Interview of Donald McIntyre by Omar Faridi on CryptoInsider.
1) Please explain, in detail, why a chain reorganization of Bitcoin (BTC), as recommended by Binance CEO, would be wrong or a bad idea.
A chain reorganization as Changpeng Zhao, the CEO of Binance, referred to is not either wrong or right. Bitcoin and any proof of work blockchain can be reorganized with little work within a short time window, generally accepted as 6 confirmations or less in Bitcoin, after which point it becomes exponentially difficult, therefore more costly. This is why the whole Binance ordeal was so short, it either demanded a quick reaction, or bribing miners to recover the funds doing a reorg was not even economical for the victim (Binance) nor the bribed miners. This actually shows the power of proof of work after a certain amount of confirmations.
I wrote it is not wrong or right because it is an original design assumption and everybody knows that, with a majority computing power, a pow blockchain can be reorganized. That is a standing threat to coin receivers, even if done by well known full node operators such as Binance and recognizable miners, to any chain of that type and it is widely acknowledged since 2008 as it was written and proved mathematically by Satoshi Nakamoto in the Bitcoin white paper.
The only protection against reorgs is waiting sufficient confirmations. For example, and ironically, for the hacker who stole the 7000 BTC from Binance, he/she should wait for at least 3 to 5 days of confirmations to minimize the threat of Binance colluding with miners to reorganize the chain and steal back the coins. After that, the hacker can feel secure at least on-chain. The consequences off-chain are that he/she will be hiding or running from the law for the rest of his/her life.
It is important to note that the Bitcoin white paper actually describes the invention of proof of work as a new and improved consensus mechanism, not a digital currency, those existed long before. The brilliant invention was the consensus mechanism which provides four things:
- As mentioned, consensus between machines with a 50% fault tolerance (all others have 33%-1 fault tolerance).
- A cost to producing the blocks which adds a barrier to printing currency spuriously.
- Security by making it difficult computationally to rewrite the chain.
- The same computational cost as a signal to the market that provides a reference for the price of the currency in the economy.
The stupidity of the CEO of Binance, and the silly anti-Bitcoin and anti-pow people who suggested him the reorg alternative, was to think that he would be able to collude with miners in a few hours to recover the funds.
This is because not only Bitcoin is protected on-chain by proof of work as described above, but it is also protected by what is called the “coordination problem”.
That is, when you have operators of a $114 billion decentralized, permissionless, cross border network, with developers, miners and full nodes in different nations and different cultures, spread all over the world in the tens of thousands, and all with high incentives for the network to maintain its integrity to guarantee their property, thus livelihood and businesses, it is extremely unlikely that you will lead them into damaging the network just to recover your petty 7000 BTC which you lost because of your own incompetence in the first place.
Even if a group of miners were to decide to help, they would have gotten a strong counter reaction by developers and full node operators globally, which is a much larger threat to their businesses, in terms of capital and future cash flow, than any reward Binance could have given them. It is much more profitable to remain an honest node and miner in Bitcoin than to go through the trouble and coordination cost of reorganizing the chain. Ethereum Classic already demonstrated that.
It is important to note that a reorg can, in fact, be pulled if the highly unlikely coordination mentioned above actually happens. However, even with the partial reputational loss of the system, the only victim would be the hacker who stole the funds. This is because, even if all miners were to collude with Binance, the only thing they would be able to do is to double spend the money the hacker stole. This means, they cannot change network rules, modify monetary policy, steal money from other accounts nor do anything else for that matter.
2) Can you compare the events that took place at the time of the DAO Attack with Ethereum hack and what we learned from that event (specifically, in how it would be relevant to this most recent event).
TheDAO attack and subsequent chain reversion was orders of magnitude worse than what was suggested by the CEO of Binance. That event was an out of protocol, community wide coordinated attack to the whole network. It was an agreement by a great majority of miners, full node operators and developers to implement an irregular state change to delete the funds by hand from one account, to transfer them to another account (or group of accounts). All without the consent or using the private key of the owner. This was possible in Ethereum because it has a very high profile and strong leader in Vitalik Buterin that sets direction, a foundation with a lot of money who pays for a lot of the development and marketing of the network, therefore has direct influence in the roadmap of the system, and has a philosophy of subjective security, therefore maintain high coordination between the decision makers of the system, which is a reduced and culturally homogeneous group.
A reorg using 50%+ of hashing power, as suggested by Binance, would just be a local problem between the receiver of the funds and the sender, not a system wide violation of the protocol. And, again, it is a known vulnerability that receivers can protect from by simply waiting more confirmations. In a 51% attack, nobody can delete or move funds without the private keys.
3) What do you think would be the main lessons learned from this event as far as Cybersecurity and Digital Assets are concerned?
There is nothing new to learn as reorgs with 50%+ are a known vulnerability. There are, however, many opportunists in the industry (such as Vitalik Buterin, Emin Gün Sirer, Andrew Miller, Washington Sanchez, Vlad Zamfir, Amir Taaki, and Angela Walch amongst many other anti-Bitcoin and nanti-pow people) saying that the suggested reorg by Changpeng Zhao is some sort of final proof that Bitcoin is centralized. To that I tell them that proof of 51% attacks was already given in the October 31st of 2008 white paper by Satoshi Nakamoto, that proof of stake has only 33%-1 fault tolerance and is much more centralized, and, in any case, they actually didn’t get any new proof in this particular episode because it was just one arrogant CEO with a group of Bitcoin skepticals doing intellectual posturing about an imaginary reorg that **never** happened.
4) Does this recent Binance hack suggest that crypto exchanges are highly unsafe, and we need maybe completely different infrastructure for platforms that allow users to trade cryptoassets?
In the same way that it is known that 51% attacks are possible in proof of work chains, it is also widely known that trusted third parties are security holes. This includes, of course, crypto exchanges. But they are not more insecure than traditional banks, brokers or mutual funds. They are just the old format of holding wealth. Proof of work blockchains are precisely looking to solve that problem: In traditional banking, providers have custody of wealth and grant access to owners. In proof of work blockchains, owners have custody of wealth and grant access to providers, which significantly minimizes the risk of trusted third parties. This is done by at least controlling the private keys, and at most (ideal) by running your own full node in your own machine.
5) What are your predictions regarding crypto market this year, in terms of both price and adoption? Where do you see the crypto industry towards the end of 2019?
I can’t predict what will happen in the next year, but in the medium and longer terms I see increasing discovery, by developers, of how to more precisely use a combination of blockchain and layer 2 systems and off-chain systems to build useful applications. This will attract more individual users, enterprise and government to secure blockchains, and that will create more demand for the tokens of highly secure networks such as Bitcoin and Ethereum Classic.
Code Is Law