August, 2014 Archives

  • 64 Comments
    4,623 views
  • 39 Comments
    2,741 views
    Categories: General, Legal Activity

    Long-Arm Lawsky, Part I: Statutory Authority

    August 30th, 2014 by wildjo

    Editor: Cheryl

    Original:

    There are a lot of reasons to dislike the BitLicense regulations proposed by Ben Lawsky and his New York Department of Financial Services (DFS). Two of the more potent arguments that have the greatest potential to strike down the proposed regulations, if they are not first withdrawn or extensively and materially modified, are: 1) lack of statutory authority, and 2) unreasonable interference with interstate commerce. Today, in this Part I, I discuss the issue of DFS statutory authority, or lack thereof, as it specifically relates to virtual currency and bitcoin.

    In order for a state agency like the DFS to take any action, it must have authority to do so. Typically, such authority comes from state law. If the agency seeks to act outside its statutory authority, it does so unlawfully. That is precisely the situation we face with the DFS and its BitLicense scheme.

    If you have read the proposed regulations, you may have noticed the phrase at the top (right after the table of contents and before the introduction); Statutory Authority: Financial Services Law, sections 102, 104, 201, 206, 301, 302, 309, and 408. This is a reference to the state law that the DFS believes gives it the power to propose the BitLicense. A closer look at this enabling legislation reveals that the DFS has been far, far too ambitious.

    Under the flawed proposed regulations, the DFS prohibits any unlicensed Virtual Currency Business Activity (VCBA) that involves a New York resident. VCBA is defined as receiving or transmitting virtual currency; securing, storing, holding, or maintaining virtual currency on behalf of others; buying or selling virtual currency as a business; converting virtual currency to fiat or any other store of value; or, controlling, administering or issuing a virtual currency.

    However, under its relevant statutory authority, the DFS has only been empowered to regulate financial products or services. We may, at first glance, assume we know what financial products or services means and conclude that virtual currency and VCBA sounds like it might fall within that assumed definition. However, state agencies lack the authority to assume. Instead, they must look to the exact language of their enabling statutes. So, what does this phrase financial products and services really mean?

    Not surprisingly, the statue is too vague. The phrase is tautologically defined in Section 104 of the Financial Services Law as:

    any financial product or financial service offered or provided by any person regulated or required to be regulated by the superintendent pursuant to the banking law or insurance law or any financial product or service offered or sold to consumers&

    Clear as mud, eh?

    Seeking clarification from New Yorks Banking Law is equally fruitless as it contains no definition of a financial product or a financial service. (it merely defines banks, bank-like institutions, and bank mechanisms such as demand deposits). It neither defines financial product or financial service nor mentions virtual currency or virtual currency business activity. Instead the statute is utterly silent.

    A common tactic in statutory construction or interpretation is to refer to definitions contained in similar statutes to help define a term used in a law or regulation that is otherwise silent or vague. We dont have to look far to find a relevant definition of a financial product or service under federal law. Section 5481 of Title 12 of the United States Code contains the definitions relevant to federal banking law. Section 5481(15)(A)(i)-(xi) defines a financial product or service as (paraphrasing):

    1) extending credit and servicing loans; 2) extending/brokering leases of real or personal property that are essentially purchase finance arrangements; 3) check cashing, collecting, or guaranty services; 4) providing real estate settlement services; 5) providing appraisal services 6) engaging in deposit-taking activities or acting as custodian of any financial instrument; 7) offering stored valued instruments where the offeror controls the terms; 8) providing payments or financial data processing products; 9) providing financial advisory services; and 10) engaging in consumer credit reporting activity.

    In a nutshell, the definition describes a bank and traditional bank products and services. Since the definition defines the same phrase used in the New York statute and since both statutes regulate the banking industry, it is perfectly appropriate to assert that the DFS statutory authority is limited to this more specific definition. That is, the DFS is authorized to regulate certain traditional banking activity, and nothing more.

    This assertion is also strongly supported by the statutory purpose contained in New Yorks Financial Services Law. Section 102 is long, but is worth reprinting in full here:

    The legislature hereby declares that the purpose of this chapter is to consolidate the departments of insurance and banking, and provide for the enforcement of the insurance, banking and financial services laws, under the auspices of a single state agency to be known as the department of financial services and to accomplish goals including the following:

    (a)  To encourage, promote and assist banking, insurance and other financial services institutions to effectively and productively locate, operate, employ, grow, remain, and expand in New York state;
    (b) To establish a modern system of regulation, rule making and adjudication that is responsive to the needs of the banking and insurance industries and to the needs of the states consumers and residents;
    (c)  To provide for the effective and efficient enforcement of the banking and insurance laws;
    (d)  To expand the attractiveness and competitiveness of the state charter for banking institutions and to promote the conversion of banks to such status;
    (e)  To promote and provide for the continued, effective state regulation of the insurance industry;
    (f)  To provide for the regulation of new financial services products;
    (g)  To promote the prudent and continued availability of credit, insurance and financial products and services at affordable costs to New York citizens, businesses and consumers;
    (h) To promote, advance and spur economic development and job creation in New York;
    (i)  To ensure the continued safety and soundness of New Yorks banking, insurance and financial services industries, as well as the prudent conduct of the providers of financial products and services, through responsible regulation and supervision
    (j)  To protect the public interest and the interests of depositors, creditors, policyholders, underwriters, shareholders and stockholders;
    (k)  To promote the reduction and elimination of fraud, criminal abuse and unethical conduct by, and with respect to, banking, insurance and other financial services institutions and their customers; and
    (l) To educate and protect users of banking, insurance, and financial services products and services through the provision of timely and understandable information.

    In other words, the main purpose of the Financial Services Law was simply to consolidate the banking department and insurance department into a single agency (the Department of Financial Services) and to help these industries remain competitive in the state.

    Setting aside for now the cynical notion that the DFS just might be meeting these obligations by trying to kill bitcoin with the BitLicense, it is plain that the DFS authority extends only to the banking industry and bank-like financial products and services (as defined above). The authority to regulate virtual currency and virtual currency business activity outside the banking industry is found nowhere in the relevant New York statutes.

    Even if, for the sake of argument, the DFS did have the statutory authority to enter this new sphere of virtual currency business activity, the proposed regulations still go too far.

    Those who study bitcoin understand that its use as a virtual currency is only one of a multitude of actual and potential uses that are not inherently financial products or services (e.g. domain name registration, smart contracts, and notary services). Yet, the DFS does not distinguish between these non-financial uses of the technology. Instead, any business utilizing the blockchain could be found by the DFS to be engaging in the transmission of a virtual currency as defined in the proposed regulations.

    For example, if a New Yorker uses a service that assists him/her in transferring a fraction of a bitcoin to establish proof of existence on the blockchain for some digital creation, they have engaged in a transaction that would require a BitLicense, despite the fact that nothing about the business arrangement is financial in nature. Taking the example a step further, suppose that digital creation was valuable and worth over $10,000.00 at the time the transfer was made. Under the BitLicense scheme, the DFS could argue that the transfer requires compliance under the anti-money laundering provisions of the regulations due to the value ostensibly transferred on the blockchain.

    There are far more examples of this type of non-bank, non-financial use of bitcoin/blockchain technology than there are for virtual currency uses. Yet, the DFS, through its flawed proposal, is seeking to rake it all in.

    The DFS cannot unilaterally extend its reach into the virtual currency sphere without the New York legislature first authorizing it to do so through new legislative action. The state agency does not have the subject matter jurisdiction that the BitLicense proposal, as written, would require. Simply put, the DFS is utterly without statutory authority to proceed in the proposed manner, and the BitLicense would be ultra vires and unenforceable.

    Not only does the DFS lack statutory authority to issue BitLicenses, doing so would be an unreasonable interference with interstate commerce as every transaction on the blockchain is, by its very nature, an interstate activity. I will cover this argument next week in Part II.

    Read More
  • 45 Comments
    4,603 views

    DEA Seizes Bitcoin: Seizure Points to Earlier Mistaken Identity

    August 29th, 2014 by Brian Cohen

    Hi Brian. William Suk here. I just wanted to say that your article popped up in my feed just now -- I'm an occassional editor. Great reporting. I always like your stuff. I have one small editorial suggestion -- put your claim front and center in one or two lines at the start of the piece. (I know it's partially in the title.) You began by mustering your evidence, and it's a great narrative, but I think it would be good to tell readers immediately what the newsworthyness is. Something like "The DEA has been implicated in a case of mistaken identity during its recent bitcoin seizure." Then tell your story.

    You know, I have been interested in this idea of confiscated bitcoin. From a sociological viewpoint it is very interesting to me that the Silk Road coins makes the US government a major "stakeholder" in Bitcoin. It's one of the largest wallets if I'm not mistaken. You would know better.

    Also, the DEA's reticence to release information is not surprising. My suggestion: FOIA the heck out of them. The FBI, NSA and other agencies could have carried out bitcoin siezures as well. I've done a couple of FOIA requests with other agencies and I'd love to get my hands dirty with the DEA.

    The Drug Enforcement Agency(DEA)appears to be involved in a case of mistaken identity in regards to last year's Bitcoin seizure. A new seizure notice that was just issued with an identical wallet address which had previously been listed as belonging to "Eric Daniel Hughes" now is associated with an "Unknown" user.

    On June 23, 2013 I broke the first ever Bitcoin seizure story with Let's Talk Bitcoin Editor in Chief Adam B. Levine and his crack team of investigators Dan Roseman, David Perry, Justus Ranvier and George Ettinger.

    The article, Users Bitcoins Seized by DEA garnered international coverage and initially ran on LTBs Tumblr.

    The article began:

    The Drug Enforcement Administration posted an Official Notification that Bitcoin (i.e. property) belonging to Eric Daniel Hughes was seized for forfeiture pursuant to 21 U.S.C.

    Read More
  • 48 Comments
    1,533 views
    Categories: Columns
  • 86 Comments
    4,259 views
    Categories: Guest Blog

    FoldingCoin: Mining for Medicine at Home

    August 27th, 2014 by Robert Ross

    Original (dhimmel):

    My name is Robert Ross and I am the founder of FoldingCoin (http://www.foldingcoin.net). This story I am about to tell will sound very familiar to other BTC and ALT miners but for those who always wanted to mine but never could, please read as you will like the possibility of perhaps being able to mine a coin.

    When I first heard about Bitcoin the date was March 19th 2013 and Bitcoin was trading around $57 per each BTC. The thing was, I didnt even care about the price at the time. I was so interested in my friend telling me about the qualities that BTC had to offer. Even though I have been in the IT world for years I had never even heard of the concept of grid computing. I was completely inspired by this new technology that after talking about it with my friend for about 3 hours, we saw the time was only 8:30pm, so we headed down to an electronic store and bought ourselves 2 Radeon HD 6970s and started mining our first Bitcoins at around 3 oclock in the morning.

    Then all we talked about was how great Bitcoin will be for the word, until the great day of April 9 when the price started to go crazy. We then went out and got another new computer with 2 Radeon HD 7950s going because we saw the potential of making money. From that time until July 2013 we went from mining BTC to ALT coins because of the ASICs. But as all you other miners know, the ALT coin game ended around March for GPUs and CPUs when the Scrypt ASICs came out. So in March I turned my rigs (totalling 34 GPUs and 8 CPUs) off and looked for a new solution. Then for the first time I discovered grid computing outside of Bitcoin.

    I first found a site called BOINC http://boinc.berkeley.edu/ and I was instantly hooked on research. Apparently Bitcoin was not the first grid computing project out there. BOINC offered hundreds of different projects ranging from finding aliens to creating medicines. I thought this might be the answer. After I installed BOINC on my machines, I learned that most projects were not ATI friendly (most miners will have ATI cards) and the installation was not as user friendly as I would have liked for a general PC user.

    Then I discovered a different project not on the BOINC platform that was called Folding@Home http://folding.stanford.edu/, which only worked on one project, and which folds proteins for medical research. It takes your CPU and GPU power to simulate the folding of proteins in your body, which helps medical researchers better understand how different proteins work. This work can lead to the development of new medical papers and new medicines used for all of humanity http://folding.stanford.edu/home/faq/faq-diseases/. Because their focus is on one project, the development of their program is further along than most BOINC projects. It is easy to set up, with little configuration, and the development team seems to be significantly stronger at Stanford than at other BOINC projects. Within five minutes of setting up the folding program on all my rigs, I was folding proteins.

    This led me to an idea. Why not distribute a CounterParty asset to those that fold on the network? So me and my team have created FoldingCoin (FLDC) http://www.foldingcoin.net. The advantages of this can be far greater than having an ALTcoin with its own blockchain.

    Since FLDC shares the bitcoin blockchain, folders rely on Bitcoin and CounterParty developers to introduce new updates to the coin, such as security, stability, and GUI. This allows our team to not focus on development of the coin itself, but rather focus on the adoption, distribution, and economy of the coin.

    No energy is wasted securing a blockchain, all resources can be used strictly for Folding@Home work units.

    The only chance for a 51% attack is if it happens to the Bitcoin network. BTC miners approve the transactions

    When you send FLDC to another wallet you are also sending a small amount of BTC in addition to FLDC

    Distribution has been locked by the CounterParty protocol ensuring that even the developers of the coin cannot introduce more into the market

    Possibility of having holders of FLDC to vote on different changes to the coin, similar to how SWARM has holders vote on company decisions.

    This is not only a coin, but an alternative to traditional mining. And for those that always wanted to mine but never could, you now can take any CPU (yes even a pentium III) and begin to help Stanford reach its goal of 1 million computers (at the time of writing 170,000 computers are connected http://folding.stanford.edu/home/) because even if you do not produce nearly as much as some of the top folders on the team, your CPU is still essential in creating one great big grid computing system. The value backing FLDC is the fact that it represents a certain amount of time spent doing computational work for the Folding@Home Network. Most coins contribute only a blockchain that will die after awhile to the world, FLDC offers something else.

    Our team is also currently developing a use for the coin, and that is to become the currency of MeetUp.com groups. We are still working hard on how to make this happen, but the general idea is, that since most everybody has a computer, this coin can easily be created by anyone a part of any MeetUp.com group. FoldingCoin.net will give any MeetUp group 10,000 FLDC (from our personnal funds) to any MeetUp organizer that wishes to implement this program in their MeetUp. FLDC can be distributed to members as organizers see fit. Perhaps they give 100 FLDC for attending a meeting, or 200 FLDC for bringing a friend. Maybe even 1000 FLDC for bringing a professional speaker to their meeting. Since each MeetUp is unique the rewards program may vary, but we are working on a general guideline. And this is not to be limited to just crypto MeetUps, if this is used by any MeetUp it will not only help create medicines for Stanford, but help the adoption of BTC and FLDC.

    This also gives a chance to eliminate cryptoswitching that hurts the difficulty of each ALTCoin. Since there is no blockchain and difficulty, once you fold with Stanford there is no other coin that you can switch to automatically. And Folding@Home has an established amount of folders, besides the BTC network, it is the larger grid computing system in the world. And bringing all miners to their program can as much as triple their current network.

    Please consider helping to join our team and create medicines that will help all of humanity and help make FLDC a great coin. Even if you dont want to fold please consider buying FLDC off of those that have them to show that you support the fact that they fold. Email me at rross@foldingcoin.net with any questions. Thank you everyone for being the greatest online community in the world!

    Read More
  • 137 Comments
    6,329 views
  • 66 Comments
    2,801 views
  • 83 Comments
    6,137 views
  • 66 Comments
    3,577 views
    Categories: General, Legal Activity

    The Blockchain, the BitLicense, and the High Costs of Compliance

    August 22nd, 2014 by wildjo

    Editor and proofreader: Cheryl Copy of original:

    Since the release of the proposed New York Department of Financial Services (DFS) BitLicense regulations on July 23, 2014, the crypto community has been concerned, but there hasnt been enough discussion of the specific implications such regulation would have. Its about time we put some flesh on those bones. Specifically, what would compliance with the regulations as written actually cost?

    The goal of this post is to provide some answers, but, first let me tell you a quick story about how I started thinking about it.

    The other night found me alone, sitting in my favorite chair, watching transactions in the bitcoin blockchain. It was a slow night, but my expectations were low.

    I pulled up the Blockchain.info block explorer and focused my screen on the flow of current transactions. I have to admit, it was somewhat enchanting to watch the constant stream of bitcoin commerce. Satoshi really gave us something to marvel at here.

    It wasnt long before the first large transaction rolled through. And they kept coming, and they kept getting bigger. After about an hour, I had seen everything from a $0.00 transaction with a $0.10 transaction fee to a $775,000.00 transaction with a $0.05 transaction fee.

    The blockchain statistics indicate that $800.00 was the average transaction amount during the twenty-four hour period in which I was watching. This was far higher than I had previously assumed. Clearly, a lot of value is moving effortlessly (e.g. cheaply) through the blockchain, which is precisely why the DFS wants to get involved.

    And this brings us to one of the meatiest and costliest parts of the proposed regulations.

    Section 200.15 requires all regulated entities to implement a full Anti-money laundering (AML) and U.S. Treasury Office of Foreign Asset Control (OFAC) compliance program. In subsection (d)(2), the regulations require a licensed entity to report within twenty-four hours all transactions (whether individual or cumulative) that exceed $10,000.00 in a single day. Subsection (g)(4) goes further and requires that a licensed entity track single transactions that exceed $3,000.00, with the implication that such transactions are suspicious. Subsection (d)(3) requires the immediate reporting of any suspicious activity regardless of dollar amount. This may not seem that bad or that costly, but I assure you it is.

    During my night in the blockchain, I conducted a very informal and unscientific test. I set my timer for three minutes and counted all the transactions greater than three thousand dollars during that time. After multiple rounds, the average was fifteen, with half of those being greater than $10,000.00. This would theoretically translate into a total of 7,200 transactions per day that could be subject of either a Currency Transaction Report (CTR) or Suspicious Activity Report (SAR). Thats well over two and a half million reports per year, and bitcoin is just in beta! Its a staggering amount of paperwork for bitcoin businesses to produce and for the regulator to actually make use of. But what would it cost?

    There is very little detailed information in the literature regarding AML compliance costs. One 2005 study estimated that regulated entities in the United States spent $1.8 billion (yes, thats a b) in annual AML compliance costs.1 The Financial Crimes Enforcement Network (FinCEN), reports that there were 15.8 million AML compliance reports filed in 2005.2 Doing some simple math for a down & dirty estimate suggests that each report filed in 2005 cost regulated industry $114.00. That kind of makes you feel bad for the banks until you realize that they simply pass those costs on down to us, which is exactly what the bitcoin community would have to do with this potential $820,000 daily bill.

    While possibly generating the greatest financial burden on the bitcoin space due to day in and day out application, Section 200.15 is not the only section to impose significant costs on BitLicensees.

    Section 200.5 requires that each BitLicense applicant submit a nonrefundable application fee. The proposed regulations dont state any amount, leaving it up to the discretion of the DFS, but we can make an educated guess. Every other market-entry license issued by the DFS requires a $12,500.00 application fee. Its no stretch to assume that the BitLicense will cost an equal amount.

    Section 200.4(a)(4) requires background checks for each Principal Officer and Principal Stockholder. In the New York market, these background checks run $650 a pop.

    Sections 200.14(a) and (b) require the submission to the DFS of quarterly financial statements and audited annual financial statements. It is the latter one that is the most costly. I recently had a moderately sized corporate client contract for their first audited financial statement and the final bill was around $35,000.00. Recall that this would be an annual expense under the proposed regulations.

    From here on out, estimating costs get a bit more speculative.

    Section 200.8(a) requires that each BitLicensee be sufficiently capitalized to ensure financial integrity. The sufficient amount of capital is solely determined by DFS. It could be a little number. It could be a big number. Your guess is as good as mine, but only the DFS guess counts.

    Section 200.9(a) requires that each BitLicensee maintain a bond or trust account in an amount acceptable to DFS. Again, it could be a little number. It could be a big number. Your guess is as good as mine, but only the DFS guess counts.

    Section 200.13(a) requires that each BitLicensee submit to biannual examinations. It is not quite clear what this would exactly entail, but it is a safe bet that each BitLicensee will want to prepare, which means accountant and legal costs, as well as lost opportunity costs associated with staff devoted to compliance rather than engaged in direct market making activity.

    Last, but not least, Sections 200.16(c) and (f) requires each BitLicensee to employ sufficient cyber security personnel, including a Chief Information Security Officer. Sections 200.16(d) and (e) require an annual cyber security audit by a qualified and independent third-party. The way these regulations read, one person isnt going to be able to be a jack of all trades and wear multiple regulatory hats. These regs require dedicated cyber security staff and third-party consultants, and both are expensive.

    We have now covered all of the vaguely enumerated costs of compliance contained in the proposed regulations. These are big, daunting numbers: $12,500 just to apply; $35,000 annually for an outside audit; $114 for each AML report (and you better be liberal in your reporting so as not to miss something and risk being assessed a penalty); $650 for each background check of each executive staff or investor; obtaining sufficient capital; posting sufficient bond; and on and on. But, theres more to it.

    Each applicant will necessarily incur the general consulting costs of developing all of the policies and procedures required under the proposed regulations, as well as preparing all of the disclosures, background information, business practices and strategy descriptions, marketing plans, advertising samples, etc., etc. that are also required to be disclosed with the application. In other words, there will be significant costs for simply putting the multi-layered application together. Lawyers and accountants will charge a lot of money for their guidance. Industry data shows that the average associate attorney in the New York market charges $400.00 per hour (with partners pulling in $1,000.00 or more). In a specialized field such as bitcoin licensing, you can assume that the fees are going to be above average. Even the smallest of the potential BitLicensees should plan on thousands of dollars to simply put the application together, with larger ventures approaching six figures. These will be sunk costs with no guarantee that the application will ever be approved.

    It should be clear at this point that the proposed DFS regulations would not simply make business in the bitcoin space do a lot of unpleasant stuff; they are going to make businesses in the bitcoin space pay a whole lot of money to do Them. That will have two consequences: it will set up obstacles to entering the space that only the most resource rich players can afford; and, it will introduce financial friction into the system and increase transactions costs. There is a strong argument that these consequences are antithetical to the fundamental principles underlying the bitcoin protocol. The crypto community has cause for concern.

    Sources:

    1. Yeandle, Mark, et al., Anti-Money Laundering Requirements: Costs, Benefits and Perceptions, June 2005
    2. FinCEN Annual Report Fiscal Year 2005

    Cover image courtesy of LittleShibe.

    Read More
  • 56 Comments
    3,412 views
  • 42 Comments
    10,831 views
    Categories: Guest Blog

    How many bitcoins does it cost to maintain the Bitcoin network?

    August 21st, 2014 by Tim Swanson

    Let us be quite clear: if Bitcoin was a cheaper or more efficient transaction method, for-profit organizations such as large payment processors would have forked it long ago and would likely already be using it internally in order to shore up their margins. They do not because it is not cheaper, in fact, it is significantly more expensive to maintain than any of a number alternative centralized methods (e.g., running MongoDB on a Pi server.

    The bottom line to them is that the marginal value in these centralized solutions has to be greater than the cost of maintaining it (MV>MC) otherwise none of the companies would be able to generate a profit. As described below, Bitcoin currently does not fulfill that characteristic.

    Read More
  • 30 Comments
    1,461 views
    Categories: Columns
  • 35 Comments
    6,402 views
    Categories: General, Guest Blog, Columns
  • 120 Comments
    5,106 views
  • 20 Comments
    3,989 views

    We Talk, Share, Create, Exchange, and Resolve: Decentralized Autonomous Society

    August 19th, 2014 by Alchemi

    New Editor: Crystal Editor: Cheryl

    Decentralized autonomous society empowers individuals by rewarding innovation through sharing, distributed ownership and abundance. By sharing innovative ideas we can build a much better, fair, transparent and innovative society which is based on group consensus rather than a society enforced by rules and regulations.

    Therefore for any society to operate on complete autonomy, it should have these 5 major components or in other words the 5 pillars as its foundation. I would like to explore these components and provide a bird's eye view of how decentralized autonomous society can thrive.

    • Decentralized Communication to talk
    • Decentralized Collaboration to share ideas and designs
    • Decentralized Creation to manifest goods and services
    • Decentralized Exchange to barter goods, services and resources
    • Decentralized Arbitration to resolve conflicts

    Decentralized Communication and Privacy

    Establishing privacy in our communication channels is the first and foremost priority in order to be self-autonomous and free. Without private correspondence we cannot strive to build a free autonomous society. Privacy enables an individual to be free as a self autonomous entity and thus empowering the society as a whole to be self autonomous.

    Why mass surveillance is a violation of Article 12 of Universal Declaration of Human Rights of United Nations?

    No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks.Source

    Mass digital surveillance in any form is an arbitrary interference of privacy and correspondence. Therefore it is a gross violation of human rights. On December 19 2013 the United Nations passed a resolution backing the right to digital privacy.

    Deeply concerned that electronic surveillance, interception of digital communications and collection of personal data may negatively impact human rights, the United Nations General Assembly has adopted a consensus resolution strongly backing the right to privacy, calling on all countries take measures to end activities that violate this fundamental tenet of a democratic society.Source

    we can hardly trust any third party to keep our information safe and secure because of conflicts of interest such as maximizing profits and legal obligations to local jurisdiction. The E-mail privacy can only be achieved through decentralized peer to peer communication.

    How does Bitmesssage enable E-mail privacy?

    Bitmessage is a P2P communications protocol used to send encrypted messages to another person or to many subscribers. It is decentralized and trustless, meaning that you need-not inherently trust any entities like root certificate authorities.Source

    Bitmessage protocol implements two major features which are storing the information in peer nodes for a limited period of time and encrypting the message end to end. Thus it is extremely difficult for anybody to intercept the information.

    Bitmessage is not the only open source tool that enables digital privacy as there are many other tools which serve similar purpose. One such tool is known as Tox which fascilitates instant messaging and video calls.

    Tox is a free and open-source, peer-to-peer, encrypted instant messaging and video calling software. The stated goal of the project is to provide secure yet easily accessible communication for everyone.

    Decentralized Collaborative Sharing vs Centralized Hiding

    Let us imagine a cave man discovered how to make fire to keep him warm and cook food. If he did not share his discovery and decentralized the concept of light and warmth but instead claimed intellectual property right on how to make light and heat, I do not think I would be able to type this article in a markdown format and share my vision with all of you today. The moral of the story is to let your light shine. It would be nothing but an absurdity for anyone to claim a patent right on how to make light and heat because inventions and discoveries are nothing but an innovative improvisation of a priori.

    There is nothing wrong in awarding compensation for inventions and discoveries. But it should rather be awarded to the collective for decentralized collaborative sharing than compensating global monopolies such as corporates for centralized hiding.

    In 1742 Benjamin Franklin invented a new type of stove for which he was offered a patent. Franklin refused it arguing in his autobiography

    we enjoy{ed} great advantages from the inventions of others, we should be glad of an opportunity to serve others by any invention of ours. source

    In similar veins Linus Torvalds could not afford to buy propriatiary Unix so he created Linux kernel and released the source code under GPL Licence so that it can be used for similar purpose and to empower others.

    Why is Linux kernel a success story even though it defied the conventional knowledge of the academic paradigm?

    Decentralized collaborative sharing enabled the success of Linux kernel.Thousands of ordinary people shared small pieces of code known as patches. Linus Torvalds designed and developed a tool known as git. This open source tool enabled the decentralized collaborative sharing by managing a distributed revision control archive and Linus along with his team merged the patches with the kernel.

    But the irony is that thousands of ordinary people who contributed to the Linux kernel walked away without a penny and the monopoly corporates such as Redhat and Google reap billions of dollars today in profits thanks to Linux kernel. It is neither fair nor ethical but it bootstrapped the open source movement because they don't want to kill the goose that lays the golden eggs.

    Open source tools that enables decentralize collective sharing

    Even though there are many tools that enable decentralize collective sharing I would like to highlight only two tools. One is git which enables to develop open source software by means of decentralize collective sharing and contribution of source code which I have discussed before. And the other one is Twister which is a hybrid of two peer to peer technologies such as Blockchain from Bitcoin and DHT from Torrents.

    Twister is a social microblogging peer to peer network such as twitter but is based on decentralized peer to peer network. It enables decentralized sharing of ideas and concepts without being tracked or compromising your digital privacy. It creates and authenticates users using Blockchain and stores the data using Distributed Hash Table (DHT)

    What is the issue with Centralized Hiding?

    By enforcing centralized hiding such as intellectual property rights on the masses, it leads to a situation where the benefits are funneled to the 1% at the cost of 99%. It also impedes innovation resulting in stagnation and scarcity thus empowering the few to control the many. For example if there are 7 different brands of cars and there is a billion of each brand, controlling and manipulating one of each 7 brands will be easier than controlling each of the 7 billion different cars. Control, manipulation and corruption are applicable to finite sets of numbers. They are of no relevance to infinite set of numbers.

    An example of a centralized hidden archive is the vault below the Vatican which runs for more than 52 miles and hoards vast collection of knowledge dating back 10000 years from various libraries from around the world such as Alexandria.

    Knowledge is power when applied, but is wisdom when shared. Power corrupts but wisdom redeems.

    Decentralize Creation and Abundance

    Let me clarify the key difference between creation and cloning. Creation is the process of manifesting our shared ideas and design into a physical or readable form. Cloning on the other hand is a process of producing photocopies of someone's design using it as a template. Creation can also be compared to writing your own book or novel but production is photocopying a book written by someone else.

    In a decentralized creation the value is based on network effect and abundance. Let us consider LTBcoin for example, the value of the coin will increase provided more people use the LTB network and the network creates higher quality content. Thus the value is not based on scarcity but is based on abundance. The decentralized creation operates on the principle of abundance, the more the better as we do not produce but we create.

    On the other hand, centralized production operates on the principle of scarcity of innovation, the lesser the better. This is because we do not create but we clone someone's design which resides in a centralized hidden archive. We are forced to pay a patent fee for the clone even though someone has the knowledge to design and create their own car.

    For example if we consider a centralized car manufacturing industry, the value of the car is directly proportional to the quantity that has been produced.Ford is a cloned mass produced car based on a single template.Even though there are million clones they have less value because they are not original, creative or innovative.

    Let me give you another example even though someone has the knowledge to use one of the open source software distributions like Ubuntu, every time he buys a new laptop or computer he is forced to pay the license fee for Windows which has its source code residing in the centralized hidden archive which the buyer has no access to.

    Decentralized exchange of goods, services and resources

    Any exchange involves two major transactions. We sell what we create and we buy what we need.Peer to peer payment system enables individuals to pay directly to the producers bypassing the middlemen. This enables the producers to have a better profit margin and the consumers to have better value for their money. One such example is OpenBazaar.

    OpenBazaar is an open source project to create a decentralized network for peer to peer commerce onlineusing Bitcointhat has no fees and cannot be censored.Source

    Lets say that you would like to sell vegetables from your garden. Using the OpenBazaar, you create a new listing on your computer with details of the vegetables and quote for the price in Bitcoin. When you publish that listing, it is sent out to the distributed p2p network of other people who use OpenBazaar. Anyone who searches for the keywords such as local vegetables will find your listing. They can either accept your price, or offer up a new price.

    If you both agree to a price, OpenBazaar creates a contract with your digital signature and sends it to an entity called a notary. In the case of a dispute an arbiter can be brought into the transaction. There is no third parties involved. The notaries and arbiters are also part of the distributed p2p network who the buyer and seller trust in case something goes wrong. The notaries and arbiters witness the contract and create a multisignature Bitcoin account that requires two of three people to agree before the Bitcoin can be released.

    Decentralized distributed exchange can also empower individual innovation at a personal level through crowdfunding. Crowdfunding in turn enables decentralized distributed ownership.

    Crowdfunding is the practice of funding a project or venture by raising monetary contributions from a large number of people, typically via the Internet. One early-stage equity expert described it as the practice of raising funds from two or more people over the internet towards a common Service, Project, Product, Investment, Cause, and ExperienceSource

    How decentralized distributed ownership is different from stocks and bonds?

    Decentralized distributed ownership enables individuals to directly own a company but not through third parties like stock brokers or banks. The dividends are paid directly to the individual owners of the company. Distributed ownership can enable all the 7 billion people of this planet to own one single company directly without any major issues or downsides.

    The funds raised through bonds are invested in public infrastructure projects such as roads, rails, bridges etc. The decentralized distributed ownership enables individuals to directly participate in the public infrastructure projects without the need for bonds.

    Decentralized Arbitration

    We as individuals each one of us is a sovereign. We are not a person but a sovereign, which is a basic right granted by the Creator. We exist simultaneously in a parallel multiverse which has many domains or dimensions that exist in parallel but we are aware of only one domain. These are some of the practical implications of the Multiverse hypothesis.

    We can only be tried in any jurisdiction as a person. We consent to be represented as a legal person to be tried in a court of law in a temporal domain. A person is a legal entity such as a limited liable company which can be tried by any jurisdiction. The purpose of a legal entity such as a person is to limit the liability to this temporal domain.

    We can create our own rules without involving any third parties to arbitrate and abide by them as a sovereign as long as the rules are consented by the counter party and are not violating the common law or natural law. This is made possible by the application of smart contracts.

    Smart contracts are computer protocols that facilitate, verify, or enforce the negotiation or performance of a contract, or that obviate the need for a contractual clause. Smart contracts usually also have a user interface and often emulate the logic of contractual clauses.Source

    What is Temporal Jurisdiction?

    As a sovereign, if anyone prefers litigation rather than decentralized arbitration, then they should be at liberty to exercise their freedom to choose their temporal jurisdiction in order to resolve their conflicts.

    When Ethereum started the first round of crowd funding the funds are managed by a company incorporated in Switzerland. The developers of Ethereum had the freedom to choose their legal jurisdiction of sale and thus are accountable to the laws of Switzerland but not accountable to the temporal jurisdiction of Canada or USA. This is a classic example of exercising their freedom to choose their temporal jurisdiction in order to resolve their conflicts in future.

    Disclosure

    This article is meant for informational purposes and is not an endorsement. Articles published on the LTB network are the authors personal opinion and do not necessarily represent the opinions of the LTB network.

    Further Reading

    https://en.wikipedia.org/wiki/Email_privacy

    https://bitmessage.org/bitmessage.pdf

    https://en.wikipedia.org/wiki/Tox_(software)

    https://en.wikipedia.org/wiki/Git_(software)

    http://twister.net.co/

    http://www.youtube.com/watch?v=9vZpNQUIqIg

    https://en.wikipedia.org/wiki/Multiverse

    https://www.ethereum.org/

    Read More
  • 46 Comments
    2,345 views
    Categories: General

    An Overview of Applications that Could Be Empowered by Bitcoin

    August 18th, 2014 by Jonathan Silverblood
    edited by denise 8/8/2014
    Please note that author wants to submit recording to release simultaneously with blog.

    "After editing, before publication, I would like to have the article recorded so it an be released with an audio recording attached. Please do not publish it before I have had a chance to get it recorded. (but you're more than welcome to do all edits so I get a final version to record.)"
    Read More
  • 58 Comments
    3,074 views
    Categories: General

    Counterparty, Dogeparty, and Why the Term 'Burning' Gives the Wrong Impression

    August 18th, 2014 by Rob
    Rob's Note: I changed the references to "simply" Cheryl and I discussed via DM. That's all I changed. Thanks!

    Original (editor: dhimmel; proofreader: cheryl):

    The world of cryptocurrency has progressed to a state where practically anyone can create their own cryptocurrency. With only basic experience using Bitcoin or Dogecoin, it is easy to create blockchain-based tradable digital-tokens, thanks to the Counterparty protocol, and its brand new implementation called Dogeparty.

    How does Counterparty work?

    The Counterparty protocol allows users to create and trade their own cryptocurrency tokens. Users do this with a wallet dedicated to sending and receiving Counterparty messages on the Bitcoin blockchain. The messages are broadcast by sending very small amounts of Bitcoin, coupled with Counterparty data. Only the owner of the private key for a Bitcoin address can send a Counterparty asset, and the complete history of counterparty transactions is as secure as the blockchain it runs atop (the Bitcoin blockchain, in the case of Counterparty, or the Dogecoin blockchain, in the case of Dogeparty).

    Burning isn't wasting

    The coin that acts as the fuel for the Counterparty system is XCP. The developers decided the most fair way to distribute XCP to those who saw the value in the Counterparty protocol was to allow people to acquire it for Bitcoin. People who wanted to own XCP sent Bitcoin to an address that has no private key, so all Bitcoin sent to that address was gone forever. But it was not wasted. It was effectively transformed, at a given rate of exchange, into XCP, which was distributed to each address that contributed Bitcoin. This process is referred to as burning, and it is often panned as a wasteful destruction of a coin and its value. However, the destruction of value in one coin sprouts new value in another coin, so the net effect is transformation, not destruction. Proponents see this method of coin-creation as the least corruptible way to launch a new platform; it removes major greed motive, and thus also removes the potential skepticism inherent to new platforms that provide huge fundraising windfalls to the development team.

    Why Dogeparty?

    Many people have jumped on the Counterparty platform, as it is the first easily-accessible way to create tokens that leverages the inherent security of the Bitcoin blockchain. For example, the Let's Talk Bitcoin ecosystem is currently run on a Counterparty asset called LTBCOIN. While the Counterparty protocol is relatively cheap to use, the costs add up when there's a lot going on. That's because each transaction requires sending Bitcoin and enough in miner's fees to make sure the transaction is recorded to the blockchain. Thus, any time you send a Counterparty token, you need to send a base-level of Bitcoin. Recently, the Counterparty developers decided to create a version of their protocol that would live on the Dogecoin blockchain. That not only reduces the transaction fees to less than 1% of the those running on the Bitcoin blockchain, it also allows for much faster transactions. Now, anyone who wants to experiment with asset creation on the Counterparty protocol can do so for pennies! 

    The Dogeparty protocol uses XDP as the native unit for the system, instead of XCP used for Counterparty. If you want to create your own assets, you need XDP, plus some Doge (as you must send Dogecoin to carry the date for the Dogeparty transaction). Because the Dogecoin protocol just launched, the "burn" period is still in effect, so you can acquire XDP by using the Dogeparty Wallet to send Doge to a specific non-recoverable address. I've seen this process interpreted as a non-sensical wasting of Dogecoin, as an artificial attempt to prop up the overall Doge platform. But that overlooks the fact that people are converting their Doge into XDP, because they believe in the potential of the Dogeparty platform. After seeing how well Counterparty has worked on the Bitcoin blockchain, it is not surprising there's excitement about Dogeparty, even for people who have never been involved with Dogecoin.

    Counterwallet & Dogeparty Wallet

    One thing you'll immediately notice is how easy the developers made it to get started with their web wallets. Simple go to counterwallet.co or wallet.dogeparty.io, click the button to create a wallet, and save the pass phrase you are given. That's it. People can send you asset tokens on the platform, or you can create your own assets, provided you have the native coin (XCP or XDP) and some Bitcoin or Dogecoin to send in tiny amounts, to carry your token transactions. Once you have both the native token and the blockchain currency in your new wallet, you simply go to Address Actions, and click "Create a Token (asset)," and fill in a handful of details about the asset. Note that the asset name land-grab has already begun on both platforms.

    When you have a wallet running in your browser, it is not simply a connection to a Counteryparty server. Once the wallet is launched, your browser is actively a javascript wallet. Thus, trying to log into your wallet from a second computer, when the wallet is already open on another computer, can cause problems (fortunately, the wallet warns you if you try to do this).

    Risks

    This is all experimental (for that matter, even Bitcoin is technically still in Beta). It is certainly possible there are bugs or exploitable flaws in both implimentations of the Counterparty protocol. Of course, the hashing power securing the Dogecoin blockchain is but a tiny fraction of the hashing power securing the Bitcoin blockchain. And, unlike Bitcoin's trend of ever-increasing hashrates, Dogecoin's hashrate is well off of highs reached in February of this year. So there's a lot more risk of a 51% attack on Doge. Such an attack could render recent transactions (of Doge or Dogeparty assets) invalid, but Dogecoin and Dogeparty assets still couldn't be spent without having the private key for a particular address. Counterparty's original flavor, running on the Bitcion blockchain, appears to be much more secure from 51% attack, as its hashrate eclipses all others.

    Perhaps a greater risk is that most users are using the online Counterwallet or Dogeparty Wallet. All that's required to access either wallet is a passphrase, because two-factor-authentication has not been implemented yet. Many people would not feel comfortable with their tokens being so accessible if their computer (or password itself) was compromised, so I hope 2FA will be added to the online wallet soon. There are also offline wallets offered that can be complied by users, but it is unclear how many people will utilize these much more technical wallets. If you're about to put any serious value into a Counterwallet or Dogeparty Wallet, or base an important project on these protocols, an offline wallet is the safe way to go. 

    Bottom line

    These are very exciting technologies that bring nontechnical cryptocurrency enthusiasts the ability to create their own asset tokens, at a very low cost. And that doesn't scratch the surface of these protocol's more complex abilities, or explore interesting uses that may develop on top of these platforms. If you have any desire to experiment with these platforms, now is your chance to dive in as an early adopter.

    Disclosure: I own small amounts of XCP and XDP. Note that implications of trading in these new tokens may be a tax headaches for those who attempt to be 100% compliant with outdated tax regulations. Read More
  • 34 Comments
    2,672 views
  • 22 Comments
    3,967 views
    Categories: Columns

    Security in Decentralized Domain Name Systems

    August 17th, 2014 by mike ward
    Editor #1: William
    Editor #2: Cheryl
    Proofreader/publisher: Cheryl

    The first article in this series compared the Domain Name System (DNS) to a phonebook. In this analogy, DNS is a directory that allows you find computer addresses from domain names just as people's names can be looked up in a phone directory to find their phone numbers. DNS enables us to translate "LetsTalkBitcoin.com" into the computer-friendly IP address "66.175.222.204".

    This article discusses the system's security. It will explain how the existing DNS system is prone to malicious attacks, and suggest how decentralized solutions increase security.


    DNS Security in the Age of the Blockchain

    The current Domain Name System was designed with reliability in mind, not security. It was designed in a different era, when packet switched networks were still a novel idea. Indeed, DNS is easily compromised, and is now a prime target for attack. For example, the government of Turkey recently forced local ISPs to redirect all traffic for twitter.com to a government site by changing the DNS entries in their nameservers.

     

    Our current DNS has many intermediaries, called nameservers where traffic can be intercepted or tampered with. Blockchain based DNS reduces the number of queries to nameservers. That's because many domains are associated with IP addresses in the blockchain, so no other servers need to be consulted.

    A huge problem on the Internet is man-in-the-middle (MITM) attacks. In MITM attacks, the "bad guy" is positioned between users and the site being accessed. This allows the attacker to return fake data in order to to divert users to malicious sites.

    Blockchain-based DNS makes significant improvements to the existing system. Most importantly, the process of resolving a domain name and verifying the credentials of the destination server will be greatly simplified and substantially more secure. All the information needed to resolve a domain name will often be found in the blockchain, whereas the current process usually involves querying multiple servers. Blockchain-based DNS will also simplify the process of establishing trust between a given user and a server.

    Centralized control structures create central points of failure that constitute valuable targets for attack. We noted in a previous article how these hierarchical systems lead to troubling political problems. In this article we will briefly look at some of the security implications.


    Digital Certificates

    Let's suppose some user Mary wants to visit her bank website. How does she decide whether or not she has found the legitimate bank website? She trusts her web browser, which in turn relies on an overly complex system involving signed digital certificates.

    Mary's web browser is presented with a digital certificate from the bank website, which bolsters her belief that she is interacting with the legitimate bank website that she expected. That certificate makes the claim that this bank is indeed the site operator, by offering an assurance from the entity issuing that claim - called a certificate authority (CA). Her web browser probably decides to trust the site because the Certificate Authority is on a whitelist of trustworthy CAs, and therefore trustworthy.

    The government of France was recently caught using a fraudulent Google certificate, which is dangerous because it can be used to man-in-the-middle (MITM) Google users. How safe should you feel? Digital certificates can usually, but not always be trusted. Rather than basing security on math, the current system requires faith.

    Decentralized DNS can fix this problem by replacing the current certificate trust relationships with a much simpler scheme. The site owner can publish their own signed certificate, or the equivalent, right there in the blockchain. Only the registrant has the ability to publish this certificate because doing so requires the private key.

    See the difference? There is no need to have a third party validate the trustworthiness of a certificate since by definition only the site owner has control of this. Certificate authorities are a prime target for attack, but decentralized systems have no such authorities to rely on. There is literally nobody to attack!


    Man In The Middle

    Main-in-the-middle (MITM) attacks are a persistent problem on the Internet. MITM refers to a broad class of attacks where somebody between the two endpoints intercepts, tampers with, or redirects the traffic without the knowledge of the victim.

    For example, when Mary attempts to access her bank website she might be attacked by someone in a position to intercept this traffic. She may be tricked into connecting to a fake bank website, in an attempt to steal her username and password.

    A next generation nameserver like DNSChain will retrieve the information needed to resolve a decentralized domain name by maintaining local blockchains. Signing the reply with a private key allows Mary to know that the IP address she gets back definitely came from her chosen name server.



    On a local network like many people have in their homes or offices, a router is the perfect place for this nameserver to reside. By being so close to the networked devices it can efficiently provide name resolution to connected computers, tablets, mobile devices, smart toasters and more. By expecting signed responses from a next generation router, devices can avoid the classic MITM attack which victimizes so many Wi-fi users.


    Domain Thefts

    Domain names are stolen or hijacked all the time, often by exploiting registrar procedures for safeguarding registrants' names. A typical domain theft begins with an email account being compromised. The thief then calls the registrar to explain that they forgot the password, and requests a reset link be sent to the registrant's email address of record. Once the registrar account can be accessed, the domain name is transferred to an overseas registrar.

    In decentralized systems there is no registrar to exploit with social engineering. If there is an entity like a registrar, they cannot be made accomplices in order to change ownership data, or provide password resets. With Namecoin's .BIT domains, for example, an update operation is required to transfer ownership, which can only be accomplished by presenting the corresponding key.

    Note that spear-phishing, social engineering, hijacking email accounts, cracking registrar passwords, compromising registrar databases and other traditional tools in the domain thief's arsenal are all useless here.

    There seem to be only two ways to steal a domain name in a blockchain-based system like Namecoin; either steal the private key from the registrant, or take control of the network via 51% attack and register the domain again. The former is certainly plausible, but strategies to prevent it are straightforward, including using multiple signature (multisig) addresses.


    Eliminating Attack Targets

    The Internet Corporation for Assigned Names and Numbers (ICANN) has the authority to digitally sign the root zone, which in practical terms means they hold one of the most valuable private keys in the world. ICANN carefully guards the key used to sign root nameserver keys. Root servers store the most important data for almost all the world's Top Level Domains (TLD) like .COM, .NET and so on.

    In case that description did not make it clear, this essentially means that both ICANN and the root name servers themselves are high value targets for criminals and malicious hackers. After DDOS attacks on the root servers in 2002 and 2007, these lynchpins of the Domain Name System were made more redundant, but they remain a critical target. A threat was made in 2012, allegedly from Anonymous, to "shut the Internet down" by attacking the root servers.

    Another potential choke point is the registry operators. Recall that registries are granted the authority to operate a Top Level Domain by ICANN. They provide the APIs which allow registrars to offer domain name registration and domain management services for all conventional domain names. Attacking registry operators like Verisign, administrator of .COM and .NET, would have a severe impact on the Internet.

    Decentralized DNS avoids these problems. If all the domain data is stored in the blockchain, there is no need for ICANN, registries, or registrars. Gone in one fell swoop are all of these pressure points of the legacy DNS. Decentralized Domain Name Systems are MITM-resistant, theft-proof, and solve the whole digital certificates problem on the Internet today!



    A quick reminder, this is a multipart series on decentralizing the Domain Name System. Be sure to check back next time as we take a close look at a real, working example - Namecoin.

    If you enjoyed this article and want to show your gratitude you can do so by signing up to Lets Talk Bitcoin using my referral code: http://letstalkbitcoin.com/?ref=52b52db8

    Read More
  • 57 Comments
    10,221 views
    Categories: Guest Blog

    What we have today is not Bitcoin but BINO

    August 17th, 2014 by Tim Swanson

    [A PDF version is also available]

    Yesterday I was told by a China-based WeChat user that I was "hating on a technology" and "expending energy trying to destroy it." It being Bitcoin. This is untrue, I like some of the ideas in Bitcoin (the protocol) circa 2009 and work daily with startups to create value in this space. However, what currently is called "Bitcoin" is a shell, at most, of its former self for at leas...

    Read More