Responding to Vitalik Buterin’s 7 difficult questions for the Cryptoverse

Bitmain and affiliated pools now have ~53% of all bitcoin hashpower. Isn’t this a really big problem?

I don’t think there is an easy answer for this. Let’s look at it in two ways. Firstly, yes, it’s a problem that one entity controls more than 51% of all bitcoin hashpower. This goes to the very idea of decentralization. However, what are the best options available as of right now that can guarantee security as much as PoW does? Models like PoS, DPoS have their own flaws as they too create a similar issue eventually however without the benefit of the security PoW provides. While it may be seen as a problem now, this is already creating competition in the space where other parties have also started to enter this game so it won’t be long before bitmain loses this throne. Secondly, we have to understand what the miners are there for. Short answer: they’re there for profit. It doesn’t make sense for these miners to jeopardize the entire operation, the entire foundation the bitcoin was founded on. The moment the security of the bitcoin network is shown to be vulnerable, it’ll affect the very foundation the idea of blockchain was built on. So, while bitmain or some other entity may have the power to do 51% attack, this sorta thing cannot be hidden from the public eye so this would only damage their reputation and it’ll set the foundation of blockchain back a few years until a better model comes along. For now, I think we’re safe but this should be in everyone’s mind and requires considerable thought. I’m not in support of this but I just wanted to say that there is no correct answer when it comes to this. Maybe someone will come up with a hybrid model of not just using PoW but also combining it with some other consensus that reaches some middle ground but until that happens, there is no easy way to answer this.

Why aren’t there any useful large scale applications yet?

The answer is simple. You cannot do large scale applications on the blockchain. The blockchain is very good at one thing and one thing only — to be the trustzone of the internet. To use blockchain for any other reason like data storage or building large scale applications is a wrong approach to the solution this technology is designed to solve. There are already more efficient solutions out there and no matter what, blockchains can never be scaled enough to store the world’s data no matter what. It’s not feasible and definitely not cheap. Instead of that, we should be focusing on using blockchain for what it’s best at — establishing the trust between two parties and then approach other problems like data storage and running large scale applications for a different platform. At the moment, you can run smart contracts on the blockchain and only the smart contracts are executed in these so called decentralized applications. The consensus still needs to be reached on the blockchain nodes so it’s not an ideal solution for everything. Instead, the decentralized applications should run on the device itself thereby improving the scalability of the kind of applications you can run. When you decouple blockchain from the decentralized app but you are able to run the app in a secure sandbox environment, you can utilize the full power of the device. In that sense, all you need is some kind of runtime environment where your applications are directly run on the device where everything you do inside this runtime environment can establish trust using the blockchain. When we can have this, we can have useful large scale applications as this also means that the user interface for the consumers will be very clear and concise. It’s ridiculous to ask someone of non-tech background to have to install some plugins just to run a blockchain based app. This is not the path to mass adoption.

Why are there not yet good solutions to account security? When will the problem of account hacks and thefts be solved?

There is no good answer as to why there are not yet good solutions to account security because most of the problems we face today either have to do with the broken protocols of the internet that were established long ago and we continue to put patches upon patches to put out some fix to it even today or the issue is at the human level where they’re not careful enough. I think we can use blockchain to solve this problem because what if we could have an environment that is completely isolated from the base OS but where you could run your applications inside it. And all that needs to happen is that this runtime environment needs to be connected to the blockchain in a completely decentralized manner. In other words, we need to use a peer to peer network and even go as far as to disable http/https protocol on this sandbox environment. When we combine these three things together, we can maybe form a closed loop environment where we treat internet as an infrastructure rather than treating it as an application. If we do this, we can put on some rules on the applications themselves where even they cannot know where the data is stored so there’s no chance of man in the middle attacks. If we do this, we can issue IDs from the blockchain in a decentralized way to everything in this closed environment and only the authorized IDs can establish internet connections to the outside world so there’s no chance of distributed denial of service attacks. If we run applications in a sandbox virtual machine that is spawned and destroyed after each use, we eliminate virus attacks. If we blacklist every request and only allow authorized parties to talk to each other based on their friendship and the IDs issued via blockchain, we can reduce spam. All in all, we can give control of data to the user if we do this, thereby preventing most of the account hacks and thefts.

How can decentralized apps work well even with 5–10 second blockchain latency?

Just because an app can be decentralized doesn’t mean it has to be decentralized. This notion that we need to completely revolt against centralization for everything is a false dream and the sooner we get over this, the better off we are. When you have a centralized solution, it’s much faster and much more resilient and most of the time, it’s almost free to the users who use these apps but then we’re trading our own privacy for these free apps. On the other hand, if we have a decentralized solution, it’s slower but very secure and we own our own data and our privacy is within our own hands however, this requires us to pay fees so that the decentralized miners can secure our privacy. There’s always a tradeoff between security and the price we pay. For something where the user data is involved and where privacy is paramount and where the security is not just wanted but needed, we need to have a decentralized solution and the benefits of that far outweighs the costs associated with it, albeit with a slower latency. However, for something where we’re just dealing with data whose confidentiality is not as needed, maybe we can settle with a hybrid of centralization and decentralization solution, thereby not really losing a whole lot of latency. So, the data that requires security can be handled in a decentralized manner while the data that doesn’t need as much security can be handled in a centralized manner. I believe this is the future and both solutions will have to co-exist for a long time.

PoW is burning billions of dollars per year, even more than all scams and thefts combined. Isn’t this a big tragedy?

If all PoW is doing is burning energy without giving us any benefits, then yes, I would consider that to be a big tragedy however, both sides have to be looked at in order to evaluate this issue. Also, the PoW mining machines are getting better and better every year with being more energy efficient so we may not even think about this issue in the near future but let’s suppose we’re talking about the present. It may look like PoW is burning billions of dollars per year now because there’s not much utility for a lot of cryptocurrencies at the moment because there haven’t been any applications that have come out of this technology with any sort of mass adoption. If you look at bitcoin, people are only looking at it as a digital gold(a store of value) and nothing else. In the future, there will be many applications with their own currencies with a complete economic system of their own thereby finally gaining mass adoption we so have been waiting for. Think of this another way. What if we could tap into the existing PoW like bitcoin to power not just a secure transaction system but also use the same energy to power thousands and thousands of applications with as much security as bitcoin. What if we utilize bitcoin’s own hashpower(PoW) to power billions upon billions of apps by utilizing the same energy? This is possible. It’s just a matter of time until someone can come up with this solution. At that point, we won’t even be having discussions about this because if you take a simple VISA transaction today, it’s already using a lot of resources by having to be validated across many many servers across the world and the bad part is that this is completely centralized and we have no control of our own money. What if we could use PoW to take control of not just our money and transactions but also take control of our own data? At that point, we will be having a discussion on how much energy a single VISA uses compared to the entire ecosystem that a system like bitcoin or the PoW consensus blockchain can provide.

What are the centralization risks in proof of stake?

The idea of proof of stake is genius. It solves the issue with energy consumption that PoW has in order to power a blockchain network but it too has a lot of flaws of its own. One example is centralization. What happens when there’s someone with a lot of coins who’s also involved in staking these coins to generate blocks for the blockchain? Chances are that this someone will just keep on getting richer and richer. This is the very problem the blockchain was designed to solve. In the world of today, the rich just keep on getting richer because there’s income inequality and the poor just don’t have enough power to contribute to the society and earn a decent living. This is the exact sort of thing I see happening with proof of stake. We are sacrificing the idea of decentralization with using less energy to mine blocks. No matter how you look at it, this is not sustainable over a long period of time.

Given how EOS governance has turned into an epic fail, doesn’t this mean that all on-chain governance including DAOs is fundamentally flawed? How can any DAO deal with bribe attacks, plutocrats and other risks?

I think any and all DAO will always have the issue of bribe attacks and plutocrats because of one very simple reason — we’re relying on human beings to make these decisions. Anytime a human is involved, corruption always follows no matter how good the original intentions were. We are not there yet, but maybe in the future, we’ll have a completely decentralized DAO, not just at the technical level, but also at a human level. Let me elaborate on this a bit. You might think that an idea of contribution to judge someone’s influence in a system like DAO might be hard to gauge since there’s no way a computer software can decide on what is considered a quality contribution compared to a random contribution just to get contribution points. But, if we can get a system where it’s not just enough to hold some coins to have voting power in a system like DAO but you also need to be continuously contributing to the community in a meaningful way with some quality work in order to keep your voting power? I think that’s the only way we can solve the problems that we see today in many DAOs.