Who is/was Satoshi?

This blog entry is mainly a placeholder to store some links and idle speculation.

As a topic it’s interesting for the same reason all detective stories are interesting, a human desire to know ‘whodunnit’.

There is one fact(?) which is that Hal Finney received the first Bitcoin transaction from Satoshi to his wallet (shown above), and we can see that from an archived article written by journalist Andy Greenberg who met Hal shortly before he died who was shown a screenshot of Hal’s (only?) Bitcoin wallet. If you validate the addresses on the explorer they check out.

Beyond this it rapidly gets very murky. In the cast of characters around at Bitcoin’s early inception there are at least two or three others who are interesting (possibly more if we include Craig). The relationship between Nick Szabo and Hal stands out, they both commented on each others blogs frequently, across a range of economic, political and game theory topics.

Adam Back (the originator of hash cash) comments on the blog post that supposedly ‘outs’ Nick.

Adam’s comments above, if taken at face value would seem to rule out him and Wei from consideration, and implies that Nick’s proposal was not the way Bitcoin was designed (there is the fact of Nick’s blog posts being edited post Bitcoin, see URL versus date stamps).

Nick explores a lot of concepts that relate very closely to Bitcoin, for example Smart Contracts, Secure Time, Tamper Evident Numbers, and some which are more tangential.

Dave Kleiman was certainly working in the space. However it’s much harder to find hard evidence that Dave was working on the specifics that fed into this solution, beyond general comments on crypto mailing lists.

But lets come back later to Gwern Branwen, who seems to be linked to them all and who in this post nicely encapsulates why the cockroach survived.

More to come…

Interesting links

TechCrunch article: Who is the real….

Blog post: Satoshi is probably….

Unenumerated Blog Post: Bit Gold

OvercomingBias: Hal Finney Author Archives


Hashcash Whitepaper

Gwern Bran­wen‘s write up is very interesting and leads into Wei Dei’s AMA…


Cardano Global Adoption

At ADAvault we use Cloudflare for DDoS protection and CDN caching. An interesting byproduct of this that we get data for use of the Daedalus wallet access on a per country basis. This is because the wallet checks the json files on our site for data on the ADV stake pool, and therefore this gives us a proxy measure for adoption of cardano globally.

Adoption rates are highest in the US, Canada, UK, Germany, Japan, Australia and South Korea. Overall there is a pretty impressive coverage globally, but still some room for progress in Africa where the Cardano Foundation have plans to boost adoption.

This ability will stop with the rollout of SMASH in Daedalus 2.3.0 as all data will be routed centrally via IOHK or community servers:

With this Daedalus update, stake pool off-chain data (name, ticker symbol, homepage, and description) is obtained from the IOHK stake pool metadata aggregation server (SMASH). Previously, Daedalus obtained off-chain stake pool data individually from each stake pool, which was time consuming and error-prone. In a future upgrade, Daedalus wallet users will be able to choose an alternative server in the configuration and access any community server of their choice.

It’s a sensible change, the current structure allows for a number of potential privacy and security attacks.


PoS versus PoW (2/2)

In the first part of this post we examined how the properties of Bitcoin, which enabled it to bootstrap the cryptocurrency ecosystem in 2009, became a problem as it scaled to millions of users with a network value of billions of dollars. Primarily use of the Proof of Work (PoW) protocol which leads to:

  • Excessive use of energy
  • Extreme centralisation which places power over the network in the hands of a small number of individuals
  • Very high cost of entry for new miners
  • Slow innovation cycle

So why is Proof of Stake a better approach?

Let’s consider the issue that Elliot Hill addresses in the CF post, namely reaching consensus on a chain. The key problem is to incentivise participants to behave in a trustworthy manner, such that we can always choose the longest chain, and be confident that the majority of participants have not attempted to subvert the ledger (the Byzantine Fault or Generals problem).

Bitcoin achieves this by ensuring that the cost of cheating is higher than behaving in a trustworthy manner. Miners compete to solve a computational challenge with variable costs in order to extend the block chain.

If a greedy attacker is able to assemble more CPU power than all the honest nodes, he would have to choose between using it to defraud people by stealing back his payments, or using it to generate new coins. He ought to find it more profitable to play by the rules, such rules that favour him with more new coins than everyone else combined, than to undermine the system and the validity of his own wealth.

Satoshi Nakamoto, Bitcoin: A Peer-to-Peer Electronic Cash System, 2009

So how does Cardano attempt to solve this problem so that there are the same incentives to play honestly by the rules?

In the protocol used by Cardano, time is divided into 5 day epochs, and within an epoch slot leaders are elected to extend the chain (or mint the block) proportionally based on the stake they hold. Slots are allocated by a provably random function in the previous epoch, preventing an attacker from using repeated denial of service attacks against slot leaders. Stake Pools are only rewarded in the following epoch for slots they successfully led that sucessfully extended the chain, thus incentivising them to behave in a trustworthy manner.

Abstract. We present “Ouroboros Praos”, a proof-of-stake blockchain protocol that, for the first time, provides security against fully-adaptive corruption in the semi-synchronous setting: Specifically, the adversary can corrupt any participant of a dynamically evolving population of stakeholders at any moment as long the stakeholder distribution maintains an honest majority of stake; furthermore, the protocol tolerates an adversarially-controlled message delivery delay unknown to protocol participants.

Ouroboros Praos: An adaptively-secure, semi-synchronous proof-of-stake blockchain, Bernardo David, Peter Gazi, Aggelos Kiayias, and Alexander Russell

This leaves a few important issues the protocol Ouroboros Praos, used by Cardano in the Shelley era, also needs to address:

  • Sybil attacks- the attacker spins up a large number of pools which enables them to take overall control (majority) and falsely extend the chain
  • Convergence to a small number of pools leading to the same centralisation and control problem that Bitcoin has

The solution to these are covered in the academic paper Reward Sharing Scheme for Stake Pools which derives why Cardano is resistant to Sybil attacks and will converge to approximately 150 stake pools (with the current K parameter):

We introduce and study reward sharing schemes (RSS) that promote the fair formation of stake pools in collaborative projects that involve a large number of stakeholders such as the maintenance of a proof-of-stake (PoS) blockchain. Our mechanisms are parameterized by a target value for the desired number of pools. We show that by properly incentivizing participants, the desired number of stake pools is a Nash equilibrium arising from rational play. Our equilibria also exhibit an efficiency / security tradeoff via a parameter that calibrates between including pools with the smallest cost and providing protection against Sybil attacks, the setting where a single stakeholder creates a large number of pools in the hopes to dominate the collaborative project.

Lars Brünjes, Aggelos Kiayias, Elias Koutsoupias, Aikaterini-Panagiota Stouka. June, 2020

Hence we can show that the Ouroboros Praos PoS protocol used by Cardano in the Shelley Era, addresses the PoW issues that 1st and 2nd generation crypto currencies like BTC and ETH suffer:

  • Energy costs are low, typical pools using the reference architecture can operate with minimal power consumption for nodes and network equipment.
  • As pools become saturated the return to delegators reduces, incentivising them to move to less saturated pools thus preventing centralisation to a single ‘winner takes all’ stake pool
  • Costs are not prohibitive for new system entrants, any excessive centralisation incentivises new entrants to the ecosystem, and there is a linear cost to start new pools reducing the potential for Sybil attacks

The last issue; a slow innovation cycle requires us to consider governance which will be the subject of a future post…


PoS versus PoW

One of the significant benefits of Cardano is that it relies on Proof of Stake (PoS) to secure the chain rather than Proof of Work (PoW). Why is this a better method?

Elliot Hill from the Cardano Foundation recently explored the history of PoS versus PoW in an excellent forum post:

Consensus mechanisms are essential for all parties to agree on a single immutable history of a blockchain, to mint new blocks and to maintain the protocol as a whole. The two main methods of consensus used today are based on proof of work (PoW) or proof of stake (PoS) mechanisms, which have influenced many other types of similar consensus methods.

Bitcoin solves this problem of consensus via miners competing to solve a cryptographic challenge, the first one to do so gets to seal the block and extend the chain. The difficulty of the challenge is adjusted by the network to keep block production to approximately 10 minutes, and every 630,000 blocks the reward the miners receive is halved.

This was an excellent approach to bootstrap the cryptocurrency ecosystem from zero participants, however it comes with a significant downside as the network value increases; power input is proportional to overall value of the network. It will always make sense to add mining capacity as long as the cost of power plus mining kit is lower than the reward from mining. With bitcoin at $10k and rewards of 6.25 BTC per block that’s a lot of power being consumed, if BTC increases to a $100k as it may in the coming years the total power consumption of the Bitcoin network will be higher than many nation states.

There is another downside. As the entry cost to mine has increased over time; first via CPU, then GPU, followed by increasingly specialised ASICS the level of centralisation in the network has increased. There are now around 10 major mining operations for Bitcoin globally. This centralisation makes the network less representative as the miners exert disproportionate control over changes to the network.

For bitcoin, about 58% of transactions are processed by four mining pools, mostly in China. Some 57% of ether production is controlled by three mining pools. article

Cardano is a 3rd generation network (BTC = 1st Gen, ETH = 2nd Gen). In the next post we will explore the Cardano approach compared to BTC and ETH, how it solves these issues and the benefits.

As an aside we would encourage readers to spend some time to read Satoshi’s original white paper (if you haven’t already), which elegantly derives how a ‘A Peer-to-Peer Electronic Cash System‘ can be made secure without the need for a trusted 3rd party such as a central bank issuing a currency.