Sidechains and securityBringing extensibility and new-uses cases

back to the existing capital stock

Note: not to scale and relevant information located in Chapter 3

Cryptoprotocols through March 2014

+Sidechains

(no new scarcity race)

"First, a significant amount of work needs to be built on the “burn” transaction before it is used to claim the coins on the other chain, for the simple reason of avoiding DoS attacks. Then there is a length of time called the quieting period during which the return transaction and associated proofs are published, but not finalized, and anyone else can step forward with a reorg proof and rollback the transaction. Finally, there is a period of time afterwards analogous to the coinbase maturity where the coins are not spendable because a reorg could undo the peg transaction. So that's three different waiting periods, each of which would probably be in the range of 100 - 144 blocks, if not more. The exact parameters are not set in stone at this moment, but with that in mind we should expect a peg transaction to take at least 2-3 days to fully clear, depending on the final choice of parameters."

Mark Friedenbach explains sidechains

“Blockchain 2.0” Sidechain Plan from Austin Hill & Adam Back

Note: In theory sidechains can exist without integrating through a merged mining process

Sidechains

*Sidechains may not have 100% of the available hashrate (NMC has 80-85%)

Quadrant view

Working with mining pools to discuss further utilization and expansion of merged mining

Merged mining will create sidechains “firewalled” off from Bitcoin main

Two-way pegging via atomic transactions will enable movement between sidechains

Technical details

Sidechains might not have blocks, will include transaction fees to incentivize miners

Will take 150-200 confirmations (2-3 days) to move between

“Reanimate” / “alchemy” / temporary “burn” / Mario’s green pipe

Sidechains will be used for experimenting with expanding extensibility features including user-issued assets, smart contracts, HFT, and a plethora of financial instruments

Technical cont’d

Team made up of several Bitcoin core developers in addition to other cryptographers and programmers

Adam Back (adam3us) Mark Friedenbach (maaku) Greg Maxwell (nullc) Business end being developed by Austin Hill

Looking for practical use-cases of blockchain technology such as internal uses at enterprises and institutions, not solely related to bitcoin the cryptocurrency

Launching website soon and some production code within the next 60-90 days

Company outlook

Blockchains create a trustless system of exchange (e.g., data, value)

Yet where it ends, vulnerabilities (may) begin

Why is extending the blockchain useful?

Information security for Bitcoin is difficult

The trials, tragedies and tribulations of creating a decentralized seigniorage network, banking

system and payments platform

“To own ledger entry is to posses knowledge of private key”

Tabulating publicly reported bitcoins that were lost, stolen, seized, scammed and accidentally destroyed between August 9, 2010 and November 28, 2013:

803,285 bitcoins• Note: hard to distinguish between bitcoins

which may have also been stolen from thieves by other thieves

Bearer assets

◦ Since November 28, 2013 through April 1, 2014 5,800 PicoStocks 96,000 Sheepmarketplace 4,474 Silk Road 2 335 Pony virus 896 Flexcoin 1,454 Vircurex 950 Cryptorush 1,295 BIPS 484 Bitcash.cz 7,500 James Howell’s laptop 2,130 Proof-of-burn (Counterparty) 41,928 CryptoLocker ransomeware

◦ New total: 966,531 bitcoins

Months later

Coins stolen from mining pools (operator scalping/skimming)

Unclaimed or unused promotions and dust tips on reddit and Twitter

Coins stolen from insecure brainwallets (Naval Ravikant “Hello World”)

Dust on mining pools, exchanges and wallets

Intentional spam for taint analysis (1Sochi and 1Enjoy mid-February 2014)

Does not account for money or undisclosed bitcoins stolen off numerous exchanges in which only fiat value is disclosed (e.g. GBL platform, $4.1 million in user money November)

Ransomeware copycats (CryptoLocker 2.0, CryptoDefense)

Accidental destruction transferring to temporary addresses (i.e., many exchanges will issue new deposit addresses, sending tokens to same address even minutes later could result in permanent purgatory and/or destruction)

Marginal cases of mining and forgetting key or throwing away laptop (e.g., Stefan Thomas, James Howell). Hal Finney remembered to back-up, did you?

Jaded spouses / OTC

Other considerations to account for

In February 2014 bankruptcy filing:

Customers lost 750,000 bitcoins

Mt. Gox lost 100,000 bitcoins of its own

March 20, 2014 announcement claims they have “found” 200,000 in a wallet the company no longer used

Mt. Gox purgatory

By 2013, generally accepted belief that approximately 1 million bitcoins have been lost, stolen, seized, destroyed

Between 2010-2013 18 of 40 exchanges closed, often wiping out customer balances “Trust-me” silos

Tabulations on previous slides provide evidence this is the case Adding Mt. Gox estimates brings this to approximately

1,650,000 bitcoins◦ 13.1% of all bitcoins based on assumption of partial-recovery

If all Gox coins recovered, then closer to lower bound of 10%, if less recovered then closer to 15%

Upper and lower bound estimates

Mining estimates from ‘rutkdn’ and OnBitcoin: 1,919,950 bitcoins are stagnant on 38,399 addresses

mined between 2009-2010 Roughly half of these are known to belong to Satoshi (see

research from Sergio Lerner) Other half belong to miners who:

Hard drive broke, returned-to-manufacture and forgot to backup Mining as a hobby on old equipment, hard drive now long gone and/or deleted Sent dozens even hundreds of bitcoins to test it out with other hobbyists, then

deleting them because they were “worthless” This alone represents 15.29% of all mined bitcoins as of April 14,

2014

Static proof bags and intent (or lacktherof)

According to Jonathan Levine:

“Post 2012, the amount of coins held in addresses containing between 50 to 100 BTC are above my expectation and raises the possibility that a large number of these coins are lost. This conjecture is backed up by Bitcoin days destroyed evidence. There remain approximately 4 million coins that have never been spent, many of which are probably contained in the red section.”

How large are the stagnant numbers?

As of block 295,000, approximately 99.08% of all addresses contain less than 1 bitcoin

Actual amount located on these addresses is 109,119.9 BTC

This accounts for roughly 0.86% of all bitcoins mined as of April 12, 2014

Other on-chain tokens

At least 10% are reportedly known to be lost, stolen, seized, destroyed, scammed and forgotten

Mt. Gox could add another 5% if all “disappeared” Another 15.29% of mining rewards are stagnant or gone 0.86% reside on over 32 million addresses and most may

never be used

Thus at least 30% of all bitcoins are either lost, stolen, seized, destroyed, scammed, “dust” or forgotten (perhaps intentionally)

Grand total of reported tokens

Neo & Bee CEO, Danny Brewster, absconded with investor funds on April 2, 2014

Coinmarket.io accepting deposits but not processing withdrawals for weeks starting in March 2014

CoinEX an exchange got hacked in March 2014 and customers refunded

Cryptorush.io had internal mismanagement in March and then got “hacked” in April 2014 leading to a freeze

Continuous cycle?

Solutions:

◦ Trezor (2FA)◦ Proof of reserves from Bitfoo◦ Insurance from Xapo (via Willis)◦ Oracle and HDM wallet from

Cryptocorp and BitGo (BIP 32) m-of-n/multisig (BIP 11 & 16)

◦ “On-chain” wallet from Blockchain.info◦ Armory (near impossible to hack but

need to be a geek)◦ Sidechains/blockchain proliferation◦ Paperwallets (*)

Note: As of April 14, 2014, none of the Top 500 addresses currently use multisig on-chain

“Being your own bank” is hard

When smart contract platforms arise, same type of vulnerabilities exist, yet stakes are higher.

Example: Alice goes to bed. During the night, Bob from Hack Island, breaks into her laptop and email account, stealing her digital keys that control her bitcoins and most importantly the smart contract “deed” to her home. During the night, this contract is sold and resold a dozen times on a decentralized exchange. Alice wakes up, unable to open her home because the door is synched via wifi to a cryptoledger. What does she do?

Go to court, explain that even though there is a perfectly unabused contract, signed in a cryptographic manner, the “legitimate” bearer has been robbed and the contract should be ignored. New lock and title issued and installed.

Why is this important for Trustless Asset Management (TAM)?

What if several days, weeks or months past before original “legitimate” owner realizes their boat or summer home has been resold and sold again and last owner is an orphanage or church?

Current case law may exist but in some cases new precedents could be set.

Preston Byrne: “Utilize trusted third parties (TTP) to create trading limits much like payment processors do today.”

Integrating trust – as a variable – into a decentralized prediction market?

What if new owner is an NGO?

How to incentivize the use blockchains or sidechains internally at Coinbase and other exchanges/wallets?

Could exchanges run a sidechain?

Other uses-cases for securing tokens and on-ramping new adopters◦ UI/UX◦ Providing real economic growth and

value (e.g., non-illicit activities)

Let a thousand chains blossom…

Email: tswanson@gmail.com Twitter: @ofnumbers Ofnumbers.com

Comments and questions

Appendix 1

Appendix II

Appendix III - Velocity of BTC

Appendix IV

Appendix V

Appendix VI

Appendix VII

Tipping is more like a faucet or ‘interpersonal transfer’ “Fun” way to redistribute existing tokens yet not linked to

actual utility/value of a service performed (i.e., arbitrary)

“[T]he hard truth seems to be that tipping does not work. It does not benefit the customer. Nor, in the case of restaurants, does it actually incentivise the waiter, or help the restaurant manager to monitor and assess his staff. The cry of stingy tippers that service people should “just be paid a decent wage” may actually make economic sense.”

Appendix VIII on Doge/Bitcoin tipping

Appendix IX