
Factual Inaccuracies of “Facebook Libra Is Architecturally Unsound” - dochtman
https://tonyarcieri.com/factual-inaccuracies-of-facebook-libra-is-architecturally-unsound
======
drcode
> I suspect Facebook’s longer term plans, were they to actually launch Libra,
> are to move to a permissionless proof-of-stake model much like the one used
> by Cosmos

It seems really naive to think that if FB were to get a foothold in the
currency markets with a permissioned product that they would later on go
against their own interests and transition to a permissionless alternative
(not to mention the massive legal and technical hurdles that this transition
would require)

...but I don't know why I'm arguing against Libra, it's such an all-around
terrible product, I should just keep my mouth shut. Facebook is tarnishing the
idea of a "corporatecoin" for the next few years and doing all of us a favor
in the process.

~~~
thunderbird120
They have explicitly stated that a move to a permissionless system is their
end goal.

[https://en.wikipedia.org/wiki/Libra_(cryptocurrency)#Blockch...](https://en.wikipedia.org/wiki/Libra_\(cryptocurrency\)#Blockchain_consensus)

~~~
jeromebaek
Doesn't matter; there are no technical details for this, and so far nobody has
a solution on how to do this. Yes, permissionless networks exist; but no
network has transitioned _from_ a permissioned _to_ a permissionless network.
_While_ transitioning from a permissioned to a permissionless network, you
open your gates to a horde that are financially incentivized to exploit this
newfound permission. How then are you going to secure yourself from an attack?
Nobody has this figured out. It's mathematically unsound.

~~~
baby
There is nothing mathematically unsound, I would even say that it should be
trivial to transition to a permissionless setting. You just need to implement
a proof of stake algorithm. The only questions are: what scheme do we want to
implement and when does it make sense to transition. Libra launching as
permissionless would be DOA.

~~~
jeromebaek
tell me how to transition from pow to pos

~~~
baby
why? Libra is not pow.

------
rwosync
There are likewise some inaccuracies in this post. Both OPs seems to agree on
the fact that Libra has no transaction privacy and then pick nits about
features not being there _at this point in time_ :

> Libra’s byzantine tolerance on a permissioned network is an incoherent
> design.

This post's argument rests on their being a unused flag in the configuration
file for a feature which is not implemented. The Libra whitepaper indicates
that a permissionless design is beyond their ability to implement at this
time. There is no reason to believe a proof-of-stake model is what is
intended. Even the whitepaper states:

> The challenge is that as of today we do not believe that there is a proven
> solution that can deliver the scale, stability, and security needed to
> support billions of people and transactions across the globe through a
> permissionless network.

> Libra HotStuff BFT is not capable of achieving the throughput necessary for
> a payment rail

This seems like some actual benchmarks that simulate real system load are
needed before a conclusion can be made.

> Libra’s Move language is unsound

It seems like the OP takes a more traditional view of type checkers as a
Haskeller programmer. Pushing type-checking to the bytecode level is a very
nontraditional approach to compiler design and contradicts the original Libra
whitepaper claiming to implement linear types. Libra does not do this provide
any linear typechecker or formal verification at this time.

> Libra’s cryptography engineering is unsound

This section is subject to some debate. It seems there are some unpublished
audits of the libraries that may lend credibility to the Rust libraries but
are unpublished. The original post doesn't claim that they are insecure, just
that the more audits and testing the libraries undergo the more trusted they
should become trusted (i.e. libsodium).

It also seems that Libra implements a lot of extraneous next-gen crypto that
is dead code and not used for any purpose in the core logic.

> Libra has no capacity for consumer protection mechanisms

The section agrees with the OP that this does not exist.

~~~
gwbas1c
> This seems like some actual benchmarks that simulate real system load are
> needed before a conclusion can be made.

Both true and false. Typically, someone with good systems knowledge can
estimate throughput from reviewing architecture / design / implementation.

~~~
baby
There is no way you would be able to estimate throughput without doing any
benchmarks.

~~~
gwbas1c
Things like Big-O notation are part of introductory computer science classes
and introductory algorithms classes.

BigO notation also applies when an algorithm is distributed and runs over a
network. An algorithm that's O(n^2) will always be slower than an algorithm
that's O(2n). You don't need to run benchmarks to find that out.

~~~
baby
Big O notation tells you nothing about throughput in normal conditions. It
tells you things about throughput in asymptotic conditions.

~~~
erwan
The parent poster also forgets about constant factors anyway.

------
dang
The thread discussing the original post is
[https://news.ycombinator.com/item?id=21451847](https://news.ycombinator.com/item?id=21451847).

There shouldn't be two posts about the same thing on the front page. In most
cases we'd merge the follow-up into the original, but since the points of view
here are so opposed, it's going to seem like favoritism no matter what we do.
My first crack at this is to let the opposing side have a hearing since the
original has already spent many hours on the front page.

------
Terretta
> _This section throws a few numbers out: it claims the UK Bacs system does
> 580,000,000 transactions a month, or about 223 transactions per second._

 _Curiously it claims Libra can’t do this, but posts no numbers about Libra’s
throughtput. Libra’s throughput target is 1,000 transactions /sec (see Section
8: Performance in the Libra paper) with 10 second latencies on consensus
time._

OK but 1,000 transactions/sec is a non-starter. A single large seller or
popular event driving a live transaction burst can need thousands. Even two
decades ago, a WWE event could need 15K sales per second, or 5K per second for
Amazon’s black Friday.

If you’re looking to compete with the order of magnitude of a Visa/MC, you’re
needing 15,000 - 25,000 per second.

For a commercially available ‘distributed ledger’ able to handle these
characteristics (including service level objectives for operating it in
production), take a look at the AWS QLDB we asked AWS to make available a
couple years ago.

AWS introduced “managed blockchain” and the _very different_ “QLDB” in the
same keynote.

Compare under the covers to see why, despite the hype, they introduced QLDB,
which is designed for real work when you know who is running the servers:

[https://aws.amazon.com/managed-blockchain/](https://aws.amazon.com/managed-
blockchain/)

[https://aws.amazon.com/qldb/](https://aws.amazon.com/qldb/)

If you’re a trusted entity or a trusted consortium with legal paper among your
members, you probably don’t want the blockchains, you probably want QLDB.

------
aeturnum
The section critiquing the critique of the cryptography is quite good.

That said, can we please all agree that a prediction of probable future action
is not a defense of the status quo?

> I suspect Facebook’s longer term plans, were they to actually launch Libra,
> are to move to.... >...it’s being worked on, and it certainly has “the
> capacity” for them.

This is all well and good but it's certainly not a thing that is happening
now. At the very least I would like to see Facebook write down that they
intend to do these things before I accept this as a justification.

~~~
1propionyl
> That said, can we please all agree that a prediction of probable future
> action is not a defense of the status quo?

...no?

~~~
Jamwinner
Care to elborate? I can promise you somthing good if you do that I am not
bound to follow through on. How does a million euros sound?

------
mrkeen
Diehl: Libra’s Move language is not sound.

Arcieri: Is it actually sound? I don’t know, it’s brand new and looks
unfinished to me, and even if it were finished I’m unqualified to make that
assertion

Oh snap.

------
the_duke
Thanks for this rebuttal.

I'm by no means a fan of Facebook and Libra, but Diehls post felt far from
frontpage worthy to me.

> Stephen Diehl doesn’t understand cryptography, but sure has a lot to say
> about it.

This is how I felt about the entire post, to be honest.

It felt like a consultant on a mission, who doesn't really understand the
topic, only took a cursory glance at a project, and yet berates it
extensively. All while sprinkling in some of his particular knowledge, giving
a false sense of technical expertise.

~~~
baby
This is how I felt reading his post too for what is worth. He might have the
expertise (outside of crypto(graphy|currency) to produce a technical opinion
but has unfortunately not spent much time trying to understand libra.

------
seanhunter
Debate around any technical merits of the Libra proposal is entirely beside
the point. An extra-governmental currency owned and run by a consortium of big
businesses from the payments and data monetisation industries is an
intrinsically terrible idea and Facebook couldn't be trusted to do this in a
responsible and ethical manner even if it were not.

------
beatle_sauce
The flaw I care about most: The lack of transaction privacy.

~~~
amelius
Shouldn't this make it illegal?

------
justizin
Factual Inaccuracies of “Facebook Libra Is Architecturally Unsound” Considered
Harmful

------
zymhan
> I consider it to be a gish gallop that bombards you with a bunch of negative
> claims, many of which are false or at best, specious.

Is it me or is this a common trope of blog posts that hit the top of HN?

~~~
AmericanChopper
“Everything is actually terrible” is arguably the most popular topic on HN.

~~~
rumanator
In a world that's bombarded with PR teams dedicated to pass the message that
product X is by far the best thing ever, posts pointing out that product X
actually has downsides are more than welcomed. Otherwise, the PR people are
the only ones doing the talking.

~~~
AmericanChopper
I wasn’t talking exclusively about products at all. But even then, I don’t see
a moral high ground in pushing negative hyperbole as a response to a perceived
excess of positive hyperbole. Both seem equally fallacious to me.

------
Exuma
Boom Roasted. That was enjoying to read. I wish most of this didn't go over my
head, but I enjoy it nonetheless.

