– [Announcer] Okay, ladies and gentlemen, Cryptocurrency Basics part two Part one is out on the Facebook channel and the YouTube channel, we're picking up where we left off right here We are broadcasting live, so Jae, can you give us a quick introduction, and then I think you're already off to the races, so pick it up wherever you like – [Jae] Yeah, I'm a blockchain engineer for Metal Pay We're a payment processor cryptoplay, so please check it out, and

Yeah, I'll get started All right So this is Cryptocurrencies Basics, part two, and here I'll cover some of the fundamental problems, what the mitigatons are, and some of the problems that cryptocurrencies solve, and what problems cryptocurrencies are not designed to solve

Satoshi Nakomoto said that the root problem with conventional currency is that it requires trust at all to work Bitcoin has been working in the last few years, and it's been working fairly flawlessly in terms of core security, so I think he's got his work– Or maybe it's she, I don't know So big problems, (clears throat) cryptocurrencies have to solve what's called a double spending problem That's basically what we discussed earlier, where I send somebody ten dollars, and before that gets written into my ledger somewhere, I also send that ten dollars to someone else, thereby spending twenty dollars, ten dollars more than I had The way that it's solved in Bitcoin is that there's a strict accounting bottleneck, and that's handled through a blockchain

Adding the records up to a blockchain and then solving very difficult math problems with a different grade of difficulties, and then appending the record in a linear fashion In a sense, it's very similar to how banks operate, except banks actually go into your account and subtract the amount: bitcoin doesn't do that It actually just keeps on appending into a linear history, and then the transaction records are just that It just shows you the amount spent It doesn't have a record of the individual account's balance, so bitcoin doesn't have an innate, built-in concept of balance that only comes out as a consequence of running through the history

Bitcoin also utilizes signed transactions to ensure that we know where the transactional origin is from, or at least the address that's assigned to it Cryptocurrencies in general have public addresses where you can send the aforementioned tokens or coins, and then the individual addresses have private keys so that you can actually claim those Cryptocurrencies and a lot of fundamental problems in computer science, a lot of the applications have to solve what's called Byzantine Generals Problem There's different classes of Byzantine Generals Problem One is consensus, the other is deciding when to decide, knowing the quorum, so if there are a board of directors and nobody's showing up, and the only director that showed up made a decision that's not quorum

Similar to that, bitcoin Because there are problems of what gets written and when, and there has to be a solution to that How it's done is through sort of a genius combination of economic incentive and mathematics, what people now call Nakamoto Consensus

PBFT, that's just a Practical Byzantine Fault Tolerant algorithm, that's not being used in bitcoin That's just another way to solve a similar problem Nakamoto Consensus actually focuses on making sure that the attackers There's an incentives structure that encourages people to remain honest, and honest players have higher hashing power, competing power overall than the attackers, and I'll cover that in detail because that's a very sort of subtle point Sybil Attack has to do with sock-puppets It's like if you have sock-puppets and they're talking on your behalf or acting on your behalf, or acting on behalf of malicious actors What that means is that in case of decentralized currency where anybody can broadcast transactions and all that stuff, you really can have a security model that trusts any single node at all, which means that you have to assume everybody is malicious in the bitcoin network, and because of that, you need to have a mechanism to clear the transaction without assigning any single node the right of writing into the collective ledger The way that that's done is partly to make the attacks marginally more expensive, so that will enaggregate the forced transactions and broadcasting them and having them transacted, those are kind of expensive because when you send a transaction, you have to include a feed, and if you include a feed in bitcoin network, if someone solves it, then that's done

If you send out an invalid transaction, you're just wasting your own electricity What's happening is there's a concept called proof-of-work that basically says that, "Okay, I've lined up all the transactions "and I have all the signatures that I'm gonna validate, "and after that, I'm going to take the entire transaction "and put it through a hash function" The body of transaction's called a digest, and you take that digest and shove it through a hash function, and then it'll output a random-looking group of letters Now, bitcoin has a very specific rule that says that in order for you to have been considered a solver of that block, you have to have zeros in front of it, sixteen digits or 120 digits, or whatever it is In order to have that number of sixes and zeros lined up in sequential fashion, it's very low probability

That is what's increasing the cost of attack by making sure that people who are validating these transactions are honest workers, that all they wanna do is validate the transaction I'm going a little bit aside, and that's the problem that cryptocurrencies sort of solve, and part of it is there's a problem called a Principal-Agent Problem, and that is that there's a difference between a principal who gives authority to an agent to act on his or her behalf, and there's always this uncertain dynamics as to whether the agent is going to execute exactly your intent, and that has to do with Anything, like if you have a real estate agent, is he really working for you, or is he trying to get more commission? You really don't know

Cryptocurrency and certain classes of cryptocurrency solve this by having smart contracts In other cases, even without smart contracts, you can have sort of an escrow-like system where you have neutral ground where it requires both sides' signature in order to clear the funds Without both Payer A and Payer B's signature, the funds don't clear, so then that mitigates it sort of like an automated escrow settlement Having a very narrowly defined contract also helps resolve that problem So this is more like practical consideration much more so than fundamental problem that cryptocurrencies solve

But this is sort of where the focus of activity has been, especially now with Ethereum and all the other smart contract companies that are coming up For greater privacy, you want to use bitcoin address only once That's what Satoshi Nakamoto said There's a very good reason for that In cryptocurrency, you think that it's anonymous, but it's not, it's actually

In bitcoin's case, it's publicly available, right? You have ledgers that are inspectable by anybody You can go from time zero to now and see who sent what to whom, at least the address-wise There are really good ways to figure out who's who by doing what's called fingerprinting, and that has to do with

Okay, what are some of the exchange endpoints or exit points, what are some of the economic activities that this chain of transactions had taken place, and so you can kind of reconstruct who owns what and who did what It's not trivial, but it's also not impossible It's actually fairly straightforward once you understand how the transactions work

So you can actually figure out spending habits if you know the (mumbles) addresses of vendors, and by knowing that, and knowing the origin, you can reconstruct who spent what, so it's anonymous Going back to the transaction origin discovery, there is a way, essentially, if you connect to every single bitcoin nodes out there, you can figure out who's who because you'll know that just by looking at the time difference between who sent out the transaction record and broadcast to network, when, that that person is the originator of that particular record It's not rocket science, and maybe there are 200,000 wallets out there, maybe something like that, I don't know the exact number, but yeah, you can figure it out Dan Kaminsky did a fantastic talk back in 2011 about how that might be done, and how you can actually figure out who owns what, or at the very least, who sent what amount to whom By knowing the IP address, then thereby

You may be able to be discovered So yeah, please, go check that out It's a really fantastic talk

But there are other ways around it There are fundamental algorithms that help you keep your privacy, and that has to do with something called zero-knowledge proof The way that zero-knowledge proof works is that, based on initial state, the subsequent state can be verified even though you don't necessarily know the amount that's being transacted, and so on and so forth It's a little bit beyond my pay grade (laughs), but I am still wrapping my head around it, but Zcash is one that actually uses zero-knowledge proof, and it's been audited over and over, and it's deemed to be pretty solid, rock solid The only downside to that is that Zcash, at the time zero, they had to do what's called a key generation ceremony, which means that they have a group of people that generate some sort of initial key to initialize the state of the network

They then burn all the keys and destroy the computer that generated it, but These are honest people, but you never really know whether one of them kept their CDs In all honesty, it seems like, at least from all the parties that were involved, all the keys were destroyed

But that's just what we know about it Other cryptocurrencies solve problem differently, so we'll narrow these to Ring transactions, and Bitcoin and other can use coinjoin Basically, coinjoin is sort of like, Let's all pool the transactions together, and then send it out in a haphazard way so that you can't really track who sent what transaction to whom, but then I'm not a lawyer, so please don't shoot me (laughs) I don't know, are you then accessory to crime if you somehow figure out that part of the output transaction from that coinjoin operation is funding terrorists? I don't know, maybe that's an interesting problem to explore There's not a whole lot of consensus on ToR, but at least we know there are law enforcement that has their eyes on the exit nodes of ToR, so they can tell that your transactions went through their gateway Maybe they don't know who it is, but they'll know I'm going to move on to sort of, like, more practical aspect of it

So there's problems in operation Block Propagation Speed It's only two lines here, but I swear to you, this is sort of like the most contentious aspect of bitcoin, and it's still contentious, and there's flame wars about It has to do with Remember, we talked about block as a collection of transactions Bitcoin has a very small block, I think it's one megabyte or whatever, and you collect that, and depending on sort of how big the signature is, you'd only get about 2,400 of them or something like that I don't know the exact number There's a circuit limit to how many transactions can be cleared and verified

That's the reason why you hear a lot of people saying, "It took eight hours, ten hours "for my bitcoin to go from point A to point B," or "I had to spend fifty dollars on fees "just to send nine dollars' worth of bitcoin," or something like that, right? But there is a reason why blocks are small, and that has to do with the security of the network Bitcoin focuses more on the security side rather than the how fast it can transact, and the

Yeah, that's a little bit weird We're used to, like, Apple pay transacting immediately, and we think, yeah, what's up, why is this the future, or are we going back in time? This is debatable, of course, but mitigation, smaller blocks, off-chain transactions like Lightning Network, and so on and so forth I'll cover Lightning Network and how that sort of operates in a little bit of detail if you guys are interested

This is a largely solved problem, at least in bitcoin, but there are other cryptocurrencies like recently IOTA that had this issue, and malleability basically is if you have a record, something that you wrote, and you encrypt it, and it has a collection of characters, right? Now, if what you wrote is sort of, like, formatted or structured, like origin, destination, time, and amount, then because of that format, when you send the subsequent change or different message of dissimilar format, you're only changing one field, right? You know, time or amount or whatever You were changing a small set of the field Because you're changing a small set of the field, if the cipher doesn't encrypt it in a way that there's no way to distinguish between one versus another even if you change one bit of that small information, the formatted fashion, then that's called malleable So just by changing one number in the transaction, because you have access to the cipher function, you can actually, then, kind of back engineer how it's gonna work if the encryption method is malleable How does that even fit into bitcoin? Okay, so (laughs) how that works is

Let's say that you are an exchange, okay? You want to transact quickly, right? If someone deposits money, you want to make it shown up in their account quickly Let's say you're (mumbles), and you want to get more customers quickly and increase the velocity of money internal to your system What happens is you might be tempted to say, "Okay, well, you know, if the block's been broadcasted, "even if it's not been completely verified, "I'm gonna accept it, and then I'll worry about "clawing back the amount later

" If someone, say I broadcast a transaction, and then someone was listening in on it, they can take that and say, "Okay, it probably "fits a certain pattern, I'm going to change a small "portion of it, and I'm just gonna "spam the network with that broadcast" And because earlier, a lot of the wallet providers weren't checking the format of the transaction signature or at least the transaction ID portion of the signature, it created a habit, which means that because the coin network is decentralized, you also have to relay the transaction from one person to another, and then it could get to some destination at some point and rebroadcast as a legitimate function, which means if I took their transaction record, and I changed something and rebroadcast it, now there's no way to easily track back to the originator Even though the transaction actually is valid, and your bitcoin is subtracted, and someone else gets the bitcoin, the transaction is valid, but it's just annoyance If you have a wallet application, you wanna be able to see who sent what to whom easily Malleability is that problem

In other cryptocurrencies, that's a more serious problem So mitigation is if you're a currency operator, do not accept unconfirmed transactions That's it, that's a no-brainer, but people still do it Enforce very strict formatting check for signatures, and separate the signature or ID from transactions That's sort of, like, built into the system now

It's called segregated business, and what that does is bitcoin transactions have signature and transaction body, now they've figured out a very clever way to separate it out and that helps with the malleability problem Okay, so I'm gonna move on If you wanna ask about One Time Pad, I have it in there, but if you're particularly interested in that, I'd be happy to talk to you about it I put that as an example (sighs) So this is a tricky problem, and it's more of a problem in operation more so than the

It's due to the applications that people have written, and it's called fund hostage taking We talked about sort of, like, this neutral ground where you have wallets that require both sides' signature in order to have it clear, and it's often used in things like cross-chain atomic swaps, and that's just a fancy way of saying you have Ethereum or Ether, I have bitcoin, how do we exchange it without one party letting go of their token or coin first? They need some sort of intermediary, which is neither of them, but have a way to transact, and that's sort of done in automated fashion It can do it in automated fashion In order to use that code in multi-signature wallet, if one side doesn't let go of the fund or wait to let go of the fund, then there's no recourse, and that's called a hostage taking because then I deposited 10,000 bitcoins and they deposited 10,000 bitcoins, and just out of spite, they don't wanna release the funds

We're both out of 10,000 each But that's a pretty trivial problem to solve, and basically that's handled in what's called a hashed time lock contract, and it's just a very fancy way of saying there's an expiry When it expires, people get their money back So there's sort of like time to perform, and if they don't agree to do a transaction, then everybody will get their money back That's actually used in Lightning Network as well

Now, when you're designing anything that deals with automated system and escrow, you have to design the system very carefully to prevent hostage taking, and more importantly, you have to design it to prevent draining the escrow account That's what happened to the original DAO DAO, for those of you who are new to this, is distributed autonomous organizations, and that's basically Well, you know, we have all the ways to ensure sort of organizations in cyberspace to continue just by depositing money and making it so that people can vote on how the money's going to be used That's basically what DAO is It's just corporation in a different form and different governance So there was a really famous hack that nearly broke how Ethereum is perceived and still perceived today Basically, there was a bug in the code that allowed someone to split– Well, a primary feature of a DAO has to do with voluntary exit, so when you deposit money into a DAO, and that fund can grow, and you can elect to say, "Well, I wanna exit; I wanna split

" When you say I wanna split, it basically gives you your money back, or a portion of the money back, subtracts your account balance from that DAO smart contract, and says goodbye Now, the problem with that is the codes were somewhat buggy, and some of them found an exploit around it Basically that has to do with, under certain circumstances, before the balances are taken care of, you can again ask for a split, which means you keep on asking for a split, and you keep on withdrawing money, and the general fund is emptied out That's what the DAO hack was It was a fairly sophisticated– Well, I don't know, I don't know what the jury is out, but it was a known bug at the time, but they didn't fix it in time

It basically tells us that one of your designs (mumbles) as automated escrow or some sort of organization, you need to make it so that You need to audit it, you need to understand how it works, you need to understand how someone might drain your account I'm not sure if the people that designed it, as brilliant as they are, have gone through the entire step, and they were very close to solving it, too, so it's not entirely their fault

The consequences of that, it's actually immense I'll cover that later So going back to the old world, we still have counterparty risk There's no way around it, and transacting on-chain, so to speak, and the record transaction and clearance on cryptocurrencies are generally pretty secure, depending on the cryptocurrency Bitcoin more so, IOTA maybe

I don't know, you don't know The counterparty risk in most cases are not always just like BitConnect, right? Someone creates a pyramid scheme and people just deposit money in it, and they said you should be able to get some quote-unquote "fixed rate of return," which is, of course No such thing is free of punch But yeah, that's an exit scam Cryptocurrencies are not all about exit scams I mean, there are legitimate (laughs) obviously, otherwise you guys wouldn't be here, but there are also legitimate counterparty risk in cases where there are disputes, and one of them is Lightning Network

Because you are At Lightning Network, for those of you who are not familiar with it We talked about sort of bitcoin transactions taking a very long time, like say, in certain cases, hours It's pay-to-play network, so if you pay a lot of fee, your transactions get, you know Take that transaction record, group it into a block and try to solve that block first so that they can get their high transaction fees as part of their reward Now, in order to increase (mumbles), certain group of people have gotten together and (microphone interference drowns out speaker) wrote a really fantastic paper– I forget the names, so please excuse me They wrote basically what's called the Lightning Network protocol, and it has to do with off-chain transaction, and then settling it on-chain after certain And then aggregating the transaction Basically going back to sort of, like, a bank idea, right? But the difference is that it's all done in sort of, like, neutral ground without anybody being able to write arbitrary record of your transaction, like a bank or clawing back your money and that sort of thing Lightning Network is sort of like separated network that has connections through Lightning Network nodes, and what you do is essentially you deposit a little bit of money into the Lightning Network, and then you say, "Well, I wanna give somebody 200 satoshis," and it'll transact that 200 satoshi, and then after you transact more and more and more, let's say one bitcoin's worth, they basically say, "Okay, well, we're going to "settle that account on-chain, "and that money that you immobilized "and put it into Lightning Network, "now we're gonna give it to whoever you have to settle with" It's a way to aggregate the transactions and then settle the accounts in a more efficient way So it's basically a batching

Because of that, there is a counterparty risk So for example, if one of the nodes Basically, "I don't wanna transport your money

"I don't wanna be the gateway for your transaction," or "I don't want to do anything," there needs to be a way to prevent hostage taking, so network has a way to deal with that, but also the difference of accounting as to, like, one node to another, you wanna make sure that the end state is the same So if I spent one bitcoin, I should be subtracted one bitcoin So what happens if someone says, "I didn't– "This person didn't spend one bitcoin, "but half a bitcoin" So if there's a different account that's been transmitted, then what happens? There actually is a way to solve it, and that's called a penalty The money that you deposited into the system, the part of that

If node incorrectly broadcasts a transaction in end state, there's a dispute resolution, and then automated dispute resolution actually credit you that amount of bitcoin that you shouldn't have been penalized for There is a way to do that Now, in the case of Ripple, because Ripple is a very cleverly designed system, and it handles sort of, like, debt obligations and different kind of financial obligations

It propagates that obligation throughout the network You can also build on top of that your own currency You can use your own currency and whatnot, or you can have sort of, like, different instruments Now, when you do that, let's say you have your own token and you are the issuing gateway, and you default on your obligations, then what happens? Then you're sort of, like, screwed You have all these useless tokens, and you can't transact them

So then you just have to send lawyers and figure out who were the offending party They kind of actually said that in their talk, one of the C++ conferences, they had one of their CTOs, and they talked about, sort of, like there are real-life consequences, and that's how we solve it Okay, and then These are problems not solved by cryptocurrency A lot of people ask this on occasion, and I actually answered it last time, too There are two or three items that I'll cover First is reputation At least in Bitcoin, there is no privileged party

There's no nodes that are quote-unquote "more reputable" than another, there's no in-network way to determine that reputation The reason for it is that you start with a state that basically says that you can't trust any node, that none of the nodes are trustworthy, and therefore you're not going to assign any special treatment for any of them They all the same rights of broadcasting and receiving transactions and putting them together via broadcast Decentralization ethos actually takes hold, and it seems to work The thing is that– Now, you can actually have a layer on top of it, and you can say, "These nodes that I've been monitoring "very closely seem to be kind of sketchy, "so I'm not going to listen to their broadcast or whatever

" You can do that, but why? It makes no sense, right? You actually want to listen to as many nodes as possible, and the reason for that is that, as a miner, all you care about is transaction, whether they are valid and whether they can be verified And if they are verifiable, then who cares, right? The built-in system dynamics solves that problem So the reputation is kind of irrelevant, and the reason for that is the following Bitcoin doesn't solve this problem It's surprising how many newcomers have this expectation that

Let's say I'm a vendor, and I send out a case of beer, or something like that Should I expect to receive bitcoin first? If I receive bitcoin first, do I have an obligation to send out a case of beer? It's obvious to you and me that, yeah, sure, you should be sending out that case of beer for money that you received, but because sort of this anonymous nature where, if you're sitting behind firewall and you're in Kazakhstan, and you have a website that says, "I'm gonna send a box of goodies "if you send me bitcoin," there's no reputation system, there's no settlement layer that guarantees delivery, right? There's nothing that's built into it You go back to the old system of settlement issues

You have to have either a trusted third party, or a reputation system, or both, or some sort of way to clear the transaction and link, somehow, the transaction to the physical delivery Cryptocurrencies don't solve that problem, I'm sorry to say, you have to build that system on your own Some cryptosystems solve this whenever you're sending out digital assets Ethereum is one, so you can pay in ether or some token, right? There are some decentralized networks that are being built– The exchanges are being built A really simple example is crypotokeys, where you have smart contracts and say, "Well, I'm gonna pay one ether for this cryptokey "with this certain aspect of it," and because you can keep track of smart contract on-chain, you can do a swap of funds to digital goods

But there's no such thing for swapping funds to physical goods, at least not at this point There's no clean way to do it That's it for me, but I will open up to questions Thank you (audience applauds) Questions, yes

– So what are some Piggybacking on what you just finished there, what are some solutions that some people are trying to do, sort of implement to Yeah, to have a solution for that? – Right, right, right One way to do it, I think is Think about how you would actually physically have this Maybe a way to do it is, let's say you have a locked container, and the only way to get access to what's in the container is by sending bitcoin to it That's one way to do it, but then you're still trusting the vendor, so it's always a dynamic between who gets to hold onto the money first, right? So there's no clear way to do it Another way to do it is have a trusted third party that has escrow, and there is a company that does it It's called LocalBitcoin, and basically LocalBitcoin, how it works is you deposit the coin into their escrow account, and then what they do then is, well, you know, once the transaction happens and both say, "Yeah, we transacted, we're gonna release the fund," and bitcoin goes to one person, US dollar goes to another person

It's kind of like physical good delivery, and it sort of works, and people have transacted billions of dollars through LocalBitcoin I'm not getting paid for it, so I wish they would, but I (laughs) but anyways, yeah, so that's one way to do it That seems to be sort of like the standard way to do it Let's say I'm transacting with you on US dollar basis Let's say I'm selling sandwiches, and you have ten dollars

There's a split moment where either I have to have the dollar, or you have to have the sandwich, so if you give me the dollar first, there is a social obligation where I have to give you the sandwich, but I have both at some point, right? So it's not a difficult problem to solve, it's just a concept of how would you build a mechanism around it so that it's sort of foolproof It's still a big problem, kind of like eBay and refunding people (laughs) or things that are not their own fault Sorry I don't have a very satisfactory answer – [Man in white] Thank you – Yes, did you raise your hand? (faint response) – Oh, okay

Any other questions? Do you have questions about, maybe, like cryptocurrency fundamentals? Is everybody an expert? – [Man] Yes, I wondered if you could get in on the energy cost associated with all that? – Sure, yeah, so energy cost Okay, I know a lot of people say, "Oh, this is gonna destroy the earth" The answer is no, it's not gonna destroy the earth Earth is very massive, it's got a lot of solid rocks underneath it, so if anything, only the troposphere surface of it will be destroyed But (laughs) jokes aside, yeah, it's an energy intensive process, and the reason why it's energy intensive is because you have to make it expensive enough so that the attackers are not going to willy-nilly spend the energy, and that's why in the bitcoin, there's an economic incentive built into the structure, which is, "If you group the transactions together, "we're gonna give you a bitcoin– "We're gonna not exactly give you a bitcoin, "but give you the right to write, "in the first line of transaction record, a claim "so that you can get bitcoin out of it

" Now, if you're a miner and you buy all these infrastructure, you've already spent fiat, and at some point, you intend on turning profit, and you have operating margins, right? So you're paying electricity, and you're paying labor, and you– Whatever, the depreciation of assets, so all that is built into their profit system, and the beauty of it is that bitcoin is worth enough where it's worthwhile So when miners use that electricity, they're actually securing the network by spending that electricity They're getting paid for it, so every kilowatt that miners use has actually been paid for So that's one way to think about it, unless you get government subsidies, in which case that's unimportant Yes? – [Man] Just in terms of mining, I have a coworker here, she is pretty vested in cryptocurrency, the whole thing, she claims that mining is an ineffective way of actually vesting in the world because there's just so many people already that there's not enough equations to solve, or

– Right, so the question is is it worth now to mine anything? The answer is yes, so at some scale, it's working, otherwise, you wouldn't have miners in large operations in Iceland or in China China is a kind of special case because they get kickbacks and all that stuff, but at least in other countries, like for example, Thailand and places like Arizona, I guess people make it worthwhile If you have a rig that is able to pay for itself because of the appreciation, it's sort of like what is it, net present value, right? You calculate sort of your opportunity cost for just built-in inflation of the money versus future expected value, and you say, "Okay, well, future expected value is higher

" Maybe that's fallacious, but then you go out and do it, and if it appreciates enough, you make money If it crashes, then you have to sell all your mining equipment A lot of the miners do go out of business They sell all their mining equipment So the answer to that question is it depends on what asset and how early on the stage you are

Let's say you're the one who created the currency, right? And it relies on mining to get it to work and to secure the network, then yeah, it's worth it If you're on the ground floor, then it's worth it If you're not, and sort of like you're in the middle, then you're kind of playing this game where is it gonna go through the roof? And if it is, when? So it really depends on the case Cryptocurrency, you can always (mumbles) the code, and people have done it to bitcoin, just to game the system, right? So it's not as though There is infinite space in cryptocurrency That's one thing to think about It's not like real estate, right? You have titles and people who own it, and all that stuff There are history, but you can make your own currency

Okay, other questions? Yes (audio quality distorts the speaker) – Yes, you can always be DDoS'ed to that, if you are a masternode, and if you're not– if you don't have sophisticated security, then someone can just, you know Let's say you're one of the masternodes, right? And you just have it on your desktop

Then you're just done for Don't do that, please So it really depends on the sophistication of the attack, and we can foresee what the attacker's gonna do It has to do with how paranoid you are, like with anything, but it's not limited to It's not a problem inherent in proof-of-stake, so like a security threat, but the fact that masternodes could be taken over is a serious threat, as opposed to a completely decentralized network where everybody can try their hand at creating a transaction record, right? So that's a different model It's possible that you could subvert the network just by taking over a certain key nodes, but it really depends on how well secured they are Maybe in some proof-of-stake systems, you have millions of masternodes, right? If you have millions of masternodes, then it's impossible– It's less possible that all of them are going to be subverted – [Man] Another question, is it possible to back trace the IP address of the DDoSer? – Yes, absolutely

In public internet, it's trivial (audio quality distorts the speaker) – You could, but there are ways around it You can, you know, make it difficult for them to DDoS you It really depends on how much money you wanna spend, and how determined you are, and how determined the attackers are Hopefully that answered your question

Yes? – [Man In white] You said DDoS a couple of times What does that mean? – Distributed denial-of-service What that means is they just keep on sending you crap, like maybe it's a malformed transaction, that you are forced to calculate, or maybe it's a More in the Spam attack of different kind I don't know enough about the base layer of TCPIP to be able to tell you what those attacks are, but there certainly are

In fact, Dan Kaminsky's talk just covered some of that, some aspect of that And yeah, you absolutely can tell whose IP address that is Any other, like maybe more recent event that you guys have questions on? Yeah – [Man] Hi, good to see you – Yeah, good to see you again

– [Man] The recent (audio distorts) There are cases right now that are talking about proof of useful work How feasible that is– – Oh, yeah, I'm not too familiar with distinction, but the way that I think of it is maybe something like this: So proof of work requires that for every solver of a particular block to be added onto a blockchain, there's gonna be millions of people who kind of drew a blank, right? When they pull lottery tickets out of a hat, some of them win, others don't When they say proof of work, it's actually the entire hash power of the network, so maybe there's a clever way to, say, reduce the amount of work that's required, but to keep the security up Maybe that's part of what they mean by proof of useful work? I'm not quire sure – [Man] By the use of AI, they're learning

– Yeah – [Man] As a way of useful work – Oh, yeah, I mean, if that's the definition, then there are a couple different plays that I've seen

One is like, in the traditional sense, there are, like, 3D render farms, or CFD, which is computational fluid dynamics, kind of like distributed work that's required in order for certain problems to be solved in a parallelized fashion So like, let's say you're a (mumbles) company, right, and you wanna have a lot of different computers solve a, sort of like a key flow of a particular AC system, and so you send out a chunk of work, and a bunch of people solve it, and the people who solve it gets a little bit of (mumbles) or something like that Maybe that's what it means? Okay, any other questions that I can? Maybe you'll put it up to online people? – [Announcer] All quiet here – Oh, wow, jeez If there are no questions, then we'll adjourn, but if you have more questions, I'd be happy to cover them, and then I have the presentation from previous talk, so I can actually share that with you as well Yeah, I don't care, so Do you have a question? – [Man] Is it possible to locate all the miners, where they're located? – Yeah, so (clears throat) Number one, if they broadcast a block, a solved block, then you know for sure that they're a miner

Two, maybe there's a way to figure out who belongs to what mining pool, so to speak You can kind of get aggregate sense of what the hash power is Now, can you tell whether they're So earlier, we talked about, like, connecting to every node and figuring out who's who, right? So yeah, you can connect to every bitcoin node and try to see if they're miner or they're just an iPhone wallet or something like that Just by looking at their behavior, not It's not inherently clear that they are miner or a full node, but by looking at what they broadcast and what they don't do, maybe that's a way to do it? – [Man] So the solver (audio distorts) – I think it's like twelve or something like that right now, and then it (mumbles) every few years

Some 100,000 numbers of blocks, I don't know the exact number, unfortunately And so it sort of, like The rate of inflation increases with time

That's what I already said Yep, go ahead – [Man] Just another elementary question, in terms of software knowledge and coding knowledge, the starter rate, what is your– (clears throat) – Okay, so to start a mining rig, it doesn't require a whole lot of knowledge, so you just have to buy Go do research on what GPUs you want to buy or ASIC computer, the ASIC miner rigs you wanna buy There are maybe five or six different ASICs vendors, BitMain is one of them, (mumbles), Silicon is another, Dragons, something like that is another, and Baikal Mining, that's another There are five or six ASICs vendors, and then JPUIs, there's two, so (laughs) go buy any kind of (mumbles), and then you just need to be able to put together a desktop, and maybe even have a milk carton so you can put them in open air, and then you install (mumbles) mine software, some of which are kind of suspect, so like miner software, you kind of have to deal with it in a very suspicious fashion because someone's just giving you an arbitrary binary It could be doing some malicious stuff, so you wanna look at the reputation of the GPU miner software and don't hook that machine directly into your home network because (laughs) and GPU miner software generally take a little bit of cut as a part of the deal for making the software available But you just generally need to be able to connect to a network and then set up the machine and turn it on, and join the mining pool or something like that

– [Man] So buy your own network while you just set up a separate – Yeah, I mean, you could do it that way, or you could just have a little bit more sophisticated router that can separate out a home network into two different subnets, and so that way your desktop computer isn't in the same subnet as the mining network, so that way, there's no way for them to kind of mess around with the rest of your file servers or media servers or whatever – [Announcer] Got a question from the live stream

Brian Murray asks, "How are you preventing fraud of PoPP?" – How are you preventing fraud in PoPP? Okay, yeah, so that's specific to Metal Metal is a I meant not to talk too much of my employer, but they asked, so Metal is a cryptocurrency that sits on Ethereum chain right now, and the way that we ward users is to have peer-peer transaction in fiat is then rewarded in Metal

And so you're gonna ask, "Well, then, I can just "keep sending money back and forth between people "and we're just gonna accumulate metal "until we drain your account, right?" The answer is no, so (laughs) there's sort of like anti-siphoning measures that we're developing right now, and there's going to be a pretty sophisticated way to detect that in the network, and one other thing is I'm not giving away how it's gonna work, but it's pretty similar to how, like, if you think about basic attention tokens, so they have what's called basic attention metrics, so even if you spend a million hours on one website, and the content provider for that one website isn't going to earn linear scale amount of that, right? It actually is a gradually decreasing amount until the additional amount of time someone's time spent on the website isn't going to reward you that much more (mumbles) Think of it kind of similar to that Maybe a little different Any other questions? (man mumbles) – I'm sorry? – [Man] Can you talk about the politics and regulations – Oh, yeah, I'm not a lawyer, of course, I'm not an expert, but I can tell you a couple few things

Politics and regulations Different countries deal with cryptocurrencies in a different way; in some cases, they flat-out outlaw it, in other cases, they turn it into a state enterprise, like what you heard about Venezuela and Petro, but they don't know how to operate it, so I don't see the point of it In other cases, they prevent a fiat-to-crypto transaction In case of China, there's no way for you to convert cryptocurrency into Chinese yuan or something like that, right? In other cases, it's free They freely let you do it

In Germany, for example, if I recall, long-term gains on cryptocurrencies are taxed at zero rate or something like that There are other places where they're very friendly toward crypto, other places are not The different countries have gotten together, and they started to think about how to prevent money laundering, so in most cases, if you open an exchange account, because you're dealing with fiat, meaning national currencies, you have to go through a KYC AML processing KYC is know your customer, AML is anti-money laundering, and the degree to which information you have to give is depending on the jurisdiction of their operation In case of US, it has to do with the amount that you transact, but the guidelines are not very clear, and sometimes, they ask about everything

In other cases, they don't ask that many times If you open up an account in crypt-to-crypto exchange, you generally are dealing with less KYC Tax-wise, there is a variety of ways to deal with taxation, and also the sideline to that is that different countries think of crypto in a different way In case of Japan, they think cryptocurrencies are currencies; in case of US, they think that the cryptocurrencies are assets In Wyoming, they have a different aspect of what the cryptocurrency is

Recently, they passed a law that is very friendly to cryptocurrencies, but that's only for that state So there's the national guideline, and there's Not so much, and if you follow Kieth Rabois

You know him from PayPal, right? He has one interpretation of, sort of like, what non-utility tokens are going to be handled, so he said that if there are secondary markets, then just by virtue of secondary markets' existence, it's going to be handled as security So that was his opinion, but there are a lot of people who are really a lot more knowledgeable of the legal side of things, it's like a budding enterprise, you know, aside from cryptocurrencies and building side as well It really needs to be dealt with in a parallel fashion, otherwise what's the point of doing it, right? I'm sorry, I kind of gave you, like, a half of an answer

– [Man] That's fine – Oh, in India, there's a mixed bag It's a mixed bag They recently outlawed certain class of nodes, which means they could probably extend that to cryptocurrency, but there isn't really a focus on cryptocurrency right now, but Indian population in general, they're also paying a lot of premium, so street-level vendors are selling cryptocurrencies at thirty percent premium, I mean, that's crazy So that's an opportunity to open up exchange there, but you also have to go with a lot of KYC stuff there

– [Woman] So for cryptocurrency and ICO, it was pretty obvious to us that the early next year, almost like ninety percent of the ICO successfully raised money, but at the end of last year, it was like twenty percent– – Yep – [Woman] And this year is already like, probably only like ten percent or something So as investors, we actually see it's actually better because you actually scare away the firsts You are seeing more and more interesting projects, and a lot of them do not actually need tokens – Sure

– But we are contributing to the ecosystem – Right – [Woman] Do you agree, or are you still gonna extend your career in cryptocurrencies? – Oh, yeah, so that's a really good question So the general arc of it is, like, you know, we already have this, sort of, like permeant explosion of cryptocurrencies, and we had this, like, meteoric rise of bitcoin and then equally painful fall, and so, like, what's gonna happen to ICO market? Well, I'm not an investor, so I can't tell you, but what I do know is that, just from the ground level perspective, yeah, a lot of frivolous plays have been played out The idea was that because it was harder for Chinese investors to filtrate the money out of Chinese economy, you know, if you're a sort of, like, regional official and you wanna move your money out of the country, you need to buy a real estate in the United States or Canada, or you buy some assets that are more mobile, right? One of them is cryptocurrency

So the meteoric rise of price and interest in ICO has more to do with the liquidity, meaning that maybe there are equal number of ICOs, but there are so much more money at stake, and because there was an uncertainty about their future, the wealthy people in these, like, part of the country where the capital control's increasingly becoming more draconian, you tend to see a ginormous amount of money flowing out of that, and because of it, you're gonna see a huge rise in frivolous asset prices, right? Like maybe if you go to Vancouver, the price of apartments are crazy, right? And so you have to think of it that way, too It's not just excitement about technology, but what are the macroeconomic factors at play where, you know, wealthy people, they wanna move money out, and how do they do it? I mean, I suppose they could just flat-out turn it to cash and move it around, or they can buy jewelry or whatever Cryptocurrency is just a more recent way of doing it, and the asset price spike shows that Maybe in the long run, they'll make money, I don't know Five minutes, okay

Hopefully that's satisfactory answer It's a politically incorrect answer, but hopefully it's satisfactory But yeah, there are more interesting projects that are coming along, there are more mature review, and due diligence is coming back into the system, so (laughs) earlier, just up to September or July of last year, it was just Wild West, right? Like, you just ride Whitepaper and you get funded That's not normally the case, and maybe that's a good thing, or maybe that's a bad thing, I don't know It's bad in the sense that some of the fringe idea or crazy idea don't get funded

Like, you know, the idea that could be the next big thing because the investors are now a little more guarded about their future, and in any investment activity, you kind of have to take this, like, leap of faith, unfortunately, right? Even if you spend enormous amount of time and effort doing due diligence, at some point, you have to say, "Okay, do I put money in it or not? "Does it feel like a good investment?" Maybe the right way of thinking about it is what's the long arc? And the long arc is that maybe the cryptocurrency will be a really valuable tool, or it's not, so you make directional bets on that So if you pick the best of the breed, then you'll be doing fairly well Think of it like real estate The New York City or Manhattan real estate, if you graph it from, say, 1600s onward, it's a (laugh) parabolic graph, right? And that's due to human activity, it's not just by virtue of that land mass It's the fact that it's actually a commercial entity

Okay, hopefully that was useful Entertaining, at the very least Thank you for attending, and I'll be doing one more talk, and that's gonna be sort of, like, talking about practical aspect of it, who are the stakeholders, how do they operate, what are their interests, what are some of the other things that are coming up on the cryptocurrencies base, and maybe I'll answer more questions about this Thank you (audience applauds) – Thanks so much, Jae

So Jae's next session is on the 26th of March in San Francisco, so we've got a big event near there, so hopefully a lot more people will attend Also, you'll receive a link to the video, so if you missed out on part of the presentation, you'll get a link to that plus the first session, where he also went through a lot of great stuff, so again, let's give a hand to Jae (audience applauds)