On NFT’s

In 1996, a federal mint employee was eating bananas near where US dollar bills were being printed, and a Del Monte sticker on one of the bananas fell into the printing press and got under a transparent layer of a $20 bill. The Del Monte note was created. This particular $20 note is a collectible in some circles and has been auctioned many times before, and most recently for around $400,000. That the serial number of the note is printed over the Del Monte sticker makes this even cooler, and kind of unforgeable, and a fungible token became a non-fungible token.

What?

What does it mean for something to be “fungible” anyway? As an example, dollars (or any money for that matter) are fungible. That is, a dollar is a dollar is a dollar. It doesn’t matter if it’s a note with serial number XYZ or ABC or a ledger entry in some bank’s database. If I give you a $10 bill to transfer an equivalent value, the actual printed bill is irrelevant. This was made much easier when we went from cash (physical transfer of value) to digital transfer of value, and we now transfer an abstract notion of $10 without having to bother with a physical vehicle to carry that value. Now that we have digital money like your bank deposits or Bitcoin – what is the equivalent of the Del Monte note? I will get to that question in a bit.

In the physical world, there are two primary requirements for an object to become a collectible.

  1. It should be one-off, or a limited edition.
  2. It should have some intrinsic appeal because of aesthetic reasons (a Picasso, a Ferrari 250 GTO) or quirky reasons (the Del Monte note).

The appeal of a collectible is driven by popular culture. That’s beyond the scope of this article. The limited edition nature is what I am interested in. Most paintings appreciate in value after the painter has died. This makes that artist’s work provably limited edition. In rarer cases, the technology used to create the collectible in question is provably obsolete, or some raw materials have become extinct. Many times, if the creator is still active, they could implicitly make a promise that the collectible is limited edition. For example, the car company McLaren has implicitly promised us that they won’t make more of their iconic F1 supercar from the 1990’s. Or Ferrari with their 250 GTO from the 1960’s. Note that there is no technical reason that prevents them from making more of these cars. It’s just that if they break their word, the collectible nature of these cars will vanish. On the other hand, Seiko and Casio G-Shock, the Japanese watchmakers, make many limited edition collections of watches every year. In the watch collectors’ community, it’s almost a joke when a new “limited edition” Seiko comes out. Sure, there will only be 50 of these specific watches with some specific quirk, but tomorrow, there will be another limited edition collection with some other quirk. Eventually, even among watch collectors it’s hard to know which of these is a true collectible, and which is not. But they are all limited edition, according to Seiko.

What about collectibles in the digital world, where anything can be copy-pasted. Making a limited edition of anything is quite hard. For the most part, digital money is the only thing that cannot be copy-pasted. Government controlled digital money does this by having a centralized database with a trusted party (commercial or central banks) and this trusted party is – er – trusted to not copy-paste. Bitcoin and related cryptocurrencies prevent copy-paste using cryptography, distributed computing, and game theory. If you can make a unit of a digital money unique, by affixing a banana sticker on it digitally, you get yourself a digital collectible, or a Non Fungible Token (or NFT).

Can we “affix a banana sticker” on a unit of digital money in your savings bank account? Bank account balances are not represented as cash-like notes with serial numbers. Every account has just a numerical balance, and that makes it quite hard to take a part of that balance, and affix a banana sticker on it. So, that’s out. What about the other money that we know about: Bitcoin? Bitcoin is cash-like, in the sense that each digital unit of Bitcoin (technically called a UTXO, or Unspent Transaction Output) has a unique serial number associated with it. But how do we affix a banana sticker on it? For better or worse, Bitcoin is a bit too focused on being a secure implementation of money, and makes affixing this banana sticker much harder, like that Del Monte note was a one-off with the US dollar, but most US dollar bills are unmarked and fungible. Bitcoin is out.

What if we had Bitcoin-like platforms where affixing banana stickers on non-copy-paste-able digital tokens is easy. These are NFT platforms built on Ethereum.

A bit of history here: Ethereum, being a more ambitious platform than Bitcoin, wanted to allow general purpose computation on a decentralized system with no central operator (the opposite of say, Google Cloud or Amazon Web Services). General purpose computation is all fine and dandy, but most users wanted coins equivalent to Bitcoin, but with more fine-grained control on how the actual units were minted and transferred. Note that Bitcoin itself has these minting and transfer rules, but they are all set in stone. Ethereum’s underlying currency: Ether, also has such rules, and for the most part, they are also hard to change. But if a single user wanted to create their own such coin platform, with their own minting and transfer rules, they could create such a platform on Ethereum. This platform standard was called ERC-20, and all the ICO’s you heard about from 2017-2018 were ERC-20 coin platforms with specific mint and transfer rules created by specific teams. To give another analogy, every ERC-20 token-platform is like a bank. Users of a specific ERC-20 token-platform have their own account in this bank with fungible ERC-20 tokens in these accounts, and can transfer these tokens from their account to someone else’s account. This entire ERC-20 bank, along with other such banks, are all built on Ethereum. There are 1000’s of popular ERC-20 token-platforms on Ethereum, with each of them having many users.

One such platform is Cryptopunks, which is an ERC-20 token platform created by a company with 2 engineers. Cryptopunks added one new feature to each of its erstwhile fungible tokens. Each token is associated with a unique 24×24 pixel art image representing various human like faces, which added – er – personality, to each token. It turned out that these tokens were now not fungible at all – some of these tokens have cooler personalities and are valued higher. Thus was born the ERC-721 standard, which allowed token-platforms to add a unique personality to each token that the platform mints. The ERC-721 standard is also popularly known as the NFT standard. Any token-platform that conforms to this standard allows creation/transfer/showcase of tokens with personalities – and sometimes, the personality is as random as a random string of 32 characters. The digital fingerprint of an image file can be 32 characters, and if you add such a fingerprint to a token – this token now has art associated with it. You could add digital fingerprints of music files to a token. Cryptokitties is another famous NFT platform on Ethereum – where each token represents a kitten, with kitten like features – all digital, of course. Note here that the token is associated with the token platform, which is in turn associated with the meta-platform on which the token-platform is built. Could the same 32 character fingerprint of some art be associated with a token from another NFT-platform? Yes, it can be.

After all that background, the main question is – are NFT’s valuable? From the earlier analogy, we could ask ourselves – are watches valuable? There are more watches coming out every year – and Seiko makes many limited edition collections every year – is a particular Seiko watch from a particular limited edition collection worth $69 million? You have surely heard of the Paul Newman Daytona Rolex. As I said earlier, it’s hard to understand the popular culture that makes something a collectible. But, what’s definitely understandable is – what makes a digital artifact a limited edition. The NFT standard says nothing about NFT’s being limited edition. It just says that there should be a way to create NFT’s, transfer ownership, and show their uniqueness. So, we have to trust the NFT platform that it will somehow enforce the limited edition nature of these tokens. In Ethereum, the computer code (also called a smart contract) that controls any deployed NFT-platform cannot be changed after it’s been deployed (immutable). This gives us some notion of trust: we can inspect the deployed code, and check for ourselves tokens minted by this smart contract are truly limited edition. Does that give us true limited edition now? Not quite – there are two major caveats.

  1. Deployed smart contracts can be modified in the future if there are backdoors or hooks in the code. Proving the non-existence of such backdoors or hooks is quite hard. Foundation App, a popular NFT-platform, is just one public backdoor. The entire contract can be changed unilaterally by that organization in the future. They are not even pretending to be immutable.
  2. An organization which deploys the V1 version of the NFT-platform could deploy a V2 version tomorrow, and a V3 version next year. If the organization puts enough marketing around these new versions of the same platform, users move. Case in question – Uniswap, the popular DeFi exchange contract is now in its V3 version.

In contrast, Bitcoin was deployed just once, and cannot be changed (at least, not easily). And the code is open and has been pored over by normal users, bounty hunters, cryptographers, butt-hurt software engineers, and other experts over the last 11 years and it’s almost certain that there is no backdoor.A backdoor could be built in the future, but it will be very hard, and very visible. An NFT, on the other hand is a single token created by one among many NFT-platforms, on top of one among many meta-platforms like Ethereum. To put that in context, there are around 10,000 NFT-platforms on just Ethereum right now. If we leave Ethereum, we get other blockchain platforms, which are ostensibly decentralized across the world – and NFT-platforms are being built on them. NBA TopShot NFT-platform is on the Flow blockchain meta-platform. I have no idea how Flow works.

To give a concrete example, let’s take the NFT that captured the popular media’s limited imagination. Beeple’s $69 million “EVERYDAYS: THE FIRST 5000 DAYS”. The painting itself is 300+ MB, and like most NFT’s is not actually stored on the blockchain, but somewhere else on the internet. It’s not that easy to find, but I will save you the trouble by pointing to a link the works (for now). Clicking on that link in the browser will slow your browser down as it has to download 300+ MB of data for a single image. The digital fingerprint of this image is: 6314b55cc6ff34f67a18e1ccc977234b803f7a5497b94f1f994ac9d1b896a017 (SHA256 hash of the actual image file). This fingerprint was affixed to token #40913 that was minted by a smart contract that lives on the Ethereum blockchain at the address: 0x2a46f2ffd99e19a89476e2f62270e0a35bbf0756. This smart contract is actually called “MakersTokenV2” (no, I am not making this up). Token #40913 was transferred to an Ethereum wallet at the address: 0xc6b0562605D35eE710138402B878ffe6F2E23807, who apparently paid the equivalent money in Ether to Beeple through Christie’s, the auction house. This transaction itself cannot be traced on the Ethereum blockchain. That’s kind of ironic – because we really don’t know for sure if the money was truly transferred or not. Assuming the transaction happened, the buyer now owns the right to transfer token #40913 on smart contract 0x2a46f2ffd99e19a89476e2f62270e0a35bbf0756 on Ethereum to someone else. I guess that ~10 people might have inspected the code that is deployed at 0x2a46f2ffd99e19a89476e2f62270e0a35bbf0756.

There is this other idea that poor artists, ripped-off musicians, multi-billion dollar sports-organizations like the NBA could associate their content with an NFT platform and get better remunerated for it. Each piece of content goes on a specific token from a specific NFT-platform, and committed fans will buy them. What I fail to see is how an NFT-platform is different than a private art-gallery or a record label, or a pay-per-view sports channel. They can all channel money to the artist, and they can enforce copy-paste protection through law. If a piece of art is fingerprinted and attached to another token on a competing NFT-platform, and this token is then sold – what happens? The artist or the NFT-platform representing the artist will sue the other platform or buyer. Or some such.

So, are NFT’s a fad? Yes.

Is every Bitcoin an NFT? Technically, yes. But every Bitcoin is worth the same value as every other Bitcoin.

Is every USD bill with a unique serial number an NFT? Technically, also yes. But every dollar bill is worth the same value as every other dollar bill. The Del Monte note though, is the kind of NFT that is in vogue now for being an NFT. That’s the fad part.

The Blocksize War (book review)

BitMEX Research has published what can be called the first history book on Bitcoin (not all of its history, but just the Blocksize War). It’s written by Jonathan Bier, who surprisingly, has no official online presence that I can find. It could as well be a pseudonym, for all I know. Either way, this book seems like it was written just for me – as in – it’s written for someone who knows Bitcoin well enough from a high level technical, historical, financial, and social context – but does not know the historical details on specifics like how the P2SH war was won[1]Pete Rizzo and Aaron van Wirdum have a nice history-essay about the P2SH war., or how covert ASICBoost works[2]BitMEX Research themselves have written about it in detail., and such. If you are such a clued-in-now, but clueless-about-the-past Bitcoin enthusiast[3]For Ethereum enthusiasts, there is a chapter on the DAO as well., this book is definitely for you.

To sum it up, the Blocksize War was about Bitcoin community’s attempt to increase Bitcoin’s blocksize from 1MB to some higher number. To someone not well-versed with Bitcoin, it seems like a trivial change, and should have been a non-issue. But remember, Bitcoin hates change. The 1MB limit was famously added by Satoshi a while after Bitcoin was up and running, and therefore could be argued as a “hack”, or “kludgy fix” to a non-existing problem, etc. Raising this 1MB limit became the focal point on how Bitcoin’s consensus rules can be changed. Or whether they should change at all? Who is in charge – users, developers, miners, or businesses? The events in this book happened around the 2015-2018 time-frame, and tracking all of them chronologically is non-trivial, and this book goes a long way into making this possible. Bier was physically present in London (2015), Montreal (2015), Hong Kong (2015, 2016), Milan (2016), Stanford (2017), and the Dragon’s Den (an online forum) – which gave him a front-row seat, the view from which he captures vividly.

The book covers major Bitcoin code-forks (not to be confused with network-forks) like Bitcoin XT, Bitcoin Classic, Bitcoin Unlimited, and BTC1 – in quite some detail. Who wrote the code, who pushed the ideas forward, who put their weight behind these, what could have been their ulterior financial or personal motivations, and what eventually happened. The proceedings are livened up by colorful personalities like Mike Hearn[4]I joined Mike’s old team at Google Zürich right after he left, and heard a few anecdotes that seemed similar in spirit to what this book says., Gavin Andresen, Gregory Maxwell, Faketoshi, Jihan Wu, Adam Beck, Pieter Wuille, Vitalik Buterin, Roger Ver, Samson Mow’s UASF hats, Brian Armstrong, Theymos, Jeff Garzik, Wladimir van der Laan, and others (not to mention Satoshi Nakamoto, whose purported 2015 email from the @visionmail account, I had no idea about). There are basic technical descriptions of important ideas like soft-forks, hard-forks, wipeout-protection, miner-signaling vs miner-voting, whether IETF’s idea of “rough consensus” applies to Bitcoin, the curious nature of BIP-148’s meta-soft-fork, ASICBoost, segwit, Lightning, Bitcoin Cash’s difficulty adjustment algorithm’s bugs, and so forth.

The one key observation that Bier makes is that the existing consensus rule set of Bitcoin acts as a key Schelling Point in any disagreement on whether to change Bitcoin or not, and if enough people defend this Schelling Point, it persists. This idea is reinforced through the book (though explicitly mentioned only once), and eventually, if that’s the only thing you take away from the book – that’d be a good thing. Additionally, history lessons from this book are important and we have to appreciate that BIP-148 might not have worked at all, and could have been catastrophically bad for Bitcoin[5]Anthony Towns recently speculated this exact same thing.. Just that it happened to work out (and not work, per se) doesn’t mean that it will work out again. Bitcoin wants to add Taproot and Schnorr signatures now, and we are witnessing the beginnings of another skirmish (if not a full-on war). I hope that this time, given that the consensus-rule change itself is acceptable to everyone, a meta-consensus on how to change consensus-rules will emerge. As Bier says in his book, Bitcoin has to be ready when the nation-state attacks begin, and these scars should help.

References

References
1 Pete Rizzo and Aaron van Wirdum have a nice history-essay about the P2SH war.
2 BitMEX Research themselves have written about it in detail.
3 For Ethereum enthusiasts, there is a chapter on the DAO as well.
4 I joined Mike’s old team at Google Zürich right after he left, and heard a few anecdotes that seemed similar in spirit to what this book says.
5 Anthony Towns recently speculated this exact same thing.

Bitcoin is Forever

The nature of Bitcoin is such that once version 0.1 was released, the core design was set in stone for the rest of its lifetime – Satoshi Nakamoto, creator of Bitcoin

This goes against the more well understood motto of technology startups: “move fast and break things.” Unlike a startup, or even a big company, Bitcoin doesn’t move fast, or break things. Of course, I am not talking about its price as measured in USD or INR. I am talking about the entire Bitcoin system, or Bitcoin, the protocol. Bitcoin is stagnant, ossified, set-in-stone, resistant-to-change, and any number of such synonyms you can look up in a thesaurus. There are a few obvious questions that come out of this:

  • Why is ossification preferred over, say, innovation?
  • How do you achieve ossification in software?
  • Does it matter?

If you sit back and think, the answers to these questions are not obvious. Let’s address them.

Why?

It seems obvious that innovation is good, innovation is right, and innovation works. Maybe it even captures the essence of the evolutionary spirit. So, why does Bitcoin not want to innovate? The answer lies in layers. By layers, I mean – in layers of abstraction. In any system, the base layer has to be set in stone for the layers above it to work. Think of civil engineering: it works because the laws of physics are set in stone. The value of the gravitational constant doesn’t change over time, thankfully, just because nature wants to innovate. 

Having an “innovative” base layer comes at a high cost to systems being built above it. Bitcoin was designed as a base layer for the world’s financial system. We can argue that that’s a stupidly ambitious goal, and is most likely not going to happen. That might very well be. Given the goal (stupid as it might be), innovation goes against Bitcoin’s purpose. An unchanging base layer of money allows innovation in layers above because a predictable foundation is a good foundation. Change-resistance tells its users that their initial trust in the system will not have to be recalibrated every now and then. A user’s understanding of Bitcoin doesn’t have to be updated after every recession. Money should be independent of booms and busts in the real economy. 

On the flip side, change-resistance resists all changes, good and bad. This is a philosophical preference, and reasonable sides have disagreed about this. Ethereum, the second most popular cryptocurrency, has argued that good changes are worth the cost, and is going ahead with radical changes to its base layer as we speak. And has done sweeping changes in the past.

How?

Software is just text interpreted by a computer to perform some actions. How do you design a software system that cannot be changed easily? This goes into the weeds of decentralized distributed peer-to-peer systems, and a bit of the mechanics of how Bitcoin works. 

Bitcoin, the system, is made of tens of thousands of computers that run a specific piece of software. Each computer runs its own local copy of the software and maintains its own local copy of the so-called “coin-ownership database.” Satoshi released the first version of this software after 2 years of working on it (or so he/she claimed). This software’s source code is open, and anyone can modify it, or run it as it is. Many groups of people have modified this software as per their own vision. Each group has their own version of the software, which they hope users will run. 

The key thing to understand is that users decide what version of the software they want to run. All these users’ software together makes up the Bitcoin network. These users are not in a central database somewhere, with phone numbers or email addresses on which they can be contacted and asked to upgrade their software. They are not in a single country or jurisdiction where they can be coerced to upgrade their software, or else. They are spread all over the world in a loosely coordinated arrangement, interacting only through their already installed software. These could have been installed anytime over the last 11 years, and getting them all to agree on what software to run – is a coordination problem of mammoth proportions. Software that runs by itself on a device, while talking to a central server is reasonably easy to upgrade (like a gaming app on a phone). Software that only talks to peers will need other peers to also upgrade and follow the upgraded protocol for things to work. This kind of “protocol upgrade” is much harder to coordinate and enact. Cases in point: (a) the move from IPV4 addresses to IPV6 addresses on the Internet. (b) the disastrous set of upgrades from SSL 1.0->2.0->3.0->TLS 1.0->1.1->1.2->1.3 (SSL and TLS protocols enable the “S” in HTTPS).

The Bitcoin network agrees on a shared coin-ownership database despite every user running their own version of the software. If one user’s coin-ownership database differed from another user, Bitcoin would cease to work. So, how does it work then? This is where the idea of distributed consensus through proof of work comes in. Bitcoin nodes (each computer running the Bitcoin software is abstractly called a “node”) that also validate transactions and assign coin-ownership to users are called mining nodes, and these nodes have to burn enough electrical power to qualify every 10 minutes to propose valid transactions (a “block” of transactions) that the rest of the network accepts. The network rejects this block if it contains invalid transactions. What is valid/invalid was written in software by Satoshi in the first version of Bitcoin, and changing that requires the collective software upgrade that we encountered earlier. Additionally, this notion of what constitutes burnt electrical power is universal in nature, and all nodes can agree on this without relying on any trusted third party. This is the reason Bitcoin burns more power than your friendly neighboring country – to trustlessly determine who owns what through the universal physics of electricity.

But let’s say that some mining node decides to make a block with a transaction that allocates itself some additional money. An invalid transaction, so to speak. Let’s say this mining node can convince half the nodes in the network to change their software and accept that this block is valid. This half would accept this invalid block as valid and update their local copy of the coin-ownership database. The rest of the network would reject this block, and would have a different coin-ownership database. We have what is called a hard fork.

Bitcoin has had many hard forks in its history – almost all of them by design. And none of them with a 50-50 split; all of them were lopsided splits. A few people wanted to change the rules of the game over the years, got a few more people to agree with them, and decided to have different versions of the coin-ownership database. Think of how, before the partition of India in 1947 – there was one Rupee, and a database of who owns how many rupees. This database was, of course, not maintained on a computer – but through ownership of bearer notes. After partition, there were two versions of the Rupee, with two databases of who owns what. Each Bitcoin hard-fork can be thought of as a similar partition of a currency with separate coin-ownership databases going their own way after partition. The fork with the largest set of miners, users, economic value, and other intangible metrics takes the moniker of “Bitcoin.” Others call themselves “Bitcoin Cash,” “Bitcoin Cash SV,”, “Bitcoin Cash ABC” and so forth.

There is also a softer notion of partition called the “soft-fork”, which is a bit more technical and nuanced. Soft-forks do change the notion of what Bitcoin means, but affecting these soft-forks over the entire network takes many years of coordination, and can only be done for the least controversial changes. And there is no guarantee that they might ever see the light of the day. The last successful Bitcoin soft-fork (fork-name: SegWit) was in 2017 and the forking/upgrade process left such a scar on the system that the next fork/upgrade (fork-name: Taproot) though code-complete, and almost entirely uncontroversial, might take years to roll out – if at all.

If they are so hard, how does Ethereum pull off forks? These are some of my reasons (ranked in order of how controversial they could be):

  • Ethereum’s BDFL is well known in real life, very active, and has strong opinions on how Ethereum should evolve. His word commands respect in the community, and is able to affect change. Bitcoin’s creator disappeared in 2010, and has not been heard of since.
  • Ethereum’s nodes are comparatively harder to run, and are thus run by fewer people – who can coordinate upgrades more easily. Bitcoin nodes have a lighter CPU, memory, and network footprint, and can be run by more people.
  • Ethereum’s users want newer features and are willing to upgrade more easily. Bitcoin users are more resistant to change.

What now?

I claim that Bitcoin’s resistance to change is one of its biggest value propositions, and gives us a form of money whose monetary policy, rules of the game, and general contract with the outside world are almost set in stone. You can buy bitcoin, bury the private key, come back to it in 50 years, and it will still be valid, and perhaps, more valuable.