Hugo Nguyen Profile picture
Nov 29, 2021 59 tweets 17 min read
Ethereum’s BS and intellectual dishonesty.

A thread. 1/
Some background: About 3 and 1/2 years ago I started looking into PoS systems and published a series of articles documenting my thoughts & findings. 2/

hugonguyen.medium.com/work-is-timele…
hugonguyen.medium.com/proof-of-stake…
hugonguyen.medium.com/proof-of-stake…
Since then, I haven’t paid much attention to Ethereum. Until @TuurDemeester’s and @BitMEXResearch's tweets made me curious. So I take a quick look to see what they’ve been up to. 3/

After all, it’s been more than 3 years. Ethereum people made so much money. They must have thrown billions at finding scaling solutions.

Surely there must be some “progress”, right?

Nope, just the same BS and more intellectual dishonesty.

Let's take a look. 4/
This is one of Ethereum’s most recent articles by Georgios Konstantopoulos and Vitalik Buterin.

Published on @paradigm July 20th, 2021. So just 4 months ago. 5/

paradigm.xyz/2021/07/ethere…
The article was likely prompted by concerns raised by @bergealex4 and others back in July on how broken Ethereum has become.

The TL;DR is that Ethereum has a vulnerability that could enable reorgs-on-demand services. An existential threat. 6/

Here’s the abstract.

It attempts to explain how Ethereum 2.0 (Gasper) will fix the reorgs-on-demand issue. 7/ Image
It starts off with a few definitions, including something called “Finality”.

BS #1: Just because you name something “final” doesn’t mean that it is actually “final” in a distributed consensus sense. It is also not “mathematically impossible” to get re-orged. 8/ Image
More on this silly Finality concept, from Gasper’s official paper.

Note the naive assumption about always being able to attribute faults to “bad actors” when shit hits the fan. 9/

arxiv.org/pdf/2003.03052… Image
PoS systems can have no bad actors, but will still “finalize” different things and have disastrous reorgs regardless.

An example is when the network gets unexpectedly partitioned due to extraordinary circumstances. 10/
The honest thing to say, like Satoshi did, is that consensus is always probabilistic. Not throwing around a term like Finality.

The use of deceptive language is a recurring theme in Ethereum and PoS. (More on this below). 11/
BS #2:

Next the article compares PoW with PoS alternatives.

But the table curiously lumps together Ethereum PoW and Bitcoin PoW.

It then proceeds to claim reorgs are “frequent” in Nakamoto consensus (???). 12/ Image
Bitcon’s orphan blocks have always been rare, and since 2017 _extremely rare_ (one block every few weeks), thanks to the FIBRE network.

Otoh, Ethereum’s orphan rate has historically hovered around 6% or higher. 13/
By lumping together Bicoin PoW and Ethereum PoW, the authors pin the “frequent reorgs” problem on PoW.

Not because of Ethereum’s own incompetence. How it intentionally chose unsafe PoW parameters that sacrifice security for speed.

Quite the sleight-of-hand. 14/
The way the table is presented here is known in psychology as a priming technique.

It primes the readers to be against PoW from the outset. This would have an effect on people who already have a bias against PoW, or are neutral. 15/
To emphasize this “frequent reorgs” problem, it also references a Princeton paper called the “Instability of Bitcoin Without the Block Reward”. 16/ Image
Alas, the Princeton paper made several silly assumptions that I and others already debunked. 17/
Side note: I don’t think the @Princeton CS department intentionally attacked Bitcoin to elevate altcoins.

It’s simply another case of experts in one domain underestimating interdisciplinary subjects like Bitcoin. 18/
In this case, it was Computer Scientists making highly naive assumptions about the game-theoretic nature of Bitcoin, and conflate long-term versus short-term security. 19/
Back to the article, it then describes its proposed PoS system, Gasper.

The key words to notice here, and crucial to understand PoS’s weaknesses, are block “weight” and “pseudorandomly chosen” staking committees. 20/ Image
BS #3: Making the outrageous claim that attackers “do not have a way” to beat the “honest majority of thousands of attesters”. 21/ Image
Unlike PoW, to become attesters is cheap, rendering the whole “thousands of attesters” as toothless as AWS instances.

A rich holder could split up & shuffle his stake into many pieces to get more votes. These so-called weights can be manipulated without any additional costs. 22/
BS #4: Delegating the difficult task of consensus-finding to an all-magical pseudorandom entity.

In Gasper, the staking committees are chosen by a random oracle.

Pay attention to the bottom footnote in this section. 23/ Image
Because PoS does not perform any work, it must generate its randomness from somewhere else. Whereas PoW mining injects entropy (and along with it, fairness) into the system.

The use of a random oracle seems like a small problem, but in reality it is the _entire_ problem! 24/
If the source of randomness isn't truly random, it can be exploited. If it is random but relies on a centralized oracle, there’s no point in having this decentralization facade. The system is simply centralized.

But PoS designers very predictably hand-wave this problem away. 25/
All these concepts also sound strangely familiar. It’s because I have written about exactly the same things 3 years ago. On PoS systems like DFINITY.

So much for progress. 26/ Image
BS #5

Next comes the most ridiculous claim: PoS can achieve distributed consensus with just ~ 50% of the network being honest, which is comparable to PoW (51%), but with none of the costs.

Too good to be true? Because it is. 27/ Image
This directly contradicts all prior research that says PoS cannot be secure unless there’s a 2/3+ honest majority.

If true, Vitalik & co should get a Turing Award. 28/
It does say that there are “subtle attacks” that only require ~25-49% of attesters (being dishonest).

But it also claims there are “known fixes” to these problems.

So convenient. Do tell us what these “known fixes” are? 29/
The only link I can find is a PR on ethereum.org. Let’s check it out. 30/ Image
Oh no! This “Key PR” was closed with no replacements in sight. What’s more, it was closed in March, months before this claim was made. What’s going on?

So much for “known fixes”. Looks like we need to take back that Turing Award. 31/ Image
Next paragraph: the all-powerful Finality concept strikes again.

It’s amazing what a crazy person can imagine in their head by just keeping making stuff up. 32/ Image
BS #6: The illusion of progress

Like a snake that eats its own tail, here’s the typical picture of Ethereum progress:

Problem X is solved by Y. But Y has this small problem Z. Z would work if somehow it goes back to X being solved. 33/
It always goes back to Finality. It always goes back to the Random Oracle.

The system is always one PR away from being perfected. 34/
Let’s quickly look at some other Ethereum activities.

Rollups have been trendy as of late. What are they?

“Rollups are solutions that perform transaction execution outside the main Ethereum chain (layer 1) but post transaction data on layer 1.” 35/ Image
Sounds familiar? Because it should.

"Rollups" are Bitcoin’s default mode of operation: computations are never on-chain, only proofs. 36/
So after all the years of meandering, of wanting to be the “world computer”, Ethereum comes full circle, back to Bitcoin’s tried and true architecture, with tons of complexity added in the process.

Are "rollups" Ethereum's acceptance of defeat? 37/
If I have free time I’ll look more into rollups and the fancy terms they throw around later.

A quick glance and “optimistic rollup” already looks suspect: reframing a security issue (it’s unsafe) as an emotional issue (it’s optimistic). 38/
A note on the deceptive use of language.

Finality
Weak Subjectivity
Inactivity Leak
Optimistic Rollup
and more

See the pattern? These are all terms with strong inherent bias - designed to reframe or downplay issues.

Pure marketing BS. 39/
These patterns of behaviors are consistent throughout the years, going back to Vitalik’s project just before Ethereum: the quantum computer vaporware.

The dude is 27 year-old and has been doing this for 7+ years, you can’t no longer chalk it up to naivety or innocence. 40/
Another one for good measure (and laugh).

BS #8: Ethereum tech lead frames “looking up past balances” as stalking (?!) behavior. Hmm... 41/ Image
BS #9: Or implying 175GB of Ethereum chain data is a fair comparison against a Bitcoin full node.

It’s not. 175GB is just garbage data without any verification. 42/ Image
I consider Ethereum the mother of all scams in this space, so it will always deserve its own special walk of shame.

Yet this is the kind of BS that VCs like @a16z & @paradigm are promoting to millions of people. Whether it’s ignorance or willful malice, only they will know. 43/
And most other "blockchain" projects are even worse than Ethereum. Such is the state of crypto.

Bitcoin fixes all these bullshits. FIN. 44/
Edit: Several people corrected me that FIBRE is no longer active.

That's true, but the original point stands: Bitcoin has an extremely low orphan rate, no "frequent reorgs". You can look it up for yourself.

Here is the paper that presents attacks on Gasper that only require as low as 25% control. So much for DeFi.

Good job @Harvard.

econcs.pku.edu.cn/wine2020/wine2…
Image
Something else to pay close attention to is the timeline of events in Ethereum.

The above Harvard paper describing 25-30% attacks on Gasper was published Feb 3, 2021.

The so-called "known fixes" for them were proposed (then closed) on Github Feb 9, 2021.
arxiv.org/abs/2102.02247
Similarly, the reorgs-on-demand problem, another existential threat, was raised around July 1, 2021.

Guess when did Vitalik publish the @paradigm article, that was filled with misinformation and outrageous claims, saying ETH2 will fix it? July 20, 2021.

Wth is going on here?

Damage control.

You were supposed to detail how your design fares against serious fundamental issues YEARS ago. Not fix or publish (incorrect) things on-the-fly in scramble mode.

This is the true picture of Ethereum: hype, lies and total incompetence.
On why "Weak Subjectivity" is a BS term, see my old thread.

"Weak" implies that it's trivial.

But the degree of trust required in PoS is exponentially higher than in PoW, in terms of both magnitude and frequency.

Why "Inactivity Leak" is BS. From one of my PoS articles.

The idea of using punishment as the be-all and end-all solution for L1 consensus is fundamentally flawed.

"Punishment" assumes you always know who the bad guy is. In reality, you don't.
Exactly 3 months after claiming that an attacker has “no way” to beat “thousands of attesters", a paper from their own foundation shows that it's possible with just 0.09% stake. You really can’t make this stuff up.

arxiv.org/abs/2110.10086
Image
Whether Ethereum can fix some of these issues or not (hint: they can’t) is besides the point. It’s the constant stream of unsubstantiated claims and outright lies that is morally reprehensible.

The Ethereum’s formula: oversell and underdeliver, then oversell some more.
On other PoS projects: also severely flawed, but at least some of them are much more honest than Ethereum.
Why Rollups are BS (warning: long thread)

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Hugo Nguyen

Hugo Nguyen Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @hugohanoi

May 12
Stuff like this shows how insanely powerful evolutionary pressure is.

Same with money. Grokking Bitcoin is about respecting thousands of years of selection pressure: what kinds of objects ppl gravitate to for storing wealth, and what are the common denominators of those objects?
PoW = emulating unforgeable costliness of gold
Fixed supply/ease of transport/verifiability/etc = humans’ evolved preference for these types of assets for storing & exchanging values

Physical AND social phenomena crystallized into code.
And just like how insects cannot fully fathom why they are the way they are, I assume many of our ancestors didn’t fully grok why they favored collecting particular objects. But these things get passed down from generation to generation regardless.

Emergent intelligent designs.
Read 6 tweets
Apr 24
The way a statechain takes raw UTXOs and mint them into standardized units (fixed-denomination UTXOs) is similar to turning raw gold into gold coins. The digital equivalence of coinage.

Absolute genius. Maybe, just maybe, the Lydian moment for Bitcoin. 1/
I think statechain’s true potential is a payment solution that rivals the Lightning Network, not a niche privacy tool. 2/
Fixed denominations in a digital world where you can have infinite decimal places seem counterintuitive.

Why would we go through the trouble of making Bitcoin highly divisible and then turn around and fix the unit sizes? 3/
Read 15 tweets
Apr 23
Random thoughts on different L2 tech.

Sidechain is pretty much PoS (sans the penalty).

Aside from PoW, it’s interesting how the ratio 1/3 keeps reappearing in various distributed settings. It is like the number Pi, but for networking.

(Also a testament to Satoshi's genius.) 1/
The biggest downside of sidechain is the ultimate trust you must put in the federation. There is no failsafe (unless you count the multisig held by a subset of the federation as a failsafe).
Depending on whom you ask, 33% failure mode might not be a high enough bar for safety. 2/
Sidechain’s main advantage though is strong programmability IMO, because it is pretty much a replica of Bitcoin minus all the decentralization overhead. So it can do all the things Bitcoin do, plus a lot more. 3/
Read 13 tweets
Feb 13
BT lack nuances in discussions. I personally dislike that Trezor promotes shitcoins to users/initially supported AOPP, but they've arguably been net good.
Otoh, Coldcard for a long time was the only option for a Bitcoin-only HWW. For that alone they earned perpetual karma points.
In a climate infested with easy fiat money and scammy shitcoins, many Bitcoin companies have taken the easy but less ethical route, pumping-n-dumping on 3rd-world retail. But CC has always stood firm.

So massive respect for having principles / a backbone.
CC is not perfect but IMHO they've also by far the most innovative in the HW space: airgap mode, bring-your-own-entropy, 2-step PIN, brick-me mode, PSBT/descriptor support, (soon) NFC, etc.

For these 2 reasons, CC is at the top of my list for HW recommendations.
Read 4 tweets
Dec 21, 2021
Debunking Ethereum "Rollups"

Several Ethereum people commented that I was wrong about Rollups in my previous Ethereum thread.

This holiday, let’s have some fun and debunk them. 1/
Prior to Rollups, Ethereum had something called Plasma.

Plasma was hailed as THE solution to Ethereum’s scaling woes, but it died 2 years ago without much fanfare. @Cointelegraph had an article about it here. 2/
cointelegraph.com/news/did-ether…
So what are Rollups?

Rollups are Ethereum’s new scaling hope. The basic idea is to bundle up a bunch of transactions in a layer 2 (L2) sidechain, execute them on L2, and then store them onto the L1 chain in a highly compressed form, skipping all the computation. 3/
Read 58 tweets
Dec 11, 2021
PoS is about trusting the richest stakeholders to enforce rules, with no other recourse.

PoW is about putting physics and math ABOVE humans to enforce rules.

PoW takes humans out of the decision-making loop and lessens the chance for corruption.

PoW is the innovation.
The history of human progress has been one where humans gradually realizing their own shortcomings, taking themselves out of the equation, and letting the wonders of math, physics and engineering do the work.

Bitcoin PoW is no exception.

Less human intervention, not more.
PoS is (perhaps deliberately) a misnomer because in reality the “stake” is short-term.

A stake in most other enterprises means permanent or long-term capital lockup. Real SITG.

PoS is “nothing at stake” in exchange for permanent control for rich holders.
hugonguyen.medium.com/work-is-timele…
Read 9 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

:(