Matthew Roberts

I am a cryptobiologist specializing in the study of digital life forms like blockchains and certain kinds of unbounded smart contracts. “We must not let our politics harm these beautiful creatures.” – Myself.

Page 2

A coin for security

Here’s another idea for a cryptocurrency - a coin that rewards people for the practices they use to secure their cryptocurrencies on other blockchains.

This can all be done without trust because many aspects of cryptocurrency security already depend on cryptographic proof. A brief list of things that a cryptocurrency like this might check for includes:

  • N factor auth and hardware devices used for multi-sig signing.
  • Fail-safe theft recovery procedures
  • Password complexity and rotation checks (like revealing hash-locked inputs.)
  • Cryptographically provable wallet backups.
  • Use of privacy enhancing protocols.
  • Use of secure exchanges to purchase coins.
  • Other, e.g. provably secure constructs, possibly with trusted computing.

There are so many different ways to protect crypto-assets and I’ve put a lot of thought into working them all out over the years. But in spite of this the biggest

Continue reading →

Events are arbitrary

When I first got into Bitcoin my main area of interest was in smart contracts. I used to marvel at how the blockchain could be used to eliminate trust between people and I’d despair whenever an OP_CODE was removed (making the former harder to do.) But that’s only because I didn’t understand one subtle quality of how a blockchain works: events are arbitrary.


The blockchain really only has two qualities worth mentioning:

  1. It can securely order events on a network of untrusted computers.
  2. It defines an event called a transaction.

The second quality is optional [0]. It just so happens that in the case of Bitcoin enough information is already included with the software to describe what a “transaction” means so that now its become impossible to separate the network definition of “the blockchain” from “a transaction” [1].

But if you understand why this is then you understand that the

Continue reading →


Update: 19/02/2017 - added discussion on hacker news.
I also added an example.
Update: 21/02/2017 - added discussion of obfuscated exploits, early disclosure penalties, incentives, and scalability

Bug bounties suck. Researchers routinely don’t get paid for their work and vendors continue to get away with the same shitty behavior. It’s a system that lacks any kind of accountability and only benefits the company.

Solution: Do it as a smart contract on a blockchain.

 An example

  1. A smart contract to audit a C-based program is written. It includes a test case to see if a file with a specific name has been created under the process’ permissions. It also includes information about the program.
  2. A researcher finds a bug and uses it to write a buffer overflow exploit. The exploit is designed to pass the test case and is written using a special domain specific language for exploitable code for

Continue reading →

Some simple smart contracts to dispel the hype

In the past I’ve said that “smart contracts” are protocols for exchanging crypto-payment for some kind of specialized product or service without the need for trust. But within the Bitcoin-space I still see many examples of things that shouldn’t really be called a smart contract at all.

So here are some examples of some smart contracts that clearly show how payment can be given for some kind of service that has then been intertwined with payments so closely that trust is removed.

I’ll start with the simplest contract I know of and move on to some new contracts that help demonstrate the idea behind universal verifiability in trustless trade protocols. Here is the first contract.

 Example 1: Paying for a hash collision

value1 = get_input()
value2 = get_input()
btc_address = get_input()

# Values need to be different to prove a collision.
if value1 == value2:


Continue reading →

What if smart contracts were a new web standard = new achievement unlocked?

Edit: thought of a catchy name for this – Smart REST.

Smart contracts are all about formalizing trust relationships in an effort to try reduce critical points of failure within an agreement. The idea is that instead of trusting that a person will carry out a given function - we clearly segregate and define those responsibilities which can then be tied to the conditional release of collateral, the change of reputation, the conclusion of a legal contract, and even actions taking place within the real world.

To do this we use cryptographic ledgers which offer us a way to securely and publicly record relationships between individuals. In the case of financial relationships – some of these relationships can be made 100% trustless by using cryptography (a godsend to finance) - and in other cases its usually possible to reduce the amount of trust involved by using things like distributed

Continue reading →

How a super computer could prevent future exchange hacks

Emin Gün Sirer published a paper this year [0] that described “Bitcoin vaults” [1] - a new mechanism for forcing coins to be locking up for a certain amount of time before they can be spent. The idea is for the owner to be able to recover coins during a designated clearing phase whose progress is made publicly visible on the blockchain. The owner could then recover coins from transactions [2] that he or she didn’t authorize even if their private keys were compromised. This idea is genuinely revolutionary [10] as currently owners have no way to reverse payments if they get hacked.


If something like this had of existed before the recent Bitfinex hack we might have had a chance to prevent it. Unfortunately, schemes like this rely on having to change Bitcoin’s consensus rules which is a task that’s notoriously difficult to do. Only certain changes to the code can be safely made and it

Continue reading →

Datachains: an AI driven DAS for incentivizing taste-based content delivery

Future decentralized autonomous systems (DAS) will likely be focused on distributing specialized AI agents for finding patterns in bulk data sets. These DAS will be funded with a pre-existing cryptocurrency like Bitcoin and then pegged to the entity in such a way that the assets can be given out as rewards for correct solutions without human intervention. The resulting system forms a decentralized, autonomous, peer-to-peer, client-to-client, datachain that rewards assets for finding data that the AI likes.

The use-cases for such a system would be in big data processing, web scraping, and data mining where remote files are scattered all over the Internet and are too resource intensive for any one organization to search for specific patterns. Such a system may help us to find new meaning in the vast stores of content already accessible via the Internet and what better example to start

Continue reading →

Smart contracts vs dumb contracts

Update 7/12 I merged the discussion of datachains and pornchains into a separate article which is now here:

When I first entered the Bitcoin space the term “smart contract” had a very specific meaning: it was any transactional protocol built on top of Bitcoin whose basic functionality did not have to depend on trusting a third-party. In other words, a smart contract had the same requirements for trust as Bitcoin did – that the results were absolute and it was beyond the power of anyone to circumvent the intended behaviors of the system.

Today, the term “smart contract” is used to refer to any kind of program or transactional protocol making use of the blockchain, period. The definition has become so very broad that it can more or less be applied to anything, but before I get side-tracked talking about that - I would like to revisit the early days and

Continue reading →

The crypto conman

I’ve recently started a consulting business that specializes in blockchain technology and so far its been going quite well. There’s all the usual highs and lows of running a business: “this will never work”, “this is completely hopeless”, “we’re getting no customers”, “we got 1 million leads today” … to the more mundane stuff like the clients wants us to clone Google in 2 hours for a fraction of the cost of a cup of coffee. But today I noticed something more sinister show up: The Crypto Conman.

The Crypto Conman first contacted me about 2 days ago regarding a new blockchain project. The job was simple enough: he wanted us to modify an existing cryptocurrency to change a few parameters in the source code. Normally we hate jobs like this because there’s very little dev work involved so the job effectively amounts to some educated copy and pasting. But alas, such is the life of consulting

Continue reading →

Building a decentralized cryptocurrency exchange using zero-knowledge proofs

7/12/2017: The protocol is flawed and contains a black mail risk. The other side cannot claim a refund without knowledge of the secret so even if the TXIDs can be validated with ZK-proofs the scheme still doesn’t work. I guess its back to the drawing board with this idea.

Edit 5/9/2016: I’ve updated the scheme. I’ll update it again if I get time to think of a way to avoid using timelock encryption for the refunds since that will make it more secure. Although I want to add that timelock encryption depends on the security assumptions of hash functions so its also not like this is particularly crazy (as new and scary as things may sound.)

Quite recently its become possible for those outside the field of cryptography to construct zero-knowledge proofs. One such proof is a proof for SHA256 hashes that basically allows anyone to state that “yes, I know some value that produces some known

Continue reading →