Bitcoin Forum

https://topbitcoin.lv/bad-code-lost-500-million-cryptocurrency-year/

i think investors should learn from this . i see mostly peoples are looking for cheap development companies but they forget they will get what they paid for ..

when you starting a exchange company for God Sake hire a professional company where educated peoples worked but they will charge you more money then a individual or freelancer developer but they can give you good work

Seeing how security and actual software engineering often comes as an afterthought, instead of serving as a fundamental requirement, it comes to very little surprise to be honest. I guess that's the downside of the comparably low entry level when it comes to developing crypto related software (as opposed to, say, traditional finance, military and aircraft applications).

Properly handling immutable, decentralized transactions is hard and mistakes are costly without recourse. Even moreso when it comes to smart contracts. It seems like a lot of companies and developers haven't yet fully fathomed the implications of what processing irreversible scripts and transactions really means.


I mean...


What the. Actual. Fuck. That would be bad enough in traditional finance or actually any online application that handles money. But in crypto such a bug becomes fatal.




Here's the next thing. Granted, if Solidity where more strict and rigorous its developer base would likely be much much smaller. Nonetheless I'd argue that such strictness would be required to allow somewhat reliable smart contracts. With Solidity it may not be a code issue, but it's definitely a design issue. I don't follow Ethereum all that much, so I might be missing parts of the big picture, but what I always ask myself is: If blockchain veterans such as the Ethereum development team is unable to design a sound smart contract platform, how can we expect blockchain rookies -- which is what most of us are, given how young crypto is -- to implement reliable smart contracts on that very same platform?

Sorry if this post comes off as ranty, I guess irresponsible code just kind of grinds my gears.

A lot of good reasons to stick with Bitcoin, esp. Core and keep running full nodes and I also would trust smart contracts a lot more, if they would be based on the the Bitcoin blockchain than on any other shitchain.  In my opinion ALL of the > 1000 Alts are rather the result of missed financial/fame opportunities than a real technological progress.

Couldn't agree with this more. I get some people have had great ideas, I believe ETH is one of them, but SO many alts are just guys/teams with a get rich quick plan.

Yeah, a lot of the stuff that I've seen happening with the alts (eg. IOTA and its self rolled crypto or that whole Parity debacle... twice) and some of the hardforks (eg. B2X's insta-death and the BCH difficulty fluctuations) during the last year made me really appreciate the way Core handles things. Sure, progress may seem slow, but it's slow for a reason. Stuff's done when it's done. You can't just move fast and hardfork things. I mean you can, obviously, but its not necessarily a development and design philosophy that I personally could get behind.

Same with turing complete smart contracts. It just seems like such. A bad. Idea. Regardless of the underlying blockchain.

Maybe with some improved tooling, rigorous testing and a solid development approach this could work, alas who has time for that when there's a marketing campaign for your upcoming ICO to be run?

I love watching the altcoin and token space, but for every good idea there's a metric shitton of wtfs going on. And those whitepapers. So much fluff, oh so much fluff. Jesus.

I wholeheartedly agree with you.  I couldn't believe that there was apparently a client-side JavaScript exploit on that Bitgrail exchange, where that was the only check it had to verifying an accounts balance!?!  Seriously, code that runs in someone's web browser, wtf?  That type of foolishness wouldn't make the cut for a web game, to say nothing of financial transactions of real value.

In my view, best-practices standards are needed for security and code audits.  There are many attempts at this out there, it needs to be pulled together, structured and maintained like RFC or BIP standards are, and proliferated through the field.  Especially considering we are dealing with a rapidly evolving technology, these standards need to be maintained on an ongoing basis.  I know the steps I take to lock down a server today in 2018 are different in quite a few ways than they were in 2014, for example.

My organization is going to be looking at this issue because it's a real problem that needs some coordinated focus.  We're conducting our launch fundraiser right now with an Ethereum ERC20 token, but I have real concerns with the stability of that platform moving forward.  A deep dive is in order with some consultations with the gurus before I make any long-term decision I'll live to regret on platforms.  In some ways it's a shame, the Ethereum platform does seem good "on paper", but has some real flaws that need to be met before I would place the kind of trust in it that you do to a financial institution.

If a bank lost $500M in a year, people would be in jail!  (Well, maybe not here in the U.S., but only because the banks own our government [for now]).  But who would bank with a company that was so careless with funds it has custodial control over?

I might sound ranty back, but it's only because it's so outrageous.

Best regards,
Ben

Some services with less than competent developers should not be working in something that holds millions of dollars.

But other projects with supposedly "competent" developers and still have caused coins to be stolen or lacked deserves to be hanged. They have no excuse.

Majority of the cases were properly calculated and scam. Investors would never be able to know and even if they do, not much can be done. I believe all these issues would be things of the old in crypto.

It seems like both developers and investors tend to forget that they are handling real, actual money. Would you leave a suitcase full of cash in the middle of the street? Would you give your credit card data to some random stranger on the internet? That's what basically happens in crypto all the time.



I absolutely agree with you. As much as I love that whole wild west, new frontier vibe that crypto is swinging, I so very much appreciate the formal approach that Bitcoin and some of the alts have taken.

To be fair, handling crypto is especially tricky. Holding what equates to actual cash on a computer system is unprecedented prior to cryptocurrencies. Even if you were handling payments there was usually some form of rollback available, should things go awry. Not so with crypto, yet it seems to be partially held to lower standards than finance which is insane.

Nonetheless we've come a long way since MtGox. It's almost as if the market has begun to realize that crypto is a billion dollar business now.



Hats off to you for critically evaluating technologies. I know this approach should be the standard, however it unfortunately isn't, which makes me all the more glad to hear that there are still organizations and companies out there that take a sane and prudent approach at blockchain techologies.



I don't think that European banks are much better in that regard.

Referring to "But who would bank with a company that was so careless with funds".... I honestly think that consumers are at least partially to blame on that matter. If people would avoid shoddy exchanges in the first place, a lot of these dramas could be avoided.

This industry is very fresh. You should always have double-check code reviews with your team, if not quad-check it. This is why hackathons and bug-bounty programs exist. It should never be the responsibility of one, team work is very important. Everyone is trying to quickly get into the industry and try to make money, however ethical issues should also be kept in mind. The stronger your code is, the better your reputation is, the better your product will be.

This is why I have always taken extra measures when accessing anything that had to do with bitcoin, namely using a VPN or Tor so in order there is a leak, they couldn't get your IP, and also disabling javascript. I have never trusted exchanges, and I still don't to this day, specially now that they ask for a god damn selfie while holding your ID. It's a matter of time some day we are going to have a HUGE leak on a big exchange database, and everyone that gave a picture of them holding an ID will have this picture attached to their bitcoin addresses and then sold on the darkweb for extortion or some sick shit. I was never looking forward to that.. no thanks, which is why I always used fake names on Poloniex for example, and just left any exchange that forced me to give them my data (Bittrex doesn't even let you trade between altcoins anymore without full verification... fuck them!!)

Never trust anything, it's all compromised, everyone just wants to steal your bitcoin. I can't wait for atomic swap decentralized exchanges so I don't need to trust exchangers and the scammers running these while having javascript on.. ridiculous.

On reading OP, my own first thought was of the whining in certain quarters about Core’s relatively slow pace and “it’s done when it’s done” policy.  Also directly related is persistent calumny over their cautious desire to avoid hardforking the chain, and do so only if necessary—following research (https://bitcoinhardforkresearch.github.io/) of what could happen, and how to prevent “oopsies”.  I even once saw somewhere an explicit suggestion that Core should follow the amateurish wannabe cool kid Silicon Valley 2.0 motto of “move fast and break things” (!).

Whereas to the best of my knowledge, Core is the first and thus far, only open-source project wherein a tiny little bug could directly destroy liquid value equivalent to a hundred billion dollars in a microsecond.  I appreciate the “it’s done when it’s done” approach.

---

There is pertinent idiom, “Other People’s Money”.  I’ve mostly seen it applied by people who are critical of Bitcoin altogether, on grounds of the amount of ridiculously stupid code which idiots deploy to (mis)handle Bitcoin.  Of course, that’s like criticizing computers because most software of all kinds is trash (and so are all popular CPUs! (https://spectreattack.com/)).  Solution:  Don’t entrust your bitcoins to ridiculously stupid code, and don’t use services which do.

---

It’s not only a matter of Solidity.  IIUC, the exploitation of loopholes in the DAO contract (not a “hack”) applied some interesting “features” of the Ethereum VM itself.  Anyway, the whole concept of bolting a Turing-complete VM onto a blockchain is sheer lunacy.

This is why I am drooling over the concept of Simplicity (PDF) (https://blockstream.com/simplicity.pdf) for Bitcoin.  A powerful smart-contracts DSL with formally verified properties, which is designed to support writing of formally verifiable contracts, is exactly what we need.

Not just that.
Bitgrail Shitgrail had 2 more bugs:

1) You were able to withdraw twice the amount when following this procedure:

• Request withdrawals
• Wait for email confirmation; Don't confirm.
• Request a second withdrawal (same amount)
• Wait for email confirmation; Click on the link and confirm
• Success. You just received 2 withdrawals

2) You were able to withdraw an amount you didn't have as balance:

• Request a withdrawal
• Realize the check for the maximum amount happens client-side instead of server-side
• Manipulate the javascript (yes, javascript.. WTF)
• Profit. You just withdrew a way bigger amount, leaving your balance on Bitgrail Shitgrail at a negative amount

Those bugs don't happen by accident.
Such bugs appear when the coder has zero (really: ZERO) knowledge.

But its not like hes only unable to code properly, no.

Francesco - Shitesco - Firano claimed 17 million nano got 'hacked' and 'stolen' from his cold wallet.



To sum it up: Shitgrails owner is not just a bad coder, he seems to have zero knowledge on how to perform an exit scam properly.
The FBI already has been informed and investigations are starting. He will get what he deserves.

Oh yes. Solutions such as Simplicity are exactly why I give Bitcoin a better chance of survival than most of the alts. The academic work being done around Bitcoin is amazing. It might not be as flashy as the snakeoil that some of the alts are selling, but at least it has substance.



That reads less like bug descriptions and more like a checklist of what not to do. The second point -- not entrusting critical verification to client-side code -- is literally one of the first things that gets drummed into your head when learning web development.

Sorry, I can’t resist—that sounds funny to me, much time as I’ve spent thinking about a different type of zero-knowledge (https://bitcoincore.org/en/2016/02/26/zero-knowledge-contingent-payments-announcement/).

I presume that if the Bitgrail devs manufactured a vacuum cleaner, it wouldn’t suck.

---

“Snakeoil” is a good word for many most the numeric vast majority of the alts.  As for “flashy”, I’d say that plenty of the current and potential future features in Bitcoin (and Lightning!) are exactly that.  However, unlike snakeoil, they take longer to develop than the fifteen-minute attention span of the average social media reader; also, they’re not being hyped promoted by armies of social media sockpuppet shills and, in this forum, signature-spammers.

Developing good ideas takes time.  Developing them into reliable implementations takes more time.  Patience is a forgotten virtue, and was never known at all to the peculiar brand of technical incompetents who enjoy tossing about Other People’s Money.

Just my 2 Satoshis: I've disliked Ethereum ever since their one Unique Selling Point ("code is law" for smart contracts) got thrown out of the window after The DAO failed so hard they had to abandon their core principles and hardfork to get their money back. It proved that smart contracts are worthless if you don't understand them, which makes them worthless for almost everybody. In the case of The DAO, even the developers didn't understand the code, the only person who understood it was called "the attacker". Ironic!

I never expected Ethereum to go up in value this much after this fiasco. In my opinion, it would have been only logical to abandon the failed project. Many people didn't seem to care, and losing $500M within a year proves that once again.
Ethereum is now mainly used for ICO Token sales, which are almost exclusively very shady money grabbers. But greed wins from common sense over and over again.

Well said! PR is everything, create a token, a website, and a story, and people throw tens of millions of dollars at you!
Only a very small share of all cryptocurrencies put development first. Then again, it makes sense for the majority to only join crypto for quick cash. I'm really curious what will be the next phase in money grabbing, now that we've seen shitcoins, Token sales and hard forks.

This needs to be in a stickied FAQ somewhere:


In the abstract, what the so-called “attacker” did was no different than a smart lawyer finding a gaping loophole in a contract.  It was fully authorized use of a computer network in the exact manner which the network was declared to be intended.  Per the legally binding terms of the DAO:  “The terms of The DAO Creation are set forth in the smart contract code existing on the Ethereum blockchain at 0xbb9bc244d798123fde783fcc1c72d3bb8c189413.  Nothing in this explanation of terms or in any other document or communication may modify or add any additional obligations or guarantees beyond those set forth in The DAO’s code.” (https://web.archive.org/web/20160704190119/https://daohub.org/explainer.html)

Following those terms was not an “attack”.  It most certainly was not a “theft”!  It was only the fully foreseeable result of declaring that “code is law”, and then writing low-quality code-law with unknown, unverifiable properties.  If you dare do that because you want a flashy media event with bucketloads of investor money suddenly pouring in, then prepare yourself for your doom by meditating on the cosmic (and comic) inevitable consequences:


This is why I am so enamoured with the Bitcoin Simplicity concept, which I linked to above.  It is serious research with the goal of producing mathematically provable contracts.  We need advanced smart contracts which have no code-loopholes, just as verifiably as “2+2=4” has no loopholes.  For in Bitcoin, code truly is law.  In Bitcoin, there shall never be the disgusting sham of a so-called “irregular state change (https://blog.ethereum.org/2016/07/20/hard-fork-completed/)”.  In Bitcoin, there is no central authority with the ability to mandate such a thing!

(I do think that centrally managed pretenders with mathematically unverifiable “smart” contracts are fully suitable for use as toys, such as CryptoKitties.)


More of the same, probably for awhile.  The people who do such things are not very creative.

---

Edit 2020-11-17:  Fixed broken image, added image attributes.  No previous edits, and no other changes.

Do you think certain practices such as TDD/pair programming/ and certain languages such as using a functional like Haskell/Lisp/F#/Clojure/Elixir/Erlang would've prevented these types of situations to begin with?  While anybody working with the web HAS to be proficient at JS, due to bugs from mutable state and potential tight coupling, I've really been reluctant to dive deep into C++/Python/(anything JS related Node/Solidity) when by just using another language, all of these potential threats are mitigated by default of the language.

Plus, as you mentioned, people would be in jail for losing large amounts of money, the potential liability a company has, to me at least, makes this a no-brainer. 

This thread is just another reminder of how important clean code principles are. 

Z

As a general rule, good programmers can write good code in whatever language they happen to use; and bad programmers will write bad code in any language they try.  Moreover, no formulaic technique will turn idiots who don’t know what they’re doing into software engineers.

Bitcoin Core is the gold bitcoin standard for reliable Bitcoin software.  It is written (primarily) in C++.  Programmers such as gmaxwell, sipa, and others who write excellent code for this project have no need to switch to another language, unless they find technical reasons which would make another language a better tool for the job.  Also, they have no need to be taught “certain practices”—whatever they do, it is evidently working.

I myself write in C.  In my experience, one ready means for me to find a fool who has scant, shallow understanding of technology is to wait for someone to give me a popular speech about “memory-safe languages”, or whatever.

On the flipside, the idiots who created the software disasters in this thread could have been writing in pure Haskell—they still would have created disasters!  Morons who even think of using client-side validation code for financial transactions are innately incapable of writing good code.

There is no magic bullet for creating the software engineering of which HeRetiK speaks.  And those who believe that the former exists, will never do the latter.

One exception to the aforestated general rule is such a thing as smart-contract code which lives on the blockchain.  That code must be absolutely free of bugs—including as of compiler bugs, etc., which can undermine even perfectly-written code.  For any relatively complicated program, the only means to guarantee bug-free code is to mathematically verify its properties.  That is why I am so excited about the Bitcoin Simplicity research, as discussed above; but that is still in the early research stages.


I think the first step is for people to stop grabbing onto crypto-nonsense, from fly-by-nights who bang out shoddy code for Bitcoin, to ICOs of any kind.  There is an incentive to write awful quality code, when people actually buy into it.  As LoyceV observed only a few posts ago:

---

(P.S.:  Please trim your quotes.  Thanks.)

I don’t think this would solve the problem that caused these losses. Bitcoin core doesn’t have any functionality that keeps track of user balances that are separate and distinct from wallet balances.

To my knowledge, these companies were tricked into signing transactions for amounts larger than they should have. I don’t believe there were any issues with the wallet software in that the wallet behaved as it should have — the wallet software did not think deposits were received that never confirmed and signed transactions as instructed.

I think the root cause of this is bad business practices. Notwithstanding poor implementation of verifying account balances (and similar) these companies either held way too much money in their hot wallet, did not verify DB balances matched blockchain balances (within a reasonable variance), did not investigate the root cause of overdrafts and/or a combination of the above prior to topping off the hot wallet.

Hi Nullius, thank you for your very blunt and honest answer.  I appreciate it.  

I'm going to start learning Simplicity ASAP.  

If anybody else here knows of any resources of how to best learn it, it'd be greatly appreciated.

Thanks in advance!
Z

I’m happy to help.

As I said in my post, Simplicity is still in the research stages.  I linked to the original Simplicity paper (PDF) (https://blockstream.com/simplicity.pdf) in one of my earlier posts in this thread.  Per the whole subject of this thread, doing things right takes time!  A formally verifiable domain-specific language needs serious R&D work.  This is the stuff of heavy-duty computer science; it is not something which can be slapped together overnight.

I think if you read the paper, you’ll be as impressed as I am.

Note that anything in the research stage does not have guaranteed results.  I think the concepts look sound, insofar as I am able to understand.  The hard maths of provable code exceed my own level of education (not only in Simplicity).  Yet if you walk through the paper, I think you’ll find the general shape of Simplicity not difficult to grasp.  It’s called “Simplicity” for a(t least one) good reason:  It’s designed to provide a foundation which will be simple to use for building powerful smart contracts (never mind the R&D to get to that point).  The people working on it do have a track record of delivering results.  I look forward to seeing how this develops.

As these events occur again and again we get to reflect on code developers and their skills.  Should they even be allow to release these coins?

Even though most of the coin source code is found in github, do people really go through them?  They are usually provided with no clear explanation as to what is going on within the code.  Much of the system is copied (forked) from previous projects and re-used.  It takes quite some time and effort to figure out what is going on.

I see many people signing up for bounty programs for new coin announcements even though much of the business and/or technical details are missing.  The only thing the announcements seem to boast are the bounty programs.  These coins still raise millions of USD. 

By looking at some meetups activities, it looks like the waves of new coins will continue if not pick up more speed.  With such a madness to release coins so quickly, the coding errors are inevitable.  But prior to talking about code bugs, the requirement errors should be first identified.  I wonder if all these rapid releases even understand their own requirement.

Nullius, thanks again for the heads up on Simplicity.  I looked over the white paper and asked the Google his thoughts and am excited to give it a test drive in future.  Especially the different combinators and convenants.

Ironically though, you sort of reinforced the point I had proposed earlier, in that by possibly using a functional language (Simplicity is functional), you lessen the chances of bad code due to the nature of functional languages having immutable state.  In fact, Simplicity takes it a step further as they don't allow loops (page 1 of white paper) and use functions written in Haskell, another functional language (pg.24 of white paper) to generate Simplicity.



I had eluded to "clean coding" in an earlier post.  Whether you like Agile or not, many lessons taught by Uncle Bob relate to the issues brought up in this thread:

"Clean code is simple and direct.  Clean code reads like well-written prose"

https://www.goodreads.com/work/quotes/3779106-clean-code-a-handbook-of-agile-software-craftsmanship-robert-c-martin

If we're depending on the open source community as a whole to advance these new ideas and new paradigms, I think it's vitally critical to write code so that anybody else can take it further very easily.  

In regards to forking, I went to a great seminar last week where a VC/ICO investor brought up an interesting point in that since forking is more commonplace, what differentiating value can a company offer other than the product?  For me, the answer was obvious.  Great community of intelligent programmers.  So the question is what do intelligent programmers want in a company?  I think it was JFK who said:

"Ask not what your programmer can do for you, rather ask what you can do for your programmer" (drum hit!)

In regards to new coin announcements with critical business details missing, I completely agree.  (pls can somebody explain why Cryptokitties has done so well and what their monetization strategy is??)  

Part of the reason I joined this forum is my startup was going the traditional VC route, working on getting ACTUAL METRICS & TRACTION first but some of our competitors launched successful ICOs so I'm hoping to learn from all of you why any sane investor would invest in an ICO with NO metrics?  We want to be the exact opposite and have maximum transparency, great metrics, great programmers (pm me) before we would even think of launching an ICO.

For those of you who aren't familiar with the VC venture capital world, ICOs are an existential threat to their industry, which is ironic since they are usually the ones disrupting entire industries.  This is great for programmers who have great ideas because unless you're lucky enough to find a VC who shares your vision of the future, it can be very time consuming to raise capital.  

Lastly, our company is a B Corp (public benefit corporation) and we'd like to set it up as a Teal corp for maximum transparency but am curious if people even care about that.  
https://www.strategy-business.com/article/00344?gko=10921

Most of the Bad code is a result of companies using proprietary software. In the Open source environment, proper Peer review are done, before the code is submitted and applied. Some of these companies are in such a rush to be "first to market" that they skip beta testing and review. They want to be "first to market" and then patch like cowboys in a live environment.  >:(

This is why Bitcoin is so secure. Nothing is rushed, proper testing is done on a TestNet and submitted for Peer review. We saw what happened with rush implementation with Bitcoin XT.  ::)

On the other hand, I could say that people/users can be blame too for this inexplicable continuous hacking & bad news. Why?
Simply because most of them don't want projects that are slow on production. They only think about the "hype" without realizing that there is a proper flow for conducting new features. They passively pushes the developers/coders to do an early releases that have greater chances for bugs and errors. This is a very common thing on some projects here in bctalk  ;)

Everyone should be allowed to release coins. That's the whole point of being able to fork open source code -- cryptocurrencies are no different in that matter. It's only that people should be smarter than throwing their money at every new coin and token that enters the market.



People that sign up for bounty programs don't care much about a project's feasability. Why should they, it's free money for the most part (ignoring time spent).

It's only when people start literally buying into it that things get problematic. But they can mostly blame it on themselves, if you're honest. No one is forcing anyone to invest in something that they don't understand.



It seems like every now and then people need to take a lesson. Many people will waste their time and money, but in the end the worthile projects will prevail and some people will hopefully end up smarter regarding what makes a good project.



An open source environment doesn't prevent one from writing incorrect code. Case in point:


I guess you are mostly referring to applying a proper engineering methodology. Whether you do proper engineering has nothing to do with being open source or being proprietary -- it's a matter of properly assessing how critical your code is. And in crypto pretty much every bit of code is critical while most devs still seem to be in happy-go-lucky start-up land, instead of in finance.

I have been part of a few airdrops with bad code. Some have completed a swap and others have decided to just shut down the project and start over again.

One really good team for finding bad code is the Ethereum Blue team. They are developing the BLUE wallet, which is supposed to be very secure. One of their goals is to use statistical analysis to find flaws in contract code and warn everyone about them. They found the Etherdelta hack, the Monero Gold scam and the Etherdoge scam. Honestly, they are doing the crypto world a huge favor. 

Thanks for this post!  I personally hadn't realized there was a lot of proprietary software being used in this space as I thought the whole point and benefit was leveraging the open source community.  I'll ask my dev partners if they know of TestNet.  I'm personally only familiar with TDD/BDD so love learning about any new testing paradigms that ensure the code is solid and not brittle.


Is it therefore more of a responsibility of the company to manage expectations and even use that as PR to showcase that the team is being extremely thorough in their testing of the code?


Your post gave me an inspirational idea.  Would having programmers who previously worked for banks be preferred since they'll be particularly aware and sensitive to the nature of finance?


This looks exciting.  I tried searching for the Github but is there only an SDK available right now?


Your post reminded me to this older story:
https://dealbook.nytimes.com/2012/08/02/knight-capital-says-trading-mishap-cost-it-440-million/

I think that there is wide variation between projects/services in how seriously they consider security issues and code vulnerabilities.  It is also difficult to know for sure which is a A+ project and which is an F, especially when they first launch.  Even Amazon faced this problem when it was new.  Some people didn't trust online commerce at all, it had to earn the trust of its customers.

With crypto assets, the situation is worse in some ways because the stakes are potentially much higher.  A crypto exchange is essentially a bank if it has custodial control over funds.  So it needs to have bank-level security.  But a new exchange just launching might have the very best security practices in place, but it will have to earn over the trust of its customers.  But the reality is that a new exchange launching needs enough customers in order to stay in business, so the difficulty can be real in earning enough customers as an unproven entity.  Decentralized exchanges provide a good answer, but only to the extent that they are implemented and operated in a secure manner.  But decentralized exchanges will not end the need for fiat/crypto gateways, at least for the time being.  Some actual standards that are established, maintained as technology evolves, and are complied with by these businesses could help to at least set a baseline in these areas.  I'm not saying they should be "mandated" (though regulators may have a different view of that), but rather, that the market should favor those that choose to implement them.  Voluntary opt-in but a market expectation that any good operator does put these measures in place.

Of course, a conservative approach would be to not use any service other than those that you've been using and had no problems with.  Online trading of stocks took a while to be embraced by the masses.  Many people stuck to their brokers, with their high fees, for a long time because they either didn't want to learn the technology or because of stories they'd heard about fraud, weak security, and/or website functionality/UX issues.  Early stock trading websites weren't very fun to use, they were often adapted from internal systems that brokers used.


The "wild west" is a great approach to take in exploring ideas.  Some of the altcoins that aren't simple clones have some very interesting ideas that could eventually be more widely implemented in other, larger cryptos eventually.  Some of the ideas won't shake out, however.

But even altcoins are mostly "live", representing real money.  Of course anyone that gets involved with them knows that there is a chance the value could go to zero, but when you are dealing with actual funds, you have to be a little less "wild west".  There is a need for structured testing in testnets before you roll out something to your real blockchain that could end up destroying peoples money.  The best currencies do this.  Many of them, however, can't always afford the infrastructure to run a separate testnet.  I'm hoping to help some of the good ones with some infrastructure.

Also regarding the "wild west", regulations will be happening.  They already are in some legal jurisdictions.  My view is that, as a community--really an industry--that it is far better to get out in front of regulations with common-sense, reasonable standards that are adopted as industry best-practices.  Regulators are inclined to work with their "constituents" if they are legitimately dealing, as an industry, with the problems.  I don't think crypto assets will be banned in any major country (and of course I understand the argument that they "can't" be banned due to their nature, which is true, but that doesn't mean that regulators don't ban something on paper) because some countries are openly embracing Bitcoin and seem to be becoming aware of the wider implications of moving to decentralized systems.  The comment yesterday from the Prime Minister of India was really nice to see, for example.

Another area that needs a close look is the way that KYC is conducted in ICO/ITO offerings.  In my view, the risk of giving out your information to some project on the Internet is just as high, if not higher, than the risk of losing funds from the venture.  Identities can be stolen, either by a hack or by malicious ICO projects.  This is something that the industry could establish a decentralized solution that would balance the legal requirements with practical requirements of the crypto model.  These rules were written for banks, and while there is some overlap, there is also a different set of considerations that need to be taken into account when dealing with decentralized entities.


Thank you very much.  I hope it does become the standard.


I agree that consumers share in the responsibility to make sure the places they do business with are trustworthy.  At the same time, there needs to be a pathway for new businesses to be able to enter the market and be able to prove that they, too, are able to be trusted.  I guess a "toe in the water" approach, trying a new business slowly, is one way to approach that.  Standards that are voluntary but that become "expected" is another approach.

As the industry expands, these things will be put in place, either by the industry or by the regulators.  U.S. securities markets are "self-regulated" with entities like the SEC providing oversight to "self-regulatory organizations" such as FINRA.  That could be a good model that balances the unique aspects of crypto assets with the legal requirements.

In any event, it's good to be able to have this conversation.  It's good to know that others are also thinking about these factors.

Best regards,
Ben

I intended, and may perhaps make some replies upthread.  Sorry, I lost track of the discussion.

Whereas now, I am compelled to call out an object example of just how we get so much bad code, causing so many losses:

“I want to learn coding / with blockchain whats the best language? (https://bitcointalk.org/index.php?topic=2984326.0)”

Some excerpts of my reply (https://bitcointalk.org/index.php?topic=2984326.msg30731649#msg30731649):



Seriously.  This world is infected with the notion that everybody and his dog is entitled to learn programming.  People take it as an affront if you do not encourage this, and an outrage if you suggest that they are just not capable.  Then—surprise, surprise—“Re: Bad Code Has Lost $500M of Cryptocurrency in Under a Year”.

“If you have NO experience start with HTML and CSS, slowly work your way into JS.”  Please tell me you do not code anything which touches money, ever.

FWIW, one of the characteristics I respect about Core is its reputation for being—shall we say, a bit of a harsh environment.  Not a “welcoming environment”.  So-called “welcoming environments” are welcoming to the rot of lowering standards.

I think you just came up with the BILLION DOLLAR IDEA right here!


I'm being dead serious here but one of the reasons I keep coming back to this board is for experts such as yourself, HeRetiK and BenOnceAgain (hey just noticed the little rhyming pattern)

Have you thought of doing an advanced course that teaches best practices?  Why not monetize your knowledge and expertise and simultaneously benefit the community to have better standards and protocols?  

Sorry but nobody really does doublecheck by another team anywhere in dev, so def. not in a new industry like crypto...

I respectfully disagree.  As a company, you would want to ensure your code is reliable and has been vetted by other professionals. 

Your reputation is important if you want to sustain a long term company that provides a service to the world.

A lot of coins are lost in coin swaps and even from dust into wallets, nany people on waves do not back up thier wallet seed and I know of some cases where tokens and whole accounts are lost, and shall we go onto encrypted QTs, again lots have lost from these.. It's human nature to lose shit or fuck shit up  ::)

It is sad and reality. On the other hand hard working people will find the issues as opportunity to develop better products.

The recent (and a really good) example of bad code here: http://www.tangleblog.com/wp-content/uploads/2018/02/letters.pdf

This is not “bad code”.  It is DIY crypto.  Worse, DIY crypto for a primitive—a DIY hash!  Worse still, DIY crypto by a corporate outfit which never showed any evidence of being inhabited by world-class cryptographers—despite their claim in a spin-job piece that “the IOTA Foundation has already subcontracted a team of 5 world-class cryptographers, as well as 3 independent ones to come up with a final design of Curl and then start the long peer-reviewed process, as was always the plan. (https://blog.iota.org/curl-disclosure-beyond-the-headline-1814048d08ef)”  N.b. that even world-class cryptographers need their primitive designs to undergo extensive peer review before fielding them with Other People’s Money—whether it’s the “final design”, or otherwise!

One of the people who broke IOTA had some damning words for it, in “Cryptographic vulnerabilities in IOTA (https://medium.com/@neha/cryptographic-vulnerabilities-in-iota-9a6a9ddc4367)”:


Anybody who buys into such ill-conceived crypto-junk as IOTA deserves to lose their money, on grounds of foolishness.

---

Who’s going to stop me from releasing code?  You?  Some government?

N.b. that anybody who could forcibly stop code monkeys from releasing bad code would also have the practical power to ban Bitcoin.


Well, next time somebody tries to argue with my statement that 99.9% of altcoins an 100% of ICOs are pure make-money-fast scams—may I refer to your above statement?

---

It’s all about the right tool for the job.  Simplicity is domain-specific, with very particular requirements.  The code used for creating Simplicity will inherit some second-order version of the same requirements.

Whereas for general-purpose programming, my own point was that there is no magic bullet.  If some Haskell experts think that Haskell is the right tool for their job, then they will probably get good results.  But their results will not necessarily be superior to those of C++ experts writing C++.  More to the point, Haskell would not be a magic bullet for fixing the trash code churned out by idiots; and on the flipside, there is no sound reason for, say, Core to switch to Haskell.

I observe, Simplicity will not be able to prevent people from writing insecure smart contracts.  Again:  No magic bullet!  Its purpose is to let smart people formally verify their contracts.

---

Open source is not a magic bullet, either.  You didn’t say as such—but many people do.  Thus why I added boldface to the important parts, which are facilitated and enabled by open source.


XT had severe bugs in its wetware layer.

---

This is what RISKS (http://catless.ncl.ac.uk/risks/)-subscriber types used to call “dancing pigs”.  People will not pay for correct, reliable, secure things.  People will not wait for them, either.  They want their dancing pigs, and they want them now!

---

Banks’ code quality is oftentimes abysmal.  Of course, it depends on the institution—and such questions as, consumer banking vesus institutional investment.  But overall, I think that much banking code is “WTF”-riddled stuff which ultimately relies on transactions being revocable.  At best, you can’t rely on code being good just because it’s from a bank!

Moreover, persons from banks have been immersed in an institutional culture which is inimical and antithetical to the culture of Bitcoin.  Individuals will differ, of course; but I’d start out wary of anybody who had worked for a bank.

Ultimately, with people as with languages, there is no magic bullet.  If you look to the backgrounds of the best (non-anonymous) Core developers, I think you’ll find some vast differences.  So as for past history.  The common factor in the present is that they are smart, serious, responsible people who are devoted to Bitcoin.  In some cases, zealously.

---

Good luck regulating me.  Or discerning which jurisdiction I am in.

Bitcoin is cypherpunk money.  Though I am sensitive to needs by others (https://bitcointalk.org/index.php?topic=3008251.msg30937407#msg30937407) to comply with legal régimes, I am fundamentally opposed to any Bitcoin “regulation” of any kind.  Also, I myself will always ignore it in my personal affairs.

Moreover, regulations don’t work.  Highly regulated fields such as (cough) government and military contract work do tend to be bug-riddled abominations.  Banking code in many cases, as aforesaid.  Healthcare-related code, quite often.  And transportation...  Everything is broken. (http://catless.ncl.ac.uk/risks/)  Regulations don’t fix it.


I have an easier solution:  Don’t ever do “KYC”.  Avoid anything and everything which requires it.

For Bitcoin-related purposes, I have never submitted to any “KYC” identity-rape (https://bitcointalk.org/index.php?topic=2869862.msg29488624#msg29488624).  No, really (https://bitcointalk.org/index.php?topic=2869862.msg29491698#msg29491698).  Nobody’s records show I own even a single satoshi—“nobody’s”, as in “nullius”.

Oh—you said “ICO”.  Well, those are scams which should be avoided, regardless.

My view: I am far from an expert on cryptography but I will say this, cryptocurrency depends on rock-solid, secure cryptography.  It is exactly where the trust is placed in an electronic money system. By removing it from governments/banks (who don't deserve it regardless), and instead trusting the software and the network it defines (not individual nodes, per se), you must have an extremely robust cryptographic algorithm and you also must be prepared to change it quickly should it ever prove to have a previously unknown weakness.  As far as I'm concerned that should be common sense.  I don't know precisely what happened with IOTA but I have read a little bit about it and I'm not sure why the currency continues to circulate given what I do know.  I guess too many people had invested into it by that point, which is more a political reason for continuing to exist rather than anything based on technical merit or the capability of the system.  I'm not sure why the IOTA people thought it was a good idea to throw in some untested cryptography, but that seems like a very amateur thing to do.

I agree that when people make a bad investment they deserve to lose their capital provided it wasn't outright fraud and that it is absolutely crucial to do your own research.  I do think that the bar should be lower than having to be a cryptographer, especially as crypto assets are more widely adopted.  Governments will seek to "protect" consumers to the extent they are able to.  I use quotes around the word protect because I disagree with a few things concerning the current direction that regulation of crypto assets seems to be taking.  I believe, in general, that cryptocurrencies should be treated as a currency, not as an investment asset class.  I think eventually that will shake out, but governments have a habit of doing all of the wrong things before finally doing the right one, so it does concern me.

---

I agree that many, most, of ICO/ITO projects just seem to be a money grab.  I think that's reflected in the high rate of failure and fraud.  I believe it has a potential for a  promising future method of raising funds for legitimate projects, but I believe the market should really be discerning about what projects people choose to invest in and that there should be some standard way to evaluate these projects.  Not mandated by some government but instead expected by the market.

---

Thank you for the link to that white paper.  Simplicity looks to be a substantial improvement over Solidity in terms of being able to implement a smart contract that is secure.  I agree that an individual contract is only as secure as the contract code.  But as far as Solidity goes, it has a funny name now that I think of it, because it seems anything but solid.  I really wanted it to be everything I thought it could when I first read about it, but it really "feels" fragile.  Maybe it's because of all the horror stories I've read about it.  But I don't think so.  I don't know how to describe it except to say it just doesn't have the rock-solid stability that one would expect from a scripting language that controls billions of dollars of underlying value.  I could be wrong, but usually when I am using a piece of tech and it doesn't have the right feel to it (that's really the only way I can succinctly describe it), it ends up being a dud.

---

I agree that proprietary code quality is often horrible, especially banking.  My experience with banking code, like many other internal systems, is that it has been adapted and hacked and made to "work" with the digital equivalent of duct tape and bubble gum.  And that's on a good day.  More recently, there are banking systems that have resulted from merger after merger after merger of smaller banks into the large behemoths we have today that are reliant on code that has been in place for at least a decade.  No one dares to touch that code because if they do, they will break 500 things that you'd never expect have some dependency on this swiss-cheese like construct.  Most of my experience in this comes from commercial banking as opposed to investment banking, perhaps it's more cohesive over there?  But I doubt it.  Like any business, banks do not upgrade their systems and proprietary systems are among the worst from a "wtf how is this even working" perspective.  I mean, I am sure there are great coders in the banking business.  But they are the exception, not the rule.

Open source is NOT a magic bullet, as you said, it is more the peer-review and intensive testing process that creates quality code.  If I was writing code, especially something that represented money, or votes, or peoples health, I would want it to be widely tested.  Hack it, find the flaws, let's really make sure this code is resilient.  The best open source projects have this.  Too many, however, are missing crucial parts of the team or infrastructure to carry this out, or sometimes even the knowledge and understanding that this is a must for any code to be used in production.  People thinking they can just throw something together and hope for the best, when you're dealing with something like digital money, is highly irresponsible.

I also admire the zealousness of many of the Bitcoin Core team, those that I know of.  They are a big reason, to me, as to why Bitcoin is something I know deserves more trust than any of the altcoins.  Personally, I am a person that is passionate about the projects I take on and when I see that passion emanating from other people about their projects, it resonates with me.  Bitcoin is not perfect and certainly, it has evolved over time and will continue to do so.  But everything I have observed about the people that are part of Core, their writings on the listserv and discussions on GitHub, etc., shows me that they take their responsibility very seriously.  At least to me, that is a very important and crucial distinction between Bitcoin and 99.9% of the altcoins.

---

I agree that staying under the radar of regulations is an ideal scenario when that can be done.  However, that is not possible in all circumstances.  Fiat/crypto exchange (besides P2P cash) is very difficult, for example, without a relationship with an entity subject to KYC regs (at least in the US).  And for the foreseeable future, fiat/crypto conversion will be necessary for adoption.  

Regulations rarely do anything useful, I agree with that.  The thing about regulations that I know from a lot of experience with regulators is that it is much better to work with them than to ignore them and/or fight them completely.  Regulators often will defer to industry when they come together with a reasonable and workable solution to whatever the issue at hand is.  When this doesn't happen, the regulators decide on their own how best to handle the situation.  Or even worse, other interests chime in with their view and that becomes the model adopted by the regulators.  Right now crypto is around $450 billion USD in total market capitalization.  That's just a little under the market capitalization of Facebook, one company.  We know this is going to grow, and in my view, market capitalization isn't really a good metric to measure currencies, but it's quick on Google.  However, once crypto assets really start to bite into bank profitability, you better believe that they will be whining to the regulators to tighten the screws.  I believe that businesses in the cryptocurrency field need to be paying close attention and be prepared to work with regulators instead of letting them run the tables.

As far as ICOs go with KYC, I don't blame you for not giving out your information.  It's dangerous.  Losing the money you'd invest is bad enough, but having your identity stolen is just as bad, if not worse in many cases.  If ICOs are ever going to get away from the fraud aura, they need a way to be conducted legally without the extensive KYC information disclosed.  I can go on eBay and buy something right now from a stranger and, yes, they do get my address, but that's only because they're shipping me something.  I think there can be a better way to do KYC in the crypto realm.  The set of circumstances are very different between me going into a bank to open a bank account or opening an investment account online and deciding to invest in an ICO.  I can buy shares of stock without giving them a picture of the front and back of my passport and a selfie holding it up next to my face.  Why should it be any different from that?  I have some ideas to make KYC more safe and secure, ticking them around in my mind at this point.

Anyway, thanks for good things to think about.  I appreciate it.

Best regards,
Ben

It’s sad how few people understand this.  Bitcoin is not merely a new mechanism of transmitting money:  It is a radically (from radix = [at the] root) new and different kind of money.

This misundersanding also explains why so many people parrot “vires in numeris” who neither speak Latin, nor use PGP, OTR, etc., etc. to secure their communications.  Uptake of crypto in the cypherpunk sense is abysmal amongst people who talk about “cryptos” all day.

And apropos the topic, I think you’re right:  This lack of fundamental comprehension has serious consequences when people who do not get it set their hands to “cryptos”, whilst neither undersanding nor caring much for the crypto.  Bitcoin requires a new mindset.  To handle it, you must understand on a very deep level that mathematical algorithms rule as by divine right (https://bitcointalk.org/index.php?topic=2665019.0).  There is no higher court of appeal, no chargeback, no kill switch—nothing to help you if you muss the maths, lose your secret keys, etc.

If you get that, then you will pay careful attention to the quality of your code.  Also, you will much respect Core—because they get it, too.  And if you dare to make your own currency, you will not start by designing your own hash function as IOTA did!  That really wrecks any credibility they ever had.


As for the latter bolded part:  I don’t see “amateur”.  I see PHB + NIH.

Come on.  We’re the big boys.  Microsoft is involved—you know, the company which does \ instead of / as a directory delimiter.  For our billion-dollar cryptocurrency, we will do innovation!  We don’t just use a commercial off-the-shelf hash which everybody else has.  We have our own hash!  The boss says so.

Ben, you speak of some experience in that world.  Did I approximately describe an amplified version of a scene you’ve seen play out a thousand times?

...also above:  The former bolded part hit the nail on the head—perhaps (?) more than you intended.  “political reason... rather than anything based on technical merit”  Cf. later in your post:


With due apologies to some folks here, there is more than one way to skin a cat.  The “problem” you state is addressed not only by potential regulation, but also by misappropriation (plus other means).

Strictly speaking, I am on a topical tangent from this thread.  But this issue is on-topic anywhere Bitcoin is discussed; and it does pertain to the crypto-fail in IOTA.  Why would the PHB demand a NIH hash, presumably for marketing purposes, without even a slight standard of care about the potential consequences?  Because the purpose of IOTA is not to make a real cryptocurrency.

A truly great idea which could change the world can only be stopped by twisting and distorting it.  This has happened repeatedly in history.  Bitcoin is an idea of such historic magnitude.  I here sketch a multi-pronged distortionary attack on Bitcoin:

• Misappropriate and dilute the Bitcoin brand.  Scamforks.  Btrash is the biggest right now.  See also a long list from “BIP 100” to XT to S2X to Bitcoin Super Plutonium With Ponies.  The long-term fork wars (https://bitcointalk.org/index.php?topic=2893115.0) with repeated coup attempts (https://spectrum.ieee.org/tech-talk/computing/networks/the-bitcoin-for-is-a-coup).
• Misappropriate and dilute the concept of a “cryptocurrency”, level 0.  IOTA, Ripple, and other attempts to make “cryptocurrency” mean a centrally controlled Visa/Paypal 2.0.  Distort, dilute, and thus destroy.  Some have the magic pixie dust of “blockchain” sprinked on them (https://bitcointalk.org/index.php?topic=2981313.msg30785089#msg30785089).  Others (such as IOTA and Ripple) are “better than blockchain”.  All are only means to the same end:  Attack the radical concept of Bitcoin at its root; and meanwhile, shear the sheep for lots of money.
• Misappropriate and dilute the concept of a “cryptocurrency”, level 1.  Not done by the “big boys” themselves, but certainly beneficial to them.  Scammers pumping low-quality altcoins and ICOs are tarnishing the public name and image of a “cryptocurrency”.  Let them run amuck for awhile.  Wait for people to cry out for some “consumer protection” after they got swindled by the same scum who have spammed this forum to near-uselessness.  Paint Bitcoin with guilt-by-association in the media—how often do you see “Bitcoin” and “ICO” mentioned in the same breath, discussed in the same article, when they are not even remotely related?  Then ride in as a knight in shining armour to protect Da Peephole from the Wild West of “Cryptos”.

I could probably list more, even draw a full taxonomy.  But that will suffice for the here and now.

There is only one Bitcoin.  Out of close to a thousand active altcoins, the alts which are even interesting (let alone viable) can be counted on the fingers of one hand.  Even for the good ones, most of them will probably wind up with their best concepts integrated into sidechains (https://bitcointalk.org/index.php?topic=2527556.0) whenever Bitcoin finally gets a viable decentralized/trustless pegged sidechain/drivechain implementation on mainnet.  That is, if their innovations aren’t simply copied (and improved) into Bitcoin directly.  (The only things I think couldn’t be handled that way would be either a viable replacement for the Hashcash-style PoW system for BFT transaction ordering, or something which radically changes the economics of the currency.  Thus far, all such ideas on both points are either half-baked, or actively harmful.)

---

(Addressing same post; but using a divider between major concepts.)

---

Ethereum has a deeper problem:  Bolting a Turing-complete VM onto a blockchain and painting it over with a Javascript-style language is manifestly irresponsible as anything other than a research project (i.e. not as “money”).

Satoshi was extremely conservative in his design of Bitcoin script:  A simple stack language with no loops, etc.  Even so, a bunch of opcodes had to be hurriedly disabled in early versions—and we got the notion of “standard scripts” tacked on for extra protection against footguns (and to some degree, malice by anybody who isn’t a miner).  For money-handling on a blockchain, this is responsible behaviour.  Rome wasn’t built in a day; and if we want more powerful smart contracts, we need to let the maths wizards grind the problem for awhile.

But Vitalik knows better:  Give us a system wherein we can prove neither the correctness of the VM, nor the correctness of the compiler which emits VM opcodes, nor the correctness of the code fed to the compiler.  We don’t really know what it does in all possible cases; but, who cares what it really does?  Then, etch the results (https://web.archive.org/web/20160704190119/https://daohub.org/explainer.html) into a blockchain forever—or until Vitalik commands otherwise (https://blog.ethereum.org/2016/07/20/hard-fork-completed/).

(I keep hitting only that one issue, because ETH is so disastrous I started tuning out its news awhile ago.  Yes, I heard about that mountain of money lost to a deleted library, etc.)

Wetware problem:  Try explaining this problem in non-technical terms to a non-engineer.  I know of intelligent people who do ETH.  I don’t really blame them.  They never even heard of most of the jargon I used above.  I myself barely know enough about computer science concepts (https://bitcointalk.org/index.php?topic=2984326.msg30870414#msg30870414) to grasp why Ethereum is a very bad idea.  And ETH has some slick marketing, plus a big boost from the pathogenic viral marketing of “token”-pushing spammers who need it hyped so they can run their P&D scams on this forum.

---

I want to quote more of your post.  I urge others to read this post carefully.

What most people do not realize is that “the digital equivalent of duct tape and bubble gum” is holding together most of the modern world.  I’ve long held that anybody who actually understands computers, will refuse to use today’s existing computers (unless slightly crazy—which I guess includes me).  Unplug, drop out, and go live in the middle of the woods somewhere.

Human beings know how to build correct, reliable computing machines.  I’ve read of fully redundant systems which could lose a CPU any time without blinking, capability-based research systems, etc., etc....  But all that is too expensive, plus too slow to bring to market.  People want their Dancing Pigs and their Cryptokitties.  Thus, we get everywhere the computing equivalent of Ethereum.  Who wants to wait for research like Simplicity before running a hot new ICO?

It’s the same with buildings.  Once upon a time, a cathedral would have its foundations laid by workers who cherished the faith that their grandchildren may live to see spires rise to the sky.  Nowadays, having forsaken cathedrals to please gods, all the world’s a goddamn (https://bitcointalk.org/index.php?topic=3013604.msg30997322#msg30997322) bazaar:  A pile of cheap shacks and stalls thrown up in a hurry so that idiot masses and idiot plutocrats alike can hawk their baubles to their fellow idiots.  Shiny!  Needs a bounty ANN thread (https://bitcointalk.org/index.php?topic=3020298.0).  As the wetware degenerates itself in a negative feedback loop, we soon find empirical proof for a principle well-known to philosophers since the beginning of time:  Ochlocracy equals kakocracy.  —  Ergo, “regulations”.

Oh, by the way:  In case nobody noticed, if I support Core, that means something.  (In the long term, I would like to see some old, Satoshi-era design flaws fixed—most of all, the marriage of the wallet to the node, which makes it impossible to separately sandbox the two functions in different processes with different capabilities.  But even meanwhile, I am more comfortable trusting Core with the world’s new money than I am with 99.9% of the broken computer stuff I am forced to use if I don’t want to unplug as I said above.)

---

Moreover—I will admit that overall, I have lost more money than I still have due to my demand for adequate privacy.  That’s neither practical nor sustainable for anybody.

Improvements are certainly necessary.


It is this generalized wetware bug which Bitcoin could solve in the long term, in matters of money.  The question is whether wetware will run Bitcoin, or demand instead its Dancing Pigs and Cryptokitties.

---

There is much more in your post to which I wish to reply.

Thanks for writing.  Cheers.

[Although I can’t very well add major substance which few people would see, this post may be occasionally edited.  It’s rather rough.  if (error && errno == ENOTIME) { post_now(); return; }]

@nullius @BenOnceAgain

Thanks for opening up my eyes to the pitfalls of KYC for investors.  With that being said, for any company looking to do business in the US, it would be extremely RISKY to NOT do KYC as you're basically just asking for trouble from the SEC as they want to prevent money laundering.  Please dont shoot the messenger here but until there are more defined rules, KYC imo is a must for anybody doing an ICO and planning on doing business in America unless you'd like to have a morning wakeup knock on the door. 

Now, if a company wants to try and do some offshore type structure to get around the SEC, I think you're still asking for trouble if you're ultimately going to be doing biz in US.  Much better to upfront and transparent about it.

I'd be interested to learn what technologies/safeguards could be used to make KYC more secure though as you all brought up very good points and valid concerns that I haven't heard anybody else discuss online.

Yes this is a great code (not speaking about underlying mathematics).
Funny that  on this board exists the thread https://bitcointalk.org/index.php?topic=2990217.0 started by the person who could not read the code of bitcoind.