Crypto makes security tangible. When an account is hacked, the funds are withdrawn right away.
Not all hacks have pecuniary motivations. National security hacks are in a different class.

Still, the capture-the-flag aspect of crypto — where an attacker has a strong incentive to instantly use the private keys, lest funds are moved — is a sharp contrast to silent compromise.
You know who isn't good at security? Government IT developers.

You know who needs to constantly think about security? Crypto developers.

The predator/prey aspect of crypto security is creating a generation of engineers who know how to harden systems.…
From this vantage point, ransomware is just a symptom of the partial crypto-ification of the world.

The vulnerabilities existed, it just made them visible.

But if all *valuable* code & data goes on-chain, then ransomware doesn't work. It'd have to compromise a hardened chain.
Size (imperfectly) measures security.

The higher the market cap of a true* public blockchain, the larger the bug bounty on it. All else being equal**, you'd expect smart contracts on more valuable chains to be more secure.

* decentralized with real private keys
** it's not yet!
I recognize that saying "put all valuable code and data on-chain" in 2021 is a bit like saying "download 1MB of JS to run a rich web app" in the year 2000.

But hacks are here, and scalability is coming, and you can squint to see this future.…
I think this is the right version of @elidourado's idea.

Blockchains exist in an environment that provides de facto cash bounties to find all the obvious security holes without catastrophic cost.

Size of market cap then **roughly** quantifies security.
The use of market cap as a **rough** proxy for security of on-chain code will get better over time, as more hacks occur.

It's also an external check, in addition to an organization's necessarily imperfect self-certification.

And it's easy to understand, even for the layman.
You could imagine a scenario where engineers *want* to put valuable code & data on-chain sooner, in order to harden it.

A safe way to do this might be to run it in parallel with dummy data & a serious on-chain bounty. Hack it & get the funds.

Productized version of @Hacker0x01?
As I think about it, the rise of public blockchains is the complete opposite of the standard government/bank IT procurement process.

Rather than "evaluate" security via cargo cult checkboxes, only use chains that have secured $100B+ for 5 years. That's what's safe for code/data.
The current government/bank IT procurement process selects for people who can navigate legacy bureaucratic systems. Fake security.

The public blockchain development process selects for engineers who can navigate the red-in-tooth-and-claw environment of crypto. Real security.
Cosmos (& others) already did something like this. Their Game of Zones used an incentivized, adversarial testnet.

What I'm realizing, though, is the breadth of applicability. *All* valuable code and data may eventually go on chain. Only way to be secure.…
Better ransomware than handsomeware!

Handsomeware: software selected by governments & megacorps to *look* secure, rather than actually be secure

Ransomware: exposes those issues in peacetime for relatively low cost

Samsonware: actually secure software

• • •

Missing some Tweet in this thread? You can try to force a refresh

Keep Current with Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!


Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @balajis

4 Jun
Buy Miami, short SF.

Or, if you believe in the turnaround, go long SF.

Citycoins will express people's faith in city policy. As does emigration. Vote with ballot, and now also with wallet and feet.
Municipal bonds have existed forever. But they are traded in inaccessible venues and don't use modern tech.

The concept of municipal equity, or a natively digital cognate thereof, is new.

What if city residents, working together, could build value & share upside?
The advantage for every city to legalize citycoins is simple: they are a new source of funds for a city.

Figure out the split. The city government gets X% of the coins. Then allow N private operators to build competing city coins with different features. And let market decide.
Read 11 tweets
3 Jun
Russia is reportedly de-dollarizing. Here's the new portfolio.
As outlined in this series of articles, every country that's not the USA or PRC will shift to national stacks & neutral protocols over the 2020s.

National stacks for domestic trade & communications.
Neutral protocols for international access to the same.
BTC is akin to digital gold, and cannot be frozen or seized by any state. It is this property that makes BTC so precious for safeguarding national security.

A network that cannot be shut down by any state can be relied upon in time of conflict.…
Read 5 tweets
3 Jun
If you missed yesterday's crypto conference with @FrancisSuarez, me, @chamath, @APompliano, @iam_preethi, @CamiRusso, @bunsen, and more, here's the YouTube link where you can watch the whole thing.

Kicks off with my chat with the mayor!
Here's one of the books I referenced, which should be handed out at Miami airport.

Now that I think about it, if @depalman can get a Kindle edition, we might even do a mass purchase. An electronic bookdrop: first 1000 copies free if you write a review?…
You can read it online for free if you sign up at the Internet Archive, though there may be some kind of rate limiting in terms of the number of simultaneous users.…
Read 5 tweets
2 Jun
First city coin launches today.

These could become the basis for city apps. Obviously, use city coins to pay locals. Less obviously, use them to recruit talent, invest in companies, and generally bet on a city’s growth.

A bit like municipal equity, instead of municipal debt.
In the 2020s, in the remote economy, cities will rise and fall as fast as startups themselves.

If Miami was a startup, with @FrancisSuarez @rabois and @shervin involved you’d bet on it going up and to the right.

With MiamiCoin, perhaps now you can. 🙂
Miami is the ideal place to try, but it’s an experiment as to whether city coins work for existing cities.

Where they may really come into their own is to build the economy of *new* startup cities, like and
Read 4 tweets
31 May
What we need: a censorship-resistant inflation feed.

The on-chain, crypto oracle version of MIT's Billion Prices Project. No editorialization, just an undeletable history of prices.

Build it pseudonymously. Build it with an eye to a ban. Build it now so it's ready then.
All you need to look at is recent history in other countries, or the CDC on masks, or the censorship of the lab leak theory, to know that the centralized state isn't going to provide reliable inflation stats.

So, the decentralized network will have to do so.
If inflation censorship occurs the on-chain inflation feed would be the crypto flippening in several respects.

1) decentralized cryptographic truth would be more trusted than centralized emanations of press & state
2) an on-chain app would be one of the world's most popular apps
Read 9 tweets
31 May
It is also a technical innovation, just not on the dimension people think.

Public blockchains are massively multiclient databases. They support fewer transactions-per-second than a traditional database, in return for millions of simultaneous root users.
Public blockchains are massively multiclient databases, where every user is a root user. They're useful for storing shared state between users, particularly when that shared state represents valuable data that users want to export without fail, like money.…
Agree with thrust of @RyanWatkins_' comment.

But I also think this a key point to articulate: rather than a few people with root access to PayPal's centralized database, anyone with the right public/private key pair can move funds on a public blockchain.
Read 5 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!