Cardano: why peer-review

https://forum.cardano.org/t/peer-review/5310

Crypt0: I have faith in the way you guys are doing things. Peer review? Nobody’s doing that stuff. I’m actually really excited to see what you can do yourself. I’m glad you’re the leader. In that space, there’s a lot of people working with you, you’re not alone. You came out of nowhere, but now we’re getting your name out there…

Charles: One other thing — let’s talk about peer review real quickly. This really pisses me off, man. So, this is [takes a thick book off a shelf] one volume from «Crypto ‘17», and by the way — there are three of them [takes two additional thick books off a shelf].

Crypt0: Jeeez….

Charles: This was one conference. And every single thing in these books is a peer-reviewed paper that was accepted at «Crypto ‘17». You can see all the math, and all these other things. So, how do you get into this book? Do you just pay for it? Or do you just go and talk to someone, say: «can I be in your book»? No! What you do is you write a paper… you send it to the review committee… and really bright people, who probably don’t like you and want to do everything in their power to say «No!» to you, look at your paper and reject it more ofter than not. Dozens of papers get rejected for papers that get accepted, and especially at the conference of the «Crypto ‘17» stature.

So we took the time to actually submit our protocol to this conference in Santa-Barbara, and it got accepted. It’s in that book! The first volume. Because we actually had to fight, we had to go through many revisions of the paper, we had to answer dozens of questions. It’s a lot of work! Peer review is not just posting a goddamn paper online, having your friends look at it, and saying it’s open-source! It’s saying: «I will take it to the most qualified people I can find, who have an incentive to say I’m stupid. Have those people look at my thing. Attack it as much as possible. And only after they have beat me up for a bit, will they accept it… maybe.» And a lot of good papers don’t get accepted.

So, that’s what we did, and that’s how we approach protocol development. Now, we didn’t invent that, it’s been damn around since the beginning of computer science. If you look at «Paxos». If you look at all the protocols we tend to live with, all the analysis of these types of things, the extensions of these types of things, have been done through a peer review process. Whether it be «POPL», or «ISC», or «Crypto», or «EuroCrypt», pick your favourite field of computer science — this is how you get tenured as a computer scientists. And that’s the standard that I hold for everything that we try to put into Cardano. Our random number generation protocol «SCRAPE» — went to «ACNS». We have out multi-party computation protocols, like «Kaleidoscope» it’s been accepted to «Financial Crypto». «Ouroboros» was submitted to «Crypto» and accepted there. And we’re just keep going down that road.

Now, what does this tell the community? The ADA holders? What does this tell every other person? It’s a standard that needs to be demanded! Because the smarter you are — the easier it is to just lie to people. I can put lots of math on paper, I can put lots of ideas on paper, that seem right, and because they are obfuscated in complexity and hypercubes and lots of words that are really complex and hard to understand — most people just say: «Oh, that guy’s bright, he’s probably right.» That’s where we’re at in the cryptocurrency space. Is that people who are very bright, but who don’t have domain expertise, are writing papers that they really aren’t qualified to write, that kinda work. And then, when an expert actually looks at it, and starts dissecting it and pulling it apart, they find wholes in the logic, they find problems in the protocol, which will only be discovered a year, or two years, or three years after it’s implemented, and the whole fucking thing falls apart.

So every single person, who invest in cryptocurrencies or does things with cryptocurrencies, should demand the standard of science. If it involves cryptography, distributed systems, or any of these things — you should demand that it’s in one of these books! It’s not elitism. These are anonymous submissions. It’s all about quality. Standards. It’s all about actually delivering something that works. This is money after all, for haven’s sake, these systems are starting to be worth more than «Ford» and «GM»…

Crypt0: And «Uber», and «Facebook»

Charles: We worth more than «Facebook» and «Uber»! And if they’re gonna be worth this much money, should we at least demand, that somebody spends a few months of fucking time, to go to the world’s top people, and get those people to give it a little check mark, saying «It’s reasonable». That’s just common sense!

If you look, for example, at «Runtime Verification». These guys contract with «DARPA», and «NASA», and all these other guys. There’s so much auditing, and oversight and control in these relationships. Every claim they make has to be justified. Like, every dollar you take from NSF, or whoever, it comes with big strings attached. And they get funded at 7 figure and 8 figure level. We now have damn 25 y.o. kids come walk around with 9 figures of money, who have no experience, they don’t even know where to put the money, or how to manage it. And then they’re being told — go implement a protocols, that are supposedly gonna scale to billions of people, and do engineering on the class that Google and Microsoft does it. And then they build business-processes, which don’t have project-charters, they don’t have accountability, they have no transparency behind thought. And then they say: «We’re so smart, we’ve figured this all out, you just can’t understand my brilliance.»

And also, what happens when they take other people’s crypto? Like, they’ll take «zk-SNARKs», or something like that. So what happens when you have modified that? So what happens when your roadmap necessarily requires you to open up this blackbox, that you now forked and stolen from somebody else, and make meaningful changes to it? It’s like performing a heart-surgery, not knowing what a heart looks like. Or brain-surgery, not even knowing where to cut. It’s just madness. It’s just madness.

So I hope if anything that the Cardano project achieves is a «standard evolution» in the space, where we say: if you’re gonna write code, make sure there are 3rd parties, who are looking at it and verifying the code’s right.If you gonna do science, do what science has always done — go through peer review. We can have an argument about what’s the best way of doing that, what venues are the most credible for these types of things. But the argument, that «we can just skip it, cuz it’s too slow» is madness. This is stuff that has high stakes. Either it’s your money at stake, or your life at stake. Especially when we go back to privacy.

What happens when governments stop liking cryptocurrencies as much as they do now? And using it means you get thrown in jail. And you’re using a privacy coin that claims it has anonymity guarantees, oh, by the way, that had been breached or broken by that system.

¯\_(ツ)_/¯

Then all of a sudden you get arrested, people show up at your house and arrest you. It’s just like journalists, who think they use a secure communication system. And they’re talking to an informer off-the-record, and the government is actually knows about it and goes after them, right? So we have a moral obligation, as a space, to have hight standards.

So the question’s ought to be — what’s the highest possible standard we have? If there’s something better than going to a cryptographic conference — tell me. I’ll go do it. But from my opinion — that’s the best I can do, in the short time we have, and the limited resources we have. So we just go and do it. Sometimes we get in, sometimes we don’t. But we try. And makes me feel better about the science. It makes ma feel that maybe all the pretty math symbols mean something on our paper. By the way, we’re going beyond what more normal cryptographers do — we’re doing formal specifications of our work. We’re verifying the proofs using «Isabelle» and out papers — that’s not normal crypto! Because they don’t have the time or the resources to do these types of things. But we go beyond, because we understand we have a moral obligation. And that these systems have billions of dollars of value behind them.

So I do take it very passionately, because I’ve seen the consequences of failure. I see «The DAO», I see the «Parity» hack. I see these things happen over, and over, and over again. I see the dilution, where people fork a fork of a fork of a fork, and they end up having such a low level understanding of what they’re actually doing, that they have no way of managing an ecosystem that now worth a billion dollars. How will this not result in a collapse and the loss of value? It has to, by definition.

So, I’d like to be above this entire thing, I’d like to say: hey guys, let’s do something a bit differently. And even if we fail as a project, maybe we can change the attitude about how these things ought to go. For example, it would be nice to say that the only way people can compete with Cardano is going though peer-review themselves. And using formal methods themselves. Because that means, even if I failed, I have laid the seeds and the foundation, for building the technology the right way.

Remember «Netscape» was a failure, but it still gave us the cookie, the JavaScript, web-certificate, the modern web-browser, these types of things. And so that’s my hope is that this project can at very least lay the philosophy of how things ought to be constructed, and change people’s minds about due-diligence, and change people’s minds about standards. And very quickly you’ll see the separation of the wheat from the chaff.


“In the blockchain space, our peers are other blockchain technology companies.”
(https://steemit.com/cardamon/@dan/peer-review-of-cardano-s-ouroboros)
ಠ_ಠ