Pages

Thursday, December 11, 2014

The dawn of trustworthy computing

When we currently use a smart phone or a laptop on a cell network or the Internet, the other end of these interactions typically run on other solo computers, such as web servers. Practically all of these machines have architectures that were designed to be controlled by a single person or a hierarchy of people who know and trust each other. From the point of view of a remote web or app user, these architectures are based on full trust in an unknown "root" administrator, who can control everything that happens on the server: they can read, alter, delete, or block any data on that computer at will.  Even data sent encrypted over a network is eventually unencrypted and ends up on a computer controlled in this total way. With current web services we are fully trusting, in other words we are fully vulnerable to, the computer, or more specifically the people who have access to that computer, both insiders and hackers, to faithfully execute our orders, secure our payments, and so on. If somebody on the other end wants to ignore or falsify what you've instructed the web server to do, no strong security is stopping them, only fallible and expensive human institutions which often stop at national borders.

The high vulnerability we have to web servers stands in sharp contrast to traditional commercial protocols, such as ticket-selling at a movie theater, that distribute a transaction so that no employee can steal money or resources undetected. There is no "root administrator" at a movie theater who can pocket your cash undetected.  Because, unlike a web server, these traditional protocols, called financial controls, can securely handle cash, you didn't have to fill out a form  to see a movie, shop for groceries, or conduct most other kinds of every-day commerce. You just plunked down some coin and took your stuff or your seat. Imperfect and slow as these processes often are (or were), these analog or paper-based institutions often provided security, financial control, and/or verifiability of fiduciary transactions in many ways far superior to what is possible on web servers, at much less hassle and privacy loss to customers. On the Internet, instead of securely and reliably handing over cash and getting our goods or services, or at least a ticket, we have to fill out forms and make ourselves vulnerable to identity theft in order to participate in e-commerce, and it often is very difficult to prohibitive to conduct many kinds of commerce, even purely online kinds, across borders and other trust boundaries. Today's computers are not very trustworthy, but they are so astronomically faster than humans at so many important tasks that we use them heavily anyway. We reap the tremendous benefits of computers and public networks at large costs of identity fraud and other increasingly disastrous attacks.

Recently developed and developing technology, often called "the block chain", is starting to change this. A block chain computer is a virtual computer, a computer in the cloud, shared across many traditional computers and protected by cryptography and consensus technology. A Turing-complete block chain with large state gives us this shared computer. Earlier efforts included state-machine replication (see list of papers linked below).  QuixCoin is a recent and Ethereum is a current project that has implemented such a scheme. These block chain computers will allow us to put the most crucial parts of our online protocols on a far more reliable and secure footing, and make possible fiduciary interactions that we previously dared not do on a global network 

Much as pocket calculators pioneered an early era of limited personal computing before the dawn of the general-purpose personal computer, Bitcoin has pioneered the field of trustworthy computing with a partial block chain computer. Bitcoin has implemented a currency in which someone in Zimbabwe can pay somebody in Albania without any dependence on local institutions, and can do a number of other interesting trust-minimized operations, including multiple signature authority. But the limits of Bitcoin's language and its tiny memory mean it can't be used for most other fiduciary applications, the most obvious example being risk pools that share collateral across a pool of financial instruments.

A block-chain computer, in sharp contrast to a web server, is shared across many such traditional computers controlled by dozens to thousands of people. By its very design each computer checks each other's work, and thus a block chain computer reliably and securely executes our instructions up to the security limits of block chain technology, which is known formally as anonymous and probabilistic Byzantine consensus (sometimes also called Nakamoto  consensus).  The most famous security limit is the much-discussed "51% attack".  We won't discuss this limit the underlying technology further here, other than saying that the oft-used word "trustless" is exaggerated shorthand for the more accurate mouthful "trust-minimized", which I will use here.  "Trust" used in this context means the need to trust remote strangers, and thus be vulnerable to them. 

Trust-minimized code means you can trust the code without trusting the owners of any particular remote computer. A smart phone user in Albania can use the block chain to interact with a computer controlled by somebody in Zimbabwe, and they don't have to know or trust each other in any way, nor do they need to depend on the institutions of either's countries, for the underlying block chain computer to run its code securely and reliably. Regardless of where any of the computers or their owners are, the block chain computer they share will execute as reliably and securely as consensus technology allows, up to the aforementioned limits. This is an extremely high level of reliability, and a very high level of security, compared to web server technology. 

Instead of the cashier and ticket-ripper of the movie theater, the block chain consists of thousands of computers that can process digital tickets, money, and many other fiduciary objects in digital form.  Think of thousands of robots wearing green eye shades, all checking each other's accounting. Individually the robots (or their owners) are not very trustworthy, but collectively, coordinated by mathematics, they produce results of high reliability and security.

Often block chain proponents talk about the "decentralized" block chain versus the "centralized" web or centralized institutions. It's actually the protocol (Nakamoto consensus, which is highly distributed) combined with strong cryptography, rather than just decentralization per se, that is the source of the far higher reliability and and much lower vulnerability of block chains. The cryptography provides an unforgeable chain of evidence for all transactions and other data uploaded to the block chain. Many other decentralized or peer-to-peer (P2P) technologies do not provide anything close to the security and reliability provided by a block chain protected by full Byzantine or Nakamoto consensus and cryptographic hash chains, but deceptively style themselves as block chains or cryptocurrency.

A big drawback is that our online and distributed block chain computer is much slower and more costly than a web server: by one very rough estimate, about 10,000 times slower and more costly, or about the same as it cost to run a program on a normal computer in 1985. For this reason, we only run on the block chain that portion of an application that needs to be the most reliable and secure: what I call fiduciary code. Since the costs of human ("wet") problems caused by the unreliability and insecurity of web servers running fiduciary code are often far higher than the extra hardware needed to run block chain code, when web server reliability and security falls short, as it often does for fiduciary computations such as payments and financial contracts, it will often make more sense  to run that code on the block chain than to run it less reliably and securely on a web server. Even better, the block chain makes possible new fiduciary-intensive applications, such as posting raw money itself to the Internet, securely and reliably accessible anywhere on the globe -  apps that we would never dare do with a web server.

What kinds of fiduciary code can we run?  We are still thinking up new applications and the categories will be in flux, but a very productive approach is to think of fiduciary applications by analogy to traditional legal code that governs traditional fiduciary institutions. Fiduciary code will often execute some of the functions traditionally thought of as the role of commercial law or security, but with software that securely and reliably spans the global regardless of traditional jurisdiction. Thus:

* Property titles (registered assets), where the on-chain registry is either the legally official registry for off-chain assets or controls on-chain ones, thus providing reliable and secure custody of them. One can think of a cryptocurrency such as Bitcoin as property titles (or at least custody enforced by the block chain consensus protocol) to bits recognized as being a fixed portion of a currency, or as controlling unforgeably costly bits, or both. Block chains could also control hardware which controls the function of and access to physical property.

* Smart contracts: here users (typically two of them) agree via user interface to execute block chain code, which may include transfer of money and other chain-titled assets at various times or under various conditions, transfer and verification of other kinds of information, and other combinations of wet or traditional (off-chain) and dry (on-chain) performance. A block chain can hold cryptocurrency as collateral (like an escrow) which incentivizes off-chain performance that can be verified on-chain, by the parties or by third parties. A full block chain computer can pool on-chain assets into a single chain-controlled risk pool spread among many similar financial contracts, reducing the amount of collateral that needs to be stored on-chain while minimizing the need for off-chain collateral calls. The block chain can also make the search, negotiation, and verification phases of contracting more reliable and secure. With on-chain smart contracts we will be able to buy and sell many online services and financial instruments by button and slider instead of by laboriously filling out forms that disclose our private information.

* On-chain treasuries, trusts, and similar, where money lives on the block chain and is controlled by multiple signature ("multisig") authority.  Putting a treasury with signature authority on a block chain computer is low-hanging fruit, but is often tied to more speculative efforts under the label "distributed autonomous organization (DAO)", which may include voting shares and other mechanisms to control the treasury like a corporation or other kind of of organization.

I hope to discuss these block chain applications, especially smart contracts, in future posts. While there is much futurism in many block chain discussions, including many trying to solve problems that aren't actually solved by the block chain, I will generally stick to low-hanging fruit that could be usefully implemented on Quixcoin, Ethereum, or similar technology in the near future, often interfacing to still necessary parts of traditional protocols and institutions rather than trying to reinvent and replace them in whole.

References

Here is a list of basic computer science papers describing the technology of block chains (including cryptocurrencies).

Wet vs. dry code

Thursday, October 16, 2014

Transportation, divergence, and the industrial revolution

After about 1000 AD northwestern Europe started a gradual switch from using oxen to using horses for farm traction and transportation.  This trend culminated in an eighteenth-century explosion in roads carrying horse-drawn carriages and wagons, as well as in canals, and works greatly extending the navigability of rivers, both carrying horse-drawn barges. This reflected a great rise in the use of cultivated fodder, a hallmark of the novel agricultural system that was evolving in northwestern Europe from the start of the second millennium: stationary pastoralism.  During the same period, and especially in the seventeenth through nineteenth centuries, most of civilized East Asia, and in particular Chinese civilization along its coast, navigable rivers, and canals, faced increasing Malthusian pressures and evolved in the opposite direction: from oxen towards far more costly and limited human porters. Through the early middle ages China had been far ahead, in terms of division of labor and technology, of the roving bandits of northern Europe, but after the latter region's transition to stationary pastoralism that gap closed and Europe surged ahead, a growth divergence that culminated in the industrial revolution.  In the eighteenth century Europe, and thus in the early industrial revolution, muscle power was the engine of land transportation, and hay was its gasoline. 

Metcalfe's Law states that a value of a network is proportional to the square of the number of its nodes.  In an area where good soils, mines, and forests are randomly distributed, the number of nodes valuable to an industrial economy is proportional to the area encompassed.  The number of such nodes that can be economically accessed is an inverse square of the cost per mile of transportation.  Combine this  with Metcalfe's Law and we reach a dramatic but solid mathematical conclusion: the potential value of a land transportation network is the inverse fourth power of the cost of that transportation. A reduction in transportation costs in a trade network by a factor of two increases the potential value of that network by a factor of sixteen. While a power of exactly 4.0 will usually be too high, due to redundancies, this does show how the cost of transportation can have a radical nonlinear impact on the value of the trade networks it enables.  This formalizes Adam Smith's observations: the division of labor (and thus value of an economy) increases with the extent of the market, and the extent of the market is heavily influenced by transportation costs (as he extensively discussed in his Wealth of Nations).

The early industrial revolution was highly dependent on bringing together bulk goods such as coal and iron ore.  Land transportation of such materials more than a dozen miles in most parts of the world was prohibitively costly, and they were only rarely located a shorter distance from navigable water (the costs per mile of water transport were generally orders of magnitude cheaper than the costs per mile of of land transport).  As a result, the early industrial revolution, and the potential for a region to be the first to industrialize, was very sensitive to small changes in land transportation costs.

Furthermore, land and sea-borne transportation were far more complements than substitutes.  Cheaper land transportation was a "force multiplier" for water transportation.  Decreasing the costs of getting to port from field or mine by a factor of two increased the number of fields and mines accessible by a factor of four, and increased the number of possible ways to divide labor, and thus the value, by an even greater factor via Metcalfe's law.  This in turn incentived greater investment in sea-borne transport. It's thus not surprising that, even before the industrial revolution, the leaders in global trade and colonization were European countries that could access the Atlantic.

By the dawn of the industrial revolution in northwest Europe the effects of horse haulage had already been dramatic: drop by a factor of two in the costs, and increase in speed by about the same factor, of transporting goods by land, the corresponding increase in commercial crop area and in area that could be economically lumbered and coal and metals that could be mined.   Multiply that factor of four by much more when we factor in (1) innovations in wheels, tires, shock absorption, and road building that followed on the heels, as is were, of the great increase in horse haulage, and (2) the great increase in mileage and inland penetration of navigable rivers and canals, especially in the 18th century, the barges again hauled by horses.  And as Metcalfe's Law suggests, the number of combinations, and thus the value, increased by a far greater factor still. Not only did northwestern European ports have access to far more land, but there were far more ports far more "inland" along rivers and canals, thanks again chiefly to the draft horses and the nutrient-rich cultivated fodder that fed them.

To enable the industrial revolution, mines and nutrient-dense fodder had to be colocated within efficient bulk transport distance of each other — which in the case of horses hauling coal or wood by rural road, was typically less than twenty miles, and for oxen and human porters far less still — to produce the low-cost bulk transportation networks needed to make industrial revolution scale use of most commercial crops and mines. Efficient bulk transportation is needed _all the way_ between the iron mine, the coal mine, and the smelter.  Because the cost per mile of water transport was so much smaller than the costs of land transport, this “last few miles to the mine” problem usually played a dominant role in transportation economics, somewhat analogous to the “last mile” problem in modern cable networks. That’s why stationary pastoralism with its efficient markets for nutrient-dense (because cultivated) fodder was such a huge win — it allowed horses to be housed at the mines, canals, roads, and factories where they worked, which no place in the world outside Europe could during that era do.  Nutrient-dense fodder created a virtuous recursion, enabling itself to be harvested (via horse-drawn mows and rakes) and transported to mine, factory, and stable at increasingly lower costs.

Industrialization came in many phases. Very roughly speaking, the first phase, in the latter half of the eighteenth century, involved the culmination and optimization of the use of horses, by northwestern Europe, and especially England, greatly expanding its horse wagon and carriage roads and horse-drawn barge canal networks.  Horses brought coke or charcoal and iron ore to the smelters. Horse-powered capstans performed some arduous farm tasks such as threshing. Along with primitive Newcomen steam engines they pumped coal mines. Horse gins also powered most of the early versions of innovative textile machinery (they switched to more power-efficient water mills when they later scaled up).  That classic carnival ride, the merry-go-round, was inspired by these perpetually circling horses.

Again roughly speaking, the second phase of industrial growth, after about 1830, was more scientific and far easier to copy than northwestern Europe's unique biology: steam engines came to replace horse gins and water mills for running industrial machinery, and the steam-powered railroad radically lowered transportation costs between major mines, factories, and urban centers. When non-European countries industrialized, such as Japan after the 1870s, they did it in a "leap-frog" style: they skipped over the long-evolved improvement in draft animals and went straight to mature steam engines and, soon thereafter, electrical motors.  Much as countries installing phone networks for the first time over the last few decades have leap-frogged over the land line era, going straight to cell phones. Starting early in the 20th century industrializing countries could replace all the remaining important functions of the horse with internal combustion engines.  England, which made the longest and most thorough use of the horse, and thereby had the transportation economies allowing it to pioneer the industrial revolution, had a less pressing need to use the internal combustion engine and thus lagged enough in that technology so that second-generation  industrializers like Japan, Germany, and the United States became leaders in internal combustion engine products.

Given the scientific nature of the second phase of the industrial revolution, which could be discovered by any culture full of literate craftsmen, this second phase was more technologically inevitable and didn't ultimately depend on northwestern Europe's unique biology.  At the same time, during the long evolution that culminate in the industrial revolution, and during its first phase, land transportation the world over was muscle powered and the unique system of stationary pastoralism, by breeding draft horses that ran on cultivated, nutrient-dense fodder, substantially lowered transportation costs. This allowed the value of northwestern Europe's bulk transportation networks to radically increase and made it very nearly as inevitable that that region would be the pioneers of the industrial revolution.

Hat tips and references: Edward Wright and Raymond Crotty among many other authors have explored some of these issues.
Raymond Crotty
Raymond Crottyamong many other authors have explored some of the issues.

Wednesday, July 02, 2014

Tweeting

https://twitter.com/NickSzabo4