From network security to permissionless creativity
A conversation with our colleague Dr. Andreas Dittrich
For this month’s employee interview, Dr. Andreas Dittrich joins us to talk about permissionless blockchains, the opportunities that Proof of Stake brings for investors, and a pricy beer he bought with crypto.
Dr. Dittrich is Head of Tech Strategy and Partnerships at Finoa and has extensive experience in network and systems security. He is also an all-around amazing colleague and a fascinating conversation partner for anyone interested in unearthing the blockchain industry’s emergence and development.
Hello and thank you for joining me today. Would you like to introduce yourself and tell us a little about your background?
Hi, I’m Andreas. I’m a techie by heart and I’ve always been excited about technology, especially computers. My focus has long been on the security of the devices that we interact with. Even as a child, I remember going to the shopping center and hacking the Commodore 64s — one of the most awesome home computers that ever existed — until all you could do with them was reboot them.
In the first half of my working years, I was a freelancer and provided services around computer networks, mostly in engineering and architecture. I’ve also worked as a consultant and a team leader and spent seven years in academia.
I’m specialized in network and system security, specifically, the protection against and the mitigation of attacks. While practical, this is also very dynamic because attacks become ever more sophisticated and effective. My academic research, by contrast, was about specific properties of computer networks. I was exploring availability as a security goal in the CIA (Confidentiality, Integrity, and Availability) framework.
In practice, I was creating mathematical models to predict how likely it is that a service will answer requests before a deadline (aka the responsiveness of a service). I did this in decentralized, heterogeneous networks — so not in company or internet networks, but in dynamically generated and possibly manipulated networks, where you still need to provide reliable services. And those are problems that we have to solve every day on blockchains.
You’ve joined us quite recently. What was it that attracted you to Finoa?
I’ve known about Finoa since 2019 when the company was a lot smaller. What has always impressed me about Finoa was their approach to problem-solving and the way they supported us at T-Systems on our innovative journey. Having seen their growth and their trajectory, I got more interested over the years. You could say I was keeping a close eye on them since I thought the company was very promising.
And how would you describe the culture and atmosphere at Finoa so far?
I mean, it’s a lot of fun, let’s be honest. But, at the same time, we carry so much responsibility for our customers. And this is something you really feel at Finoa. There is a strong sense of responsibility and a focus on creating value by providing worry-free digital asset management. There’s certainly a seriousness in what we do, but at the same time, it’s a lot of fun to be part of the team. I have never onboarded so quickly on a team as I did at Finoa.
You’ve been in the blockchain industry for many years now and were previously leading the blockchain development unit at T-Systems. Tell us about how you’ve seen the industry evolve in the last five years.
Looking back at 2017, I remember the ICO (Initial Coin Offering) craze and the widespread fraud, but there wasn’t much utility. Although there were a lot of great ideas, blockchains weren’t really used. In that sense, I think it was very healthy that the hype of 2017 crashed.
Since then, we’ve seen quite the opposite. There’s been an incredible growth of utility. Many of the use-cases that were then being discussed, especially on the enterprise side, are actually being implemented now. It’s great to see that they are now generating value, and they are doing this on public blockchains.
The best, and probably most well-known example of this is the DeFi Summer of 2020. I remember this because we were going live with a Chainlink oracle — and Chainlink is crucial for DeFi to function in the current form. DeFi just went through the roof, and with it, the demand for Chainlink oracles, but especially for Ethereum block space. Although it was painful on one hand because the network was borderline unusable at that time, it showed that there is actual block space demand and that the network was providing utility for DeFi.
Other developments we’ve seen are NFTs and play-to-earn, which emerged around last year. All these use cases are native to decentralized networks and provide real value. It seems a slow process, but at a certain point, it accelerates as it did for DeFi in 2020.
The market and the value proposition of blockchain are just so much more mature by now than back in 2018. It’s always gonna be a bit bubbly if expectations are too high, but the whole ecosystem is very healthy now and you can see this also from the news that is popping up. When you have major news two-three times a week from one of the big networks, that shows a great pace of development and a lot of utility for users.
In blockchain technology, we often talk about permissioned and permissionless blockchains. Can you talk a bit about the difference between the two and what that means for development?
The permissioned or permissionless distinction is sometimes talked about as “public vs private blockchains”, but these terms don’t quite capture the idea of permissionless blockchains.
Permissionless blockchains are open networks for which you don’t need permission to participate. However, you are only allowed to participate in the network if you follow the rules, which are generally defined in the white papers. This means that we set the rules, we write them in code and all participants enforce these rules, and then the code is the law.
With permissioned blockchains, you still have a distributed system, but there you have a committee or certain parties who have more rights than others and they decide who can participate. This can be useful in the enterprise sector when you want to set up a distributed or collaborative business case very quickly. It’s easier to do this with ten people who agree and decide to not let anyone else in who could hinder or slow down the project. If you want to stay focused and efficient, that could be a case for permissioned networks.
But if you’re doing a permissioned distributed system, I ask, why call it a blockchain at all? Why not set up a fully centralized system that’s governed by a central body, like a governance committee, and just use existing centralized technologies? You can probably do it more efficiently that way.
There are advantages and disadvantages for both. The original idea of blockchains is to have fully permissionless networks. Only then can you have a unique value proposition like that of Bitcoin, for example, which is to have a censorship-resistant global currency. That wouldn’t work in a permissioned system.
The power (and the magic) of blockchains lies exactly in the “permissionless” part. It means that we can collaborate globally as humans, using machines, simply because we agree on the rules of collaboration. We enforce these rules not only by software but especially through token economies that incentivize good behavior and punish bad behavior. We can harness the creativity of the whole world in a way that we weren’t able to do before.
As many may already know, Proof of Stake is becoming the baseline consensus mechanism. But what does it mean for active ecosystem participants in terms of staking?
Proof of Stake is a great way to scale without compromising security and decentralization too much. Proof of Work just can’t keep up with the number of transactions per second that we would need for global decentralized networks once they are fully in use.
With Ethereum in its current Proof of Work incarnation, you can have Layer-2 solutions on top to help with scaling. But if you look for example at NEAR, which is a sharded Proof of Stake chain already on Layer-1, it currently doesn’t even need Layer-2s to achieve a high transaction throughput.
For participants and investors especially, Proof of Stake offers a native way to generate yield on your investment. It’s a way of making sure that it doesn’t dilute from inflation and of generating additional yield from transaction fees, by delegating your stake to trustworthy staking nodes.
The nodes are taking care of the core security functions of the network. They are validating transactions and are reaching consensus about which transactions should be in the next block. Thanks to Proof of Stake, the nodes can do this not by doing energy-intensive hash calculations (like in Proof of Work), but rather by putting real stake at risk, which acts as a protection against fraud.
If you act well (as a validator node), you will then generate a reward that goes back to the staking providers and the stakeholders. But if you do it wrong, the assets can be burned or “slashed.” So there’s a very high incentive for infrastructure providers to work correctly and reliably. Just as well, there’s a very high incentive for stakeholders to stake their assets with trustworthy staking providers, which in turn then makes the network more secure.
What are some ways to go about in terms of mitigating slashing risks?
I have first-hand experience of this because I was doing this for the last three years. I’d say that, first of all, you need to have an enterprise-grade setup with high availability, which respects the rules of the protocol. Once you understand how reliably your validator node needs to run on a specific network (this is usually defined in the white paper), you have to set up your managed service accordingly.
In essence, it’s about running a managed service reliably, and of course, there’s a challenge for the stakeholders to choose the right staking provider to delegate to. From the outside, it’s sometimes hard to understand who’s reliable and who’s not. And a stakeholder might put a considerable amount of assets at risk via delegation.
What are some projects in the crypto space that you are currently excited about?
The most exciting one for me is Ethereum and everything that’s happening on it. That’s because, as I said before, it’s the one ecosystem that has actual block space demand and it has a proven record of being under heavy load for at least two years by now. The core protocol will see big changes in the next months to accommodate for that and development activity on both Layer-2s and decentralized applications is mind-boggling.
It’s also interesting to see other Layer-1s like Solana popping up and trying to get a piece of the cake with varying results. And then there are also projects like NEAR, for example, which has great developers behind the project and a great vision. There is a second line of Layer-1s which are not as prominent as Solana or Ethereum, but show a lot of promise and it remains interesting to see how the protocols will develop. As such, I also like Celo’s mobile-first approach. It’s probably a pretty unknown network, but they’re doing a lot of things right. I like that they focus on enabling access to finance to the unbanked of the world.
You can’t predict who will be a winner because there are so many factors. It’s not just the technical fundamentals and it’s not just your investors or the users. It’s everything together that determines who’s successful and who’s not. That being said, I do expect a dramatic consolidation of Layer-1s during 2022.
To go back full circle, our final question is: how did you originally enter the crypto space?
I got exposure to the crypto space pretty early on, in 2010 or 2011, while I was doing research and teaching at Humboldt University. I started by running my own bitcoin miner.
It was just a fun thing to do for me and a few of my nerd friends. There was this crazy, complex set of technologies that was called bitcoin and it created this internet money that couldn’t be exchanged or cashed out in any way.
I remember buying a beer for three bitcoin, as an equivalent of three euros at the time. A friend bought it for me because I was too lazy to go to the supermarket, and so I thought I might as well give him bitcoin. Sure, in hindsight, that’s an expensive beer. But at the time, I didn’t really understand what some were already starting to grasp — that this was going to be huge. I just thought it was fun.
For about eight or nine years after that, I was not in touch with crypto at all. So in 2017 I was watching the whole hype from the outside and was pretty critical of all the Ponzi schemes that were being launched.
When I moved towards blockchain in my career, it was because of the technology I saw being developed and all the novel use cases that it enabled. I find it so fascinating that it has become a huge part of my private life as well. I feel that we are changing the world so dramatically and we’re changing it for the better. And that was one of the main drivers for me in coming to Finoa: to be in a company that is a hundred percent behind that vision.
This article is not intended to be, nor does it constitute financial advice. Finoa does not endorse or recommend any particular securities, currencies, or other financial products. This content is solely for informational purposes and is not to be construed as a solicitation or an offer to buy or sell any spot currency transactions, financial instruments, or other securities.