Four points of failure
As the cryptocurrency space continues to grow the community has become increasingly aware of the failure points in the ecosystem. It would…
As the cryptocurrency space continues to grow the community has become increasingly aware of the failure points in the ecosystem. It would be a fallacy to believe that our security protocols are unbreachable.
“A prudent person foresees the danger ahead and takes precautions. The simpleton goes blindly on and suffers the consequences.” “By failing to prepare, you are preparing to fail.”
The four points of failure and the premise of cryptocurrencies:
- The Software — Responsibly governed and upgradable
- The Mining — Sustainable, environmental and decentralised
- The Exchange — Safe, secure, fair and decentralised
- The Wallet — Safe, secure, accessible and private keys
Risk Analysis Precursor:
Before we get started, it’s important to say, that I don’t run risk analysis on closed-source blockchains. These projects could prove to be infinitely riskier than open-sourced blockchains in ways that we can’t yet comprehend or imagine. For me to get involved with a project, it must first meet my cryptocurrency ruleset:
- Coin Supply — maximum and fixed supply of coins
- Open Ledger — Keeps everyone honest (No block explorer No investment)
- No tokens
- Coin Distribution — Fair and wide distribution
- Storage — Secure and free wallets with access to private keys
- Transactions — Low fees and fast transaction times
- Governance and community — Responsible and Decentralised
- Development — Continuously developing tools and services that remove middlemen and fees
- Project Treasury — To drive development and the health of the platform.
- NEW RULE FOR 2021 — Must be tradable on an open-sourced distributed exchange, with near 0.00% Trading fees.
The Entry Point
When running risk analysis on a blockchain project with an open ledger it’s reasonable to accept that once a block has been processed and the block has matured, the transaction data is immutable. There have been cases where a chain has been rolled back but the more a chain focuses on future decentralisation this becomes less of a concern. With this distinction made and assuming that the chain remains healthy, it’s acceptable to say that the main risks will occur in transit, entry points and exit points.
The first point of failure concerns software updates and validation. If a blockchain has a system for code validation this will help provide a seamless transition between upgrades. The majority of systems depend on the core developers to do the right thing and not act maliciously.
Decred has a unique system for dealing with this issue, that I’ve not seen in other blockchains. When it’s time to upgrade the code, first, the upgrade gets installed into the system in an inactive state. Then the upgrade goes up for voting if the vote is successful and after an amount of time the upgrade becomes active. This process lets the relevant parties instal the software, check the update and when it goes live guarantees a smooth transition. All participants not running the new software will eventually be removed and minority chains running the old code become defunct.
The benefits of putting these procedures in place mean that the likely hood of having a chain split is greatly reduced. Also, the chances of malicious or incomplete software making its way into the system are very low.
This may not seem like a big deal but it’s the single reason why the Decred project has longevity and has a low level of vulnerability in this area, compared to all other open-sourced blockchain projects.
Blockchains that don’t have a secure way of implementing updates will be affected in the following ways:
- Critical software upgrades are hard to facilitate and have the high potential of causing chain splits
- Community fracturing — Critical upgrades can cause arguments and if a community doesn’t agree this could motivate new chains being created. This is bad because it means inflation of coins, smaller communities and less security.
- Codebase coup — If the governance of code isn’t taken seriously the code can be controlled by parties that don’t share the interests of the community and the coin holders.
The mining process poses risks for all proof of work (POW) blockchains. The most obvious risk is a 51% attack which could allow for double spends and the production of blocks that would normally be processed as invalid. There are currently lots of promising solutions available in this area aimed at mitigating this issue.
The risks that concern me most with regards to mining is centralisation and the electricity demand for producing blocks. The current amount of power needed to produce blocks is fundamentally bad for the environment and ultimately unsustainable. To stop any chain from becoming centralised it needs wide distribution and high quantities of smaller miners. The current Bitcoin blockchain utilises an overwhelming amount of power to produce a block, this will eventually cancel out pretty much all miners except nation-states or global corporations.
The questions that need to be addressed to help secure POW blockchain in the future concerning centralisation and the environment, include:
- What is the optimal hash rate a blockchain needs to be secure and is it possible to limit to this value?
- How can a system be optimized to reduce the amount of mining needed at any one time?
- How can a system be optimized to distribute the mining across the globe?
- Is there a way to reduce the number of miners that can mine at one location, district or country?
- Is there a better system that could replace pure POW?
- If there is a better system how hard would it be to implement?
- How hard would it be to gain consensus for the upgrade if the miners are already majority controllers of the system?
Just in case you are interested here are the current mining rates for some of the most popular open blockchains (May 1st 2020, before the Bitcoin halving):
Bitcoin (BTC) — 139.45 Eh/s (SHA-256)
Bitcoin Cash (BCH) — 1.65 Eh/s (SHA-256)
Decred (DCR) — 349.19 Ph/s (Blake 256)
Dash (DASH) — 5.39 Ph/s (X11)
Zcash (ZEC) — 5.96 Gh/s (Equihash)
Monero (XMR) — 1.22 Gh/s (RandomX)
Referenced from: https://blockchair.com/bitcoin
Referenced from: https://dcrdata.decred.org
How to convert all of these hash rates, here are the numbers:
1 KH/s is 1,000 (one thousand) hashes per second
1 MH/s is 1,000,000 (one million) hashes per second.
1 GH/s is 1,000,000,000 (one billion) hashes per second.
1 TH/s is 1,000,000,000,000 (one trillion) hashes per second.
1 PH/s is 1,000,000,000,000,000 (one quadrillion) hashes per second.
1 EH/s is 1,000,000,000,000,000,000 (one quintillion) hashes per second.
Decred aims to solve a few of these problems with its unique Proof of Work (POW) Proof of Stake (POS) hybrid solution which makes the system extremely secure without the need for abundant hashing power. According to DCRDATA, Decred only needs 5% of Bitcoins value to be equally secure, based on the current hash rates. This is a great sign and means that Decred will not need to upgrade this system as early as other blockchains. This could allow them to see which future systems work best before needing to implement any changes. As a second thought on this issue, I also believe that Decred would be quicker to reach consensus on this issue due to their best in class governance system Politeia.
I remain sceptical towards POW systems and believe that the likelihood they will become centralised is very high. However, there is little doubt that they are currently the most secure systems we have. The investigation and research in this area must continue.
Once the system has been secured it’s then time to look at the points of failure for the end-user. This starts with purchasing the coins, and how difficult it is to get good value for your money. This is the single area that prevents somebody from getting involved in the space.
If adoption is the name of the game it all starts here. Individuals don’t want to pay a premium to hold a risky asset. If a user comes to this space because they have been told that it’s better than banking, they soon have reason to believe otherwise.
“Hey everyone! How cool is this, I just spent £100 on Bitcoin and now I have £90. But don’t worry it’s going to the moon!!!”
The question: How do we get the user/individual from a Fiat currency to Decred (DCR) in one step, with near 0.00% fees, a good exchange rate and as securely as possible?
Cryptocurrency exchanges are centralised entities, to a lesser extent, this can also be said regarding exchanges that claim to be decentralised (DEX). Steps to help you evaluate if an exchange is decentralised:
- Locate the source code — The first rule of anything that claims to be decentralised, they have to publish their code as open-source. This means they have to publish their full code for anyone to use or copy.
- Spin up an instance — Can you start a server and run the code, effectively running your own exchange without paying fees or any other hidden costs?
- Main pair trading without a third party — Can you trade between coins like BTC and DCR without needing a separate token to facilitate the trade?
- Peer to peer — Can you patch into other parties running the exchange software and share the order book?
- Exchange rate and fees — Do you get the best options for exchange with near 0.00% trading fees and low mining fees?
- Using your own wallets — Decentralised exchanges should never have access to your coins or wallet private keys to facilitate trading.
Very few exchanges can claim to be decentralised exchanges if they can’t meet the above simple rules. Decentralised Exchange suggests that anyone can participate on both sides of the exchange, facilitator and trader. To add clarity to this space I recommend a distinctive name change for any exchange that doesn’t mean these requirements. e.g. DEX to IEX (Independent Exchanges). As the current DEX movement looks more like an indie movement where the power is taken from the main players and moved to the secondary players. You still have a centralised force but this movement gives more options to general investors.
The first issue we need to look at with regards to centralised exchanges is the information an exchange needs and wants to hold on you. Most exchanges have to comply with the “Know your customer (KYC)” regulations which mean you supply them with your name, address, email, phone number, national insurance or passport or driving licence which then gets stored on their database. This is not good for the end-user due to the chances of their information being stolen or misused.
One security measure that I suggest consumers follow is to only signs up to one exchange that requires KYC. I use this exchange as an on and off-ramp for my fiat currency and I’ll use other exchanges that don’t require KYC for my coin swaps. As you can already see, the risks here are already huge and require the average user to be extremely vigilant. Frankly, for most people, this is a step too far.
The second risk end-users face with exchanges is coins stored on exchanges are not as safe as coins stored in wallets where you hold the private keys. There have been lots of cases where users have had their coins stolen from an exchange. Also, coins stored on exchanges don’t give you access to your private keys which means you don’t own those coins. The current practice is, once you have completed your trade you should remove your coins from the exchange and put them in your wallet.
The third issue is a return on investment issue caused by high exchange fees, lower than expected exchange rates and mining fees for the final transfer. For consumer investors, this could mean losing between 1% to 5% of your investment before they even start.
There are very few exchanges willing to address these issues due to their rewards being so high. On each of the above issues, the exchanges make large profits which is a security risk in its self.
There is so much debate in our ecosystem about why mass adoption after twelve years hasn’t happened. They talk about not enough promotion, not enough marketing, not enough liquidity etc.. But the hard fact comes down to one thing, trust. The average person doesn’t trust this space and let’s face it they have good reason. Put yourself in their shoes, would you trust this space? When it comes to money most people are extremely vigilant.
Decred has made extensive strides in this area and is currently creating what could be conceived as the first truly decentralised exchange which aims to meet all of the above-decentralised exchange requirements. The DCR DEX is currently being tested and is likely to be in full production by the beginning of 2021.
The interesting thing about the DCR DEX is that it aims to be chain agnostic which means that any blockchain can hook up to it and participate and share the order book. Although Decred has paid for this in full, it has done so for the greater good of the space. Any chain can run the exchange; any chain can participate in the code and any chain can benefit from peer to peer trading with no trading fees.
When you think about it, this has the same impact as Satoshi’s original implementation of Bitcoin. Where anyone can participate and trade with whoever they want, peer to peer. Without the need for third-party interference and ridiculous charges, fees and rent-seeking.
More needs to be done in this area to streamline the process and to gain the trust factor for mass adoption. Fiat to crypto and back again is the biggest challenge facing Decred and other smaller coins.
For the end-users, the wallet is the gateway to the whole system and just like purchasing the coins, there are some contentious issues concerning the best way of storing your assets. A lot of new users prefer to leave their coins in a custodian account like Coinbase because they offer some insurances from losing their coins or coins being stolen. Once the coins are moved into a cold, hot, desktop or mobile wallet they feel they are on their own, and for most, this is too scary a prospect. This aspect harms the adoption rate of cryptocurrencies due to the perceived complexity.
If the wallet is the gateway it makes sense to make sure it’s as easy to use a possible. All risk to the user needs to be removed and the system needs to be infinitely secure. All wallets should provide the user with the same level of security no matter if it’s cold, hot, mobile or desktop.
The following risks need to be assessed to make sure your coins are safe, secure and accessible:
1 — Coin storage
Which wallets can you store your coins in? If the coin you are interested in doesn’t have its own desktop and mobile wallet I would recommend delaying your investment until such time that these requirements are met.
Hardware wallets are currently the most secure way of storing your coins and are recommended for large amounts of coins that you intend to hold onto for long periods. Make sure your coins have access to a suitable hardware wallet.
Desktop wallets tend to be the most advanced feature-rich wallets for the system. These wallets are really important because they can never be closed down by outside sources. For instance, a mobile wallet can be closed down by the system provider e.g. Apple or Google but a desktop wallet can be run on any number of unrestricted operating systems. One of the risks with a Desktop wallet is you need to make sure you download it from the main or reputable source. Failing to do this could put your coins at risk. You should also make sure your computer is free from viruses and malware before installing your wallet.
Mobile wallets are the most popular wallets because you can carry your coins around with you. The risk here is if your phone gets stolen or you get mugged for your coins they will be lost. A recommendation is to only carry small amounts of coins in these wallets, just like your normal wallet.
Multi-coin wallets are very popular as they let you carry all of your coins in one place. I tend to avoid these wallets as much as possible or only carry very small quantities in them. Multiple coins in one piece of software can present it’s own security issues.
2 — User Experience
The user experience for a wallet should be clean and simple and during the instal stage, a wallet should insist on backing up private keys and making sure this has been done before moving on. The majority of wallets now do this and make you enter your keys again before moving on. Other things you would expect to see are — send, receive, balance and security settings options that give you access to your private keys.
3 — Security
Some of the security measures you would expect to see in any crypto wallet include:
- Providing you with the option of securing your wallet with a pin code
- Providing you with the private keys and shielding them with a passcode that is different from the one used to log into the wallet
- Providing you with the option to set a passcode for spending
4 — Saving and storing private keys
From a user standpoint, this is where it could all go wrong. In the short term, you have been prompted to write down your private keys and store them in a safe place. These keys should not be given to others, multiple copies should be stored in different locations etc. In the long term you could lose these backup keys; forget where you’ve put them; throw them away accidentally; they get moved or used by someone you trusted or fall into the wrong hands. A more serious point, what if you die? How will your loved ones get the keys? How will your coins get distributed? etc…
5 — Importing private keys
Wallets must include the setup option to instal a new wallet or import wallet using private keys.
6 — Private Key Backup and Recovery Systems
For people wanting to store their own coins, a major long term concern will be, how can I get my coins back if I lose my private keys. Currently, only custodian solutions provide users with extra measures to recover their coins if they lose their passwords. Non-custodian solutions need to start thinking about building in recovery option into their system. Some options could include.
- A coin vault — If a user wants to store their coins for long periods they could use a time-locked coin vault. This could have two options, one to open after a user-defined amount of time and the second option is to open when the user enters a special passphrase.
- Two-factor authentication — A method to unlock your coins using your phone number or other pieces of personal data.
- Platform messaging system — A blockchain messaging system could be a unique way of sending and receiving encrypted messages. These messages could include coin recovery instructions; time-locked messages; time-locked send receive coins; messages from the wallet if it hasn’t been accessed for many years; instruction messages that go out to your loved ones in special instances like what to do with the coins if the wallet owner dies (e.g. a blockchain will) etc…
The biggest risk most people have with private wallets are losing their keys and coins being stolen. All cryptocurrency projects still have a long way to go in this area. The current wallet systems are too complex to set up for new users and don’t offer any insurances against lost or stolen coins. This is a major adoption issue for cryptocurrencies.
With all being said and done we are moving in the right direction. From this point forward more effort needs to be put into the education of blockchain. I would suggest that information resources need to be created to teach people about the fundamentals of blockchains both as a developer and a consumer.
- How to buy your first Decred (DCR) coin — A video for beginners that takes them from start to finish.
- How to store and backup your DCR — Best practices for securing your coins and storing your private keys (Start to finish)
- Setting up your Decred wallet
- The importance of private keys
- Sending and receiving Decred
- Developer course — Create a course to help developers get started with blockchain and the Decred ecosystem
Final Disclaimer — Please note the above research is not financial advice and you should always do your own due diligence before investing your money. Investments can go down as well as up and cryptocurrencies are typically volatile assets.
The views expressed in this article are that of the author and based on the authors own research and investigation. The author is happy to receive comments, feedback and suggested edits for this channel to help evolve the open nature of the discussion.
DCR Donation Address: DsahjKtXPeMFqN5AXr3Vim5TMDYAGdhPKqj