The Shady Cryptocurrency Boom on the Post-Soviet Frontier - WIRED

The Shady Cryptocurrency Boom on the Post-Soviet Frontier - WIRED
Amber Baldet on what blockchain technology can do for us beyond cryptocurrency - The Verge
This New Bitcoin And Cryptocurrency Exchange Can’t Be Hacked - Forbes
The World’s Most-Used Cryptocurrency Isn’t Bitcoin - Bloomberg

Posted: 29 Oct 2019 04:00 AM PDT

Until fairly recently, the only way to pass money outside this system was to do so in hard cash, either by handing it to the person you are paying or by sending it through a hawala network, a kind of informal Islamic Western Union that relies on trust and familial bonds rather than wire transfers and regulations. But even after you've received your piles of banknotes you still have a problem. If you try to buy anything that costs more than a few thousand dollars, the seller is legally obliged to alert the authorities. The same will happen if you try to deposit a large amount of cash in a bank account or invest it in stocks or bonds. The only way to spend the cash you have received without attracting scrutiny is piecemeal, through small purchases, or to launder it like Walter White through a cash-heavy business. So ultimately all of us—individuals, businesses, even nation-states—sit in the school kid circles, knowing that our conversations will be monitored.

The mighty dollar makes America the schoolmaster. If the US Treasury decides that a US bank has facilitated illegal payments, it can withdraw its banking license. And if the treasury finds that a bank outside the US has broken the rules, it can block the institution from communicating with any US bank. Effectively that bank is then cut off from any payment system that uses the dollar, and from holding dollars in the Federal Reserve.

And the dollar is more than just a sovereign currency: 62 percent of all foreign exchange reserves held in nations' central banks worldwide are in dollars, and it is used in 90 percent of all foreign exchange transactions, according to the finance website the Balance, making the US the gatekeeper to the global banking system. President Donald Trump wields the dollar like a weapon. The US Treasury slaps new sanctions down nearly weekly, on Iran, North Korea, Venezuela, Syria, and Russia. Since 2012 the US has imposed more than 60 rounds of sanctions on Moscow—punishment for its annexation of Crimea and its meddling in the 2016 election, among other things—halving the country's foreign direct investment, wiping out $500 billion in investments in its energy sector, and hammering Russian banks' ability to do global business.

That's a perfect opening for cryptocurrencies. They do away with the need for banks altogether, creating a network free from intermediaries where money can be passed unimpeded. What's more, no banks means the US role of gatekeeper, along with the power of its sanctions, vanishes. And so, like a virtual retelling of The Breakfast Club, the kids can take over the school—and do whatever they want.

Sanctions offer their own opportunities, grifts ready-made to plug into a cryptocurrency system just over the horizon. In July, at his chic restaurant in the Belarusian capital of Minsk, local businessperson Sergey Mirgorodsky explained how his country is cashing in on the Russian embargoes. After Putin annexed Crimea from Ukraine in 2014, the EU restricted trade, investments, and tourism to the peninsula. In retaliation, Putin banned some European food imports, emptying many luxury goods from shelves in Russian supermarkets.

Companies in Belarus, which shares a border and a customs union with Russia, started filling the gap. "European producers send their products here, stamp them with a 'Made in Belarus' label, and then send them on to Russia," Mirgorodsky laughed. "I know of one European salmon company which sends it here to be smoked so it can get the stamp."

Elsewhere, Belarus is an economic basket case, littered with state-run zombie enterprises that do little more than enrich government cronies and keep much of the population in unproductive employment. President Alexander Lukashenko, once the manager of a Soviet collective farm, just celebrated a quarter-century in power and has a habit of putting his opponents in jail. Belarus is the only European country to have kept the death penalty and is periodically placed under US and EU sanctions (many EU restrictions were lifted in 2016).

LEARN MORE

The WIRED Guide to the Blockchain

Lukashenko likes to appear in military uniform on Belarus' national days, when the army parades Soviet-style down the grand Minsk boulevards. Having once described the internet as "garbage," he seemed an unlikely contender to implement the world's most forward-thinking cryptocurrency regime. But in December 2017, Lukashenko passed a decree allowing businesses registered with (although not necessarily physically located in) High Technology Park, an anodyne business center on the gray outskirts of the capital, to mine, develop, and trade in cryptocurrencies. It has, in theory, turned this ex-Soviet backwater into the most progressive blockchain jurisdiction in the world—"like a Seoul inside Pyongyang," says one Belarusian crypto-entrepreneur.

Amber Baldet on what blockchain technology can do for us beyond cryptocurrency - The Verge

Posted: 29 Oct 2019 09:13 AM PDT

This week on the interview episode of The Vergecast, Verge editor-in-chief Nilay Patel interviews cryptocurrency expert Amber Baldet, co-founder of blockchain startup Clovyr and a board member of the financial privacy nonprofit Zcash Foundation.

Nilay and Amber discuss where cryptocurrencies on the blockchain are going, the potential of Facebook's Libra project, and how the blockchain can revive our trust in putting our data online.

Below is a lightly edited excerpt of the conversation.

Nilay Patel: I was just reading some of the stuff you've been writing. You've got this line here: "We might not be able to stop the rise of the machines, but we can at least create a more consensual system, a fair day's wage for a fair day's data." How would that work?

Amber Baldet: Well, to be honest, that was kind of a tongue-in-cheek jab at a fair day's work for a fair day's pay because I don't know about you, but it hasn't worked out for a lot of the global populace.

That's kind of what I'm asking. But the example you just gave — "I want you to have a photo that I took. So I sent you a photo. Now we have two copies of the photo." — sort of reduces the value of my single photo in a way that if I had a print before. How do you stop things from being copied infinitely and a system that is designed around that specific mechanical task?

That's a slightly different problem. Having something that is like a dollar. A dollar is fungible. A dollar in my pocket is as good as a dollar in your pocket. But when I have $100 in my pocket in singles, I can give a portion of them to you, and then I simply don't have them anymore. The challenge with file distribution is something called digital rights management. People have been trying to watermark photos and somehow stop the spread of them for 15, 20 years. I used to work at a company that made very proprietary research. How do you stop people from just forwarding on the newsletter? And all of the solutions are relatively hacky or not elegant and pretty easily undermined. At the end of the day, your ephemeral photo app might tell you that it prevents screenshots, but it doesn't stop you from holding up another phone and taking a picture of that picture.

So there's a difference between data privacy (which is the data that you have and that you want to keep yours and prevent from leaving your purview) and the concept of confidentiality (that you've shared something consensually with someone, whether that's a point-to-point text message or with a vendor where you signed a toss that I'm sure you read 100 percent of the terms of service for) that once they have it, in a way it's theirs. There's not a way to pull that back. There is privacy research happening now though for ways that we can coordinate and collaborate on things without disclosing that data, where you can say, "Either bring an application or an algorithm to data that stays with you, and we can train models collectively, and we can come to agreement about things without disclosing things." It's very exciting.

But it also has become this kind of silver bullet now of a technical solution trying to solve a social problem that we have, which is that we don't trust each other. But also all of the legal agreements that have been created have this power asymmetry where it just... there's nothing I can do once my data is gone. It's gone.

So I think that there are a lot of different tools in the toolkit when you're designing systems that provide people more agency. But right now, they are so either in the R&D stage or incredibly complex to interact with, or you need a PhD to be able to install and run these things that, for most people, you're going to sign up with medium. I mean, that's what you do.

So my position in terms of service agreement should be legal. You certainly can't say no and then still use your iPhone. You're just kind of screwed. That, to me, is a very powerful idea that you would somehow claw some power back to the individual, and they'd be able to express some market signal. "I don't want to give you this much data." But it seems very hard to get from what we're talking about, which sounds great to your point, which is the application sources are still very complicated, still very far away from the consumer.

Yeah, and to your question about what is a fair day's wage for a fair day's data, half of the global population is coming online over the next 10 years, and not everybody's data is worth the same thing. And we do run quite a risk of looking at populations that are even less educated about what their data means and how it's deployed than the people that have been on the internet for some time. Applications come to them and say, "Hey, we're going to pay you for this. You're not involved necessarily in understanding the market rate of this, but we're going to pay you for something." What is it of value that they have that they're necessarily going to sell in that situation? It's very likely that privacy becomes something that the rich can afford and that the rest of us simply cannot because you need either the compensation or you are offered access to a network that you couldn't afford otherwise, as long as you give away your data.

So would it be better than the system that we have now or when you have no say, maybe, but it might simply be papering over the underlying and growing kind of technical inequities that are happening.

So we've been talking about a lot of things blockchain might be able to do or different systems it might be able to be the foundation of. But right now, when most people think of cryptocurrency, they think specifically about the financial aspect of it. Why is that? Why hasn't it broken? What is the app that makes people think about blockchain in a way that's relevant to them besides, "I'm going to hold bitcoin."

I don't really think people need to hope that blockchain is relevant to them any more than at some point someone said, "Hey, how's the relational database good for me?" That's just not a question that we ask. It was all of the applications that were built on top of this new type of architecture that allowed kind of the web 2.0 emergence to happen, that suddenly, there was something you wanted to do. And it wasn't because you were able to store and join sequel databases in brand-new ways.

It's the social graph there, and now we're going to do different types of operations on that. So I think money is a fantastic application. And people have been working quite hard on making, whether it's Bitcoin or some other coin making that is usable. I think what would be great for people to understand is not "How does the blockchain help me?" but rather that right now, we're seeing a huge push toward cashless in society, in general. Scandinavian countries right now are almost entirely cashless. They trust their government. They have a very different opinion than somewhere like India that's attempting to demonetize and go cashless forcibly where they have a very large cash economy in existence.

So it really is a radical idea to have people not have cash in their pockets. Thirty years ago, I remember my mom telling me when I was a kid, "It's illegal not to accept cash." Only some places will accept credit cards. That's optional. But cash... cash is money. Now, you can definitely go to a bistro, and they will say "We're cashless" or your farmers market where you buy asparagus for five bucks, they'd rather you use Square. And what does that mean? It means that every financial transaction, every time you buy something, you are actually asking a third-party service, "Is it okay that I do this?" And you don't really have insight into how many different providers are part of that yes or no decision that happens so quickly. And a lot of people say, "Well, it doesn't matter. I'm buying asparagus. There's nothing wrong with that." But you know, what if you were buying an engagement ring. Would you want that broadcast to your Facebook feed? Probably not.

What if you were paying a health insurance bill or medical bill that you want to make sure your employer doesn't necessarily see... We have these separations of concerns. And there are plenty of legitimate reasons that people expect financial privacy. Perhaps you want to donate to one political cause versus another. We can't really look at "If you're not doing anything wrong, then you don't need privacy." It really is privacy from whom in what context. And that context is changing all the time.

So what might be fine for you today might not necessarily be fine for you tomorrow, and might definitely not be fine for a vulnerable population that struggles to be financially included day-to-day anyway.

So that conversation is very much sort of like the bitcoin argument, right?

It doesn't necessarily have to be bitcoin, though. And I'm not saying anything good or bad about bitcoin. I'm not a bitcoin maximalist, but I'm also not anti-bitcoin. I'm just a person who knows things.

That's why I want to get into it.

But there's certainly something to be said for a version of digital cash where, right now, we go to an ATM, you take out money that you have, you can do something with that cash, and then if you don't use all the cash, you can deposit it back into the ATM. What happened with that cash in the interim? Banks have collectively decided as long as you're not depositing more than X amount in X days according to X client customer profile, you're fine. We'll take your dollars back.

In an entirely cashless ecosystem, every transaction — no matter how small — would be on that grid. There's not an escape hatch where you can take something out, and a publicly accessible cryptocurrency does provide that. It could be more seamlessly integrated into the banking system where you have certain digital wallets that you open at a bank just like a debit card. There's no reason that those kinds of hybrid solutions can't be explored other than current land grabs around market share, and conversations with regulators about what is or is not acceptable.

So you're on the board of the Zcash Foundation. It sits around bitcoin in a way that cryptocurrency is going to sit around.

Zcash was originally a fork of the bitcoin project with additional cryptographic privacy added to it, yes.

In that role, how do you think about the ecosystem and what Zcash is trying to do?

They really are keeping on this idea of a technically pure privacy solution to digital cash as their north star. There's certainly people who can flame each other on Twitter about whether or not that goal is being achieved. Most of the transactions in the Zcash network are just as public as bitcoin ones. For people who don't participate or play with bitcoin, they might not realize that it's actually not as private as maybe the news has made it out to be. It's pseudonymous. So as long as you keep some information private, then it's hard to trace back to you. But actually a public ledger, a public blockchain is completely visible to anyone.

You could, for example, a couple of years ago when the NHS was hacked and there was this ransomware attack where all of their files were encrypted, and they say "Pay us bitcoin, and we'll unlock it," with the address to deposit that bitcoin. It's in the malware. You could look at it. You could go to your favorite blockchain explorer, put in the address, and watch funds flowing into that wallet. And then you can trace those funds after that. There's ways to kind of split and obfuscate that trail over time, but really, those are tainted funds forever, in some ways. And so, the Zcash project is working on making sure that the privacy isn't simply at that networking layer and at the "we can all have unbounded number of keys" layer. Sorry, I don't want to get too technical here, but they actually generate what are called zero knowledge proofs as you go. And like I mentioned before, that's a way for two people who don't trust each other to prove something without actually exposing what the inputs to the question.

A simple example of where that might be used in regular life would be... let's say that you had five people in a room, and they all wanted to figure out if they were being paid the same for the same job. How would you solve that right now? You'd probably find a person and everybody would tell them, "What's your salary?" and that person would say, "Okay, it was you," but without disclosing what all the numbers were.

So you can construct zero knowledge proofs to do that essentially in a black box way. So that you can solve that problem without having to have that intermediary. Again, it's about removing kind of intermediary... Let me back up for a second. It's about being able to remove unnecessary kind of central actors and achieve something technically that we couldn't do before.

So I want to bring that all the way back around to like the first thing you said, which is the first group of people — the cypherpunks, the people who brought about the technology — they had not only a technical problem they were trying to solve, but a massive social problem. There was a philosophy behind it. And what you're describing is, we should be able to put as much salary information to a black box and get it out without figuring out who disclosed what to whom. That's never before been possible. And now it's mathematically possible. Do you spend a lot of time thinking about, well, should math enable us to do things that human beings themselves could not do in that way?

Well, fundamentally, early on, the challenge or one of the things that was so amazing about the early cypherpunk work is the advocacy for strong encryption and the work there. And we all use strong encryption every day. We probably don't know it. But every time you visit a website that's using SSL or TLS now, you get the little lock in your URL bar. This part of the PKI, the public kind of key system that the internet is really built around. And we take this for granted that there's an ability for us to transact securely end-to-end on the internet. And it simply didn't need to be that way. In fact, those initial algorithms that allow you to do this, and what's in layman's terms, what's interesting about strong encryption is that you can publish the entire algorithm without it becoming weaker for having done so.

There's no golden key or secret bit of information that has to be kept in a vault that someone controls in order to have the algorithm be secure. And this is actually really important. It becomes important, for example, when, after the San Bernardino shooting, when iPhone was used, and the FBI went to Apple and said, "Can you open this phone for us?" And they simply said, "No, we just simply cannot do that. There's no backdoor to this encryption. We can't do that for you." And so you'll see it again arise in Congress, the question, should we have strong encryption? Should it exist? Well, it does exist. And if we collectively, as a society, decide that we want to only use backdoored encryption, then other people will simply use the strong encryption.

And now, we are using something that's intentionally hamstringed, and it becomes a security threat, a national security threat, essentially, to our financial systems, our internet, our daily banking, everything else we do. And so that advocacy early on was very important. But where we're at now has gone much farther than that to say, our daily privacy of our goings-about simply cannot be separated from our digital lives. There's no such thing as IRL anymore. IRL is digital. We are all online, all of the time.

If The Verge has a thesis statement, it's that.

Yeah, the internet is IRL, is life. I'm from the internet. And so as privacy becomes something that you simply cannot divorce from your digital privacy, we need to have tools that allow us to maintain our agency and our simple human dignity.

So that brings me back to something you mentioned earlier, which is, right now, it's very complicated. Installing many of these apps and services is very difficult. It's hard to even quite understand which ones you should participate in, apart from bitcoin and potentially Ethereum, and none of them have really reached that network effect scaling moment where they're valuable to everyone, not just sort of early adopters. What is the inflection point, do you think? And I realized that you said it's not important to you, like it's a sequel database. But at some point, sequel databases took over the world, and now I can point to them everywhere. I can't quite do that with blockchains yet.

The main project that I'm working on at Clovyr is about infrastructure orchestration and coordination. And eventually, user discovery of apps that are out there in a decentralized non-curated by Apple in the Apple Store kind of way. But early on, that looks a lot like also great developer tools and developer enablement. So we kind of have to walk before we run there. But I think that for every app in the retail space or the regular user space where we sign up for some service because it says they're going to give you your astrology chart or they're going to let you blog or they're going to tell you where the restaurants are in your neighborhood, there is probably a very motivated group of college kids trying to get a Y Combinator grant to solve that problem in a decentralized way.

It was very frustrating over the last couple of years to have that suddenly mean ICO and token, rather than thinking about "What would this just mean as a self-hosted application, something that I could run?" For folks that don't necessarily code or deal with infrastructure themselves, that probably is a meaningless phrase to them. But to go back to the, like, "let's stick a floppy in a computer" model, one of the reasons that we all wanted to move that to the cloud was that you wanted to access your document from a number of different machines, maybe your phone, maybe your work computer, maybe your home computer. And so you need what's called a server to sit in the middle and serve out that data.

And it's much, much more efficient to aggregate all of those servers into one place, to virtualize them, slice them, dice them. Now we're moving into a server list model where you don't even know where the heck... It's getting crazy out there. It's a challenge for new developers that come into this space, you don't need to understand kind of the technical stack the way it used to be because you never see these things isolated. It's just a connection of services that you glue together into some sort of application. But for regular people, what you wanted to do is run the app, I wanted to run QuickBooks or whatever.

So there should be a way to decouple the infrastructure and the piece of "Where does this thing sit and how does it run, and how do I access this from what you wanted to do?" The app usage and the content creation and the data that it's storing? And this goes into what people would call deweb or decentralized web kind of projects. There's an entire bunch of folks that are looking at how can we create new types of self-hosted applications where you simply don't have those other intermediaries, but they can connect to each other, swap data, share information, just like you have a central coordinator. In order to do that, you need to be able to make running that infrastructure as seamless as if somebody else was doing it, and that's one of the things I'm working on.

This New Bitcoin And Cryptocurrency Exchange Can’t Be Hacked - Forbes

Posted: 14 Oct 2019 12:00 AM PDT

Bitcoin cryptocurrency security and mining concept. Safe lock with symbol of bitcoin on circuit board. — Getty

Bitcoin exchange hacks have plagued the cryptocurrency ecosystem since the first platforms for trading were launched in the early 2010s, and these events have caused major public relations issues for the entire crypto asset market. While exchange hacks don't have anything to do with potential technical problems related to the underlying Bitcoin network, it's never a good look when millions or even billions of dollars worth of Bitcoin is stolen from thousands of exchange customers in a matter of minutes.

Although the Bitcoin exchange industry has improved its ability to deal with crypto asset security over the years, the threat of another large hack is always looming over the ecosystem. But that could soon change.

One of the main features of Bitcoin is that it's programmable money, and developers have figured out new ways to build exchanges in ways that do not require users to turn over control of their funds until the exact moment they want to make a trade. One of the new exchanges that is taking advantage of this technology is Nash.

How Does Nash Secure Customer Funds?

In the past, exchange customers have always deposited their coins onto trading platforms with the exchange taking custody of the funds. That exchange platform then becomes a central point of focus for hackers because there's a big payday in it for them if they're able to get into the exchange's internal wallet.

With platforms like Nash, users do not need to hand over custody of their crypto assets to a third party before they trade.

Many Bitcoin enthusiasts are excited about the Lightning Network's potential to cut transaction costs, speed up transactions, and potentially improve user privacy. And this same sort of technology can be used to vastly improve the level of security offered by exchanges.

Nash uses a system of state channel smart contracts to handle trades, and the system is currently live on the Ethereum and Neo blockchains. Notably, the Ethereum blockchain briefly surpassed Bitcoin in a key measurement of overall adoption last month. However, Ethereum's ETH token is also down heavily against Bitcoin over the past couple of years.

According to Nash co-founder Fabio Canesin, Bitcoin support is expected to be added to their platform soon.

"We initially demonstrated that our proposed architecture could deliver cross-chain markets that compete with the performance of centralized exchanges – an extremely important parameter for liquidity," said Canesin when reached for comment. "For this reason, we focused on the NEO-ETH market. Now that this is live and functioning well, we can move onto other networks. Bitcoin is the obvious next candidate owing to its importance in our industry."

State channels effectively allow multiple parties to transact with each other in Bitcoin or other cryptocurrencies without having to touch the blockchain. This works via a technical trick that involves two parties placing funds into a 2-of-2 multisig address and then creating valid transactions from that multisig address to each of their personal addresses as a way to update how much of the funds in the multisig address belong to each party. None of these generated transactions are actually broadcast to the blockchain. The only transactions that hit the blockchain are the ones at the end when each party is ready to leave the payment channel with the appropriate amount of funds (if this was too confusing try reading this longer explanation of the Lightning Network).

While decentralized exchanges have existed in the past, a key advantage of using state channels is they allow transfers to happen instantly, meaning users don't have to wait seconds or minutes for blockchain confirmations to execute their trades.

It should also be noted that, while customer funds cannot be stolen by hacking an exchange's internal wallet, hackers could still cause plenty of damage if they were able to push out a malicious software update to Nash customers. That said, this is still a huge security gain.

"Updates require a signed payload using offline keys," said Canesin when asked about this potential issue. "However, if a hacker did somehow manage to push a malicious update, users would also have to log in and sign a transaction before encountering an issue. The data in our software is not enough, since user-provided entropy is also required. We try to mitigate these risks by building several layers of protection."

The high level of security offered by Nash also relies on the integrity of the smart contracts backing the exchange, and vulnerabilities in advanced smart contracts have continued to pop up in 2019.

Other projects that are working on this type of non-custodial trading technology include SparkSwap, which is built on the Lightning Network, and Arwen, which has built its own plugin model for existing exchanges.

In addition to their trading platform, Nash is also working on a mobile wallet, browser extension, and payment processing service for merchants that will all be integrated with each other.

While even the developers behind Bitcoin admit the cryptocurrency is an experiment that could still fail, exchanges like Nash are another step in the right direction when it comes to improving both usability and security of this technology at the same time. This is also the sort of technology that makes it clear that it would be difficult for governments to implement a Bitcoin ban, as two members of the U.S. Congress recently admitted.

Note: This article was updated to point out the potential issues associated with complex smart contracts that are used as the basis for Nash's exchange and other similar platforms, as pointed out by Kraken CEO Jesse Powell on Twitter.

The World’s Most-Used Cryptocurrency Isn’t Bitcoin - Bloomberg

Posted: 01 Oct 2019 12:00 AM PDT

[unable to retrieve full-text content]The World's Most-Used Cryptocurrency Isn't Bitcoin Bloomberg

Search This Blog

Cryptocurrency

"mt4 crypto brokers" - Google News