
There's No Good Reason to Trust Blockchain Technology - belltaco
https://www.wired.com/story/theres-no-good-reason-to-trust-blockchain-technology/
======
baxtr
I hate blockchain so much and I can’t even exactly say why. Not because of the
technology itself. I care about it as much as any other technology. I think
it’s because of the sleazy non-tech people that suddenly turned into “experts”
raising money for their BC startup, people organizing meetups, becoming
“consultants” and of course the whole crypto craze... I really wish it will
die soon.

~~~
optimuspaul
I also hate blockchain but I can say exactly why. Someone came up with a hard
problem and created an overly complex and inefficient solution to it. So I
have two issues with it. 1) I don't buy that the original problem it sought to
solve, which I believe is currency related, but let's say it's trust in a
distributed system where trust does not exist. I don't believe that is an
actual problem that should be solved with a general solution like blockchain.
2) the solution doesn't scale well and is overly complex. It is overkill. I
think that much simpler solutions would be sufficient and should be purpose
built. I also wish it would die soon.

~~~
chriswarbo
> I don't believe that is an actual problem that should be solved with a
> general solution like blockchain

AFAIK this _was_ a well-known problem for digital currencies. I think it was
"eCash" that went the furthest (
[https://en.wikipedia.org/wiki/Ecash](https://en.wikipedia.org/wiki/Ecash) ),
with "blind signatures" to prevent transactions being linked to the same user,
but couldn't solve the centralised trust problem.

BitCoin's "solution" is to share a ledger, pick the longest in case of forks,
prevent spam using Hashcash and keep the hashcash barrier high by turning
mining into a lottery.

This is a pretty cool hack, since it addresses not only technical security
concerns, but also economic and social aspects. Yet I see it as a
pathological, brute-force edge-case: technically a solution, but less "this
problem is now solved" and more "ha, I hadn't thought of that; we'll need to
specify the problem better".

------
jondubois
If you're a technical person, you don't need to trust Blockchain technology;
you can verify that it works on your own. If you're not a technical person,
you can find independent technical experts to verify it for you.

Much of the value of a cryptocurrency can be attributed to the fact that it's
difficult to coordinate a large number of people to agree on changes. Also,
because most blockchains are public ledgers; it's impossible to manipulate
them behind the scenes without raising alarms.

On the other hand, fiat money is constantly being secretly manipulated. There
is very little transparency and much of the new fiat money which flows into
the system has to pass through big financial firms/gatekeepers who get their
cut of the new money supply. Big finance firms have had many decades to figure
out how to game the fiat system and there is no doubt that they've been
successful at it.

Cryptocurrencies have the potential to greatly improve the financial system by
making it simpler, fairer and more transparent. When anyone will be able to
launch their own cryptocurrency, we will have a chance to free ourselves from
the coercive influences of debt, venture capital and corporations.

~~~
cphoover
"If you're a technical person, you don't need to trust Blockchain technology;
you can verify that it works on your own. If you're not a technical person,
you can find independent technical experts to verify it for you."

That holds for Proof-of-work based currencies... It seems like it's trickier
than that for proof-of-stake, as these have to be trustful systems.

~~~
jameslevy
Because exit scams are a thing, it may be difficult to prove that a proof of
stake blockchain will always be trustworthy, but it should be possible to
verify that historic proof of stake records are accurate. I'd expect we will
see some independent auditing tools of this type for monitoring PoS
blockchains.

------
avivo
Another classic in this genre, though more focused on world impact, is Charlie
Stross's "Why I want Bitcoin to die in a fire" (2013)

[http://www.antipope.org/charlie/blog-static/2013/12/why-i-
wa...](http://www.antipope.org/charlie/blog-static/2013/12/why-i-want-bitcoin-
to-die-in-a.html)

I may not be quite as strident as either of these takes, but I agree that the
proponents are significantly overselling on a variety of axes... (while also
believing that distributed append-only systems with consensus mechanisms can
sometimes have value)

~~~
splintercell
I don't see why you think this article is a case against Bitcoin. The article
is saying "I don't want Bitcoin to exist", but nearly everything else is
listing you reasons to invest in it (even if you dislike the reasons, it's
like buying stocks in a company who will be bailed out, even though you don't
agree with the bailout).

------
baby
1\. yes there is a trust flow when you join a network:

* you need to trust the paper behind the consensus mechanism

* you need to trust the people who have implemented the client, and trust them to maintain it

* you need to trust the TLS connection you use when you download the client. Meaning the whole CA system

* you need to trust your own machine, when running the client

* you need to trust the first peers you connect to when you join the network

* after you're connected to enough peers, you can usually feel safer. But you'll still have some out-of-band comparison to do between your chain and other people's chains.

2\. supply-chain with blockchain = scam to me. I'd be interested in hearing
about a real use-case, but when you're trying to bridge the gap between
reality and the blockchain, then it usually doesn't work well.

3\. Here is my mental model of consensus and why it can be useful: we have
protocols that work well when everyone is honest. They mostly break when
malicious peers start appearing. Consensus is the cryptography field of study
that attempts to solve this issue. You need a good chunk of people to be
honest when you run such a protocol in a "public" setting. We recently
discovered, with bitcoin, that financial incentives work well. So now we have:

* financial incentives can help us make public consensus protocols work

* research brought us good consensus mechanisms that we can use in more private settings

The technology works well when you think of banking. Many banks want to
cooperate in the way they exchange money between them, but they don't
necessarily trust each other, or their security. So they form a protocol using
a consensus mechanism.

Now, a cryptocurrency is exactly the same thing, but in a way where anyone can
connect directly to the backbone of these banks' infrastructure. You will
necessarily have plenty of issues stemming from that: what if you lose your
money, get it stolen, what if the exchange you use get hacked, etc. But the
benefits are still pretty awesome: you are not going through a bank, you are
directly connected to the system.

Just my 2 cents.

~~~
jcranmer
One of the main points of the article is that the government and the legal
system is an effective mechanism of trust. If you're worried someone will
squelch on their end of the deal, you write up a contract and thereby get to
sue them if they fail to do so.

This is usually where the bitcoin adherents start referring to corruption and
the ilk to explain why government can't be trusted. But Schneier has the
rebuttal: we know damned well from experience that you can't write bug-free,
secure code. Bitcoin requires hidden trust in the programmers of the software,
and in the community to move forward on decisions, and history has borne out
that this trust is misplaced.

Blockchain isn't trustless, it just replaces trust in a system that is
designed to efficiently enforce sanctions against those who violate trust with
a system where every participant is responsible for policing trust
individually.

~~~
baby
I think it's nice that people can make a choice. I can definitely see how
people from different background, communities or countries might have more
trust in a decentralized system.

Personally I put most of my money in my bank, because this is who I trust. I
tend to trust European banks more than American banks as well because I've
heard horror stories here of people being impersonated and banks refusing to
refund such scams.

Ideally, if everyone's bank would work on a decentralized network (that works,
is bug-free, scales, has high-throughput, etc.), banking throughout the world
would be a simpler experience. Decentralized and centralized at the right
places.

------
darawk
> What blockchain does is shift some of the trust in people and institutions
> to trust in technology. You need to trust the cryptography, the protocols,
> the software, the computers and the network. And you need to trust them
> absolutely, because they’re often single points of failure.

This is wrong. You do not need to trust them, because you can verify their
correctness yourself. You cannot similarly inspect the rectitude of your local
bank manager's moral compass.

I find it very odd that someone like Schneier wouldn't recognize this obvious
truth. Is there "no reason to trust AES" because you have to trust the
implementation? What kind of silly argument is that?

~~~
afgkonionio
>You do not need to trust them, because you can verify their correctness
yourself.

 _I_ certainly cannot verify their correctness myself, and I'm a professional
programmer! I don't touch cryptography with a thirteen-and-a-half foot pole.
Most people wouldn't even know where to start. Only a tiny minority has the
skills to singlehandedly verify the economic theory, cryptography, and
implementation of a cryptocurrency.

Pretty much all the time, you're trusting _other people_ to have caught bugs
and malicious code for you. Many independent reviewers are far more
trustworthy than a normal company (which is why I avoid proprietary software),
but that doesn't mean you aren't taking someone else's word that the software
works as advertised.

~~~
amanaplanacanal
Piling on to your comment: even the experts get it wrong. Even if you are the
most knowledgeable person in the world, you are going to miss things. Nobody
can "verify the correctness", it's not technically possible.

~~~
darawk
Of course, but that's not the point. The point is that you have the
opportunity to check it yourself, even if you choose not to avail yourself of
that opportunity. And just by that opportunity being available to people, it
keeps people honest.

------
tcrow
The author has demonstrated a very amateurish understanding and greatly
conflated Bitcoin technology with blockchain technology in general, drawing
the reader to make the same poor conclusions as the author.

Just a quick example

> "The second element is the consensus algorithm, which is a way to ensure all
> the copies of the ledger are the same. This is generally called mining;" \-
> except that is only applicable for (proof of work POW) consensus and does
> not apply to proof of stake (POS) and delegated proof of stack (DPOS) which
> several of the top blockchain projects are currently using (even Ethereum is
> moving to POS). Both of which are far more environmentally friendly and use
> asset ownership (stake) as the mechanism for consensus, which is much more
> reliable (in a trust sense).

Gosh there is so much that is conflated here. The article can be completely
deconstructed but I just don't have the time. It's unfortunate this is coming
from Wired. Tsk. Tsk.

~~~
amluto
> except that is only applicable for (proof of work POW) consensus and does
> not apply to proof of stake (POS) and delegated proof of stack (DPOS) which
> several of the top blockchain projects are currently using (even Ethereum is
> moving to POS).

For POS, you have to trust the rich people and you have to trust that the
disincentives to cheating actually work the way they’re supposed to. Neither
of these have very compelling arguments right now. The fact that Etherium
thinks POS is ready is utterly unconvincing — Ethereum also thought that
Solidity and its VM design was ready, and that has withstood the test of time
very well.

~~~
tcrow
That is why I'm more of a fan of DPOS and (EOS) where I can take part in a
voting mechanism to establish a set of trust worthy nodes who will validate
the network.

------
fdggdfsvscvsd
Maybe with Bitcoin I have to trust the software a little bit, but at least if
it turns out to be faulty, I can switch to another app.

That's much harder to do with governments controlling fiat money. Or with
banks. What is a person supposed to do, who is denied financial transactions
by the established financial service providers (paypal, credit cards,...)?
There have now been several cases where paypal and others have tried to
silence people by cancelling their accounts. What can you do, in the
traditional banking world?

And many complaints are not about things Bitcoin actually promises to do. It
doesn't promise to make exchanges safe.

The environmental impact is a concern. Miner power perhaps not so much. For
example mining hardware coming from one company doesn't seem that bad - you
can simply verify the transactions the miners find before sending them out to
the network.

~~~
dkonofalski
Isn't that the central problem with something like Bitcoin and currencies that
can be (read: have to be) mined, though? You gain units of the currency for
underpinning the integrity of the system. The average person will never be
able to build up a mining system to compete with the likes of China and India
where they're mining Bitcoin in farms that potentially devalue the currency
every single second.

Edit: For clarity, yes, I understand that there is a finite amount of Bitcoin
that can be mined. I'm talking about the value of what's constantly being
mined. The US would never use Bitcoin as a currency when other countries
already have more of it than we do.

~~~
fdggdfsvscvsd
What do you mean by "farms that potentially devalue the currency every single
second"?

~~~
dkonofalski
Any currency is only as valuable as the goods or services that they can be
exchanged for. The value of money comes from its inherent scarcity as, in the
case of fiat currency, only a government or federal agency can issue more of
it. With Bitcoin, farms are generating more of the currency all the time. If I
generate a ton of Bitcoin but never spend it or use it in exchange for goods
and services, I'm simply devaluing the currency that's already out there by
making it less rare and, by extension, less valuable.

This may be a misplaced example but I think Star Trek is a decent analogy.
Money becomes worthless once replicators are invented in that universe because
you can just make more of whatever you need. If China can just mine more
Bitcoin than the average citizen of any other country, then China starts to
determine what the value of that currency is. It's one of the main reasons why
I don't think Bitcoin will ever replace fiat currency. It's already being
exploited.

~~~
fdggdfsvscvsd
If you mine a Bitcoin and don't spend it, you are making the remaining
Bitcoins more valuable (in theory). You have reduced the overall supply.

With Bitcoin, the maximum number of Bitcoins that will ever exist is fixed.

It doesn't really matter who mines them. Of course at the moment, indeed, new
Bitcoins are mined all the time, but the timeline for the future is clear.

Whether it is a good thing, I don't know. There are a lot of weird aspects
about it.

As for China - sure, some miners will accumulate a lot of BTC. But they can
only affect the price by selling or not selling it. If they wouldn't mine the
BTC, somebody else would. It doesn't really give them that much more power,
except for monetary power.

It's probably true that right now there are several people or entities who
could crash the Bitcoin price by simply selling off all their BTC. That's not
very reassuring.

On the other hand, such a crash could also be a chance to distribute BTC more
evenly. It would actually be in the interest of the rich BTC people, too, as
it would lead to more adaption and hence more value and stability.

Distribution is a hard problem.

There are several problems with crypto, but they are also interesting, and
smart people are trying to solve them. At least it is fun, even if it is
unclear if it will be worthwhile in the end.

------
lmpostor
>What blockchain does is shift some of the trust in people and institutions to
trust in technology. You need to trust the cryptography, the protocols, the
software, the computers and the network. And you need to trust them
absolutely, because they’re often single points of failure.

So it is still people and institutions except abstracted into pieces that are
more transparent than pre-existing options.

Also it is always hilarious to see the rehashed arguments over and over. First
being that necessity of a blockchain is a requirement for successful
implementation, and second the complete negation of systems where it actually
is a necessity.

------
bli940505
_" Private blockchains are completely uninteresting. (By this, I mean systems
that use the blockchain data structure but don’t have the above three
elements.) ... Consensus protocols have been studied in distributed systems
for more than 60 years. Append-only data structures have been similarly well
covered."_

I don't entire agree with this. Yes, distributed systems and various consensus
protocols have been studied for many years, but the cryptocurrency boom
boosted public interest and applicational development in a way that would not
have happened without it.

Private blockchain can have many benefits compared to centralized models. It's
not necessarily better and it's more of a trade-off, but it does present
solutions that's not otherwise possible. For example, in a distributed system,
we can use IoT devices as lightweight nodes for quick validations. This can
give security to off-site locations with limited computation power and/or
connectivity.

In addition, there's now many consensus protocols that tries to solve or amend
the three elements the author mentioned. For example, Stellar-Lumen's
implementation of Federated Byzantine Agreement creates the concept of
reputation on top of trust. The ledger network is public, and is essentially a
directed graph of trusts. Anyone can join but other nodes pre-existing on the
network may not necessarily trust your validations, so this at least amends
the first element the author mentioned.

In conclusion, blockchain technologies are over quoted for their finance
applications. To quote a YouTube video I watched, look at blockchain
technologies as the operating system, and cryptocurrency as one particular app
on the operating system, like your browser. It surely is over hyped but
shouldn't be hated upon solely due to the public's mistaking interest.

~~~
verdverm
Private blockchains are interesting because it causes separate business to
share code and data formats. There is a better interface for integrating. Plus
you still get the rule of law.

~~~
baby
Good point. It also forces them to be accountable, and facilitates regulation
from third parties. Something that should be welcomed when you look at how
opaque banks are trying to be sometimes.

~~~
verdverm
A really interesting part of this process in helping decision makers within
companies that working together and sharing a ledger can actually improve the
bottom line. I have a friend who does these types of deals for HyperLedger at
IBM. It's even more challenging than The Challenger Sale, because it's
multiple and requires coordination.

------
arisAlexis
Author fails to mention that people for sure not only don't trust banks but
also governments. the whole argument that trust is not needed because
institutions fails in all failed states that author happens not to live in. I
remind you the "chancellor on bring of second bailout". that's the value
proposition. Lastly, author can't spell Ethereum

------
as300
> These four elements work together to enable trust. Take banking, for
> example. Financial institutions, merchants, and individuals are all
> concerned with their reputations, which prevents theft and fraud. The laws
> and regulations surrounding every aspect of banking keep everyone in line,
> including backstops that limit risks in the case of fraud. And there are
> lots of security systems in place, from anti-counterfeiting technologies to
> internet-security technologies.

The problem isn't that banks and the government don't trust each other, it's
that the _people_ don't trust the banks and governments (see: crisis with the
Bank of Cyprus).

If there's one thing I trust, it's that a bitcoin that I 'own' will stay mine
(barring oversight on my own part). I have less trust that money in the bank
will stay my own.

------
blocker
As of today, blockchain doesn't deserve much trust. Agreed. But it's the early
days of blockchain and the experimenting, particularly with certain
applications such as crypto currencies, will continue for a few years or even
decades. However, if Blockchain projects try hard not to make the same
mistakes as today’s broken digital platforms, we might be able to trust in a
trustless world... here is my post from yesterday on the topic:
[https://www.ankerventures.com/blog/trustless-new-
world](https://www.ankerventures.com/blog/trustless-new-world)

------
arisAlexis
YC is very Blockchain friendly, Wozniak likes it,Larry Page is mining
Ethereum, Jack will bring Bitcoin micropayments to Twitter, inventor of
javascript runs a crypto browser now and Reddit CEO loves it too. I wonder why
the top comment here is someone that hates bitcoin with all his power. A
psychology study will surely be interesting about why some techies hate it so
much really.

------
neals
I've stopped loving, hating, trusting or distrusting it: My client wants to
auction thousands of cars with 7 competitors. He wants parts of it on
blockchain. If that's the way he can create trust within this group of
competitors, so be it. Is it marketing? Maybe. But we've built it and it
actually works.

~~~
AlexCoventry
Got a link? Sounds interesting.

------
devy
I chuckled when I saw the embedded tweet from Vint Cerf:

[https://twitter.com/vgcerf/status/1019987651301081089](https://twitter.com/vgcerf/status/1019987651301081089)

------
trumped
This extends to: There's no good reason to trust computers... (including
Apple)... there are exploits, negligence and malice left and right

------
scottlocklin
1) Schneier evidently doesn't understand alternative consensus algos to
mining. That's OK; they're hard to understand. Even permissioned chains
apparently hard to understand.

2) Schneier doesn't understand that some people choose to trust the
cryptocurrency community more than the banking/government community. If he
looked at the first block of bitcoin aka "The Times 03/Jan/2009 Chancellor on
brink of second bailout for banks" he'd understand why this seems reasonable
to many.

~~~
VikingCoder
I think it's folly to assert that the only reason someone disagrees with you
is that they "don't understand".

I hope you get a chance to see Schneier directly challenged on those topics.

~~~
scottlocklin
Well, he seems to think consensus = mining; I got news for you -that's not
even remotely true! He also seems to think permissioned chains are worthless;
hyperledger fabric seems to have a whole lot of investment for a worthless
thing. And things like EOS which blend voting/stake with permissioning seem to
work reasonably well, even if an EC2 crash would probably take them down.

I'm no blockchain maximalist, and I understand the disgust at the hype around
it, but it is an important tech, and Schneier obviously has done no real
thinking on the subject. He doesn't even make a distinction between "coins"
and ... blockchains. They're not the same!

This is only his misunderstanding of the technical aspects. As I said above,
he also misunderstands the social aspects. Some people really trust the crypto
community more than they trust banks/governments. It's at least a reasonable
hedge, particularly in light of the events described in the bitcoin genesis
block.

------
whttheuuu
That's kind of the whole point of it - is that you don't need to trust it.

~~~
verdverm
The point the author is making is that the "you don't need to trust it" is
fundamentally misplaced. You do need to trust the institutions, and builders
of, much in the same way you need to trust any business you choose to interact
with them. The issue of public blockchain is that I now need to trust code and
technology in a system where the events are no longer reversible. We know that
code and technology is not perfect. This shifting where the trust is placed,
without the recourse of law by peers, is why public blockchain may not make it
beyond the great experiment. Now add the incentives and protections for
malice... what's a reasonable person to trust in public blockchain

~~~
EthanHeilman
Lots of technological systems have non-reversible consequences. For instance
hard drives and airplanes for example. Schneier is essentially identifying an
inherent trade-off between trusting the correctness of a technological device
vs trusting in an institution. This is a trade-off happens all over the place:

1\. Many people don't encrypt their email (trust technology) and instead trust
gmail and associated intelligence agencies to act in their best interest.

2\. Many people encrypt their HTTP connections rather than trusting ISPs and
internet providers.

An important difference between encrypting HTTP connections and encrypting
email is that one is far more convenient than the other. However encrypting
your email does make sense in certain situations and so does Bitcoin.

~~~
verdverm
Why public Bitcoin over a bank's own blockchain solution?

~~~
EthanHeilman
Does a bank's own blockchain require trusting that bank? If so then you
probably don't need a blockchain since you already have assumed a trusted
third party.

If you are aiming to reduce your institutional trust assumptions to me the
question is why not use Bitcoin?

~~~
verdverm
That's sort of my point. I actually don't care about the technology
underneath. I care about the monetary system and its adherence (and recourse)
to the rules of law that humans have generally agreed upon. Like, if you
steal, the societal system will correct the wrong as much as they can.

It's an open question as to whether public blockchains can provide for this
trust and requirement.

~~~
dkonofalski
I think that blockchains can provide more trust than the current system
because the ledger is publicly visible. The societal system still kicks in to
remediate the effects of a mistake but the blockchain is an additional tool
used to provide the evidence and support for such a reversal. For me,
personally, I think the best solution is a form of blockchain run by a
state/federal agency. You're putting trust in an institution, yes, but the
underlying technology helps support that trust.

~~~
verdverm
I don't really want all of my personal actions on a publicly visible system.
Consider Facebook's internal data or the Chinese Social Credit system
available to the public.

I do like the idea of an internet where every action is traceable to a human,
via public keys or sovereign identity.

How you'd retain and verify is an unknown for me.

