Basic Attention Token: New Ad-blocker Engine, A two-way wallet and mobile password sync with desktop and YubiKey Support to Brave for iOS
Biweekly update 20th June — 4th July
Basic Attention Token continues to increase its presence as one of the leading crypto projects and its major emphasis is being placed on innovation and growth. Over the past two weeks BAT made good progress in development. Brave Browser featured new ad-blocker engine with 69x improvement in performance to boost the speed of the browser when accessing web pages. Users can test the new features on the Dev channel and Nightly channel versions of Brave browsers right now. In the media landscape the main keynote was AMA session with Marshall Rose, BAT’s Principal Engineer. Marshall fielded both pre-submitted and live questions from Redditors concerning a variety of topics, such as the differences between BAT Mercury, Gemini, and Apollo, the three work phases outlined in BAT Roadmap 1.0, Brave’s long-term plans for decentralization and the status of some of Brave’s highly anticipated features like Brave Sync and the multidirectional wallet upgrade. Finally, Basic Attention Token partnered with Yubico to bring YubiKey support to Brave for iOS. With Brave’s support for Yubico’s upcoming YubiKey 5Ci devices, the users will soon be able to use the same robust security key across multiple devices, including iPhones and iPads. No doubt it greatly reduces the risk of phishing on protected accounts, no matter what device you’re logging in from. To sum up, BAT strengthens its position in cryptocurrency market. Stay tuned with Paradigm Fund to maintain awareness of latest news on BAT.
In a blog post on June 26, 2019, Brave Software announced that the performance of the ad-blocker on its Brave browser has been improved by 69x using a new engine implementation in Rust, a multi-paradigm system programming language focused on safety and safe concurrency. The latest implementation is designed to boost the speed of the browser when accessing web pages.
Improved Performance of Brave Browser’s Ad-Blocker
Per the blog post, Brave Software, Inc. has improved the performance of the advertisement blocker on the Brave browser by 69x using a new engine implementation written in the Rust language.
There was a need for improvement because Brave Shields are an important part of the browser and they protect users’ privacy from trackers and ads by handling every web request that is needed to load a website.
The team says 75 requests are usually required to load a webpage and each of these requests has to be checked against tens of thousands of rules (for accepting or blocking a request) which calls for an efficient ad-blocker.
While the C++ programming language which the ad-blocker was written in could handle these requests swiftly, it was discovered that the speed of the browser can be boosted significantly up to 69 times on the average if written in Rust.
Similarly, the cost of running certain extensions which use a WebRequest API to inspect and block undesired requests was not a limitation for Brave because the browser’s requests are handled natively, within the browser’s network stack.
The Need for Speed
Despite Brave’s speed and advantage over these extensions, there was still a need to improve its performance.
The latter was, therefore, made possible by building a new ad-blocker engine using Rust programming language which Brave claims is a performant language that is compilable to its native code and it is suitable for execution within the native browser core.
The team claims the 69x increment in speed and performance of the new engine was verified using a 2018 MacBook Pro laptop featuring a 32GB RAM and 2.6 GHz Intel Core i7 processor.
Users can also test the new features on the Dev channel and Nightly channel versions of Brave browsers starting from today.
According to Brave, it had previously determined the cost of ad blocking in comparison to the ad blocking list and rules that were not used.
The previous algorithm it had employed used a Bloom Filter data structure to allow a majority of requests to pass through without blocking, even though these requests were tracked in fragments that could be matched before those that are clean are quickly ruled out.
On the contrary, the new algorithm which is faster was inspired by quickly eliminating rules that are not likely to match a request after a search has been made.
As a result, the algorithm’s set of rules are 69x faster on average than the current engine and the new engine supports more of the filter rule syntax which allows web compatibility issues to be handled better and faster.
Developers at privacy-centric web browser Brave have confirmed that the application will soon ship with an Ethereum wallet built-in.
Based on screenshots from a Github Pull Request submitted to the Brave Repository on June 25, 2019, the feature will allow users to either create a new wallet or import an existing one using the twelve-word seed phrase.
Third party integrations also seem to be on the way and will give users the ability to link their hardware wallet with the browser.
More Wallet Choices to Come
While the current stable version of Brave Browser already includes a cryptocurrency wallet, it is extremely barebones and only capable of storing Basic Attention Tokens (BAT).
Unlike a traditional desktop or hardware wallet, Brave’s wallet implementation does not allow users to simply withdraw their BAT to a cryptocurrency exchange or third party address. In fact, users can only take control of their earned tokens once they sign up for a Brave Publisher Account, create another wallet with Uphold, and tip themselves. This three-step process makes withdrawing BAT much more convoluted for first-time users. Furthermore, Uphold requires users to complete a KYC verification process — which essentially eliminates anonymity for BAT users.
Brave’s upcoming Ethereum wallet is notable because it has been described as a full-fledged wallet implementation that can also be used to access dApps and store various ERC-20 tokens. According to a Reddit comment posted by a member of the BAT team, users will eventually be able to send their earnings from the Brave Rewards program to external wallets as well.
Acknowledging the community’s dissatisfaction with Uphold, the representative said that more wallet options will be rolled out in the coming months.
Browser Competition Heats Up
While Brave was the first cryptocurrency-oriented web browser, it is no longer the only option for enthusiasts of the technology.
In April, Opera announced a new ‘blockchain-friendly’ web browser that would include a cryptocurrency wallet, Web 3 explorer, and be capable of completing transactions. The company also rolled out a free, unlimited VPN offering on desktop and mobile.
Check out the latest AMA and get to know BAT’s Principal Engineer — Marshall Rose @_mtr, with updates about the BAT roadmap (Mercury/Gemini/Apollo), bi-directional wallets in the browser, and advice for young developers.
Q: What is the difference between BAT Mercury, Gemini and Apollo, for those of us who do not know?
1. BAT Mercury is the initial architecture for the BAT ecosystem.
Many decades ago(!!), when I was in school, I learned an important rule: “You can solve any problem if you are willing to make it small enough.” With that in mind, here is how I view BAT Mercury:
After you opt-in, the browser “measures your attention” on the sites you go to. Initially, “sites” were websites and YouTube channels, since the BAT Mercury launch, and we’ve recently added Twitch and Twitter. The other side of BAT Mercury is the introduction of notifications pertaining to advertisements based on where you spend your attention. After you opt-in, if you view the advertisement associated with that notification, then a process starts to have some BAT contributed to your browser.
The browser needs a lot of detailed information in order to make these determinations. This information is kept in the browser and the only thing that leaves the browser is a highly-synthesized synopsis sent in a disjoint traffic stream. For example, BAT Mercury starts with “statistical voting” for monthly contributions to publishers. Let’s say that you spend twice as much time paying attention to site X than to site Y. All things being equal, twice as much BAT will be contributed to site X than site Y. First, the value of each “mini” contribution is the same, so twice as many messages get sent for X than Y. Second, through the use of zero-knowledge proofs, neither our servers nor a third-party can correlate any of those messages together. A similar strategy is used for contributions associated with advertisements.
The attention-based contributions, for both sites and advertisements, tend towards a “virtuous circle”: BAT goes to the browser based on the advertisements that you pay attention to, BAT goes from the browser based on the sites that you pay attention to. This occurs entirely within an environment that places browser privacy first.
With those three points in mind, BAT Mercury is very much a learning experience. Brendan had the vision, and the rest of us filled-in many, but not all, of the details. This process of continuing refinement will, over time, become finer grained.
2. BAT Gemini is the transitional architecture for the BAT ecosystem.
It added grants from the User Growth Pool to kick-start the “virtuous circle” until the advertising component is in full production (another part of BAT Gemini). It adds site-specific tipping, which is especially important for things like Twitter where the browser’s attention is very fine-grained.
BAT Gemini is also about moving BAT functionality onto our mobile platforms — it’s now on Android and is being aggressively developed on iOS. I don’t know the release schedules, but I expect that before fall all three platforms will be in lock-step and close to feature parity.
Following this, BAT Gemini will add synchronization of BAT activities between browser instances. I am very much looking forward to that.
Finally, BAT Gemini is going to add bi-directional wallets.
3. BAT Apollo is the final “near-term” architecture for the BAT ecosystem.
The top-level goal is to match Brendan’s vision — Many things that were deferred in BAT Mercury or Gemini are planned for this phase (cf., above: “You can solve any problem…”) However, BAT Apollo is not the final architecture. (First you get to earth orbit, then you get to lunar orbit, then you do a lunar landing, then you go to mars after the Apollo phase is done.)
The primary goals of BAT Apollo is to add transparency and decrease transaction costs and improve decentralization. All of this while maintaining (or improving) browser privacy. The paradoxical requirement is increased transparency for advertisers and publishers to compare their gross revenue and net income.
At present, we are investigating the use of a proof-of-authority side-chain — I must emphasize we are still in the research phase of deciding which approach is best. Independent of this is the addition of “code points” to support multiple providers for wallets, site verification, settlements and so on. We are very much pragmatists in preferring to orchestrate domain experts (e.g., companies like Uphold) to handle important parts of the process; however, we’re also sensitive to concerns of relying on a single provider.
One of the advantages of using a proof-of-authority network is that it allows us to spread the load between us and trusted partners. Part of the vision is that BAT eventually operates under a non-profit consortium. (You can find this in some of Brendan’s earliest writings… BAT purposefully refers to the “Basic” Attention Token, not the “Brave” Attention Token.)
Q: When will there be a two-way wallet and mobile password sync with desktop?
Marshall Rose: That’s supposed to be in BAT Gemini. I doubt that’s in the MVP (cf., above: “You can solve any problem…”). I am very much looking forward to this. As of this writing, I have 5 different wallets with BAT on different versions of our browser/platform, and i’d really like just one!
Q: Which part of BAT transactions are on-chain and which part are off-chain for tips, and for BAT earned by users through ads? Will we see some changes in the future?
Marshall Rose: In BAT Mercury & Gemini, only the entry/exit points of the process are on-chain. The primary reasons are economic and time-to-market. That is going to change in BAT Apollo, so that more things are on-chain, but the “chain” is going to be a side-chain not the mainnet. That should address the economic concern, and if we go with a side-chain using some kind of proof-of-authority consensus mechanism, then we should be good to go in terms of timing…
Q: What excites you most about this phase of the project? Can you say what kinds of things might be possible to do with the BAT SDK?
Marshall Rose: One of the reasons we spent a lot of time rewriting the initial BAT Mercury client-side libraries was to be useful for a future BAT SDK; however, I am rather distant from the part of the company doing the BAT client work, so I don’t have a lot of visibility into what the thinking is.
However, I do know that several of our internal folks will see your questions/ideas and then take a look as to how we can make this easier. We’re still learning the best way to integrate the basic functionality into the browser, I doubt we’ll see anything for a while. Sorry for having a not-so-helpful response…
Q: In accordance with https://basicattentiontoken.org/bat-roadmap-1-0/, Apollo should have started in 2018. We are not yet in Gemini yet, in the middle of 2019. What went wrong?
Marshall Rose: “No MVP survives contact with the customer.”
After the initial release, experience and feedback resulted in making the phases larger; however, the timeline document was not kept in sync. Internally, we’ve shifted some things between phases. Other delays arose due to switching from Muon to the chromium front end fork, for head to head competition with Chrome.
Of course, in my long answer on Mercury/Gemini/Apollo, I am describing my view on them, but I not the final word on these things…
Q: People who write code for Automated Teller Machines must remain aware that there is an active, motivated, technically sophisticated adversary seeking ways to exploit the machines for cash. I imagine Brave has similar adversaries. Does this result in a team of developers, all technically expert, and all suspicious of the world and of each other? How do you mitigate?
Marshall Rose: I am a firm believer in Sutton’s Law — so, yes, it’s a concern. Fortunately, Yan Zhu, our Chief of Security, and her staff have put into place a robust set of processes for both security and privacy reviews of projects and code. In particular, new features and major upgrades get a fresh review prior to merge. Other policies include our use of BCPs (best current practices) for logins and devices.
Q: Can we please have an update on (realistic) timings for the Roadmap phases?
Marshall Rose: We’re in Gemini now with Apollo early work and experiments overlapping. The current Gemini phase will run throughout this year and probably into next, while Apollo will continue into 2020 and 2021. In this industry, predicting anything beyond 24 months is almost certainly going to be inaccurate…
Q: Suppose a creator has a website or podcast which depends on user support. For this creator, users who do not tip are a deadweight loss. Is there any technical obstacle preventing the creator from specifying an ad campaign with rules? Do not show my ad to any Brave users who do not tip 80% of their Rewards to creators overall. Show my ad only to Brave users who have visited two of the websites on this list. Show my ad only to Brave users who have, in the past month, visited at least three of the websites on this list and have tipped each of them at least five BAT.
Marshall Rose: I have to respectfully disagree that free-riders are a “deadweight loss”. Pretty much all systems have free-riders. You may respectfully disagree with my view: there are no plans to penalize free-riders. The BAT ecosystem is designed so that a particular site can not specify an ad campaign. Of course, a site may indirectly impact what notifications are generated by the content on that site. It is key to understand that notifications are generated in response to the browser’s attention throughout the browsing session, not just the page/tab they happen to be viewing.
Q: I’ve always wondered, is this an industry Junior Software Developers can get involved in? I fear that cryptocurrencies are too complex mathematically and the risk if built improperly too great to have anyone but senior developers contribute.
Marshall Rose: I suspect that most of the early ETH folks would disagree with you; though I also suspect that the early BTC folks would agree with you.
For myself, if you are serious about your profession (regardless of what the profession is), then seniority should denote experience. I started programming with punched cards. That environment has a relatively long turn-around period in terms of the edit/run/review cycle (e.g., 30m), so it tends to teach a check-your-work-first philosophy. However, back when I lived in Mountain View, a friend of mine was a PhD candidate in Physics, and was telling me how he had to schedule the linear accelerator 3 years in advance to run the experiments needed for him to complete his doctorate. 3y >> 30m, so I’d say that he learned those lessons far better than I did.
Another thing to keep in mind is that today’s younger programmers stand on the shoulders of giants — whether we are talking about the folks who write mobile apps that work because mobile devices are so incredibly powerful, or folks who write distributed apps that work because Cerf, Postel, Braden, Clark, et. al., did such a wonderful job with TCP/IP, etc. Old folks such as myself must remind ourselves to constantly climb up to the same heights that the younger programmers start with.
BTW — no insult is intended with respect to these observations.
Q: You mentioned “Finally, I may have another project to announce, but the timing may not work out for that”. Is this a BAT project?
Marshall Rose: It’s called the altsumer project. It’s not about BAT, though Brave is supporting it. Since I work so much with crypto, I work with a lot of products and services, and I spend a relatively large amount of my time finding and evaluating those offerings. I’m planning to share my experiences on the theory and practice. As to what an altsumer is, you’ll have to wait until the project launches, which is RSN.
It’s common knowledge that tech companies are after our information. They make money by selling data to advertisers, who then convert that into pinpoint-accurate advertisements that get us to click and buy products.
Depending on your side of the process — consumer or advertiser — you’re either selling your data away or making big profits. If you’re part of the 69.09 percent of the internet that uses Google’s Chrome browser, you’re giving out way more information than you’d like.
According to Geoffrey Fowler, a technology columnist at The Washingon Post, Google’s web client is similar to “surveillance software,” if you break it open. Whether you’re on mobile or web, location settings off or not, Chrome is telling Google what you’re searching, where you’re browsing, and who you’re communicating with.
Private Browsing Is Almost Non-Existent
This snooping comes in the form of “cookies,” which are pieces of data that lock into your computer and log your activity.
While not always terrible — some cookies store your username and password for quick logins — it’s tracking cookies that are the real danger. These privacy-breaking trackers keep a long history of your information, like which ads you’re clicking on.
While you’re technically opting-into cookies like this, you don’t have much of choice. Moreover, one study looked at 84,658 webpages within the top 10,000 websites of February 2019 to examine their tracking methods. Of these, 92 percent had trackers, and only 17.83 percent of those were “safe.”
For those aware of the fight for privacy, this news is not shocking. There are browsers out there, such as Mozilla’s Firefox, that help block trackers and protect against other forms of invasion. However, there’s a growing competitor in Brave Browser — a crypto-based platform that blocks trackers, malicious advertisements, and more.
Alternative Routes Towards Internet Freedom
Ironically, Brave is built on the Chromium platform and lead by a co-founder of Firefox, Brandon Eich.
Here, users can tell the browser to block trackers and ads on one site and enable them on others. Alternatively, websites and creators that opt-in to Brave’s program can accept BAT tokens instead of show advertisements. The longer a user is on a site, the more BAT they pay out while enjoying a tracker-free experience. These tokens then convert into the website’s local currency — thus removing the need for trackers and ads.
Of course, users and publishers would need to make the transition — but Brave has been making itself known across the internet. The BAT blockchain ensures transparency and reliability, not to mention the fact that it’s open-source. Openness is critical when it comes to Web 3.0. Users must be made aware of crypto and blockchain-based browsers for this new model to work. Otherwise, the fight for privacy online will go to these big advertisers.
The most recent AMA took place on June 25th, and featured guests Taylor Monahan (Founder and CEO) and Jordan Spence (CMO) of MyCrypto. Taylor and Jordan fielded both pre-submitted and live questions from Redditors concerning a variety of topics, including MyCrypto’s experience with the Brave Ads platform as an advertiser, the exciting projects they’re currently working on, and the company’s long-term goals. The pair also addressed numerous questions from curious participants regarding the differences between MyCrypto and MyEtherWallet, which include a MyCrypto Desktop App for increased security, and a focus on supplying educational resources about crypto and how to manage it for anyone wishing to learn or get involved.
Native support for cryptocurrency-based tipping is coming to Reddit, for users of the Brave browser.
That will come as a big plus to the many diehard crypto-lovin’ Redditors that spend their time crawling its forums on a daily basis. There are so many of these that the biggest crypto subreddit has a subscriber count of more than one million people (or bots) — outnumbering even the Harry Potter subreddit.
Reddit already provides some non-native support for tipping. Users are able to create “tip bots” that enable people to pay each other small amounts of some of the most well-known cryptocurrencies. However, they aren’t particularly easy to use, and it can be hard for users to see their balances and cash out.
But now, privacy-focused Brave will be introducing a button that allows users on Reddit to tip each other with the basic attention token(BAT), made popular on the Brave browser itself. The token was designed with tipping in mind, and is cheap to use even for small amounts. On the Brave browser, you can tip websites (including Decrypt) to reward them for the content they produce.
The features on Reddit will only be available to users of the Brave browser and the integration is being led by Brave developers.
The features are being developed in preview-only mode, but will be introduced in a beta version of Reddit during the next three weeks, before going live on the main website, according to a Brave developer.
The tipping function is likely to have the look and feel of the Lightning powered-tip button on Twitter, which can be enabled via Tippin.me — but with a different symbol.
For many users, Reddit is one of the paths into the crypto world, with its various subreddits each dedicated to the myriad of altcoins that are out there. The Reddit crypto communities are so strong that accusations of censorship and subreddits being co-opted are often bandied about. The site is also home to the biggest anti-crypto community, the r/Buttcoin subreddit, which mainly exists to lampoon all things crypto. But with tipping about to get push-button simple on Reddit, maybe even the Buttcoiners will find themselves lured over to the dark side.
*There is no up-to-date official information on Brave’s monthly and daily active user base.
Total amount of Brave Browser Publishers:
- Youtube publishers: 139 587
2) Website publishers: 26 223
3) Twitch publishers: 11 070
The BAT roadmap in 2019 is GitHub. More information you can find here.
Milestone 7: 0.60.x (done)
- Rust support for brave-core.
- Ads integration into Brave-core with foundations to support Rust based blind token confirmations
Milestone 7: 0.61.x (done)
Milestone 0.63.x (~April 23, 2019)
- Unify exception handling (done)
- Fix Brave shields localization (done)
- Make Widevine UI more noticeable (done)
- eTLD+1 matching for about:adblock (done)
- Working ads model, Rust-based blinded tokens for privacy-safe confirmation of ad views and interaction, and ability to give BAT monthly to users who see ads (done)
- Settings/Bookmarks/History/Downloads facelift (petemill, in progress; partially merged) (done)
- Add options for allowing FB login / embeds and Twitter embeds
- Upgrade to Chromium 74 (Max, in progress)
Milestone 0.64.x (~May 14, 2019)
- Custom ABP filter rules in about:adblock (done)
- UI improvements and support for theming in the Brave shields panel (done)
- Support for Nightly builds (done)
- Override regional ad-block selection in about:adblock
- In page translations (Jocelyn, in progress)
- Add support for more locales
- Smart Tracking Protection (Pranjal, in progress)
- Ad-block tokenization performance improvements (bbondy)
- Ad-block exceptions to be disabled by default and have UI asking to turn on when it is first detected (todo design)
- Social tipping
- Ability to compile Brave and produce an Android based APK (nothing close to releasable yet)
- Tie Brave Core Android builds to CI
- Add the ability to have social media login options into the Brave shields panel
- Rust based ad-block integration (done)
- Ongoing work for Brave Core Android builds
- New work in social tipping
The full information can be found here.
Partnerships and team members
BAT announced about its partnership with Yubico to bring YubiKey support to Brave for iOS. Yubico is the leading provider of hardware authentication security keys — devices which protect logins to online accounts from phishing, man-in-the-middle, and other threats of account takeover.
Unlike a code entered from a text message or an app, security keys such as the YubiKey not only authenticate you with a single touch, but also verify the identity of the site you’re logging into. A spoof site with a misleading domain name might be enough to occasionally trip up a person, but can’t fake the cryptographic handshake used in the U2F and WebAuthn protocols supported by the YubiKey.
With Brave’s support for Yubico’s upcoming YubiKey 5Ci devices, with both a USB-C and Lightning connector on a single device, you will soon be able to use the same robust security key across multiple devices, including iPhones and iPads. This allows for the removal of less safe login methods and greatly reduces the risk of phishing on protected accounts, no matter what device you’re logging in from.
BAT will work with Yubico on the YubiKey for Lightning Private Preview Program (now expanded to the YubiKey for Lightning Partner Preview Program). With early access to Yubico’s open-source SDK for iOS and prototypes of the hardware now called the YubiKey 5Ci, BATT will collaborate with the Yubico team to bring security key support to an iOS browser for the first time.
Social media metrics
The charts above illustrate the changes and overall growth in the number of Twitter, Medium and Reddit subscribers.
The graph above shows the dynamics of changes in the number of BAT Facebook likes, Reddit subscribers and Twitter followers. The information is taken from Coingecko.com.