Hacker News new | past | comments | ask | show | jobs | submit login
Facebook Libra Is Architecturally Unsound (stephendiehl.com)
631 points by nuriaion 12 days ago | hide | past | web | favorite | 348 comments





The answer to the question implied in the article -- why does Libra make such unjustified design decisions -- is simple. Some people have become enamored with blockchain despite it having almost no good use cases, and this certainly isn't one. It seems like a classic example of focusing on the technology rather than on the problem.

--

Regardless of the other, far more important sections of this article, I find the section about the programming language misleading. Programming language theory does not study the quality of programming languages or their suitability to certain tasks. It is simply outside the purview of the discipline. PLT does not have any tools whatsoever to determine which language is more or less suitable and it is not interested in that question. The theory studies the properties of formal systems and the internal implications of their design. Much like mathematics can deduce from the Peano axioms that 10 > 5, but it says absolutely nothing about whether 10 is "better" than 5 because the answer to that depends on context (are we talking cookies or tumors?) that is simply outside the purview of mathematics. Similarly, PLT can say whether a certain formal system is sound or not, but it says nothing whatsoever about whether soundness is "good", "bad" or neutral, and certainly not how good or bad it is. Of course, programming language theorists have opinions on the matter, but those opinions are not supported by the theory.

Also, given the other glaring flaws, there is nothing to suggest that a formal definition of the programming language would improve matters in any perceptible way. After all, we do entrust the world's monetary system, and sometimes even our lives, to software written in programming languages that don't have a formal definition. As someone who studies the issue of software correctness, a formal definition of a programming language is certainly of interest to theorists, but it has not been shown to be a particularly worthwhile means of increasing correctness.


If you may spare a minute, I'd like to know your opinion on mission-critical software in dangerous-prone contexts (such as avionics, life support, even just economically for permanently-written "ROM" software, etc). Formal methods seem required in such projects, but your final paragraph seems to imply the formalism isn't key to end quality?

(my agenda, for transparency: I want to send SOC's in space on tiny RISC-V satellites, and the lowest layers of those should be 100% error-free because there's no going physically there to reboot a working shell, remote is all we have.)

Regarding 'love' for blockchain, I think it's the basic proposition of "100% accurate data that cannot be controlled by anyone" that seduces. The 'cost' of that in performance becomes a nagging second concern. It gives people a feeling of safety if no other party, not their bank nor family nor employer nor anyone can alter their data, their transactions (whatever the kind, financial is but one use).

Whether blockchain is the only way to achieve that is another matter, but (afaik?) so far it's the only working implementation of the concept of perfectly secured data. I think that's what drove people nuts. I also think Bitcoin or currency in general is but one use case and a very impractical one in the current financial environment, i.e. Earth circa 2019. I'd wager there are much better avenues to explore, eminently non-financial in nature, such as peer-to-peer 'free' communication, or formal (law, contracts) codification (anything official and 'forever' until 'revoked'). No coin, no market, no whatever but the benefits of a slow but 100% truthful database, for small data (text fits quite well).


> but your final paragraph seems to imply the formalism isn't key to end quality?

That's not what I said. I said that merely creating a verified formal specification of a language is not in itself a good path to increasing correctness, and I wouldn't focus on that as a significant cause for concern given all others. But even when you use formal methods in the development of your software -- and I'm certainly a proponent -- there are many formal methods with widely different guarantees and costs, and some of them don't require a formal specification of the programming language. Moreover, no system can be 100% error free, regardless of verification method used. Systems rely on hardware whose actual behavior can never be "proven" correct, and, at best, only probabilistically matches the spec.

I personally believe that some formal methods can greatly improve correctness, and do so affordably, but the question of which formal methods are worthwhile when and by how much each of them improves correctness is very much an open question.

> it's the only working implementation of the concept of perfectly secured data.

I strongly disagree. There is no such thing as "perfectly secure." Security is defined with respect to certain threats (e.g. a hazmat suit can protect you from poisonous gas but gives you no defense from bullets, whereas a bullet-proof vest is the opposite), and blockchain is rarely the most secure with respect to the most relevant threats in a monetary system.


> Security is defined with respect to certain threats, and blockchain is rarely the most secure with respect to the threats in a monetary system.

Wow, this is a great way to frame this! What do you see as the largest threats to the effective operation of a monetary system?


I think this question is best answered by economists, and I'm certainly not one. But blockchain does seem to interfere with some of the best regulatory defenses against economic disasters.

Blockchain gives the impression that the primary threat it is designed to defend against, is a government deciding (like Germany between world wars) to inflate their currency for whatever reason. So, not surprisingly, in order to defend a currency against being decreased in value by a central authority, it is vulnerable to all of the threats that a central monetary authority might help you with.

Which of these threats you think is the more salient is, of course, a matter on which people may disagree. I personally find the risk of a central monetary authority devaluing my money, to be not one of my top concerns, but I could understand why others might think differently (especially if they were in a different country, that used a different currency).


Right, here in Argentina our currency has lost more than half its value this year, and the US dollar has lost 96% of its value since the end of the gold standard in 1973. I carry a Zimbabwe 100 trillion dollar bill in my wallet to remind people what real hyperinflation is.

I don't think that's the main threat Bitcoin is designed to defend against, though; I think there's a whole spectrum of confiscation threats, ranging from thieves tunneling into bank vaults (I know a woman here who lost her savings that way), to immigration authorities confiscating jewelry, to pirates, to trumped-up "money laundering" charges. And of course if we're mentioning Germany and World Wars, we must not forget the confiscation of Holocaust victims' entire possessions, including jewelry and fillings after the gas chambers. Bitcoin can't make genocide impossible but maybe at least it can make it unprofitable.


> the US dollar has lost 96% of its value since the end of the gold standard in 1973

It is more like 80-85%, not 96%. $1 in 1972 is $6-$6.5 in 2019. A 96% loss of value would mean $1 in 1972 is more like $25 in 2019, which is not the case.

Also to phrase it in context you should probably say "the US dollar has had an average annual inflation rate of 4% per year over the last 5 decades". Also for additional context you should point out that bonds slightly exceeded, and that $1 of stock in 1972 in the US market became ~$104 in 2019.

Context matters a lot here.


It depends on which particular data series you use for deflation. There are definitely things for which US$1 in 1972 is more like US$25 in 2019, such as gold and energy. To take one example among many, oil cost US$3 per barrel at the beginning of 1973, and despite the fracking boom in the US, it costs US$63 today, 21× as much. And, as you yourself point out, you need over US$100 today to buy shares of stock that cost US$1 in 1972. (And there are other things which are cheap in 2019 that were unavailable at any price in 1972, and vice versa; and there are borderline cases like videotape recorders and microcontrollers, on one hand; and 1963 Buicks, ivory, old-growth redwood lumber, and quaaludes, on the other.)

I agree that "an average annual inflation rate of 7.1%" (or, using your US$6 number, 3.9%) sounds much milder than "lost 96% of its value since 1973" (or 83%). Where I differ is on whether the milder presentation or the more dramatic presentation is more informative. I think that, except to financial traders, "3.9%" or even "7.1%" is a misleadingly insignificant number.

Consider that throughout the 1600s, 1700s, and 1800s, there were families that lived on the interest income from government bonds, both in the US and in England. Even throughout the 20th century, people would buy "savings bonds" as presents for children or as a means to save up for college or retirement; the bonds would reach maturity decades in the future, providing a healthy reward for the prudent and patriotic purchase. Since the end of Bretton Woods, that 3.9% or 7.1% has made nonsense of such ideas. Despite what you might think, this hasn't eliminated plutocracy or increased social mobility — rather the opposite has happened in the post-Bretton-Woods years, in fact. I think it's hard to obtain the historical perspective necessary to appreciate the importance of this radical experiment. But it is, I assure you, a worthwhile effort. I recommend it.

Perhaps inflationary monetary policy is a necessary instrument for avoiding financial panics; it's a plausible idea. But the evidence against it — particularly the 1970s stagflation in the US — suggests that, though plausible, it isn't such a clearly open-and-shut conclusion that we should deny everyone access to alternative, non-inflationary currencies. Moreover, in most scenarios, attempting to institute such a policy would only deny such access to everyone but the well-connected and influential.


Certain things outpace inflation, yes. Certain things are drastically cheaper. That's why we use an inflation measure that's sort of an aggregate, not pinned to one or two commodities. You don't spend 100% of your money on oil and gold.

Oil now is 3x more expensive even after a more average inflation of ~4% compared to the bottom of 1973 (though in the mid 90s it wasn't so bad). Energy as a whole though, is not 3x more expensive. Petrol is only about a third of energy consumption. Consumer electricity prices for instance are relatively constant from the 70s through now. Slight increase in the 80s, slight decrease in the 00s, but within say <5% of prices.

I'm not making assertions about the change to bond markets (which I agree are historically fascinating, and will continue to be so in the future too).


There isn't an objectively correct basket of goods that is obviously the correct deflator to use, which seems to be a significant underlying assumption of your line of reasoning. The debate about which ones are the important ones to include in statistics like the US BLS CPI is a politically charged debate resolved in part by political means, not purely by the disinterested pursuit of truth. The CPI in particular eminently susceptible to drift over the years, since the goods in it change over time according to the Consumer Expenditure Survey — in 1973 people in the US were buying washing machines that are still in use today and Saran Wrap made of actual Saran, for example, and today they're buying washing machines that wear out in five years and Saran-free Saran Wrap. And of course it measures the prices of only mass-market consumer goods, not services (such as the essentials, child care and elder care) or custom or unique goods such as hand-tailored suits or buildings — a political decision, not an objective one.

If we want to be skeptical of carefully tailored metrics with thousands of parameters produced by political appointees, what standard should we use to measure the value of the dollar? Precious metals have been the standard against which currencies have been measured for several thousand years — the gold standard for measuring the value of currencies, you could say — and by that standard the dollar's loss of value since 1973 is about a factor of 25. This compares to about a factor of 2 over the previous 40 years, since 1933, and a factor of about 1.1 over the previous 140 or so years since the dollar was introduced.

I suspect that if you compare other goods which are, like gold and crude oil, verifiably produced to the same standard of quality in 1973 and today, you will find a similar factor of 16–32 in their dollar prices. I'm thinking of the most common grades of steel, aluminum, brass, portland cement, window glass, industrial electric motors, and so on. There will definitely be some exceptions — ±1% resistors are much cheaper now, to the point where you can't even get the ±20% kind that were the norm in 1973, and I imagine the same is true of specialty steels, synthetic sapphire, and a number of other things that were barely feasible at the time; and presumably photographic film has become more expensive, as it has ceased to be a mass-market item. If you're right about the cost of electricity "staying the same" — by which I assume you mean that, in the US, it increases in line with the BLS CPI? — this suggests that my hypothesis won't be true of coal. Do you have any other ideas?

Let's take anthracite, because it's the purest grade of coal, so it should be less vulnerable to variation in value from drift in grading standards. https://www.eia.gov/totalenergy/data/annual/showtext.php?t=p... suggests that nominal anthracite coal prices have risen from US$13.65 per short ton in 1973 to US$70.99 in 2011; https://www.eia.gov/energyexplained/coal/prices-and-outlook.... says that in 2017 they were US$93.17 per short ton, FOB the mine. That's a factor of 6.8, which is a lot closer to 6 than to 25.


> If you're right about the cost of electricity "staying the same" — by which I assume you mean that, in the US, it increases in line with the BLS CPI?

Yes I meant real price, not nominal.

US electricity is somewhere around a third from coal.

I would be interested in a study showing a 15-30x increase in similar-quality construction materials.

The fixation on gold makes no sense to me. It's just a commodity, not a super useful one either. Gold's price floats wildly based on people's fears. It's not like everything became 4x more expensive between 2000 and 2015.


> Yes I meant real price, not nominal.

We were debating precisely which data series is best for computing the "real price" from the nominal prices. But it seems you take me for a fool and beg the question.


I see your point, but I think there are plenty of examples of people losing their Bitcoins through analogous nefarious activities (e.g. MtGox). For an expert in cybersecurity perhaps Bitcoin is safer, but for the average non-technical person (in the U.S.) it is probably _more_ likely to get your money taken by a thief than if you had it in fiat currency in a bank, though of course either one is possible.

Again, this could vary depending upon your nation's government and crime situation.


I think it's true that "for the average non-technical person (in the U.S.) it is probably more likely to get your money taken by a thief than if you had it in fiat currency in a bank." But I think you're locating the problem in the wrong part of the conjunction: the reason fiat currency in a US bank is more secure is because US banks are fairly secure, not because the fiat currency is secure.

It seems like some sort of confusion to blame the Mt. Gox heist on Bitcoin. Mt. Gox's depositors gave their Bitcoins to Mt. Gox; Mt. Gox didn't give them back and claims that an unknown party absconded with them. If you lent your car to a random French PHP programmer in Japan and he came back without the car, you wouldn't blame that on cars in general being an "unsafe" investment.

If the Mt. Gox depositors had kept their Bitcoins in a paper wallet in a Bank of America safe deposit box rather than in Mt. Gox, they'd still have their money. (In fact they'd have enormously more money, but that's sort of random; it demonstrates the fickleness of markets rather than any kind of fundamental security of Bitcoin.) Conversely, the investors and banks who invested or lent dollars and yen to Mt. Gox lost as much or more as the Bitcoin depositors.

Probably a BofA Bitcoin account would be better, but that's a matter of convincing BofA to offer Bitcoin or similarly secure currencies, instead of or in addition to dollar-denominated accounts. And that's where Libra comes from.


> But I think you're locating the problem in the wrong part of the conjunction: the reason fiat currency in a US bank is more secure is because US banks are fairly secure, not because the fiat currency is secure.

Fiat currency is secure in US banks because there is vast institutional protection for banks such as FDIC insurance and extremely strict laws against bank theft, the Federal Reserve, and so on. There are no such institutional protections for Bitcoin and there never really can be, by design.

> If you lent your car to a random French PHP programmer in Japan and he came back without the car, you wouldn't blame that on cars in general being an "unsafe" investment.

Sure I would - if lending a car to strangers was an effective necessity to use one in the same way using an exchange is an effective necessity to use Bitcoin, and there were "alternative cars" (aka fiat currency) that required no such lending to strangers.


Leaving your Bitcoin in an exchange is not now and has never been an "effective necessity to use" Bitcoin. However, for fiat-currency transactions, it is an effective necessity to leave your fiat currency in an "exchange" called a bank, if you want instant electronic transactions. Unlike with the banking system, you can engage in instant electronic transactions with Bitcoin you hold in your own wallet — although some counterparties may prefer to wait for a number of confirmations.

> There are no such institutional protections for Bitcoin and there never really can be, by design.

This is nonsense. Bitcoin's design permits all the same institutional protections available for dollar bills or precious-metal coins, and additionally permits others that are enormously more secure than the mere incentive structures we must rely on in the case of dollar-based institutions. For example, a bank holding gold or dollars cannot produce a mathematical proof of its reserves as a Bitcoin bank can, and there is no dollar equivalent of multisig wallets.

So, in both cases, you are incorrectly imputing advantages to fiat currencies that in reality belong to Bitcoin in this comparison.


> However, for fiat-currency transactions, it is an effective necessity to leave your fiat currency in an "exchange" called a bank, if you want instant electronic transactions

Yes. However there is also cash which allows for instant anonymous transactions in the physical world which is sufficiently widely accepted to be used to the exclusion of banks, if you so choose.

> you can engage in instant electronic transactions with Bitcoin you hold in your own wallet

Isn't the fact that transactions are not instant widely perceived in the Bitcoin community as one of, if not the, greatest barrier to adoption? If not, why all the investment in the Lightning network?

> Bitcoin's design permits all the same institutional protections available for dollar bills or precious-metal coins, and additionally permits others that are enormously more secure than the mere incentive structures we must rely on in the case of dollar-based institutions. For example, a bank holding gold or dollars cannot produce a mathematical proof of its reserves as a Bitcoin bank can, and there is no dollar equivalent of multisig wallets.

You're saying these words but not addressing the substance of what I said. There is no FDIC equivalent for Bitcoin - unless there's an exchange that guarantees replacement of lost/stolen Bitcoins? Replacing Bitcoin seems a difficult proposition when fiat currency can just be created out of thin air but Bitcoin cannot - once it's lost, it's lost, and can only be replaced in a zero-sum way.


> the US dollar has lost 96% of its value since the end of the gold standard in 1973

And Bitcoin lost over 90% of its value in just under 2 years. Where are you going with this, council?


> And Bitcoin lost over 90% of its value in just under 2 years.

When do you mean? Right now Bitcoin is US$9400, which is almost exactly half of its all-time high value of US$19891 (in 2017). There are several times it has lost more than half of its value, but I don't remember a time when it has lost 90% of its value.

The reason the dollar inflates and never deflates is that it's designed to inflate. On purpose. The underlying Keynesian monetary theory is a radical experiment in stimulating economic activity by maintaining the proper level of unemployment — when unemployment is "too low", central banks raise interest rates (in effect, printing less money), while dropping them when unemployment is "too high". Of course, deliberate inflation of coins by governments has a much longer history than Keynesian monetary theory or fiat currencies — not only did Song China experience it when it introduced paper "representative money", but it's also a well-attested phenomenon in Roman commodity money and later coinages (there known as "debasement", in a technical sense different from its metaphorical use in literary English to describe degradation.) But Keynesian monetary theory, which might be correct, provides a theoretical justification for believing that inflation is good under some circumstances and bad under others, and since 1973 we are all, for better or worse, participating in a radical large-scale experiment to test this hypothesis.

Bitcoin is, in significant part, a dissident response from a group of eccentric intellectuals looking for a way to opt out of that radical experiment. Consequently it is designed to make inflation (of Bitcoin) infeasibly difficult — the existing Bitcoin supply increases asymptotically toward a fixed quantity, known in advance. So, although Bitcoin's value will fluctuate, sometimes wildly, it doesn't have the secular inflation trend designed into the dollar's governance mechanism.


> we are all, for better or worse, participating in a radical large-scale experiment to test this hypothesis.

Well if you have a suitably sound and accurate economic model that you’ve been secreting away, let us know and save us the time. Additionally, it’s not like it’s been exclusively Keynesian economics since the 70’s: there’s been a huge amount of neoliberal economics going around-do you not remember the popularity of austerity measures during the 2008 GFC?

To me, bitcoin and co’s dogged insistence on the evils of inflation feels more like someone along the way had some personal issue with inflation alone and designed something to counteract it, plausibly at the expense of numerous other economic factors.


Yes, I agree.

> When do you mean? Right now Bitcoin is US$9400, which is almost exactly half of its all-time high value of US$19891 (in 2017). There are several times it has lost more than half of its value, but I don't remember a time when it has lost 90% of its value.

Looks like I overstated it slightly. It lost 85% of its value between its all time high December 17th 2017 ($19,891) and December 16th 2018 ($3,159).

The rest of your response, in my opinion, is immaterial. I can't imagine a soul who'd prefer their money to "fluctuate wildly"—to the tune of -85% in a year—vs slowly losing 1-3% per year. Especially when there are very accessible financial instruments (e.g., TIPS) to avoid even that.


Anyone who invests in a stock is taking a significant risk of losing 100% of their investment, a risk on the order of 5% per year. Anyone who invests in gold is used to seeing it fluctuate by a factor of 2 or 3 most years. Yet not only are these popular investments — they're better investments than dollars are over all but the shortest time periods. Anyone who invested a large amount of money in stocks or gold in 1973 would be rich today, unless they were very unlucky at picking stocks. Anyone who invested a large amount of money in a bag of dollar bills in 1973 would be poor today.

In short, if any soul you could imagine had won the lottery in 1973, they'd be poor again by now because of not knowing how to manage their money, incorrectly believing that a currency is not a kind of investment.


You're moving the goalposts. Are we comparing BTC to currency or investments?

People invest in things, generally understanding the risk. Risk is not all equal. BTC is far riskier (more volatile) than virtually all publicly traded stocks or commodities. See again the very recent 85% drop in 1 year.

And let's be clear: BTC is not comparable to a stock. Company stock is valuable because it gives you ownership (and therefore a stake in) the company's profits. Gold is a much more reasonable comparison, but even that has real practical value (e.g., use in electronics, jewelry, dental work, etc.) And funny enough, Gold is worth less today than it was in 1979. So... it's not a great investment. It's just volatile, and "investment" in it is basically a 0-sum game. Just like Bitcoin.


> Gold is worth less today than it was in 1979.

In 1979 the price range of gold was $226 to $512 per troy ounce, a slightly higher level of volatility than the Bitcoin level you describe with a bit of exaggeration as "far riskier than virtually all…commodities." The gold price today is $1485 per troy ounce.

I'd like to caution the people who have downvoted your other comment that there is a plausible reading that is sufficiently charitable to make your new comment not actually false. Namely, although if you measure it in dollars, it's "worth" 3 to 6 times more, even over the timespan you cherry-picked, the dollar has lost more than a factor of 6 since 1979, so gold really is worth less today than it was then. The attraction of gold — just as with Bitcoin — is precisely that it doesn't have a secular decline in value built in, so it's a good vehicle for preserving wealth through periods of instability, even though it doesn't generate a return in the way that stocks and bonds do.


> I don't think that's the main threat Bitcoin is designed to defend against, though; I think there's a whole spectrum of confiscation threats, ranging from thieves tunneling into bank vaults (I know a woman here who lost her savings that way), to immigration authorities confiscating jewelry, to pirates, to trumped-up "money laundering" charges. And of course if we're mentioning Germany and World Wars, we must not forget the confiscation of Holocaust victims' entire possessions, including jewelry and fillings after the gas chambers. Bitcoin can't make genocide impossible but maybe at least it can make it unprofitable.

You cannot mean this seriously. Every example you write is worse for bitcoins. If your coins are stolen, that's it, you can pretty much kiss them goodbye. If the government wants to confiscate someone's bitcoins, they will beat the private key out of the holder with a $5 wrench. If WW3 breaks out and the world order collapses, a wholly digital asset that relies on a large network of high upkeep, high-tech infrastructure is surely not a particularly safe bet. You can bet that datacenters will be among the first casualties in such an event, whether outright government confiscation or a denial of service attack by the enemy.

If a bank gets robbed, for most cases it won't impact account holders at all. Even if the bank goes bankrupt, there are various government schemes that will cover account holders up to some limit (e.g. $250k currently for the US). There is none of this for bitcoins. There could be of course, but then the argument is: what do cryptocurrencies actually offer beyond what is already possible with normal currencies?

To the best of my knowledge, the only practical benefit of cryptos is that they completely sidestep KYC/AML regulations and therefore one can easily move money between regions that draw regulatory scrutiny. Countries with at least semi-modern banking infrastructure already have instant transfers so let's not bring that argument up. In any case, that's not a feature uniquely enabled by cryptocurrencies.

The fact that bitcoins are deflationary I consider a bug, not a feature. Perhaps history will prove me wrong, but in my opinion money is not supposed to be an investment asset. People should not hold cash expecting it will appreciate. It should be reinvested as much as possible.


Basically, scams. The ability to block a planned payment or ask your bank to chargeback is one of the keys to trust in online economy.

If our banking system had used something like bitcoin to implement online transactions, odds are that e-business would have had much less successs and much higher barrier to entry.


Given a system with irreversible transactions you can always add structure on top to support escrow, chargebacks, or whatever other protection mechanisms you deem prudent. It doesn't work so well the other way around.

Protection from scams requires that a malicious actor with full technical control of some account is still unable to make irreversible transactions by opting out of whatever structure supports escrow, chargebacks, etc; so either those mechanisms (conditional reversibility, with technical controls defining a reasonable regime of when reversals will be possible and when not) are built in the core system and aren't optional, or the system doesn't have a sufficiently usable reversibility because all the really large scams will simply avoid that "structure on top".

The other alternative, of course, is someone taking on full legal liability for transactions that can't be secured technically. If Facebook would offer Libra to consumers in e.g. UK, then all that "transactions are technically irreversible" means is that Facebook would be required to "reverse" the transaction to customer while being unable to recover the funds from the beneficiary - and if they can afford to do that, that's their choice to make.


You're asking way too much. It's not as if the current system actively prevents you from opting out of all the safety measures and, say, irreversibly handing cash (or something else of value) directly to a scammer; nor should it. Reversible transactions come with costs, especially when the other side of the transaction is not reversible. Chargeback fraud, for example, is a big problem for merchants, and can only occur in a system with reversible transactions. Contracting parties should be free to negotiate both the form of payment and the degree of risk each side is willing to take.

The main problem is simply the novelty of it all. Once reasonable and customary structures to handle disputes are in common use asking people to bypass those structures without a very good reason will be just as much of a red flag as it is under the current system.

Facebook is not a party to a transaction between any other two Libra users and should have no liability in the event of a dispute over payments beyond maintaining accurate records and providing a fair and above all neutral platform to conduct business.


There's a bunch of "should" in this argument. I won't debate whether it should have liability, but I'll point out that no matter how it ought to be, according the law of the land at least in EU any payment service provider inavoidably has liability in certain cases e.g. when your account has been hacked; if they are unable to reverse a transaction that wasn't authorised by me but by someone else, well, that's their problem, they still have to compensate the consumer above a self-risk of 50 Eur.

The original article mentions UK Consumer Credit Act which IMHO is not appropriate (its scope is limited to credit relations, and the protections of that act generally exclude both debit cards and most e-money systems including Libra), so the scope for potential payment service provider involvement in disputes between buyer and seller is narrower than that - and probably closer to your "should" statement than the arguments of the original article.

However, it can't be a fully neutral platform distancing itself from all liability. It is illegal to "simply" offer payment services without incurring any liability for misuse of them, breaching AML/KYC regulations, etc. Facebook has not yet (as far as I know) stated what exact legal structure they'll use for compliance with the legal requirements, so I can't comment on that, but they did make statements that Libracoin will comply with the EU regulations so I presume that some legal entity regarding Libracoin (possibly co-owned by the consortium members, or possibly multiple entities) will (have to) be a licensed payment service provider in EU, and similarly (it's usually done with separate legal entities) in other major jurisdictions.

Technical structures that "just happen" such as Bitcoin can ignore regulations but any person or organization that wants to offer services using these technical structures is fully liable for meeting all the legal requirements - and if the technical structure makes impossible to do something, they're still fully responsible for any consequences of not achieving the impossible thing; if they don't want the liability, they're free to not use that technical structure and not use/offer/advertise anything with it.


This thread was originally about the social and technical issues of scams in the context of irreversible ledgers, not legal liability. As far as that goes I am in full agreement with you: Facebook and other Libra consortium members are likely to face quite a bit of legal heat from various jurisdictions desiring them to block or reverse transactions and willing to hold them accountable for others' actions on the network. In my opinion the only sane way to introduce something like Libra would have been to give up control entirely, along with the ties to fiat currencies, and make it a permissionless, decentralized system like Bitcoin. Exchanges in a decentralized system have various regulations applied to them but in the end they aren't inherently in the position of transmitting money on behalf of their users; nor are they strictly necessary for the network to function. Libra, on the other hand, will be seen as a payment system controlled by Facebook and the other consortium members, and Facebook itself as a money transmitter, not a mere buyer and seller of coins.

Personally I find it much more interesting and productive to debate what the law ought to be rather than what it is, but as a practical matter Facebook will obviously need to take the various injustices of the jurisdictions in which they intend to operate into account—and the centralized design of Libra doesn't seem very well suited to deal with that reality.


There are a lot of minor threats to monetary systems that blockchain does not address. Bitcoin addresses the rare but fatal threat of hyperinflation (runaway inflation). Historical examples https://en.wikipedia.org/wiki/Hyperinflation#Notable_hyperin...

The only known solution to this threat is not have a single supplier of money (i.e. a lot of independent miners digging metal out of the ground, or the block chain equivalent)


Exactly what I needed to hear, thanks again.

I reckon the only way to error-free is redundancy, i.e. 'out of the box' we just put two boxes, or actually three for "high availability"; the underlying controller being just a dead man's switch — if A's life signal dies, failover to B; set up C as new failover; reboot A.

> I personally believe that some formal methods can greatly improve correctness, and do so affordably, but the question of which formal methods are worthwhile when and by how much each of them improves correctness is very much an open question.

Oh I can see that.

In general terms, I think cost should be focused on the most critical components; like we don't need to test every single bit of code before production. You just crash gracefully and resume state when the loss (if any) is acceptable. When it's not, then it's not a choice to front the cost, it's an imperative, part of your 'spec' as a business/product/service/free thing. Tor is slower than normal browsing, but that's the tradeoff. Fast forward 10 years and costly workloads have become either accelerated by hardware or simply benefit from general improvements, like encryption is now fundamentally cost-free for usual things like TLS (AES-based things), or increasingly AI workloads.

> blockchain is rarely the most secure with respect to the most relevant threats in a monetary system.

I very much agree. Key words being "in a monetary system", and indeed it's about economics more than tech (what I alluded to in saying 'Earth circa 2019', i.e. globalized monetary system, central-bank driven, mostly insured for most customers, etc).

Hence why I advocate that blockchain proponents explore other domains. I know businesses are, but it has more to do with topics like compliance (internal, legal).


> I reckon the only way to error-free is redundancy, i.e. 'out of the box' we just put two boxes, or actually three for "high availability"; the underlying controller being just a dead man's switch — if A's life signal dies, failover to B; set up C as new failover; reboot A.

You can have a lot of this automatically with "lockstep" chips, such as TI Hercules: http://www.ti.com/en/download/mcu/SPRB204.pdf?DCMP=hercules&...


Very interesting! Duly noted, thanks for the pointer.

>That's not what I said. I said that merely creating a verified formal specification of a language is not in itself a good path to increasing correctness, and I wouldn't focus on that as a significant cause for concern given all others.

This seems to be poorly considered. Isn't it easier for an OS and a language to be verified once even at great cost than hoping future billions of lines of developer code already produced at lesser cost per line are actually correct?

https://microkerneldude.wordpress.com/2016/06/16/verified-so...


A formal specification for the programming language doesn't automatically verify all programs written in it; in fact it verifies none, or at most one. It serves two purposes: it defines what each language primitive does so that proofs of programs written in the lang can make use of those definitions, and sometimes it is also used to verify that a compiler indeed preserves the language's semantics, as defined in the spec, when translating it to some other language; in other words, it can be used to verify the compiler.

Focusing on a formal language spec is like saying that a good way to make your software more correct is to work hard to ensure your compiler doesn't have bugs. I'm sure you'll agree there are more important things. As to use by program proofs, often an approximate ad-hoc specification is good enough.

BTW, the article you linked to is about one particular formal method -- deductive proof. There are many others, with varying costs and benefits.


Beware of bugs in the above code; I have only proved it correct, not tried it. --Donald Knuth

On the one hand we have the management mantra: if you can't measure it you can't improve it. On the other hand we have Goodhart's law.

And so 'correctness', 'safety', 'quality' (or absence thereof) are fluid concepts that can never be formalised precisely.

Language/logic sucks, but it's all we've got.


> Language/logic sucks, but it's all we've got.

Perhaps, but PLT is not the main discipline studying software correctness -- those would be formal methods and software engineering -- although it has some overlap with those disciplines. PLT is not the general name for all study of programs; it is the name for a particular perspective, and a particular component of that study.


> my agenda, for transparency: I want to send SOC's in space on tiny RISC-V satellites

I've seen your posts in multiple threads K0SM0S, and I generally enjoy reading your thoughts and opinions. When I meet people I find interesting, I like to ask what they plan on doing with their lives. I understand completely if you don't want to share further details, but I for one would be interested in an off-topic detour into your intentions with these microsatellites. One application I always toy with in my head is a time+location verification service, but I don't think satellites are strictly necessary for that one unless you're trying to work around region-specific laws that would regulate towers.


Hi,

I'm not sure if you'll get this late reply.

First of all, thank you so much for your kind words, they mean the world to me, and for your interest — which is now reciprocal, I want to hear about you as well!..

I must admit I've spent way too much time trying to answer your questions in a 'concise' manner —HN's norm— but, as usual with this topic, it proved unusually hard fo me. It's rather complex, several independent yet synergistic 'moving parts' — too much repetition and cognitive bloat for a mere comment.

Thus I'm drafting something to share and discuss the concepts, if time permits it'll be up on some website (maybe reddit, maybe a forum, maybe some blog, idk...) by month's end. I'll keep you updated, if you so wish. You can reach me by email `cosmos// a t //vcx.cx` ;-)

The gist of it, FYI:

- the satellite thing is a personal research project (in very tangible ways, the experiment is to actually do it and launch). But the endgame (think 2030-2040) is a massive swarm of ~8 billion devices or more, if you catch my drift.

- However, it's an extension to a ground network which essentially aims at being an alternative infrastructure to internet. Formally it's something along the lines of a distributed, decentralized ("peer-to-peer") mesh network, fully encrypted yadi yada.

- This network is but an "optional" medium for my original idea (in ~2010) which was, in dumb terms, a communication network (which people would call 'social network' I guess, but it's not against such existing services, it's more of a global standard / spec whose primary goals are security/freedom/privacy, interoperability (like email), and to be 'unstoppable' (in the event of war, catastrophe, etc). Going back to first principles, this 'network' is not even an application but a formal protocol I suppose. It's the kind of thing that would ideally exist as an RFC 'standard' by the IETF.

This is more generally motivated by some of my philosophical values, notably freedom, empowering individuals (in the name of progress, civilization, but also happiness, self-growth).


Oh yeah, mesh nets are another great thought. We definitely need our own pipes. CJDNS is beautiful (I love that addressing scheme), but lacks incentives for people/corporations to build infrastructure for non-ideological reasons. The OpenLibreNet whitepaper had the incentives theoretically correct, but didn't go anywhere. I honestly haven't kept up on this space, but I still think about it a lot.

My biggest question is how to handle payments. Bitcoin can't realistically handle the micropayments for this purpose -- I'm not waiting for a block to hash before my website loads, nor do I want to pay miner fees for every request. The best proposal I'm aware of is that nodes keep track of balances to neighboring nodes, and when you want to establish a new connection with an unknown node you need to send them an up-front payment for X amount of data in advance. (The price of data wouldn't really be per byte of course, it's bytes multiplied by the arbitrary node-selected edge-costs all the way to the actual source and back through the cheapest/fastest path as selected by the end user.) Then when you're approaching the limit you pay more in advance, aggregating the micropayments. This means the inital connection still has to wait for a block to be hashed, and it's annoying from the perspective of a user trying to find valid peers once it's profitable enough to launch malicious fake nodes that eat up-front payments and refuse to forward packets. The initial connection time issue might be mitigated by allowing a Zahavian signal worth of coins to be sent to a burn pile, like an address that is just all zeroes, since a user who was willing to burn a pile of coins covering X+Y data Z hours ago probably isn't trying to rip you off for X data now even if they haven't successfully made a payment to your specific node yet. I'd like to believe that something like IOTA could probabalistically work well enough for micropayments that we don't have to worry about that, but I'm not convinced. Ideally a connection could be established quickly enough that vehicles passing along highways/oceans could route traffic as they go, breaking apart and reforming as necessary.

IPFS is worth googling too, if you haven't seen it already.

I'll send you an email before the end of the month!


> CJDNS

I need to research more into that. Great pointer, thanks!

> IPFS

Yup, definitely, it's on the radar. It's still not production ready though, I'm unsure whether it will/can (I mean this particular project/implementation, not the concept).

> payments

You've definitely thought this through, maybe developed already on e.g. blockchain?

Note that my initial idea, for a neutral human communication medium/protocol, dates back before bitcoin, blockchain, etc. My "system" was designed thus works without those. The inspiration was another 'bit' network: bittorrent.

Later on when I found out about bitcoin etc., I researched the tech. While I ignore the 'currency' aspect of blockchain for this project (because 'currency' is an application; and I'm merely concerned with the protocol beneath all applications), I did find interesting ways to integrate the blockchain paradigm itself (the idea of a database that can't be tempered with, and may be distributed).

My system remains independent of its database implementation though, it should work with simple txt files, or more typically some postgres.

The naive architecture is simpler than you might think, it relies on tried-and-true enterprise-inspired models and implementations. Simple things. Where we do the magic is precisely in the execution, to make it extremely efficient (eg target the lowest viable solution space; have a "concurrency-driven design" for scaling, modularity, distribution). And as of 2019, we have incredible computing resources in the hands of half the population, so 'efficient' is 'enough'.

So there's no payment at this level. It's a protocol, a language we agree to use, and one application may be human communication, but I may be wrong about that part. The protocol stands nonetheless. We are fundamentally not far from XMPP conceptually, although we integrate much deeper (XMPP could probably be a high-level API of a node in this system).

However there's this simple equality rule: "for every bit you ask the network to process n times, you too must process n bits for the network in return". Take some, give back some.

So nodes come a la "BYOR" (Bring Your Own Resources: CPU, RAM, storage, GPU, sensors, whatever), and each node is both server / client; like bittorrent or Tor you simply receive and serve continuously.

This puts the burden of scaling entirely on users individually (remember, it's decentralized: there's no central anything, no 'final' or 'higher' authority) and you'd expect the biggest traffic producers to also be those who make a business out of it (and I'm sure there would exist many applications on this system to let users charge/pay e.g. content or merch etc). Note that "sharing" should probably mean you are willing to 'seed' said shared content, thus fairly distributing load in viral cases.

Note that the network should guarantee anonymity of all accounts (each of your chosen 'persona' is derived but your core account is never exposed and can't be compromised by misuse, only theft in-real-life).

> mesh

It's a hard problem though, I'm aware of that. The MVP may definitely 'cheat' by using regular internet to bridge the gaps (it will be necessary anyway between cities). But one primary goal is that whenever possible (i.e. within range), two devices should never communicate but through an ad hoc LAN between them. Why go to Google's server when I just need to serve a file that's locally cached in the next room, or maybe just next house?

Baby steps...


Sent you an email. It's from a recently created protonmail address, so it might end up in your spam folder.

Got it.

Regarding mission-critical software in dangerous-prone contexts, there is good information from experts from the Apollo program on http://www.htius.com/

Ha! interesting, thank you for the link.

Edit: skimming through the paper, really really solid material. Much appreciated.


> (my agenda, for transparency: I want to send SOC's in space on tiny RISC-V satellites, and the lowest layers of those should be 100% error-free because there's no going physically there to reboot a working shell, remote is all we have.)

Speaking from a bit of experience at Satellogic as well as folklore, trying to make the lowest levels 100% error-free isn't a good strategy. A better strategy is to make the lowest levels capable of recovering from the errors that will occur most frequently. Radiation is going to flip bits; processors are going to fail and sometimes hang; batteries are going to go low; temperatures are going to exceed specifications. If your system is built on the assumption that the lowest layers are going to be 100% error-free, you won't give sufficient attention to handling those errors when your assumption inevitably turns out to be wrong.

One suggestion: include a remotely-triggerable reset sequence in a hardware state machine. A 4-bit state machine driven by 4-bit symbols will work reliably if your channel error rate is small compared to one error per 16 symbols, and it has a false positive trigger rate of 5.4 × 10⁻²⁰. (This is of course vulnerable to malicious DoS attacks if a malicious party learns the 64-bit reset code, but in practice those have historically been an enormously smaller concern than satellites failing randomly in ways that a reset switch can correct.)

It's worth thinking through the fault tree of that reset mechanism. It needs to use omnidirectional antennas, for example, because otherwise it's dependent on attitude control. It needs to be on all the time, not just when you're passing over ground stations, because otherwise it depends on the clock and whatever kind of navigational system you have. It needs to be unencrypted, because otherwise it depends on your encryption protocol, which typically also involves clocks. It unavoidably depends on some kind of power source, but you can connect it directly to the solar panels and/or batteries, rather than through a switch. You probably want to use logic that can tolerate a fair bit of uncontrolled variation of the power supply voltage, not, say, TTL. But then you need like 4 flip-flops and a couple dozen gates. It can fail, but it's simple enough that you can make it highly reliable, unlike a RISC-V.

So, don't think in terms of making the bottom level 100% reliable. You won't get there. Think in terms of how to prevent inevitable unreliability from snowballing, how to make the satellite resilient against inevitable damage and malfunctions, as well as reducing that bottom-level unreliability to an absolute minimum.

As for blockchains, I think they're a very pragmatic solution to serious problems that are otherwise unsolvable: how can I send money to a friend in Venezuela? How can refugees carry their money safely without it being confiscated by pirates, corrupt police, or immigration authorities? How can people pay for illegal drugs without meeting in person with the vendors? How can we fund Wikileaks so they have the resources to transport Ed Snowden to safety? How can we fund Sci-Hub so that knowledge is available to everyone and not lost? Even international remittances to family members work enormously better with Bitcoin than with Western Union or SWIFT, particularly between countries with some degree of unfriendly relations.

It's a similar approach to that with satellites: we know there are bad actors in the financial system, and we want to engage in transactions with them, without giving them the opportunity to sell our credit card numbers to the Russian Mafia or take all our money. We want to prevent the small amounts of inevitable unreliability from snowballing and destroying the entire civilization. Also, we want to minimize the number of attempted ripoffs, so that our defenses against them can be less costly. It turns out that thieves, unlike cosmic rays, respond to incentives, so by making thefts more difficult to pull off, we can also decrease the number of attempted thefts.

Obviously I don't trust Facebook to design the world financial system, though. They elected Trump.


Thanks so much for all the food for thought and recommendations. I had a hunch for "capable of recovering", and now I have a clearer roadmap (some critical steps). I see your way of thinking. This in particular:

> Think in terms of how to prevent inevitable unreliability from snowballing, how to make the satellite resilient against inevitable damage and malfunctions, as well as reducing that bottom-level unreliability to an absolute minimum.

High-availability of components seems like a given to me (e.g. have 2, 3, 4 batteries as distant from each other as possible, to mitigate loss if one gets shot by some collision or outright fails; rinse and repeat for every critical component, starting at circuit design). In another comment, user "pjc50" suggests to me “"lockstep" chips, such as TI Hercules”, and yet my intuition would be to put two redundant ones on each satellite, just for good measure.

But the ultimate economics of the project can be made to work, imho, because I envision a swarm of such tiny satellites actually, wherein you can afford to lose a few nodes now and then, if that makes all of them orders of magnitude cheaper — and thus you can send orders of magnitude more, overall. Brute-force the reliability issue by making them expendable to a reasonable degree. No human life means they can die for all we care, if it makes sense cost-wise. Hence why in that perspective, a discussion on the cost versus benefit of formal methods is of great interest.

Needless to say, any advanced draft of the project would inevitably have to be vetted by, actually co-developed with field experts like you. To each contributor their domain. I hope it will be a given too, since I'm thinking of a 100% open-source project (both software and hardware ideally). The more eyeballs...

____

I see your points about blockchain, and they make a lot of sense; the problem I see with current 'cryptos' in general (including the big one) is that they simply aren't welcomed by most decisive institutions, including those who combat on principle the problems you mention. Like, you see the EFF et. al defending e.g. E2E encryption, but none of that drive to promote bitcoin.

Thus that 'respectable' cryptocurrencies exist to solve these problems, sure, please, yesterday! — but that they reform the financial system by their very existence? There doesn't seem to be much appeal in the mainstream. I think it's a matter of time, how much each generation weighs demographically in the global opinion / decision power. For now, it's boomers, and they're not in that place.


I'm not a field expert; I didn't design Satellogic's satellites.

Satellogic's CubeBug design did use a TI Hercules TMS570 Cortex-R, and I think it's safe to say our experiences with chips like that were good — for the relatively restricted tasks they can perform. The automotive industry has a lot of lockstep chips available for it, because it's a mass market that demands reliability under harsh conditions.

I'd like to point out that what you're describing is pretty similar to Satellogic's original business plan.


I disagree. You're making two different arguments. The first is that PLT does not study suitability, but then you switch course and say that math analagously can define suitability for specific tasks but suitability is not (and this is my own words) a normed space.

Programming language theory does not, in fact, make value judgments, but it does make statements upon which value judgments can be built given context, which contradicts your first statement.


I think you've misread my comment. Also, of course theory could be used to make judgment given all the necessary context, but the context, in this case, is much harder to obtain than the theory. If we knew whether a language's type system being sound is greatly positive (for some metric), slightly positive, neutral, slightly negative or greatly negative, then the knowledge that a certain language is sound or not could be valuable in making certain judgments. But PLT does not even attempt to ask that question, and it seems to be a much harder question than the ones PLT does ask.

Don't get me wrong -- I think that PLT is a valuable theory, but people are often confused about what it actually studies. PLT most certainly cannot tell us whether certain language designs are desirable or not as that is not what the theory studies. It can't even tell us if certain language designs lead to more correct programs or programs that are easier to read. It does tell us that if certain typing rules are used, then, say, all types in the language can be inferred, or that a system with certain typing rules is sound.


I’m new to this space so I’m not sure how PLT is distinct from formal verification, but my view of it is that formal methods are another form of testing. Unit testing also does not guarantee that you’re testing the right things, but it’s a good way to catch issues post-compile but pre-release. Formal verification moves that so that you catch issues as part of the compilation step, which is just another tool in the general toolbox of finding errors before you ship them to your users. It’s not about proving that your spec is good, it’s about automatically generating tests that find certain types of bugs.

Formal methods are a large set of methods that allow you to analyze a program in ways that can verify it satisfies certain (correctness) properties. Most formal methods don't generate tests (although some do), but the term "compile-time" is not often used, as most formal methods are not part of the compiler.

There is some overlap between PLT and formal methods, as that some concepts studied in PLT -- most notably type systems -- can be used for formal verification, but the main thrust of formal methods uses other techniques. Both disciplines heavily rely on formal logic.


The NIST has a helpful decision tree to determine whether a blockchain architecture is appropriate for your use case.

https://www.nist.gov/publications/blockchain-technology-over... (page 42)


and someone turned it into a website http://doyouneedablockchain.com/#/1/0

>PLT does not have any tools whatsoever to determine which language is more or less suitable and it is not interested in that question.

You are slightly off here. Look at [1], it views over a metric which correlates with language utility and provides 1) result of the metric applied to various languages and 2) reason why some languages can be more of utility (less errors, for example).

[1] http://www.cs.stir.ac.uk/~kjt/techreps/pdf/TR141.pdf


I disagree that blockchain has almost no good use cases.

All a blockchain is, is a Merkle tree with a third party that ensures there is only one “main line”. That’s the use case.

All the other stuff — such as having all computers in the network watch every transaction — that’s the wasteful part. There are other ways to have a set of third party validators, that is a subset of the network watching a given merkle tree, simply says which branch is correct. SAFE network uses a Kademlia DHT with various mechanisms to ensure the validators have no say in what they watch and they need to “earn” their way into having any say about anything over time.

There are tons of useful properties, some of which are used in Merkle trees like git:

Immutability

Quick verification of tree membership using Merkle branch

Ability to download different parts from different actors (Bittorent)

Consensus and rule enforcement (eg chess game or any other evolving document)

Smart contracts and autonomous code execution

And much much more. The main problem is when people think of blockchain they think of a giant monolithic chain of blocks each of which contains ALL TRANSACTIONS IN THE NETWORK. This is wasteful.

What’s even more wasteful is when you have divisibility of the tokens, leading to an exponential growth of UTXOs and unlimited storage requirements. And each full node needs to verify the entire history of every transaction because then they get intertwined. That’s the ridiculous part.

And proof of work is the most wasteful thing of all. People need to get off of that!


> All a blockchain is, is a Merkle tree with a third party that ensures there is only one “main line”.

No. The "wasteful part" is also part of the definition of the blockchain.

Just because the word "blockchain" seems to describe only the data structure, doesn't mean that's the case.

The innovation was to couple a Merkle tree with a proof-of-work system. Both existed before in standalone forms. The Merkle tree in many, many applications, the proof-of-work for example in Hashcash to combat email spam.

Only the combination of both reached a level of novelty that deserved a new name.

(That we still haven't found a single compelling use case is another matter.)

What you mean is indeed succinctly and correctly named "Merkle tree" or "hash tree". It would have been wasteful to coin another word for it.


Blockchains are just a datastructure and proof of work is not a strict requirement. I believe the rising popularity of Proof of Stake blockchains will make that evident.

> Blockchains are just a datastructure

Again, wrong.

> proof of work is not a strict requirement. I believe the rising popularity of Proof of Stake blockchains will make that evident.

I thought for a second whether I should include PoS and other schemes, but decided (wrongly) that nobody would try to squeeze imaginary internet points out of being willfully misunderstanding.

But so be it: proof of stake is a different mechanism that fulfills the same role as proof of work in blockchains.


My comment had nothing to do with imaginary internet points. You just said being wasteful was part of the definition of a blockchain which is a common argument people like to make when promoting the false idea that blockchains are inherently bad for the environment. It felt important to point out that there are non-wasteful ways of accomplishing the same thing as PoW.

There is no requirement that blockchains must be secured by proof of work. Many blockchains use proof of stake. A blockchain is one or more Merkle Trees plus an external ledger saying what the last state of each tree is. The innovative piece is Consensus about this last thing. How it is achieved can vary. Ultimately consensus is achieved by the end users checking the results.

I would go even more minimalist and claim that a blockchain is any distributed consensus on an immutable log

Surely byzantine fault tolerance is a requirement for a distributed immutable log to be considered blockchain?

yep, I realize now that my definition was significantly lacking.

Regarding your claim that blockchain has almost no good use cases, I see news every week which disagrees.

Here is the first article I could find from just today which shows a great use case.

Coca Cola is expanding their blockchain trial project to a $21 billion-a-year supply chain because they found very significant savings.

https://www.coindesk.com/coca-cola-supply-chain-firm-to-expa...


The "efficiency savings" are probably because they've rejigged their processes to make them cleaner as part of the new initiative - NOT because of blockchain. If you control and trust your data source, blockchain is a really silly choice for storing your data. And the fact that SAP is the provider says it all really - them and their like are purveyors of superfluous hokum, sold to corporate managers that don't know any better.

Why would Coca-Cola need to use a block chain? They can run their own code on their own servers.

Because while the core innovation of blockchain is a trusted database a context without trust, the core benefit of blockchain is reduced transaction costs.

A blockchain is a singleton global computer of program code and data. It turns out this is sufficient to represent capital (money) on that computer.

In practice this results in dramatically reduced transaction costs. For example you can transfer money with an API call.

Another example is that an API can be "implemented with money". The https://uniswap.io/ API allows you to exchange currencies without any API keys or middlemen. But, the Uniswap API only works because there's a large amount of liquidity deposited by 3rd parties into its system, much like an inventory of food in a grocery store that shoppers can then access.

"What's the big deal?", you might say. "Uniswap sounds just like a bank. Who cares?". Well as I understand it Uniswap was built by a dude in a basement over a few months, not a multi-million dollar bank project. And you can integrate your app with Uniswap in an afternoon. If you don't think that's going to change the world then you might consider spending a few dozen hours reading https://weekinethereumnews.com/ and see if your opinion is stable :)


The key in your explanation is "without any middlemen". It's really easy to build a system that lets you send tokens to other people with low transaction costs: just trust someone to run a central database of all the account balances. This is how you can trade Team Fortress 2 hats with virtually no fees or settlement time, for example.

What blockchain ostensibly allows you to do is create that system without having to trust anyone to run the central database. But why would Coca-Cola ever need to do this? There will always be a trusted central party who can maintain the Coca-Cola bottle production database: the Coca-Cola company itself.


> the core benefit of blockchain is reduced transaction costs.

No, this is not true. It might incidentally currently be the case with, say, Bitcoin vs. $US, but there's nothing technical that inherently makes it so. In fact, as this article and countless others reiterate, from a technical perspective blockchain is almost always more costly.


Indeed. The main reason why a given bitcoin transaction might be cheaper is because nobody's checking to make sure it's actually legal.

It's the same reason why AirBnB is often cheaper: hosts don't pay business fees and don't follow other regulatory requirements like safety inspections.


Yes, I'd agree that, today, typically nobody is checking to make sure that an Ethereum transaction is legal.

But, it's important to understand that Ethereum is not a replacement for or opponent of KYC, AML, or checking if transactions are legal. Ethereum is a starting point, a base layer. It is necessary to rebuild all kinds of monetary controls into Ethereum's app layer. I support this development. Within 5-10 years all of the traditional controls will become available on various parts of Ethereum -- KYC, ability for government to freeze accounts, etc.


You just reminded me: A friend of a friend who worked at Autodesk told me once that their inter-office "mail" system was international and didn't go through customs.

Blockchain (ie. Ethereum) is, overall, a reducer of monetary and non-monetary transaction costs.

Example of reduced monetary transaction costs:

The current Ethereum gas price for a token transfer is $0.04 (https://ethgasstation.info/). Operations on Ethereum are relatively inexpensive and will become much cheaper with Ethereum v2 in a couple of years. The cost of Ethereum operations is orthogonal to the value of the money being manipulated. You can transfer $100M for $0.04.

Example of reduced non-monetary transaction costs:

Say you wanted to launch an eBay-type app with a single market for a dozen countries. Some customers may bring Euros, others Swiss Francs, some USD. Each market auction selects a currency from a whitelist. All bids for that auction must be in its selected currency. On Ethereum you can bid Swiss Francs which will be dynamically exchanged for USD. Unlike using your VISA for forex, this currency exchange is at the same price that whales and banks get; you pay no spread fee for being an end consumer. The non-monetary transaction cost part is that this Ethereum-based currency exchange API can be permissionlessly integrated in an afternoon.

2nd example of reduced non-monetary transaction costs:

https://www.pooltogether.us/ is a no-loss, audited, provably fair lottery built on Ethereum. The way the lottery works is -- you always get your money back, but your money bears interest during the lottery period, and all the interest goes to a single lottery winner. So the cost of the lottery is the time value of your money. PoolTogether is built on other Ethereum projects, that's why the lottery proceeds earn interest. The non-monetary transaction cost part is that PoolTogether is able to access interest-bearing deposits as easily as you can use jQuery. Also anyone in the world can participate - reduced cost of being in another country.


> In practice this results in dramatically reduced transaction costs. For example you can transfer money with an API call.

Just as a relational database with a web frontend would.


Isn’t the Coca-Cola trial was about supply chain management not transferring money? How is transaction cost relevant in this scenario?

Here's how monetary and non-monetary transaction costs are relevant to a Coca-Cola supply chain --

Blockchain (ie. Ethereum) excels when a heterogenous network of 3rd and 4th parties come together in a commons and interact permissionlessly based on a set of rules enforced by the system.

Ethereum is basically the World Wide Web with hyperlinks except with programs in general and money can live inside those programs.

An Ethereum-based supply chain system could do a lot of things. Not sure if these are valuable because I'm not a supply chain expert. But I can speculate.

Coca-Cola's Ethereum-based supply chain system could...

1. associate an eBay-style reputation with each supply chain participant. These reputations could then be used by more parties (eg. Pepsi) than if they were locked in a centralized system. Coca-Cola might retain the option to override any reputation.

2. provide a global audit trail of supply tracking. Similar to FedEx's "track my shipment", except you could transfer payment for supplies in the same blockchain transaction that updated their status. And those updates could automatically feed into the reputation system.

3. pay for supplies with a security. For example, Coca-Cola could tokenize a portion of its common stock and pay suppliers tokens of common stock in the same transaction that pays them currency. Or Coca-Cola could automatically distribute a pro rata stock grant to the entire supply chain each quarter. This could better align a global, heterogenous supply chain with the long term interests of Coca-Cola.

4. integrate with other Ethereum-based systems. For example supply payments held in escrow could automatically earn interest in https://compound.finance/. Payments crossing international borders could automatically exchange currencies at a very competitive, no-fee rate (eg. https://dex.ag/).

Should Coca-Cola embrace an Ethereum-based supply chain? I have no idea. But after spending hundreds of hours studying Ethereum I feel very confident that there is something very special going on here.


I'm sure they have plenty of cloud, Internet of Things, and AI. They might even have IoT AI in the cloud. Gotta stay buzzword compliant.

Blockchains are genuinely pretty promising for supply chain tracking. Distributed ledgers are most famously useful when you distrust the motives of a central authority like Bitcoin, but they're also a reasonable option if you distrust the accuracy of a a central administrator.

So for the purposes of supply tracking, different Coca-Cola facilities and shipments are 'individuals' which might report mistaken or dishonest results to the central server. And once somebody screws up, that trusted authority becomes a problem for others facilities to work around. For sufficiently large and restrictive systems (like US military supplies), correcting an error can become functionally impossible. At that point, you start resorting to awful two-wrongs-make-a-right solutions like entering fictional shipments which "move" a misdirected item from the listed location to the real one, or even redoing needless part replacements to match reality to documentation.

Obviously you can track supplies without a blockchain, and I'm sure a lot of Coke's actual gains came from tearing out a bad system and replacing it, but a blockchain does at least encourage good tracking design (one authoritative record per item, transactions are assessed by peers rather than immediately accepted by an authority). And if the goods in question have individual identifiers, "proof of work" is actually a great addition. It doesn't have to be computationally hard if you trust all the users, but you still get a system where "I am holding this and hitting it with an RFID scanner" is allowed to overrule any number of past errors regarding that object.

(Did Coke get all those gains? No idea. They probably just scrapped some legacy nonsense for a not-too-stupidly designed system.)



Wow, I'm surprised by the downvotes.

There are more details in this BI article mentioned in the coindesk one. I would have linked to it directly, but they have a paywall. https://www.businessinsider.com/coca-cola-bottlers-sap-scali...

As the article explains, they're expanding their test because it's demonstrated that they could reduce order-reconciliation duration from 50 days to just a few days. That's a big deal for a $21 billion-a-year supply chain.

So, for those of you who are so sure that blockchain is pointless end-of-story, it seems like you're not taking into account how messy and expensive it is to manage data and legal contracts with many small business entities throughout supply chains. But I'll read more into the links you sent with your arguments, thanks for that.


I don't disagree with the article per se, but I think many technologists are missing the forest for the trees when it comes to the motivations here. Or perhaps they're being charitable and are evaluating Libra on purely on its stated motivations rather than the ulterior motive that Libra can't name out loud. For example, take this quote:

"The possibility that a Libra node run by Mastercard or Andressen Horrowitz would suddenly start running malicious code is such a bizarre scenario to plan for and is better solved by simply enforcing protocol integrity and through non-technical (i.e. legal) means."

It goes without saying that Libra isn't concerned about any sort of security event at Mastercard or a16z. The purpose here is simply to evade and arbitrage different regulatory regimes. The plan is to build a ledger that no single party (or coalition of parties in a single legal jurisdiction) has the capacity to edit or alter, and to make such alterations so technically challenging that it's beyond the capacity of any single court or legislature to do so. Once this chain is up and running, it becomes a "fact of nature" that courts and policymakers will simply have to deal with.

It's a brilliant strategy from that perspective. It's going to be alternately fascinating and horrifying to see if it works.


>"The possibility that a Libra node run by Mastercard or Andressen Horrowitz would suddenly start running malicious code is such a bizarre scenario to plan for and is better solved by simply enforcing protocol integrity and through non-technical (i.e. legal) means."

In regards to that, I don't think it's any more bizarre than a SCADA system in an Iranian nuclear enrichment plant suddenly running malicious code. Cyberattacks against financial systems are a very real worry.

In the history of computing, there have been countless times when people casually dismissed a security concern only for it to bite them years later. And oftentimes, trying to add security after the fact is much less successful that designing it to be secure from the get-go. I'm not a fan of Facebook Libra, but I do think that it's misguided to criticize it for having a robust security model with properties that can be reasoned about mathematically.


To the best of my knowledge, no deployed banking system relies on immutable ledgers. They all rely on detection and revision of ledgers. Libra has chosen to do something fundamentally different, and the author is asking why.

The ledgers are officially immutable. Revisions are done as separate entries from the errors and both are expected to stay registered there.


Adding to the other posters, Monzo's ledger is immutable (this is in fact a design requirement, since Monzo's Cassandra environment makes it impossible to update rows atomically).

> The possibility that a Libra node run by Mastercard or Andressen Horowitz would suddenly start running malicious code is such a bizarre scenario

It doesn't seem like a bizarre scenario at all. Consider:

- Real-time control system nodes in Iran's nuclear energy project suddenly started running malicious code, destroying a large number of their centrifuges.

- Crypto AG cipher machines sold to embassies around the world were always running malicious code (or perhaps malicious circuits), giving the US a major advantage in 20th-century diplomacy.

- Google's and Facebook's data centers suddenly started running malicious code as part of the PRISM attack carried out by the NSA.

- Municipalities regularly pay ransomware ransoms because their computers have suddenly started running malicious code.

- Numerous nonprofits organizing conferences have discovered to their dismay that the code running on Paypal's servers is malicious to them, opportunistically freezing their accounts because they have recently received a lot of payments.

- We saw an article last week about how WeChat runs malicious code in their chat application to censor politically controversial images.

- What was the name of that popular NPM package for building pipelines that suddenly started running malicious code on everybody's servers looking for Bitcoin wallets? Was that this year or last year?

I don't think it's at all far-fetched to suggest that if Mastercard or Andreessen Horowitz is in a position to decide how much of other people's money they're entitled to, they might decide that the answer is "all of it". Paypal and Google do this on a regular basis. Here in Argentina, the banking system decided that the answer was "75% of it" in 2001, with respect to dollars; in the US, the Federal Government did precisely the same thing in 1933 with gold.

"Regulators" and "courts" and "legislatures" are indeed among the parties that might decide to confiscate the holdings of participants in some kind of financial system, using various rationalizations. (And that's why "simply enforcing protocol integrity…through legal means" is a less effective solution, as you say.) But they are far from the only ones.

Still, it seems like if that's Fecebutt's motivation, it would just back Bitcoin.


> I don't think it's at all far-fetched to suggest that if Mastercard or Andreessen Horowitz is in a position to decide how much of other people's money they're entitled to, they might decide that the answer is "all of it". Paypal and Google do this on a regular basis. Here in Argentina, the banking system decided that the answer was "75% of it" in 2001, with respect to dollars; in the US, the Federal Government did precisely the same thing in 1933 with gold.

The consensus model of blockchain would at least require Mastercard, Andreessen Horowitz and other validator nodes to be in agreement about stealing / being entitled to the money, which seems less likely. That said, this is one of the flaws of having only a few nodes validating transactions. Libra went this route instead of Bitcoin's proof of work consensus model. With Bitcoin's proof of work consensus, 51% of the miners in the world would have to collude in order to steal funds.

All of the comments I see that say blockchain has no use case, seem to miss another point you raise, in that Bitcoin can not be seized, even by government (like the US government did with Gold), unless they had miner control and the public didn't continue to operate and spin up new miner nodes. This seems unlikely considering that the miners could lose their funds, if they did not prevent a counterparty having 51% control of the network. This is a protection that Bitcoin has, that Libra does not. The government could go to corporations in the Libra association and tell them to do what they want.

In terms of other use cases, I think having an immutable ledger, that can't be changed by one party, or even a few parties with DB access, also seems like a compelling use case for blockchain / cryptocurrency. Libra isn't really a cryptocurrency by this standard though, although Bitcoin is.

Also, just to put it out there, Mastercard, PayPal, Stripe, Visa and a few others already have left the Libra association.


> The consensus model of blockchain would at least require Mastercard, Andreessen Horowitz and other validator nodes to be in agreement about stealing / being entitled to the money, which seems less likely.

Right, I think you, I, and Libra's developers are in agreement about this being a significant risk and one that using a blockchain effectively mitigates, in precisely the way you say, but Diehl and Green aren't.


+ FWIW, 51% of the mining power only allows you to double-spend, not arbitrarily modify the existing ledger.

+ Since Libra uses a HotStuff variant, you need to control 2/3+ of the voting power to violate safety, i.e., double-spend. In exchange, however, you only need to control 1/3+ to halt progress (liveness).


If you can halt progress, you can make any particular person's holdings impossible to spend (if you can identify them), by refusing to include any blocks that include transactions from them. That isn't quite as lucrative as simply confiscating someone's holdings, but it's close; you can demand a ransom of a sufficient fraction of their holdings, perhaps 5% to 50%, depending on human nature.

I wouldn't say it is quite the same threat model, but certainly a powerful attack vector if you happen to control 1/3+ of the voting power. In the unlikely event that someone does compromise 1/3+ of the voting power, the remaining validators can always hard fork to a new quorum, though this is an expensive and highly synchronized affair.

There was this story from a month ago:

https://news.ycombinator.com/item?id=21120956

A street vendor in canada was selling cuban coffee. They used "square canada" as a payment processor. Square canada, in turn, used the US bank JPMorgan as a back end. JPMorgan is required to enforce an embargo on money going into cuba. The seller and all the buyers were in canada, but because the money passed through a US bank, they vendor was locked out of thousands of dollars.

We live in a more globally connected world. That should not mean that everyone is (potentially) subject to every nation's laws. It also should not mean that no one is subject to any nation's laws. But enforcing the laws at boundaries seems a whole lot better than enforcing it at every checkpoint along the way. I will not, for example, get out of paying taxes because I received all my money over a blockchain. The sky won't fall.


Havinga bunch of US corporations run the global payment system won't solve this problem.

> The purpose here is simply to evade and arbitrage different regulatory regimes. The plan is to build a ledger that no single party (or coalition of parties in a single legal jurisdiction) has the capacity to edit or alter, and to make such alterations so technically challenging that it's beyond the capacity of any single court or legislature to do so.

If they respond to a legal demand saying “Our software won't let us comply”, do you really think that the answer will be “oh well, guess the law doesn't apply to you” and not “halt operations until you are in compliance with the law”?


That is precisely what Libra is banking on. We'll see if they're right.

You certainly aren't wrong to describe it as potentially horrifying.

Or, you know, legislators just ban it entirely until the changes are made.

Edit: Its also pretty ironic that the crypto currency is banking on "too big to fail."


North Korea has been trying that approach, but it has its drawbacks, as attractive as it seems in theory.

> The plan is to build a ledger that no single party (or coalition of parties in a single legal jurisdiction) has the capacity to edit or alter, and to make such alterations so technically challenging that it's beyond the capacity of any single court or legislature to do so.

I'm not seeing why they need a new cryptocurrency for this. If you grow Bitcoin (or any other existing cryptocurrency) to be "too big to fail", it would also have all these properties. Is starting from scratch with zero users easier?


Bitcoin has some pretty significant drawbacks. The main one being that it is severely limited in the number of on chain transactions that it can do.

And that the proposed "solutions", such as the Lightning Network, to this are nowhere near completed (and have indeed suffered from doomsday "someone can steal all my money" type bugs as of recently)


I think the idea is to have a US-controlled currency before some chinese-controlled currency catches on , particularly in Africa

If the US supported cryptocurrency, particularly Bitcoin, instead of considering regulation, we could keep up with innovation at least, instead of having other countries leave us in the dust in terms of developing the technology.

If Libra is integrated into Facebook Messenger as planned it would have more users on day one than Bitcoin has after a decade.

I get that, but if Bitcoin is integrated into Facebook messenger then it would also see a huge boost in users.

Therein lies a problem: there are no facts of nature. The only things that could be said to be a fact in nature is to describe how you observe something to work. The observations may change, how it works may change, and neither of these things force nature to be a certain way.

It would not be impossible for someone to change the observations of the blockchain, manipulate its inputs and outputs, or even change how it operates, as software and hardware are imperfect, along with how we use them. Furthermore, even if the system were technically perfect, political and economic systems do not have to abide by their rules. An oppressive state can simply decide not to deal with them, as the world is in no way bound to being purely rational at all times.

It's like trying to "fix" a painting by using philosophy. One is a series of logical arguments, and the other is paint on canvas; certainly they can influence each other, but they can't solve each other's problems.


Thank you.

Well said and paints a clear lack of understanding from OP on the value this provides.


This post is nonsense. 1) FB claims they want to eventually make it a public network. Therefore, they'll need BFT sooner or later. 2) No blockchain can match a centralized system (WeChat, Visa, et al). 3) Very few languages have a formal semantics written in Coq. 4) So what if the crypto lib has additional functions? Algorand has VRF code in their repo. Is the whole project doomed now? And it would take a huge effort to verify a crypto lib ala Everest. Even cryptographers don't do it. 5) In the US many banks are in a consortium called Zelle which allows retail customers to send money around. It has finality; can't be reversed.

I don't give 2 shits about Libra. Gov'ts will clobber it anyway. But these criticisms are mostly "why didn't Libra do the latest bleeding edge researchy thing that no-one else does?" Because they had to ship this century, that's why.


> Libra has no capacity for consumer protection mechanisms.

You can replace Libra quote above with your favorite cryptocurrency and that pretty much sums up what I feel on the crypto space.


One can build any amount of consumer protection required into most cryptocurrencies. In their bare form they don't have that, exactly like cash doesn't have that.

One can use the desired amount of third parties for fund protection.

The new thing about cryptocurrencies, is that some of these third-party services can be made non-custodial, so the third-party never has access to your funds. They arbiter, but not transmit.


What are you talking about? Fiat currency isn't reprogrammable--how would you implement a consumer protection mechanism on it?

Pick your favorite consumer protection mechanism, and I'll pick my favorite cryptocurrency and let's compare:

A) the up front implemention cost of the protection mechanism in fiat currency

B) the up front implemention cost of the protection mechanism in the crypto

C) the year-over-year cost in fiat

D) the year over year cost in crypto

I bet A and C are going to be in the hundreds of millions, if not billions, while B is going to be in the tens of millions and D is going to be in the thousands of dollars.

Here's an example of the kind of thing I'm talking about:

https://www.ccn.com/cardano-to-help-ethiopia-grow-coffee-usi...

Consider the recent news regarding contaminated black market vape cartridges--that's going to be insanely expensive to fix, because there's nothing about high schoolers passing around dollars after school that gives those students any insight into the supply chain of the cartridges they're buying. But if some vape company did with their supply chain what Cardano is trying to do with coffee, they could provide consumers (and authorities) a way to trace their products back to their origins, a capability that already would have saved several lives.

It's not surprising that Libra is a dumpster fire, but let's not throw the baby out with the bathwater.


You've made some assumptions here about the impact of a verified supply chain for vape cartridges, and it sounds like you're proposing a solution to a non-existent problem.

A reputable supplier of vape cartridges gains nothing from having a verified supply chain - people trust them anyway and they maintain a supply of good cartridges to protect that reputation.

A non-reputable supplier of vape cartridges doesn't care, and only sells to people who don't care what they're buying. Their lack of good reputation doesn't matter, and their lack of a verifiable supply chain won't matter either.

If the customer wants a dodgy black market vape cartridge, that's what they'll buy. If they want a quality one from a reputable source, they can already do this.


That's a fair point. But I mentioned high schoolers in my example because they can't buy from a reputable source since they're not old enough (not that I think they should be vaping at all, but supply and demand...).

But still, the perpetrators here are not technically capable of pulling off a convincing forgery, so if the kids were sensitive to this issue in the first place then I guess there would indeed be no reason to insert a blockchain into the situation.

So let's take a scenario where the middle men are indeed capable of convincing forgeries: sneakers. Cardano is working on a supply chain integration there too:

https://beincrypto.com/new-balance-to-use-cardano-technology...

And my wife's students (she's a teacher) are really into their sneakers. They're also largely unaware that chain/web of trust type measures exist at all for validation of product authenticity--but if Nike started doing this, they'd become experts overnight. And then, after school, when offered a sketchy vape product, they might think twice.

Maybe that's a weak argument too. Still, I like the ability to use the same channels you money would flow through to determine if your upcoming purchase came from where you think it did, and I think that that's a capability that's going to be hard for fiat currency to mimic.


>I bet A and C are going to be in the hundreds of millions, if not billions, while B is going to be in the tens of millions and D is going to be in the thousands of dollars.

Bitcoin is incredibly wasteful. If we're talking about digital transactions we already have credit cards and digital transfers. A block chain isn't required for those benefits.

Supply chain tracking is interesting but literally no one is talking about that. Its also an even harder problem. Its really not verifiable at all because you're now relying on data from outside the chain, ie how many widgets were created, whether the label on the real life widget is unique or forged, etc.


I expect the waste of Bitcoin will not carry forward into its successors. Nobody has yet proven that high value proof of stake currencies can scale, but I bet they will.

Also, what kind of consumer protections would you want to see in a currency? It seems to me that ensuring that you actually got what you paid for pretty much sums it up but I'm probably overlooking something.


> they could provide consumers (and authorities) a way to trace their products back to their origins, a capability that already would have saved several lives.

Why would blockchain be required for that? In case of drugs and food there recalls are being done using batch number of day of production.


Suppose somebody named Mary wants to sell you a vape cartridge which has a serial number, and they also give your a website which accepts the serial number and tells you:

> Joe runs the factory and gave this cartridge to Bob. Bob have it to Mary.

The assumption is that if you buy it then the site will then say:

> And Mary gave it to aiCeivi9

What reason do you have to believe that the website contents are accurate or that people accepting vape cartridges from Joe Bob and Mary are still alive?

In the blockchain case, you can see that Joe Bob and Mary have sold thousands of these and that very few of the transactions are in dispute over authenticity. Also, rather than trusting some faceless 4.6 star rating you can see which of the people that supplied the rating are ones that you know, and which of those are ones that you trust. You can also see if you trust people who trust Joe Bob and Mary. This let's you make a more informed decision about the quality of the thing you're buying.


Yea, having third parties capable of reversing transactions has an associated cost. But, it’s Billions relative to fraud, so Billions ends up being cheap.

Yeah, for now it's all we have, so I guess the juice is worth the squeeze. But in a world where our cryptocurrencies are a bit more mature I think we can stop being reactive by reversing transactions and start being preventative by using their structure to build chains and webs of trust that make fraud harder to commit up front, rather than just making it harder to get away with.

The amounts to giving the advantage to fraudsters until something that doesn't exist is invented.

Blockchains are irrevocable and unalterable, which removes two useful tools (reversing and changing transactions), and replaces them with nothing workable.


> Blockchains are irrevocable and unalterable

But so are events in the real world. When you think about "reversing or changing a transaction" what you really mean is creating a new transaction that brings an equivalent amount back to the person that paid it.

This is done in the real world by knowing the identity of the receiver person or entity and threatening them with consequences if the money is not returned. It seems to me more a problem of being able to identify the parties in a transaction rather than of mutability of the ledger.


The faults that people are attributing to blockchain are also applicable to cash, if you go the market and buy some magic beans from dodgy Dave with cash you won't be getting your money back. If you buy something from a reputable supplier with cash/blockchain then you would probably get a refund if you had some form of receipt.

Sure, cash has some of the same shortcomings of BTC, but that's why cash isn't touted as the future of payments and in modern economies is mostly used for transactions which are either small or illegal, and isn't considered to be a smart way of storing or carrying large amounts of money.

The initial question was whether cryptocurrencies have the capacity for consumer protection measures, not whether those measures are ready for prime time. I'm just arguing that when they're ready, they'll be more efficient than what we have, so we should encourage their development in the meantime (though maybe not in Libra's particular case).

Also, there are limits on how old a transaction can be when a bank goes and rewrites history. In my experience the limit is about six months. Transactions older than than are considered settled.

If this is a feature that people want in a cryptocurrency, it shouldn't be hard to achieve with smart contracts. The problem right now is just that you need a solid settlement layer before you work on features supporting the politics of rejiggering unsettled transactions.

Also, provided there is community consensus (this differs based on whether your currency is proof of work or proof is stake) blockchains can be altered after-the-fact to undo a threat. It happens: https://spectrum.ieee.org/tech-talk/telecom/internet/ethereu...

It's just that for most currencies, it's currently a political affair that occurs at a risk to the stability of the overall system. But there are (what appear to be) good technical solutions to that (decred, for example, has a neat approach to post-fork-attempt stability https://medium.com/decred/detailed-analysis-of-decred-fork-r...).

As far as deciding whether a transaction ought to be settled in the first place, people are experimenting with some really interesting approaches (https://particl.wiki/learn/market/mad-escrow for instance).

It's probably not time to forget your bank password and switch to crypto, but if we want to eventually have good solutions to our fraud problems then we should be working to shape crypto into the system we want, not dismissing it as inflexible.


Out of that entire list, the one thing that exists now is the Ethereum blockchain fix, and that basically required global agreement to respond to a single theft. That's not particularly scalable.

The rest of the things on the list aren't in significant use at the moment, and might never be. Measures that are not ready for prime-time are as good as nonexistent. We're talking about money here!


> Measures that are not ready for prime-time are as good as nonexistent

That's not how technology works. To become fruitful it requires patience and investment. Nobody is saying you have to be an early adopter of these currencies.

> We're talking about money here!

...and particularly whether it's current feature set is amenable to fraud prevention. I work at a traditional payments company and the waste is infuriating--there has to be a better way.


> Nobody is saying you have to be an early adopter of these currencies.

This here is probably the source of our disagreement. As far as I can tell, tons of people actually are saying "get in now", which means we're no longer in the patience and investment stage, and any deficiencies in the cryptocurrency ecosystem have real consequences.


Yeah, I think you're right. There are all of these people who bought in because they just wanted to make money, and they're getting impatient and trying to get the rest of the world in too.

I'm interested in the tech and I want to work on it--so I'm just arguing that we shouldn't dismiss it.

If you have the interest, now might be a good time to diversify in that direction, but it's nowhere near ready to compete with fiat currency in terms of usage by the masses.


There are generally 3 kinds of fraud

1. A scammer cheating someone out of their life savings through social engineering

2. A central bank "unjustly" inflating currency and giving the newly printed money to specific industry/people etc

3. A person paying for merchandise with a stolen credit card or refusing payment after services/good is delivered.

Fiat solves 1 and 3 (recovery) does not think 2 is a problem.

Crypto solves 2 and 3. People say it is meant for solving 1.


The logical followup question would be which problem is actually the most serious?

It's difficult to argue that low and predictable rates of USD inflation has had more of an adverse impact on holders of USD over the last few years than crypto fraud on holders of crypto.

Indeed, given that most cryptoassets have actually lost significant amounts of value against the USD since the end of 2017, it's difficult even to argue that the crypto world has adequately solved 2


Your wallet can be stolen and when using crypto so it doesn't solve 3 very well.

Credit card fraud is regulated such that the consumer is protected after a manageable amount of theft, $50 in the US last I looked. If you use a bank you receive some protections but at that point the implantation is abstracted and not that relevant.

IMO Cryrto is significantly worse in case 3.


If you use a smart contract wallet you can actually protect yourself from losing all your money even if someone gets your private key.

You can set a withdrawal limit of say, $50 and you can set a few recovery addresses (of friends, family or other personal wallets).

So if I have $10,000 in my ethereum wallet and I post my private key in every forum and every chatroom on the internet then the most I lose is $50. Before 24 hours pass I send my remaining $9,950 to a pre-defined recovery address which is excluded from the withdrawal limit.

Consumer protections are actually pretty good. The trouble is getting these tools in the hands of users.


The cost of doing that is making the wallet largely useless for purchasing anything over 50$. The independent ability to send all your money to a recovery address is a new security risk. Further, you need to notice the issue which means you could be our far more than 50$ unless you happen to be checking how much is in the wallet constantly.

So, this is strictly worse than using a credit card.


>The cost of doing that is making the wallet largely useless for purchasing anything over 50$.

I don't think I ever spend that much in a single day though. The limit will differ from person to person.

>The independent ability to send all your money to a recovery address is a new security risk.

It's not new and it's not a risk. You could always send all your money to another address. And the recovery addresses are meant to be trusted. I could send my money to a secondary wallet sitting in a safe or to a trusted family member. That isn't a risk.

>Further, you need to notice the issue which means you could be our far more than 50$ unless you happen to be checking how much is in the wallet constantly.

Your balance is printed in big letters whenever you open the wallet. It's hard to not notice really. There's also these things called automatic notifications, not difficult to set up.

>So, this is strictly worse than using a credit card.

But this is supposed to replace cash not credit cards. It is objectively better than cash in terms of consumer protections.


It’s the “independent ability” that’s new. Without that you just need to keep your key safe. With it your key could be safe and you still end up with a problem.

> objectively better than cash

Many people don’t use cash just credit cards. They might keep 50$ or less in their wallets, but that’s about it.

Further, Billions of people can hack my PC, only those I come into contact with can take my cash.


You still need the private key to make a transfer. This is for cases when you key is stolen.

>Many people don’t use cash just credit cards. They might keep 50$ or less in their wallets, but that’s about it.

Because they value convenience over privacy and freedom.

>Further, Billions of people can hack my PC, only those I come into contact with can take my cash.

Even if someone managed to gain access to your wallet they would still have to decrypt your private key. So, it isn't an issue if you use a strong password.


Who says it is meant for solving case 1? I have literally never heard that as a selling point, and I hung around the crypto crowd for quite a while.

Maybe in the tech community but there was a lot of misunderstanding around concepts like "everything is secure and traceable" and what that implied.

In general the answer for consumer protection is to use any escrow service. Multi-signature schemes can even prevent you from a bad escrow, as long as no two parties are colluding.

In general the need for consumer protection mechanisms is of course already a failing of the justice system. Virtually every case where consumer protection is useful is covered by existing laws and shouldn't require anything from the payment facilitator.


> In general the answer for consumer protection is to use any escrow service.

No, it's not, because the problem being addressed with consumer protection is power imbalance in the marketplace; mutually voluntary mechanisms cannot be the answer to it.

Also, escrow notionally solves exactly the same problem as cryptocurrency: providing the ability to rely on a transaction with an untrusted counterparty. If you need escrow for anything with cryptocurrency, the cryptocurrency is not doing the one thing that is it's defining purpose. So, why cryptocurrency at all?


> Virtually every case where consumer protection is useful is covered by existing laws and shouldn't require anything...

...except a lawyer, more money and a non-trivial part of your life.


Yes, that’s the failing. Ideally, justice should be cheaper in both time and monetary costs.

I don’t know of any state that has ever tried to optimize for a low-overhead justice system “in the small” (e.g. many, more efficient, more convenient small-claims courts; or the introduction of another triage layer of “medium-claims” courts, where most all civil contractual disputes would land) which is an interesting fact all by itself. Speedy+cheap justice goes somewhat hand-in-hand with things like red-tape reduction, in that both are attempts to “oil the wheels” of the state apparatus—yet you’d never hear the same people (e.g. libertarians) espouse both.


Aren't small-claims courts precisely an attempt to optimize for a low-overhead justice system in the small? Doubtless you feel they don't succeed or don't go far enough, but it seems odd to claim that nobody's tried.

That's what cryptocurrencies allow, since Bitcoin. People can pick a dispute mediator who gets involved and can reverse the transaction only if there's a dispute. It's all done with OP_CHECKMULTISIG. The mediator is not an escrow service and can't steal the money. So you end up with a competitive market of tiny "courts".

> I don’t know of any state that has ever tried to optimize for a low-overhead justice system “in the small”

Both small-claims courts themselves and rules giving effect to binding arbitration agreements are attempts to do that, as are many specialized, domain-specific administrative forums.


But if you are going to introduce a third-party anyway, why use crypto?

Because of crypto’s ”monetary policy”. And the point is you are not obligated to use a third party.

because even with a third party, it's still much cheaper, secure, and private.

I mean, except that it's actually not cheaper, you've just moved the trust and security problems around (to your own opsec and your trust in the counterparty) and the privacy most cryptocurrencies provide is pseudonymity rather than anonoymity...

But sure, other than all those things.


but I think, with traditional money exchange the reliance is on regulatory and legal enforcement, rather than making the technology itself watertight, which increases the risk profile, and thus cost. You can do this in traditional approaches because you just pass on these costs and there's no need to improve beyond what people are willing to pay. Crypto represents an asymptote for what a rigorously applied technological approach (as opposed to beaureaucratic/legal approach) can do, using commodity equipment, which is much more available at the endpoints of these transactions now ... (because most people have high-powered, always connected computers available to them).

> but I think, with traditional money exchange the reliance is on regulatory and legal enforcement, rather than making the technology itself watertight,

A lot of money and research has gone into this, and the tech is being tightened up all the time.

> which increases the risk profile, and thus cost.

Except the cost isn't actually higher.

> You can do this in traditional approaches because you just pass on these costs and there's no need to improve beyond what people are willing to pay.

In the US perhaps, not in places where these costs are regulated.

> Crypto represents...

A much more expensive and more risky way to do basically anything, because you have neither solved security nor trust problems, you've just moved them.


> A lot of money and research has gone into this, and the tech is being tightened up all the time.

Yeah, but it's not being deployed at consumer level, nor are the savings being passed on.

> A much more expensive and more risky way to do basically anything

Risky, yeah. Like any new technology. But transaction cost is cheaper.

Sorry, I didn't mean to get involved in some holy war. I can see there's people with a lot vested in both sides of the debate. I'm neither. Just pointing out the obvious.


> Yeah, but it's not being deployed at consumer level, nor are the savings being passed on.

It absolutely is, not sure where you're getting your ideas from here.

> Risky, yeah. Like any new technology. But transaction cost is cheaper.

It's not risky because it's new technology, it's risky because you've passed all the risk to the end user and their opsec. The cost per transaction of something like the VISA network is utterly tiny compared to most cryptocurrency transactions, particularly if you factor in the externalities (mining) and it's a pretty small cost to the merchant as well in places where regulation has been put in place (i.e. not the US). To the consumer it's free. See also bank transfers in most advanced economies.

> Just pointing out the obvious.

You're not pointing out anything that's actually true though.


> it's risky because you've passed all the risk to the end user and their opsec.

This was exactly my point. With pervasive crypto end users can assume this to a greater degree, whether you believe that appropriate or not.

Visa e.g. requires specialist terminal equipment, complicated issuer and acquirer and banking relationships and is heavily dependent on legal enforcement wherever you use it. Try using mastercard or visa in a third world country.

For “actual” money transfer, compare with western union where toure talking about ~10% fee.

> ... nothing that’s actually true

Oh you’re a rude one. But I’m sure to somebody you’re very special. Good boy.


>This was exactly my point.

It's not a point you made before this, you just said it was "more secure" and "cheaper" without qualification. Now you're just trotting out 'coiner memes about the third world and Western Union.

(You can use Visa in 200 countries by the way)

Have a nice evening, I'm done here.


I'm confused by your last paragraph. How does the existence of laws that protect consumers actually protect consumers if the payment systems we use don't allow reversals?

If an ebay seller delivers me a faulty product I can sue them for not delivering what I payed for and when I win the court orders them to pay the money back (plus my expenses). If they don't pay I can go after their assets.

It's basically the same how a business would recover money from a bad supplier. With small claims court it's even somewhat efficient for small sums, but of course still orders of magnitude more work than a credit card dispute.


That's an enormous burden. If we require lawsuits to enforce even minor cases of consumer protection, I argue that there is effectively no actual consumer protection.

The law not working for "minor cases" (which includes cases over hundreds of dollars) is exactly the failing of the justice system I mentioned. This isn't universal, in many places you can get theft of a Mars bar or possession of tiny amounts of drugs prosecuted very effectively, all cases much more minor than the typical credit card dispute.

So, rather than having a financial system with basic consumer protections (which would allow transaction reversals and contestation), you would prefer we have a criminal justice system which aggressively enforces and prosecutes minor offenses? I think there is a weak connection between the two, particularly since most situations where we do things like dispute a credit card charge are civil matters. And, as stated above, requiring civil suits for something like disputing a credit card charge is an enormous burden, and puts the burden on the consumer. (Which will also disproportionally affect the poor.)

Ironically enough, the inability to regulate decentralized currencies is often touted as a strength, especially from the point of view of a consumer.

until you get caught in a pump-and-dump scam that is ...

Anyone saying blanket "we don't need consumer protection mechanisms" because it's a "failing" of something or the other must be taking the piss.

As a parent of children, consumer protections are overall a "good thing" to help prevent bad actors from doing harm. It goes for any space that can do harm to you or your family in any way.

It's why you have exchanges like Gemini in place that seek to be the "most regulated" crypto exchange - to instill trust in the service and market... and your investment.

That being said there is still a ways to go... it will be interesting to see if the market can solve some of these issues through natural growth and competition.


I think it's weird how family gets invoked to change the moral gravity of an issue. It suggests orphaned children, for instance, should care less about humanity.

It's not about the moral gravity but about an illustrative example of a particular category of people who have access to devices where buying stuff is possible - children. Our marketplace has at least some customers that clearly are unable to protect themselves and need protection, e.g. these children. This places some contraints on the properties that this marketplace must have - e.g. reversals must be possible without undue burden. And this places some limitations on what technologies can/can't provide these properties and thus would/wouldn't be suitable.

It's a good point, about children and reversing transactions.

Even when everyone's an adult, consumer protections can be very important -- e.g. to prevent things like lending crises.

Invoking family to make an ethical point is something I see often, in many different circumstances.


How does being an orphan make one care less about humanity?

Personally, I want orphans (as defined as minors with no living parents) to be well-cared for regardless, either by relatives or by an outside agency ("orphanage" or foster home).


Absolutely, that's my point. We should care about people, period. Whether one has a family should be irrelevant to the question of how to engineer a society.

Thanks for clarifying. I agree 100%.

That's by design. Cryptocurrencies are meant to be used like cash. Cash doesn't have consumer protection mechanisms.

cryptocurrencies are replacing cash, they arent supposed to have protections. other services will be built on top of them

The legacy monetary system may have nice consumer protections on the micro scale, but it fails on the macro scale:

1. Inflation eats 2-4% of everyone's purchasing power each year, disproportionately affecting the poor. This inflation is desired by the central planners.

2. The American system of banking regulations introduces systemic risk into the financial sector.

Sure, if you can prove that your transaction was fraudulent, you can get a couple thousand bucks back into your savings account. But you'll have to gamble your money in the market to beat inflation just to break even. And then, every so often, the entire system will collapse and destroy trillions of dollars of wealth.

As an aside, you also get the bonus of having political control of banking relationships, so you can conveniently freeze and take the money of those who find the political winds aren't blowing their way.

Edit: PLEASE don't take this is an argument for Libra (sorry I wasn't clear), merely an argument for sound monetary policy and decentralization.


I’m consistently amazed by how many people here dont understand inflation at all and are confident they need to throw out the financial system before they figure it out.

Inflation is an incentive to invest. If you invest in literally anything other than cash under your mattress inflation stops mattering completely to you, and all you have to think about is constant dollar returns. That’s why we have it. So long as your wages track inflation (broadly they do) you benefit from implicit depreciation in your debt obligations. It costs you nothing if you don’t hold cash like you’re supposed to, and it costs you effectively nothing if you hold money in a savings account as many offer 1.8% interest these days, matching inflation.

What nobody arguing for a deflationary currency can tell me is why they think money should be worth more later solely by virtue of them having gotten it first. A risk-free guaranteed return at the expense of the next generation! It makes no sense.

This is basic ECON 101. High school level home ec probably. Not some big conspiracy perpetrated by the central banking cabal.


Bitcoin in particular seems to be driven by people who are really obsessed with the idea of having a store of wealth with zero risk (assuming they never make a mistake handling it, or get tricked by swindlers, which I think they're seriously underestimating).

But as you say, inflation is a tool; it motivates investment. Expropriation is a tool; I don't see how eliminating it is appealing at all to the billions of people with no savings at all. They may want to take money from the wealthy at some point.

If there's ever a point where "the masses" really understand bitcoin, and how a few HODLers possess most of it's value, they're not going to want it.


> savings account as many offer 1.8% interest these days

I don't know where you live but I doubt it's western Europe. In the Netherlands for example, the highest interest rate available [1] is a lousy 0.2%.

[1] https://www.spaarrente.nl/


I’m referring to a US audience (Ally offers 1.8%). These rates are designed to incentivize you to allocate capital accordingly. The point is you not put much of your money there. Depending on how you feel about the future exchange rates between the EUR and USD you’re welcome to invest in US treasuries, for instance.

I'm not sure that is "why we have it". It sure is why the central banks are pumping money into the system (they quite rightly want people and companies to invest), but it's far from clear why we have it a priori.

The answer is simple - trivial even.

As I mentioned before a dollar today should be worth more than a dollar next year since, if you are smart, you can make that dollar work for you for a whole year.

Hence the inflation.


No, not "hence the inflation".

You have not explained why; you've explained why you think we should have inflation. And why someone thinks something should be is a long way from explaining why something is.


But I did.

The same amount will be worth less in the future! That's really all there is to it. A certain amount of money is not value, money is a number that has a value associated with it, that value will continuously change depending on what you can do with it.

Inflation (deflation) simply reflect the change in value for doing something today versus tomorrow. When the economy works well you have inflation, when the economy works badly it becomes deflation.


> The same amount will be worth less in the future! ... When the economy works well you have inflation, when the economy works badly it becomes deflation.

This is backward, actually. If the economy is working well then withholding consumption (i.e. saving) means that more goods are available for others to either consume or invest. The portion that ends up invested should result in higher future productivity and, in the absence of currency supply manipulation, decreasing prices (deflation), a natural reward for producing more than one consumes.

Only in an economy which is consuming capital—investing so little that productivity is actually decreasing—should prices increase over time. In that case we need more investment to bump up production—the investments don't need to be all that good to be better than the status quo, and anything with a positive return is superior to just waiting for prices to increase further. In the deflationary case, however, we should be more selective about where we invest. It's better for the economy to simply hold our funds in reserve rather than actively compete against more competent investors to expend resources—not just money, but the labor and material it represents—on ventures that will provide lower-than-average returns.

If we expand the currency supply to manufacture inflation and thus make it look like we need more investment when we actually don't then the net result is malinvestment, wasted resources, and a lower average rate of return. It's not good for the economy or the average citizen, but the extra transactions and higher nominal prices directly benefit the bankers and tax collectors with influence over monetary policy.


Excellent point -

Low inflation is a good thing - it is a sign of a properly functioning economy. A dollar today should be worth more than a dollar tomorrow.

Too much inflation is not a good thing is usually sign of systemic failures of trust in a system.

The two stages are usually conflated in many discussions.


> why they think money should be worth more later

Because it is my choice? If you want to use an inflationary currency, go ahead. But other people should have the option of opting out, and using a different currency, with different properties


That’s not a reason. Give me a justification for why you think money should be worth more later. Because it would be sweet for you isn’t really compelling. I gave you a reason for inflation and your counter was “because I would be rich” - see if you can make a better case and if not, maybe reconsider your position.

> Give me a justification for why you think money should be worth more later

My justification is freedom of choice. Or, in other words, the reason is "because I want it to, and I am justified in making my own free decisions".

I believe it is people's right to choose which money system that they want, and you should not have the right to prevent other people's voluntary choice to use a different money system.

I am justifying why people should be allowed to make their own decisions about what money system that they use.

Freedom of choice is a valuable principle in and of itself.

You cannot just dismiss this important concept of freedom of choice. It applies to all parts of society.

The only justification I need, is that I do not want people's freedoms to be infrindged upon.


> My justification is freedom of choice. Or, in other words, the reason is "because I want it to, and I am justified in making my own free decisions".

You're intentionally not answering my question which is: explain to me what benefit to society could potentially arise from money being worth more over time?

I'm not saying you can't do it I'm asking you why. It seems you and everyone else can't point to anything other than making yourselves wealthy.


The benefit is that people are allowed to use money of their own choosing.

Freedom is something that many people care about and value.

The benefit is also that different people want different things in their own money system, and a diversity of things and monetary systems is good, merely because of the money systems being different.

There is value in having differing money systems with different properties (merely because they are different!), and letting the market decide which one is best.

So a direct answer to your question is "because it is different from what we have now", and more diversity in monetary properties is a good thing.


Different isn’t always better.

It is better for the purpose of allowing people to make their own free choices, and letting the market decide what's best.

The mere act of providing alternative options is a good thing.


Dropping a flaming turd on someone’s porch is an alternative to putting up with someone but it’s strictly worse for obvious reasons. Providing that alternative is not better if you can’t even begin to speculate on why it might be better. The entirety of your case is "#freedom" and you refuse to speculate on why it might actually be better. Nobody's arguing with your right to do stupid things, I'm just asking why your suggestion might be better and you keep refusing to even speculate.

> is an alternative to putting up with someone but it’s strictly worse for obvious reasons

If the person has the choice of this happening, and chooses, for whatever reason, to have this happen to them, then yes, I would say that it is positive, and not negative.

I am specifically referring to people voluntarily choosing something for themselves. And no matter how ridiculous, I'd still say that it is positive, if they choose to do it.

> Nobody's arguing with your right to do stupid things

I am saying that if someone chooses to do it, then it is not stupid. People can have whatever reasons that they want, for doing anything, and I am not going to argue against it.


> I am saying that if someone chooses to do it, then it is not stupid.

That may be the worst argument I’ve heard in support of anything ever. People do stupid things a lot and I’m your model that’s never true solely because they chose to do that. I don’t think you’re arguing in good faith, anymore.


I am absolutely arguing in good faith. If people want the free choice to choose a different set of properties, for their own money, then the fact that they want it is a good enough reason, in an of itself, for such a money to exist.

No other reason or justification is necessary. “Because people want it”, is good enough.

Freedom of choice is something, in an of itself, that people value. And because people want something, is a good enough reason, alone, such that it is justified.

People can want things that you think are “stupid” or “ridiculous” things if they want, and your opinion that they are stupid or ridiculous, does not overrule their own value system and wants.

There are basically no situation where your opinion on this, would matter. It would be like saying “Why do you like ice cream! That’s stupid!”. Such a statement is just meaningless. The fact that you think it is stupid that someone else likes ice cream is irrelevant and doesn’t matter.

The fact that I just like ice cream, is a good enough reason, in an of itself, for me liking ice cream. Me liking something, or not liking something, is circularly, self evidently true, and I need no other justification or reason for it. I like it, because I like it, and that’s it.

The fact that I like ice cream, is axiomatically true, because I am the one who decides what I like, not other people, and so it make no sense, and is just a meaningless statement to say that it is “stupid” that I like ice cream.


> No other reason or justification is necessary. “Because people want it”, is good enough.

Some people want to dump chemicals in the river, and yet, when its bad for society we decide not to let them do that, and I'm totally okay with that. Which is why if you want to make a broad social decision like changing how money works (even allowing for a new option) that conversation needs to be had on merits. We weigh pros and cons. Then we decide. That's how society works broadly, at least in a democracy.

Remember, your freedoms end where my rights begin. In so long as something doesn't impact anyone else, they're free to have at it. Once it starts to impact those around them, it's no longer solely their decision -- and degree matters. If you want to eat a ton of ice cream, do it. If you want to change the way a broad swath of society functions, we need to have a chit-chat. Much of our day to day is in between.


> Which is why if you want to make a broad social decision like changing how money works

No, I don't want to force you to use any money that you don't like.

It is pretty silly for you to argue that people are infrindging on other people's rights, just because they prefer to use a different method of voluntarily exchange with other people.

It is interesting that you are jumping to this argument, because you previously tried to pretend like you didn't want to force other people to make certain decisions for themselves, and now you are totally backtracking on that.

It seems like you didn't really mean anything by those statements previously then?

If you cared so much about what type of paper that other people are using voluntarily, so much that you are willing to compare it to dumping chemicals in water, then why didn't you just say that from the beginning instead of pretending like you didn't care about what voluntary decisions other people were making with their own means of exchange?

Freedom is a valuable property in and of itself, and that is the only justification I need, to say that this is a good thing.


Since this has been long and winding let me try and simplify:

- I asked you to attempt to justify the positive social value and implications of a deflationary currency, and you replied a number of times "freedom" and told me that there was no such thing as a stupid decision because someone made it. You re-iterated "freedom" as though it was an answer to my question many times, and then said that "freedom" was intrinsically awesome, which is again, not an answer to my question.

- I don't care if some people want to barter. I was trying to have a conversation about whether a deflationary currency is good for society as a whole, and what the impact would be if it took over more of society. I made numerous arguments why this would be a bad thing, to which you again replied "#freedom".

- Freedom of choice is intrinsically valuable, what people choose to do with it may or may not be, and worth a conversation on a case by case basis. Especially if impacts a lot of people, and we as a society reserve the right to curtail said choices if they don't make sense. Nobody's arguing you shouldn't be able to choose things, and similarly, you can't possibly believe anything you choose is good because you chose it, and that choices shouldn't be curtailed if they lead to negative outcomes. You know, like crimes.

- I also made the argument that the current model provides maximum freedom of choice by decoupling a long-term store of value from a unit of exchange and account. That way you can choose what you want to back your personal economy with. It also represents a voting mechanism for capital allocation. Switching to a "backed" model for currency removes the freedom by stapling back together two things that don't need to be stapled together and drags in a number of negative social consequences. Unbundling represents maximum freedom, something I figured you'd be a fan of.


> Nobody's arguing you shouldn't be able to choose things

You made a comparison to people's right to swing their fist, and that this right ends. So in other words, you did, at the very least imply that what currency people used should not be their choice.

So yes, it does seem like you want to take away people's choices on what money they should be aloud to you.

You can't have it both ways here. Don't say "I am not trying to take away your choice!", And then at the same time say that the right should be curtailed.

> Switching to a "backed" model for currency removes the freedom by stapling back together two things that don't need to be stapled together

Or... You could use it if you want, and don't use it if you don't want.

> Unbundling represents maximum freedom

Or... A person could individually decide if they want it bundled, or not bundled, for themselves, by choosing which currency to use.

That is the thing that maximizes personal choice.


I won’t reply until you answer my question. You’re intentionally trying not to understand it appears. If switching to a different currency model leads to negative social consequences then we should have that conversation. That’s where the freedom to and from intersect. If you can’t see that there’s no point in talking.

You broke the site guidelines with this comment. Please review https://news.ycombinator.com/newsguidelines.html and stick to the rules when posting here.

Also, please avoid these long tit-for-tat arguments that don't go anywhere and only continue because it's hard to let go. They don't interest other readers, and they end in ill feeling.


> That’s where the freedom to and from intersect.

Cool. Fine. Then you should have just said that, and you shouldn't have said the previous stuff about not wanting to prevent people from making decisions about what money that they voluntarily choose to use.

Can't have it both ways.


Please avoid these long tit-for-tag arguments on HN. They almost always turn into arguments about the argument itself, and get unpleasant if not aggressive at the end. None of this is good reading or interesting to other users.

https://news.ycombinator.com/newsguidelines.html


Alright, will do.

Short version: Deflation benefits society by preventing malinvestment in ventures with a below-average (i.e., below-deflation) rate of return which would divert labor and materials from actually profitable investments.

Long version: https://news.ycombinator.com/item?id=21457114


[flagged]


Ok round 2.

> “inflation is theft”

I think you didn’t read anything I wrote because my core focus is that inflation is 100% avoidable through investment which is the behavior explicitly being incentivized via, to your point, a stick and not a carrot approach.

It’s theft like taxation is theft: it’s not.

> a GSE creates money from nothing

Yes that’s the point. The economy gets bigger and more people are born and the money supply expands. To not do so would create deflationary pressure which, again, creates a risk free return for existing money holders for no justifiable reason. In fact you haven’t justified it either, you say it as though it’s self evident.

If you don’t believe the value of existing money should go up then you agree the money supply must expand to match economic growth and population growth. All were then arguing about is how much.

> money grubbing banks...

Banks are paid for the role they serve in the economy: liquidity and security. Look at how much they make, it’s all publicly disclosed. Banks make around a 1% return on deposits (you know, the collateral for this lending thing). Almost nothing. It’s a shit business. The remaining “free magic money” is cost of doing business and paid out to employees, landlords, suppliers and so on. You know, business expenses.


> It’s theft like taxation is theft: it’s not.

Taxation is also theft.

> If you don’t believe the value of existing money should go up then you agree the money supply must expand to match economic growth and population growth.

The unit of exchange (money/currency) should remain relatively constant. That's the point. Maybe it will go up some, maybe it will go down some, but having it manipulated for the profit of large banks is theft.

It's a complete perversion of free market banking and benefits the few over the many.

> 100% avoidable through investment

Not true, unless you're talking about investing in financial instruments. Investing in almost anything else subjects you to property taxes almost everywhere.


> Taxation is also theft.

Aw you’re one of those! It’s all starting to make sense. https://www.newyorker.com/humor/daily-shouts/l-p-d-libertari...

I sure hope you don’t need the army, police, schools, fire, water, roads, air and so on. Most adults came to realize at some point that some things need to be provided as a group, and they’re not free. For those everyone has to pony up.

If you don’t want to pay taxes there’s a few countries you can do that in but in most paying taxes is social contact: it’s a take all the benefits and pay taxes, or leave to a society with a contact you view more amiable.

> unit of exchange should remain relatively constant.

Well if I have 100 people and my economy had $100, and Steve has $20 of them, then Steve invented the steam train and 100,000,000 more people show up then the value of my dollar has gone up millions of times over and Steve is now the single wealthiest human on earth even though he’s only got $20. To keep it stable I’d make more dollars. If you see how this works on the macro timescale you must see how it translates to the micro.

> to the profit of the large banks

We’re paying them to provide liquidity to the economy via lending and again they only make 1% on assets on deposit. It’s not the system you seem to think it is.

> avoidable...

You just have to factor that in to the investment minimum yield. This isn’t rocket science. You are not guaranteed a risk-free return on capital. To ease this Trump is considering indexing capital gains against inflation, another approach (which I wholeheartedly disagree with).


> I sure hope you don’t need the army, police, schools, fire, water, roads, air and so on. Most adults came to realize at some point that some things need to be provided as a group, and they’re not free. For those everyone has to pony up.

I'd be willing to pay for some of those. Lots of people have an inability to separate 'goods and services required for society' and 'government.'

Society can have all of those things, there need not be a government and there need not be taxes.

> paying taxes is social contact

This is just an empty phrase used as propaganda. There's no such thing as a 'social contract.' Taxes are taken under threat of physical harm and death, always have been.

> To keep it stable I’d make more dollars

This has the presumption that you, or someone should be in charge of what money is worth. That should not be a function of the government.


> This is just an empty phrase used as propaganda. There's no such thing as a 'social contract.' Taxes are taken under threat of physical harm and death, always have been.

Tell that to the judge haha

> Society can have all of those things, there need not be a government and there need not be taxes.

Yeah no, not really.

> This has the presumption that you, or someone should be in charge of what money is worth. That should not be a function of the government.

You’ve again completely ignored my point which is that your share of the value of the economy if the dollars in the system remain constant goes up by inaction. Maintaining a constant Value of the dollar as you yourself suggested requires active management. Once you agree on that we’re just chatting degrees.


> Maintaining a constant Value of the dollar as you yourself suggested requires active management

I don't think that it requires any management. If the value of a currency increases, then the ratio of currency to goods decreases. If a currency became so valuable that people can't trade with it, they'd trade with something else.


You argued for a constant value of a single dollar and then told me what would happen if the value of the currency increases, which is the opposite of what you were telling me before. If it does increase then it leads to massively disproportionate accumulation of wealth for existing holders, which you cannot justify.

> This has the presumption that you, or someone should be in charge of what money is worth. That should not be a function of the government.

That's (a) very much your opinion stated as self-evident and (b) not currently the job of the government, it's the job of an independent private central bank specifically designed to separate monetary policy from fiscal policy and the whims of the elected officials.

The Federal Reserve is federal in the same way that Federal Express is: it's not. Doesn't this line up with the libertarian ethos?


> The Federal Reserve is federal in the same way that Federal Express is: it's not

It's analogous to hiring a contractor. The government wants a program, it simply outsourced the operation to another entity.

Here's what I actually said:

> The unit of exchange (money/currency) should remain relatively constant. That's the point. Maybe it will go up some, maybe it will go down some, but having it manipulated for the profit of large banks is theft.

It should remain relatively constant. That's the entire point of a unit of exchange. There might be periods where the relative demand for the currency outstrips the supply, and if it becomes such a dramatic situation as your presented in your contrived example, then it would cease to be useful as a currency, and something else would/should become the currency.

> (b) not currently the job of the government

Congress has the power to coin and regulate value, per the US constitution. I'm not sure how we ended up talking about the US specifically here, I'm referring to governments generally.


> It's analogous to hiring a contractor. The government wants a program, it simply outsourced the operation to another entity.

No, it isn't, explicitly so. The reason the Fed operates at arms-length is explicitly to avoid having the government set monetary policy. This degree of stability allows businesses to plan and reduces their currency risk. Otherwise you face D vs. R every 4-8 years totally reversing monetary policy.

> It should remain relatively constant. That's the entire point of a unit of exchange. There might be periods where the relative demand for the currency outstrips the supply, and if it becomes such a dramatic situation as your presented in your contrived example, then it would cease to be useful as a currency, and something else would/should become the currency.

Yes, and my whole point is to avoid a large dramatic change you apply small amounts of pressure over time. This is called managing the money supply. And once you agree that this kind of adjustment achieves your objective of "relatively" stable currency (it does), then we can talk degrees, but we're now having a very different conversation.

> Congress has the power to coin and regulate value, per the US constitution. I'm not sure how we ended up talking about the US specifically here, I'm referring to governments generally.

Government handles the fiscal policy, federal reserve handles monetary policy. They're explicitly separated. This is true in many developed countries in the world operating under a central banking model, including Canada (Bank of Canada), and all of Europe (ECB) and England (Bank of England -- privately owned from 1694 to 1946).


> Government handles the fiscal policy, federal reserve handles monetary policy.

This is entirely semantics.

> And once you agree that this kind of adjustment achieves your objective of "relatively" stable currency

I can prove to you that it doesn't result in a stable currency. See the purchasing power of the US dollar over the last 100 years.

> This is called managing the money supply

That's what you call it. I call it theft. If an individual does not have the power to create money, then neither should a group of individuals, regardless of what color robes they're wearing.

> Otherwise you face D vs. R every 4-8 years totally reversing monetary policy

I don't think there's any risk there. They're the same party, both are spend-spend-spend.


Simply being born is no justification for stealing by fiat. People should be rewarded for saving capital. Forcing people to gamble their money only to maintain the wealth they already earned is not ethical. It is sufficient for people to be incentivized to spend money on things that are useful or interesting and to invest for higher return where the investment is sound.

EDIT: the money stolen by fiat is not evenly redistributed, and definitely not in favour of the poorest.


People should be rewarded for saving value not cash. That’s the point. Invest the cash and problem solved.

Accumulation of savings is valuable as it can be used for capital investment at the best opportunity. Forcing people to spend prematurely on crappy mal-investment is not optimal. Spending for the sake of spending is not optimal investment.

You're telling me in the market today, there's absolutely nowhere for you to productively allocate capital for an expected return of over 1.8% per annum? Even though Ally offers savings accounts that yield 1.8% per annum? And treasury bills yields are 2.2%? Remember, a savings account or CD are also valid investments assuming they yield more than inflation. What I'm saying you shouldn't do is store literal cash in a mattress. A savings account serves as collateral for loans which are in fact productive investments.

A savings account pays below the real inflation rate here in New Zealand. The cost of housing has increased hundreds of percent over the last 20 years thanks to central bank monetary policy that artificially manipulate interest rates. A shoebox apartment is now ridiculously unaffordable. I can put money into savings that loses money after inflation, and funds a system that is fundamentally corrupt, which leaves me worse off overall than if we had a real free market without centralized manipulation of currency and interest rates.

This centralized artificial interference has caused major imbalances in the economy here. It didn't work for the Soviet Union and it's not working in the "capitalist" world either.


> A savings account pays below the real inflation rate here in New Zealand.

That's a market force designed to disincentivize that investment. Nobody's guaranteed a risk-free return, or even retention of value in what's not a long-term store of value. Pick something else to invest it in.

For what it's worth, NZ's inflation rate is tracking at 1.5% per annum and Rabobank offers a 2.4% online savings account.

> The cost of housing has increased hundreds of percent over the last 20 years thanks to central bank monetary policy that artificially manipulate interest rates. A shoebox apartment is now ridiculously unaffordable.

Cost of housing is a total red herring and largely unrelated to this conversation. Cost of housing is overwhelmingly supply-side driven. If you want cheaper houses demand municipalities permit new construction. You can always build up, there's no limit on that. Build enough, the cost will drop substantially. There's plenty of markets that exemplify this effect, like Houston and Tokyo. SF on the other hand routinely forbids totally reasonable construction and the pricing speaks for itself.

The cost of housing roughly boils down to this: the narrative is that housing "should be an investment" and that it "should go up over time" so the directionality is accepted. Homeowners tend to be older, wealthier, have deeper ties to the community and vote. Renters tend to be younger, less affluent, transient and don't vote. As such policies are enacted that benefit homeowners. This includes zoning restrictions, building restrictions and tax deductions benefiting homeowners. Too few new units are built relative to influx of population, and price goes up. It's simple market economics.

Want to solve the problem? Get people to vote to allow more housing.

For what it's worth in the US housing prices on average tend to track inflation. It's certain municipalities like SF and NYC that far exceed due to asinine policy. The monetary policy was the same in all regions of the US so why then would pricing changes be uncorrelated across markets?

> I can put money into savings that loses money after inflation, and funds a system that is fundamentally corrupt, which leaves me worse off overall than if we had a real free market without centralized manipulation of currency and interest rates.

New Zealand ranks routinely as the world's least corrupt government. A system that maintains stability of money and debases it over time slowly and predictably helps keep wealth inequality down, and benefits the less well off by inflating away debts and encourages productive allocation of capital.

> This centralized artificial interference has caused major imbalances in the economy here. It didn't work for the Soviet Union and it's not working in the "capitalist" world either.

This doesn't make sense. The Soviet Union fell for all sorts of reasons that weren't inflation related or even central planning related. Authoritarian states tend to do so in time.

I'd say it's working just fine, inflation is roughly 1-2% per annum and incredibly well controlled. We've got plenty of actual problems (like the cost of housing), though, this isn't one of them.


New Zealands actual inflation is way, way higher than 1.5%. You are very naive and gullible if you believe that number. You also have no idea how the cost of housing is determined. Central banks have artificially manipulated interest rates to an extremely low level, where savers are forced to malinvest in things such as housing, which is also encouraged by mortgage rates being way below the reasonable cost, because again, the interest rates are artificially low. The reserve bank governor even admitted they were at fault.

> New Zealands actual inflation is way, way higher than 1.5%. You are very naive and gullible if you believe that number.

It's defined with a mathematical formula based on a basket of goods. You haven't provided any sources other than your gut and a baseless assertion about gullibility. I have references [1, 2].

> You also have no idea how the cost of housing is determined.

It's literally on the investopedia write-up. [3] And also, it's basic, fundamental market economics. More supply, price goes down. Less supply, price goes up assuming constant demand. Sure lending makes unaffordable places more affordable. That doesn't really matter if you flood the market with supply though does it? [4]

FTA [4]: "Tokyo rent is cheaper because it builds lots of housing. Every year, the city adds about 100,000 new homes. This increase has more than kept up with the increase in population, leading to a housing surplus." Average rent is $2.50/sqft in Tokyo vs $6/sqft in SF. And they have negative interest rates. Supply. Matters.

> Central banks have artificially manipulated interest rates to an extremely low level.

Set them at a low level. That's their job. To maintain a consistent, low, predictable rate of inflation.

> The reserve bank governor even admitted they were at fault.

Look I'm not saying they're perfect, I'm saying inflation has little to do with the very real issues you call out.

[1] https://www.rbnz.govt.nz/monetary-policy/inflation

[2] https://www.stats.govt.nz/information-releases/consumers-pri...

[3] https://www.investopedia.com/ask/answers/040215/how-does-law...

[4] https://www.orlandosentinel.com/business/os-ed-california-ho...


You are fundamentally off the mark at every single point. The basket of goods specifically excludes things such as housing which is the by far the number one cost of living here, which leaves that "inflation" figure as an utterly meaningless metric.

>> Set them at a low level. That's their job. To maintain a consistent, low, predictable rate of inflation.

Your reading comprehension failed here. I am referring to control of interest rates, which has far reaching consequences beyond inflation. This is the "fatal conceit" of socialist minded people such as yourself. No one on this planet is qualified to control interest rates.


As for the Soviet Union - I was talking about their centralized / planned economy. Socialism. We have a socialist monetary system in the West.

Yes New Zealand is the least corrupt government in the world, apparently, and despite that, the divide between rich and poor is increasing. It has become way less affordable to live here since the mid 2000's and is not getting any easier. We are locked in to a corrupt global system. Our monetary policy is a slave to the global socialist monetary system.


(traditional, not "American") Socialism isn't central planning it's the state owning the means of production. To my knowledge, there's no concerted effort in New Zealand to have the government own the means of production.

> ...the divide between rich and poor is increasing...

For sure, and it shouldn't. At least in the US it really started to get bad after Reagan dropped the top income tax from 90% to the current 35%. And the estate tax from 80% to the current basically-zero. Nothing to do with inflation, in fact, inflation would reduce this spread as it would disproportionately affect those with more money, and aid those with debt.

Who would have thought that letting the wealthy keep more money would lead to the wealthy having more money? Shocking.

> We are locked in to a corrupt global system.

Explanation needed.

> Our monetary policy is a slave to the global socialist monetary system.

Is the global government (United Nations?!) trying to own the means of production?


Listen man, you’re obviously a very smart guy (I’m assuming your gender), but it seems that you haven’t been exposed much to the “Austrian School” of economics.

Keynesian theory is the orthodox economic religion, which you have fully subscribed to. Austrians are heretics and we are burned at the stake for our beliefs.

I’ve read both sides. The Austrian school is far more compelling and rational. It cuts through the obscurantist bullshit with precision.

To me, Keynesian theory with its justification for continued economic chaos, is for those suffering from “battered wife syndrome”. To accept the Keynesian excuses, is akin to a wife getting brutally raped and beaten by her husband every day, while telling everyone “It’s OK, I deserve it, he knows what’s best for me”.

If you haven’t seriously examined the Austrian side of the debate, have a look at this:

https://mises.org/library/austrian-theory-money

https://mises.org/library/one-lesson

https://mises.org/books-library

EDIT: In the first link, read the paragraph that begins with "In the face of overwhelming arguments against inflationary expansion ..." . The entire article is good but that really gets to the point of inflation.


The money supply is centrally planned. The interest rates are centrally planned. Therefore I call it a socialist monetary system.

> It is a pivot from a company whose advertising business is so embroiled in scandal and corruption that it has no choice but to try to diversify into payments and credit scoring to survive.

It's amazing to me that nearly every single expert that weighs in on this topic completely misses the intention behind Libra. Facebook wants to make money off of it's massive user gains in the developing world (like hundreds of millions of users massive), but many of those people don't have digital money right now. Libra wants to be their digital money so Facebook can sell more expensive ads.

It's really as simple as that. Move on from the "why" and talk about the rest of it which is the actually problematic part.


I'm confused about this article. I've read it, and it's skeptical of libra (which is fine) but makes handwavy and non concrete arguments about it's soundness. Can anyone tell me why it's so popular, besides just bashing Facebook?

It's bashing both Facebook AND blockchains using handwavy faux-intellectual arguments, and is thus in the exact sweet spot of Hacker News upvotability.

Because, facebook. He make a good point about privacy but even that was kinda handwavy.

It appears in the case of the Move language it doesn't actually contain a 'linear type system'.

> The claim of the Move language to use of linear types appears to be unsubstantiated by a dive into the compiler as it reveals no such typechecker logic. As far as one can tell the whitepaper cites the canonical literature from Girard and Pierce and does nothing of the sort in the actual implementation.


I've been thinking and it actually makes a lot of sense for new ways to be created to transfer money and pay for things (though I'm highly skeptical of having it operated by Facebook and of the ad-hoc pump-and-dump-prone and whitewashing-and-tax-avoidance-friendly properties of cryptocurrencies). But when you think about it, it's insane that transferring money is something credit cards and payment processors can regularly charge a fee of 1.5-3.0% on. In order to change some numbers in a couple databases... The marginal cost of this ought to be less than pennies. The only reason they can even partially justify this is because of fraud and credit, and the costs associated with dealing with that. But what if we had a way to transfer money between entities that mandated two factor authentication to prevent fraud, and sidestepped the whole credit thing by only working if you had the money? (or required that you took the loan elsewhere, so the account that actually transfers the money does not have to deal with credit at all). Verify that the person is who they claim to be, and that they have the money needed, then do the transaction - no more, no less. No chargebacks, no credit checks, no fraud checks. Why isn't this a thing?

The actual cost of processing payment is far less than 1.5-3% - especially with debit cards (which actually implement most of what you think "is not a thing") but even when dealing with credit cards and the necessity to include some overhead for countering card fraud and chargeback costs and whatnot, the total cost is far lower, below 1%.

How can I know this? Well, how do all these credit cards that offer cashback bonuses in the realm of typically 1-2% make this unbelievable feat of paying you for paying stuff happen? They pay for it out of the 2-3% that they get for the transaction. Let's take 2.5% as a middle ground and deduce 2% cashback, that leaves us with 0.5% from which the actual costs of doing the payment have to be covered - and the profits to be paid to shareholders, of course.

Also, Europe has this nice regulation in place limiting credit and debit card interchange fees to 0.3% for credit and 0.2% for debit cards. This regulation has been in effect for a few years already, and the only thing that disappeared were these 2%-cashback-on-every-payment cards (or similar offerings, like granting airplane miles of about the same value). Debit and credit card issuers seem to be entirely able to operate under these conditions, which means that their actual costs of doing business must be under these fractions of a percent.


The credit card companies' share of the entire economy is problematic, but few companies could handle the threats of fraud in e-commerce as well, for as little. There's a very harsh tradeoff between ease-of-use and fraud protection, and it's not an easy problem to solve. Doing it for 3% is beyond most companies' (or governments') capacity. It may provide the incumbents with a healthy profit, but few if any newcomers would be able to get their costs low enough to survive on that.

Like a debit card?

>The possibility that a Libra node run by Mastercard or Andressen Horrowitz would suddenly start running malicious code is such a bizarre scenario to plan for and is better solved by simply enforcing protocol integrity and through non-technical (i.e. legal) means.

Refusing to rely on legal means of enforcement suggests the project views itself supreme over all national policies, laws and regulations. On the one hand, such a concept is usually the domain of autocrats, despots, and organized crime-- odd for a tech startup. On the other hand, it would suggest a system more secure from outside legal interference than, say, MasterCard. This detail tends to add a datapoint explaining the lack of support from global ministers of finance....


Would like to point that the work done by the curve25519 team is solid, Henry is also behind the ristretto RFC. The reason Facebook used the BFT algorithm is for pure regulatory purposes (they needed a Blockchain therefore a solid consensus algorithm with failure tolerance). The cryptographic constructions used are quite solid unlike OP claims.

The article also incorrectly claims that curve25519-dalek has never had security audits. It's had at least two by reputable cryptography auditing firms (Quarkslab and NCC), the former of which is public (the NCC audit was done at the request of my former employer and is private, but like the Quarkslab audit only found minor issues):

https://blog.quarkslab.com/security-audit-of-dalek-libraries...


Can you elaborte? You sould like you may have a unique perspective.

This post is filled with a large number of factual inaccuracies, so numerous I wrote a blog post in response: https://tonyarcieri.com/factual-inaccuracies-of-facebook-lib...

You should submit that

Someone else already did. You can find it here: https://news.ycombinator.com/newest

Direct link to the submission: https://news.ycombinator.com/item?id=21455739

I think the start problem of Libra was to go with the ideas that: 1. One globally _uniform_ payment system is needed/wanted/makes sense. (It doesn't make sense due to regulation, is not needed, as long as a non uniform system still can make cross area transactions reasonable fast. It is not wanted (by some) as it put consumers at additional risk wrt. data protection and international conflicts). 2. Blockchain makes sense and "fixes everything", somehow, magically

Sure the current payment systems have a lot of problems. But many come from complicated regulations which makes building such systems harder not incompetent bank IT. I fear a single company can't do to much here. Especially because banking software has to be reliable from the get-to-go.


There are many valid criticisms of Libra, even if we restrict our view to the code. This article contains none of them.

However, use of a BFT consensus algorithm, newish crypto libraries, and missing but promised features in an unlaunched product are not reasonable criticisms.

BFT algorithms that scale well (Libra's will, that's one thing Facebook is good at) are great for public financial networks. All large companies end up implementing their own crypto libraries and for some (Google, Facebook) this ends up a net positive for the open source community.

Consumer protection will be there, Facebook is not going to knowingly violate local regulations in such an obvious way.


Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: