The discussion on an Ethereum issuance change is growing, but there's a lot of one-sided takes. I've developed https://t.co/plfpLClnkv to help navigate this discussion, as well as others, in a neutral and balanced way.
There's 3 paths for moving forward:
- change issuance
- don't change issuance
- wait and revisit later
The site maps out arguments for/against an issuance change as well as counterarguments for each to help develop an informed assessment about the tradeoffs of each path.
The EU age verification app is presented as “completely anonymous”. But the risk is that member states (the countries are supposed to create their own versions of the open-source EU app) use it to introduce identity verification that makes it impossible to post anonymously on social media.
The idea behind “completely anonymous” is to use Zero-Knowledge Proof (ZKP) cryptography to break the link between the age credential issuer (EU governments) and the regulated services/sites. Currently, the EU app does not have ZKP functionality, contrasting Ursula von der Leyen’s claim that the app ”is technically ready to be used”. But more importantly, the app is designed to always function without ZKP technology; if ZKP is unavailable, the app falls back to a non-ZKP model. Even if fully developed ZKP technology could be implemented in the future, it would remain an optional extra feature that countries may choose to disable and that the EU could remove at any time.
This means that the EU could decide at any time that ZKP may no longer be used, and in one stroke the app would fall back to its default mode, meaning that every post on social media carries an ID tag. By that point, an infrastructure will already have been rolled out; people will have gotten used to it, and it will be harder to roll it back.
More details on https://t.co/wTVKHMS1zg
Today I'm releasing https://t.co/8JYBYUbyLq
Since @AttestantIO released Vouch and Dirk in 2020, they have respectively become the industry standard multi-beacon validator client and bls threshold signer implementation.
Now you can use Dirk with any Validator Client.
Liquity V2 was designed amid the EigenLayer craze. Every bro was telling us: “You must include xyzETH, it is the future for France.”
We looked at a good dozen LSTs, really wanting to expand our collateral offering. But in the end we decided against all of them, ending with ETH, wstETH and rETH as collateral only.
That was a difficult decision, as you willingly exclude a huge collateral base.
On the other hand, when deploying something immutable you want to be extra sure its longevity is guaranteed.
This doesn’t make Liquity bulletproof - nothing in DeFi is.
But the tighter collateral base, no admin keys and avoidance of TradFi make the risk lower.
Considerably lower.
Does Vitalik decide what goes into Ethereum? ❌
Does the EF control everything? ❌
Is it all backroom deals? ❌
@nixorokish from the @ethereumfndn breaks down the reality of core governance. It’s a meritocracy of 500+ unique contributors, where community members can (and do!) steer what gets built.
From the "gas limit" movement to shaping upcoming forks like Glamsterdam, Nixo explains how you can identify pain points, rally the community, and steward EIPs into the protocol. 🔱⛓️
#ETHBoulder
@potuz_eth This is what happens when you boost an org that consistently moves to increase their dominance of the total stake, they always want to eek a little more.
New post on https://t.co/j5UaKGaEf3!
Ethereum Settlement Score (ESS): Revitalizing the Rollup-Centric Roadmap
By:
- gitpusha
🔗 https://t.co/dA1jH0ZhbX
Highlights:
- Most Layer 2 solutions are not using Ethereum's security effectively, often relying on third-party bridges instead.
- The Ethereum Settlement Score (ESS) is a new metric that measures how much an L2 actually uses Ethereum's security features.
- Current metrics give a misleading impression of L2 maturity, focusing on theoretical security rather than actual usage.
- Native rollups are essential for achieving true Ethereum security without relying on intermediaries.
- Zero Knowledge technology will enhance the user experience by allowing instant withdrawals, making Ethereum's security more accessible.
ELI5:
This article talks about how Ethereum's Layer 2 solutions (L2s) are not using Ethereum's security as they should. It introduces a new way to measure how well these L2s are doing in terms of security and efficiency, called the Ethereum Settlement Score (ESS). The goal is to make sure that L2s are truly benefiting from Ethereum's strengths, like being secure and resistant to censorship.
Anonymity shouldn't be symbolized by the dark cloaked figure
Anonymity should be symbolized by the young child at the playground, the woman in a summer dress, the elderly couple enjoying mimosas on their terrace
You don't know that child's name, nor the woman's body, nor the couple's financial history. This is proper, for you have no right to it.
Privacy should be the default cultural expectation among good society.
The EU initiative Going Dark has now been launched by the EU Commission. They call it ProtectEU.
It’s a rebranding of Chat Control. New name. Same old propaganda.
The EU Commission’s goal is to “access encrypted data in a lawful manner, safeguarding cybersecurity and fundamental rights.”
Read the full release from the Commission here:
https://t.co/oenpxJ1SME
There are a lot amount of people capitalizing on this hack to sell their fancy multisig, semi-custodial, MPC, blah blah blah product to you.
They say that they would've prevented this hack.
Those products make your attack surface LARGER, not smaller.
Do not believe their lies
ELI5 why we cannot "rollback" Ethereum?
After yesterday's Bybit hack, crypto commentators are again asking why Ethereum cannot "rollback" the chain to reverse the hack.
While experienced ecosystem actors near-unanimously agree that this is infeasible, it's worth breaking down why this reasonably sounding proposal is technically intractable for less knowledgeable observers. If that's you, consider this an "ELI5" version of why this is impossible.
First, some context on rollbacks:
The idea of a blockchain "rolling back" stems from an early incident in the Bitcoin blockchain. In 2010, less than two years since Bitcoin's launch, a bug in the client software caused 184 billion (yes, *billion*) Bitcoins to be minted in block 74638.
To fix this, Satoshi released a software patch to the Bitcoin client which invalidated the transactions. This had the effect of "rolling back" the chain which had kept growing in the meantime to block 74637. In less than a day, the new chain had accumulated enough proof-of-work to become canonical and all user transactions that had been rolled back were included in the new chain. Note that at the time, Bitcoin's mining difficulty was 10 billion times lower than today, and the BTCUSD price was about 0.07$.
In short, this situation was unique in that a clear protocol bug led to the problematic transactions, which could easily be identified due to their large amount. Additionally, Bitcoin's limited adoption made it easy to distribute a new client version and quickly mine a new chain segment.
Ethereum and TheDAO:
Ethereum's early history had a superficially similar crisis which often leads to confusion about the practicality of rollbacks. In 2016, a popular Ethereum application, TheDAO, had ~15% of all ETH in existence under its control. Unfortunately, a hacker found a bug in the application's code that allowed them to steal all of these funds. This was notably different than the Bitcoin situation because the Ethereum protocol worked as intended, it was the application built **on** Ethereum that had an issue.
Luckily, the developers of TheDAO had implemented a failsafe where withdrawals from the applications were frozen for a month before they were completed. This presented a unique opportunity to address the bug: the code of the application could be changed to prevent the funds from ultimately going to the hackers.
Because there was no way in the application itself to do this, Ethereum protocol developers had to make the change directly in the blockchain's history. This is called an "irregular state change", because the "state" of the application was changed by manually updating the database, rather than, say, by a valid Ethereum transaction.
A rough comparison to the Bitcoin bug above would be to have set the balance of the addresses that received the 184 billion BTC to 0, rather than re-mining a chain excluding those transactions.
This upgrade was contentious and the Ethereum community effectively fractured over it. A subset of miners refused to run the software patch and kept mining on the chain where the hack happened, which still exists as Ethereum Classic. The chain that is known as Ethereum today is the one where this software upgrade was activated.
Again, this situation was unique. Hacked funds from TheDAO were effectively frozen for a month, giving time for the community to coordinate on a software upgrade. The funds being frozen had another major advantage: there was no "contagion" from the hack. Had the hacker been able to move funds at will, "freezing" the funds would be an impossible cat and mouse game, as the protocol is open source and any potential change which froze the funds would have to be broadcast to the hacker, giving them plenty of time to move their funds elsewhere.
Which brings us to the Bybit incident.
Why we can't rollback Ethereum
Earlier this week, the Bybit exchange had 401,346 ETH (~1.4B USD) stolen. The theft was caused by the custodian of the funds signing a misleading transaction in a compromised multisig interface.
The root cause for this hack was higher up the stack than both TheDAO and the Bitcoin overflow bug. There were no issues with the Ethereum protocol, or even with the underlying multisig application used by Bybit. Instead, a compromised interface made it appear as though a transaction was doing one thing while it was actually doing another.
From the perspective of the Ethereum protocol, there is nothing to distinguish that transaction from other legitimate transactions on the network. There is no protocol rule that was broken where patching the issue would isolate the hacked funds, like in the case of the Bitcoin exploit.
Furthermore, the funds were immediately available for the hacker to spend. Unlike in the case of TheDAO, where the community had a month to deploy a surgical intervention, here the hackers immediately started moving the funds onchain.
Even if we could solve the cat and mouse game described above, the Ethereum ecosystem is far different today than in 2016. DeFi and bridges to other chains mean that any stolen funds can easily be mixed within a web of applications. For example, stolen funds can be swapped on a decentralized exchange, with the resulting tokens being used as collateral in a DeFi protocol, where the borrowed assets are bridged to a completely separate chain.
This level of interconnectedness means that any irregular state change, even if socially palatable, would have near-intractable ripple effects. A "full rollback", where a portion of the recent chain history was invalidated, would be even worse. Any settled transaction, many of which have implications outside Ethereum (e.g. exchange sales, RWA redemptions, etc.) would be undone, with no way to revert the offchain half of it.
So, to conclude, while Bitcoin was able to "rollback" its blockchain 15 years ago, today, the interconnected nature of Ethereum and settlement of onchain <> offchain economic transactions, make this intractable today.
Technically, irregular state changes are still possible on Ethereum in cases where funds are frozen and isolated. The last time such a change was proposed, in 2018, to address a bug in Parity's multisig wallet where ~500,000 ETH were frozen (see EIP-999), it was strongly opposed by the community of the contention resulting from TheDAO.
ACD call today spoke of the hardware requirements again (EIP will be finalized in a week) - my suggestion was that we aim to keep validators net profitable after hardware costs within 6-12 months (we're currently at 4 months to make up hardware costs)
There was pushback today on that suggestion because "what if LSTs push up to 99% ETH staked and rewards go to zero, we can't be expected to decrease the hardware requirements"
First - this is a legitimate flaw in the proposal but, second, suggests to me that Ethereum researchers have decided that it's inevitable to have to optimize the network for the eventual scenario that it just won't be economically rational to run a validator, unless it's professionally as an LST operator.
If that's the direction we're going in, we should at least be aware and explicit that it's where we're headed: our current trajectory leaves us with an LST-only scenario and nodes run from home are purely hobbyist or development-related endeavors and certainly not profitable.
imo, we should be choosing where we're headed, not let our network's direction be defined by capitulation or inability. If this is where we need to go, then that's that and we should be explicit about it. If it's not a good direction, then we're not being forthright about lacking the creativity to develop a solution that keeps solo stakers existing.
With inclusion lists and the ability to run a (zero rewards) node from home, it certainly doesn't kill Ethereum's original intent of censorship resistance and universal auditability, but it looks a lot different than what it was aiming for with at-home validation. This kills the solo staker.
Yesterday, an emergency proposal appeared on the MakerDAO @skyecosystem forum and voting portal. This proposal, which has passed but still pending timelock, dramatically increases both the amount and the LTV that Maker will lend against its own gov token.
See below:
@GiulioRebuffo@ralwart1@basedBPDqueen@drjasper_eth It sounds like you and I are interested in building very different things. All nations banning crypto would not change my position on crypto, if anything it would reinforce it.
Revolut is specifically banning GrapheneOS by checking for the build machine hostname and username being set to grapheneos. We've changed these to build-host and build-user. Combined with another change, this allow our users to log in to it again until they roll out Play Integrity API enforcement.
There's no legitimate excuse for banning using a much more private and secure operating system while permitting devices with no security patches for a decade. Meanwhile, Revolut's shoddily made app tells users they're banning GrapheneOS because they're "serious about keeping your data secure".
Revolut's app will stop working against once they start enforcing having a Play Integrity API result showing it's a Google certified device. This is not a security feature but rather anti-competitive behavior from Google deployed by apps like Revolut wanting to pretend they care about security.
Revolut uses a bunch of shady closed source third party libraries in their app and it's one of these libraries banning GrapheneOS. These libraries are a major security risk and put user data at risk of being compromised. Revolut is not taking user security seriously at all and is cutting corners.
I have a different perspective on eth in the age of deregulation and trump than many of you
ethereum started as a "big tent" culture, masterminded by V. welcome everyone. build it together. but it was early, so what you had early on was all (insane, irrational) visionaries who felt rejected and saw a different future than the one society, finance, and tech was offering
as we grew, we leveraged the "big tent" for growth and community. many sub-tents formed. as I saw it this was eth's way of building the bazaar, and of bringing these visionaries' impact into the broader world
big tents have limits, it is well known, as do most more horizontal societies. the ones in the tent talked more. being in the tent was hard, and expensive. this gave power to those who stayed in the tent longest and funded the ones in the tent, which made tourists to the tent shout "mafia" when they came to demand things from the tent and the citizens conferred
as the tent gets bigger and bigger, more and more "normies" find the tent; businesses, traders, builders, product people, etc. their ambitions found both friction and synergy with its citizens
at least in the eth tent, extractive nihilism has never been embraced. we saw this in 2017; many residents complained as the most extractive among them launched massive tokens with thin and often false promises, clearly to enrich their bank accounts, and drove away in Lamborghinis
I think at some point, you need to accept that your tent can't hold everybody. do we actually want the most extractive casinos, the least durable coins, and the most gambly environment? personally if that's all we had left, I'd leave the tent at that point, but that is just my ethics, I can't determine it for you
the flip side is, after 10 years of buidling, I have never felt that ETH is better positioned to actually have a fair shake at achieving its goals
we are undoubtedly in the next 10 years going to live through a time of great economic change. the wheat will be separated from the chaff. the people are not stupid, and they know how to evaluate systems that align with them and their values
if we actually manage to drive the change we have all seen in the world and have been rowing towards for decades now, together, I think crypto might have a shake. the scams serve to educate people more
as a builder -- the speculators will always tell you to kiss the scam ring and build for their short term extractive machine. make your own judgments, you are a human being
for me, I grew up around wall st. speculative pressure is nothing new to me. scams are nothing new, even on the nation state level. personally I explicitly chose not to build that, and will feel great about continued choices to not build things like that with my limited life energy
what durable change are we really trying to make? is it to make wall st more efficient? I don't think so. is it a product? probably not. I like that the EF account tweeted "world computer" because this gets closer. it is not the best system for pink sheets, but a fundamentally new way to do, well... all of it
revolutionizing finance was a happy little accident, but I see the job of eth as to bring the properties of the best world computer to finance -- privacy, decentralization, fairness, and cooperation are a few I value. if you build the best system for that, of course it will do finance better, precisely because it is not limited to that
I think eth actually has and always has had a very clear identity, thanks to those early visionaries who came before me. what we accept and reject defines that. we should never feel insecure in that, no matter how loud people yell
zoom out, open a terminal instead of a twitter window, and let's fucking go
The whole point of market mechanisms (aka fees) is that we don't have to play social games making arbitrary definitions of what is and is not an "attack".
Openness and censorship resistance means that any application that pays fees is welcome onchain. If you start arbitrarily labeling use cases as attacks, this is the first step to becoming a censor.
Participants are free to have opinions on the application or the applier, and publicly communicate their approval or disapproval, and even socially coordinate refusing to promote the application or accept its coins (eg. as privacy pools does to defi hacks); this is also part of a free society. But this is NOT the responsibility of the L1: that would be the route to blockchains losing their status as one of the last standing bulwarks against the global splinternet trend.
You should be suspicious of anyone who tells you that decentralization doesn't matter
This is a talking point that the biggest grifters and scammers have used to absolutely fleece this industry of billions of dollars over the years