Author Topic: Apart from volatility, what risks surround the collateral behind BitAssets?  (Read 2357 times)

0 Members and 1 Guest are viewing this topic.

Offline starspirit

  • Hero Member
  • *****
  • Posts: 948
  • Financial markets pro over 20 years
    • View Profile
  • BitShares: starspirit

TurkeyLeg

  • Guest
This was a very helpful Q&A! Thank you OP, BM, Toast et al!

Offline cube

  • Hero Member
  • *****
  • Posts: 1404
  • Bit by bit, we will get there!
    • View Profile
  • BitShares: bitcube
The answer is that it would take a hard fork to touch it.  All delegates and users would have to update

So if somebody wanted to make a malicious change to the smart contract, and the delegates, as elected by the user community, identify it, they could choose to not go along with it. Its still possible I suppose the impact is not identified unless such changes are reviewed before required updates, but its good to know that the community has a potential path to protect itself here. The more I learn about BitAssets the more I like.

BM and toast have answered you. I will elaborate abit more for the layman out there.  It would be near impossible to do so, especially when the user base grows and becomes very large in the future.  To change this means all the users (including the inactive users) and the 101 top delegates must agree to download and run the new codes (eg wallet).  And the majority of votes must go to those 101 delegates who supported/wanted the change.  Near impossible, right?  This is the power of decentralisation where nobody can single-handedly control it. 

Cheers!   :)
« Last Edit: October 13, 2014, 02:02:10 am by cube »
ID: bitcube
bitcube is a dedicated witness and committe member. Please vote for bitcube.

Offline Riverhead

The answer is that it would take a hard fork to touch it.  All delegates and users would have to update

So if somebody wanted to make a malicious change to the smart contract, and the delegates, as elected by the user community, identify it, they could choose to not go along with it. Its still possible I suppose the impact is not identified unless such changes are reviewed before required updates, but its good to know that the community has a potential path to protect itself here. The more I learn about BitAssets the more I like.
I think where your confusion lies is in the who "they" are and how delegates work.

Delegates run the same client you do. Exactly the same. The delegate account is flagged as such which allows people to vote for them with their shares.

For a change in the logic, in this case we'll say a smart contract, 51 active delegates  (i.e producing blocks) would need to shut down their current client and start running the malicious client. You either have to trick a lot of people or buy, currently, about 12% of the $55MM market cap to control those delegates with your vote.

That better be one hell of a contract you're trying to change.

e: spelling.
« Last Edit: October 13, 2014, 02:37:20 am by Riverhead »

Offline toast

  • Hero Member
  • *****
  • Posts: 4001
    • View Profile
  • BitShares: nikolai
The answer is that it would take a hard fork to touch it.  All delegates and users would have to update

So if somebody wanted to make a malicious change to the smart contract, and the delegates, as elected by the user community, identify it, they could choose to not go along with it. Its still possible I suppose the impact is not identified unless such changes are reviewed before required updates, but its good to know that the community has a potential path to protect itself here. The more I learn about BitAssets the more I like.

Think of the risk as analagous to, "how do I know that bitcoin won't change to print 1bn new coins which will be dumped onto the market?"
Do not use this post as information for making any important decisions. The only agreements I ever make are informal and non-binding. Take the same precautions as when dealing with a compromised account, scammer, sockpuppet, etc.

Offline starspirit

  • Hero Member
  • *****
  • Posts: 948
  • Financial markets pro over 20 years
    • View Profile
  • BitShares: starspirit
The answer is that it would take a hard fork to touch it.  All delegates and users would have to update

So if somebody wanted to make a malicious change to the smart contract, and the delegates, as elected by the user community, identify it, they could choose to not go along with it. Its still possible I suppose the impact is not identified unless such changes are reviewed before required updates, but its good to know that the community has a potential path to protect itself here. The more I learn about BitAssets the more I like.

Offline bytemaster

The answer is that it would take a hard fork to touch it.  All delegates and users would have to update
For the latest updates checkout my blog: http://bytemaster.bitshares.org
Anything said on these forums does not constitute an intent to create a legal obligation or contract between myself and anyone else.   These are merely my opinions and I reserve the right to change them at any time.

Offline starspirit

  • Hero Member
  • *****
  • Posts: 948
  • Financial markets pro over 20 years
    • View Profile
  • BitShares: starspirit
Market movements excluded, collateral is as safe as any blockchain balance.
Thanks. But who or what (e.g. code of some sort, and where?) handles the private keys to these block chain balances, and enables the release when a short is closed out? I'm wondering to what extent we can consider this a trust-less and secure system. I'm not very technical on these things, but if there is a simple link I should refer to, feel free to let me know.

It's just a vanilla smart contract. The rules are, you can close the position when you can pay off the debt, which releases the collateral. The blockchain controls the funds while they are locked up.
Thanks. Though I'm not sure how a vanilla smart contract operates exactly. Is the idea that its a piece of transparent code sitting on the block chain? So who has the power to change it or control it? Who can stop a malicious change? Sorry my understanding is thin in this area, but I'm trying to look at it from the simple perspective of an wider market feeling comfortable with BitUSD - its great BitUSD is collateralised, but how well protected is the reserve from human risk? What's the simple yet accurate answer to that?

Offline toast

  • Hero Member
  • *****
  • Posts: 4001
    • View Profile
  • BitShares: nikolai
Market movements excluded, collateral is as safe as any blockchain balance.
Thanks. But who or what (e.g. code of some sort, and where?) handles the private keys to these block chain balances, and enables the release when a short is closed out? I'm wondering to what extent we can consider this a trust-less and secure system. I'm not very technical on these things, but if there is a simple link I should refer to, feel free to let me know.

It's just a vanilla smart contract. The rules are, you can close the position when you can pay off the debt, which releases the collateral. The blockchain controls the funds while they are locked up.
Do not use this post as information for making any important decisions. The only agreements I ever make are informal and non-binding. Take the same precautions as when dealing with a compromised account, scammer, sockpuppet, etc.

Offline starspirit

  • Hero Member
  • *****
  • Posts: 948
  • Financial markets pro over 20 years
    • View Profile
  • BitShares: starspirit
Market movements excluded, collateral is as safe as any blockchain balance.
Thanks. But who or what (e.g. code of some sort, and where?) handles the private keys to these block chain balances, and enables the release when a short is closed out? I'm wondering to what extent we can consider this a trust-less and secure system. I'm not very technical on these things, but if there is a simple link I should refer to, feel free to let me know.

Offline bytemaster

Market movements excluded, collateral is as safe as any blockchain balance.
For the latest updates checkout my blog: http://bytemaster.bitshares.org
Anything said on these forums does not constitute an intent to create a legal obligation or contract between myself and anyone else.   These are merely my opinions and I reserve the right to change them at any time.

Offline starspirit

  • Hero Member
  • *****
  • Posts: 948
  • Financial markets pro over 20 years
    • View Profile
  • BitShares: starspirit
Something I've been trying to understand is how secure is the (BTSX) collateral held behind BitAssets, because in effect the level of that collateral is a factor in how confident users can be of getting paid back if something goes wrong or demand falls. So my question is what risks are there, and what protections are either in place or need to be developed over time?

This is discussed in Max Wright's video from about 10:40 min

What are the best ways to hedge bitcoin?


https://www.youtube.com/watch?v=JAhDUk0r4-0&index=1&list=PL1zCD-urlm3iuJlUhq7Nwl5KuVXVShHKO

I watched the video, it was very interesting, thanks for the link, something I may watch more of in future. The main risks Wright discusses are BTSX volatility (i.e. if it falls so fast that shorts cannot be closed out before an under-collateralised position is reached - which he recognises as extremely unlikely) and the exchange counter-party risk of buying and selling BitUSD on exchanges (where he anticipates a more direct way for users to convert fiat <-> BitUSd in coming months to help negate this).

But is it possible for an under-collateralised position to result from security risks such as:
 - some sort of external hack?
 - malfeasance on the part of the developers, delegates or others?
 - a client or block-chain bug?
Or are these each essentially impossible because of the open-source nature, blockchain etc and why? Generally in the financial world there need to be protections around collateral, so I'm just trying to work out how that works for digital assets. Thanks.


Offline onceuponatime

Something I've been trying to understand is how secure is the (BTSX) collateral held behind BitAssets, because in effect the level of that collateral is a factor in how confident users can be of getting paid back if something goes wrong or demand falls. So my question is what risks are there, and what protections are either in place or need to be developed over time?

This is discussed in Max Wright's video from about 10:40 min

What are the best ways to hedge bitcoin?


https://www.youtube.com/watch?v=JAhDUk0r4-0&index=1&list=PL1zCD-urlm3iuJlUhq7Nwl5KuVXVShHKO

Offline tonyk

  • Hero Member
  • *****
  • Posts: 3308
    • View Profile
Something I've been trying to understand is how secure is the (BTSX) collateral held behind BitAssets, because in effect the level of that collateral is a factor in how confident users can be of getting paid back if something goes wrong or demand falls. So my question is what risks are there, and what protections are either in place or need to be developed over time?

1.Change Ether with BTSX.
2. Remove the points that do not apply to BTSX.

I can do the above myself but will need about $150K to do it.  :)


19 Certain Risks Associated with the Purchase of Ether
The purchase of ETH carries with it significant risk. Prior to purchasing ETH, the Purchaser should carefully
consider the below risks and, to the extent necessary, consult a lawyer, accountant, and/or tax
professionals prior to determining whether to purchase ETH.
19.1 Risk of Dissolution of The Ethereum Project Due To a Diminishment in the Value of the BTC Sale
Revenue
All Purchasers are paying BTC to purchase ETH. In the past few months the price of BTC in United States
dollars has been relatively stable. However, despite recent price stability, it is possible that the value of BTC
will drop significantly in the future, depriving EthSuisse of sufficient resources to continue to operate. In
order to guard against this risk, EthSuisse intends to periodically convert proceeds from the sale of ETH into
fiat currencies instead of BTC.
19.2 Risk of Losing Access to Ether Due to Loss of a Wallet File or Password
As noted above, ETH will be stored in a wallet, which can only be accessed with a password selected by the
Purchaser. If a Purchaser of ETH does not maintain an accurate record of the Purchaser’s password or
losses the wallet file sent by EthSuisse in the Purchase Email, this will lead to the loss of ETH.
As a result, Purchasers must safely store their password and the wallet file sent in the Purchase Email each
in one or more backup locations that are well separated from the primary location. Additionally the
password and the wallet should never be stored together.
In order to access one’s ETH, both the wallet file provided by the sale application and the password
that the Purchaser entered are required; loss of either, or leakage/theft of both, will lead to the loss
of a Purchaser’s ETH.
Page 20
ethereum.org
19.3 Risk of Unauthorized Access to a Downloaded Wallet
Any third party that gains access to the Purchaser’s Purchase Email will be able to download the wallet file
and potentially access the wallet by deciphering or cracking the Purchaser’s password. To guard against any
improper access to the wallet, the Purchaser should: (i) select a highly secure Purchase Password for the
Purchaser’s ETH wallet; and (ii) promptly delete the Purchase Email shortly after receipt, as expressly required
by these Terms.
Purchaser must take care not to respond to any inquiry regarding their purchase of ETH, including but not
limited to, email requests purportedly coming from the ethereum.org or similar looking domain.
19.4 Risk of Regulatory Action in One or More Jurisdictions
Cryptocurrencies have been the subject of regulatory scrutiny by various regulatory bodies around the globe.
The Ethereum Platform and ETH could be impacted by one or more regulatory inquiries or regulatory action,
which could impede or limit the ability of EthSuisse to continue to develop the Ethereum Platform.
19.5 Risk of Alternative, Unofficial Ethereum Networks
Following the Genesis Sale, and the development of the initial version of the Ethereum Protocol and User
Clients (i.e., version 1.0), it is possible that alternative unofficial Ethereum-based networks could be
established, which utilize the same open source source code and open source protocol underlying The
Ethereum Platform. The official Ethereum network may compete with these alternative, unofficial
Ethereum-based networks, which could potentially negatively impact the Ethereum Platform and ETH.
EthSuisse may gain a competitive advantage being the party that developed the Ethereum Platform, but such
advantages are far from absolute.
Page 21
ethereum.org
19.6 Risk of Insufficient Interest in the Ethereum Platform or Distributed Applications
It is possible that the Ethereum Platform will not be used by a large number of external businesses,
individuals, and other organizations and that there will be limited public interest in the creation and
development of distributed applications. Such a lack of interest could impact the development of the
Ethereum Platform and potential uses of ETH. EthSuisse has contracted with developers to help build the
Ethereum Platform and is working with other third-party developers around the world to create an interest in
the Ethereum Platform. However, it cannot predict the success of its own development efforts or the efforts
of other third parties.
19.7 Risk Associated With the Development of Other Platforms For Decentralized Applications
EthSuisse is one of several organizations, companies, and groups, attempting to build a platform which
would facilitate the creation and deployment of decentralized applications. It is possible that different
technical paradigms than the ones being used in the current Ethereum Platform implementation are optimal.
While EthSuisse anticipates being a leader in the development of this technology, competition from these
alternative platforms for decentralized applications may impact success of the Ethereum Project and the
ability of EthSuisse to operate and sell ETH in the future.
19.8 Risk that the Ethereum Platform, As Developed, Will Not Meet the Expectations of Purchaser
The Purchaser recognizes that the Ethereum Platform is presently under development and may undergo
significant changes before release. Purchaser acknowledges that any expectations regarding the form and
functionality of the Ethereum Platform held by the Purchaser may not be met upon release of the Ethereum
Platform, for any number of reasons including a change in the design and implementation plans and
execution of the implementation of the Ethereum Platform.
19.9 Risk that the Ethereum Platform May Never be Completed or Released
Purchaser understands, that while the Ethereum Team will make reasonable efforts to complete the Ethereum
software, it is possible that an official completed version of the Ethereum Platform may not be released and
there may never be an operational Ethereum Platform.
Page 22
ethereum.org
19.10 Risk of Theft
Hackers or other groups or organizations may attempt to steal the BTC revenue from the Genesis Sale, thus
potentially impacting the ability of EthSuisse to develop the Ethereum Platform and operate EthSuisse. To
account for this risk, EthSuisse has and will continue to implement comprehensive security precautions to
safeguard the BTC obtained from the sale of ETH.
Multi-factor security measures will be taken to protect BTC and ETH including physical elements, Shamir’s
Secret Sharing Algorithm, multisignature keys, BIP 32, anti-spear-phishing procedures, splitting of funds,
hot/cold wallet partitioning and diversification. Moreover, regular security audits of hot and cold wallets will
be conducted by internal and external teams.
19.11 Risk of Security Weaknesses in the Ethereum Platform Core Infrastructure Software
The Ethereum Platform rests on open-source software, and there is a risk that the Ethereum Team, or other
third parties not directly affiliated with the EthSuisse Parties, may introduce weaknesses or bugs into the
core infrastructural elements of the Ethereum Platform causing the system to lose ETH stored in one or more
Purchaser accounts or other accounts or lose sums of other valued tokens issued on the Ethereum
Platform.
EthSuisse has taken steps to build, maintain, and secure the infrastructure of the Ethereum Platform, and will
continue to do so after the Genesis Sale. For example, EthSuisse intends to hire external consultants on a
periodic basis to assess and audit the security of the Ethereum Platform and will work with cryptography and
security experts to develop and employ best practices to audit the Platform.
19.12 Risk of Weaknesses or Exploitable Breakthroughs in the Field of Cryptography
Cryptography is an art, not a science. And the state of the art can advance over time Advances in code
cracking, or technical advances such as the development of quantum computers, could present risks to
cryptocurrencies and the Ethereum Platform, which could result in the theft or loss of ETH. To the extent
possible, EthSuisse intends to update the protocol underlying the Ethereum Platform to account for any
advances in cryptography and to incorporate additional security measures, but cannot it cannot predict the
future of cryptography or the success of any future security updates..
Page 23
ethereum.org
19.13 Risk of Ether Mining Attacks
As with other cryptocurrencies, the blockchain used for the Ethereum Platform is susceptible to mining
attacks, including but not limited to double-spend attacks, majority mining power attacks, “selfish-mining”
attacks, and race condition attacks. Any successful attacks present a risk to the Ethereum Platform,
expected proper execution and sequencing of ETH transactions, and expected proper execution and
sequencing of contract computations. EthSuisse intends to limit the risk of mining attacks by creating a
blockchain proof-of-work security algorithm using a unique implementation of a GHOST-like protocol and
possibly an implementation of hybrid proof-of-stake that could reduce the risk of mining attacks.
Despite the efforts of the Ethereum Team, known or novel mining attacks may be successful.
19.14 Risk of Rapid Adoption and Increased Demand for ETH
If the Ethereum Platform is rapidly adopted, the demand for ETH could rise dramatically and at a pace that
exceeds the rate with which ETH miners can create new ETH tokens. Under such a scenario, the entire
Ethereum Platform could become destabilized, due to the increased cost of running distributed applications.
In turn, this could dampen interest in the Ethereum Project and ETH.
Instability in the demand for ETH leading to oscillations and instability in the price of ETH as denominated in
currencies that Ethereum-based businesses use to pay operating costs could result in Ethereum-based
businesses being unable to continue to operate economically. This would represent losses to businesses
or worst case, cause business to cease operations.
Page 24
ethereum.org
19.15 Risk of Rapid Adoption and Insufficiency of Computational Application Processing Power on the
Ethereum Network
If the Ethereum Platform is rapidly adopted, the demand for transaction processing and distributed
application computations could rise dramatically and at a pace that exceeds the rate with which ETH miners
can bring online additional mining power. Under such a scenario, the entire Ethereum Platform could become
destabilized, due to the increased cost of running distributed applications. In turn, this could dampen
interest in the Ethereum Project and ETH.
Insufficiency of computational resources and an associated rise in the price of ETH could result in
businesses being unable to acquire scarce computational resources to run their distributed applications.
This would represent revenue losses to businesses or worst case, cause businesses to cease operations
because such operations have become uneconomical due to distortions in the crypto-economy.
Page 25

« Last Edit: October 12, 2014, 12:59:52 am by tonyk »
Lack of arbitrage is the problem, isn't it. And this 'should' solves it.

Offline starspirit

  • Hero Member
  • *****
  • Posts: 948
  • Financial markets pro over 20 years
    • View Profile
  • BitShares: starspirit
Something I've been trying to understand is how secure is the (BTSX) collateral held behind BitAssets, because in effect the level of that collateral is a factor in how confident users can be of getting paid back if something goes wrong or demand falls. So my question is what risks are there, and what protections are either in place or need to be developed over time?