Know & go
- A closer look: There was much discussion around “reorgs” in relation to the Binance hack this week. We provide a 101 on what the reorganization of a blockchain would actually entail.
- Three things to know: (1) FinCEN released guidelines on how the Bank Secrecy Act applies to cryptocurrencies (2) CFTC official said the agency could approve ETH futures (3) Bitfinex to hold a sale for LEO exchange tokens.
- Market snapshot: Total crypto market capitalization is around $180.1 billion at press time (up 3.9% w/w). BTC is trading at $6310 (up 11.4% w/w), ETH is at $173 (up 4.6% w/w). BVOL (the rolling 30-day annualized Bitcoin volatility as calculated by BitMEX) is 46.5%, up slightly from last week. (5/10 11:30AM ET)
A closer look: To Reorg, or Not to Reorg 🤔
Binance, one of the largest cryptocurrency exchanges by volume, suffered a security breach earlier this week. As reported by Binance, hackers used phishing attacks and viruses to obtain user API keys and 2FA codes, among other possible information, to withdraw 7,000 BTC (worth ~$41 million at the time) from the exchange’s hot wallet. The conversation surrounding the impact on user funds, however, was quickly resolved as Binance CEO Changpeng “CZ” Zhao stated the exchange would cover the loss via its Secure Asset Fund for Users (SAFU fund) — a fund established last year to protect users from security failures like this.
While the SAFU fund provided an immediate resolution for users, Binance seemed to have no viable course for retribution. That is, until Bitcoin developer Jeremy Rubin suggested the exchange and its CEO coordinate a “reorg” of the Bitcoin blockchain to rewrite Bitcoin’s history and undo the hack. The proposal sparked a polarizing debate echoing across the crypto community with some seeking to preserve Bitcoin’s perception of immutability and others in favor of using reorgs as a defense against attacks.
In light of the events that transpired post-hack, there is now an increased importance in understanding what a reorg is and its potential impact on crypto networks.
In proof-of-work (PoW) blockchains, the chain with the most work* invested in it will be the one to define the network’s history. Blockchains do not often progress in a direct linear fashion as competing miners may discover two different yet valid new blocks, creating a temporary fork in the network. When this occurs, the network of miners must choose which block to continue building upon. The fork will be resolved once the next block is mined since that chain will have the most accumulated work.
Any miners working on the alternative fork should experience a blockchain reorganization, or reorg for short. Reorgs occur when a fork outpaces, in terms of work done, competing chains to become the chain of record. All block rewards earned on the shorter fork since the split become obsolete and any transactions completed are replaced by blocks on the more popular fork. The valid blocks that are abandoned are dubbed orphans. These smaller scale reorgs are have occurred on occasion in PoW blockchains and have resulted in the need to wait for multiple confirmations (e.g. six for Bitcoin) before a transaction is considered final.
It is important to note the difference between a hard fork and a reorg. While both instances start via an alternate extension from prior block, the outcomes and the intentions behind them vary. Hard forks are often premeditated acts by miners to deviate from the chain of origin and result in separate, co-existing chains. Examples of this include the Ethereum-Ethereum Classic fork following the DAO hack in 2016 and the Bitcoin-Bitcoin Cash fork in 2017. The forked chain typically features different technical aspects, such as the consensus mechanism or block size (as in the BTC-BCH hard fork), favored by miners supporting the new fork. Any future actions on the forked chain do not impact the original chain aside from fluctuations in total hash rate as miners shift focus between networks. Reorgs, on the other hand, occur naturally as mentioned, but can also be initiated by a miner looking to attack the network and rewrite its history in their favor. Moreover, reorgs result in a single final chain where actions on the forked chain can impact transactions on the main chain if the forked one accumulates the most work.
51 percent attack reorgs
Reorgs are also implemented during 51 percent attacks — when a malicious miner acquires a majority of network resources (i.e. hash rate). This miner would be able to extend an alternative chain from a previous block and build the forked chain at a faster rate than the existing main chain, reconfiguring the transactional history in the process. For instance, the attacker could spend coins on the main chain while forking an alternative history at a block prior to that transaction. The spent funds would then be in the miner’s possession on the forked chain. Once the fork is determined to be the chain with most accumulated work, the impending reorg would invalidate the original transaction and permit the attacker to keep the return from the first exchange and spend their coins again (i.e. a double spend). To complicate matters for users and other miners, this process can be executed secretively and will only become known once forked chain blocks are broadcast to the network.
51 percent attacks of this nature have occurred at an increased frequency over the last year, likely due to the significant drop in cryptocurrency prices and coinciding network security thresholds. The most recent example took place in January 2019 when Coinbase detected a “deep chain reorganization” on the Ethereum Classic blockchain. In this case, the attacker issued fifteen reorgs, “twelve of which contained double spends totaling ~$1.1 million in ETC.”
While the economics can be enticing, attempting a targeted reorg is a high risk move with a burdensome up front fixed cost. Miners would first have to accumulate 51 percent of the network hash rate by either purchasing the necessary equipment or colluding with other mining groups. Cost per attack is determined by the market value of the chain, the mining algorithm, and the network hash rate. Acquiring 51 percent of network resources does not guarantee success, however, since blocks from the forked chain could be rejected by miners on the original one, rendering double spent coins useless. Further, public knowledge of a network attack could debase the value of the cryptocurrency to an unprofitable level. As a result, it is often economically advantageous for miners to act honestly than to pursue an attack on the network — especially with regard to more valuable blockchains like Bitcoin and Ethereum where attacking costs are prohibitively high.
Reorgs for good?
In the end, CZ and Binance decided not to pursue a reorg approach, citing the damage it may cause to Bitcoin’s credibility and within the community as well as the uncertainty surrounding its chance of success. Additionally, the time between the hack and the decision was a factor. The longer it takes to enact a reorg, the greater the impact it will have on the network. The company elected to own its mistake instead and will spend time improving its internal security processes to prevent future oversights. Additional on-chain security measures could be explored, such as Jeremy Rubin’s suggestion of a replace by fee (RBF) transaction handling mechanism that would stifle attempts to execute an exchange withdrawal with stolen funds.
The proposal, however, reintroduced a discussion on issuing reorgs for an honest cause, in this case redistributing stolen funds away from a hacker. This approach was executed before by the Ethereum community in response to the 2016 DAO hack, although the contentious decision led to a hard fork rather than a reorg. Ethereum critics still criticize the choice to rewrite chain history and undo the hack, calling into question its level of decentralization and credibility for maintaining immutability. An attempt to reorg the Bitcoin blockchain, beyond a simple conversation, would likely meet even greater community opposition given its size, market value, and brand, which include its perceived levels of decentralization and immutability.
For more information on the Binance security breach and reorg discussion, check out Matthew Willemsen’s Messari board.
*Work done is a multiple of the number of blocks (or blockheight) and the block difficulty — a measurement of how hard it will be to mine the next block.
In other news
- PepsiCo completed a trial for a blockchain project that boosted programmatic advertising management efficiency by 28%. “Project Proton,” carried out in partnership with media agency Mindshare, leveraged the Zilliqa blockchain for end-to-end reconciliation to help gauge the effectiveness of blockchain on the advertising supply chain. Additional participants included Rubicon (online advertising), MediaMath (programmatic marketing), and Integral Ad Science (media firm). PepsiCo and partners plan to run a second trial that introduces blockchain based payments. Source.
- Fidelity Investments announced it will start offering Bitcoin trading within the next few weeks. The asset management firm will solely target institutional customers, differentiating from the other brokerages (E*Trade, Robinhood) that offer cryptocurrency trading to retail investors. The news comes just days after Fidelity released a study that found 47% of institutional investors “think digital assets are worth investing in.” Source.
- Bluewallet, a popular lightning network enabled Bitcoin wallet, launched its new app for Apple Watches in the iTunes store. According to product and UX engineer Nuno Coelho, the watch app is an experiment to see if users like to make Bitcoin payments from their watch as well. He also stressed Bluewallet’s most important goal is to transition away from being a custodial third-party in order to minimize the trust involved with Bluewallet payments. Source.
- The Bitcoin network hash rate climbed to its highest level since October 2018. The rise in mining activity coincides with the recent increase in Bitcoin price to just below $6k. Bitcoin mining costs are currently estimated to be between $3.5k and $4k, suggesting the opportunity to secure profits should attract more miners to the network. Source.
- The latest data also indicates the actual number of Bitcoin full nodes is over 90,000 with a few sources reporting this number recently exceeded 100,000. While some data providers report the existence of ~10,000 nodes, these sites may only consider “listening” nodes. Therefore, the Bitcoin blockchain might be more decentralized than some data sources indicate. Listening nodes act as information relay stations that help increase network efficiency and decentralization metrics. Full nodes, on the other hand, play a major role in validating transactions and enforcing the network rules, among others. Source.
- Ethereum developer group Prysmatic Labs released the Sapphire Testnet to the public. The testnet implements the Ethereum 2.0 protocol for a proof-of-stake (PoS) blockchain. Now, anyone with Gorli test ETH can participate and stake on Sapphire as the network development continues to progress. Source.
- The Australian Securities Exchange announced that it is rolling out a new distributed ledger technology based Customer Development Environment (CDE) that will replace the exchange’s existing CHESS system for equities clearing and settlement. The rollout will occur in seven drops, the last of which will occur in 2020. Source.
- Starbucks announced that it will use Microsoft’s Azure Blockchain service to trace the movement of coffee and the transition from bean to bag. Source.
- Facebook reverses its ban on ads related to blockchain technology or events about cryptocurrencies. Pre-approval will still be required for users looking to promote individual cryptocurrencies. The move comes less than a week after Facebook publicly acknowledged its efforts to create a blockchain-based stablecoin. Source.
- Crypto exchange Bitfinex released a white paper detailing an initial exchange offering that aims to raise $1 billion. The new exchange tokens, dubbed LEO, will be offered to private investors first before being open to public investment starting May 10th. Bitfinex is rumored to have already raised $600 million in private commitments. As of 5/9, the private money offered in the form of hard and soft commitments reached $1 billion. According to the white paper, the crypto exchange is holding the token sale in order to cover the $850 million currently frozen as part of the impending investigation by the New York Attorney General’s (NYAG) office. Source.
- Swiss stock exchange SIX is planning to start a pilot of its digital asset exchange this summer, and it will launch the first services — including the issuance of new tokens and an initial digital offering (IDO) platform — next year. The firm said it works with a number of organizations that are looking to launch tokenized structured products or real estate funds. It also has the long term goal of tokenizing existing securities. Despite the interest in tokenization, SIX has no plans to offer cryptocurrency trading due to KYC and AML concerns. Source.
- Crusoe Energy Systems completed a $4.5 million seed round led by Bain Capital Ventures and Founders Fund Pathfinder. Crusoe offers a Digital Flare Mitigation (DFM) service that enables oil and gas producers to convert natural gas into electric power on-site. This prevents the need for companies to burn off natural gas (a procedure called flaring) that may negatively impact the environment. The funding will be used to advance some existing data centers so natural gas can be used to mine cryptocurrencies. Source.
Global regulatory roundup
- This week, FinCEN issued new guidance on how the Bank Secrecy Act (BSA) applies to cryptocurrencies. The guidance touched on the designation of software wallet providers, multi-signature wallets, decentralized exchanges, and other non-custodial venues, as well as, privacy-preserving cryptocurrencies and services. For a full breakdown of the guidance, we recommend Coin Center’s blog post, Katherine Wu’s annotated version of FinCEN’s guidance, and Gabriel Shapiro’s tweetstorm, and more on Messari’s FinCEN Guidance and News board.
- The Southern District of Florida issued an order asking Craig Wright to show records backing his Bitcoin ownership in the multi-billion dollar Kleiman case, “which claims Wright misappropriated billions of dollars of bitcoin (1.1 million BTC) through a complicated multi-year partnership with Kleiman.” Source.
- Someone at the CFTC said earlier this week that it would approve a cash settled futures contract if it checked all the right boxes, which would open up the ETH market to institutional participation. Source.
- OneCoin is being sued by an investor seeking to represent others who were defrauded in what was supposedly a multibillion dollar pyramid scheme. Source.
- U.S. Congressman Bradley Sherman clamored for Congress to propose a bill that would ban cryptocurrencies. Sherman stated cryptocurrency poses a threat to U.S. foreign policy, tax collection, and law enforcement as well as its use among criminals. Source. Crypto Twitter has remained resilient and has since rallied in opposition of Sherman’s anti-crypto comments.
What we’re reading
- Bitcoin’s Gravity by Gigi
- CryptoEvolution: Mutating Toward Preeminent Protocols by Tom Shaughnessy
- A modest proposal regarding Bitcoin mining by Nic Carter
- Blockchains are bureaucracies par excellence by Mario Laul
- Why Blockchain is Not the Answer by Jimmy Song
- FinCEN’s new cryptocurrency guidance matches Coin Center recommendations
- A Deep Dive on the SOPR On-Chain Oscillator by Felipe Gaúcho Pereira
What we’re listening to
- Chain Reaction: Consensys’ Joe Lubin: Ethereum’s Competition Isn’t Even Close
- Off the Chain: Patrick O’Kain, Special Agent for the DEA: How Criminals are Using Cryptocurrency
- What Grinds My Gears: Let’s Talk About DEX, Baby
- What Bitcoin Did: Tuur Demeester on Why Bitcoin is in Heavy Accumulation
- The Token Daily: Tony Sheng, Independent Analyst: A Writer’s Take on Bitcoin Lore
- Unchained: Tagomi: A One-Stop Solution for Large Crypto Trades
- Base Layer: Zaki Manian (SkuChain, Cosmos, Tendermint)
- Blockchain Insider: Like FUD off a duck’s back
- The Blockcrunch: Can Blockstack Decentralize the Internet? – Muneeb Ali (Blockstack)
Circle in the news
- Poloniex will become one of the first crypto asset exchanges to support Cosmos staking. Coming in summer 2019, eligible customers who hold atoms on Poloniex will automatically earn staking rewards while maintaining the ability to trade. Source.
Where we’ll be in May
- Tokenized Assets, New York, 5/12
- Consensus 2019, New York, 5/13-5/15
- All Things Blockchain, New York, 5/15
- FINRA Annual Conference, Washington DC, 5/16-17