Bitcoin vs Ethereum: Answering the CFTC Request for Information on Ethereum from a Bitcoiner perspective.
This article is a public answer to the CFTC Request for Information on Ethereum, issued in December 2018.
Purpose and Functionality
What was the impetus for developing Ether and the Ethereum Network, especially relative to Bitcoin?
Vitalik’s proposition to add Turing Complete smart contracts to Bitcoin was rejected on the basis that it would increase the attack surface on the network, and was unnecessary (you can build most of those contracts off-chain, based on the smart contracts capability already available in Bitcoin), so he decided with a few other peoples to create Ethereum and raise money for it.
Ethereum was one of the first ICO in history (The very first was Mastercoin, now called Omni, in July 2013).
The Ethereum ICO concluded the 2 September 2014, with 72 million Ethers “premined” and distributed between the investors, the Ethereum Foundation and the peoples working on it. Ethereum main-net launched the 30 July 2015.
Sixty million ether were exchanged for approximately 31,000 bitcoin.
According to data from the crowdsale, more than 40 percent of the ether sold went to the top 100 purchasers. And the three largest purchasers, went home with roughly 1 million ether each. Some critics thought the sale was dominated by even fewer people.
In addition to the 60 million ether sold in the Ethereum crowdsale, another 12 million coins were premined.
The opinion of Bitcoin developers was vindicated multiple times in the last few years, mainly with the DAO hack, and the multiples incidents where Parity lost funds. Both initiatives were led by some of the Ethereum core developers and/or founders.
What are the current functionalities and capabilities of Ether and the Ethereum Network as compared to the functionalities and capabilities of Bitcoin?
Ethereum and Bitcoin have a lot in common, both allow to transfer value in a decentralized way based on a predefined set of condition.
The main difference in terms of functionality is that Ethereum has an EVM capable of running Turing complete smart contracts; while bitcoin limit itself to a consensus-based set of cryptographic primitives called opcodes (like HashLock, PubKeyLock, TimeLock, MultiSig…).
This does not mean you cannot run almost any type of smart contract on Bitcoin, it just means that most of the logic should be on the client side, not on the blockchain, the Lightning network is the biggest set of smart contracts running in production today, and it runs on Bitcoin.
The same thing can be said about tokens, the biggest of them all is Tether which runs on the Omni protocol that uses Bitcoin as settlement layer.
Even DAOs are possible.
The main advantage of having smart contract logic on-chain instead of off-chain is allowing for contracts to be settled while some of the parties are offline, but it comes at a huge privacy cost. It also compounds the scaling issue Bitcoin had: by having more data to validate, and store, Ethereum as a much worse scaling problem than Bitcoin.
How is the developer community currently utilizing the Ethereum Network? More specifically, what are prominent use cases or examples that demonstrate the functionalities and capabilities of the Ethereum Network?
The most proven use case for Ethereum at the moment is allowing companies to raise money from investors by selling so-called “utility tokens”. This is also the first use case promoted on the Ethereum official website.
The Top 5 of “dapps” by daily users (Most of them should not be called decentralized, but we will come back to that later) on Ethereum (based on dappradar) are at the moment (23/03/2019):
- Gaming: My Crypto Heroes, Blockchain Cuties
- Gambling: play2win
- “Decentralized Exchanges“: IDEX, ForkDelta
The biggest of them by the number of users is My Crypto Heroes with 1.9k daily users.
If we choose to order them by Volume instead of the number of users we end up with the following list:
- Gambling: dice2win, FCK both with > $5M+ of weekly volume
- “Decentralized Exchanges”: IDEX ($3.6M weekly), Kyber ($1.4M), ForkDelta(>$650K)
What data sources, analyses, calculations, variables, or other factors could be used to determine Ether’s market size, liquidity, trade volume, types of traders, ownership concentration, and/or principal ways in which the Ethereum Network is currently being used by market participants?
Market Cap is an inherently flawed metric when talking about crypto-currencies. It’s very easy to create a new coin with a supply of 1 Billion, find a buyer for a single coin for 1$ (or wash trade on a Dex with yourself) creating a hugely inflated market cap of $1B from thin air.
A recent study by BitwiseInvest also showed that much of the volume reported by low rated exchanges for Bitcoin trading is fake, and only trustworthy exchanges trading data should be used, the same thing is probably true for all the others crypto-currencies including Ethereum.
That’s why I think a comparison between crypto-currencies need to take into account the trading volume (from trustworthy exchanges), instead of relying only on a flawed metric like the market cap. One of such metrics is Volume-Weighted Cap, which shows a Bitcoin dominance of 80% and trending up; a very different view from the traditional Market Cap where Bitcoin only has a 53% Dominance.
Useful sources of data on Ethereum: https://dappradar.com/rankings/protocol/ethereum allow a good look into the use of dapps on Ethereum.
https://etherscan.io/ is basically a block explorer, that allows looking into everything that appends on the chain. It also compiles statistical charts at https://etherscan.io/charts or the distribution of Ether by account https://etherscan.io/accounts
How many confirmations on the Ethereum blockchain are sufficient to wait to ensure that the transaction will not end up on an invalid block?
This is a tricky question to answer, most people would probably say 30 blocks or 6 minutes is enough (that what’s used by Kraken for example).
6 confirmations on Bitcoin mean require an hour worth of accumulated proof of work before the transaction is considered final.
If you want the same amount of security than 6 Bitcoin confirmations provide, you would need in reality to wait more than an hour, because the amount of electricity spend securing Ethereum is much lower than the amount used in securing Bitcoin, which mean you need to increase the amount of time to confirm a transaction, not reduce it.
How is the technology underlying Ethereum similar to and different from the technology underlying Bitcoin?
Bitcoin and Ethereum technology are relatively similar at the moment from a general perspective and security assumptions, but this will change drastically if Sharding or Proof of Stake is ever implemented on Ethereum, as they plan to.
The mains difference at the moment is that Ethereum is account based when Bitcoin is UTXO based; that means that in Ethereum both accounts and contracts have balances and own the coins, while in Bitcoin each UTXO has its own set of conditions that make it spendable attached to it.
Ethereum also allows any random contract to be deployed and run in the EVM when Bitcoin limit itself to a stack-based language called Script with predefined opcodes.
Does the Ethereum Network face scalability challenges? If so, please describe such challenges and any potential solutions. What analyses or data sources could be used to assess concerns regarding the scalability of the underlying Ethereum Network, and in particular, concerns about the network’s ability to support the growth and adoption of additional smart contracts?
The Ethereum Network face much worse scalability challenges than Bitcoin, simply because every node on the network needs to verify much more complex smart contracts than on bitcoin which increase the verification time, it also needs to store of a lot more data, like the current state of every single smart contract which increases the storage footprint.
This creates a big centralization force resulting in Infura becoming more and more central point of failure for the Ethereum Network, simply because running a node is costly in term of time to set it up & maintain it (especially due to the number of hard-fork that are forcing an upgrade of the node to stay connected to the network), and in terms of resources on the hardware (You can’t sync an Ethereum node on an HDD, you need an SSD), while using Infura is totally free and very easy to set up.
Has a proof of stake consensus mechanism been tested or validated at scale? If so, what lessons or insights can be learned from the experience?
Proof of stake is not a novelty and existed before Bitcoin was invented. B-Money by Wei Dai in 1998 was already using a Proof of Stake mechanism.
If it was not used with Bitcoin it’s because it’s not considered secure.
Relative to a proof of work consensus mechanism does proof of stake have particular vulnerabilities, challenges, or features that make it prone to manipulation? In responding consider, for example, that under a proof of stake consensus mechanism, the chance of validating a block may be proportional to staked wealth.
Proof of Stake suffer from new vulnerabilities a Proof of Work consensus doesn’t have:
- Nothing at Stake
The vulnerability comes from the fact that signing an invalid block, or trying a reorg attack has basically no cost while trying the same on a PoW blockchain will result from the expenditure of electricity, even if the attack fails.
Ethereum is trying to solve this issue by sanctioning bad behaviors by burning part or the totality of the stake of the bad actor. No perfect solution has been found so far since the last Casper proposal keeps a PoW component to form the consensus.
- Long Range Attacks
This attack is basically the use of an old key that held a big stake at some point in time but no longer has any funds, this allows an attacker to try to reorg the chain based from that historical point, at no cost, since there are no funds that can be taken away in the present.
- Weak Subjectivity
Basically, this means that a user coming online for the first time, or one that has been offline for a long time, has no way to determine by itself which is the correct chain tip to follow. They need to rely on a trusted third party for that. Which is basically the thing a blockchain was there to remove in the first place.
This can be a major issue during a black swan event. Let’s say the Ethereum network get split in two for multiple days due to the Internet failing in a major way (like submarine cables breaking..) resulting on sub-network unable to communicate with each other for a while, what would happen with PoS?
Well, both side would probably get slashed resulting in two incompatible networks when the internet failure is resolved.
Ethereum core dev would need to step in to manually resolve the fork (if they can, because they would need to convince both sides to upgrade; which will be hard due to the bad incentive structure just created: each side old 100% of the stake on its side of the fork) and unwind the slashing of the collaterals of one side on the new network consensus. Let’s just say the DAO mess would be a happy memory in comparison.
With a PoW consensus, nodes would simply follow the chain with the most accumulated work when the failure is resolved and reorg the chain accordingly.
Peoples that received funds during that time would probably suffer a loss on both types of consensus mechanism, but at least PoW will converge to consensus automatically.
Proof-of-Stake & the Wrong Engineering Mindset
Proof-of-Stake (PoS) is all the rage these days. Ethereum Casper, Cardano Ouroboros, etc. you name it. The rising…
Other issues Proof of stakes suffers from:
- Validator needs to have their coins in a hot-wallet to be able to sign blocks.
This makes the validator funds susceptible to theft from a hacker, while with a PoW chain you would need to physically steal the miners to make that kind of loss possible.
- Exchanges will be major validators
This change the incentive structure of the network, and give them a lot more political power on it, this is a bad thing, as we have seen in Bitcoin with the Segwit2x debacle, Exchanges and big companies will try to exercise any political power they think they may have to try to force some updates on the network based on their wishes, even if they differ from their users.
Sharding is also one of the things that will dramatically change the security assumptions of the system but we will come back to that later.
There are reports of disagreements within the Ether community over the proposed transition to a proof of stake consensus model. Could this transition from a proof of work to a proof of stake verification process result in a fragmented or diminished Ether market if the disagreements are not resolved?
A lot of people disagree with the transition to proof of stake (and a lot of the other controversial changes the Ethereum Foundation & co plan to make mainly: rent fee & sharding), the most vocal group, at the moment, is probably the miners: why would they voluntarily give up their source of income?
What capability does the Ethereum Network have to support the continued development and increasing use of smart contracts?
Increasing use means growth, both in terms of the number of smart contracts deployed, the number of users, and the number of transaction that needs to happen.
For that to be possible, the Ethereum network needs to scale, and this is a very hard problem to solve while maintaining decentralization and consistency of the data stored.
How is the governance of the Ethereum Network similar to and different from the governance of the Bitcoin network?
Governance on Ethereum is very different than on Bitcoin. Hardforks are not an issue because it is a lot more centralized around the Ethereum Foundation, Vitalik, and at a lesser degree around Ethereum core developers.
This same group of people was ready to proceed with a hard-fork with less than 50% of nodes upgraded; which mean those nodes would effectively be kicked out of the network:
This update ended up being canceled in 7 peoples meeting 1 day before it’s activation because a big security issue was discovered by an independent review.
Security Alert: Ethereum Constantinople Postponement
The Ethereum Core Developers and the Ethereum Security Community were made aware of the potential…
The old meme-worthy “[3:43:01 AM] Vitalik Buterin: ok can you guys stop trading” during the DAO Hack is also a good example of centralization. Nothing like that ever happened on Bitcoin simply because no one has that kind of power.
A recent report is also showing a major disconnect between the expectation of users and developers in the network upgrade timeline in search of their “scalability solution”, sharding.
In light of Ether’s origins as an outgrowth from the Ethereum Classic blockchain, are there potential issues that could make Ether’s underlying blockchain vulnerable to future hard forks or splintering?
A bunch of controversial changes is in the making, each of those could result in splitting the network:
- The introduction of Rent for smart contracts which is a breach of their own motto “Build unstoppable applications”
- Replacing Proof of Work by Proof of Stake: why would miners stop mining the old chain when that means losing their income source?
- Sharding which completely changes the security assumptions of the network, from each node validating everything and relaying only valid stuff, to my node validate only a part, and only checks block headers for the rest with no real ability to withhold relaying for those.
- Governance is itself a risk of splitting the network like the DAO incident has shown, which resulted in the creation of Ethereum Classic.
Cyber Security and Custody
Are there security issues peculiar to the Ethereum Network or Ethereum supported smart contracts that need to be addressed?
Ethereum smart contracts being a lot more complex than the one Bitcoin allows with its Script language, make them a lot more complex to analyze and can result in unvoluntary bugs. The DAO hack is the most know incident, but Ethereum suffered from more of this type of incidents other the years, like the “Parity hack” is where a user, either by negligence or maliciously, locked 513,774.16 Ethers in a MultiSig contract that was not properly secured.
This was not the first instance of a contract by Parity being unsecured they also got hacked and lost 150,000 Ether in a previous Multisig incident. And as you probably know Parity is a leading Ethereum company in charge of the second most used node in the ecosystem.
As a counterexample, in Bitcoin, Multisigs are part of built-in contract capabilities an can be used with a simple operator called OP_CHECKMULTISIG and it’s never been compromised.
The best way to prove a smart contract is correct is called Formal Verification but it can be very costly. The minimum approach should be a very thorough collection of unit-tests and having the smart-contract(s) peer-reviewed by multiple experts before ever being used in production.
Are there any best practices for the construction and security of Ethereum wallets, including, but not limited to, the number of keys required to sign a transaction and how access to the keys should be segregated?
Users in custody of their own funds should be free to store their cryptocurrency in any way they choose.
However, a custodial third party should have very secure protocols in place that does not leave space for errors and have redundancies in place in case some of the keys are lost.
The last scandal in date is QuadrigaCX where the owner supposedly died while having the sole custody of the private key of their cold storage solution. This should be considered malpractice, but unfortunately, this is only the last example of a very long series of hacked exchanges, lost funds, or outright exit scam. (Mtgox, Cryptsy, MCXNow, Bitfinex…).
This kind of loss or theft can easily be avoided by using adequate security procedures including Multisig, hardware wallets or offline signing.
It is my opinion that users should always have at least a partial control over the funds they deposit in the custody of a third party like an exchange.
This kind of scheme can be built on all cryptocurrency that supports the usage of MultiSig by creating some sort payment channel between the two parties instead of transferring custody of the integrality of the user funds to the exchange directly. A good example of something like this, on Bitcoin, is Abra: they use Bitcoin MultiSig capabilities to create synthetic assets collateralized by Bitcoin, while not having the full custody of the user funds.
One such possible scheme could be something like this (the time value used are only there as examples):
A 2 of 3 MultiSig where one key is held by the exchange, one key is held by a third party like an arbitrator, and the last key is held by the user; it would also have 3 timelocks associated with it: the first would allow the users to release the funds into its custody after let’s say 180 days, in the exchange custody after 200 days and lastly to the arbitrator custody after 220 days.
By using a scheme like this we protect the user by releasing the custody of the funds to him first when something goes wrong, but still, allow to retrieve the funds if the mistake comes from his part. The only way to completely lose access to the funds like in the QuadrigaCX case would be for all three key being lost.
We also dramatically decrease the risk of theft of the user's funds. If a hacker steals the exchange key, they won’t be able to access the funds, because another key held in a different geographical location would need to have been compromised simultaneously. Once the hack is known, the arbitrator and the user can preemptively move the funds to secure them.
Another, more secure scheme, could be done by requiring the key of the exchange being itself a MultiSig; this can be done today on Ethereum, and will soon be possible on Bitcoin once Schnorr signatures are added.
The main argument against a scheme like this is that it will require the funds to be moved regularly when everything is fine, simply to reset the timers on the time-locked funds.
Are there any best practices for conducting an independent audit of Ether deposits? In providing your responses, please be as specific as possible, and offer concrete examples where appropriate.
There are no best practices used by exchanges concerning the audit of Ether or any other cryptocurrency for that matter.
Most of them don’t bother to provide such proof at all.
Blockstream recently proposed a possible standard for UTXO based blockchains (not compatible with Ethereum) to create a safe proof of reserve standard; and since Blockstream is already working with some major exchanges for their Liquid product, it’s possible those same exchanges adopt that standard sooner rather than later. Something similar could be done for Ethereum by relying instead on its smart contract capabilities.