Matthew Roberts

Former Bitcoin guy. Did some work on timechains, DAOs, and smart contracts.

Page 2


How a super computer could prevent future exchange hacks

Emin Gün Sirer published a paper this year [0] that described “Bitcoin vaults” [1] - a new mechanism for forcing coins to be locking up for a certain amount of time before they can be spent. The idea is for the owner to be able to recover coins during a designated clearing phase whose progress is made publicly visible on the blockchain. The owner could then recover coins from transactions [2] that he or she didn’t authorize even if their private keys were compromised. This idea is genuinely revolutionary [10] as currently owners have no way to reverse payments if they get hacked.

vault_diagram.png

If something like this had of existed before the recent Bitfinex hack we might have had a chance to prevent it. Unfortunately, schemes like this rely on having to change Bitcoin’s consensus rules which is a task that’s notoriously difficult to do. Only certain changes to the code can be safely made and it

Continue reading →


Datachains: an AI driven DAS for incentivizing taste-based content delivery

Future decentralized autonomous systems (DAS) will likely be focused on distributing specialized AI agents for finding patterns in bulk data sets. These DAS will be funded with a pre-existing cryptocurrency like Bitcoin and then pegged to the entity in such a way that the assets can be given out as rewards for correct solutions without human intervention. The resulting system forms a decentralized, autonomous, peer-to-peer, client-to-client, datachain that rewards assets for finding data that the AI likes.

The use-cases for such a system would be in big data processing, web scraping, and data mining where remote files are scattered all over the Internet and are too resource intensive for any one organization to search for specific patterns. Such a system may help us to find new meaning in the vast stores of content already accessible via the Internet and what better example to start

Continue reading →


Smart contracts vs dumb contracts

Update 7/12 I merged the discussion of datachains and pornchains into a separate article which is now here: http://roberts.pm/datachain.

When I first entered the Bitcoin space the term “smart contract” had a very specific meaning: it was any transactional protocol built on top of Bitcoin whose basic functionality did not have to depend on trusting a third-party. In other words, a smart contract had the same requirements for trust as Bitcoin did – that the results were absolute and it was beyond the power of anyone to circumvent the intended behaviors of the system.

Today, the term “smart contract” is used to refer to any kind of program or transactional protocol making use of the blockchain, period. The definition has become so very broad that it can more or less be applied to anything, but before I get side-tracked talking about that - I would like to revisit the early days and

Continue reading →


Human powered blockchains?

One of the problems that conventional blockchains suffer from is that they’re expensive to run. You’re essentially burning electricity to protect a blockchain and as the difficulty rises you’re forced to expend even more energy to achieve the same result. Then there are looming increases in algorithmic efficiency (see ASIC boost) and hardware speed (see ASICs) that make the process harder to maintain in a fair and decentralized manner.

I was thinking about CAPTCHAs today and maybe they would work as an alternative to hash-based proof-of-work. You see, human cognition is much, much harder to improve than processors are, so essentially any proof-of-work based algorithm that relies on human abilities to run can only be improved so much. I believe this is quite a significant observation when applied to blockchains because there may be algorithms out there that are capable of transforming a

Continue reading →


The crypto conman

I’ve recently started a consulting business that specializes in blockchain technology and so far its been going quite well. There’s all the usual highs and lows of running a business: “this will never work”, “this is completely hopeless”, “we’re getting no customers”, “we got 1 million leads today” … to the more mundane stuff like the clients wants us to clone Google in 2 hours for a fraction of the cost of a cup of coffee. But today I noticed something more sinister show up: The Crypto Conman.

The Crypto Conman first contacted me about 2 days ago regarding a new blockchain project. The job was simple enough: he wanted us to modify an existing cryptocurrency to change a few parameters in the source code. Normally we hate jobs like this because there’s very little dev work involved so the job effectively amounts to some educated copy and pasting. But alas, such is the life of consulting

Continue reading →


Building a decentralized cryptocurrency exchange using zero-knowledge proofs

Edit 5/9/2016: I’ve updated the scheme. I’ll update it again if I get time to think of a way to avoid using timelock encryption for the refunds since that will make it more secure. Although I want to add that timelock encryption depends on the security assumptions of hash functions so its also not like this is particularly crazy (as new and scary as things may sound.)

Quite recently its become possible for those outside the field of cryptography to construct zero-knowledge proofs. One such proof is a proof for SHA256 hashes that basically allows anyone to state that “yes, I know some value that produces some known hash.”

You can also make this more complex, you can enforce arbitrary constraints on the pre-image and create templates so now you can say to someone that “yes, I know some such value in the form […] that produces some known hash.” While that may seem quite interesting by

Continue reading →


Decentralized atomic cloud storage using Bitcoin

 Update: 13/01/17. A recent paper has emerged describing a “new technique” for doing “Atomic Verification Via Private Key Locked Bitcoin Transactions.” This paper is so similar to the scheme I described here 10 months ago that its hard to tell if this is plagiarism or a genuine mistake. It’s also interesting to note that the author’s scheme won’t work on the Bitcoin network since it depends on OP_AND which is currently disabled and their proposal won’t guarantee a file’s availability under attack.

There’s been a huge shift in recent years towards using peer-to-peer technology to increase the reliability, robustness, and security of Internet-facing services. Perhaps one of the more obvious use-cases is in cloud-based file hosting. With cloud-based hosting you typically have centralized servers that host the user’s content and are then responsible for maintaining the security and

Continue reading →


Introducing the timechain

 By Matthew Roberts and Elías Snær Einarsson

Update: April 20, 2017 - See “Turning back the clock on timechains -
a follow-up” for a discussion on security.

Historically companies and individuals have struggled to uphold adequate security practices when it comes to the handling and storing of cryptocurrencies and this can be seen in the numerous hacks that have plagued this industry.

Probably almost every large Bitcoin exchange and wallet provider have seen at least one major security incident which either lead to (or could have lead to) the loss of customer’s funds. The problem at hand is actually very simple and comes down to one basic issue: the need to keep ECDSA private keys around for signing withdrawals.

 Example 1

Imagine you’re a currency exchange for cryptocurrencies. To be able to credit customer’s accounts you generate Bitcoin addresses on the fly and associate them

Continue reading →