If I'm reading the docs right, the Stellar smart contracts are extremely different from Ethereum smart contracts - in fact, it almost feels like a stretch to call them the same name. Like "animals" vs "plants".
Ethereum smart contract are actual virtual machines. They are tiny computers that run whatever bytecode you want. You could calculate pi to a million decimal places in a smart contract, if you had the money for gas.
Stellar smart contracts, on the other hand, are simpler. A transaction can only choose from 13 operations (Buy, make offer, change trust, etc). On top of the operations, you can add some restrictions to the transaction - Stellar has support for built-in multi-sig, built-in start and end time limits, and built in transaction grouping. By combining these restrictions, grouping transactions, presigning this, and handing out that, you can make something that's smarter than a single person doing a single transaction.
As an Ethereum blockchain developer, using Stellar smart contract feels very limiting, and outside the simple cases, very convoluted.
The explicit design decision here is that most of the logic that in Ethereum would be executed in the EVM, can instead be computed off-chain, with the results encoded in the Stellar ledger. This precludes some of the loftier use-cases that have been proposed for Ethereum like DAOs and trustless prediction markets, but makes it much easier and faster to move money around.
(Put differently, Ethereum is a distributed computer, not a payment rail; Stellar is a payment rail, not a distributed computer).
If you want to implement a gambling site in a jurisdiction where that is illegal, Stellar won't help you, and Ethereum might. However if you're an existing business that is incorporated in the US, then you are probably fine with asking customers to trust you; this is what all companies currently do, under perjury of prosecution.
Another key benefit to Stellar is that if you just want a token / ICO, then this is built into the protocol; Stellar has the concept of an Asset, which you can issue with a couple of API calls. This replaces the need for implementing and testing your own ERC20, which is a major headache, particularly for existing non-crypto oriented enterprises.
There are obviously some open questions on exactly which use-cases Stellar would be useful for, but an example would be in-app purchase tokens like Kin; there's no reason to implement that as an ERC20 and incur the risk involved with the EVM when you're just moving tokens around.
The Stellar smart contracts seem to function like versions of Bitcoin Script transaction types with more features. For me this seems like a more appropriate direction for transaction abilities in comparison to Ethereum's approach, which has more capability but also massive room for implementation error.
The word "contract" is a bit misleading. On Ethereum these scripts are used for all sorts of things, including the on-chain parts of second-layer scaling solutions.
Turing completeness has a lot of costs which are not acknowledged in this post. For example they are more complicated, more can go wrong, more vulnerable to hacking.
Stellar isn't decentralized. Just like Ripple, it uses Federated Byzantine Agreement, which means that nodes use a list of other nodes they trust. The fact that this scheme has nothing to do with the concept of a decentralized cryptocurrency, aside from the hype train, doesn't appear to have percolated into the collective mainstream or even geek consciousness yet.
This is why Stellar probably doesn't count as a real "blockchain." It's also why Stellar is potentially a lot more useful than blockchain. You don't have to do proof of work, which is wasteful of resources by design.
Note that the cryptocurrency people use the word "decentralized" differently from the rest of the world. They use it specifically to mean that the mechanism for determining consensus is perfectly distributed among an unknown number of arbitrary nodes.
Stellar consensus is decentralized in the conventional sense. Federation is a form of decentralization.
I think cryptocurrency people use the word decentralized correctly, it's just that they often imply "decentralized and trustless". Seems like Stellar doesn's satisfy both conditions.
>This is why Stellar probably doesn't count as a real "blockchain." It's also why Stellar is potentially a lot more useful than blockchain.
It's always the same catch 22 though: if you're willing to do away with one of the attributes of blockchains/cryptocurrencis then you have a rather standard distributed ledger that any half competent engineer could come up with. It's not particularly novel or revolutionary.
Actually I'd even go further and posit than hardly anybody would be talking about Stellar or Ripple if they didn't use buzzwords "smart contract" and "blockchain". This is hype feeding speculation feeding hype feeding speculation...
There are plenty of consensus protocols that don't waste energy but I think it's important to understand why PoW relies on an unproductive algorithm.
Mining fulfils two roles:
- identity management: To identify who is a trustworthy block producer in an anonymous and trustless network, mining introduces a cost to the block generation process and we use a game theory assumption that it serves as a barrier for attackers. This doesn't mean there aren't validation checks performed by other nodes in the network and the consensus forming rules themselves of course.
- consensus formation: In a distributed network, nodes are bound to disagree on which is the canonical chain out of two or more competing forks. The most common algorithm calculates the accumulated computational effort of each chain of blocks and picks the "heaviest" one, ie the one with the most work done on it. This has the nice side effect of ensuring economic finality for the transactions in those blocks.
Now, regarding decentralisation you state that "the cryptocurrency people" use it wrong, but the definition you gave is incorrect. As a cryptocurrency person, Vitalik Buterin described decentralisation here: https://medium.com/@VitalikButerin/the-meaning-of-decentrali...
> There are plenty of consensus protocols that don't waste energy but I think it's important to understand why PoW relies on an unproductive algorithm.
DPoS consensus used by Bitshares/STEEM & EOS seems to the most advanced among the models and they also have the highest TPS
All consensus protocols make tradeoffs between three properties:
- Finality Latency: how fast is a block finalised after it’s been proposed
- Decentralisation: how many consensus-forming nodes can exist in the network
- Resource Overhead: how many blocks per second do consensus-forming nodes need to verify
dPoS protocols sacrifice decentralisation and compromise in resource overhead for apparent performance, ie many transactions processed by a few very powerful servers.
The game-theory and security aspects of a blockchain like its censorship resistance, immutability or who can produce the next block are also relaxed to a level that many blockchain professionals consider unacceptable. Case in point the formation of cartels is incentivised by the dPoS delegation of vote mechanism. Corruption is baked in.
PoW is wasteful in that the vast majority of the product of it's algorithm (hashes) is discarded. This means that block producers can be trusted because they wouldn't be spending energy / electric power to produce blocks for any reason other than gaining the block rewards, which they can only get if the block is valid.
If PoW did some sort of useful work (gene folding, seti, etc) then there would be no reason to trust block producers since all of their blocks are useful and therefore they can be "mining" for reasons other than obtaining the block reward.
i don't think you understand the technology at all..
> PoW is wasteful in that the vast majority of the product of it's algorithm (hashes) is discarded
do you know what "PoW" means? it's 3 words: proof, of, work. what you consider "discarded" and "waste" is the Work in PoW.
miners convert energy into blockchain security and every block signature is the proof that certain amount of energy was spent to find it.
if there was another "useful" activity (gene folding, seti, etc) it would have created additional "value" for miners, making mining more valuable, creating incentive for more miners to mine and subsequently raising the difficulty to mine matching the additional "value" from "useful" activity.
it's trivial econ and i really do hope it helps you better understand what you're arguing about.
We might be arguing about the meaning of words here but the work in PoW is it's output and the hashimoto algorithm in PoW discards all computed hashes that fail to meet the difficulty requirement. I suppose you know how consensus algorithms work, but if you don't I'd suggest you start by reading this https://medium.com/@jpa_of_snc/consensus-casper-and-cryptoec.... If cryptoeconomics is interesting to you I can also recommend the best list of learning resources available, here: https://github.com/jpantunes/awesome-cryptoeconomics
The concept of a useful PoW algorithm has been debated a number of times and the consensus view is what I wrote earlier: If there are incentives to mining other than the block reward, the security assumption provided by hashrate majority is lost and blocks producers cannot be trusted.
I'm a blockchain developer for a couple of years now, and I often write about it as you can see by the links I shared above.
> work in PoW is it's output and the hashimoto algorithm in PoW discards all computed hashes that fail to meet the difficulty requirement
you've used few specific words in your comments: "work" and "product". i agree that work in PoW is hashing and most of hashes are discarded, but product of PoW is the signature that satisfies the difficulty. if finding the signature didn't require going through lots of energy - it wouldn't have been proof of work.
> If there are incentives to mining other than the block reward, the security assumption provided by hashrate majority is lost and blocks producers cannot be trusted.
amazing, so you do understand this and yet you keep saying PoW is wasteful. if security is the product of PoW, then PoW is wasteful only if security is worthless.
Waste is the security mechanism. Since the hash results are wasted it is risky to mount an attack on the network; if the hash results were not wasted then the cost of mounting an attack would be mitigated by the value inherent in useful work produced by the algorithm. Your rebuttal actually supports this conclusion because "useful work" would become the "common denominator" cost built into securing the network thus bringing us right back to where we started (i.e. a situation where wasted work is the only useful kind for securing the network)
Agreed. "Proof of Waste" seems to be a more accurate description of what's actually measured and involved in the algorithm, though it doesn't market as well.
not really, consumption of energy is. and even if we accepted this weak statement, how does it follow that PoW is therefore wasteful? waste isn't the product of PoW, valid blocks are.
Yes. That's the "waste" part. The only product of spending the energy is a proof that the energy was spent. This is obviously wasteful because there is no relationship between the absolute energy spent and the utility of the network. The higher the difficulty the more energy wasted in order to maintain the status quo. Perhaps the most obvious sign of PoW's wasteful nature is the fact that the introduction of more efficient hardware into the network increases overall energy consumption because everyone else without cutting edge ASIC technology has to increase their energy output to compensate for the increase in hash rate.
> The only product of spending the energy is a proof that the energy was spent
yes, and if that proof has value - then it's not a waste!
> there is no relationship between the absolute energy spent and the utility of the network
of course there is - security of the blockchain is proportional top energy spent mining it.
> higher the difficulty the more energy wasted in order to maintain the status quo
you got this backwards, difficulty goes higher because more energy is spent (or there is breakthrough in mining efficiency like cpu->gpu, gpu->fpga, fpga->asic, see next paragraph). and miners spend more energy because market tells them it values the security / utility / w/e of the bitcoin more.
> introduction of more efficient hardware into the network increases overall energy consumption because everyone else without cutting edge ASIC technology has to increase their energy output to compensate for the increase in hash rate
this makes no sense.. introduction of more efficient hardware increases the difficulty, not total energy spent. inefficient miner will remain inefficient and not-profitable no matter how much energy they will be spending.
Using electricity as a proof of investment is still a waste of electricity.
Proof of work is to establish that money is being spent. A less wasteful system wouldn't convert money into electricity to feed into computations to prove that.
Proving that you lit heaps of cash on fire would be less wasteful.
Just because a process is wasteful doesn't mean it isn't valuable. Air freight is wasteful but is also valuable.
> Proof of work is to establish that money is being spent
nope. it's a proof that energy was consumed. money is human concept, energy is universal absolute.
> Just because a process is wasteful doesn't mean it isn't valuable
energy consumption is inherently wasteful activity (as in there is some amount of "waste" in the world produced for the energy to become consumable). by this definition literally everything is wasteful and the label loses it's meaning.
but labels are useful and i (and the official definition) prefer using the term wasteful for something that is intentionally or unnecessarily inefficient.
bitcoin is neither - every joule spent mining bitcoins is necessary to provide the level of security demanded by the market. you can't spend less energy to provide same level of security, because in bitcoin they are pretty much the same.
Just that something is effective doesn't mean it's efficient. For years the lightbulb was the most effective way of producing light, and we took for granted that it cost a lot of energy. But you would be a fool if you claimed it wasn't wasteful just because the product (light) is so valuable.
Bitcoin mining is wasteful, it literally produces waste, and there is no proof at all that it is an optimal way if achieving security, in fact I feel there are signs that point towards the contrary.
> But you would be a fool if you claimed it wasn't wasteful just because the product (light) is so valuable.
you're missing the fact that bitcoin difficulty adjusts. ultimately bitcoin mining is an activity that converts energy into blockchain security. market establishes the required level of security by assigning value to bitcoin. if you replace bitcoin algorithm to anything more "efficient" - it will simply mean that miners will churn through more iterations of hashing but amount of energy consumed will not change because it's dictated by the market.
> Bitcoin mining is wasteful, it literally produces waste
wrong. bitcoin mining produces blockchain security. waste (and more correctly - energy consumption) is just the mechanism.
Your argument is invalid exactly because you’re missing the fact that difficulty adjusts. Lightbulb produces light by consuming energy just like bitcoin miner produces hashes by consuming energy, but hashes aren’t the product we’re after, the valid block signature is. If difficulty was static we could be arguing that there is more efficient way to convert energy into valid blocks, but since difficulty adjusts - energy efficiency doesn’t matter, market says X amount of energy should be spent and so it will be spent no matter which hashing algorithm or how efficient the hardware is.
Lightbulbs produce light and waste. Bitcoin produces block security and waste. It varies the amount of waste it produces with the value that's being secured, and in practice that just means it produces more waste when there's more value. That the amount is adjusted according to market demand does not matter, because the market is not interested in minimizing waste, it is interested in maximizing value.
My metaphor was intended to show you that with innovation we might find better alternatives that have similar or better value, at lower cost. It could be that we can get the same or similar security Bitcoin offers, but without the cost of the enormous energy expenditure.
> Lightbulbs produce light and waste. Bitcoin produces block security and waste
all consumption of energy produces waste, the question with lightbulbs is whether we can get more light with less energy and certainly from 100 years ago there was lots of progress.
the same question simply doesn't apply to PoW currency, because energy expenditure is the goal since it directly converts into security. you can't ask for more security with less energy if security is defined in terms of energy. and that's exactly the case with bitcoin.
if you want your metaphor to work - imagine a lightbulb that has a dimmable enclosure and it automatically dims proportionally to how many lumen is emitted so that luminosity of the whole device is constant. no matter how much energy you throw at it or how efficient you make the lightbulb - the apparent outcome is the same, therefore there must be something else this process gives you to justify expending this or that amount of energy.
I think what @decentralised is arguing isn't that PoW is wasteful, but that there are certain by-design inefficiencies that outsiders consider a waste from an economics standpoint. (A high economic cost to perform PoW)
Certainly you could argue that this economic cost is necessary and therefor not wasteful. Indeed I agree that it is central to the idea.
direct quote from him: "There are plenty of consensus protocols that don't waste energy"
i'm not entirely sure what do you consider inefficiencies in PoW, it is by design supposed to convert energy into a proof that similar amount of energy was spent producing the proof. the only inefficiency involved is how far we are from Landauer limit.
ultimately i don't think it matters which specific hashing algo is used - there will simply be more or fewer iterations per block, but for the same level of security as bitcoin provides, similar amount of electricity would be consumed.
saying that PoW has high economic cost is pretty much a truism. PoW produces very real economic value, so of course it will have a similar economic cost. if the value wasn't matching the cost - there would be more/less of PoW going on and that's exactly what the hashrate chart shows over the last 8 years of price discovery.
PoW uses energy to produce blocks in a process known as mining that consists of trial and error attempts at producing a “special” hash that meets a given difficulty target expressed in the number of leading zeroes. The difficulty target reflects the speculative work needed to produce valid blocks at regular intervals given the available hashrate. When more hashrate is added to the network the difficulty adjusts such that on average the block interval is kept around 10 minutes.
The product of PoW's work is largely wasted since all hashes produced for a given block height, other than the next valid blockhash, have no value and are discarded with the winning miner being paid the full block reward for its work. This means that not only are the hashes useless but they are also expensive to create and return 100% of the reward to the winning block producer at the cost of all other block producers. Bitcoin’s hashrate is what I refer to as an “economic firewall” in that it becomes increasingly more expensive to acquire the hardware needed to control a significant portion of the network's hashrate (eg: 51% attack), or even mine a single block, the more interest there is in the block reward tokens. Having said that, there is no causality relationship between the cost of producing blocks with PoW and the token’s price which is set in open markets were no single Exchange or a “bitcoin ceo" is a counter-party.
In other words, PoW keeps a blockchain safe because it’s wasteful and expensive. Only someone who can afford to run a mining rig would join and its costs are not covered unless their blocks are added to the canonical chain.
If the consensus protocol performed useful work, the incentive to "mine" on this chain would not only the block reward but also include ulterior motives so attackers could try to produce invalid blocks and their effort would still be justified by the value of the work done.
Hope this helps. Find me on telegram if you want to keep this discussion up, I'm always happy to discuss cryptoeconomics.
you're not telling me anything i dont know. you're just using wrong words to describe things.
PoW's work is hashes and they are discarded. PoW's product is valid block signatures and transitively - blockchain security. something is wasteful if the product is worthless. discarded hashes are worthless but valid signatures aren't worthless.
if somebody was running bitcoin miner and discarding all hashes - their work would have been a waste. people running bitcoin miners with purpose of finding valid blocks aren't wasting anything by definition:
wasteful
ˈweɪstfʊl,ˈweɪstf(ə)l
adjective
(of a person, action, or process) using or expending something of value carelessly, extravagantly, or to no purpose.
Producing fraudulent blocks (ie, containing double-spends) is the same as "discarding all the hashes" because the consensus mechanism (the fork choice rule) will ensure that the block is rejected, unless the attacker can also provide 51% of the current network hashrate to force this bad block into the canonical chain.
I defend PoW as the most secure consensus protocol for the major public blockchains precisely because the cost of an attack is so high right now. The wastefulness of PoW guarantees that there won't be reason to get involved in the mining business unless one intends to produce valid blocks and get paid for it.
edit: I would argue that producing fraudulent blocks is a "strictly dominated strategy" in game-theory terms, because its outcome is always worse than following the protocol rules and producing a valid block. From that perspective I believe it is the same as "discarding all the hashes".
> Producing fraudulent blocks (ie, containing double-spends) is the same as "discarding all the hashes"
no, it's not the same, it has the purpose of Producing fraudulent blocks. you're contradicting yourself within single sentence..
> The wastefulness of PoW guarantees
there is no wastefulness. there is energy consumption with purpose of securing the blockchain.
it would have been wasteful if difficulty was fixed and miner was spending 100 times more energy than necessary to create a block every 10 minutes, but since difficulty adjusts - there is zero waste in PoW. every joule spent was necessary and provided value.
> Stellar isn't decentralized. Just like Ripple, it uses Federated Byzantine Agreement, which means that nodes use a list of other nodes they trust. The fact that this scheme has nothing to do with the concept of a decentralized cryptocurrency
There is no centralized authority, which means that the protocol in decentralized. It's just not decentralized in exactly the same way as something like Bitcoin. Some might call that a good thing.
There's only one development team behind the protocol and only one client implementation (afaik), which means that pressuring only two or three people is enough to guarantee that a backdoor is implemented or some form of transaction censorship happens.
That's moving the goalpost pretty far. In this context the discussion is whether the protocol is decentralized. Whether the development is or isn't decentralized is also potentially an issue but it's a completely different discussion. Even if bitcoin had only one development team and only one implementation the protocol would still be decentralized.
I understand your comment but to me and others working on web3 projects, decentralisation is always measured in 3 categories, political, architectural and logical so from my perspective this isn't shifting goalposts, it's being accurate.
I saw a twitter thread today that covered the arguments against EOS (as an example) by judging them exactly on how their architecture, logical and political systems doesn't fulfil the requirements to be considered "decentralised" that might be interesting. Here: https://twitter.com/jamesspediacci/status/104981160787686195...
As long as centralized authorities are subject to government coercion (and all are and always will be), this remains a bad thing, because it leaves strangers in whatever government the authority sits within with veto power over your ability to spend your money. Fuck that.
> As a reminder, smart contracts are created using code. Code can contain bugs or may not perform as intended. Be sure to analyze and agree upon all possible edge cases when coming up with the conditions and outcomes of the smart contract.
Predicting all possible edge cases of a piece of software has been proven to be very hard in the past (there have been software bugs that literally killed people).
Why would I ever agree to let software ALONE enforce a contract? And if there is a human process to override the outcome of the contract, what advantage does it have over a "dumb contract".
I just find the whole idea of computers enforcing law very unsettling.
Smart contracts allow you to completely shortcut intermediaries and their fees in the case where everything goes right or can be checked objectively by an algorithm (ex price of a commodity on a particular platform at a particular time).
With a multisig escrow account, if you and your counterpart both agree to transfer the funds, or both agree to unlock the funds, there is essentially no fee to give away to anyone else. If something goes wrong and you don't agree anymore, well then you can involve authorities from the real world.
but the issue at hand is the case where the multisig contract has a bug and one party (or even a third party) can trigger a transfer of funds or render the funds inaccessible.
> Just do a symbolic execution of the code and prove that your intended behavior holds.
So... Introduce a human to the process? This is the exact issue we're talking about.
> A multisig contract is an utterly trivial program. It is easy to prove correct.
Even if it is, we're not just talking about multisigs. This process should scale up to more advanced smart contracts or this whole "innovation" is just replacing escrows, which is a greatly diminished innovation from the actual claim of smart contracts.
What if somebody hacks into your bank and steals your escrow account?
Presumably, in both cases the solution is the same -- law enforcement and a lawsuit.
The goal isn't some perfectly perfect decentralized system, the goal is something that doesn't have the monstrous overhead of something like, e.g., real estate deals today.
> Why would I ever agree to let software ALONE enforce a contract? And if there is a human process to override the outcome of the contract, what advantage does it have over a "dumb contract".
The cost of enforcing and collecting on a smart contract is much cheaper. Depending on the dollar amount and use case I can see the advantage.
There may be standardized contracts for certain things, I don't know. If I'm wrong and there are no good use cases for smart contracts, they won't be used. It seems reasonable that they will find a use case, though.
Crypto and smart contracts have been around for awhile, and have certainly had enough hype and money thrown at them. So why aren't there any serious uses of these things yet?
How long did it take online travel booking, or ordering books from Amazon, to have a clear and growing market once the basic concept had been developed? How long did it take Instagram to get users? How about Stripe?
Why do people keep talking about how in the future we "will" do this and that other thing with blockchain, but years go by and we're not doing it?
Is it possible that the use case comes first and building out the tech comes second?
I'm not sure why you're being downvoted. I think this is a very reasonable projection. The technology isn't just going to stagnate, it's going to continue to evolve until it finds a useful place in the world. Having insured financial intermediaries executing smart contracts isn't a far fetched idea to me.
I would imagine you would use it when a human is unable to enforce a contract - for instance when there is no other party who is capable of enforcing it or who the parties agree should enforce it (because it would be too costly or for lack of trust, for instance).
Perhaps this occurs when dealing with individuals who are in different countries and the matter is too small? or perhaps while engaging in illegal activities?
The blockchain cannot enforce properly where external, real-world events are involved, and the hard part of contract law is not figuring out when to transfer money. It's figuring out when things aren't going as intended, it's figuring out when conditions might be unlawful, or when they just shouldn't be applicable in a given situation.
1. A blockchain-based smart contract algorithm can very much check the price of a particular commodity on a particular exchange (fully automated enforcement).
2. Parties can meet up and resolve the contract themselves (semi-automated enforcement that saves escrow fees).
> 1. A blockchain-based smart contract algorithm can very much check the price of a particular commodity on a particular exchange (fully automated enforcement).
Introducing trust issues with that exchange and what it decides to report to the smart contract that day. And that's the very simplest of circumstances, one data point from one source.
> 2. Parties can meet up and resolve the contract themselves (semi-automated enforcement that saves escrow fees).
So resort to non-smart way of resolving the issue, only the dynamic has likely already been changed as an automated system may have transferred funds already.
Computers are not enforcing law, I think this is just a misunderstanding on how blockchain systems work. They rely on consensus of majority of nodes, that are operated by humans. So in effect software written by small team of people is running on nodes operated by people. Ultimately the entire system is controlled by people, as DAO "hack" clearly shows.
It's a misunderstanding that's actively promoted by blockchain enthusiasts.
A lot of people still believe that inerrable smart contracts are possible and desirable. Hundreds of millions of ICO money has been collected by blockchain projects that basically promise to do away with software bugs by using [academic language X | proof verification system Y | magic beans].
Why would you ever agree to pay legal or transaction fees greater than $0.30? It makes a new class of agreements possible where settling in court is not practical. It also brings increased transparency.
If you could get insured for software agreements using off the shelf open source software that already worked for lots of other people why not go for it? How is that worse than custom agreement and settlement via chains of private 3rd parties with opaque fee structures.
> Predicting all possible edge cases of a piece of software has been proven to be very hard in the past (there have been software bugs that literally killed people).
This is what formal verification is for. But seemingly the current Smart Contract ecosystem doesn't care...
The contract equivalent of a software bug is called a residual, an area of research Oliver Hart earned a Nobel in economics for, and subsequently applied as a model for understanding smart contracts and their shortfalls.
You are correct, it would be madness to let software alone manage a legal contract, which Hart showed was impossible to free of residuals. A smart contract can be seen as an abstraction from the legal contract underpinning it in order to self-execute where residuals do not arise.
The devil in the details resides of course in the specific contract implementations.
Smart contracts aren't for enforcing law, they're for making notary and escrow work cheaper and more automatic. The current costs for this are ridiculous.
That said, nobody actually cares for doing anything useful with blockchain in 2018. The verbiage is just a smokescreen for good old pump-and-dump speculation.
Both of the examples (2-Party Multisignature Escrow Account with Time Lock & Recovery, and Joint-Entity Crowdfunding) have been possible with Bitcoin for some time.
I recently started moving our token from Ethereum to stellar for the simple reason that I came to the conclusion that Ethereum is too far from being production ready to be of use in an application that has actual users that generate any kind of sizable amount of transactions. Ethereum is cute until you have use cases and uses that require it to actually process transactions. The Ethereum ecosystem is a big mess right now.
All the proper solutions for this are years out from being production ready and widely used. I'm talking about sharding, proof of stake, etc. It's going to take several hard ethereum forks to get there. I think Vitalik is thinking 2020/2021 type time frames currently for this. I would not be surprised if that shifts some more. This stuff is hard. Until then, smart contracts on ethereum are only useful for very limited volumes of transaction that, so far, have been mostly about ICOs for shit coins. Essentially all of the transaction volume on Ethereum is trading in these coins. So, unless you are doing an ICO to raise funding, Ethereum has no practical value whatsoever. And given the scams happening there, it is not a great place for that either.
Some people use side chains to work around this, i.e. a centrally run private blockchain. There are several proof of stake based platforms with smart contracts in the works (e.g. hashgraph, IOTA). Mostly that stuff is really immature (or not ready at all) and lacking the broad user base that bitcoin and ethereum have. Bitcoin is nice but useless for custom tokens. There are not a lot of options here that are usable now, scalable, and reasonably widely used (critical if you are going to lock up millions $ in value in it).
Stellar may not be perfect but it works right now and it scales and it is reasonably widely used. They have built a few things into stellar that largely remove the need for centralized things like exchanges or convoluted smart contracts that need auditing. This is why it is gaining a lot of traction lately.
Specifically:
- any stellar account can issue tokens
- any stellar account that trusts (this is stored in stellar) those tokens can receive those tokens
- any account can create offers to buy/sell any tokens (that they trust) on stellar
- when offers are matched by a counter offers, the trade happens.
There are no websites where you need to go to get your token listed, no middlemen to bribe/deal with, no transaction fees (beyond the 1/10^5th of an XLM), no smart contracts to write. This stuff works out of the box. You can be up and running in minutes if you know what you need to do.
If you want to issue a token on stellar the process is as follows:
- create an issuing account with a minimal XLM balance
- create distribution account
- make your distribution account trust your FOO coin issued by the issuing account
- pay some FOO from the issuing account to the distribution account. This creates the token. Paying it back to the issuing account destroys it.
- write a stellar.toml file with some meta data and put it on your domain foo.com in the .well-known directory. This tells your users and exchanges what your coin is, who issued it, etc.
- set foo.com as the home domain on the issuing account
- fiddle with the issuing account options to further control things (multi sig, preventing more tokens from being issued, etc.)
Done. They have lots of other stuff built in that is highly useful like federated accounts, a compliance protocol for people to pre-clear transactions, etc. If you start reading the documentation, it becomes very clear that this was developed by people who deeply understand the needs of those that develop complex financial products.
To trade tokens, you simply create offers and counter offers on stellar. This works right away. The recently launched Stellarx.com is just a pretty UI around the built in functionality.
To get listed on stellarx, you need some positive evidence of trading happening with your token. I think this currently means evidence of a (small) trading volume and a minimum number of accounts that hold your token. Other than that there are no bribes, listing fees, etc. I imagine that over time the requirements for this will change and there will be competing websites getting involved as well.
People making the point that stellar is a centralized system are of course somewhat right. However, it is a system that can be used right now and you can easily scale it to meaningful numbers of transactions. The shared database of transactions that stellar produces can be validated by anyone and if you run a full node, that's exactly what it does. So, it's not as black and white as this being 'controlled' by a single entity. In practice the companies that are active on stellar end up running their own nodes and validators. Many people do.
That was very informative, thanks! I was having the same impression about Ethereum, that the ecosystem was becoming wider and ever more complex, but still not very practical to actually use.
How does Stellar compare to EOS? AFAIK EOS uses the same approach of federation / trusted nodes, and is also a platform for smart contracts, so it would be interesting to see a comparison.
I haven't got much experience with EOS. My feeling is that they are a bit newer to the scene than stellar in terms of adoption/traction. They only launched this summer and stellar has been gaining traction since late last year so they are a bit ahead on that front. Regardless of what you pick, you are taking a leap of faith in long term viability/stability of what you pick.
We went for stellar because we saw some traction there, kind of liked the notion of being in an ecosystem with a bit more serious players, and we liked what it did functionally.
I tend to look at developer traction: people converting money into code as a good signal that smart people are deciding to give it a shot. Logically, since it has been only about 3 months since they launched, there cannot be a lot happening yet in terms of companies launching products based on EOS, running EOS related infrastructure, etc. I did not look at Stellar for the first half of this year for the same reason. That changed when I started hearing about people using stellar or switching to it from Ethereum around the same time I started having serious doubts about being able to run our product on top of Ethereum any time soon. I wanted to understand why stellar was suddenly a thing and found that there was a pretty mature ecosystem of companies and developers using it already. I'm not getting that kind of vibe with EOS yet.
In any case, a lot of blockchain related trading is speculative and most of that is not based on technical merit but the investors irrational perception on the chance of exchange rates going up or down. Speculators make lousy CTOs, so I tend to ignore them for technical decision making.
So, EOS doing brisk trading beause ETH holders are panicking and acting like lemmings, or because Vitalik farted in a particularly interesting way, or whatever madness of the day drives the market does not constitute meaningful developer traction in my view. It just means EOS core development is likely well funded for the next few years. Good for them.
So are you considering developer traction to be platform age and what people you know are working with?
I'm not trying to be argumentative. I personally like Stellar over EOS as well, but I haven't seen the same developer traction advantage that you're seeing. At least on Stack Exchange, EOS is more active despite being half the age.
The liquidity you get from using the Ethereum-based ERC20 standard for your token is vastly greater than using a runner-up like Stellar. ERC20 is used in something like 95 of the top 100 tokens by market cap, while Stellar doesn't even have 1 token in the top 100.
That means it's much easier to get your token listed on an exchange if it's ERC20, and there are dozens of wallets, with combined millions of installations, that users can use to hold it.
It also means numerous decentralized exchanges (e.g. 0x, Kyber) and other value-adding applications that are compatible with it, like the smart-contract based loaning Dapps that can use ERC20 tokens as collateral (e.g. the Dharma protocol) and relatively soon, second layer solutions for low-cost instantaneous transactions, like Raiden, Liquidity Network, Celer Network etc.
I just don't see why anyone would want to move from Ethereum, which has seen its market share in the token market grow steadily over the last two years, to something that's barely used like Stellar.
Is liquidity secondary to transaction throughput for the use-case of your token? If so, couldn't you use a traditional MySQL server, or a permissioned sidechain, or even a more centralized ledger like Stellar, for the high-throughput uses of the token, and use Ethereum for trading it? Going the dual-blockchain route is what Kik ended up doing with its token, Kin, based on the reasoning that having its token convertible to the ERC20 standard gave it access to a much larger pool of liquidity.
We (we is inbot.io if you are interested) are not doing an ICO, which is what well over 95$ of the Ethereum tokens are. Most of those are little more than a whitepaper and a pretty website. Most of those will never translate into anything tangible with actual economic value. Ethereum is great for that and not much else. It's a funding vehicle and most of the real liquidity at this point comes from equity investors taking chunks of your shares in exchange for token purchases. This changed over the last year. Most early ICO investors got ripped off. People are a lot more careful now and want something more tangible than a token that will depreciate 99% on the first day. ICOs as a crowdfunding type vehicle are completely dead at this point.
We're actually building a business based on our customers paying us cash for services we deliver to them. Not even future tense; we have been doing that for some time and we have actual paying customers. We want to pay our users to help us deliver value to our customers using our utility token. So, they earn tokens for stuff they do. They can then trade on stellar. A pump and dump would alienate both our customers and user base. This makes it easy for us to let our international customer base and international user base help each other without getting bogged down in admin work, invoices, payroll, etc. You'd be surprised how hard this stuff is to do in the traditional financial ecosystem (we tried).
The volume at which we do these things requires a side chain in any case: it's not technically feasible to run this on a platform that has global throughput of only 4-5 transactions per second (on a good day), high and variable transaction cost, and high degrees of uncertainty around transactions actually clearing in a few minutes (or worse). IMHO Ethereum is years away from being of practical use for anything other than acting as an investment vehicle for speculators. It only makes sense for very low volume and relatively high value transactions.
We picked stellar as our side chain and then concluded we don't need another chain on top of it. It does what we need it to do and we get trading for free through stellarx. Transactions are close enough to free that we don't care about the cost.
I'll look at Ethereum again after miners go away, proof of stake has happened, and Sharding is the norm.
Thanks for the answer. Your reasoning makes sense.
Still, I think allowing your token to be traded more widely through ERC20 compatibility may have benefits that are hard to foresee right now. It's a truism that liquidity is beneficial. In any case it's probably not urgent given the embryonic stage of tokenomics, and quite possible not worth the additional engineering costs of adding another blockchain to the architecture.
One thing I've found impenetrable about Stellar is the use of the XDR data format. I've never encountered this before and it's been a painful step in starting to build on their platform.
Are their any simple, introductory texts on it? A lot of stuff is from Stellar themselves.
I'm sure there are good reasons for using it, the rest of the platform looks simple to understand and well designed.
It's a simple binary format similar to e.g. protocol buffers. You write an idl and then generate code for different languages. The reason they went for this is that is compact. This kind of matters because this stuff is actually stored in stellar in large quantities.
It's a pretty old ietf standard actually. I recently had a discussion on this on their slack channel making the point that the choice for this was a bit unfortunate given that this is a relatively obscure format with not a lot of developer ecosystem around it.
Because of this, the stellar guys are actually maintaining their own code generation tool for this because there's nothing else out there apparently. It's called xdrgen. It generates code for a few languages. If you want to understand xdr, that's a good place to start. You can find the idl in stellar core.
I actually have an open bug for the java code generation with them, it generates broken code currently.
Any idea why they picked XDR rather than something that is more widely used in the present day, like Thrift? That is efficient on the wire, and pretty widely supported:
they wanted something standard and I guess did not realize that the IETF standard for XDR is not that widely used. I agree it would have been nicer if they went for something like thrift instead. However, it's done and I don't think they can fix this without breaking compatibility.
I do wonder why XDR sort of failed to get used and why people went ahead and created protocol bufs and thrift as alternatives.
It's defined in an RFC. The original RFC is from 1995, at which time RFCs were fairly readable, although still very detailed, documents, so that's worth a look:
The backstory to XDR is that it fell out of Sun's development of NFS. Sun engineers realised that rather than defining a protocol for NFS from scratch, they could define a generic remote procedure call mechanism (SunRPC, which became ONC RPC), and then define NFS as an application protocol on top of that. An RPC mechanism needs a serialisation format, and XDR is that format.
I get the impression that this was part of a project build a whole new world of IDL-specified RPC-based protocols that would replace the janky, ad-hoc, mostly-textual protocol suite that existed at the time - telnet, rlogin, FTP, SMTP, etc.DCE and CORBA were rival attempts at around the same time. It was an interesting time.
Of course, what actually happened was HTTP. gRPC/HTTP2 is this idea finally coming back into fashion.
From a legal perspective, this is very interesting. The concept of escrow has existed for centuries I suppose. It needs three parties, A (origin), B (escrow) and C (destination). An escrow is only needed, because A and C don't trust themselves enough. Trust is a basic necessity in any contract and providing trust is a extremely valuable service.
In (Austrian) civil law, there is something called "acquisition in good faith", which allows a third person under certain circumstances to lawfully acquire full and unrestrained ownership of a good from someone who does not have the rights to transfer full and unrestrained ownership of said good.
Example: A wants to sell a laptop to C, but doesn't trust him until he has fully paid the price. They agree to use an escrow agent B. A gives B the laptop and C gives B the money/price. Now what happens if B doesn't acts in bad faith and decides to sell the laptop to the third party T? Well, if T isn't colluding or doesn't have to suspect that B is acting in bad faith, he (under certain conditions, that are most likely met in this case) can acquire full and unrestrained lawful ownership of that laptop. A is only left with claims on account of unjust enrichment against B, but has zero chance of getting his laptop back if T refuses to give it back. In that case it may not be problematic, because A only wanted the money, although he now has to take B to court and B maybe insolvent and so forth. The problem is more poignant if the laptop wasn't a laptop, but something very unique that has no equivalent monetary worth.
And here smart contracts help: they make it impossible to transfer certain goods before certain conditions have been met. The ensure trust. That's why I believe this technology is very valuable.
tl;dr: smart contracts are very valuable, because the ensure trust.
The escrow used to be a trusted third party though. Blockchain moves the "quantity of trust previously assigned to the escrow agent" to the two parties. If one party disputes for some reason the algorithm this can't be settled automatically. With a trusted human escrow agent, an abnormal situation would probably end with him sharing part of the blame , which help resolve the conflict in a way that is not fair, but surely blame-able. There is nobody to blame with a machine though.
As far as I'm aware the oracle problem still exists, the problems of having to get data onto the blockchain from external, trusted sources.
In real-world contracts the problems don't arise over the simple execution of contract, they arise when intent is muddied or missed by words, when terms are unfair, overly onerous or legally unenforceable. Given this, there are very, very few situations in which smart contracts appear to be a good idea, particularly as you talk about anything more than trivial amounts of money.
Most transactions that occur daily across the whole world involve trivial amounts of money.
If I want to sell you a 300€ dishwasher, for example, I can either require cash, ask for a check/bank transfer and pray it doesnt bounce, or involve a 3rd party whom i trust in which case I will have to forego a % fee for their escrow service, maybe 30€.
With a smart contract, I can now be sure the buyer's funds exist and are locked before we meet. Then we shake hands, we load the dishwasher in their car and we both release the funds before parting way. I just saved myself a 10% fee and the buyer wasn't forced to get cash from an atm.
>Do smart contracts have a way to dispute an outcome?
Yes, but you have to write code to implement dispute resolution, which in turn implies you have to devise a form of "proof" to be presented to the contract. This can be tricky (or impossible).
In the hypothetical dishwasher example, what is the buyer's incentive to lock up funds before even physically inspecting the item? What is my recourse if a spiteful seller refuses to agree to releasing my funds if I decide not to go through with the purchase?
I'm not being facetious. I'm trying to understand why one would need to use an escrow service for something like this.
Buyer and seller enter a smart contract where the buyer's funds are locked for two days, then freely recoverable by the buyer only after the contract expires. That proves to the seller that the funds exist at no risk to the buyer.
A day before the contract expires, buyer and seller meet up to inspect the goods. Upon inspection, seller hands over the goods and buyer validates the release order in front of him before departing, thus completing the contract before its expiration.
> ask for a check/bank transfer and pray it doesnt bounce
Why would a bank transfer bounce? These are free and effectively instant in most places I know of now.
> I just saved myself a 10% fee
You probably had to pay network fees though.
Once again, the blockchain-positive argument seems to stem from outdated ideas about traditional banking.
--edit-- I'm going to reply here to the comment below then I shall bow out of this discussion because HN has me rate limited.
> Bank transfers are reversible.
Good, this is a form of buyer protection. Much like credit-card chargebacks. We have literally thousands of years of history of sellers ripping off buyers to show us what a great idea this is.
> Network fees will be infinitesimal compared to the fees a human wants to extract.
There are existing, non-blockchain ones with a flat fee of under £3 in the UK I could find with a quick search. Network fees have gone over this on various cryptocurrencies at various times.
1. Bank transfers are reversible. In Europe, you can void a bank transfer up to _several_ days after it has occurred by complaining to your bank. If the bank agrees with you (fraudulent transfer, identity theft, etc), they can ask the receiver's bank to transfer the funds back to you. In France, you have 13 months by law to contest bank transactions after they have taken place.
2. Network fees will be infinitesimal compared to the fees a human wants to extract.
1. Bank transfers are not generally reversible, only if another party has taken something from your account ( in Dutch "automatische incasso" ). If you did a transfer yourself it is not reversible.
1. this is obviously a good thing. Thieves, fraudsters, and scammers exist. The ability for a trusted third party to roll back history is a feature.
2. How do you know this? Typical POS Credit card processing fees are 2-2.5%. Paypal is 3%. Bitcoin transaction fees can be as high as $50! Unless your typical transaction is 4 digit dollar amounts, credit card processing is cheaper.
2. They were that high once, and have not been again
3. Point 2 really doesn't hold since they will be that high again if it ever gains mass appeal, however:
4. there are solutions to even that problem that are being tested and rolled out now called Lightning Network.
You can think it's all snakeoil or a scam or whatever, but building a little strawman to make it sound like it's pointless isn't helping anyone. There are plenty of things about bitcoin and cryptocurrencies in general that are still unsolved problems, but harping on the fees is silly at this point because it's the one that people are actively trying to solve in just about all cryptocurrencies, and I honestly believe that they have it figured out, and the road forward is just one of adoption and hardening.
Stellar uses a system that is pretty much designed to have low fees from the start, and Lightning Network is a pretty damn good way of scaling a blockchain system off the blockchain for the vast majority of transactions making fees a fraction of what they are even now.
For example, a single transaction in Stellar right now costs about $0.000002 USD. And that fee is expected to not change significantly, and unlike bitcoin is not variable but is fairly fixed, and will not go up with more activity.
Well have you checked Chainlink (they've been working with SWIFT and possibly Microsoft)? they've been working on a decentralized oracle for a year now, most of 4chan's /biz think this is the next Bitcoin/Ethereum, and I learned not to underestimate them, they called many right shots and anonymity helps create a kind of natural selection for ideas.
They've been talking about it non stop for 1 year now, and the CEO has spoken in the San Francisco Blockchain Week and they presented 5 nodes on their test network I think.
The oracle problem is not a problem. The data quality is not a concern of the blockchain protocol, only what happens to it once it enters the state trie.
Cases where the external data that must be "truthful" can be done trustlessly with prediction markets for instance or Token Curated Registries among other cryptoeconomic primitives. For cases where the data feed needs an extra layer of validation there are options around using TLS notary, secure enclaves, etc.
In the majority of use cases where the app / smart-contract users are responsible for the data they enter and that's good enough.
Yes, it really is, where human motivations to pollute input data exist at all it's a huge problem.
All of the above require external, trusted systems, or fuzzy, imprecise arguments based around the honest, enlightened economic self-interest of actors who, throughout history, have shown themselves to unenlightened, dishonest and not to act in economically rational ways.
You have to take the use case of the smart-contract / app and see what is the incentive to pollute input data. Then you can use mechanism design to motivates users to input high quality data and have trustless curated list of the best data sources.
Just in case you are not familiar with cryptoeconomics and game theory, here's an example of mechanism design I used at an interview I gave a few days ago:
> Imagine you and your sister both want the last piece of cheesecake left, so you agree to split it in half but can't agree on who should do the cut because both of you are cheaters and would take the bigger slice for yourselves.
One way of solving this is to have your sister take the knife but you get to pick your half first, since you would both be motivated to find the perfect balance and would stand to lose if either tries to cheat.
Thanks for this clear example. With a combination of Token Curated Registries and a blend of bonded attestations (a la FOAM Point of Interest recording) and reputation bonds (a la Colony), you end up with economic incentives spread out across validators and other stakeholders where there is enough of a penalty for cheating to prevent it. The key is setting the bonds correctly for the use case. This is why a multipurpose smart contract ecosystem such as Stellar wins out in my book. Token Curated Registries can be used to iteratively experiment with getting the game theory and Token economics right before there's tons of money at stake.
> You have to take the use case of the smart-contract / app and see what is the incentive to pollute input data. Then you can use mechanism design to motivates users to input high quality data and have trustless curated list of the best data sources.
You have literally just described a very shit version of Chainlink.
Let me elaborate. Chainlink will make any API feed availible to trigger a smart contract. The problem is not trusting the API, its trusting the data returned from the API/Data source has not been tampered with before it triggers a smart contract.
Chainlink is offering Town Crier/SGX for offchain computation also. This means all the complicated smart contract code can now be ran off chain and save on ETH gas costs... and take computation load off ETH.
You are not thinking outside of the box enough for smart contracts. For highly volatile data like stock prices, interest rates, crypto prices etc etc ... you wont be using Token Curated Registries or prediction markets. APIs will feed into a decentralized network of oracles running on secure enclaves with full collateralization... aka Chainlink.
Stellar is a waste because it's a great idea with a super cool protocol but with a useless shitcoin (XLM) all mixed up in the system.
I'm waiting for someone to rewrite Stellar to not have to use that shitcoin (if you need it for antispam, use Bitcoin Lightning donations, whatever), and also use it for other things, like federated DNS or a federated Wikipedia.
Ethereum smart contract are actual virtual machines. They are tiny computers that run whatever bytecode you want. You could calculate pi to a million decimal places in a smart contract, if you had the money for gas.
Stellar smart contracts, on the other hand, are simpler. A transaction can only choose from 13 operations (Buy, make offer, change trust, etc). On top of the operations, you can add some restrictions to the transaction - Stellar has support for built-in multi-sig, built-in start and end time limits, and built in transaction grouping. By combining these restrictions, grouping transactions, presigning this, and handing out that, you can make something that's smarter than a single person doing a single transaction.
As an Ethereum blockchain developer, using Stellar smart contract feels very limiting, and outside the simple cases, very convoluted.