The Bitcoin model is “this thing exists, it has to work, we’re not going to screw with it unless there is overwhelming consensus to do so.” And in fact it is structurally pretty hard to screw with it, absent overwhelming consensus to do so;
With the majority of the mining power concentrated in China I don’t think that’s really true. China could just pass a law that says: “It’s illegal to sign blocks that contain transfered funds of terrorist entities, the Chinese government is able to decide to freeze certain addresses so that Chinese miners are not allowed to accept blocks (optionally: that are newer then two days) or create blocks that move funds out of those addresses”.
Without a fork that would mean that the Chinese miners are able to have the longest blockchain and thus the official one. I don’t see an easy way to fork and invalidate the ability for the Chinese miners to do that either. You would likely need to do things like changing the underlying signing algorithms to invalidate the ASICs.
From a more engineering-oriented and less governance-oriented view, I guess my main concern is that Ethereum’s scripting model is very complicated compared to Bitcoin’s. I’m not aware of a Bitcoin script ever being hacked, granted that this is because Bitcoin scripts are much less capable than Ethereum scripts!
You need the complicated scripts to do the complex DeFi stuff. If a substantial amount of the value of cryptocurrency comes out of the DeFi stuff that will likely mean that a crypto network that allows that stuff will move to the top.
That makes it sound like nobody lost Bitcoin in hacks either. I don’t see much difference between Binance losing 40$ million worth of Bitcoin in a hack of their software to a smart contract on the Ethereum network being hacked.
China could just pass a law that says: “It’s illegal to sign [certain blocks].
Without a fork that would mean that the Chinese miners are able to have the longest blockchain and thus the official one. I don’t see an easy way to fork and invalidate the ability for the Chinese miners to do that either. You would likely need to do things like changing the underlying signing algorithms to invalidate the ASICs.
I agree that you’re right about what would initially happen in this scenario (miner majority conspires to censor transactions).
It’s worth noting that you can only tighten restrictions this way, not loosen them (e.g. China can’t pass a law sending themselves all the coins, miner majority or not, without automatically forcing everyone else into a separate fork.)
The difficulty level of responding to this would depend on the policy goals of the Chinese government, and the level of coordination of the Chinese miners. If they were content to have their own China-Bitcoin fork, it would be easy enough to coordinate to let them go, and nothing as drastic as a PoW change would required. If not, it would certainly get messy, although I think we have some reasonable approaches prepared for this contingency, short of nuclear options.
If a substantial amount of the value of cryptocurrency comes out of the DeFi stuff that will likely mean that a crypto network that allows that stuff will move to the top.
I agree. Whether it’s worth the complexity is an interesting open question.
I don’t see much difference between Binance losing 40$ million worth of Bitcoin in a hack of their software to a smart contract on the Ethereum network being hacked.
Here I do see a tremendously large difference:
First of all, Binance is an exchange which trades both Bitcoin and Ethereum, and holds balances of both. The fact that they lost Bitcoin in the hack, and not Ether, is only because Bitcoin is more popular than Ethereum. There is zero structural advantage for Ethereum here.
Binance is a third-party website. I don’t know what standard practice in Ethereum is—hopefully the same—but it is strongly recommended in the Bitcoin community never to store coins with a third party. By contrast, Parity is one of the standard Ethereum local wallet apps, and the affected contract was the built-in multisig option in that app. “I gave my coins to a third party and they got lost” is very different from “I stored my coins in the official wallet app on my local computer and they got lost.”
Also, the amount in question was apparently ~7 times as large, in USD terms (or ~4x from another source): https://www.theguardian.com/technology/2017/nov/08/cryptocurrency-300m-dollars-stolen-bug-ether . And worse in market cap terms: this single bug destroyed about 1% of all Ether in existence (or 0.5%, according to a different source). The Binance hack represented about 0.03% of the Bitcoin in existence at that time.
In point of fact, Binance users did not lose funds—as far as I can tell, Binance covered all the losses. By contrast, in the Parity multisig incident, all affected user funds were—as far as I know—lost irrecoverably.
It’s also worth noting, if only for amusement value, that the Parity multisig issue was not technically a “hack”; the bug was triggered by accident, and the coins were lost (not taken). (Although the previous incident in the same contract, just 4 months prior was a theft.)
Obviously these points are applicable to these specific examples. There were other Ethereum contract losses where users did realistically know they were putting funds at risk, unlike the Parity incident. And there were other Bitcoin incidents where user funds did get lost, and were not returned (although of course they all involved storage of funds with third parties, not bugs in the standard client software, that I’m aware of.) But the sheer volume, severity, and general nature of the issues seems incomparable to me.
With the majority of the mining power concentrated in China I don’t think that’s really true. China could just pass a law that says: “It’s illegal to sign blocks that contain transfered funds of terrorist entities, the Chinese government is able to decide to freeze certain addresses so that Chinese miners are not allowed to accept blocks (optionally: that are newer then two days) or create blocks that move funds out of those addresses”.
Without a fork that would mean that the Chinese miners are able to have the longest blockchain and thus the official one. I don’t see an easy way to fork and invalidate the ability for the Chinese miners to do that either. You would likely need to do things like changing the underlying signing algorithms to invalidate the ASICs.
You need the complicated scripts to do the complex DeFi stuff. If a substantial amount of the value of cryptocurrency comes out of the DeFi stuff that will likely mean that a crypto network that allows that stuff will move to the top.
That makes it sound like nobody lost Bitcoin in hacks either. I don’t see much difference between Binance losing 40$ million worth of Bitcoin in a hack of their software to a smart contract on the Ethereum network being hacked.
I agree that you’re right about what would initially happen in this scenario (miner majority conspires to censor transactions).
It’s worth noting that you can only tighten restrictions this way, not loosen them (e.g. China can’t pass a law sending themselves all the coins, miner majority or not, without automatically forcing everyone else into a separate fork.)
The difficulty level of responding to this would depend on the policy goals of the Chinese government, and the level of coordination of the Chinese miners. If they were content to have their own China-Bitcoin fork, it would be easy enough to coordinate to let them go, and nothing as drastic as a PoW change would required. If not, it would certainly get messy, although I think we have some reasonable approaches prepared for this contingency, short of nuclear options.
I agree. Whether it’s worth the complexity is an interesting open question.
Here I do see a tremendously large difference:
First of all, Binance is an exchange which trades both Bitcoin and Ethereum, and holds balances of both. The fact that they lost Bitcoin in the hack, and not Ether, is only because Bitcoin is more popular than Ethereum. There is zero structural advantage for Ethereum here.
Binance is a third-party website. I don’t know what standard practice in Ethereum is—hopefully the same—but it is strongly recommended in the Bitcoin community never to store coins with a third party. By contrast, Parity is one of the standard Ethereum local wallet apps, and the affected contract was the built-in multisig option in that app. “I gave my coins to a third party and they got lost” is very different from “I stored my coins in the official wallet app on my local computer and they got lost.”
Also, the amount in question was apparently ~7 times as large, in USD terms (or ~4x from another source): https://www.theguardian.com/technology/2017/nov/08/cryptocurrency-300m-dollars-stolen-bug-ether . And worse in market cap terms: this single bug destroyed about 1% of all Ether in existence (or 0.5%, according to a different source). The Binance hack represented about 0.03% of the Bitcoin in existence at that time.
In point of fact, Binance users did not lose funds—as far as I can tell, Binance covered all the losses. By contrast, in the Parity multisig incident, all affected user funds were—as far as I know—lost irrecoverably.
It’s also worth noting, if only for amusement value, that the Parity multisig issue was not technically a “hack”; the bug was triggered by accident, and the coins were lost (not taken). (Although the previous incident in the same contract, just 4 months prior was a theft.)
Obviously these points are applicable to these specific examples. There were other Ethereum contract losses where users did realistically know they were putting funds at risk, unlike the Parity incident. And there were other Bitcoin incidents where user funds did get lost, and were not returned (although of course they all involved storage of funds with third parties, not bugs in the standard client software, that I’m aware of.) But the sheer volume, severity, and general nature of the issues seems incomparable to me.