Dark Side of Decentralization – What are the Hidden Risks in a Blockchain Revolution?
1. ”Dark Side of Decentralization –
What are the Hidden Risks in a
Blockchain Revolution?”
Tommi A. Vuorenmaa, PhD, CEO
10th of May, 2018, The Trading Show Chicago 2018
Meetups: meetup.com/at-anonymous & cryptodocks
Blogs: aekraes.wordpress.com & versustakes.co
2. First Amendment: Freedom of Speech
”Anonymity is a shield from the tyranny of the
majority. . . It thus exemplifies the purpose behind the
Bill of Rights and of the First Amendment in particular:
to protect unpopular individuals from retaliation . . . at
the hand of an intolerant society.”
(Supreme Court Justice, John Paul Stevens, 1994)
3. ”Privacy in an open society requires anonymous
transaction systems. Until now, cash has been the
primary such system. An anonymous transaction
system is not a secret transaction system. An
anonymous system empowers individuals to reveal their
identity when desired and only when desired; this is the
essence of privacy.” (Eric Hughes, 1993)
Cypherpunks Manifesto
5. “Crypto-assets do not pose risks to global financial stability at this time
in part because they are small relative to the financial system”
“Even at their recent peak, combined global market value was less than
1% of global GDP”
“Wider use and greater interconnectedness could, if it occurred without
material improvements in conduct, market integrity and cyber
resilience, pose financial stability risks through confidence effects”
Financial Stability Board, Buenos Aires, 19 – 20th March, 2018
http://www.fsb.org/wp-content/uploads/P180318.pdf
6. HFT BC/CC
• Correlation with other markets/instruments
• Use of high-technology (speed/scaling)
• Development of flawed algorithms
• Fear of regulatory oversight
7. Hypothesis (Rule of Three and Four): ”A stable competitive market
never has more than three significant competitors, the largest of which
has no more than four times the market share of the smallest.” (Bruce
Henderson, 1976)
Example (MarketCap on May 9th, 2018): (1) Bitcoin $158,055,024,432;
(2) Ethereum $74,527,365,046; (3) Ripple $31,386,957,364
Centralizing Decentralization
8. Desired Characteristics of Cryptocurrencies
1. Quick transfers without an intermediary or geographic limitation
2. Finality of settlement
3. Lower transaction costs
4. Ability to publicly verify transactions
9. ”The main feature of cryptocurrencies is their anonymity.”
(Bill Gates, February 2018)
10. • In traditional banking, access to information is limited to the parties
involved and the trusted third party
• In cryptocurrency space, public keys are (pseudo)anonymous:
• Transactions are public, but without distinct information linking
the transaction to anyone
• Cf. on stock exchanges, normally, the ”tape” is public, but
without explicitly telling who the parties were
Financial Anonymity
11. • ECB reports that in 2016 around 79 % of all payments made with cash
• Amounts to 54 % of the total value of payments
• Cash least used in Finland, Estonia, and the Netherlands: e.g. 54 % of
number of transactions and 33 % of value of transactions (in Finland)
• 13 % of the respondents named anonymity the reason for using cash
• Only 8 % of points of sale transactions were reportedly over 50 EUR
• Priorities: clear expenses overview, wide acceptance, fast, easy, safe
12. What is the Problem?
Personal anonymity and the lack of government regulation or oversight
==> may (shall for sure?) lead to illicit trading and financial transactions
13. • INTERPOL estimates that between 3% and 4% of illicit criminal funds
are being laundered through untraceable cryptocurrencies
• Europe found to host disproportionate amount of illicit activity
• It has been mentioned that total of 2 – 3B EUR has been laundered
• Top3 now 250B EUR (150+70+30) , then the range is 0.8 % – 1.2 %
• Mixers and gambling sites receive high proportion of illicit bitcoins
• On the other hand, it has been also reported in Japan that only about
0.19 % of suspected money laundering cases involve cryptocurrencies
The Trading Show Chicago, Tommi A. Vuorenmaa, 2018
14. • Out of the 372 ICOs investigated, raising a total of 3.7B USD, roughly
10 % (i.e. 400M USD) have been stolen by hackers (EY, 2017)
• Substituting wallet addresses, accessing private keys, stealing funds
from wallets and stealing funds from exchanges …
15. Example: Coincheck Hack on 26/Jan/2018
Hacked for 58 billion yen (about $530 million) worth of the
cryptocurrency NEM (cf. Knight Capital which lost $440 million in 2012)
Cause of the problem:
1. Hot-wallets connected to external networks
2. Lacking multi-signature requirements
16.
17. • Coincheck published 11 addresses but nobody knows who owns them
• NEM developed a tracker but anonymous services could be used
• ShapeShift has reportedly blocked these 11 addresses
• Coincheck has promised to repay their customers
18. ”The massive calculating power of quantum computers will be able to
break Bitcoin security within 10 years”
(MIT Technology Review, 8.Nov.2017)
Elliptic Curve Digital Signature Algorithm
”easy to do in one direction and impossible to do in the reverse
direction. The owner of the private key can easily create the public key
and then share it with the world knowing that no one can reverse the
function and calculate the private key from the public key.”
https://github.com/bitcoinbook/bitcoinbook/blob/develop/ch04.asciidoc#public-key
Quantum Blockchain Barrier
19. –– Fairy Tale or Teary Fail ––
The State of the Cryptocurrency
Play in the United States with
Recent Examples
20. ”SEC Announces Enforcement
Initiatives to Combat Cyber-
Based Threats and Protect
Retail Investors”
“Cyber-related threats and misconduct are
among the greatest risks facing investors and
the securities industry …”
“The Cyber Unit will enhance our ability to
detect and investigate cyber threats …”
”Retail Strategy Task Force” investigates:
• fraud targeting retail investors
• unsuitable structured products …
• … micro-cap pump-and-dump schemes
21. ”SEC Exposes Two Initial Coin Offerings
Purportedly Backed by Real Estate and Diamonds”
• Selling of unregistered securities (digital tokens) that don't really exist
• Investors in REcoin Group Foundation and DRC World were told they
can expect sizeable returns from non-existent companies' operations
• Admittedly collected 300,000 USD from investors during the ICOs
• SEC asserts violations of the anti-fraud and registration provisions
• Permanent injunctions and disgorgement, interest and penalties
• Officer-and-director bar, a bar from participating in future offerings
https://www.sec.gov/litigation/complaints/2017/comp-pr2017-185.pdf
22. ”SEC Emergency Action Halts ICO Scam”
• Claims investments would yield a 1,354 % profit in less than 29 days
• Nearly 15M USD collected from investors during the PlexCoin ICO
• PlexCorps offering products PlexCoin, PlexWallet, PlexCard, PlexBank
• Was ordered to stop the ICO launch by Quebec’s financial regulator
• Violate anti-fraud provision and registration provision of the U.S.
federal securities laws
• Permanent injunctions, disgorgement plus interest and penalties,
officer-and-director bar and a bar from offering digital securities
https://assets.bwbx.io/documents/users/iqjWHBFdfxIU/rwzk2_HjYOjw/v0
23. ”Company Halts ICO After SEC Raises
Registration Concerns”
• CA-based company Munchee sold digital tokens to investors to raise
capital for its blockchain-based food review service forced to halt ICO
• Aimed to collect 15M USD from investors to improve an iPhone app
• The company emphasized that investors could expect that its efforts
(e.g. token burning) would lead to an increase in value of the tokens
• Emphasized to take steps to create and support a secondary market
• SEC considered the above features to be the hallmarks of a security
(Section 2(a)(1) of the Securities Act)
• MUN tokens were therefore considered ”investment contracts”
https://www.sec.gov/litigation/admin/2017/33-10445.pdf
24. ”any note, stock, treasury stock, security future, bond, debenture,
evidence of indebtedness, certificate of interest or participation in any
profit-sharing agreement, collateral-trust certificate, preorganization
certificate or subscription, transferable share, investment contract,
voting-trust certificate, certificate of deposit for a security, fractional
undivided interest in oil, gas, or other mineral rights, any put, call,
straddle, option, or privilege on any security, certificate of deposit, or
group or index of securities (including any interest therein or based on
the value thereof), or any put, call, straddle, option, or privilege
entered into on a national securities exchange relating to foreign
currency, or, in general, any interest or instrument commonly known as
a “security”, or any certificate of interest or participation in, temporary
or interim certificate for, receipt for, guarantee of, or warrant or right to
subscribe to or purchase, any of the foregoing”
Section 2(a)(1) of the ”Securities Act 1933”:
Definitions; The Term ”Security”
25. Under the Howey Test, a transaction is an investment contract if:
• it is an investment of money
• there is an expectation of profits from the investment
• the investment of money is in a common enterprise
• any profit comes from the efforts of a promoter or third party
Howey Test; SEC vs. Howey 1946
https://consumer.findlaw.com/securities-law/what-is-the-
howey-test.html
26. ”SEC Halts Alleged Initial Coin Offering Scam”
”AriseBank and its principals sought to raise hundreds of millions from
investors by misrepresenting the company as a first-of-its-kind
decentralized bank offering its own cryptocurrency to be used for a
broad range of customer products and services …”
• Offered and sold unregistered investments in their purported “AriseCoin”
• Claimed to be offering a variety of consumer-facing banking products and
services using more than 700 different virtual currencies
• Claimed that it developed an algorithmic trading application that
automatically trades in various cryptocurrencies
https://longcatchain.com/data/files/181217027_425372632.pdf
27. Joint Statement by SEC and CFTC
Enforcement Directors Regarding
Virtual Currency Enforcement Actions
"When market participants engage in fraud
under the guise of offering digital
instruments – whether characterized as
virtual currencies, coins, tokens, or the like
– the SEC and the CFTC will look beyond
form, examine the substance of the activity
and prosecute violations of the federal
securities and commodities laws. The
Divisions of Enforcement for the SEC and
CFTC will continue to address violations
and bring actions to stop and prevent fraud
in the offer and sale of digital instruments."
28. Promoters of token offerings
1. Demonstrate that the currency or
product is not a security or
2. Comply with applicable registration and
other requirements (Securities and
Exchange Act in the U.S.)
3. Ensure that cryptocurrency activities do
not undermine anti-money laundering
and know-your-customer obligations
29. ”ICO Exit Scams after Listing
Ryan Gosling as Graphic Designer” (5/Mar/2018)
• Miroskii ICO: ”Bank without any Bankers”
• Claimed the main credit card issuers are issuing MRC-branded cards
• Claimed to be in the process of getting regulated in the EU
• Claimed their coin has been “tested, approved and accepted by most
of the industry giants”
• No white paper available
• Apparently used ripped images for most of the team
• Collected 833,000 USD according to their own book-keeping
End of Presentation, Tommi A. Vuorenmaa, 2018 ☐