The Double-Spend That Never Was

On Thursday, January 21, 2021, news outlets began circulating reports of a Bitcoin double spend flaw which led to an 11% drop in the price of the digital asset. This would have been a major exposure of a flaw in the blockchain … except it never was. In fact, what happened or reportedly occurred would be a part of how Bitcoin is supposed to work. It is hard to explain the full details unless you get technical, but let us try to explain it in simpler terms.

First, what is a “double spend“? This was the problem Bitcoin’s creator Satoshi Nakamoto was able to solve for digital currency. Prior to that, it was a problem in computerized electronic payment systems that other developers had proposed solutions for. Since computers are digital, when currency is created it can be easily copied just like a file made in Excel or Word. If you have a file that represents your money in a computer, without any means of control a user can create infinite copies and spend it all they want. It is possible to use the same digital money to purchase two different items, so long as there is no system checking for it.

Nakamoto solves the problem by implementing a blockchain to support provenance and verification. That means that the amount of currency like Bitcoin (BTC) that a user holds, is determined by a mechanism that is verified through a consensus or agreement. In this case it is called Proof-of-Work (PoW) on the Bitcoin blockchain. You have nodes (computers) called miners that run software which run algorithms to try and solve a complex puzzle to discover a block for validation. The block contains transactions that are verified based on cryptographic hashes that can be traced back to what is called a genesis block. If it can be verified, then it is added to the blockchain.

Before a block is added, there is a competition among the miners to try and discover a number called the nonce. This is what is needed in order to validate a block. The miner who discovers it first will become the block validator and will receive a reward in return for their effort. The miners also collect fees for helping to validate transactions on the network. No transaction is ever allowed to pass unless it goes through a consensus among the miners on the network. Double-spends are prevented by the miners through this verification and validation process which also includes confirmations.

Bitmex Research first reported the incident in a tweet of a potential double-spend that occurred in the wild. They were the ones who also pointed out that it was a double-spend, but here is the problem. It was unconfirmed and the researcher who discovered it should have probably waited for what is called a chain reorganization, which is a part of the blockchain’s protocol. It is true that a BTC could appear to be spent two times on different transactions. It must undergo a series of confirmations, usually 6 but it could be more (depends on network activity). This was mentioned by Satoshi Nakamoto in the Bitcoin White Paper.

It is possible for two blocks to be mined simultaneously on the blockchain. This creates a temporary anomaly that can be observed by anyone who has access to the mempool of a Bitcoin node. There is a built-in feature in the code that corrects this problem. It is part of a chain reorganization in which the nodes must add the valid block to the longest chain, or the main network. You can see two transactions that appear to have spent the same BTC, but after the chain reorganization and block confirmation it is resolved. Only one of those blocks that contain the transaction will be valid and added to the blockchain. The other block will be orphaned and not validated.

Many cryptocurrency and blockchain experts like Andreas Antonopoulos, Bitfinex CTO Paolo Ardoino, Coin Metrics Bitcoin Network Data Analyst Lucas Nuzzi and later, even Bitmex Research all agree that it was not a double-spend that occurred. There are counter points though, especially from among the Bitcoin SV (BSV) camp who do have some thoughts of their own. What we know for sure is that only one of the transactions has been verified and validated on a block. The user tried to use a feature called Replace-By-Fee (RBF) in which you can speed up a transaction by paying a higher transaction fee which invalidates a previous transaction that was sent out. What happened here was the lower fee somehow made it to valid block first, perhaps because of the timing. The user had waited too long and by the time the higher paying transaction fee was sent the previous one had already been added to a block on the longer chain which validates it first.

Should we be worried that an actual double-spend can occur? It is always good to be alert and aware of what is happening. While the code does what it is supposed to do, there will be bad actors who may try to exploit these types of attacks to see if they can get past the logic. What will be proof or testament to Bitcoin’s legitimacy as a cryptocurrency is how these measures will stand against the test of time. As long as it is working, it will help the network to remain secure and operational. Until the next news, HODL.

Bitcoin Wrapped In Ether – Yummy!

You can take two good things and combine them together to get the best of both. In LA’s streets you can get what some would consider one of the city’s iconic sandwiches. It is the hotdog wrapped in bacon. It brings you the meaty flavor of a hotdog with the greasy goodness of bacon. Now think about the top digital asset Bitcoin (BTC). What would you wrap it with if you were to compare it to a hotdog wrapped in bacon? How about Ether (ETH), the Ethereum blockchain’s token. BTC is your hotdog, while ETH is your bacon. It actually exists and it is called Wrapped Bitcoin (WBTC).

Wrapping one cryptocurrency with another uses the hotdog wrapped in bacon example as a simpler way to illustrate an analogy. Wrapping in this sense means to create a protocol to represent one cryptocurrency on another cryptocurrency’s blockchain. BTC can be represented on the Ethereum blockchain by issuing an ERC-20 token called WBTC. This allows BTC integration with smart contracts that can be traded on the Ethereum network using the ERC-20 standard.

In Wrapped Bitcoin, BTC is locked into a smart contract and issued as WBTC. This allows BTC holders to access DeFi systems on the Ethereum blockchain. It is as good in value as BTC which is verified by a Proof-of-Reserve system. This ensures a 1:1 peg between the issued or minted WBTC tokens and BTC. The actual BTC is still on the Bitcoin blockchain since you cannot store it on the Ethereum blockchain. The BTC is taken under the custody of the WBTC token issuer, so it is not directly with the WBTC token holder. It is maintained by a group called the WBTC DAO, who are the custodians of the BTC. The group’s members include blockchain-based organizations like BitGo, Ren and Kyber.

What is the purpose of WBTC?

As mentioned earlier, it is primarily for giving BTC holders a way to gain access to the DeFi markets. A large portion of the DeFi space uses the Ethereum blockchain and BTC is not directly compatible with it. It is a bridge that allows BTC holders to use DeFi protocols to provide liquidity or participate in other services that yield returns. WBTC is a way to bring the value from BTC into the DeFi space without having to convert BTC to ETH. BTC (as of 2020) has the largest cryptocurrency market cap and this is crucial in helping bring liquidity to the DeFi space as well as expanding on the collateral types available.

This is a great way for BTC holders to take part in the DeFi markets. Many BTC holders have plenty of value stored, but are not able to use it if they are HODLing. DeFi provides ways for cryptocurrency to earn even while HODLing, using decentralized protocols like Uniswap, Curve and Yearn. Most DeFi protocols will only support ERC-20 or ETH since they execute from smart contracts on the Ethereum blockchain. WBTC is a protocol that allows BTC to be wrapped in an Ethereum ERC-20 token. Holders would not need to convert their BTC to ETH during this process.

Minting WBTC

To enter the DeFi space, Bitcoin holders would have to deposit their BTC into a smart contract of a WBTC issuer (e.g. BitGo, Coinsquare, etc.). This can be a digital exchange or DEX (Decentralized Exchange) that accepts BTC. Once the BTC has been deposited, WBTC tokens are minted that have a 1:1 value to the BTC that was deposited. Once the holder receives their WBTC, they can now use it for loan collateral, providing liquidity and swapping for other tokens. Digital exchanges will most likely require a KYC (Know Your Customer) in compliance with the law before the WBTC can be issued. On a DEX or over-the-counter it is not required (check with the exchange requirements always). The WBTC can be cashed out to either BTC or ETH.

Another way to get WBTC is through a DEX like Uniswap. Instead of depositing BTC into a smart contract, anyone who holds ETH can purchase WBTC. It requires connecting a digital wallet like Metamask to perform the transaction with ETH. The WBTC is already available in the market and it does not require BTC for purchase in this case. Since WBTC is an ERC-20 token, it can be purchased with ETH very easily.

Other Uses For WBTC

WBTC can be put to use in DeFi yield farming protocols. This allows WBTC holders to put their digital asset for lending and trading purposes. In return, the WBTC holders earn yields as a their return on investment. These yields are fees collected from the transactions. Rewards can be issued in the form of governance tokens, which allow the holders to participate in digital governance through voting. This provides holders a way of participating in decisions that govern these protocols.

Yield farming requires the holders to deposit their WBTC. In return, they are issued another token. Examples of these tokens include SNX (Synthetix token), REN (Ren Project token) and BAL (Balancer token). The tokens are specific to which protocol is used by the yield provider. To learn more about yield farming, there is an article on Coindesk that explains it a little bit further. (Link here)

The Best Of Both

Wrapped Bitcoin brings the best of two blockchains. It is a way to interoperate between two digital assets at the protocol layer. The value of Bitcoin and the decentralized applications on Ethereum. BTC is the digital asset while ETH is the protocol that utilizes it for liquidity, trades and financing. The Ethereum blockchain is serving as a transaction layer that can bring more capital into diverse markets. Bitcoin can provide the capital, as institutional investment grows in the digital asset. WBTC provides a way for investors to bring capital for yielding returns using the Ethereum blockchain.

Disclaimer: This is not financial advice, just reference. Do your own research always to verify information.

Coinbase Goes Down When Bitcoin Goes Up

It seems there is a correlation to Coinbase having network issues every time there is a Bitcoin bull run. It just appears to be a certainty at this point:

“When Bitcoin goes up, Coinbase goes down”

During the Bitcoin rally in 2017, when Bitcoin price value approached an ATH of $20K, Coinbase also experienced connectivity issues and trading was halted. This was the time Bitcoin suddenly surged and then came crashing down as soon as traders hit the exchange. It seems that the Coinbase system was not designed to accommodate or scale to handle millions of new users. That should have been a lesson to resolve the problem over the years.

It has not been solved. The most recent bouts of network outages and downtime have been occurring on and off. Between March and November of 2020, Coinbase has had a series of problems with their network. It may have affected the trading of Bitcoin in some way or another. No one is reporting the exact reason for these problems, but there have been reports of outages from Coinbase’s cloud provider AWS.

During a brief Bitcoin surge in November 2020, and also during an XRP rally, Coinbase suddenly goes down. It is frustrating traders who could have sold or bought more assets, but instead the system crashes. If it were a universal problem, it would also happen at the same time to other exchanges like Binance and Kraken. They all have to deal with issues on the network, but never at the level of Coinbase.

Coinbase CEO, Brian Armstrong, tweeted (in response to the problems):

“We’re working hard to add additional capacity (both in servers and customer support) to deal with increased traffic. Thank you for your patience during this time. And thank you to the team at Coinbase working hard to serve our customers! Bull runs can be exciting and stressful.”

— Brian Armstrong (@brian_armstrong) November 18, 2020

From an IT and network engineering perspective, the problem has to do with scalability and contingency. While AWS has autoscaling capabilities, if the whole infrastructure is affected, it will have an effect on Coinbase. There are other cloud IaaS (Infrastructure-as-a-Service) providers like Microsoft Azure and Google Cloud, which allows operations to continue in the event that one provider is down. For contingency, a more distributed and decentralized system would have kept the system operational to handle enormous workloads. Perhaps Coinbase had planned for capacity, but not agility.

A more distributed system can prevent downtime, but doesn’t totally eliminate it. If a server malfunctions it will go down and there is nothing that can be done to prevent it. However, the contingency in place is to plan for fault-tolerance and redundancy. Other IT professionals have aired the same opinion, like Hashoshi on his “404 Logic Not Found” section.

Coinbase has been a pioneer in the cryptocurrency space. It would be sad to see their trading business affected by downtime and outages. They have enabled millions to get into cryptocurrency as an onboard to more decentralized financial instruments. There are more options available for traders to buy/sell crypto, including the Robinhood app and even PayPal. They still need exchanges like Coinbase to convert cryptocurrency. Hopefully they can work things out, or else traders will flock to other digital exchanges or DEXes for their business.

The UTXO Model Explained In Cryptoeconomic Terms

Bitcoin uses the UTXO (Unspent Transaction Output) accounting model for processing transactions. In Bitcoin, a user’s balance is indicated by the unspent amount of BTC that is recorded on the blockchain. A user’s input to a transaction is the output from the last transaction. If the user has no previous transaction, then the input is the output from another user’s transaction. These are processed continuously and written to the blocks which are added to the main chain for immutability. Every transaction on the Bitcoin blockchain has an input and output to prove the transfer and ownership of a digital asset.

There is a misconception that digital wallets store the digital assets. That is actually not the case since the digital assets are always stored on the blockchain. They are just values that indicate the balance or quantity and the ownership by a private key. The digital wallet is really an application that provides users access to their digital assets on the blockchain via a private key. The wallet also contains the public address, which is used to identify the user to the blockchain. Once the wallet is opened, the users can see their digital assets from the blockchain. In Bitcoin, the BTC is always stored on the blockchain. The information is accessed by the user from their wallet with authorization from their private key. Without the private key, a user will not be able to access the information. The private key also creates a digital signature which authorizes a user to send their BTC to another user as a way to transfer the ownership of the digital asset.

When the digital asset is transferred, it is recorded as an output O from the sender. It is then the new input I to the user it was transferred to. It has to always be an input/output relationship for provability. The transactions can be referenced by cryptographic hashes that is called the TxHash (Transaction Hash). Users can view this information on a blockchain explorer like The best way to understand this is that inputs reference outputs when making transactions on the Bitcoin blockchain.

Key concepts to understand:

  • Each input to a new transaction was the output from a previous transaction, which can be referenced by a TxHash.
  • Each output was the result of a transaction from a spent amount.
  • The input from an output is considered an unspent amount.
  • All unspent amounts are considered the balance of the digital asset the user owns.
  • The spent amounts become the unspent amounts of other users who received the digital asset.
  • Only unspent outputs can be used as inputs to a transaction in a Bitcoin network.
  • The sum of all unspent outputs is the total balance available to the user.

Let’s take an example.

Bob wants to pay Alice 5 BTC. Bob has a balance of 100 BTC, while Alice has 30 BTC. According to the protocol, the sender is Bob and the recipient is Alice. Both users have a Bitcoin public address, which is a hexadecimal string. The public address is like the e-mail address, it allows users to identify other users for sending digital assets. Bob will send the 5 BTC to Alice via her public address.

Here is how the process works:

  1. Bob unlocks his unspent outputs using his digital wallet to send 5 BTC to Alice.
  2. Bob’s UTXO of 100 BTC is his input to the transaction. Once Bob indicates from his wallet that he only wants to send 5 BTC to Alice, the 5 BTC is deducted from the 100 BTC. (100 – 5)
  3. The 5 BTC are sent to Alice’s address and the remainder of 95 BTC are sent back to Bob.
  4. Alice’s balance is increased by 5 BTC (30 + 5) for a total of 35 BTC.

This is a simplified overview of how the process works. In reality, the transaction must undergo confirmations in order to be validated to the blockchain. This is another mechanism that uses the PoW (Proof-of-Work) consensus algorithm.

Bob’s output (95 BTC) from the transaction will become his input to his next transaction. Multiple transactions can occur on the network at the same time. Suppose that Carol wanted to pay Bob 20 BTC at around the same time that Bob was sending 5 BTC to Alice. This is possible since transactions can run in parallel, though they are still processed in sequence. While Bob’s transaction with Alice has a UTXO of 95 BTC, Bob’s transaction with Carol is a UTXO of 20 BTC.

Bob’s total balance is the sum of all his UTXO,

∑ ( utxo1 + utxo2 + … + utxon ) = utxo’

where n is the last term of the UTXO. In our example Bob’s total balance would be:

Total Balance = 95 BTC + 20 BTC = 115 BTC

Using blockchain analytics, all of Bob’s transactions can be viewed based on the TXHash. This contains information like the block number, number of confirmations and total fees.

On another note, the sum of the UTXO between Bob and Alice must not change. Before the transaction Bob had 100 BTC and Alice had 30 BTC.

100 BTC + 30 BTC = 130 BTC

At the end of their transaction, not including other UTXO, the sum must still be 130 BTC.

95 BTC + 35 BTC = 130 BTC

If the amount remained the same for Bob after he sent 5 BTC to Alice, then this is an example of a “double spend”.

100 BTC + 35 BTC = 135 BTC

The amount of 135 BTC is not correct since 5 BTC was spent from Bob’s UTXO. It should remain balanced at 130 BTC.

UTXO allows the Bitcoin blockchain to keep track of a user’s balance. Every BTC spent becomes a UTXO for another user. It also helps to prevent “double-spending” of a digital asset through a system of confirmations to verify the UTXO exists. The confirmations are possible because the UTXO is read by nodes on the Bitcoin network for validation. When there is a consensus among the nodes on the network that the UTXO is valid and has not been spent on another transaction, it is recorded on the blockchain. Once it is recorded, the data cannot be modified, changed or deleted unless there is a majority consensus to do so. This means no single entity can reverse or commit a double spend of the same transaction (Note: The exception is if they have the majority control (e.g. hash power), which requires at least 51% of the network). The transfer of ownership of BTC is thus concluded in the transaction.

The Lightning Network – A Micropayments Layer For Bitcoin Transactions

Scalability is one of the main criticisms against Bitcoin (BTC), since the network is not capable of more than 7 TPS (Transactions Per Second). This is due to the “Scalability Trilemma” of blockchains, in which there is a tradeoff of scalability with security and decentralization. You cannot have all three things at once so it requires a balance of resources. If you value more decentralization, you will get more security as well but that will be at the expense of scalability. The blockchain cannot scale if there are too many nodes on the network. When compared to the VISA and Mastercard network, Bitcoin is not on the same level when processing transactions. The VISA network can process over 1,700 TPS or close to 150 million transations per day. In reality though, it doesn’t always reach these values but it gives some idea of the scale VISA is capable of.

While the developer community looks to the fundamentals of Bitcoin as its strength, others view ways to preserve the core architecture while introducing new features to enhance it. One way to improve scaling is through a Layer 2 solution called the Lightning Network (LN). This protocol moves the computational process from the blockchain main network to an off-chain layer. This puts less work on the nodes while using an off-chain layer as the solution to process direct peer-to-peer transactions using payment channels. The blockchain will then be used for settling the transaction and recording it. These can also be implemented as sidechains, which still have a Merkle Root for provability that they are a part of the blockchain. In theory the LN can process up to 1 million TPS and support other cryptocurrency (e.g. Litecoin).

One of the main talking points of the Lighting Network is reducing transaction fees. This means instant payments that only require a fraction as fees. The idea is to enable micropayments using BTC and make it much easier to pay for items like a cup of coffee. Prior to that, paying for coffee with BTC was impossible. Merchants do not accept BTC and the transaction fees were quite expensive. It made more sense to use BTC to move millions of dollars of currency than to transact $5.00 for a cup of coffee. Developers also promote the idea of using the Lightning Network for Atomic Swaps, which allow large amounts of BTC to be exchanged for other currency or cryptocurrency.

The LN has been in development since 2016. One of the requirements needed to support it was the activation of SegWit BIP 141 UASF. SegWit was activated on August 24, 2017 after the Bitcoin community agreed on BIP 91 (signals the support to activate BIP 141). While it has been steadily improving for production use, it is not without critics. The Bitcoin Cash community hard forked from Bitcoin because one of the reasons was that they did not support SegWit and the LN. The Bitcoin Cash supporters believe in larger block sizes and on-chain solutions as opposed to maintaining existing block size and off-chain solutions. Other critics have expressed concerns that the LN could become centralized with payment channels. Several channels could form one large channel and monopolize the network, in theory. Other views state that the channels could become like intermediaries, with the power to deny transactions and thus defeats the purpose of a decentralized system.

There are 3 possible problems with the LN (from Investopedia):

  1. Transaction Fees
  2. Nodes are susceptible to hacking
  3. Does not solve network effect in Bitcoin

Users will choose whichever has smaller transaction fees. If the main network has lower fees, then there is no need for a Layer 2 solution. However, if the main network is slower then it makes an off-chain solution ideal. A faster LN can process transactions faster and more efficiently than the main network. Fees should eventually lower when there are more users.

Since LN nodes have to be online at all times, if a hacker knows the LN node’s IP address and network, they can attempt to attack it. They can attack the node to disrupt its service or even to try to steal BTC. When a node goes off-line, by accident or intentionally, it can also affect transactions. A Fraudulent Channel Close can occur if a channel closes before the transaction completes and pocket the BTC. Network outages can also bring the LN system down if the payment channels are too centralized.

While the LN is aimed to increase adoption of BTC as a form of payment (i.e. medium of exchange), it may not be able to keep up with the network effect. Bitcoin Cash claims to have solved the problem with micropayments since it has a faster network than Bitcoin. In order for LN to be more successful it must be used for making BTC payments. It appears though that more people are willing to hold on to BTC as a store of value rather than for making payments.

Whether LN will become an integral part of Bitcoin, is still up for debate. It presents an excellent idea but it may already be outdated. More Bitcoin maximalists are really just looking at BTC as a digital asset counterpart to gold, so it is a new store of value. As BTC becomes more valuable, people will not likely spend it for micropayment transactions. This is where the altcoins fit the bill for that purpose. Instead BTC will be like digital gold, stored safely by HODlers in their hardware wallets. This creates a dilemma for the LN, but it can still work out for the best. BTC can be divided into smaller denominations or units called Satoshis. The LN can prove its value by providing a safe and easy way to make micropayments using Satoshis. Proving its value will make it a better proposition for developers to incorporate the LN in their applications, and that could onboard users for greater adoption.

Avoid Crypto Scams – Not A “How-To”, But Friendly Advice

A coordinated attack against social media platform Twitter (around July 15-16, 2020) led to a hack that targeted popular accounts. These were not just any accounts, but influential public figures. Included in that list were former US president Barack Obama, Microsoft’s Bill Gates and founder of Tesla and SpaceX Elon Musk. What makes this all the more interesting is that hackers used these accounts to solicit cryptocurrency, specifically Bitcoin (BTC). In the scheme, the hackers used the account to mention some feel good words about giving back to the community during the Covid-19 crisis and then requested people to send them BTC with a message of doubling whatever is sent to a given BTC address in the tweet.

These are your typical scams which many in the cryptoverse probably caught. Unfortunately not everybody did. The hackers made off with at least 12 BTC worth $100K+ in the initial stages after the attack was discovered. This sort of attack appears to have affected Twitter’s internal system, since only admin accounts have privileges to modify user accounts. Speculation is that a phishing attack or directed social engineering technique was used to gain access to Twitter’s backend system. This is definitely a cause for concern to everyone who has an account on Twitter because a repeat of this attack could compromise them. Once the hackers gained access to the backend, they targeted the accounts and began tweeting.

People who are caught up in the hype of cryptocurrency like Bitcoin will easily fall prey to scams like this. Noobs (newbies) who recently got in may not have enough education … meaning they don’t know any better what not to do. If someone, anyone, asks you to give them Bitcoin in order to double your holdings don’t be too quick to trust them. It really doesn’t make sense if you think about. Supposed you give 100 BTC, are you really expecting to get 200 BTC? This is a naive gambling mentality that can affect anyone’s logic if they are not aware of these schemes. Never give other people Bitcoin expecting more in return.

It is not even like investing because the public figures account tweets to just give them BTC and you get more in return. The problem with that should be obvious to the common person, but why would other people go along with it? This is why social media has such tremendous power when it comes to influence. The few people who gave their BTC away probably understood what they were doing, which is scary. They did it because they are firm believers of that person. Whether it was through charisma or just blind following, people probably acted subconsciously and just obeyed the tweet like it was an order. Greed is perhaps another motivator since it psychologically makes a person think about how easy it would be to get more crypto. It makes me wonder if the hackers had been more nefarious with the tweet, just think of how many people they could have put in danger or in harm’s path. It was good that it did not end up that way.

Bitcoin addresses are pseudonymous and cannot be directly linked to a person’s identity. That is the blockchain by design, so there would be no way to verify the Bitcoin address really belongs to the public figure. That is probably the biggest reason why not to fall for these scams. We don’t have any way of knowing if the address legitimately belongs to President Obama or Elon Musk. A Bitcoin address is just a hexadecimal string but it doesn’t link to the actual person like the way you can look up a person’s identity by their driver’s license number or social security number. That should have been the red flag that prevents people from giving their BTC.

The Bitcoin address the scammers used which begins with “bc1qxyp….” (I do not reveal the full address here, just a snippet) can be tracked on a blockchain explorer. It doesn’t specifically say the name of the owner of that account. What you can see though are the transactions in the account history, and it indicates the 12 BTC collected.

Note: The full Bitcoin address of the scammer/hacker is not revealed here.

In crypto the only way to really trace the identity of the account holder is if they cash out using a digital exchange. Users who use digital exchanges to convert crypto to fiat, require a KYC documents in order to comply with financial regulations (e.g. AML, Anti-terrorist funding, etc.). This is not revealed to the public, but if there were an investigation the digital exchange can release the personal information if they were required. Accounts created on digital exchanges are also linked to bank accounts which can be traced to a person’s identity. On the blockchain, the real way to prove identity would be with a digital signature using the private key from the user’s digital wallet. This is one way a person who claims to own a Bitcoin address can prove they are the true owner.

The lesson here is that scams are everywhere in our society. It even affects crypto. In fact there have already been 2 popular scams uncovered in the past – Bitconnect and OneCoin. They have not proven any legitimacy and quickly collapsed with their leadership no where to be found. These cryptocurrency promised people ridiculous returns, but many got into it anyway with the help of social influencers. Some of these influencers were just too convincing that it leads to a bandwagon or network effect of more people putting money in a system that is like a house of wax built on top of the sun. By the time it collapsed (no more money to give people) it was too late for many and they lost the money they put into the coin, perhaps never to be recovered.

To avoid scams ask yourself if the message you are getting is too good to be true. If it is do more research to verify it. Don’t just give your BTC to anyone and expect more in return. Those things just don’t really happen in the real world. If it does, then there is probably something you have to give back in return but it may not always have a good ending. It is like the car dealer telling you to give them your old car and you get a new car back. You do get your new car but then you end up with a mountain of costs you had not been expecting. It is always the unexpected things beyond our control. This is true with crypto as well, so be very careful next time you hear or see someone say “Hey, give me some BTC today and I’ll double it up for a good cause!”.

Note: This is not financial advice. Please do your own research to verify information.

Lost Bitcoins Were Not Meant To Be Easily Recovered

There have been stories of people losing their digital asset, Bitcoin (BTC), for careless reasons. There is the story of a Welsh man who “accidentally” (we don’t know for sure) threw a hard drive away that contains approximately $80-$100M+ worth of BTC. The price actually will be worth plenty more or even less based on market value. The most common incident involves holders of BTC losing their private key to their digital wallet. Now think of it like losing your apartment key. It is different though because if you don’t have a duplicate you can always go to the apartment manager for a master key to open the door. In Bitcoin, unfortunately, there is no master key that unlocks all digital wallets. Other instances of unrecoverable BTC happens when the holder of a digital wallet dies and no one else has access to it. Unless there is a next of kin to claim the inheritance, it is as good as gone unless the private key can be provided to recover the coins.

You can still recover your BTC even if the private key is lost, provided you took the required measures. You must have the seed phrase generated during wallet creation. The problem is if you don’t have both then your BTC will not be recoverable based on the blockchain’s inherent design. That is because all private keys and wallets are unique, and since the blockchain is decentralized there is no master key or main administrator to support users. Incidents that involve hacking would not be considered lost BTC because the hackers will most likely send the stolen coins to another wallet and then try to lose anyone tracking the BTC by using various digital exchanges. In other words, that BTC would be considered stolen rather than lost, and it could end up back in circulation if it were sold to an exchange. This is why it is important to make backups of both the private key and seed phrase, but store it in a secure location and not just some random cloud drive. Consider using hardware wallets, removable hard drives, thumb drives and other storage devices that can be locked up in a vault (you get the idea).

Is it easy to lose your private key? The answer is yes, when considering the circumstances. If you store your private key on your local hard drive without a backup copy, if that hard drive should fail then it could mean game over. Your savior would be the seed phrase of the digital wallet or what is called the recovery phrase. This is provided to the user during the creation of the digital wallet, when the private key was generated. This contains 12 words in Bitcoin (also called the mnemonic) that must be provided when recovering the private key. Another way a user loses a private key is if it was stored online and never exported to an offline location. If the online service were to fail with no backup system, the private key will be gone as well.

Whatever the story is, lost BTC lead to less of the supply of the cryptocurrency. According to Chainalysis, an estimated $35,000,000,000 (price is volatile so this is not a fixed value) in Bitcoin (BTC) is likely to never be recovered. This was based on their report that 20% of Bitcoin’s total supply of 21M BTC has not moved for five years or longer. According to the report, that would be 3.72M BTC based on a market valuation of $9,408.60 (as of the market value when report was published). It is also assumed that 4M BTC in total, including the BTC in the report, may never ever be recovered unless there is protocol which will allow the lost coins to be released back into circulation. That is not likely unless the Bitcoin community in general come to a majority consensus. The Bitcoin blockchain does not support releasing lost BTC as of Bitcoin Core 0.20.0 (Released in 6/3/2020). When we deduct the 4M BTC, that means there will be only 17M BTC.

Holding a digital asset like BTC requires plenty of responsibility in return for financial independence. The question then is why would anyone even want to own Bitcoin if it cannot be easily recovered, has no customer support like a bank and no master key to unlock it if the private key is lost? That should make it all the more obvious why it is important to own Bitcoin. Only you can have control of your BTC. The government cannot freeze it and prevent you from storing value on the blockchain. You have freedom from bank policies which regulate finances (e.g. withdrawals, remittances, loans, etc.). The only thing a person must do to have this benefit is to secure their private key and seed phrase. Humans are not perfect and very prone to mistakes, so is it even possible to have a system like this?

We have to go back to the fundamentals of Bitcoin and why it was designed that way. Remember, its founder Satoshi Nakamoto developed a system of direct peer-to-peer payments without relying on a trusted third party. It is also decentralized so that it cannot be manipulated and controlled by a single entity. The way to do this is give full control of money to the users and establish a platform that is permissionless and trustless for exchanging value. The blockchain provides a cryptographically secure platform of trust among strangers who want to transact because it doesn’t require them to know each other or trust an arbiter to exchange value. Instead they use a private key to authorize transactions under their digital signature and verify that they are indeed the holder of the BTC. The reason lost BTC cannot be recovered is because it will require the unique private key that belongs to its owner. If that was lost, the BTC can still be recovered using the seed phrase. Until there is a chance at recovering BTC, users must be responsible for their digital assets. All it requires is keeping a digital wallet with a private key, in a safe and secure manner.

The Halving Has Arrived

The third Bitcoin Halving has finally occurred on May 11, 2020 at block height 630,000 at 19:23 UTC without any glitches.

This was reported by Coindesk:

“In an homage to Satoshi Nakamoto’s iconic “brink of a second bailout” message in the 2009 genesis block, f2pool, which mined the 629,999th block (the last before the halving), embedded a reference to the current financial crisis: “NYTimes 09/Apr/2020 With $2.3T Injection, Fed’s Plan Far Exceeds 2008 Rescue.”

The reward for miners is now at 6.25 BTC per validated block. This means that although the block subsidy incentive has been reduced, the price remains volatile. Either a miner can earn more due to the appreciation in price value or profit less due to operating inefficiencies (e.g. old ASIC miners, higher costs of electricity, etc.). Miners who stand more to lose than gain should reconsider their configuration to adjust to the difficulty target and network’s hash rate.

Within the next two weeks after the halving occurred, difficulty should adjust (every 2,016 blocks). Miners should keep an eye out for the hash rate as well to see whether it has fallen (takes more time to produce blocks) or increased (more competition). Factor in the market price, and it gives an indication of whether the rewards are better or much worse.

While the Feds have quantitative easing, Bitcoin has quantitative hardening, a principle that has yet to be fully explained. The understanding is that Bitcoin is sound money because it uses an anti-inflationary model that limits the total supply (21 Million Coins). The code does not mint new coins at all and no one can mint more coins on the Bitcoin network. It is fixed at the supply set in code, and it is never created out of thin air.

While that sounds good in theory, in reality it has not been a perfectly deflationary model. While the supply is not reduced over time (it is fixed), there are new BTC still put into the circulating supply. It is when the amount of new BTC in circulation hits zero that it becomes deflationary. At that point, there will be no more rewards to miners but they can still collect transaction fees for their participation.

Right now the current economic landscape will have more influence on the price of BTC post-halving. What investors would like to see are the Fed’s injections into the economy trickling into BTC through stimulus. There are different ways that can happen and have been made available through the largest digital exchanges like Binance and Coinbase. For now, Bitcoin has proven itself once again as a stable and mature blockchain built on sound principles.

Note: While no bugs have been reported at the moment, it seems the halving occurred successfully.

Bitcoin Pizza Day – May 22

May 22, 2010 was the day software developer Laszlo Hanyecz agreed to pay 10,000 Bitcoins for two delivered Papa John’s pizzas.

Call that a waste of money, now that BTC is worth over $8,000?

Not really. Instead buy this man a drink for being the first person to use BTC as a payment. Even though it was pizza worth around $41.00 at that time, it is considered the first truly successful use of BTC. It is a medium of exchange and electronic payment system after all. This proved the use case for it. Now today it is much different of course, because BTC has become many times more valuable with a larger market cap.

Laszlo was no idiot who wasted away his BTC. He is actually one of the original volunteer developers who helped in the early days of Bitcoin. He got rewarded with BTC, and he probably should still have some around. 10,000 BTC today will probably set you for life. In the significance of the moment, what Laszlo did was actually quite bold. He used BTC in a real world situation, even if it was just to buy pizza.

Since then, BTC has had a bad rap from mainstream finance people e.g. Jamie Dimon, Warren Buffet. They associate it as “rat poison” with no instrinsic value used by criminals for illegal transactions i.e. The Silkroad. Then again this argument falls apart when you point out that cash is the most used currency for illegal transactions, which cannot be easily traced while BTC can be traced on the blockchain (transparency). The drug deal on the corner is most likely done with the use of cash rather than BTC. Perhaps Jamie Dimon has come around because he sees the potential for the blockchain rather than Bitcoin itself. Mr. Buffet though, has not, but we are talking about a successful investor in the tradtional finance economy. Today it is a different story with how our economy is transforming digitally.

Today BTC is used more as a store of value, like gold. It can also be used to transfer value across borders, pay for retail items e.g. Overstock accepts BTC and lock into a deposit as a digital asset for loans or future payments. There are new non-mainstream financial instruments that allow holders to use their BTC to make investments into funding projects, donations and even pension funds. More new services will surely come as financial giants enter the cryptocurrency space.

Pizza is great comfort food. When you know you can buy it with cryptocurrency, it just gives a better feeling of what is to come as it evolves. For now if you have 10,000 BTC, HODL it. With that much BTC, you can buy pizza anytime for the rest of your life.

Note: This opinion piece are thoughts about Bitcoin and is not meant to be financial advice. Do your own research always.

The Bitcoin Binance Hack And The Lessons Learned

At the time of this writing it is the start of blockchain week In New York City. One of the hot topics that will be discussed has to do with the most recent Binance hack that led to $40.7 Million of stolen Bitcoin (worth 7,000 BTC at the time of the incident). This is actually not the first time Binance has been hacked, they have a track record. Despite their concern for cybersecurity, it seems their system is not really that secure. This is not to say that Binance does not take cybersecurity seriously, because they do. They implement a 2FA type of authentication which requires using either an authenticator that generates a random code or the code is sent via an SMS text message to a smartphone. It is pretty secure after the fact, yet it was foiled time and time again. At this point the best that Binance can do is to track the stolen BTC and get the cooperation of other digital exchanges to freeze the funds. We actually know which address moved the coins (The transaction was traced from this link).

Fortunately, Binance has what it calls a SAFU (Secure Asset Fund for Users) which is a way of providing an insurance to users on the exchange in case of emergency. Changpeng Zhao or CZ, Binance CEO, has guaranteed that those who lost Bitcoin from the hack will be compensated for their losses. That is good to know, but will this be the end of these type of hacks? It has already happened before, so there is likelihood that it can happen again. That is unless Binance will add new security measures that tighten their systems even more. Then that gives hackers a new problem to deal with.

Now here is what is concerning. In an official statement made by Binance regarding the hack:

“The transaction is structured in a way that passed our existing security checks. It was unfortunate that we were not able to block this withdrawal before it was executed. Once executed, the withdrawal triggered various alarms in our system. We stopped all withdrawals immediately after that.

The fact that it “passed our existing security checks” is a cause for concern that is what they are working to improve. According to this Coindesk article, Binance is going to do a revamp of their security system. They will certainly look into improving their API for 2FA as well as their withdrawal validation process. If a hacker can easily hack a user’s API key or 2FA credentials, you don’t really have a secure system. It was probably not an easy feat for the hackers, so now Binance should make it even more difficult to decrease the likelihood of any successful breach.

Phishing attacks are one of the exploits hackers use to get information from users. Once they trick a user to giving them that information, the hackers then use it to access the exchange. That is really all you need to do to get past Binance’s security check. Binance implements withdrawal limits for unverified users but for those who are verified, the hacker can wipe out their entire balance on the exchange.

Other ways a Binance user account was compromised can be from spyware, keyloggers or remote viewing software like VNC. Having an antivirus and cyberbsecurity software installed on a computer can help detect these malware. Another way to foil these attacks is to not keep funds stored on an exchange. Using a cold storage (not connected to the Internet) on a hardware wallet provides more security. In fact, some smartphones like the HTC Exodus and Samsung Galaxy S10 provide hardware wallet support for cryptocurrency now. For the strictest security, keep your digital assets safe in cold storage and not on hot wallets or custodial services like digital exchanges.

According to CZ:

“We are working with a dozen or so industry-leading security expert teams to help improve our security as well as track down the hackers.”

That’s right. Binance is definitely going to need more help in cybersecurity to fix this problem. Remember, it is not the blockchain that got hacked, it is Binance’s system. Binance also announced support for hardware devices with 2FA, a more secure way to connect to Binance. A system like that would require hackers to have possession of the actual hardware device. Think of this as a sort of physical key, that only gives access to the user who owns it.

The risk of a more digital world is computer hacking. Binance has been successfully hacked in the past. A user lost 2 BTC when a hacker used the credentials from their hacked e-mail address. Another hack occurred in July 2018, which was a “potential” hack that led to the theft of $45 Million of Syscoin and dumping of BTC. It was not Binance’s direct fault, but more on the Syscoin wallet. Regardless, it was a system anomaly that Binance admins detected. Binance immediately shutdown and then reset their API keys. That’s exactly what they did with the most recent hack. It seems that the answer to the problem is just shutting down and resetting everything. However, that does not solve the problem apparently.

Due to this large loss of BTC, someone from the BTC development community reached out to CZ. A suggestion was made to reorg the BTC blockchain and give back the stolen funds to their respective owners. Now the reaction to this was not good at all and thankfully, CZ decided not to do this. That would require Binance to use a “51% attack” to gain majority hashing power on the Bitcoin network to overturn transactions. The problem with this is an ethics issue because it would require Binance to get a consensus among miners and nodes on the network to support this plan. It goes against the main ideology of the blockchain, which is about decentralization and immutability. When you get a collusion of miners to provide Binance with majority hashing power, it centralizes the network to benefit one organization. This may also lead to inconsistencies on the blockchain if several bad actors try to mine on their own chain to gain control of the network. The idea that a consortium of miners with hashing power can overturn a trnsaction goes against immutability on the blockchain. It would be a terrible idea to do this.

The result of a reorg may lead to more factions in the Bitcoin community. There might even be a fork and this is not going to be good for the price of BTC as a store of value. It may even ruin the market leading to turmoil and massive sell offs as users collect their money. There needs to be a clear direction for BTC and a reorg is probably not in everyone’s best interest since it really only benefits Binance and the hacked accounts. This is not a consensus of the network’s interests.

The good thing is that the hack did not affect BTC prices. FUD didn’t lead to any massive dump or sell off, proving that there is confidence in the market. Taking care of the real problem, which is cybersecurity, is what needs to addressed. Binance vows to increase their security which is the most important feature right now for any digital exchange. Users need their funds to be safe from hackers, so this is going to be the responsibility of digital exchanges.