Welcome to the first edition of Fintech Friday! FF is a hand curated weekly blockchain newsletter without market or price discussion or speculation.
This newsletter will always be quite long and exhaustive, so it’s recommended to skip the parts that don’t interest you.
Estimated reading time with a link visited now and then: 45 minutes.
From the perspective of mass adoption, we’ve had quite a few positive moves this week. Even papa Vitalik - whose Ethereum has celebrated its third birthday! 🎉🎁🎊 - said that we need more average-consumer adoption and sub-$100 purchases and fewer ETFs and similar fonds.
The powers that be are very acutely aware of the competition coming their way, so fast and early adoption is very important. Luckily, this report published in parallel sends out some positive signals.
Transacting with Crypto
In regards to the “currency” side of “cryptocurrency”…
The Chief Commercial Officer of BitPay, Sonny Singh, gave an interesting interview for 8btc. He claims that some merchants do from one to 10 million USD in traffic, which shows just how ludicrous it is not to accept cryptocurrency as a means of payment - even with mediators like BitPay. This is something even Fundstrat Global Advisors realized, adding BitPay’s payment method to their services.
The biggest cinema network in Thailand, Major Cineplex, might accept crypto for movie tickets some time soon. But this cooperation will likely be in the form of BitPay integration, rather than direct accepting of cryptocurrencies. 1 2
There were some rumors about 4000 merchants from Cyprus accepting Bitcoin Cash soon, but these remain unconfirmed. The anti-crypto movement is very powerful in Europe in general, and how exactly those 4000 merchants would be accepting BCH, or who they would be, remains unclarified.
On the other hand, there’s the new Bitaccept.Cash - an e-commerce solution and plugin which allows web stores to accept BCH for orders. There’s also TheBigCoin which lets people pay with different cryptocurrencies but has rather exorbitant fees (7–12%) an draconic terms of service (i.e. if the price of crypto drops from the moment of order to the moment of payment confirmed, you have to send them the remainder, but if it rises, they keep the profit).
You can now buy citizenship in Antigua and Barbuda 1, 2 for $100k in Bitcoin and other cryptocurrency. Thus, the islands join a long list of crypto friendly states, though, according to testimonies, residents of the top 10 crypto cities places wouldn’t agree it’s all that peachy.
Switzerland noticed the exodus of crypto companies and is trying to keep them around by making the banking relationships a little more liberal. Good, considering one banking group - Swissquote - had its traffic grow 44% since they added crypto trading.
CFR, the Council of Foreign Relations, published a rather positive outlook on blockchain technology in energetics, namedropping Grid+ and listing some of its hurdles.
In Spain, not only is Catalonia planning to implement blockchain technology into almost every sphere of public work, but two large institutions - SGAE and ETSIT-UPM - signed a contract to dedicate resources to blockchain research for the sake of securing authorship rights.
Sweden and other countries are slowly realizing that blockchain is a valuable addition to the real estate market, while USA had its first blockchain-only sale of a real estate through the blockchain real estate startup Propy.
In Australia, the Commonwealth bank used the Ethereum blockchain to track the transport of 17 tonnes of almonds. They’re going to be using a permissioned blockchain based on Proof of Authority in the final version of their supply chain implementation, but any innovation at this point is good innovation.
One of the biggest barriers to adoption of cryptocurrency is the required technical literacy of the average user. With that in mind, Binance, the biggest crypto exchange made its first acquisition - Trust Wallet, an app and decentralized wallet. 1 2 - this is bound to help with their newly acquired partnership with Libra Credit through which they’ll offer BNB-backed loans.
HTC is also pioneering usability techniques in their own way - by releasing a new smartphone with a secure hardware element, not unlike a Ledger Nano S. A big selling point is Lightning Network support, but many remain skeptical due to the fact that the LN doesn’t actually exist on a level that goes beyond conceptual. It’s currently very broken and only theoretical technology. The fact that they signed Charlie Lee on as an advisor doesn’t bode well either, but I wish them luck anyway - if this works out, it’ll be a massive boon to adoption.
As far as decentralized exchanges are concerned, Totle has an interesting idea. Their 6 smart contracts unify and aggregate all currently available DEXes for Ethereum and forward buy and sell information to the best DEX for that token in that moment. This increases that token’s liquidity, speeds up the purchase, and keeps decentralization in the game. Their fees are 0% for as long as they are in beta, so get to it!
In Ethereum’s ecosystem, a group for token standards was formed just in time to discuss EIP998 (a standard for collections of tokens - sending several tokens at once) and ERC681 (standard for representing transactions as URLs).
Silly stuff often also helps adoption. It doesn’t get sillier than politics and celebrities, especially if the two are combined. Thus, Ripple hired ex USA president Bill Clinton as the keynote speaker on their Swell conference in San Francisco on October 2nd. Sergey Brin, the founder of a once innovative company called Google, will also be there.
The politician Andre Yang started accepting cryptocurrencies as donations to his political campaign.
Kim Kardashian waved a probably blank and nearly worthless physical bitcoin around. She was given one at a poker tournament.
In a sea of dead projects, launches of products are few and far in between. Here are some from the past week, regardless of the blockchain they’re launched on.
The Loom team, who are behind the game Zombie Battleground, announced on their kickstarter page that the alpha version of the game is ready. The backers can go and grab their unique cards and wait for the rest of the game to launch. We have some more launches in the same genre: Gods Unchained is nearly identical to Zombies, but has even Coinbase as an investor.
Another dice rolling game on Ethereum is Zethr.
Qame (Tangle Farm) is a Quibc proof-of-concept game on IOTA.
Crumbs is an app that’s also entering beta, but is sadly only available in certain USA states. Crumbs rounds up your purchases and invests the change into a cryptocurrency portfolio behind the scenes.
Ledger, the company behind the popular hardware wallet, having recently launched its new Ledger Live app now released two more - HODL and Recovery Check. HODL lets you copy an address from your ledger to an input field on screen directly, avoiding erroneous manual copying. RecoveryCheck lets you make sure you have the right recovery phrase without having to restart the device to factory settings.
The Dharma Protocol allows for decentralized lending of ERC20 and ERC721 tokens on the Ethereum blockchain. Quickline is a new interface i.e. app for using the Dharma protocol, which now lets you start lending and borrowing.
Ethwatch is a great app for tracking Ethereum transactions in real time. It just started a private beta period and uses PostgreSQL behind the scenes rather effectively.
Ethviewer is similar, and came from the labs of the Australian government. It’s also used to draw real time Ethereum transaction graphs.
Infura launched a new dashboard with added functionality.
Status IM launched Nimbus, a tool for the sharding version of Ethereum. This means it’s very very small in filesize and highly compatible with IoT devices and less powerful smartphones. Their aim is to have a ready application at the moment Casper and Sharding are launched on Ethereum.
Etherlime 0.6 is a framework for building decentralized apps on Ethereum with a focus on readability and simplicity of use. It was made as a reaction to the complexity of traditional tools like Truffle and Embark. It can currently compile smart contracts, deploy them, initialize projects, launch Ganache, and more. It’s under active development.
Trinity is a new Ethereum client (like Geth or Mist) written in Python. Its aim is to be a software platform for Ethereum with support for plugins not unlike the Chrome Web Store. Try it out by following these instructions.
BitcoinCashToolkit is a Swift implementation for Bitcoin Cash on iOS devices. Add BCH support to your apps with ease!
Pipeline looks like a cool tool for visual composition of smart contracts!
Rest.Bitcoin.com offers a REST API for the Bitcoin blockchain with which applications can read data from the blocks in an easy to parse manner. The current API limit is 60 per minute, but that’s likely to increase as the project matures.
EOS launched Demux, a tool which simplifies the development of dapps on the EOS platform by encouraging the storage of data off-chain, and only storing validation hashes on chain, making apps much more lightweight. This, of course, adds a layer of traditional centralization by keeping actual data in a regular database which, if it crashes, crashes the dapp, but we’ll just add that to the long list of unanswered questions we already have about EOS.
SmartT, a NEO application for selling event tickets on the NEO blockchain uses MCT tokens and is deployed on nOS, the Neo Operating System, a framework for development not unlike OpenZeppelin’s zOS in Ethereum. The app is open source on Github.
The blockchain platform Ziliqa launched a dedicated website for Scilla, the programming language they developed specifically for building smart contracts on their platform. The page contains examples, syntax, docs, and more.
IOHK, the company behind Ethereum Classic and Cardano, launched IELE, the second version of their testnet - now with smart contract support. This allows developers to begin experimenting with dapp development on the Cardano blockchain. A big advantage of IELE is the fact that it supports Solidity through the Solidity-to-IELE compiler, which means Ethereum devs need minimal code changes to try and transition to a new platform. The testnet is available here.
Not sure what a testnet is? Find out here.
Tron TVM and Wallet
Tron, the blockchain veiled in controversy, launched two new things. First, it launched a new wallet in the Google Play Store. The wallet stores the key on the phone and not on a third party server and is the most native mobile Tron wallet currently available. Second, it launched the TVM, Tron Virtual Machine. It’s almost a direct clone of the EVM so it allows not only reuse of Ethereum tools for development (Truffle, Web3js) but also direct porting of Ethereum code to the Tron blockchain.
Waves Client 1.0
After 53 beta versions, Waves finally launched the 1.0 version of their client. The client offers direct interaction with the Waves blockchain, launching of one’s own tokens with the click of a button, access to the Waves decentralized exchange, and asset management for the tokens you own. Future versions will add hardware wallet support and once smart contracts are added, even 2FA authentication.
The Stratis project successfully added the Breeze protocol onto its blockchain, masking transactions. It now claims much higher degrees of privacy, but that remains to be seen once pundits and hackers try to wiggle it around.
Blockstack launched a multi sig wallet intended for bigger teams. These wallets require unanimous agreement on payouts made from the accounts, indicating a potentially fairer option for dispersing payments, under social consensus.
Fraud and Law
All crypto enthusiasts see a light at the end of the tunnel we’re in, but that doesn’t mean there’s no darkness around us. Let’s look at past week’s frauds and scams and the law’s attempts at dealing with them.
Mistakes can happen. Telegram’s new Passport product has a vulnerability, for example. It’s meant to allow users to share their personal information with AML/KYC departments of ICOs and financial institutions, but the algorithm they picked for hashing the passwords turns out to be vulnerable to brute force attacks where many guesses eventually yield a win, says Virgil Security.
Other problems, however, are the product of pure malice and greed.
First in line is, of course, John McAfee. Once a tech-tycoon and owner of McAfee sotware, this popular and notorious crypto personality is responsible for robbing many people of their savings through his pump and dump schemes. Recently, he went all out in support of BitFi, an “unhackable” hardware wallet. The CEO of BitFi, by the way, was previously under investigation by the SEC for securities fraud.
In an (un)expected twist of fate, the wallet seems to be a basic $35 Android phone which doesn’t even notice when it’s invaded on a hardware level, and all the funds and data are stored on a central server at BitFi, not the device itself. The device is in fact full of malware which pings home and sends back the GPS location and data of the current user every 72 hours. It seems like it is indeed just another McAfee scam. 1, 2, 3, 4, 5, 6
In a report by Kaspersky, PowerGhost is identified as one of the most dangerous malwares of today. It works like a good old virus - by hijacking a system process and spreading across the network, then mining Monero. It prefers Powershell (so Windows only) and has no files, so it’s hard to detect. It’s very handy for invading POS systems, ATMs, tourist kiosks, and other outdated and vulnerable forgotten technology terminals.
On Steam, an indie game was causing a ruckus by secretly mining cryptocurrency while being played, says Motherboard. The game was removed from Steam, but not before amassing 6000 users - a non trivial number considering a game from Steam has full access to system resources and is thus much more powerful than your usual in browser mining.
This type of software is called cryptojacking malware and has proven to be very profitable for its authors. SamSam, the malware which made Atlanta stop working for a while, netted its authors almost 6 million dollars, Sophos says.
The other face of malware is good old phishing - impersonating a site or service people often use in order to collect their login data. One such example was dissected in this post by the MyEtherWallet alternative MyCrypto.
Bitmain caught in a lie - is mining secretly
Shortly after committing to full transparency in their mining and hashpower reports, Bitmain, the company producing most of the ASICs in the world and the owner of one of the biggest mining pools in the world - Antpool - was caught in yet another lie. Hakkane, a Siacoin blockchain researcher, analyzed the Sia blockchain data and proved that Bitmain is systematically stealing from both investors and miners. It is very likely that the same approach is being used in their bitcoin mining operation.
Cloud Mining is always a pyramid scheme
According to local media, the CEO of Sky Mining, a “cloud mining” company, absconded with $35 million USD of investor money. This is just one in a long line of cloud mining scams. Cloud mining makes no sense in reality because the idea falls flat economically from the get-go: if a company has enough hardware to rent out the mining power for fiat, it would be more worthwhile for them to mine for themselves and sell all the mined cryptocurrency instead. The dividends are always paid out from the entry fees of others, so there is simply no cloud mining scheme which isn’t a pyramid - no exceptions.
KickICO, a platform for ICOs and crowdfunding has been hacked and lost 70 million KICK tokens. Luckily (or unluckily?) they used the same approach as Bancor in developing their smart contract, and had backdoors built in which allowed them to take back control of the token and all stolen amounts.
How many backdoors in the tokens you own are you aware of?
With such a fertile ground for scams and fraud, it’s no wonder the blockchain sphere is attracting law enforcement’s interest. Let’s see some actions promising a cleaner crypto world.
The Shinil Group is being investigated by Korean watchdogs after announcing they’ve found a sunken Russian ship full of gold. They claimed they would tokenize the gold and offer it in an ICO, which collected 50 million USD in the pre-sale alone already. The group’s CEO, Yu Ji-beom, is known to the authorities for prior real estate fraud, KoreaJoonangDaily reports.
Long Island Ice Tea which last year renamed to Long Blockchain to pump the price of its stocks was just served an SEC subpoena under claims of stock price manipulation.
India’s law enforcement arrested two men running a ponzi scheme called Ripple Futures in which daily and monthly returns were promised to investors, along with a 250-day 300% return. They robbed 1800 investors of 4 million in USD.
Another interesting crime is sim swapping - a method used by the recently arrested Joel Ortiz and his posse. Sim swapping is the process of calling the telecom operator of a mobile number and convincing customer support that you lost the number and that they should redirect calls and messages to a new number - one you already own. This provides you with 2FA access to someone’s account, which lets you into most services using SMS 2FA today.
This is why it’s very important to regularly check if your data has been sold via pages like Have I Been Sold, because a great many conferences (e.g. Consensus, from which many of the victims in this scam come from) sell the information about their attendees to interested parties. One of the most notorious sellers of private data is Coinbase’s Earn.com.
Status Quo and regulation
As usual, the traditional financial industry is holding on to its status quo like a cat to a tree branch over water. But no cat can stay dry when the tree is being pulled out from the root, regardless of claw sharpness.
While SEC and financial institutious are dealing with definitions, regulations, rules, and generally trying to understand the blockchain, sometimes even going as far as arguing passionately, the blockchain is encountering real, technical blockades in other areas.
It is in Google’s best interest to keep banks and governments happy, else they’ll lose their tax discount. At the same time, they’re very disappointed to not be able to openly experiment with an exciting new technology such as blockchain. So, in a desperate attempt to play both fields (Google Cloud is adding blockchain support soon), Google decided to remove all apps that contain mining scripts from the Android Play Store, even those honest about it. Swinging hard and not being able to pull the hand back, they accidentally removed the MetaMask extension from Chrome Web Store too, exposing hundreds of users to phishing copies of MetaMask now showing up first in search results. This terrible oversight on a tech giant’s side prompted MetaMask to re-evaluate the hosting methods on offer and look into alternatives for providing their users with the software.
Mining and Electricity
The Tri-City Herald published an announcement that Franklin PUD - the utility company providing the region with electricity - will no longer take applications from mining companies. The cite the increased and unsustainable demand as the reason, but it’s fair to say that the pressure is likely coming from much higher up. The Tri-City area has historically been very appealing to miners because of cheap power.
Even those who want to, can’t
BBVA, Spain’s international bank, previously combined the private blockchain (Hyperledger) with the public Ethereum blockchain in an effort to publicly register (for the sake of public audits) the existence of privately created loans. These loans are in the range of over a hundred million euro, so the experiments are far from trivial. However, due to the advice of the EBA (European Banking Authority) from 2014 which suggests that banks avoid holding even the smallest amounts of cryptocurrency, BBVA was not allowed to hold enough to even pay for gas. They were forced to use a testnet which uses a simulated, worthless version of ether to get around this “advice”.
While the holding of cryptocurrency is not strictly forbidden, it is generally not advised to go against the advice of the EBA so BBVA’s interesting experiment got stuck in limbo until the community finds a way to make transactions on the Ethereum blockchain pay for themselves.
Swift is Fighting
Swift - the slow and expensive but almost sole legal option for international payments - is fighting tooth and nail against being outdated by the new wave of fintech. It’s even experimenting with its own DLT implementations.
Great CryptoFirewall of China?
The agency in charge of China’s censorship published a job ad for a blockchain expert. The job appeared just as blockchain’s use to circumvent China’s censorship is ramping up, so it’s likely they’re looking for someone to circumvent the circumvention. The arms race has begun.
What’s new in the world of regulation? Have we lost or gained any privileges?
Other than some closed door meetings (protip: Nasdaq is launching a crypto exchange next year), G20 finished its meeting and deliberations on cryptocurrencies and delayed bringing more rules to the table until October 2018.
California voted YES on AB 2658 which formalizes blockchain as a technology, creating a framework for companies and government institutions to navigate through should they wish to implement it. It was defined as “a mathematically secured, chronological, and decentralized ledger or database of transactions or other data.”. According to the confession of a witness at the hearing, the board was receptive to keeping technological innovation in the USA.
IBM still pushes its private version of the blockchain (Hyperledger Fabric) in all directions with a planned culmination in LedgerConnect - a suite of features all private blockchain implementations can share. LC would include KYC/AML, addons for blockchains, data sharing, etc. 1, 2
While some companies have honest and good intentions when registering patents for the sake of protecting innovation, others are more greedy and want to stop everything in its tracks. Accenture, for example, wants to patent the supply chain on blockchain - moving goods from point A to point B - something that’s been explained and demonstrated by at least a dozen blockchain startups so far. Whether their intentions are fair, you decide.
Mobius, a tumbler for Ethereum, is now available. Tumblers serve to mask transactions by mixing input amounts into one big one and sending outputs in smaller random amounts to different addresses at different time intervals, hiding whose amount matches an output. The watchers of these transactions cannot figure out who an input or output belongs to, so the user can get some anonymity. Mobius is open source on Github, and you can read the whitepaper here.
Clash of the Titans
Vitalik Buterin, the cofounder of Ethereum, and Charles Hoskinson, the founder of IOHK and its Cardano blockchain clashed brains in this Reddit thread over the difference between Ouroboros and Casper - the upgrades awaiting their blockchains. The result is a very interesting and stimulating, albeit complex discussion.
Infura, the company behind the free Ethereum and IPFS node hosting and accessing service, launched EthQL - a version of the GraphiQL tool which is used to search a GraphQL database. The transferred the Ethereum blockchain into GraphQL form and made it possible to search it with this in-browser tool. You can read balances, transactions, block metadata, and more. Find our more here.
Ethereum: Shasper and Constantinopole
Ethereum is testing code for Casper and Sharding, two upgrades which should significantly improve the blockchain’s security and throughput. They’re planned for Q4 of 2018. In the meanwhile, we’ve got the Constantinopole upgrade pending some time in October.
Here are some interesting guides and tutorials of a more technical nature.
- LearnPlasma is a repository of Plasma resources - learn what it is, how it’s used, and more. To better understand what it’s about, first read this Plasma Cash Primer.
- Here’s how to generate a GraphQL schema for Ethereum
- A video playlist about Waves smart contracts
- Calling arbitrary functions in smart contracts
- How to integrate ENS into your own dapp
- A nice video about Solidity best practices from a Brisbane Ethereum developers meetup
New Versions of Tools
Uport added big changes to their identity management process. If you’re using their tools to handle blockchain identity management on mobile, this is a good read.
EtherWalletKit is a collection of iOS tools for adding an Ethereum wallet into your mobile apps.
More Useful Content
If you still haven’t had enough, here’s more links.
- What’s an Ethereum light client and why should you care?
- State of Stablecoins - Which ones exist and how are they doing from a tech and regulation perspective?
- Stephen Wolfram Podcast: Buzzword Convergence: Making Sense of Quantum Neural Blockchain AI
- Interacting with smart contracts from Elixir.
- Explaining the Bitcoin ETF. The ETF has been rejected, but the decision might not be final.
- Consensys: Trusted Compute Resources or how Consensys plans to speed up and upgrade the Ethereum network with a light trust layer
- Quantum computers and the blockchain
- What is the MakerDAO and how does it keep a stablecoin’s price?
- A guide through Ethereum token standards
- Developing apps on Airswap
- Using smart contracts as multi sig wallets
- What’s Request Network doing at the moment? What is their prime directive?
That’s all for this week - we’ll see each other again next Friday! If you have any interesting links to share, experiments, or just words of praise or critique, please shoot them over on Twitter or via firstname.lastname@example.org!