The Black Liszt

“Everyone” says that Facebook’s Libra is a cryptocurrency. Long before Libra had been imagined, Bitcoin pioneered and established the brand new world of cryptocurrency. Bitcoin created the category, and has always been its leading exemplar. The white paper by the still-unknown Bitcoin creator and inventor spelled out his design goals and the main aspects of Bitcoin that supported those goals. Once you read and understand what cryptocurrency is, it becomes very clear that, whatever Libra may be, it is NOT a cryptocurrency. To claim that it’s a cryptocurrency is like claiming that a locked desk drawer is a bank vault – yes they both have keys and are supposed to keep things safe, but other than that…

Satoshi, the brilliant creator of Bitcoin, designed a currency that involves cryptography. If you want to be extremely loose, you could say that Libra is the same thing, because it’s also a currency that somehow involves cryptography. But that’s like saying that the thing you use to “buy” properties and hotels in the board game Monopoly is “money.” Try depositing some of it at an ATM and see how far you get.  Let’s explore the basics of what makes a cryptocurrency the way Bitcoin is a cryptocurrency.

First and foremost, there’s the concept that in Bitcoin, no one is in charge. How can you possibly make a computer system that works, does lots of computing, keeping lots of financial transactions and makes sure everyone’s account balance is correct … without anyone being in charge?? These things are hard to do when someone IS in charge! There’s quite a bit involved in making this happen, as I illustrate here, but here are some of the key points:

• Anyone who wants to can sign up to be a “miner,” who are the folks that make Bitcoin work.
• A miner has to put money into buying fast computers, running the mining software, and connecting with all the other miners to share work.
• Miners get new transactions that Bitcoin users want to perform and “make them happen.”
• This means that miners race each other to solve complex problems involving cryptography, the net result of which is a new page (block) of transactions that have been vetted, and “locked” by crypto-key.
• Every piece of work a miner does is paid for by newly-minted Bitcoin – the miners are paid with Bitcoin!
• Miners are highly incented to do the work and do it right, because they want to get lots of Bitcoin, and they want Bitcoin to continue to be viable.
• Miners come and go as they see fit – no one “approves” them, literally no one’s in charge.
• Miners can be anywhere, in any country.

Big corporations and regulators don’t like the unsupervised free-for-all of Bitcoin. They like to control things. And that’s exactly why Bitcoin was invented – to escape the control of a central authority but still have a system that works. It’s a brilliant concept, and Bitcoin’s success shows that it works.

Along comes Facebook and Libra. Facebook is ambitious. They keep trying to invent new things. They mostly fail when they build things themselves, so they buy companies instead. Facebook would LOVE to buy Bitcoin – but it’s not for sale, because no one owns it – darn! They’re forced to try to build it. But being a big corporation, they just can’t stop themselves from building their version of Bitcoin in a style that makes them comfortable – violating every single core principle of Bitcoin – the original cryptocurrency – along the way!

Here’s what Facebook is doing with Libra:

• In Bitcoin, literally no one is in charge. With Libra, Facebook is designing and building it. Facebook is in charge and owns it.
• Facebook has gone to considerable lengths to create the illusion that it’s not in charge with this fake Swiss-based consortium of prestigious companies that supposedly control things. Either way, some combination of big name-brand companies are in charge, which is pretty far from Bitcoin’s really-truly NO ONE is in charge.
• Just like Facebook owns and controls all the computers that run Facebook, Libra will own and control all the computers that run Libra in a private data center. To all the corporate computer types, this is a good thing, but it totally and completely violates a core principle of Bitcoin, leaving it open to the same kind of insider corruption that all such places are rife with. It’s also a silly idea, as explained here. Microsoft and Intel explain the issues here.
• One of the less pleasant side effects of Bitcoin’s miners and what they do with cryptography is the fact that “proof of work” takes time. It’s a cornerstone of getting all these strangers to play nice and do good things, but it takes a number of minutes to complete a transaction. To Facebook, this is unacceptable. So they’ve blithely discarded the key cryptographic cornerstone of Bitcoin, and replaced it with some light-weight encryption, so they can still say they’re a “cryptocurrency,” even though they’re not.

There’s more to be said, but that should be sufficient to make the basic point that Libra is a cryptocurrency the same way my cousin, who is sometimes allowed to sing in bars, is an opera singer. My cousin likes to think she is, and I’m nice to her. But she’s never so much as attended a performance at the Metropolitan Opera in New York, much less appeared on stage in front of an audience. Similarly, Facebook’s Libra likes to think it’s a cryptocurrency even better than the original, Bitcoin, but it swore off the core principles of Bitcoin from the start, and doesn’t deserve to be called by the same terminology.

Note: This was originally posted at Forbes.

Both Microsoft and Intel are big supporters of blockchain. They think it's going to be "bigger than the internet," contributing trillions of dollars to the economy before long. At the same time, they spell out the overwhelming obstacles blockchain must overcome to reach this pinnacle of achievement. Guess what, surprise surprise, the special version of blockchain created by Intel and Microsoft is indispensable to solving the problems and achieving success!

You can see their deep thinking here and here. Before diving in, I'd like to point out that the custom, private blockchain they advocate is a contradiction in terms, as I illustrate here -- even if they implement what they claim perfectly, it will still be a joke.

Here are a few of the little obstacles that blockchain has to overcome before becoming acceptable for enterprise use, according to Microsoft and/or Intel:

• Performance: Normal blockchain performance is a few transactions per second. "Reed said the trusted execution environment of Intel SGX enables Coco to deliver a novel consensus mechanism that can deliver up to 1600 transactions per second..."
• Confidentiality:Normally, everything on a blockchain is public information.  "Microsoft uses Intel Software Guard Extensions (Intel SGX) to protect the Coco Framework. Reed said the trusted execution environment of Intel SGX ...  helps Coco transactions remain confidential among blockchain participants."
• Governance: With a normal public blockchain, no one is in charge. This doesn't come close to meeting enterprise requirements. Microsoft's private blockchain enables classic management, access controls and all the rest.
• Processing power:Intel says "Public cryptocurrency blockchains require huge amounts of energy to verify transactions through node consensus. Analysts have estimated a single bitcoin transaction can require as much energy as the average American home uses in a week."

The other big vendors, like IBM with its team of 1,500 people working on its Blockchain effort, have similar stories about what's wrong with Blockchain and why you should use theirs. When you add it all up, it does make you wonder about this revolutionary new technology, and exactly why important new initiatives should depend on this brand-new, largely untested code that obviously was not built with practical, enterprise use in mind.

This was originally posted at Forbes.

Facebook is working hard on building a brand-new cryptocurrency system called Libra, sort of like Bitcoin and Ethereum, except it will be much better, at least according to Facebook.

With all the talk about Libra, cryptocurrency, regulation and the rest, no one seems to wonder about what existing solutions normal people will be using to solve the problems for which Libra is suited. This isn’t strange at all actually – in all you’ve read about Facebook’s Libra, how much have you read about the pressing problems it will solve, the unmet needs it will address – right? Mostly what you read about is how Libra will solve all sorts of problems that today’s crypto-currency systems have, how many partners they have and how wonderful it will be.

Libra will be an infrastructure “out there” somewhere, with lots of important people and organizations making sure it’s wonderful. But in practical terms, most people will use it via an e-wallet, an app that they install on their smart phones. That’s where a name that hasn’t appeared a great deal pops up: Calibra. Calibra is a newly-formed Facebook subsidiary that will be the e-wallet for Libra. It will “integrate with” Facebook’s WhatApp and Messenger, giving it incredible consumer reach.

You can read all about what it will do, but it’s basically an e-wallet for holding e-cash and providing basic functions like sending and receiving e-cash to and from another e-wallet. Except for the little “detail” that instead of sending real money, you’re sending the Libra cryptocurrency, and will have to go to an additional step to move dollars in a bank account to and from your Calibra wallet, converting to or from dollars along the way.

Putting aside the fancy new terms of cryptocurrency and the rest, does using a phone to make person-to-person payments remind you of anything? How about Venmo, the P2P e-wallet used by over 51 million people, which is now part of PayPal? How about Cash App, the rapidly growing P2P e-wallet installed in about 60 million phones?

These are proven consumer applications which have already gone through numerous upgrades and feature additions, used at least weekly by tens of millions of people.

Facebook has incredible reach, and billions of cash in the bank gotten by selling your private information to advertisers. They will certainly make a lot of noise. How does Facebook's proposed system compare to Venmo and Cash App?

• Venmo and Cash App just use dollars. Simple. Facebook will use the newly invented Libra, which needs to “work,” something Facebook isn’t good at doing.
• If you split a bill and need to send $7.30 to your friend, you just do it with Venmo and Cash App. With Facebook, you’ll have to convert it to Libra, send that, and have it be converted back. Hopefully the exchange rate won’t move too much.
• Venmo and Cash App support free P2P payments. The Calibra website claims it will be “low cost,” but they have yet to say what the cost will be; after all, there is a HUGE cryptocurrency infrastructure to support, none of which is needed by the existing cash apps.
• It’s easy to imagine Facebook will find a way to sell the information about your transactions to the highest bidder, or somehow find a way to "monetize" what you do with your money. It’s what they do!
• Libra and Calibra will work for international payments! With exchanges from local to Libra to foreign currency, two exchanges instead of one. That’s certainly something Cash App and Venmo don’t do today, and will appeal to some fraction of a hundredths of a percent of the market. Except for the proven massive cryptocurrency uses for money laundering and international crime, who will have yet another channel to support their illicit activities.

Facebook's Libra is getting all the attention any giant corporation could want, including some attention I suspect they'd rather not have, from regulators. But in the end, will they be able to make this massive software effort work? Will it do anything consumers want better than existing apps like Venmo and Cash App that are in widespread use? There is good reason to be skeptical.

This was originally posted at Forbes.

Facebook’s Libra faces the daunting task of pulling off the flawless world-wide launch sometime next year of a new cryptocurrency based on new code. In taking on this task, they are hoping to pull off a first in software history: a major body of new code that works out of the gate. I assess the odds of this working here. At the same time, they have upped the stakes by also introducing a brand-new smart contract framework based on a brand-new language. Good luck!

Smart contracts are a way of extending and customizing a blockchain. Outsiders might imagine that the Bitcoin competitor Ethereum emerged from the pack because its name is somehow cooler than Bitcoin, but insiders know that an important factor was its pioneering incorporation of the first widely known implementation of smart contracts. Here is my explanation of smart contracts.

There’s just one little problem: however cool Ethereum’s smart contracts may be, in practice a majority of smart contracts have bugs and security holes, as a study of tens of thousands of them has shown. Even worse, smart contracts are part of the “immutable ledger” that is supposed to make things secure. Except when there are bugs and security holes, it doesn’t.

Facebook has quietly recognized that smart contracts are needed to make the primitive blockchain database even marginally practical, but that most smart contracts aren’t even modestly intelligent. How are they going to fix this problem?

One of the wonderful things about the steady stream of blockchain and cryptocurrency initiatives by internet and corporate giants is that they tend to tell us, in plain and simple language, the fatal flaws of the whole block-whoey business. Of course, they don’t put it that way. They know that they’ve created a dramatically improved system of blockchain (or whatever) – and as soon as you fully appreciate how bad the standard-issue stuff is, you’ll insist on buying their new, dramatically improved version. Microsoft and Intel have done us all this favor in explaining the wonders of their proprietary version of blockchain, as I described here.

Facebook has followed in this clear pattern. They actually spell out, in no uncertain terms, that existing smart contract implementations are dangerous things, riddled with bugs and filled with security holes. But it’s nearly impossible to build a marginally usable cryptocurrency system of the kind Facebook wants without them.

Facebook is proud of its solution: a new software language called Move. Yes, a language called “Move.”

I’ve spent a little time checking out the new language. The developers are generally right about the deficiencies they are addressing, effectively endorsing the view that existing smart contracts are hopelessly flawed. They are smart and have put forward credible solutions to the problems. It’s just possible that, after a few years and after the software has gone open-source, the new system will turn out to be an improvement on the old one. But before deciding that, let’s do something programmers avoid doing: take a quick look at history.

Software history is chock full of programming languages, each of which was invented to improve on or fix problems with earlier languages. Most new languages are supposed to make programming faster and more flexible, with fewer errors of any kind. After more than half a century of effort with thousands of new languages, how has that worked out? See this for details. Sorry, humans are creative types, and are capable of making mistakes in any medium at all. While Germans may be deeply certain that the German language is more clear and precise and superior for expressing truths than French, citizens of France are remarkably articulate about how this is not the case – while at the same time demonstrating that the French language is no better.

The team at Facebook has done us all the great service of making widely known the otherwise ignored deep flaws in Smart Contracts, while almost certainly increasing the chances of things going horribly wrong with Libra while introducing a well-intentioned but, well, new language, claiming against decades of experience with thousands of languages that this one will really bring human programmers to the land of perfection.

I’ve got a bridge. It’s cheap – wanna buy it?

This was originally posted at Forbes.

This is cross-posted from the original on Forbes.

First there was Bitcoin, friend of criminals, speculators and tech geeks everywhere. It’s grown amazingly. Then there were alternatives to Bitcoin, often sharing much of the same code, but with different and incompatible tokens. One of those Bitcoin alternatives, Ethereum, introduced the concept of Smart Contracts, which I discuss here. Now, increasing attention is being paid to “blockchain,” said to be the foundation on which crypto-currencies like Bitcoin and Ethereum are built. Large corporations are taking up the charge, places like IBM and Microsoft, and leaders in various industries have projects going to prove out the technology. While the terminology isn’t uniform, it’s easy to see that earlier terms with unsavory associations are being abandoned in favor of more generic terminology, names like blockchain,  “Immutable Distributed Ledger” technology, or just “distributed ledger.”

Once you start talking about the technology in generic terms, what are the chances of this actually working? At scale? In practical reality? Lots of people in the community of blockchain enthusiasts have expressed concern about this. Legitimate concern. The question naturally arises, but appears not to have been asked, has something like this been built before? Something that could legitimately be called an immutable distributed ledger?

The answer is a simple “yes.”

This amazing system, which is one of several in production today, has over 2 billion accounts and over 40 million participating agents. It moves over $10 trillion per year, processing over 150 million transactions a day, and can handle over 50,000 transaction messages per second.

Let’s dive into the technology a bit:

• It’s immutable. Once a transaction gets in the system, it can’t be altered or removed. Despite the volumes mentioned above, spread over more than 200 countries, there are no instances of processed transactions being altered.
• It’s distributed. Computers all over the world are involved. It doesn’t matter where you are: this system enables you to send or receive currency. Even better, currency conversions are built into the system! The distribution has been built in part to enable reliability. While any one computer in the system can fail, the system as a whole has never gone down, and transactions have never been lost.
• It’s a ledger. It’s a gigantic ledger of currency going into and out of accounts. The ledger balances to the penny every single day.
• Consumers don’t lose their money! In spite of all the volume, When bad stuff somehow happens, consumers lose nothing. Nada.

OK, OK, I’ll stop the charade. As you’ve probably guessed, the Distributed Ledger technology I’m describing here is in fact VISA. I’m playing this game because reading about how enthusiasts talk about blockchain, I wonder how many of them know about credit card internals? If they did, they would see that all the goals they have for blockchain have already been achieved in credit cards. And more!

The key assumption at the core of the blockchain craze is that blockchain is an amazing new technology, a breakthrough that enables all sorts of long-intractable problems to be solved. These virtues are primarily the fact that it’s immutable, it’s distributed and it’s a ledger. Sorry, guys, you don’t need blockchain to build a system that has those attributes. It’s already been built using plain old database technology and secure networking.

Yes, I played a game when describing the immutable distributed ledger technology that’s already in massive production, knowing everyone would think I was talking about blockchain. But the blockchain groupies are playing a more serious game, convincing themselves and others that blockchain is uniquely able to do things that haven’t been done before, and could never be done without this amazing new invention. Just to be clear, I’m not saying that VISA technology can be applied to the many problems to which blockchain is being applied. I’m simply saying that if you think you have a problem for which an immutable distributed ledger technology is the best solution – that problem can be solved without blockchain, more quickly and with a lot less effort. VISA is just one of many full-scale, in-production examples.

It's sad that the Blockchain mania is so powerful that no self-respecting executive can risk ignoring it. So all the big banks and even, yes, VISA itself have blockchain based projects underway, nearly all of them involving widespread use of the future tense. I am open to the possibility that some of them may even be deployed in some way, once the people implementing them get realistic and relegate the blockchain technology itself to a tiny, marginal aspect of the project's code base, and realize that everything they're doing could be done better and faster without the distraction of largely irrelevant blockchain. But meanwhile, it's great for reputational enhancement and attention-getting!

A version of this post was published at Forbes.

As I’ve described, cryptocurrency losses started long ago and have kept on mounting over the years. Most recently, the largest cryptocurrency exchange in Canada, QuadrigaCX,  has experienced a little problem that has resulted in what appears to be a permanent loss of over $130 million for its many customers.

The losses don’t seem to make any sense. My account is stored in a ledger that’s immutable – it can’t be changed because it’s locked down by unbreakable cryptography. It can’t be lost because the ledger is distributed, so even if a few computers are lost, there are still loads of computers with a copy of my unchangeable account balances in them. So how can it be that I can lose my money? To further increase security, Bitcoin and the other crypto-currencies don’t identify me by my name, but by a really loooong string of letters and numbers. And that’s just the name – to make any changes, someone would need access to my private key. Remember, “private key” isn’t just some password that’s easy to remember and maybe someone could guess – it’s a long number that's part of a proven-unbreakable cryptography scheme, totally guaranteeing that no one but me can access my accounts? It’s impossible for anyone to break through these layers of security, that math guys everywhere calmly assert just can’t be cracked. So what are these losses about???

The only reason this is mysterious is because the vast majority of stuff we read about Bitcoin, blockchain, distributed ledger technology and the rest is produced by adherents to the new cult. They’re promoters, not evaluators. Let’s start with encryption. Loads of things are encrypted – it’s hardly something that started with Bitcoin. Most sessions with websites are encrypted, as you can see by the https in the URL bar in the browser. I hope you only use encrypted WiFi. Email is encrypted. All databases run by moderately competent professionals are encrypted. And so on. Are websites, email systems and corporate servers hacked in spite of it? You know the answer. People can wave their arms and babble with passion about the power of unbreakable encryption all day long, but bad things happen in spite of it. Is it because encryption is in fact breakable? Nope! It’s because even the biggest castle with the most unbreakable walls has to have doors that are easy to open and close, though which properly authorized people and goods go in and out. Bad guys waltz right into the castle with unbreakable walls through the same easy-to-open doors that all the residents and servants of the castle use! How are those doors locked and guarded? Using absolutely proven, tested, tried-and-true methods such as … user names and passwords! And sometimes even PIN codes on top of it!!

Oh, no, everyone but everyone talks about how safe and immutable the distributed ledger is – how is it possible for it to be broken, and why are ancient, obsolete things like usernames and passwords involved? It’s simple, really. Say you’re an experienced break-and-entry person. You walk down a block at night. Most of the houses you see have fences, big locked doors and lights on. One of the houses is dark, and its front door is swinging free. Which house do you pick? Everyone scans for opportunities and goes for the weakest point. So no one even tries to break the cryptography – it really IS secure. But what about the place where the long ID and the no-way-can-I-remember-it private key are held? AHA! We’ve gotten to the weak point of the system: the wallet.

Wallets are just pieces of software that run on your phone, your computer or even online. There are dozens of wallets available. They all claim to store your Bitcoin securely, and maybe they do – except they need to allow a normal human being to actually use them, so they need to be opened by someone a normal human being can handle, like a user name and password! The super-secret but impossible-to-remember private key is stored in the wallet, among other things. Without the private key, you have nothing. If you lose or break the phone that has the wallet, you are screwed. And of course if your phone or computer is hacked, someone else will immediately transfer your Bitcoin out of your account into theirs. There is no recourse. None. Think that never happens? It’s been going on for years, see this. A 20-year-old college kid was just sentenced to 10 years in prison for stealing more than $5 million by phone hacking, see this. That was a first-ever case – usually, no one is caught.

Some people, concerned about the security of their wallets, have turned to professionally-managed exchanges, which both store crypto-currency and enable it to be converted and transferred in and out. An example of such a company is Quadriga, which was the largest such exchange in Canada last year. Now it has made various court filings, and is unable to return its customer’s roughly $200 million in assets, see this. Why? Because those assets were held in a wallet on the now-deceased founder’s laptop computer, and no one can get into the computer – its contents are encrypted and the access information was last seen somewhere in what was the founder’s brain.

Yes, the distributed ledger is secure and immutable. Yes, the cryptography used is in fact unbreakable. Most descriptions stop there, leading you to think you’re protected against loss or theft. As I hope is now clear, Bitcoin and its numerous offshoots do indeed involve some amazing technology, as I’ve described here. But that doesn’t mean that it’s any more secure or protected against loss than any other software. Because of its immaturity, it is proving to be more vulnerable to loss and theft than “normal” money. And the non-monetary blockchain solutions are just as vulnerable.

This post originally appeared on Forbes.