1/ People often ask me why I’m so “against” Ethereum. Why do I go out of my way to point out flaws or make analogies that put it in a bad light?Intro
2/ First, ETH’s architecture & culture is opposite that of Bitcoin, and yet claims to offer same solutions: decentralization, immutability, SoV, asset issuance, smart contracts, …Agree! I personally find Ethereum culture far saner, though I am a bit biased :)
Second, ETH is considered a crypto ‘blue chip’, thus colors perception of uninformed newcomers.
3/ I've followed Ethereum since 2014 & feel a responsibility to share my concerns. IMO contrary to its marketing, ETH is at best a science experiment. It’s now valued at $13B, which I think is still too high.Not an argument
4/ I agree with Ethereum developer Vlad Zamfir that it’s not money, not safe, and not scalable. https://twitter.com/VladZamfistatus/838006311598030848 …I'm pretty sure Vlad would say the exact same thing about Bitcoin
@VladZamfir Eth isn't money, so there is no monetary policy. There is currently fixed block issuance with an exponential difficulty increase (the bomb).
5/ To me the first red flag came up when in our weekly hangout we asked the ETH founders about to how they were going to scale the network. (We’re now 4.5 years later, and sharding is still a pipe dream.)The core principles have been known for years, the core design for nearly a year, and details for months, with implementations on the way. So sharding is definitely not at the pipe dream stage at this point.
Ethereum's Joe Lubin in June 2014: "anticipate blockchain bloat—working on various sharding ideas". https://www.youtube.com/watch?v=oJG9g0lCPU8&feature=youtu.be&t=36m41s …
6/ Despite strong optimism that on-chain scaling of Ethereum was around the corner (just another engineering job), this promise hasn’t been delivered on to date.Sure, sharding is not yet finished. Though more incremental stuff has been going well, eg. uncle rates are at near record lows despite very high chain usage.
7/ Recently, a team of reputable developers decided to peer review a widely anticipated Casper / sharding white paper, concluding that it does not live up to its own claims.That review was off the mark in many ways, eg. see https://twitter.com/technocrypto/status/1071111404340604929, and by the way CBC is not even a prerequisite for Serenity
Unmerciful peer review of Vlad Zamfir & co's white paper to scale Ethereum: "the authors do NOT prove that the CBC Casper family of protocols is Byzantine fault tolerant in either practice or theory".
8/ On the 2nd layer front, devs are now trying to scale Ethereum via scale via state channels (ETH’s version of Lightning), but it is unclear whether main-chain issued ERC20 type tokens will be portable to this environment.Umm... you can definitely use Raiden with arbitrary ERC20s. That's why the interface currently uses WETH (the ERC20-fied version of ether) and not ETH
9/ Compare this to how the Bitcoin Lightning Network project evolved:Ok
elizabeth stark @starkness: For lnd: First public code released: January 2016 Alpha: January 2017 Beta: March 2018…
10/ Bitcoin’s Lightning Network is now live, and is growing at rapid clip.Sure, though as far as I understand there's still a low probability of finding routes for nontrivial amounts, and there's capital lockup griefing vectors, and privacy issues.... FWIW I personally never thought lightning is unworkable, it's just a design that inherently runs into ten thousand small issues that will likely take a very long time to get past.
Jameson Lopp @lopp: Lightning Network: January 2018 vs December 2018
11/ In 2017, more Ethereum scaling buzz was created, this time the panacea was “Plasma”.Yay, Plasma!
@TuurDemeester Buterin & Poon just published a new scaling proposal for Ethereum, "strongly complementary to base-layer PoS and sharding": plasma.io https://twitter.com/VitalikButerin/status/895467347502182401 …
12/ However, upon closer examination it was the recycling of some stale ideas, and the project went nowhere:Just because Peter Todd rejected something as "insecure" doesn't mean that it is. In general, the ethereum research community is quite convinced that the fundamental Plasma design is fine, and as far as I understand there are formal proofs on the way. The only insecurity that can't be avoided is mass exit vulns, and channel-based systems have those too.
Peter Todd @peterktodd These ideas were all considered in the Treechains design process, and ultimately rejected as insecure.
13/ The elephant in the room is the transition to proof-of-stake, an “environmentally friendly” way to secure the chain. (If this was the plan all along, why create a proof-of-work chain first?)Umm... we created a proof of work chain first because we did not have a satisfactory proof of stake algo initially?
@TuurDemeester "Changing from proof of work to proof of stake changes the economics of the system, all the rules change and it will impact everything."
14/ For the uninitiated, here’s a good write-up that highlights some of the fundamental design problems of proof-of-stake. Like I said, this is science experiment territory.And here's a set of long arguments from me on why proof of stake is just fine: https://github.com/ethereum/wiki/wiki/Proof-of-Stake-FAQ. For a more philosophical piece, see https://medium.com/@VitalikButerin/a-proof-of-stake-design-philosophy-506585978d51
15/ Also check out this thread about how Proof of Stake blockchains require subjectivity (i.e. a trusted third party) to achieve consensus: https://forum.blockstack.org/t/pos-blockchains-require-subjectivity-to-reach-consensus/762?u=muneeb … and this thread on Bitcoin: https://www.reddit.com/Bitcoin/comments/59t48m/proofofstake_question/Yes, we know about weak subjectivity, see https://blog.ethereum.org/2014/11/25/proof-stake-learned-love-weak-subjectivity/. It's really not that bad, especially given that users need to update their clients once in a while anyway, oh and by the way even if the weak subjectivity assumption is broken an attacker still needs to gather up that pile of old keys making up 51% of the stake. And also to defend against that there's Universal Hash Time.
16/ Keep in mind that Proof of Stake (PoS) is not a new concept at all. Proof-of-Work actually was one of the big innovations that made Bitcoin possible, after PoS was deemed impractical because of censorship vulnerability.Oh I definitely agree that proof of work was superior for bootstrap, and I liked it back then especially because it actually managed to be reasonably egalitarian around 2009-2012 before ASICs fully took over. But at the present time it doesn't really have that nice attribute.
@TuurDemeester TIL Proof-of-stake based private currency designs date at least back to 1998. https://medium.com/swlh/the-untold-history-of-bitcoin-enter-the-cypherpunks-f764dee962a1 …
17/ Over the years, this has become a pattern in Ethereum’s culture: recycling old ideas while not properly referring to past research and having poor peer review standards. This is not how science progresses.Tuur Demeester added,I try to credit people whenever I can; half my blog and ethresear.ch posts have a "special thanks" section right at the top. Sometimes we end up re-inventing stuff, and sometimes we end up hearing about stuff, forgetting it, and later re-inventing it; that's life as an autodidact. And if you feel you've been unfairly not credited for something, always feel free to comment, people have done this and I've edited.
[email protected] has been repeatedly accused of /criticised for not crediting prior art. Once again with plasma: https://twitter.com/DamelonBCWS/status/895643582278782976 …
18/ One of my big concerns is that sophistry and marketing hype is a serious part of Ethereum’s success so far, and that overly inflated expectations have lead to an inflated market cap.Ok, go on.
19/ Let’s illustrate with an example....
20/ A few days ago, I shared a critical tweet that made the argument that Ethereum’s value proposition is in essence utopian....
@TuurDemeester Ethereum-ism sounds a bit like Marxism to me:
- What works today (PoW) is 'just a phase', the ideal & unproven future is to come: Proof-of-Stake.…
21/ I was very serious about my criticism. In fact, each one of the three points addressed what Vitalik Buterin has described as “unique value propositions of Ethereum proper”. https://www.reddit.com/ethereum/comments/5jk3he/how_to_prevent_the_cannibalism_of_ethereum_into/dbgujr8/ …...
22/ My first point, about Ethereum developers rejecting Proof-of-Work, has been illustrated many times over By Vitalik and others. (See earlier in this tweetstorm for more about how PoS is unproven.)See above for links as to why I think proof of stake is great.
Vitalik Non-giver of Ether @VitalikButerin: I don't believe in proof of work!
23/ My second point addresses Ethereum’s romance with the vague and dangerous notion of ‘social consensus’, where disruptive hard-forks are used to ‘upgrade’ or ‘optimize’ the system, which inevitably leads to increased centralization. More here:See my rebuttal to Tuur's rebuttal :)
24/ My third point addresses PoS’ promise of perpetual income to ETHizens. Vitalik is no stranger to embracing free lunch ideas, e.g. during his 2014 ETH announcement speech, where he described a coin with a 20% inflation tax as having “no cost” to users.Yeah, I haven't really emphasized perpetual income to stakers as a selling point in years. I actually favor rewards being as low as possible while still being high enough for security.
25/ In his response to my tweet, Vitalik adopted my format to “play the same game” in criticizing Bitcoin. My criticisms weren't addressed, and his response was riddled with errors. Yet his followers gave it +1,000 upvotes!Ok, let's hear about what the errors are...
Vitalik Non-giver of Ether @VitalikButerin: - What works today (L1) is just a phase, ideal and unproven future (usable L2) is to come - Utopian concept of progress: we're already so confident we're finished we ain't needin no hard forks…
26/ Rebuttal: - BTC layer 1 is not “just a phase”, it always will be its definitive bedrock for transaction settlement. - Soft forking digital protocols has been the norm for over 3 decades—hard-forks are the deviation! - Satoshi never suggested hyperbitcoinization as a goal.Sure, but (i) the use of layer 1 for consumer payments is definitely, in bitcoin ideology, "just a phase", (ii) I don't think you can make analogies between consensus protocols and other kinds of protocols, and between soft forking consensus protocols and protocol changes in other protocols, that easily, (iii) plenty of people do believe that hyperbitcoinization as a goal. Oh by the way: https://twitter.com/tuurdemeestestatus/545993119599460353
27/ This kind of sophistry is exhausting and completely counter-productive, but it can be very convincing for an uninformed retail public.Ok, go on.
28/ Let me share a few more inconvenient truths....
29/ In order to “guarantee” the transition to PoS’ utopia of perpetual income (staking coins earns interest), a “difficulty bomb” was embedded in the protocol, which supposedly would force miners to accept the transition.The intended goal of the difficulty bomb was to prevent the protocol from ossifying, by ensuring that it has to hard fork eventually to reset the difficulty bomb, at which point the status quo bias in favor of not changing other protocol rules at the same time would be weaker. Though forcing a switch to PoS was definitely a key goal.
30/ Of course, nothing came of this, because anything in the ETH protocol can be hard-forked away. Another broken promise.How is that a broken promise? There was no social contract to only replace the difficulty-bombed protocol with a PoS chain.
Tuur Demeester @TuurDemeester: Looks like another Ethereum hard-fork is going to remove the "Ice Age" (difficulty increase meant to incentivize transition to PoS). https://www.cryptocompare.com/coins/guides/what-is-the-ethereum-ice-age/ …
32/ This was criticized by P2P & OS developers as a reckless notion, given that every smart contracts is actually a “de novo cryptographic protocol”. In other words, it’s playing with fire. https://bitcointalk.org/index.php?topic=1427885.msg14601127#msg14601127 …See above
33/ The modular approach to Bitcoin seems to be much better at compartmentalizing risk, and thus reducing attack surfaces. I’ve written about modular scaling here...To be fair, risk is reduced because Bitcoin does less.
34/ Another huge issue that Ethereum has is with scaling. By putting “everything on the blockchain” (which stores everything forever) and dubbing it “the world computer”, you are going to end up with a very slow and clogged up system.We never advocated "putting everything on the blockchain". The phrase "world computer" was never meant to be interpreted as "everyone's personal desktop", but rather as a common platform specifically for the parts of applications that require consensus on shared state. As evidence of this, notice how Whisper and Swarm were part of the vision as complements to Ethereum right from the start.
Christopher Allen @ChristopherA: AWS cost: $0.000000066 for calc, Ethereum: $26.55. This is about 400 million times as expensive. World computer? https://hackernoon.com/ether-purchase-power-df40a38c5a2f …
35/ By now the Ethereum bloat is so bad that cheaply running an individual node is practically impossible for a lay person. ETH developers are also imploring people to not deploy more smart contract apps on its blockchain.Umm.... I just spun up a node from scratch last week. On a consumer laptop.
Tuur Demeester @TuurDemeester: But... deploying d-apps on the "Ethereum Virtual Machine" is exactly what everyone was encouraged to do for the past 4 years. Looks like on-chain scaling wasn't such a great idea after all.
36/ As a result, and despite the claims that running a node in “warp” mode is easy and as good as a full node, Ethereum is becoming increasingly centralized.See above
@TuurDemeester Finally a media article touching on the elephant in the room: Ethereum has become highly centralized. #infura https://www.coindesk.com/the-race-is-on-to-replace-ethereums-most-centralized-layeamp?__twitter_impression=true …
37/ Another hollow claim: in 2016, Ethereum was promoted as being censorship resistant…Yes, the DAO fork did violate the notion of absolute immutability. However, the "forking the DAO will lead to doom and gloom" crowd was very wrong in one key way: it did NOT work as a precedent justifying all sorts of further state interventions. The community clearly drew a line in the sand by firmly rejecting EIP 867, and EIP 999 seems to now also be going nowhere. So it seems like there's some evidence that the social contract of "moderately but not infinitely strong immutability" actually can be stable.
Tuur Demeester @TuurDemeester: Pre TheDAO #Ethereum presentation: "uncensorable, code is law, bottom up". http://ow.ly/qW49302Pp92
38/ Yet later that year, after only 6% of ETH holders had cast a vote, ETH core devs decided to endorse a hard-fork that clawed back the funds from a smart contract that held 4.5% of all ETH in circulation. More here: ...See above
39/ Other potential signs of centralization: Vitalik Buterin signing a deal with a Russian government institution, and ETH core developers experimenting with semi-closed meetings: https://twitter.com/coindesk/status/902892844955860993 …,Suppose I were to tomorrow sign up to work directly for Kim Jong Un. What concretely would happen to the Ethereum protocol? I suspect very little; I am mostly involved in the Serenity work, and the other researchers have proven very capable of both pushing the spec forward even without me and catching any mistakes with my work. So I don't think any argument involving me applies. And we ended up deciding not to do more semi-closed meetings.
Hudson Jameson @hudsonjameson: The "semi-closed" Ethereum 1.x meeting from last Friday was an experiment. The All Core Dev meeting this Friday will be recorded as usual.
40/ Another red flag to me is the apparent lack of relevant expertise in the ETH development community. (Check the responses…)I personally am confident in the talents of our core researchers, and our community of academic partners. Most recently the latter group includes people from Starkware, Stanford CBR, IC3, and other groups.
Tuur Demeester @TuurDemeester: Often heard: "but Ethereum also has world class engineers working on the protocol". Please name names and relevant pedigree so I can follow and learn. https://twitter.com/TuurDemeestestatus/963029019447955461 …
41/ For a while, Microsoft veteran Lucius Meredith was mentioned as playing an important role in ETH scaling, but now he is likely distracted by the failure of his ETH scaling company RChain. https://blog.ethereum.org/2015/12/24/understanding-serenity-part-i-abstraction/ …I have no idea who described Lucius Meredith's work as being important for the Serenity roadmap.... oh and by the way, RChain is NOT an "Ethereum scaling company"
42/ Perhaps the recently added Gandalf of Ethereum, with his “Fellowship of Ethereum Magicians” [sic] can save the day, but imo that seems unlikely...Honestly, I don't see why Ethereum Gandalf needs to save the day, because I don't see what is in danger and needs to be saved...
43/ This is becoming a long tweetstorm, so let’s wrap up with a few closing comments.Yay!
44/ Do I have a conflict of interest? ETH is a publicly available asset with no real barriers to entry, so I could easily get a stake. Also, having met Vitalik & other ETH founders several times in 2013-’14, it would have been doable for me to become part of the in-crowd.Agree there. And BTW I generally think financial conflicts of interest are somewhat overrated; social conflicts/tribal biases are the bigger problem much of the time. Though those two kinds of misalignments do frequently overlap and reinforce each other so they're difficult to fully disentangle.
45/ Actually, I was initially excited about Ethereum’s smart contract work - this was before one of its many pivots.Ethereum was never about "smart BTC contracts"..... even "Ethereum as a Mastercoin-style meta-protocol" was intended to be built on top of Primecoin.
Tuur Demeester @TuurDemeester: Ethereum is probably the first programming language I will teach myself - who wouldn't want the ability to program smart BTC contracts?
46/ Also, I have done my share of soul searching about whether I could be suffering from survivor’s bias.Ok, good.
@TuurDemeester I just published “I’m not worried about Bitcoin Unlimited, but I am losing sleep over Ethereum” https://medium.com/p/im-not-worried-about-bitcoin-unlimited-but-i-am-losing-sleep-over-ethereum-b5251c54e66d …
47/ Here’s why Ethereum is dubious to me: rather than creating an open source project & testnet to work on these interesting computer science problems, its founders instead did a securities offering, involving many thousands of clueless retail investors.What do you mean "instead of"? We did create an open source project and testnet! Whether or not ETH is a security is a legal question; seems like SEC people agree it's not: https://www.cnbc.com/2018/06/14/bitcoin-and-ethereum-are-not-securities-but-some-cryptocurrencies-may-be-sec-official-says.html
48/ Investing in the Ethereum ICO was akin to buying shares in a startup that had “invent time travel” as part of its business plan. Imo it was a reckless security offering, and it set the tone for the terrible capital misallocation of the 2017 ICO boom.Nothing in the ethereum roadmap requires time-travel-like technical advancements or anything remotely close to that. Proof: we basically have all the fundamental technical advancements we need at this point.
49/ In my view, Ethereum is the Yahoo of our day - an unscalable “blue chip” cryptocurrency:Got it.
Tuur Demeester @TuurDemeester: 1/ The DotCom bubble shows that the market isn't very good at valuing early stage technology. I'll use Google vs. Yahoo to illustrate.
50/ I’ll close with a few words from Gregory Maxwell from 2016,: https://bitcointalk.org/index.php?topic=1427885.msg14601127#msg14601127 …See my rebuttal to Greg from 2 years ago: https://www.reddit.com/ethereum/comments/4g1bh6/greg_maxwells_critique_of_ethereum_blockchains/
(1) What do you personally find as the most useful and/or important current application for virtual currency?I feel empowered when holding a currency whose scarcity is defined in mathematics where the whims of neither man nor nature shall intercede. Probably not answering the question...
(2) Where do you think virtual currency tech is headed in the medium term and long term.More and more people will capitalize on the efficiencies it brings to accepting and making payments. Properly regulated, crypto-currencies may lubricate every market on the planet.
(3) Are there particular problems from a consumer perspective you've had in dealing with virtual currency firms that regulators should consider?It's scary to store value in a currency on the lawless frontier of finance. While the math is a formidable barrier, and may be sufficient protection for the vast majority of users, I still feel an anxiety about the possibility of a 51% attack.
This attack is practical right now with any size mining pool: Anyone can launch this attack successfully right now, and make revenues in excess of what they would otherwise make. Under the best theoretical conditions, Bitcoin requires at least 2/3rds of the miners to be honest : It was previously believed that the Bitcoin ecosystem was safe as long as a majority were honest. But a slightly different technique deployed by Primecoin makes it more secure than other currencies and less prone to attacks like 51% attack, which results in manipulating the transaction. Similar to Bitcoins, it offers instant payments all across the world. 33 years ago, miners in the ukraine caused an environmental disaster when they attempted a 51% attack on bitcoin Posted on September 30, 2020 by thomashartman1 The plant operators did their best to resist the dangerous order, but the directive to attack bitcoin came from on high in the communist party. Bitcoin Gold has modified this algorithm and is now adopting parameter set <144,5>. This new algorithm is called Equihash-BTG. The new algorithm requires more memory than the one that was originally developed by Zcash.  May 2018 attack. In May 2018, Bitcoin Gold was hit by a 51% hashing attack by an unknown actor. A potential attack on the Ethereum network Classic (ETC) will cost only $55 million and can bring the attackers to $1 billion. This statement is contained in the analysis, which was conducted by Brazilian researcher Husa..
[index]          
Andreas Antonopoulos - 51% Bitcoin Attack A 51% attack is a potential attack on a blockchain network, where a single entity or organization is able to control the majority of the hash rate, potential... 51% attack is when an individual miner or group of miners manage to control more than 50% of a network’s hashing power. This would allow the attacker to disrupt the network and rewrite history ... Watch live: https://ivanontech.com/live =====(tradesanta bot hindi)===== Will Bitcoin dump ?!! Etc 51% attack third time and chainlink acquires oracle solution #tradesanta deutsch #tradesanta re...