The flaw here was in a dependency introduced by targeting WASM, and could apply to any project of any kind relying on random number generation for a cryptographic purpose. It is not a "crypto-currency" specific problem.
The flaw was not in a dependency but Trust Wallet's first party code [1]. They decided that Mersenne Twister would be sufficient for generating cryptographically random data and specifically called it "secure" [2]. Very unfortunate.
Yes, a terrible decision - but still a decision left up to any developer in a similar position - which, with the trend to WASMify things may well happen again in other projects, until it's better addressed at the source.
Honestly, it's so bad it makes me wonder if a bad actor could have had influence over such a decision in this case. Reports of Trust Wallet accounts being randomly pilfered without some plausible other cause might go some way to figuring that out.
This makes no sense. What source should it be addressed?
This is an issue of standard libraries, whereas WASM is a specification of an execution environment. WASM doesn't have a standard library, since it doesn't even have a canonical source language!
It's like demanding that x86 or aarch64 offer better Unicode or SVG support.
Developers should never end up in a situation where they feel the best cryptography solution is to "roll their own". That's likely what happened here. And the situation needs to change. It doesn't matter where in the stack that change is affected.
So you're saying all languages (and in fact ISAs, because that really describes WASM more accurately!) need to come with a static analyzer that detects and prevents any attempts of implementing low-level cryptography rather than calling out to a high-quality library? Because that's what happened here.
What we can do is provide well-tested and ergonomic high-level cryptographic libraries; I don't see how we can enforce their use.
It sort of is because cryptocurrency inherently makes the stakes so high (all your money). Currently software development is more an art than a science, and even very competent people make mistakes or have unforeseen problems/behavior in their programs
You raise an important point though: crypto is not for the faint-hearted. "Be your own bank" has exactly that much responsibility attached. Many don't fully appreciate that.
I don't think it will collapse. It has found product-market fit: mostly gambling, some money laundering and crime, and some legitimate use for international wires and payments under oppressive political conditions (this last part is the smallest amount by volume).
There will occasionally be attempts to pump some new use case (e.g. NFTs), but these are just casino advertising. They'll draw in some new suckers/players and the cycle will repeat.
The maximalist cult will continue to exist as well, patiently awaiting the coming of the space brothers in the form of a massive economic collapse causing Bitcoin to "moon" and become the new global reserve currency. This is identical to the goldbug cult of previous generations and involves many of the same types of people. Apocalyptic cults can exist for a long, long time and failed prophecies do not deter true believers.
if we made international headlines for every phishing attack, you would feel the same about the tech sector or tangentially "computing" at all.
this was the case in the 90s pretty often.
now we choose to highlight properly run organizations and advances, while largely ignoring the rest. new problems presented by home computing and electronic funds transfer didnt go away.
its more likely the same will happen with crypto assets and industry. when I look at mainstream news like Bloomberg, thats what I see already.
That kind of argument can be applied to any value-based systems. s/crypto/ with /banks/, /religion/, /houses/.
No. False equivalence.
The other examples have a long history of applications that add value to people's lives (as well as disbenefits depending on your viewpoint and ideology).
Crypto-currency has never yet demonstrated any significant value to normal people, though plenty of the latter.
I believe that is wrong. If you keep your money as cash or in a bank deposit then you lose several percents every year because Western governments maintain a certain inflation rate. But inflation is basically stealing from everyone who has cash or bank deposits. You had 100 dollars and next year they become equivalent to 98 dollars.
Cryptocurrency is different. No government is able to steal your Bitcoins by printing some more colored paper.
Yes today there are issues with volatility, but conceptually cryptocurrency is better than fiat money for the reason written above.
But if you like getting robbed every year then of course continue using fiat money.
It's rate is not arbitrary, it is maintained at specific level, as they say, for better economy development. But it is unclear whether you will win from that or somebody else, what is certain that you lose money every year because of this. You had 100 dollars and year later they are only worth 98 dollars. What is it if not stealing?
As opposed to having 100% stolen by poor security - the subject of this discussion - or fraudulent exchanges, or heavily pump-and-dumped new coins, or... the list goes on.
So maybe instead of outlawing exchanges we should have more legitimate exchanges? Also could you please describe a better way to protect your savings from printing money by governments?
Maybe you have a point with religion, but housing and banking are a necessary evil for everyone, regardless of their views on the market. I've contributed to the price of housing by virtue of existing and bidding it up in my city. That doesn't mean I'm buying a house to make money.
This could also apply to other financial instruments. At the core decentralization is about power. Crypto as we know it now could fail but the core tener is about new ways of power in the financial world.
From the technological level is also about the freedom to experiment with finances where regulations don't enable to. Even if it is at a sandbox level.
“At some point there won't be any more suckers left. That's when banking will really collapse.”
The news every day sends the message more urgently that a global hard money that can never be debased by money printing and that is free from the whims of governments and dictators is sorely needed.
This is repeated by the crypto people as some kind of root of all evil, and it puzzles me.
I see monetary policy - including the ability of devaluing a currency - as a powerful tool central banks have to keep the economy working.
I fail to see how "hard money", which normally comes peppered with some vague desire for a deflationary economy as desirable. In my view this would very quickly turn into an intolerable distopia.
Central banks aren’t needed to keep the economy running, you really just need some areas of law (contract, commercial, etc) and an effective court system for that. The economy ran on its own prior to the Federal Reserve being created in 1913.
Central banks may be useful in preventing banking crises every ~20yrs as happened back in the 1700s and 1800s. But even that’s not a certainty since the two most severe banking crises in history - the Great Depression and Global/Great Financial Crisis - happened under the watch of central banks. Some even argue the latter occurred because of the central bank keeping interest rates too low too long.
One benefit of central banks is to depoliticize monetary policy by moving it away from the Executive Branch, and giving it a consistent, Congressional mandate that it must prioritize in its policy and operations - low inflation and high employment. That’s probably one of the few indisputable advantages they have.
As for whether inflationary or deflationary money is better, I don’t know. Both have their pros and cons. The more I go down rabbit hole on each of these, the less decisive I am about it. But this website makes a comprehensive case for deflationary money, fwiw: https://wtfhappenedin1971.com/
> this website makes a comprehensive case for deflationary money
After the switch to burn a portion of funds on every transaction as well as the switch from proof of work, to proof of stake, Ethereum is now deflationary [0].
Say what you will about the cryptocurrency experiment, it will be fascinating to watch the effect of this over time.
Does this seem normal to you? Imagine you are a patient and you took data like this to your doctor. Would he say you are healthy after having such a gradual rise all your life and then complete chaos?
If things have been going great the past few years I’d say maybe it doesn’t matter, but things don’t seem to be going great for anyone except the wealthy (those by nature closest to the money printer).
Yes. Currency is a mean of exchange, nothing more.
Economy is essentially how to satisfy the needs of its participants with the limited resources available. For the graph that you linked in a somewhat alarmist fashion to make sense, you need to compare it with a plethora of other information for it to make sense.
What is the productivity of people and corporations? What are the level of imports and exports? What is the cost of living? How much in taxes did the government earn? How adequate are the expenses in infrastructure? What is the level of debt held by the public and private sectors? Is that debt sustainable?
All those are just questions that I haphazardly put together while writing this reply, and they all tell other facets about the state of the economy that the money supply won't tell you.
>>Since 2007, wealth has declined for all but the top 20%.
>Oddly (or not oddly) enough that’s when the monetary base graph starts skyrocketing.
A deflationary economy would massively widen wealth inequality, as it heavily favors capital holders (as money itself gets more expensive over time).
A lot other things happened after 2007 that helped increase wealth inequality. I see the "skyrocketing" money supply as a side-effect of those things.
Wealthy people don't own money, they own assets. And they're usually in debt. Inflationary currency massively benefits wealthy people. Inflation is a transfer of buying power from poor people to rich people. That's the function of inflation. That's exactly the mechanism by which it makes poor people work harder, and makes the economy "grow".
Inflation makes people work harder, but it's not the right thing to do, and not good for the economy in the long term. Economy is not just the GDP; it's also happiness, freedom and mental health.
All productivity increases in the economy should belong to the people who are working and saving their money. They made the decision to limit their consumption and wait for cheaper products.
Inflationary currency is very unethical, and will result in total centralization of wealth when productivity keeps increasing.
Bitcoin will be the poor man's inflation hedge. Eventually others will wake up- see bhutan quietly mining it, and even family and private wealth offices (traditionally very conservative investors) are buying it.
> imagine you are a patient and you took data like this to your doctor
As someone who knows a doctor or two in the Bay Area, where it's apparently common for self-diagnosed charts to be texted in panic by clueless patients at 2AM, this analogy is apt.
Either the company's board and leadership are trustworthy (i.e. are acting in the best interest of all, not just majority or voting, shareholders), in which case they'll have carefully weighed the cost (dilution) and benefits (additional capital) of issuing new shares.
Or they aren't – in which case dilution is one of many problems and it's questionable why I'd want to continue owning shares in that company.
You’ve just connected the hypothetical question to the current behavior in play on the global scale. USD is still technically the worlds reserve currency, meant to be the base unit of all petroleum transactions. Countries have been motivated to keep USD on hand for decades for that reason.
In 2009 and 2021, the USD’s “board and leadership” has shown it’s willing to massively inflate its existing liabilities to help it solve its severe problems.
It’s very questionable why any country with large trade surpluses would want to hold US treasuries at this point. That’s precisely why China has brokered energy deals denominated in RMB, and BRICS is exploring a basket of their currencies to act as a new reserve.
> It’s very questionable why any country with large trade surpluses would want to hold US treasuries at this point.
Fair point – then maybe they shouldn't!
But I'm not a large country; I need to pay for rent and food in USD, and my highest priority for the USD accordingly is short and medium term price stability for those two things. For long-term savings, there's other assets.
If the USD continues falling short on short term price stability as well, I agree that that would be a major problem.
Money is fundamentally community based. It is based on exchange with your neighbors and colleagues and peers and anyone you do business with. You’re not getting away from the entity representing that community from exerting some control over it.
Precious materials like gold are probably the best you can get as the material itself has some value.
They're relatively useless for other purposes. Eg, gold is rare, heavy and malleable. In situations where you need those qualities other options exist, like lead. It has the advantage of not oxidizing, so it makes for great jewelry.
But all of that is extremely contextual. If it turns out there's a huge reserve of it somewhere, it will crash in value. Or if things crash badly enough there may be other things to worry about. Eg, a community that desperately needs water is probably more interested in pipes than gold.
They (i.e. materials like gold/silver) have inherent value as being relatively difficult to obtain without significant work and being useful in creating valuable objects.
Because of those properties they become a store of value (representing the work and rarity) which then makes them a useful proxy for trading that value, which increases their rarity/value by taking it out of circulation when used as a store of value.
Because the community believes their value will outlast the currency system. People have believed the same thing about tulips, peppercorn, wine, and buildings (or rather, land).
Well there’s residual value in metals as you can build stuff with it. Agree that the vast majority of the value of precious metals is contextual, but I guess you can appeal to human’s love of shiny stuff plus history, beyond just community context.
Yes, handling private keys is very inconvenient. I also can’t imagine my mother (although rather tech-savy for her age) handling all her financials with crypto wallets.
However, one of the next Ethereum upgrades (ERC-4337) will make it possible to safely recover wallets without a key seed phrase. Its implications seems to be huge but I am not deep enough into it to explain how exactly it is going to work. Perhaps somebody more competent than me can elaborate on that.
You can't eat your cake and have it too: Either you are the only party controlling access to your accounts – which then necessarily includes the possibility of losing everything – or you don't, in which case somebody else does.
This isn't a tradeoff unique to cryptocurrencies: Cash works exactly the same way (qualitatively, if not quantitatively, in terms of the risks of losing access to it) – if you store your life savings under your mattress, they can be stolen easily or burn down together with your apartment.
This is never going to happen, and nor should it. Any system that you can lose your entire life savings without any recourse by forgetting, revealing, or being hit by a wrench, for one number - is irreparably flawed and extremely unsuitable.
"There's a sucker born every minute" — P. T. Barnum
After that 'discovery' in the mid-1800s, there seems to be an endless supply, and at today's higher brithrates and infant survival rates... we can't really expect that they'll ever run out ;-P
Yeah I’m sure one day those “suckers” will decide they don’t need financial privacy and have no problem with the state reaching into their wallets at will. Then they’ll go back to happily storing their money in a bank account that can get locked for having the wrong opinion, or restricted by alleged investor protections that aren’t even opt out.
Financial privacy on a completely open and visible block chain, that makes transaction analysis incredibly easy, that has resulted in the FBI etc. consistently being able to "de-anonymise" users?
That's a really weird definition of "privacy". Crypto currency makes it easier for them, not harder. They don't even have to go to the effort of getting warrants because you're literally giving them your data saying "Track me, please!"
Soo... Not "the wrong opinion" but disrupting major infrastructure. Im not sure I agree with it, but it's not the laissez-faire process you are implying. It's also pretty trivial to see how they can equally do the same with cryptocurrencies through the major exchanges, given the hurdles or actually using your crypto outside them