June 4, 2020 |
Born in Israel in 1975, Malicious Life Podcast host Ran studied Electrical Engineering at the Technion Institute of Technology, and worked as an electronics engineer and programmer for several High Tech companies in Israel.
In 2007, created the popular Israeli podcast Making History. He is author of three books (all in Hebrew): Perpetuum Mobile: About the history of Perpetual Motion Machines; The Little University of Science: A book about all of Science (well, the important bits, anyway) in bite-sized chunks; Battle of Minds: About the history of computer malware.
Malicious Life by Cybereason exposes the human and financial powers operating under the surface that make cybercrime what it is today. Malicious Life explores the people and the stories behind the cybersecurity industry and its evolution. Host Ran Levi interviews hackers and industry experts, discussing the hacking culture of the 1970s and 80s, the subsequent rise of viruses in the 1990s and today’s advanced cyber threats.
Malicious Life theme music: ‘Circuits’ by TKMusic, licensed under Creative Commons License. Malicious Life podcast is sponsored and produced by Cybereason. Subscribe and listen on your favorite platform:All Posts by Malicious Life Podcast
There’s an argument to be made that blockchain is the fastest-growing technology in mankind’s history. Think about it: artificial intelligence seems like it’s developing way too fast, but the technology really dates back to the 50s, and Siri isn’t as smart as it seems. VR began in the 60s or 70s, depending on how you look at it. The first IoT machine was devised in ‘82. Do you know when the first blockchain–the Bitcoin network–was deployed? 2009. That wasn’t that long ago! Yet, today, even your grandma has heard of Bitcoin.
That growth is a direct result of the community supporting Bitcoin. The most revered are those weird and crazy early adopters that believed in it back when the rest of us either didn’t know what it was, or figured it was just some passing fad. Today, it’s the diversity of interests represented on the platform that really pushes the needle forward. Individual investors, startups, corporations, miners and developers all use Bitcoin in different ways, for different reasons. But any software upgrade has to be agreed upon by the majority of the community. So technical and philosophical debates about exactly how things should be never stop. It’s highly productive.
But this is the internet, after all. In some of those same online forums where rich technical discussions occur, things can also get nasty and personal. Highly intelligent people regress towards pettiness and childish name-calling. And it’s not trivial, either–people have real money on the line, oftentimes a lot of it.
These two sides of Bitcoin’s immense growth–the rapid technological achievement, and the dangerous infighting–all came to a head in 2017, a year Bitcoiners will never forget.
A Network On The Verge Of Collapse
The setting was ripe. Through factors too multifaceted and complex to get into here, the price of Bitcoin began to rise faster than it ever had before. In January, one Bitcoin was worth about $1,000. By June, $3,000. In the month of November, the number hit 5 digits. People were becoming rich, in less than a year’s time.
Suddenly Bitcoin was a hot item to the public. What was it? How did it work? And how could I become a millionaire off it too? Social media flared, news channels picked up the story, word spread around the world.
So everybody was winning. Money, attention, success poured out of every seam. It appeared that a golden age had dawned.
But just under the surface, the network was teetering on the verge of collapse. The widespread popularity that early advocates had been waiting for had finally come, but with it came a high cost. Technical problems that were just nuisances when the community was small now became glaring and potentially lethal. Debates among tight communities of knowledgeable users and developers ballooned into full-on internet wars. Factions hardened. Heroes became enemies of the people.
Over the next few episodes of Malicious Life, we’re telling the story of one proposed update to the network. It was called “SegWit2x.” The problem with SegWit2x is that, depending on whom you ask, it was either the upgrade that could finally save Bitcoin, or a cyber attack that would ultimately destroy it.
Throughput & Fees
At a time when a dozen Bitcoin could buy you a new car, the network supporting it was quite literally splitting at the seams.
Bitcoin, as you might already know, is a decentralized system in which every transaction–every transfer of bitcoins from one wallet to another–needs to be processed and approved by the network. The two main issues at hand were the time it took the Bitcoin network to process and approve these transactions, and the fees users need to pay for these transactions to go through.
In the early days, when only a few people knew about BitCoin and even fewer took part in the network, transactions were processed very quickly – in a matter of seconds or minutes – and fees, which are an optional feature of the network, were non-existent.
Over time, as Bitcoin got more popular, and as more transactions were initiated, the processing time of transactions grew from seconds and minutes to hours and days. As a consequence, more users were forced to pay fees in order for their transactions to be processed with a higher priority. By June 2017, the average fee users were paying in association with their transactions was five dollars. Now, five dollars isn’t a ton of money, but it does put a certain restriction on what kinds of transactions Bitcoin can be viable for. Right? If you want to pay somebody $1,000 in Bitcoin, an extra five won’t do much harm. But what about all the people who envisioned the future of money–a decentralized currency that could be used even just to purchase a cup of coffee in the morning? You can’t pay for coffee with Bitcoin if the coffee costs $3.50, the payment costs another $5 – and the payment itself is finalized after 24 hours or more.
Together, these two problems threatened the future of Bitcoin, as they limited its viability as a practical means of payment. Gavin Anderson, one of Bitcoin’s main software developers and the founder of the Bitcoin Foundation, warned in an article he wrote on May 2015 that, quote –
“If the number of transactions waiting gets large enough, the end result will be an over-saturated network, busy doing nothing productive. I don’t think that is likely — it is more likely people just stop using Bitcoin because transaction confirmation becomes increasingly unreliable.”
The question is, then – why the long delays and the high fees? Well, we could spend hours talking about the technical structure of the Bitcoin network, but ultimately it all boils down to a single parameter: the size of a Bitcoin block.
A block is simply a file which holds the data about transactions on the Bitcoin network. Since blocks store the data about transactions, it follows that the size of a block is the limiting factor on how many transactions it can hold: the smaller the block, the fewer transactions it can store. By design, the Bitcoin network can only process one block every ten minutes – which means that the number of transactions that can be approved every ten minutes, also known as the ‘throughput’ of the system, is limited to the number of transactions each individual block holds.
In 2017, a single block’s size was limited to 1 MB: blocks exceeding the limit were rejected by the network. That meant that Bitcoin’s capacity was only 4 transactions per second. Even if you’re not familiar with Bitcoin at all, you can probably tell that this isn’t a lot. Visa processes nearly 2,000 transactions a second so that its users worldwide can make instant payments.
When the Bitcoin community consisted of a few developers and drug dealers, this wasn’t so much of a problem. But as people’s Bitcoins started doubling, quadrupling, and multiplying in obscene orders of magnitude, the business sector took note. As the 2010s went on, it became more and more profitable to be in Bitcoin. So whereas in the early 2010s transaction throughput was an issue largely debated by engineers on a technical level, by the mid-2010s, it became very important to different kinds of people with more varied interests.
But we still haven’t answered the question: if limiting the size of the blocks hurts the network’s throughput, why limit the size of blocks at all? To many in the community, it’s just a given–the block size is one megabyte, and that’s just how it is. But this limit wasn’t actually part of the original Bitcoin white paper, and Satoshi Nakamoto–the creator of the network–didn’t come up with the idea. In fact, at first, he was opposed to it.
It was one of his closest colleagues, Hal Finney, who came up with the idea. Another early developer who goes by the name “Cryddit” recalled the story, writing:
“For what it’s worth, I’m the guy who went over the blockchain stuff in Satoshi’s first cut of the bitcoin code. Satoshi didn’t have a 1MB limit in it. The limit was originally Hal Finney’s idea. Both Satoshi and I objected that it wouldn’t scale at 1MB. Hal was concerned about a potential DoS attack though, and after discussion, Satoshi agreed. The 1MB limit was there by the time Bitcoin launched. But all 3 of us agreed that 1MB had to be temporary because it would never scale.”
So the one megabyte limit existed to prevent a scenario where a hacker could overload the blockchain by pushing an uncontrollable number of transactions all at once. It also served useful to have a certain level of scarcity to the block size. Cryddit notes:
“A lot of people wanted to piggyback extraneous information onto the blockchain, and before miners (and the community generally) realized that blockchain space was a valuable resource – they would have allowed it. The blockchain would probably be several times as big a download now if that limit hadn’t been in place…”
If people added information to the blockchain that wasn’t absolutely necessary–for personal, political, or whatever reasons they might have–it would make the blockchain, simply, a bigger file than it needed to be. More data on the blockchain means fewer people can store all that data, and participate in the security of the network.
But as we’ve seen, as Bitcoin grew in popularity this limit also started to have a real detrimental impact on the network’s throughput. Luckily, one of Bitcoin’s Core developers had a breakthrough solution.
Pieter Wuille is as much of a software engineer as a software engineer can get. He writes code obsessively. He even looks like an engineer–a short guy, messy hair and a beard, glasses, with the kind of pale skin you develop by typing in dark rooms all day and night. In a community where everybody shouts at one another, and people who don’t actually know much pretend they do, Pieter is hardly ever seen or heard in public, and when it comes to Bitcoin, he basically does know everything there is to know. As a result, he’s taken on a kind of cult status. In 2018, the website CoinDesk labeled him “the Zen Master.” An old meme from the Chuck Norris-style website ‘PieterWuillefacts.com’ summed it up best. The caption of the image read:
If a tree falls in a forest and no one is around to hear it, Pieter Wuille knows. Pieter Wuille doesn’t write code, he wills it into existence. We are all actually living in a simulated reality created by Pieter Wuille. On the seventh day, God rested but Pieter Wuille submitted a pull request.
Pieter is best known for his proposal called “Segregated Witness,” or SegWit for short. What’s SegWit?
Every Bitcoin transaction includes a sender, a receiver, an amount, and a signature. A signature is created when a sender’s private key and transaction data are combined using a cryptographic algorithm. That signature, in effect, allows the network to verify that the sender is eligible to send the coins they’re sending. SegWit proposed restructuring the data in a block such that every block can hold just under four times as many transactions as they could before. The throughput of the network is raised, and consequently the fees the users needed to pay for each transaction are lowered.
But that’s only half the story. By restructuring the data in the block, SegWit also managed to cure a years-long vulnerability in the Bitcoin protocol called “transaction malleability.”
Consider our Senior Producer, Nate Nelson. If you ask him, he’ll say he’s 6-foot-1. And he’s correct. You could also say Nate’s 73 inches tall. Since I’m from Israel, I’m more inclined to say that he’s 1.85 meters. You understand that all of these values are equivalent, even though they’re expressed differently. In cryptography, both the value and how it’s expressed matter. ‘0’ is different from ‘000’.
For years, it was possible to change the cryptographic ID of a Bitcoin transaction, while the transaction was still processing, as long as you didn’t change the value underneath. Historically, this wasn’t a very common exploit. But it did discourage developers from deploying third-party services–software built on top of the blockchain itself. Like building a house on an unsecure foundation, you wouldn’t want to deploy a service atop a blockchain so easily manipulated.
So SegWit was a two-for-one deal, which made it popular with Bitcoin investors. But it didn’t quite catch on with those who felt that simply raising the block size was a better solution. Instead, with SegWit on track to activate, some of these so-called “big blockers” got together to propose another network upgrade. Their solution would turn out to be much, much more controversial.
Jeff Garzik, the second character in our story, has a knack for getting in early on big software projects. Out of college he joined the team that developed CNN’s very first website. He moved on to Red Hat where he helped develop the Linux kernel which, among other things, became the basis for Android’s operating software. So if you own an Android today, there’s a little Jeff Garzik in there.
In 2010 Jeff came upon an online post about Bitcoin. It wouldn’t take long before he made his mark on the technology. On August 8th, 2010, he posted in the legendary “bitcointalk” forum where early adopters, pioneers and Nakamoto himself used to debate and discuss all things Bitcoin. His post didn’t read as anything particularly alarming. It was quite short, actually. He wrote: “The “value out” in this block #74638 is quite strange.” He copied the code for the upcoming block.
The block contained two “value out” fields, which corresponded with how many Bitcoin the receiver of the transaction would get. In total they added up to over 184 billion Bitcoin, completely out of thin air.
I probably don’t have to tell you that that’s a lot of Bitcoin. But, for context, it’s worth mentioning that, programmed into the Bitcoin code itself, is a rule that no more than 21 million Bitcoin will ever exist. So in this single transaction, one person was going to receive approximately…well let’s see…if you subtract 21 million from 184 billion…okay, drag the one…and…here we go: one person was going to receive approximately 184 billion more Bitcoin than will ever exist. So this wasn’t just a “quite strange” block, as Jeff Garzik put it–it was a cyber attack.
Almost as soon as Jeff raised the issue, Satoshi Nakamoto and his colleagues got to patching the Bitcoin software client. Within three hours they’d come up with a patch, and within five they’d deployed it. Within the day Bitcoin was saved from complete collapse. Garzik became renowned for having discovered the bug, and went on to become one of the network’s most important core software developers for the next four years. By mid-decade he’d earned his spot in the pantheon of early developers, entrepreneurs and proselytizers revered in the Bitcoin community: people like Pieter Wuille, Gavin Andresen, and many others–some of whom we’ll get to later in this story–looked up to as the pioneers who helped shape Bitcoin for the rest of us.
But as Batman once said: “You either die a hero, or you live long enough to see yourself become the villain.” In 2017, as the Bitcoin community began to fracture, Jeff Garzik chose a side. He did so by putting his name behind the proposal called “SegWit2x.”
SegWit2x & The New York Agreement
SegWit2x was deceptively simple. Here, I can describe it in one sentence: adopt Pieter Wuille’s SegWit, then double the block size from 1 megabyte to 2. Get it? SegWit-2x, SegWit and double the block size. Easy.
It was first introduced with a proposal called the “New York Agreement,” signed by a number of the most powerful people and businesses in Bitcoin. The man at the heart of it all–the Thomas Jefferson of this proposal–was Barry Silbert. It’s not uncommon to refer to it, actually, as “Barry Silbert’s New York Agreement.”
Barry’s a good guy to have on your side: one of the few most powerful investors in cryptocurrencies, he was an early investor in companies like Coinbase and Ripple, which went on to become household names in the Bitcoin space. In 2015 he founded the Digital Currency Group: one of the biggest VC groups in the sector. All this makes him sound like a big, scary guy but, up close, it’s kind of hard to not like Barry. He’s got short, messy hair, and one of those pudgy baby faces you just want to squeeze. And he’s usually smiling, too–even if you watch him talk about, you know, market trends and investment figures on CNBC, he does it with a little smirk.
In the May of 2017, Barry had a lot to boast about. Nearly 60 Bitcoin companies in over 20 countries had quickly signed on to show support. Together, miners representing just over 80 percent of the hash power on the Bitcoin network signalled they were behind the agreement. Some of the most influential people in Bitcoin were behind it–people like Mike Belshe, CEO of the wallet company BitGo and a principal author of HTTP/2.0, Jihan Wu, the 31 year-old billionaire CEO of Bitmain which, among other things, controls the largest mining pool on the Bitcoin network, and Jeff Garzik. Jeff didn’t just support the proposal: he was actively developing the software implementation necessary to implement it, called ‘BTC1.’
With all this positivity, it’s hard to believe that, to its detractors, the New York Agreement represented everything wrong with what Bitcoin was turning into. Why?
As we’ve seen, doubling the size of the blocks has its benefits with regards to higher throughput and lower fees. But it also has its downsides.
Consider the issue of “full nodes” vs. “light nodes.” Bitcoin users are encouraged to keep a copy of the entire blockchain on their computers. These “full nodes” act as watchful eyes against malicious actors who might try tampering with the blockchain for their own profit. But not all users run full nodes, because it requires that your computer maintains a copy of the entire history of Bitcoin since 2009. That’s a ton of data–as of this writing, around 280 gigabytes in total. It’s much easier to run a “light node,” which contains much less data, doesn’t provide as much security to the network, but doesn’t require as much of your computer.
What happens then if, due to the larger block size, the Bitcoin network were to process many more transactions per ten minutes than it already does? More data needs to be stored at a faster rate. 280 gigabytes becomes 300, 400 gigabytes before you know it, and most people simply can’t afford to keep half a terabyte of data sitting around on their hard drives. More users will have to run light nodes instead of full ones, meaning they won’t be able to participate in the security of the network. When only the already richest and most powerful users on the network are left to maintain it, their power grows even further. You no longer have decentralization.
A Matter of Ethos
Those weird and crazy people who believed in Bitcoin not just as a money making investment, but as the future of money–they wanted their platform to grow, but not if it came at the expense of the democratic spirit with which they created it. The whole point of blockchain and cryptocurrencies was to remove the need for centralized power; to delegate that power back to the greater public.
But the majority of people who supported Barry Silbert’s New York Agreement weren’t the weird and crazy people first drawn to Bitcoin for its technical ingenuity and libtertarian spirit. Instead, the New York Agreement was supported mostly by miners–people mostly located in China, who came to the platform during its period of early growth as a means of profit making.
“Miners” are what we call the people who run high-powered computers, which perform the cryptographic puzzle-solving necessary to processing Bitcoin transactions. Bitcoin senders have to pay fees in order to incentivize miners to perform the calculations and get the transactions approved. Whoever processes the transactions into a block first gets the fee payments. Miners, therefore, have a clear incentive: the more transactions that occur over the network, the more fees are available to scoop up.
So what we have here is a clear conflict of interests: more transactions means more money can move around the Bitcoin network, making everybody richer. But too many transactions opens up all kinds of potential security failures, and even worse, threatens the very ethos of Bitcoin as a decentralized and democratic cryptocurrency.
And to many, it went further even than that. They believed there was something disingenuous about the picture Barry was painting. Even if over 50 businesses were behind the plan, plenty others more didn’t take a position, or publicly came out against it. Even if the New York Agreement had all the businesses in Bitcoin on its side (which it didn’t), and all the miners (which it didn’t), that still doesn’t include two important groups.
Firstly, there’s the vast majority of the Bitcoin community: ordinary people who have their money invested in the coin and run ordinary nodes in the network. Where did they stand on all this? Well, they weren’t asked. And that’s the first problem. The New York Agreement was signed by a bunch of companies and miners, before it was even exposed to the wider public. It was only an “agreement” among wealthy corporate interests. Ironically, it was first introduced to the world during 2017’s Bitcoin “Consensus” conference. And it wasn’t like Barry, Jeff and their buddies were asking “Hey everyone, how do you like our idea to double the block size?” It was more like “Here’s what we came up with, here’s everybody we’ve got on our side, we hope you’ll join in.”
Secondly, SegWit2x didn’t account for the single most important group of people in the entire network: the elite group of Bitcoin Core developers that actually maintains the software, like Pieter Wuille. These are the guys who work tirelessly, full-time, on making sure that Bitcoin is functional and secure for the rest of us. The geniuses without whom the system would fall apart. They know more about how Bitcoin works–and how it can work, and how it should work–than anyone else, by miles. What did they think about SegWit2x? Besides Jeff Garzik, not a single one of them liked the idea. Pieter Wuille, for example–the guy responsible for the “SegWit” part of “SegWit2x”–came out against it. That should say something.
And the 2x supporters probably knew that their proposal wasn’t as popular as they were making it out to be. How do we know? Well, usually when a fundamental change is proposed to the Bitcoin software, it takes the form of a ‘BIP’: Bitcoin Improvement Proposal. BIPs are tested, and vetted by the wider community, to make sure they’re safe. Once the community accepts the BIP, the Core team implements it into the Core software, and all nodes on the network update. It’s a standard, agreed-upon system to ensure that updates to the Bitcoin code aren’t malicious, buggy or unpopular.
SegWit2x could have been proposed, in the beginning, as a BIP. Then, the community could signal how they felt about it. Instead, even before the community knew what it was, it was presented as an “agreement.” But who actually “agreed” to it?
Thus, to oversimplify things, we’re left with two teams. On one side, the so-called “small blockers”: users and Core developers. On the other side, “big blockers”: businesses and miners. The block size doubling would occur in November, 2017, meaning that if anybody was going to stop SegWit2x, they had about five months to do it.
And let’s be clear, listeners: this wasn’t an ordinary conflict among respectfully disagreeing parties. The SegWit2x debate quickly devolved into a chaotic mess, where any sympathy for the wrong side could get you in major trouble.
I know because I experienced it myself, by accident.
In preparation for this episode, I posted on social media that the Malicious Life team was looking for people who were involved in Bitcoin during SegWit2x. Boring as that. I got a few helpful responses, then someone commented:
“LOL are you out of your mind with this bullshit scam?”
I was a bit surprised–still pretty new to the whole subject. “Scam?,” I wrote back, “Why scam?”
“You can’t read?” they replied.
We went on, but you get the idea. Of course, this guy was an ***hole, and doesn’t represent the larger Bitcoin community. But he does represent, arguably, some not-so-small part of it. People really, really cared about SegWit2x, and even the slightest inference risks offending those on either side of the debate. Plenty of what I already said would, to the right ears, sound extremely politically charged.
So here’s the thing: you know now what The New York Agreement is. You know why some people had a problem with how it was presented to the public. But none of what you’ve heard really explains the sheer loathing felt on both sides of the debate. By the end of this story people will be called much worse names than I was, there will be public shaming campaigns, and sterling reputations will be forever tarnished.
What was it that made SegWit2x this poisonous? Maybe because, according to some, it was actually not an improvement proposal at all, but an attack meant to take over the entire network. How come? The answer to this question and many more, coming up in our next episode of Malicious Life.