The operating system is the only be-everywhere alternative that can seamlessly interact with every application, every website and every bit or byte that crosses the mobile device.

So, we are left with the death of the digital wallet concept and only the "physical wallet survives", but in a mobile form.

What does this mean? It means that banks no longer "need" to secure your "money", your mobile phone under your control, is more secure than any existing banking or credit card payments or monetary value storage system which exists today. In fact it is very similar to the 1994 Mondex digital cash system, except that unlike Mondex which was owned 100% by banks, this physical wallet is owned and controlled by "You"..

You are the Bank
As you have taken back control of  "your" money, what you do with it is now totally under your control, you are the bank..
When combined with a Payments Block Chain Ledger, and P2P protocols, you can remote payments more securely than SWIFT or any existing payments network like Visa or Master Card anywhere in the work, much like good old Mondex did 20 years ago.

This solution can be more secure than any virtual currency, such as Bitcoin, and the many other variants.

In the same way bitcoin invented a "censorship resistant" virtual currency, being your own bank takes this concept to the ultimate level of individual control and utility..

Being "unbanked" simply no-longer matters,

You are the Bank!





Disclaimer The contents of this site should not be understood to be accounting, taxation or investment advice but rather as general product related educational information that may or may not meet your specific requirements.

Monday, November 2, 2015

Bitcoin Consensus, Power corrupts, Absolute power corrupts absolutely..

Bitcoin is the result of 20 years of research in distributed systems and currencies, and has made these technologies a reality. The decentralised "consensus" at the heart of bitcoin has spawned a wave of innovative though in currencies, financial services, economics, distributed systems, voting systems, corporate governance, and contracts.

I believe this decentralized mechanism for emergent consensus; emergent, because consensus is not achieved explicitly—there is no election or fixed moment when consensus occurs. Instead, consensus is an emergent artifact of the asynchronous interaction of thousands of independent nodes, all following simple rules. All the properties of bitcoin, including currency, transactions, payments, and the security model that does not depend on central authority or trust, derive from this invention. At the heart of bitcoin "consensus" is mining (called Proof Of Work), which in bit coin is a simple  "hashing", the bitcoin proof of work is simply a voting system based upon MIPS or power..

The bitcoin consensus mechanism depends on having a majority of the miners acting honestly out of self-interest. However, if a miner or group of miners can achieve a significant share of the mining power, they can attack the consensus mechanism so as to disrupt the security and availability of the bitcoin network.

Bitcoin Mining Pools
In this highly competitive environment, individual miners working alone (also known as solo miners) don't stand a chance. The likelihood of them finding a block to offset their electricity and hardware costs is so low that it represents a gamble, like playing the lottery. Even the fastest consumer ASIC mining system cannot keep up with commercial systems that stack tens of thousands of these chips in giant warehouses near hydro-electric power stations. Miners now collaborate to form mining pools, pooling their hashing power and sharing the reward among thousands of participants. By participating in a pool, miners get a smaller share of the overall reward, but typically get rewarded every day, reducing uncertainty.
We can see below, the bitcoin network’s hashing power increase over the past two years. As you can see, the competition between miners and the growth of bitcoin has resulted in an exponential increase in the hashing power (total hashes per second across the network).



The 51% attack
Let's examine a practical example of a 51% attack. Lets look at a transaction between Alice and Bob for a cup of coffee. Bob, the cafe owner, is willing to accept payment for cups of coffee without waiting for confirmation (mining in a block), because the risk of a double-spend on a cup of coffee is low in comparison to the convenience of rapid customer service. This is similar to the practice of coffee shops that accept credit card payments without a signature for amounts below $25, because the risk of a credit-card chargeback is low while the cost of delaying the transaction to obtain a signature is comparatively larger. In contrast, selling a more expensive item for bitcoin runs the risk of a double-spend attack, where the buyer broadcasts a competing transaction that spends the same inputs and cancels the payment to the merchant. 

A double-spend attack can happen in two ways: either before a transaction is confirmed, or if the attacker takes advantage of a blockchain fork to undo several blocks. A 51% attack allows attackers to double-spend their own transactions in the new chain, thus undoing the corresponding transaction in the old chain.
In our example, malicious attacker Mallory goes to Carol's gallery and purchases a beautiful triptych painting depicting Satoshi Nakamoto as Prometheus. Carol sells "The Great Fire" paintings for $250,000 in bitcoin, to Mallory. Instead of waiting for six or more confirmations on the transaction, Carol wraps and hands the paintings to Mallory after only one confirmation. Mallory works with an accomplice, Paul, who operates a large mining pool, and the accomplice launches a 51% attack as soon as Mallory's transaction is included in a block. Paul directs the mining pool to re-mine the same block height as the block containing Mallory's transaction, replacing Mallory's payment to Carol with a transaction that double-spends the same input as Mallory's payment. The double-spend transaction consumes the same UTXO and pays it back to Mallory's wallet, instead of paying it to Carol, essentially allowing Mallory to keep the bitcoin. Paul then directs the mining pool to mine an additional block, so as to make the chain containing the double-spend transaction longer than the original chain (causing a fork below the block containing Mallory's transaction). When the blockchain fork resolves in favor of the new (longer) chain, the double-spent transaction replaces the original payment to Carol. Carol is now missing the three paintings and also has no bitcoin payment. 

Throughout all this activity, Paul's mining pool participants might remain blissfully unaware of the double-spend attempt, because they mine with automated miners and cannot monitor every transaction or block. To protect against this kind of attack, a merchant selling large-value items must wait at least six confirmations before giving the product to the buyer. The more confirmations elapse, the harder it becomes to invalidate a transaction with a 51% attack, and estimate is at 144 blocks the probability is significantly reduced. For high-value items, payment by bitcoin will still be convenient and efficient even if the buyer has to wait 24 hours for delivery, which would ensure 144 confirmations. 

In addition to a double-spend attack, the other scenario for a consensus attack is to deny service to specific bitcoin participants (specific bitcoin addresses). An attacker with a majority of the mining power can simply ignore specific transactions. If they are included in a block mined by another miner, the attacker can deliberately fork and re-mine that block, again excluding the specific transactions. This type of attack can result in a sustained denial of service against a specific address or set of addresses for as long as the attacker controls the majority of the mining power. Despite its name, the 51% attack scenario doesn't actually require 51% of the hashing power. In fact, such an attack can be attempted with a smaller percentage of the hashing power. The 51% threshold is simply the level at which such an attack is almost guaranteed to succeed. A consensus attack is essentially a tug-of-war for the next block and the "stronger" group is more likely to win. With less hashing power, the probability of success is reduced, because other miners control the generation of some blocks with their "honest" mining power. One way to look at it is that the more hashing power an attacker has, the longer the fork he can deliberately create, the more blocks in the recent past he can 
invalidate, or the more blocks in the future he can control.

Security research groups have used statistical modelling to claim that various types of consensus attacks are possible with as little as 30% of the hashing power. The massive increase of total hashing power has arguably made bitcoin impervious to attacks by a single miner. There is no possible way for a solo miner to control more than a small percentage of the total mining power. However, the centralization of control caused by mining pools has introduced the risk of for-profit attacks by a mining pool operator. The pool operator in a managed pool controls the construction of candidate blocks and also controls which transactions are included. This gives the pool operator the power to exclude transactions or introduce double-spend transactions. If such abuse of power is done In a limited and subtle way, a pool operator could conceivably profit from a consensus attack without being noticed. Not all attackers will be motivated by profit, however. One potential attack scenario is where an attacker intends to disrupt the bitcoin network without the possibility of profiting from such disruption. A malicious attack aimed at crippling bitcoin would require enormous investment and covert planning, but could conceivably be launched by a well-funded attacker. Alternatively, a well-funded attacker could attack bitcoin's consensus by simultaneously amassing mining hardware, compromising pool operators and attacking other pools with denial-of-service. All of these scenarios are theoretically possible, but are alss increasingly impractical as the bitcoin network's overall hashing power continues to grow exponentially, as long as "goodwill" exists in the software developers and miners within the bitcoin network. 

The probability of a serious consensus attack, is not close to zero,a nd any successful attack, would erode confidence in bitcoin ( same as a brick and mortar bank, crashing today), possibly causing a significant price decline. However, the bitcoin network and software are constantly evolving, so consensus attacks could be met with a countermeasures by the bitcoin community..

Bitcoin is powered by "goodwill", if powered solely by MIPS it will collapse..

Lighter Side..
What 50% consensus, looks like in the real world..















Acknowledgement
http://chimera.labs.oreilly.com/books/1234000001802/ch08.htm
Mastering Bitcoin: Unlocking Digital Cryptocurrencies


Disclaimer The contents of this site should not be understood to be accounting, taxation or investment advice but rather as general product related educational information that may or may not meet your specific requirements.