Recent Posts

Another Crypto Exchange Is Rolling Out a Token-based ETF

OKEx – the crypto-to-crypto trading platform launched by OKCoin, previously one of the three top exchanges in China – has rolled out a cryptocurrency exchange-traded fund. The new offering, though branded as OK06 Exchange-Traded Tracker (OK06ETT) according to an announcement on Tuesday, effectively represents a basket of crypto assets, the …

Read More »

Former SEC Chair to Represent Ripple in XRP Lawsuit

Court records show that distributed ledger startup Ripple is being represented by two former Securities and Exchange Commission (SEC) officials – including its onetime chairwoman, Mary Jo White – in an ongoing civil matter. Twin filings reveal that White, along with Andrew Ceresney, are representing Ripple in a lawsuit first …

Read More »

Russian Court Overturns Cryptocurrency Media Ban

A city court in St. Petersburg, Russia, has overturned a decision made by a district court in 2016 that effectively blocked cryptocurrency media site bitcoininfo.ru for the country’s inhabitants. The decision came about after the court received an order from Russia’s Supreme Court in April to review the case, as …

Read More »

Telecoms Giant Wants to Move Mobile Data Top-Ups to a Blockchain

China Mobile Corporation, one of the three state-owned telecommunications giants in the country, is exploring the use of distributed ledger technology within its core mobile data business. According to patent application filed with China’s State Intellectual Property Office (SIPO) in November 2016 and made public on Tuesday, the company is …

Read More »

HSBC Exec Warns ‘Digital Islands’ Could Inhibit Blockchain Trade

When HSBC’s Vinay Mendonca thinks about how distributed ledger technology (DLT) will reshape global trade, he sees two scenarios – one inspiring, the other dispiriting. In the best case, blockchains and other digital platforms should do for the global value chain what shipping containers did for the physical transportation of …

Read More »

U.S. Telecom Agency Wants Blockchain Policy Suggestions

The National Telecommunications and Information Administration (NTIA), a wing of the U.S. Department of Commerce, wants to help American entrepreneurs use blockchain technologies. The agency announced a notice of inquiry on Tuesday, asking respondents to recommend ideas for new policies surrounding a host of areas, including emerging technologies, cybersecurity and …

Read More »

Days After Launch, the EOS Blockchain Still Isn’t Live

Days after first initiating its launch in an unorthodox, distributed process, the EOS blockchain isn't yet live, but so far, the software appears to be progressing toward that goal without major issues.

As profiled by CoinDesk, after raising a reported $4 billion over the last year to create the software necessary to launch the blockchain, the company that created it is leaving it to its community to actually get it off the ground. That doesn't mean there haven't been material updates, however, or that Block.one, the company in question, hasn't been involved in the initial booting effort.

Rather, the company released version 1.0.0 of the EOS software on Saturday and already it's published one update to the code, version 1.0.1, a release that Block.one CTO Daniel Larimer described as preventing a "potential crash" in the update notes, along with other minor issues.

This means that, as of now, participants in the EOS initial coin offering (ICO), which ended on Friday, have purchased all the initial ethereum tokens that will ever be used to bootstrap the project. The plan was always for these tokens to be frozen at the end of the ICO, in preparation for a formal blockchain launch, meaning those coins won't be tradeable again until EOS is live. (It's unclear at this time how exchanges are managing their book-keeping while trading continues.)

The last big event took place June 2 at 10:59 UTC, when the tokens froze on ethereum and so-called "snapshots" were taken in order to preserve a record that can later be used to allocate tokens issued on the EOS blockchain to their owners. By all accounts, this occurred on time and without any issues (here's one description).

"Things are going about as we expected. A few road bumps, no show-stopping problems. I'm expecting the [blockchain] to be live in the next couple of days," Kyle Samani of Multicoin Capital, one of EOS's most prominent endorsers, told CoinDesk.

Still, it has been remarkable how unified block producers, or the entities jockeying to process transactions on the new blockchain (and thus receive its rewards), have appeared outwardly given the global scale of the launch.

"I've been part of calls of 60 to 90 people every day," Marc-Antoine Ross, the CEO of EOS Canada, told CoinDesk, adding:

"What I think is important is we all published agreement to launch one chain."

Bumps and bruises

But this outward coordination has not been without a lot of behind-the-scenes effort.

Indeed, a controversy broke out in the EOS launch community last week when a group calling itself "Ghostbusters" published a critique of the launch approach led by EOS Canada, another group vying to become a block producer.

EOS Canada had published a piece of open-source software called "EOS BIOS" on April 9, a suite of code that aimed to coordinate the launch of the EOS software. Its had dozens of subsequent releases since then, with version 1.0.0 coming out on Saturday. "A lot of block producer candidates validated this solution to launch the network," Ross said.

That said, the critique was seconded by other block producer candidates.

The May 28 blog post argued:

"Using the EOS BIOS process will create unnecessary risks for the EOS blockchain launch and ultimately all EOS token holders. Also, any negative press on insecurities in EOS blockchain launch or failed attempt to launch the blockchain will have a negative impact on EOS price and reputation."

It argued that the channels between the various nodes needed to be more secure, using layers that obscure IP addresses and encrypt data as it passes between block producers.

EOS Canada promptly responded with a call for "increased collaboration" arguing that some of the vulnerabilities identified were settings needed for efficient testing, not a production launch.

In a subsequent post, Ghostbusters described theirs as the "security first" approach.

Unity prevails

But while it looked like there could be a split in the larger EOS community, one that could result in two competing blockchain launches, the greater value in consensus, it seems, has prevailed.

On Saturday, participants in a livestream supporting the launch announced that the two sides had resolved their differences (which Ross confirmed), affirming that everyone has agreed to coordinate with EOS BIOS and it should have no problem integrating with Ghostbusters preferred security measures, according to Ross.

"We've opened our hand to the Ghostbusters," Ross told CoinDesk, "to make sure we have one strong network."

Members of the Ghostbusters coalition have not responded to request for comment from CoinDesk.

As such, there haven't been the forks or competing blockchains that many people feared. One group has launched EOS Classic, which basically recreates the existing token balances on ethereum, where people are used to trading them. The creators use something of a complicated process for users to claim their tokens, but MyCrypto CEO Taylor Monahan asked her team to look at it, and they don't see anything dangerous about an EOS holder claiming EOS Classic tokens.

"It looks like it is in the current snapshot in time, it has no way to steal private keys from what I can see," Monahan wrote, though she warned that sometimes scams can come in phases, so that could come next.

Just as Block.one reserved 10 percent of EOS tokens for the company, the EOS Classic reserves the same for itself, in what could be just another simple play for easy crypto money.

Casting ballots

Other fears relating to the launch have been assuaged so far, including those relating to the selection of block producers via voting, a necessary action needed to help EOS determine just who would be in charge of maintaining its blockchain.

As this vote was to be carried out by those who own EOS, a range of possible complications were theorized. These included that potential voting tokens could end up idle or lost forever because token holders never registered an EOS address (a necessary step to migrate their coins from ethereum).

This process has been going for a year now, and the designers of the process expected token buyers on ethereum to remember that at the end of the process they would need to take action in order to hold onto their tokens and create an EOS address and associate it with their ethereum address. It's not surprising that this message didn't get through to everyone who had ever bought any EOS.

So, in order to prevent the exclusion of crypto users who weren't following the EOS blog, the EOS community coded up a workaround so that users wouldn't lose their tokens. Basically, for all the laggards, they generated an EOS version of of their ethereum public key. That way, once the user created an EOS version of their private key (offline, preferably), they could claim their tokens.

"Think of it this way, your ethereum public key is just the wrapper around a longer array of numbers which are compressed into a 64 character string that you call your public key," EOS New York, another potential block producer, explained in a post on Steemit.

But there may never have been much reason to worry about the likelihood of enough votes coming together to launch the chain. It turns out that there are some very big whales out there, people who have a powerful vested interest in making sure that the system launches.

Redditor @Lannisan crunched the numbers from the snapshot balances and found that (if Block.one is excluded — and it should be because it has committed to sitting out the block producer vote) the 10 biggest wallets hold 39 percent of all tokens. In other words, those 10 could decide almost anything they wanted if they coordinated. The top 100 wallets control 65 percent of the tokens.

These numbers are again somewhat skewed by the fact that some of these "whales" must be exchanges, and some of the biggest exchanges have committed to not voting their users' tokens. Still, there are probably a few large holders out there who plan to vote once they feel comfortable with a mainnet release, so that it goes live. With so many large holders out there, it doesn't sound like hitting 15 percent of the tokens voting will be difficult, even if not that many actual people vote.

Ross would not commit to any kind of timeline for EOS to go live.

The block producers are running a variety of testnets now, any one of which might meet all the checks for the chain, the software and the security that they are looking to validate. When they all agree they have a configuration that works, a group announcement will go out calling for holders to prepare to vote for the first slate of block producers.

When it goes live, that's when we'll really start to understand Dan Larimer's latest technology.

As Siddharth Kalla, co-founder of the Turing Advisory Group, told CoinDesk:

"The real test of whether one should be alarmed or not would come once the network is live and running. The human side of security, voting, economic incentives, etc, are much harder to test than bugs in the code during the testing phase."

Egg candling via Shutterstock

The leader in blockchain news, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups.

Read More »

Verge’s Blockchain Attacks Are Worth a Sober Second Look

The notorious 51-percent attack: it's the major fault in cryptocurrency protocols but it's rarely seen, especially among the most popular cryptocurrencies.

Yet, in the past couple months, the exploit – whereby a single miner (or group of miners) takes control of over half of the network's total computing power and can then bend the protocol's rules in their favor – has been seen twice. And on the same blockchain.

Indeed, verge, a privacy-oriented cryptocurrency recently propelled into the limelight by a partnership with popular adult entertainment site Pornhub, suffered two hacks perpetrated through 51-percent attacks that saw the attackers absconding with millions of dollars-worth of its native cryptocurrency, XVG.

During the first attack in April (only a couple of weeks before the Pornhub partnership), the hacker was able to get away with 250,000 XVG. And during the latest in mid-May, an attacker was able to exploit $1.7 million-worth of the cryptocurrency from the protocol.

According to researchers, the exploits are a product of simple changes to the underlying code which cryptocurrency protocols are typically built on and the challenges of being able to predict what unintended consequences will arise from those changes.

Sure, verge developers were only trying to design a better cryptocurrency for payments, but by tweaking small parameters, such as the length of time a block can be valid, the group has opened its blockchain up to attacks.

"Getting incentives right and keeping them right is hard," Imperial College London assistant professor and Liquidity Network founder Arthur Gervais said.

That is blockchains are built on very precariously stacked incentives whereby all stakeholders work together toward a common goal so as to remove the chance that one entity takes full control.

"Things obviously don't look good," said Daniel Goldman, the CTO of cryptocurrency analysis site The Abacus who's been tracking the attacks. "The issues that initially slipped into the codebase were a result of pure carelessness — incorporating code from other open-source software without understanding its implications."

Goldman added:

"I hate to say it, but if I had to summarize: the attacker is doing better due diligence than the developers. I'd try to poach him if I were them."

And since veteran blockchain developers, including litecoin creator Charlie Lee and monero lead developer Riccardo Spagni, have long argued the kinds of adjustments the platform made have obvious downsides, such naysayers – who have been readily attacked by a group of enthusiasts calling themselves the "Verge Army" – are feeling vindicated.

"So many important lessons to be learned from this," Fidelity investment research analyst Nic Carter tweeted, summing up the general state of verge's development.

Representatives from the verge developer team did not respond to a request for comment from CoinDesk.

The problem

One of those lessons is that there are reasons why the window of time that a transaction can be valid is limited quite strictly.

For instance, whereas bitcoin transactions are only valid for about 10 minutes before they're verified in a block, verge developers extended that window to two hours. And because there is some information asymmetry in blockchain systems since nodes are spread out across the globe, the attacker was able "spoof" timestamps tied to blocks without some noticing, according to the widely-circulated post by Goldman.

But it wasn't just that; another piece of the attacks was verge's difficulty algorithm.

Verge uses the algorithm "Dark Gravity Wave" to automatically adjust how fast miners find blocks. In verge, this happens every two hours; compared to bitcoin which adjusts every two weeks, verge's algorithm is quite fast.

The spoofed timestamps paired with this fast-adjusting algorithm led to the problem of "tragically confusing the protocol's mining adjustment algorithm," as Goldman put it.

Or said another way, the attacker cleverly mined blocks with fake timestamps, forcing the cryptocurrency's difficulty to adjust down more quickly – making it easier for the attacker to mine even more XVG.

When the first attack happened, verge developers quickly released a patch, stopping the attacker from printing more money. Yet, with the attack last month, it seems the patch only went so far and the attacker found another way to execute the same hack, displaying how difficult it can be to architect a distributed system that isn't vulnerable to attacks.

Continuing attacks

And according to Goldman, the issues for verge are likely not over.

"An attack clearly was – and maybe still is – being attempted. So far, however, the would-be attacker hasn't managed to overtake the network," Goldman told CoinDesk.

But he continued:

"As it stands now, two of the three (in my opinion) fundamental sources of vulnerabilities have been mitigated at best, and one remains completely unfixed."

While no XVG were stolen directly from users, miners on the network aren't supposed to be able to bend the rules like this, effectively printing money for one individual in a short period of time.

As such, verge developers are actively working on improving the code. After a period of little communication from verge's developers, CryptoRekt, the pseudonymous author of the verge "blackpaper" took to Reddit on May 31, saying, that all of the verge team would "never intentionally do anything to besmirch or hurt this project."

He added that the project's developer have been working on new code for "several weeks" to "solidify our currency against any future attacks."

Yet, Goldman believes there's another problem. Unlike many of the cryptocurrency projects out there today, which rely on open-source code, verge's codebase is being constructed in private and so will not get peer-reviewed by the community of blockchain experts that could help the team find vulnerabilities.

"Since incorporating code without responsibly vetting it was the thing that led to all this, this should make the vergefam nervous," he tweeted.

Verge's future?

But so far, much of the verge community remains supportive of the developer team and the cryptocurrency's mission.

Pseudonymous verge user Crypto Dog went as far as to claim that "there is no need to panic," contending that verge's success will continue no matter what. And CryptoRekt chose to see it as a learning experience, one that would help verge "build a bigger and better project."

Still, this attack looks poorly, not only on verge itself, but also on organizations that have partnered with the verge team, Pornhub included. Especially since Pornhub's vice president Corey Price stated verge was chosen as a payment method for the site in a "very deliberate selection process" to preserve the financial privacy of their customers.

As such, some developers believe this episode will bring about a heightened sense of responsibility for many organizations to more effectively analyze a blockchain before adopting it.

"I wouldn't be surprised by more scrutiny in the near future, both leading to more attacks and to investors more accurately rating the value proposition of smaller altcoin projects," BitGo engineer Mark Erhardt said, adding:

"The absence of an attack is not proof that a system is safe. Quite a few altcoin projects appear to be taking unsafe shortcuts. It's just that nobody has bothered to exploit these systemic flaws or weaknesses, yet."

As such, verge might be the first in a long line of future exploits.

While 51-percent attacks have typically been viewed as hard to execute, Liquidity Network's Gervais argued that new data appears to show that it's easier than many previously thought. He pointed to a new web app, 51crypto, which tracks how profitable it is to execute a 51-percent attack on various blockchains.

The gist of the statistics is, the smaller the blockchain, the easier it is to overtake it and bend the rules, which is why developers need to be particularly careful in how they architect their systems.

Because "if an attack makes more economic sense over honest behavior, the attackers will be there," Gervais concluded.

Verge image via Shutterstock

The leader in blockchain news, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups.

Read More »

$1,999: GMO Reveals Details of Its New 7nm Bitcoin Miner

Japanese IT giant GMO Internet has revealed prices and specs for its new-from-the-ground-up bitcoin miner – the world's first based on a 7nm chip.

At a press conference, the company said Tuesday that its 7nm ASIC (application-specific integrated circuit) that will power the new B2 miner is designed in Japan, but manufactured in Taiwan.

The arrival of a 7nm chip is notable since it ushers in more hashing power for bitcoin miners, while at the same time theoretically reducing power consumption, an important factor for miners in seeking return on their investment.

According to a Bloomberg reporter who tweeted from the event, the B2 will provide a hash rate of 24TH/s, with power consumption at 1,950W per unit – that breaks down at 81W per 1 TH/s.

By comparison, the current market leader – Bitmain's Antminer S9 – offers 14TH/s at a power consumption of around 1,300W.

The B2 may offer market leading power, if GMO's figures prove to be accurate, but it will come at a price – $1,999 to be exact. That's compared with $837 for the Antminer S9.

As if there was any doubt that GMO plans to knock Bitmain of its pedestal, the firm's CEO Masatoshi Kumagai reportedly stated:

"I respect Bitmain, but we will top them"

As reported by CoinDesk, the B2 was revealed on May 24, with GMP saying pre-orders will start on June 6 and shipments to follow in October.

The launch comes following a months-long testing period since the firm initially revealed it was researching and developing the new mining processor in September 2017.

GMO B2 miner image via Yuji Nakamura/Twitter

The leader in blockchain news, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups.

Read More »

When It’s Time to Rebalance Your Crypto Asset Portfolio

Willy Woo is an avid cryptocurrency trader and blogger, whose work is published at Woobull.com and via Twitter at @woonomic. The ideas in this post first appeared in a tweet published earlier this year. I think rebalancing a crypto portfolio to reduce exposure to a single crypto asset is the …

Read More »

Failed Breakout Revives Bitcoin’s Bull-Bear Tug-of-War

Bitcoin’s retreat from Sunday’s high of $7,779 has poured cold water over the bull mood generated by the weekend’s positive price action and neutralized the immediate outlook. BTC closed on Sunday (as per UTC) above a key falling trendline resistance level, signaling a short-term bullish-to-bearish trend change. A bullish crossover …

Read More »

Magic Number? Chart Data Hints at June 6 Bitcoin Boost

A major reprieve just may be in the offing for the battered bitcoin bulls in the next 36 hours – if, that is, historical patterns repeat themselves. Intriguingly, the cryptocurrency tends to take a significant change of direction on the sixth day of every month, or at least it has …

Read More »

Public or Private? Blockchain Distinctions Are Falling Out of Fashion

“Convergence” may mean different things to different people in blockchain, but it’s a word that’s appearing more and more in public rhetoric of late. For some, it simply means that innovations developed on a public blockchain powered by a cryptocurrency can be leveraged on a private blockchain used by enterprises, …

Read More »

Hyperchain Blockchain Creator Completes $234 Million Funding Round

Qulian Technology, a China-based blockchain platform developer, has announced the completion of a 1.5 billion Chinese yuan ($234 million) Series B funding round. The amount makes the investment one of the largest traditional funding rounds in the blockchain space to date, though, according to CoinDesk’s Venture Capital Tracker, Robinhood’s $363 …

Read More »

LinkedIn Co-Founder Is Raising $20 Million for Token Project

Newly published public documents indicate that one of the co-founders of employment data platform LinkedIn is raising as much as $20 million in a Simple Agreement for Future Tokens (SAFT) sale. The Form D published on June 1 shows that Eric Ly – LinkedIn’s first chief technology officer and one …

Read More »
error: Bài viết được bảo vệ!