On November 9, Ethereum creator Vitalik Buterin published a blog post exploring the class of technology known as zero-knowledge Succinct Transparent ARguments of Knowledge (zk-STARKs) and how they differ from the related and better-known mechanisms that fit under the gloss of zero-knowledge Succinct Non-interactive ARguments of Knowledge (zk-SNARKs).
The concept for zk-SNARKs (which predates Ethereum, but in the Ethereum context could be used to verify transactions) caught the attention of several of that blockchain’s developers as a result of its anonymity-enabling properties.
While currently the sending address, receiving address, and the amount of Ether involved in every Ethereum transaction is a matter of public record, zk-SNARKs would effectively mask these three data points, potentially making the platform more attractive to privacy-focused users.
Among the features that enable greater anonymity is the use of a non-zero “random secret number.” The prover of a transaction multiplies this number by the product of two mathematical functions, then sends the verifier the resulting value as well as the value of the random secret number. With this information, the recipient node can verify a transaction while knowing almost nothing about it.
As the ability to verify transactions faster has become a more central concern for Ethereum, several of the blockchain’s developers have started looking at zk-SNARKs as a means to boost scalability. In addition to their potential to enhance privacy, zk-SNARKs offer the benefit of reducing transaction verification time relative to the capacity of the current protocol.
Zk-STARKs share this feature with their more famous SNARK “cousins,” but according to Buterin, also address several shortcomings, including their “reliance on a ‘trusted setup.’” Additionally, he claims that the technology is theoretically “secure even against attackers with quantum computers.”
While he estimates zk-STARKs’ proof sizes to be “a few hundred kilobytes” relative to zk-SNARKs’ 288 bytes, he argues that the tradeoff may be worthwhile “in the context of public blockchain applications where the need for trust minimization is high,” and most certainly will be “if elliptic curves break or quantum computers do come around.”
According to a PowerPoint document by computer science professor Eli Ben-Sasson, who Buterin thanks by name in his zk-STARKs blog post, a “[computational integrity and privacy] system is transparent if setup and all verifier queries are public random coins.” Unlike this technology, zk-SNARKS require a “non-transparent setup phase.”
For further details, be sure to visit Buterin’s blog post, here.
Adam Reese is a Los Angeles-based writer interested in technology, domestic and international politics, social issues, infrastructure and the arts. Adam is a full-time staff writer for ETHNews and holds value in Ether.
Like what you read? Follow us on Twitter @ETHNews_ to receive the latest Vitalik Buterin, Ethereum or other Ethereum ecosystem news.
On July 5, 2017, Vitalik Buterin answered an inquiry posted on r/ethtrader to address which Ethereum critiques merit consideration and discussion. As co-creator of Ethereum and the most visible face of the Ethereum Foundation, Buterin articulates concerns that are likely prevalent among those in the development community. In this article, I will attempt to explain Buterin’s concerns in layman’s terms.
IMO [In my opinion] the most valid criticisms of Ethereum as it currently stands are:
1. Scalability sucks; the blockchain design fundamentally relies on bottlenecks where individual nodes must process every single transaction in the entire network
From a social and technical standpoint, scalability is a major obstacle to Ethereum’s continued development. As the network grows, achieving consensus to enact significant changes will prove more difficult. Detraction by mining pools and activists alike may hinder Ethereum’s rise. From issues of size and speed to throughput limitations and gas controversies, there is no overarching solution to scalability. Instead, it’s a puzzle that will require work on many fronts – which is probably why Buterin lists this as the number one issue.
2. PoW is extremely expensive, and furthermore is fundamentally vulnerable to 51% spawn camping attacks with no effective strategy for recovering from one. Selfish mining is profitable starting at 25-33% hashpower, and 51% censorship attacks are definitely profitable.
In its simplest terms, Proof-of-Work (PoW) is the way that miners confirm transactions and enter them into a blockchain. The longer a blockchain becomes, the harder it is to alter previous transactions. However, by virtue of the way mining works, a blockchain is susceptible to a “fifty-one percent attack.” Controlling the majority of computing power in the network is akin to controlling the House or Senate in American politics. Pushing legislation (transactions) through can’t be stopped by the minority. In passing, Buterin also references the difficulty of recovering from attacks (nobody needs to be reminded of The DAO) and worries about selfish mining, an attack which would give a pool an unfair advantage and disproportionate opportunity to mine blocks.
Although PoW is due to be replaced by Proof-of-Stake (PoS), for now, the cost incurred by the Ethereum network is absurd. According to Digiconomist’s Ethereum Energy Consumption Index, the network is using approximately the same amount of electricity as Moldova (a country of 3.5 million people). From an environmental and technical standpoint, Ethereum needs to step up its game to be feasible for widespread adoption.
Lastly, “spawn camping,” which evokes video game terminology, is one of Buterin’s recently invented phrases. On Twitter, Buterin explains that spawn camping occurs when “a 51% miner cartel keeps attacking over and over again, rendering the chain useless.”
3. Privacy sucks
The desire for privacy in cryptocurrency has enabled the rise of Zcash and tumbling. In digital currency, tumbling mixes small amounts of a coin from independent pools to pay for a transaction. Imagine that you were buying an XBOX at Costco and wanted to be anonymous. If you gather $5 from each of your friends to pay, then it would be much harder for the cashier to figure out who originally wanted to buy the console – this is obviously a very watered down explanation. Nonetheless, this makes it much harder to trace the transaction’s originator.
Replying to a comment on the same thread, Buterin explains, “There’s a plan to develop a general-purpose HLL [high level language] that compiles to zk-snark verification.” Implementing a zero-knowledge protocol for Ethereum could make Zcash and tumbling services secondary, or even obsolete! Evidently, this is a development to follow closely.
4. It’s hard for regular users to hold large amounts of funds without running substantial risks of theft or loss due to theft or loss of their private keys.
If you had one irreplaceable, unique key to your house, then losing it would be devastating. Storing your valuables in your house might seem like a good idea for security purposes, but you would also need to weigh the chances that you may permanently lose access to your belongings. Cryptocurrency users face this same dilemma with wallets.
Additionally, centralized wallet providers present an attractive target for hackers, so keeping a significant amount of cryptocurrency in a single wallet is a risky proposition. While spreading your funds across several wallets can help avoid a catastrophic event, this also requires keeping track of multiple private keys. Investors need to weigh the benefits of a decentralized currency versus the absence of a third-party mediator. Ultimately, there’s no customer service department on the blockchain.
5. Economics do not encourage good “storage hygiene”; insufficient incentives for clearing storage and insufficient cost for filling it, especially for long periods of time
6. Bunch of various marginal technical inefficiencies.
On reddit, Vitalik responded directly to my request for elaboration. Fair warning, this is deeply technical.
With its 256-bit values, the EVM is substantially less efficient than it could be, making it hard to implement many kinds of cryptographic primitives.
The trie is hexary and not binary, and there doesn’t yet exist a data format for taking advantage of the redundancy between a trie node and the fact that the hash of the node is in that node’s parent; these two things together mean that Merkle branches are ~4x longer than they need to be.
RLP is somewhat overcomplicated; if I could redo it I would remove the single-byte case. I’d also come up with a trie format that doesn’t use RLP to keep it simpler and easier to encode and decode.
The storage tree is 2-layer and not 1-layer. This makes various optimizations harder to implement and adds more edge cases.
The storage tree doesn’t properly let users take advantage of the fact that fetching and writing anywhere up to a few kilobytes to a database doesn’t cost that much more than fetching or writing 32 bytes. As a result, most applications take substantially more DB reads than they need to.
All current implementations of the state tree do an account or storage read by hopping through the tree in the DB. This makes any state reading opcode take O(log(n)) database reads when there exists a way to only make it take one.
Quite a few gas costs are probably still not well-optimized.
Not enough ability to take advantage of parallelization.
Edit: 7. It’s hard for regular users to know that contracts they are interacting with do what they say they do, and do not have accidental or malicious bugs.
Auditing code is crucial for users to trust the contracts on the Ethereum network. Buterin notes that “regular users” (or non-technical folks) often don’t know how to protect themselves. On a governmental level, that’s why the US has agencies like the FDA. Experts help make sure that complicated architecture functions like it claims to – and certify that products are safe for consumption. The newness of Ethereum, and its accompanying applications, makes it hard for non-technical folks to determine what meets a suitable standard for investment or usage.
In all, these concerns reflect thoughtful and patient leadership, qualities that will be necessary as Ethereum expands its reach. Buterin’s willingness to engage in a public forum like reddit demonstrates that he acts as a strong bridge between the technical and non-technical worlds. Continued discourse and careful discussion should allay fears and attract additional support for the network.
On Monday, the Enterprise Ethereum Alliance announced 86 new members that will work together to develop business applications on the Ethereum blockchain, including Toyota, Deloitte, Samsung SDS, and the National Bank of Canada.
Ethereum is an alternative to bitcoin, which still dominates the cryptocurrency world. But while bitcoin has become a haven for speculators trying to win big by trading coins, Ethereum’s promise is that its blockchain—the public ledger that records all transactions—is chiefly a platform for developing apps, powered by economic incentives. One often-floated use case for blockchains in the financial industry is as a settlement layer to instantly close transactions without middlemen.
The alliance, which was founded in February of this year, is a global foundation with more than 100 members which include financial institutions like JP Morgan, Credit Suisse, and Banco Santander. Its goal is to develop business applications with Ethereum. Membership in the alliance grants organizations the ability to participate in meetings and events, as well as to make contributions to technical documents and white papers.
This isn’t the first time the Bank of Canada has dabbled in cryptocurrencies. The bank ran a pilot using an in-house digital currency to conduct interbank transactions on a blockchain in 2016, snubbing the existing bitcoin currency. However, a recent staff paper proposed ways to regulate bitcoin. Membership in the alliance is the first time the bank has indicated that it wants to have a hand in developing an existing digital currency platform itself.
Neither the National Bank of Canada nor the Enterprise Ethereum Alliance were available for comment at the time of publication.
Interest in Ethereum is growing as its boy genius creator, 23-year-old Vitalik Buterin, continues to travel the world and spread its gospel. Ethereum still might not be as valuable as bitcoin (one coin is worth over $2,000 USD at the moment, while one denomination of Ethereum, called ether, is worth $163), but it could be a whole lot more useful for banks. It was designed from the ground up to accommodate applications—called dapps, or “decentralized apps”—while bitcoin is still just a currency to many.
Joining the EEA is one more indication that the Bank of Canada is open to new technologies in the finance industry, but perhaps even more significantly, it appears to have chosen Ethereum as its horse in the race over bitcoin.
Bitcoin can be a very technical subject, and oftentimes people have to find various resources online to educate themselves. However, there are a few organizations that instruct cryptocurrency enthusiasts through training and curriculum in order to edify the growing field of bitcoin professionals.
Education and Professional Expertise Helps the Growing Bitcoin Economy Flourish
As the bitcoin economy grows, there are many people looking to learn about the bitcoin protocol and the growing cryptocurrency ecosystem. A leading-edge network of professionals that understand the technology is needed to bolster the innovative technology into the future. In 2017, there are few ways an individual can become a certified bitcoin professional to advance their knowledge and careers.
Three Online Academic Bitcoin Courses
The Cryptocurrency Certification Consortium
One educational program called the Cryptocurrency Certification Consortium (C4) teaches students how to be certified bitcoin specialists. C4 has three types of courses that enable people to become either a Certified Bitcoin Professional (CBP), a Certified Bitcoin Expert, and a Certified Ethereum Developer.
A graduating CBP claims to give an individual a significant grasp at understanding the bitcoin protocol, transactions, and network operation. “CBPs are able to apply Bitcoin technology to their professional area of expertise and understand privacy aspects, double-spending, and other issues that relate to the currency,” explains the educational consortium. The cost to become a CBP involves two years of study at the cost of $95 for the course and a $30 renewal fee.
A CBX gives an individual “expert-level knowledge” about bitcoin, says the consortium. C4 also claims the certification gives a person the ability to develop blockchain applications as well. “CBXes understand how peers communicate on the Bitcoin network, how transactions are crafted at the byte level and how Bitcoin scripts can be written to customize the behavior of transactions,” C4 details. This course is three years long but is not yet available to students.
The consortium is backed by a board of directors which include Andreas M. Antonopoulos, Vitalik Buterin, and Michael Perklin. Furthermore, C4 has well-known advisers such as Ethereum co-founder Charles Hoskinson, Director of the Bitcoin Education Project, Peter Todd, Bitcoin Core Developer, and Steve Dakh, author of Kryptokit and Rushwallet.
Digital Currency Council
The Digital Currency Council (DCC) was created in 2014 in New York by David Berger, the school’s founder and CEO. DCC claims to have over 1500 members from 90 countries worldwide utilizing the organization’s digital currency training, and certification. The group calls itself an “association of professionals in the digital currency economy.”
The DCC Professional Certification Training Program is shorter than the two-year consortium course with only a seven-hour online program. However, the course is far more expensive costing $299 for students taking the final exam. The DCC advisory faculty covers the six sections called “core competencies” which include cryptocurrency technical underpinnings, monetary implications, practical use, bitcoin’s ecosystem, accounting, and legal subjects. DCC also offers a self-assessment test to see if you qualify for the certification training program. The school is also backed by Barry Silbert’s Digital Currency Group and the Silicon Valley accelerator 500 Startups.
“The DCC Certification, like other professional certifications, allows us to hold professionals who are advising clients to a higher standard, and provide a benchmark for evaluating skill and professional value,” Barry Silbert, CEO of the Digital Currency Group explains on the DCC website.
Coursera: Bitcoin and Cryptocurrency Technologies
Princeton’s Coursera computer science class called “Bitcoin and Cryptocurrency Technologies” is a free course from Princeton University. Assistant Professor Arvind Narayanan instructs the class on a variety of lessons that cover the innovative technology at a “technical level.” The next class begins on May 15 and begins to discuss cryptographic building blocks and introduces the concept of cryptocurrency.
“After this course, you’ll know everything you need to be able to separate fact from fiction when reading claims about Bitcoin and other cryptocurrencies,” explains the Princeton Coursera website. “You’ll have the conceptual foundations you need to engineer secure software that interacts with the Bitcoin network. And you’ll be able to integrate ideas from Bitcoin in your own projects.”
The Coursera class is eleven weeks long discussing subjects like decentralization, the mechanics of bitcoin, regulation, mining, altcoins, and more. Every week the course offers an interactive textbook, pre-recorded videos, quizzes, and projects. Furthermore, students can connect with other peers and converse about course material.
Furthering Bitcoin Careers and Creating Crypto-Professionals
There are other ‘certification style’ digital currency education programs online but do some research on the course and organization before registering. Teaching a broader audience of professionals is a good idea to continue progressing the new digital economy.
These types of certificate programs may even further an individual’s career, and it’s also possible to learn at home for free. Besides Coursera’s free course, there is a boatload of information on bitcoin and its technical aspects. However, people often enjoy a class setting and a certificate from an organization from accredited luminaries in the bitcoin space could go a long way.
What do you think about these certification programs and courses covering the cryptocurrency environment? Let us know in the comments below.
Images via Bitcoin.com, C4, DCC, and Coursera websites.
Bitcoin.com’s own store features a wide range of interesting Bitcoin-related products. Looking for a hardware wallet? We got ‘em. Want a good-looking t-shirt? It’s there. Want to gift a nice Bitcoin tea cup? Goshopping.